wpa_supplicant IEEE802.1X questions
Jouni Malinen
j
Mon Feb 26 19:10:04 PST 2007
On Mon, Feb 26, 2007 at 05:57:15PM +0100, Patrick Holthaus wrote:
> Is it possible to have two networks managed by wpa_supplicant where the first
> one is wired and secured by IEEE 802.1X and the second one is a WPA secured
> wireless connection? I am asking that because i think ap_scan is needed to set
> to "0" for IEEE 802.1X authentication while for wireless it is needed to set
> to "1".
Yes, but you would need to use two configuration files. In that case,
you can either run two wpa_supplicant processes or use a single process.
For example:
wpa_supplicant -ieth0 -c/etc/wpa_supplicant-wired.conf -Dwired \
-N -i wlan0 -c/etc/wpa_supplicant-wireless.conf -Dwext
> The topology of the wired connection above is as follows:
>
> a) switch (at the university, not reachable for me)
> b) ethernet-cable (coming out of the wall ;) )
> c) switch (personal D-Link 10/100 fast ethernet model: des-1005d)
> d) ethernet-cable
> e) my computer, eventually some more computers
>
> Everything works OK if i connect my PC directly to b) but i like to have it
> connected to my own switch (at e)), because the cable coming out of the wall
> is too short and i would like to have some other computers connected, too.
> The question is: Does this work at all? (If you need more information, let me
> know, i just don't know what exactly to tell you)
Switch may or may not filter out some frames or link events that may
make this a bit difficult.. Hub would be more likely to work, but that
would get quite confusing if there were multiple hosts behind the single
switch (a) port.
You should be able to run a sniffer (e.g., ethereal) on the ethernet
port and see whether EAPOL frames from the switch (a) are visible begind
the switch (c). You can try to trigger switch (a) to start
authentication by unplugging and replugging the cable (b) from (c).
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list