wpa_supplicant fails with ndiswrapper andmadwifi driver for Atheros 802.11a/b/g card

Michael Reilly michaelr
Sun Nov 21 19:59:01 PST 2004

I just tried 0.12rc3 with my two Atheros cards against a Cisco 1100 AP using 
WPA-PSK.  It failed with both cards.  It may be related to the timing 
related problems you are seeing.  I have been busy at work so haven't had a 
chance to play with this a lot

Jouni Malinen wrote:
> On Wed, Nov 10, 2004 at 12:19:06PM -0800, Michael Reilly wrote:
>>>>I have a Cisco CB21AG card which is based on the Atheros 802.11a/b/g chip 
>>>>(5212 I think it is called).  The card has a PCI id of vendor 0x168c, 
>>>>device 0x0013.
>>>>wpa_supplicant fails when I try to use WPA-PSK.  I downloaded a trial 
>>>>copy of driverloader and it works fine.
>>	ndiswrapper: driver ar5211.sys (,12/03/2003, added
> I tested with another AR5212-based a/b/g card and the same driver
> version ( using the current CVS snapshot of ndiswrapper and
> Linux 2.4.28. This worked in my tests with WPA-PSK. In couple of test
> cases with Linksys WRT54G as the AP, it took few attempts to get group
> key handshake completed, though. This may be some kind of timing related
> issue with the client not receiving encrypted frames immediately after
> the keys have been configured. The tests with another AP (Gateway
> 7001ag) were succeeded on the first try. This AP has a longer timeout
> for group key handshake, which could explain the behavior.
> WPA-RADIUS (key_mgmt=WPA+IEEE 802.1X) was not apparently implemented at
> all in ndiswrapper (I would assume it was just forgotten). I added
> support for it and this seemed to allow association and completion of
> IEEE 802.1X + WPA authentication. The attached patch against the
> ndiswrapper CVS was enough to get this working and it would be nice to
> see it being added to the next ndiswrapper release.
> I tested this with both Atheros and Broadcom based cards. There seems to
> be some issues with both cards as far as reliability in getting packets
> through during the authentication is concerned.. Some of the IEEE 802.1X
> packets seem to disappear and I needed to use shorter EAPOL state
> machine timeouts to get authentication more reliable. Another issue was
> the failure in getting group key handshake done in some test runs that I
> mentioned above.

---- ---- ----
Michael Reilly    michaelr at cisco.com
     Cisco Systems,  California

More information about the Hostap mailing list