Bug #351
closed
Request: 802.11x wired network support in wpa_supplicant
0%
Description
(Hopefully this stuff is for requests too).
Some time ago, I asked about this, and got this reply:
http://leaf.dragonflybsd.org/mailarchive/users/2006-09/msg00066.html
Has this ever been committed? (Does not seem so to me.)
Updated by sepherosa about 18 years ago
Nope, it is not committed, since I got no reply after above post.
Best Regards,
sephe
Updated by bastyaelvtars about 18 years ago
Sorry, I haven't yet found the time to try it out. I applied the patch
and built/installed wpa_supplicant, I'll do a thorough testing tonight
and post the results.
Updated by bastyaelvtars about 18 years ago
Last time I tried it, it applied fine but testing was interrupted by a
loong power breakdown in the building and I forgot about it. I'll try it
out again in the near future, but is it safe to apply it to preview?
Updated by bastyaelvtars about 18 years ago
OK, I did it, but maybe I am doing something wrong, because
authentication always fails, even though the credentials are OK (Aegis
2.1 connects just fine). Do I have to do something to the NIC before or
after the action?
Updated by sepherosa about 18 years ago
1) you must 'ifconfig iface up' before run the wpa_supplicant
2) try removing the "eap=MD5" line in the "network=" block, or set the
EAP to what the authenticator is using
3) try using dd wpa_supplicant command line option to make it print)
verbose debug message, and figure out what is happening :
Best Regards,
sephe
Updated by bastyaelvtars about 18 years ago
Sepherosa Ziehau wrote:
It's up, should I do it anyway?
It's MD5, and has always been.
It says FAIL, and the radius server says so. :S
Updated by bastyaelvtars about 18 years ago
Bah, tried all of the above and I keep getting authentication failures.
Any other ideas?
Updated by bastyaelvtars almost 18 years ago
- wpa_supplicant -B -c /etc/wpa.conf -i xl0 -D wired
- wpa_cli
wpa_cli v0.4.9
Copyright (c) 2004-2005, Jouni Malinen <jkmaline@cc.hut.fi> and contributors
This program is free software. You can distribute it and/or modify it
under the terms of the GNU General Public License version 2.
Alternatively, this software may be distributed under the terms of the
BSD license. See README and COPYING for more details.
Selected interface 'xl0'
Interactive mode
bssid=01:80:c2:00:00:03
ssid=
pairwise_cipher=NONE
group_cipher=NONE
key_mgmt=IEEE 802.1X (no WPA)
wpa_state=ASSOCIATED
ip_address=xxx.xxx.xxx.xxx
Supplicant PAE state=CONNECTING
suppPortStatus=Unauthorized
EAP state=IDLE
and it doesn't work. Any ideas?
Updated by Anonymous almost 18 years ago
- wpa_supplicant -B -dd -c /etc/wpa.conf -i xl0 -D wired
Initializing interface 'xl0' conf '/etc/wpa.conf' driver 'wired' ctrl_interface
'N/A'
Configuration file '/etc/wpa.conf' -> '/etc/wpa.conf'
Reading configuration file '/etc/wpa.conf'
ctrl_interface='/var/run/wpa_supplicant'
ctrl_interface_group=0 (from group name 'wheel')
ap_scan=0
Line: 4 - start of a new network block
key_mgmt: 0x8
eap methods - hexdump(len=2): 04 00
identity - hexdump_ascii(len=9):
62 6f 72 64 6f 70 69 63 69 bordopici
password - hexdump_ascii(len=4): [REMOVED]
eapol_flags=0 (0x0)
Priority group 0
id=0 ssid=''
Initializing interface (2) 'xl0'
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
wpa_driver_wired_init: Added multicast membership with SIOCADDMULTI
Own MAC address: 00:01:02:01:84:3e
Setting scan request: 0 sec 100000 usec
Added interface xl0
Daemonize..
Updated by Anonymous almost 18 years ago
EAPOL: txStart
TX EAPOL - hexdump(len=4): 01 01 00 00
EAPOL: idleWhile --> 0
EAP: EAP entering state FAILURE
CTRL-EVENT-EAP-FAILURE EAP authentication failed
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_PAE entering state HELD
EAPOL: SUPP_BE entering state IDLE
EAPOL: startWhen --> 0
EAPOL: heldWhile --> 0
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_PAE entering state HELD
EAPOL: SUPP_BE entering state IDLE
EAPOL: startWhen --> 0
EAPOL: heldWhile --> 0
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_PAE entering state HELD
EAPOL: SUPP_BE entering state IDLE
EAPOL: startWhen --> 0
EAPOL: heldWhile --> 0
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_PAE entering state HELD
EAPOL: SUPP_BE entering state IDLE
EAPOL: startWhen --> 0
EAPOL: heldWhile --> 0
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_PAE entering state HELD
EAPOL: SUPP_BE entering state IDLE
EAPOL: startWhen --> 0
^CCTRL-EVENT-TERMINATING - signal 2 received
Removing interface xl0
State: ASSOCIATED -> DISCONNECTED
No keys have been configured - skip key clearing
EAPOL: External notification - portEnabled=0
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portValid=0
No keys have been configured - skip key clearing
Cancelling scan request
It probably cannot connect, because nothing shows up in the logs. Aegis 2.1
works fine on the same port, tried with 2 different PCs.
Updated by sepherosa about 17 years ago
After wpa_supplicant-0.5.8 was imported, 802.1x authentication over wired
devices is supposed to work, however, the reporter no longer had proper
environment to test. Consider it closed for now.