win2k dhcp IP assignment problem

Holger Schurig hs4233
Wed Mar 9 02:39:16 PST 2005

> I have configured hostapd to use wired driver since the entire exercise
> takes place in a LAN.

Ahh, wired.

> The IP assignment is happening BEFORE authentication & I am able to
> access the internet.Now, I do not want this to happen.

If you would use wireless, then you can't get an IP before the 
Authentication took place. BEFORE authentication the Access Point should 
not let pass any normal TCP or IP traffic, e.g. no DHCP packets. Only WPA 
(EAPOL etc) key exchange should be allowed.

So the Access Point is kind of a firewall that get's switched on/off.

I think that for a wired driver, you can use your system normally (e.g. 
ping, dhcp, telnet) --- even before authentication. Therefore I think 
that you need kind of a firewall before your machine that get's notified 
by either Windows 2000 or the Radius server that you're now authenticated 
and allowed to participate.

More information about the Hostap mailing list