EAP-TLS problems with RHEL 5.3
jim.sifferle at tektronix.com
Tue Mar 10 10:10:56 PDT 2009
I am having problems getting Redhat Enterprise Linux 5.3 working using our EAP-TLS corporate WLAN. I am using the following:
- RHEL 5.3, default '2.6.18-128.el5' kernel, rtl8187 kernel module (RH backported rtl8187+mac80211 from 2.6.25 / 2.6.26)
- Netgear WG111 v2 USB wireless adapter
- wpa_supplicant 0.5.10-8 (default RHEL 5.3 package)
- dhclient 3.0.5 (default RHEL 5.3 package)
- Cisco 1240AG A/B/G access points, IOS 12.3(8)JEA
- x3 active ESSIDs (LEAP+CKIP-CMIC, EAP-TLS+TKIP/AES_CCM, Open, non-encrypted)
- MS Windows Server 2K3 / IAS RADIUS server
I cannot reliably associate to our APs. I have successfully associated 3-4 times, however most of the time wpa_supplicant cycles from SCANNING to ASSOCIATING to DISCONNECTED. The few times I have successfully associated, I have been able to obtain a DHCP IP and was active on the network. I have verified my client certificate and CA path using 'openssl verify -CAfile ca.pem user.pem'. I know the APs all are working. Windows XP/Vista clients can associate to our EAP-TLS ESSID using the Microsoft or Intel supplicants. Using RHEL, I can associate to our open, non-secure Guest wireless ESSID without a problem, so I know the kmod is working.
Here is the debug from a failed association: http://www.sifferle.net/EAP-TLS%20not%20associated.txt
Here is the debug from a successful association: http://www.sifferle.net/EAP-TLS%20associated.txt
Here is my wpa_supplicant.conf:
identity="user at domain.com"
Any help would be greatly appreciated.
Danaher T&M / Tektronix Network Services
Jim.sifferle at tektronix.com<mailto:Jim.sifferle at tektronix.com>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Hostap