Can't get WPA3 to work...

rany rany2 at riseup.net
Wed May 17 10:36:02 PDT 2023


You have to keep in mind that WPA3-EAP only supports certificate based 
authentication.

If your RADIUS setup uses username/password it will not work in WPA3-EAP 
only mode, you need to keep WPA2-EAP support.

At any rate I don't think WPA2-EAP is insecure, I think it is still fine 
for the most part with no real security vulnerabilities; unlike WPA2-PSK.

You just need to enable KRACK and KRACK-like mitigations on the AP end 
if you aren't sure if the clients are updated.

On 5/17/23 19:55, Robert Senger wrote:
> Hi all,
>
> I am trying to set up APs with WPA3, but can't get it to work. WPA2
> works fine on the same hardware and software since more that 10
> years. This is my third try with WPA3 in the past 3 years...
>
> This is my setup:
>
> __access_points__
>
> Debian 11 Bullseye
> hostapd 2.9.0 (or 2.10 from backports)
> Qualcomm Atheros AR922X Wireless Network Adapter
>
> __client_machines__
>
> Debian 11 Bullseye
> wpasupplicant 2.9.0 (or 2.10 from backports)
> NetworkManager 1.30.6 (or 1.42.4 from backports)
> Intel Centrino Advanced-N 6205 Wireless Network Adapter
>
> Neither SAE nor WPA-EAP-SUITE-B-192 work, that means, either connection
> attempts fail (without useful logs), or the SSID is greyed out on the
> client machine. I will post configuration and logs, but first of all,
> if you take a look at the software versions and the hardware above, is
> there a "no-go" somewhere?
>
> Thanks,
>
> Robert
>



More information about the Hostap mailing list