Client dyn WEP problem

[Beat Naef]

We run a wireless network with following setup:

3 clients, running wpa-supplicant, EAP-TLS, dyn WEP, authenticating against
a hostapd master using the built in EAP authenticator.

At ifup the clients initiate the connection with the master and get the
periodically changing WEP key from the master.

The master initiates and is supposed to maintain a constant port 80
connection to download images from the clients (it used to work fine without
dyn WEP).

Every once in a while some or all clients get "lost". It appears that the
re-keying process is not always working properly. Most of the time the
clients do come back at the next re-keying round.

We are currently running a script on the clients that does an ifdown-ifup
every 5 min. This essentially forces the re-authentication, re-association
and re-keying of the clients. This is already much better than waiting for
the next re-keying round but still causes frequent connection disruptions.

How can we get the clients to re-authenticate if the re-keying did not
happen properly?

We are thinking about setting up a script that monitors the
/proc/net/hostap/wlan0 and the /proc/net/wireless. However we are not sure
what piece of information to monitor.

Another solution would be to monitor the kernel messages, because they do
show that the encryption failed, which we assume is the reason for the
clients to get "lost".

With kind regards

Beat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Beat Naef.vcf
Type: text/x-vcard
Size: 533 bytes
Desc: not available
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20061204/2db9452a/attachment.vcf