wpa supplicant - b43 connecting to PEAP + MSCHAPV2 (radius + Active Directory?) (shorter attachment)

Alistair Tonner ajftonner
Fri Jul 24 10:36:40 PDT 2009 

I'm trying to connect to my corporate wifi - this laptop does this
fine from windows XP pro with the windows networking tools - As far
as I can tell I'm getting through Phase I authentication, but things
don't quite seem to be finishing in Phase II.

   In windows we have to uncheck the "validate server certificate"
option, however I've noted from other logs that the Phase I cert is a
Verisign Class 3 wifi certificate with G2 label, and the ca_cert I've
selected appears to validate Phase I connection.

As far as I know the access points are talking to a radius server that
is somehow using our windows domain authentication credentials to
authenticate the wireless connection.  I'm rather suspecting that I dont
have the username setup correctly for this process - I will note that I
have tried the DOMAIN\user.name combination as well, but am unsure of
the syntax required for that to avoid issues with that \ in a unix
script.


wpa_supplicant.conf (mildly edited to obscure corporate info and
preserve something related to security)


ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=17
update_config=1

network={
        ssid="Corporate_WiFi"
        proto=RSN
        key_mgmt=WPA-EAP
        pairwise=TKIP
        group=TKIP
        eap=PEAP
        identity="user.name at corp.domain.com"
        anonymous_identity="user.name"
        password="password"

ca_cert="/etc/ssl/certs/Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.pem"
        phase2="auth=MSCHAPV2"
        priority=1
        id_str="corp_wifi"
}



   I ran:

wpa_supplicant -Dwext -iwlan0 -c /etc/wpa_supplicant/wpa_supplicant.conf
-ddd >>/tmp/wpa_dump.txt

   and noted the following being dropped to stderr : 
ioctl[SIOCSIWENCODEEXT]: No such file or directory
ioctl[SIOCSIWENCODEEXT]: No such file or directory

   the (again mildly edited for security) contents of wpa_dump.txt are
attached

   Any hints/suggestions/tips on what I'm doing wrong would be
gratefully appreciated.... 

(second send to list - first attachment was to large)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: wpa_dump.txt.2.gz
Type: application/x-gzip
Size: 8755 bytes
Desc: not available
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20090724/d8e2f360/attachment.bin

More information about the Hostap mailing list