Problem with fast re-authentication in EAP-PEAPv0

Patrick Beckmann patrick
Sat Feb 14 04:41:21 PST 2009


I use an Ubuntu 8.10 machine to connect to a network with WPA2 and
EAP-PEAPv0. I can connect without problems, but I found that it fails to
re-authenticate, if the (default) fast variant is activated. There is
always a failure in the EAP-PEAPv0 TLS handshake:

Peer							Authenticator
	Client Hello -->
	<-- Server Hello, Change Cipher Spec, Encrypted Handshake Mesg.
	Change Cipher Spec, Encrypted Handshake Message -->
	<-- EAP-Failure

The authenticator/authentication server retries fast authentication a
few times then. I tried it with and without a certificate, and I also
tried a self-compiled wpa_supplicant (version 0.6.7). Unfortunately I
have no access to the authentication server's logs. With normal
re-authentication it seems to work well. Is the problem known/does
anyone have a hint for me, what may go wrong here?

Or is there a possibility to disable fast reauthentication in
wpa_supplicant ("fast_reauth=0"), if it is run with the D-Bus control
interface in use?

Patrick Beckmann

More information about the Hostap mailing list