WPA2 Enterprise with hostapd and iphone
Peter Ankerstål
peter at pean.org
Fri Apr 3 11:08:57 UTC 2015
Is there any point in trying just the hostapd code from head? Will that work at all on a 10.1 machine?
> On 30 mar 2015, at 02:22, Adrian Chadd <adrian.chadd at gmail.com> wrote:
>
> Hi!
>
> * which NIC is this?
> * can you please try -HEAD A lot of bugs have been fixed!
>
>
> -a
>
>
>> On 29 March 2015 at 06:31, Peter Ankerstål <peter at pean.org> wrote:
>> Hi!
>>
>> I have problems with my iphone since i switched to wpa2 enterprise on my home network. (All other devices work fine including ipad and macs). The connection seems to work fine at first but then it gets REALLY slow or no connection at all. (but iOS still shows it as connected).
>>
>> machine:
>> FreeBSD gw 10.1-RELEASE-p1 FreeBSD 10.1-RELEASE-p1 #2 r275849
>>
>> # hostapd -v
>> hostapd v2.0
>> User space daemon for IEEE 802.11 AP management,
>> IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
>> Copyright (c) 2002-2012, Jouni Malinen <j at w1.fi> and contributors
>>
>> hostapd.conf:
>> —
>> interface=wlan0
>> driver=bsd
>> logger_syslog=-1
>> logger_syslog_level=0
>> ctrl_interface=/var/run/hostapd
>> ctrl_interface_group=wheel
>> ssid=web
>> wpa=2
>> wpa_key_mgmt=WPA-EAP
>> wpa_pairwise=TKIP CCMP
>> macaddr_acl=0
>> auth_algs=1
>> own_ip_addr=127.0.0.1
>> ieee8021x=1
>> eap_server=1
>> eapol_version=1
>> eap_user_file=/etc/hostapd_eap_user
>> ca_cert=/etc/ssl/startssl.ca.pem
>> server_cert=/etc/ssl/auth.pean.org/auth.pean.org.crt
>> private_key=/etc/ssl/auth.pean.org/auth.pean.org.key
>> —
>>
>> This is what hostapd spits out when I connect with the phone:
>>
>> —
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 1 notification
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: start authentication
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: start authentication
>> Mar 29 15:14:08 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
>> Mar 29 15:14:08 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: unauthorizing port
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 105)
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=105 len=19) from STA: EAP Response-Identity (1)
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 106)
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=106 len=152) from STA: EAP Response-PEAP (25)
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 107)
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=107 len=6) from STA: EAP Response-PEAP (25)
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 108)
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=108 len=6) from STA: EAP Response-PEAP (25)
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 109)
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=109 len=6) from STA: EAP Response-PEAP (25)
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 110)
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=110 len=592) from STA: EAP Response-PEAP (25)
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 111)
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=111 len=6) from STA: EAP Response-PEAP (25)
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 112)
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=112 len=59) from STA: EAP Response-PEAP (25)
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 113)
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=113 len=107) from STA: EAP Response-PEAP (25)
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 114)
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=114 len=43) from STA: EAP Response-PEAP (25)
>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 115)
>> Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=115 len=43) from STA: EAP Response-PEAP (25)
>> Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 115)
>> Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1/4 msg of 4-Way Handshake
>> Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: received EAPOL-Key frame (2/4 Pairwise)
>> Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 3/4 msg of 4-Way Handshake
>> Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: received EAPOL-Key frame (4/4 Pairwise)
>> Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: pairwise key handshake completed (RSN)
>> Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: authorizing port
>> Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b RADIUS: starting accounting session 54E5E3BB-00000E3D
>> Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: authenticated - EAP type: 0 ((null))
>> Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: Added PMKSA cache entry (IEEE 802.1X)
>> Mar 29 15:14:09 gw dhcpd: DHCPREQUEST for 172.25.0.70 from cb:aa:3a:a1:78:7b via bridge0
>> Mar 29 15:14:09 gw dhcpd: DHCPACK on 172.25.0.70 to cb:aa:3a:a1:78:7b via bridge0
>> Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
>> Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 1 notification
>> Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 4 notification
>> Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
>> Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 1 notification
>> Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: start authentication
>> Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: start authentication
>> Mar 29 15:15:20 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
>> Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b MLME: MLME-DISASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1)
>> Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b MLME: MLME-DELETEKEYS.request(cb:aa:3a:a1:78:7b)
>> Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DISASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1)
>> Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DELETEKEYS.request(cb:aa:3a:a1:78:7b)
>> Mar 29 15:15:20 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b MLME: MLME-DISASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1)
>> Mar 29 15:15:20 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b MLME: MLME-DELETEKEYS.request(cb:aa:3a:a1:78:7b)
>> Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
>> Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: PMKID found from PMKSA cache eap_type=0 vlan_id=0
>> Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 1 notification
>> Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: start authentication
>> Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: PMK from PMKSA cache - skip IEEE 802.1X/EAP
>> Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1/4 msg of 4-Way Handshake
>> Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
>> Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 1 notification
>> Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: start authentication
>> Mar 29 15:15:28 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
>> Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b MLME: MLME-DISASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1)
>> Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b MLME: MLME-DELETEKEYS.request(cb:aa:3a:a1:78:7b)
>> Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DISASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1)
>> Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DELETEKEYS.request(cb:aa:3a:a1:78:7b)
>> Mar 29 15:15:28 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b MLME: MLME-DISASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1)
>> Mar 29 15:15:28 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b MLME: MLME-DELETEKEYS.request(cb:aa:3a:a1:78:7b)
>> Mar 29 15:15:29 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: EAPOL-Key timeout
>> Mar 29 15:15:29 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1/4 msg of 4-Way Handshake
>> Mar 29 15:15:30 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: EAPOL-Key timeout
>> Mar 29 15:15:30 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1/4 msg of 4-Way Handshake
>> Mar 29 15:15:31 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: EAPOL-Key timeout
>> Mar 29 15:15:31 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1/4 msg of 4-Way Handshake
>> Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: EAPOL-Key timeout
>> Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: PTKSTART: Retry limit 4 reached
>> Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 3 notification
>> Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: disassociated
>> Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 2 notification
>> Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: disassociated
>> Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 2 notification
>> Mar 29 15:15:32 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: disassociated
>> Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
>> Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 1 notification
>> Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: start authentication
>> Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: start authentication
>> Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
>> Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 1 notification
>> Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: start authentication
>> Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: start authentication
>> Mar 29 15:15:32 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
>> Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DISASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1)
>> Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DELETEKEYS.request(cb:aa:3a:a1:78:7b)
>> Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: unauthorizing port
>> Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 220)
>> Mar 29 15:15:56 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: disassociated
>> Mar 29 15:15:56 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 2 notification
>> Mar 29 15:15:56 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: disassociated
>> Mar 29 15:15:56 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 2 notification
>> Mar 29 15:15:56 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: disassociated
>> —
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2505 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-wireless/attachments/20150403/1f6422c9/attachment.bin>
More information about the freebsd-wireless
mailing list