integrated eap server

Jouni Malinen j
Tue May 13 10:43:46 PDT 2008


On Sun, May 11, 2008 at 01:57:50PM +0200, ali asin wrote:

> I'm trying to set a hostap (version updated today) with wpa-eap with with
> TLS with integrated EAP instead of Radius (a very simple configuration).
> However, I've been trying without success, I don't know what else can I do.

> My hostapd.conf looks like (I only quote the lines related to wpa):

> wpa_key_mgmt=EAP

That value should be WPA-EAP.

> EAP-Identity: Peer identity - hexdump_ascii(len=19):
>      61 6c 69 63 69 61 40 6c 69 62 65 6c 69 75 6d 2e   cucu at test.
>      63 6f 6d                                          com
> EAP: EAP entering state SELECT_ACTION
> EAP: getDecision: another method available -> CONTINUE
> EAP: EAP entering state PROPOSE_METHOD
> EAP: getNextMethod: vendor 0 type 13

This seems to select EAP-TLS.

> EAP: EAP entering state METHOD_REQUEST
> EAP: building EAP-Request: Identifier 104
> EAP: EAP entering state SEND_REQUEST
> EAP: eapReqData -> EAPOL - hexdump(len=6): 01 68 00 06 0d 20

And this is EAP-TLS/Start.

> ath0: STA 00:0b:6b:80:c8:8e IEEE 802.1X: received EAP packet (code=2 id=104
> len=6) from STA: EAP Response-Nak (3)

> EAP: list of methods supported by the peer - hexdump(len=1): 00

But the supplicant does not like EAP-TLS for some reason.. Could you
please send debug log from wpa_supplicant showing what happened here?

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the Hostap mailing list