WPA2-PSK and WPA-EAP together?

Léo Peltier lpeltier
Mon Sep 8 05:43:35 PDT 2014


They can, I'm currently using EAP-TLS+WPA2-PSK using the following conf:

> # EAP-TLS
> ieee8021x=1
> eap_server=1
> eap_user_file=path/to/users.eap
> ca_cert=path/to/cert.crt
> server_cert=path/to/another/cert.crt
> private_key=path/to/private/key.key
>
> # Wpa 2
> wpa=2
> wpa_key_mgmt=WPA-EAP WPA-PSK
> wpa_pairwise=TKIP
> rsn_pairwise=CCMP
> wpa_psk=0e1b065625e33422c79539985c7c7c769fdff5417971b1259cc2b20ab18b7ddc

And in the eap_user_file:
> "my-prefix-"* TLS
> * PSK 0e1b065625e33422c79539985c7c7c769fdff5417971b1259cc2b20ab18b7ddc


On 09/08/2014 01:10 PM, Conrad Kostecki wrote:> Hi!
> I am running currently hostapd with only enabled WPA2-PSK.
> My goal is to keep WPA2-PSK for clients without support for WPA-EAP
and enable for all other clients WPA-EAP.
>
> In order to activate WPA-EAP, I've added to my config:
>
> # wpa_key_mgmt=WPA-PSK WPA-PSK-SHA256
> wpa_key_mgmt=WPA-PSK WPA-PSK-SHA256 WPA-EAP WPA-EAP-SHA256
> ieee8021x=1
> eapol_version=2
> eap_server=1
> eap_user_file=/etc/hostapd/hostapd.eap_user
> ca_cert=/etc/ssl/hostapd/ca.crt
> server_cert=/etc/ssl/hostapd/server.crt
> private_key=/etc/ssl/hostapd/server.key
> dh_file=/etc/ssl/hostapd/dh.param
> check_crl=0
> eap_fast_prov=3
>
> -> http://pastebin.com/782ZLKqf
>
> With this settings, I am able to connect with using WPA-EAP fine. But
now, my WPA2-PSK clients can't connect anymore, there are reporting only
failed while connecting. Can't be WPA2-PSK and WPA-EAP used together?
>
> Conrad
> _______________________________________________
> HostAP mailing list
> HostAP at lists.shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
>

-- 
L?o Peltier

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://lists.shmoo.com/pipermail/hostap/attachments/20140908/e1b0d041/attachment.pgp>



More information about the Hostap mailing list