802.1x: EAP/TLS - xsupplicant and hostap wep enabled

pof pau
Sun Nov 30 15:59:55 PST 2003

On Sun, 2003-11-30 at 21:28, Michael Richardson wrote:

>     pof> I have succeeded with EAP/MD5 and EAP/TLS always with wep disabled.
>     pof> Now I want to test with  EAP/TLS and wep enabled:
>   As far as I understand, if you are using Xsupplicant and EAP-*, then you
> will have dynamic WEP enabled. 

The actual problem is that if I set wep_key_len_broadcast=5
wep_key_len_unicast=5 and wep_rekey_period=300 in hostapd.conf then I
don't get authenticated, and I see this in the logs when I launch
xsupplicant on the client machine:

Dec  1 00:46:29 nimble kernel: wlan0: encryption configured, but RX
frame not encrypted (SA=00:90:d1:06:5b:9f)
Dec  1 00:46:50 nimble hostapd: wlan0: STA 00:90:d1:06:5b:9f IEEE
802.1X: unauthorizing port

I get authenticated without problems if I comment out the 3 parameters 
mentioned above in hostapd.conf.

Does the client require any special config for WEP?

>   I.e. if you turn on static WEP, it won't work, because you need to
> associate with the AP in the clear, do EAP and arrive at WEP keys.

I thought that if I set up the same static WEP key in both the client
machine and the hostAP machine it would work. 

Kind Regards,


|  Pau Oliva Fora         http://pof.eslack.org  |
|  KeyID: 665D05B533539E02 available at keyserv  |
         In Googlis non est, ergo non est.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20031201/90244888/attachment.pgp 

More information about the Hostap mailing list