Configuration for 802.1x/EAPOL authentication with WEP keys

Jouni Malinen jkmaline
Sat Mar 26 15:07:38 PST 2005


On Sat, Mar 26, 2005 at 03:29:56PM -0600, hareesh.khattri at ndsu.edu wrote:

>  I am trying to use 802.1x/EAPOL authentication with dynamic WEP key
> generation. The access point is connected to an external Freeradius
> server.

>  This I took right out of the example configuration given in the  .conf file.
>  The CAcert and client certificates I generated using Tinyca. All files
> seem to be loaded and working properly both with WPA_supplicant and the
> Freeradius server.

FreeRADIUS is rejecting the authentication since it did not recognize
the CA certificate used in signing the client certificate. Did you
generate both the client and server certificates with the same CA?

>  My problem is that I can't get the authentication to work properly.I keep
> getting this message with the wpa_supplicant
> 
> WPA: EAPOL frame too short, len 10, expecting at least 99

This is ok; WPA state machine is just ignoring an EAPOL message that was
for IEEE 802.1X/EAPOL state machine.

> Another problem I am having is that when I try using the configuration for
> WPA-EAP key management. Changing both the hostapd and wpa_supplicant
> configuration accordingly. The wpa_supplicant doesn't recognize the access
> point as WPA/RSN capable and so doesn't associate with it.

Please send debug log from hostapd and wpa_supplicant also for this
case.

-- 
Jouni Malinen                                            PGP id EFC895FA




More information about the Hostap mailing list