WPA-EAP problems
Brooks Davis
brooks at freebsd.org
Wed Jan 17 16:10:33 UTC 2007
On Tue, Jan 16, 2007 at 10:32:49PM -0800, Sam Leffler wrote:
> Daniel O'Connor wrote:
> > Hi,
> > I have a WPA-EAP network setup (to a WRT54G with OpenRadius which
> > authenticates against an OpenLDAP server on my FreeBSD server), however quite
> > often dhclient fails to get a lease at first go.
> >
> > My wpa_supplicant file looks like..
> > network={
> > ssid="dons"
> > scan_ssid=1
> > key_mgmt=WPA-EAP
> > identity="username"
> > password="password"
> > phase2="auth=PAP"
> > }
> >
> > I have the following in rc.conf..
> > ifconfig_ath0="WPA DHCP"
> > background_dhclient="YES"
> >
> > If I kill dhclient and restart it I can get a lease just fine. I don't see the
> > problem on a WPA-TKIP network.
>
> Sounds like an issue with dhclient. I rarely use anything but WPA-PSK
> so haven't noticed issues.
>
> It would be useful to get a wpa log to see how long it's taking to
> authenticate. It'd be nice if dhclient were triggered by authentication
> rather than association as packets cannot pass until before. I've
> considered changing things to work in this way.
This seems like a good idea. The link isn't really up until you can
actually pass packets on it.
> > I think the problem is that the ath interface comes up but no
> > packets can be transferred because WPA stuff is still happening the
> > initial requests get lost.
>
> But dhclient should retry and get a lease w/o your restarting it.
I think this should happen, but I think the back off is random exponential
so it doesn't take long to get to the point where it will appear hung
because it tries for >60s. Is there an 802.11 event we could key
off of to reset the timeouts when authentication occurs?
-- Brooks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20070117/457bd804/attachment.pgp
More information about the freebsd-current
mailing list