Can't get WPA3 to work...
Alan DeKok
aland at deployingradius.com
Sat May 20 06:11:38 PDT 2023
On May 19, 2023, at 5:23 PM, Robert Senger <robert.senger at lists.microscopium.de> wrote:
>
> The "WPA 3 Specification Version 3.0" Document from Wi-Fi Alliance
> says: "A WPA3 STA shall perform server certificate validation when
> using EAP-TTLS, EAP-TLS, EAP-PEAPv0 or EAP-PEAPv1 EAP methods."
>
> So, at least these methods seem to be allowed by the specs.
Yeah.
In practice, if an EAP method provides encryption keys, then it should work. i.e. EAP-PWD. Even TLS-PSK should work.
This standard is for supplicants, and suggests how they should behave. It doesn't affect the function of 802.1X, which is defined by the IEEE.
> Nevertheless, iPhone fails after entering username/password (it's
> always a pain to connect iOS devices to enterprise networks), Windows
> 11 only offers Smartcard or EAP-TLS (had no luck with that so far,
> despite client certificate installed).
Debugging EAP issues is no fun.
Alan DeKok.
More information about the Hostap
mailing list