Supplicant used different EAP type 13: (TLS)
Chr
chunkeey
Mon Mar 24 12:10:50 PDT 2008
(All right.. it bounced (twice!?):
so this mail doesn't contain any attachment, but a link to a download site)
On Monday 24 March 2008 18:17:41 Jouni Malinen wrote:
> On Mon, Mar 24, 2008 at 03:03:26PM +0100, Chr wrote:
> > WPA-EAP (WPA+RSN) TLS - madwifi-ng-r3403 (AR5416/AR5008)
> > and hostapd 0.6.3 (built-in eap-server)...
> >
> > The most clients can connect, ping & surf without any problems,
> > But all Windows XP (Only XP!) ones generate a strange error
> > with the default TLS setting! (The non-default
> > settings works too! but take a look at the error first).
>
> What is the difference between "default" and "non-default" settings?
Well if I select "Smartcard or other certificate" and press "Properties" then
there's a checkbox like "Verify Server certificate" (or something like that,
I don't have the any English XP SP2)... ?
> > Now, according to the log... the authentication failed because
> > the Windows XP client _really_ used TLS... while all other clients
> > are using a "Unkown type" that is actually TLS because the AP only
> > allows TLS authentication?!
>
> Well, no. This is likely a bug in hostapd that may only affect the debug
> output. Could you please send a detailed debug log (-dd on command line)
> from hostapd showing the failed authentication with Windows XP?
Yes, I can... see link... (this time however with hostapd-0.5.10!)
http://www.file-upload.net/download-746478/hostap-logs-and-conf.tar.bz2.html
content: --- (what is it?!)
hostap-0.5.10-default: --- this is with Win XP default config
????????????????????????????????????????+ various reconnects
hostap-0.5.10-nondefault: --- "Verify Server certificate" disabled
????????????????????????????????????????- (connects & work fine!)
client/someclient at someserver.de-cert.p12: --- client certificate & key
hostap/hostapd.conf-inv: --- used hostapd.conf
hostap/invalid-cacert.pem: --- a simple ca certificate
hostap/inv_user: --- eap_user file
hostap/someone at someserver.de-cert.pem: --- server certificate
More information about the Hostap
mailing list