WPA2 Enterprise with hostapd and iphone
Peter Ankerstål
peter at pean.org
Sun Mar 29 13:31:59 UTC 2015
Hi!
I have problems with my iphone since i switched to wpa2 enterprise on my home network. (All other devices work fine including ipad and macs). The connection seems to work fine at first but then it gets REALLY slow or no connection at all. (but iOS still shows it as connected).
machine:
FreeBSD gw 10.1-RELEASE-p1 FreeBSD 10.1-RELEASE-p1 #2 r275849
# hostapd -v
hostapd v2.0
User space daemon for IEEE 802.11 AP management,
IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
Copyright (c) 2002-2012, Jouni Malinen <j at w1.fi> and contributors
hostapd.conf:
—
interface=wlan0
driver=bsd
logger_syslog=-1
logger_syslog_level=0
ctrl_interface=/var/run/hostapd
ctrl_interface_group=wheel
ssid=web
wpa=2
wpa_key_mgmt=WPA-EAP
wpa_pairwise=TKIP CCMP
macaddr_acl=0
auth_algs=1
own_ip_addr=127.0.0.1
ieee8021x=1
eap_server=1
eapol_version=1
eap_user_file=/etc/hostapd_eap_user
ca_cert=/etc/ssl/startssl.ca.pem
server_cert=/etc/ssl/auth.pean.org/auth.pean.org.crt
private_key=/etc/ssl/auth.pean.org/auth.pean.org.key
—
This is what hostapd spits out when I connect with the phone:
—
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 1 notification
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: start authentication
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: start authentication
Mar 29 15:14:08 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:14:08 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: unauthorizing port
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 105)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=105 len=19) from STA: EAP Response-Identity (1)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 106)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=106 len=152) from STA: EAP Response-PEAP (25)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 107)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=107 len=6) from STA: EAP Response-PEAP (25)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 108)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=108 len=6) from STA: EAP Response-PEAP (25)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 109)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=109 len=6) from STA: EAP Response-PEAP (25)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 110)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=110 len=592) from STA: EAP Response-PEAP (25)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 111)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=111 len=6) from STA: EAP Response-PEAP (25)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 112)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=112 len=59) from STA: EAP Response-PEAP (25)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 113)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=113 len=107) from STA: EAP Response-PEAP (25)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 114)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=114 len=43) from STA: EAP Response-PEAP (25)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 115)
Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=115 len=43) from STA: EAP Response-PEAP (25)
Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 115)
Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1/4 msg of 4-Way Handshake
Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: received EAPOL-Key frame (2/4 Pairwise)
Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 3/4 msg of 4-Way Handshake
Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: received EAPOL-Key frame (4/4 Pairwise)
Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: pairwise key handshake completed (RSN)
Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: authorizing port
Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b RADIUS: starting accounting session 54E5E3BB-00000E3D
Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: authenticated - EAP type: 0 ((null))
Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: Added PMKSA cache entry (IEEE 802.1X)
Mar 29 15:14:09 gw dhcpd: DHCPREQUEST for 172.25.0.70 from cb:aa:3a:a1:78:7b via bridge0
Mar 29 15:14:09 gw dhcpd: DHCPACK on 172.25.0.70 to cb:aa:3a:a1:78:7b via bridge0
Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 1 notification
Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 4 notification
Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 1 notification
Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: start authentication
Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: start authentication
Mar 29 15:15:20 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b MLME: MLME-DISASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1)
Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b MLME: MLME-DELETEKEYS.request(cb:aa:3a:a1:78:7b)
Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DISASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1)
Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DELETEKEYS.request(cb:aa:3a:a1:78:7b)
Mar 29 15:15:20 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b MLME: MLME-DISASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1)
Mar 29 15:15:20 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b MLME: MLME-DELETEKEYS.request(cb:aa:3a:a1:78:7b)
Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: PMKID found from PMKSA cache eap_type=0 vlan_id=0
Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 1 notification
Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: start authentication
Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: PMK from PMKSA cache - skip IEEE 802.1X/EAP
Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1/4 msg of 4-Way Handshake
Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 1 notification
Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: start authentication
Mar 29 15:15:28 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b MLME: MLME-DISASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1)
Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b MLME: MLME-DELETEKEYS.request(cb:aa:3a:a1:78:7b)
Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DISASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1)
Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DELETEKEYS.request(cb:aa:3a:a1:78:7b)
Mar 29 15:15:28 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b MLME: MLME-DISASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1)
Mar 29 15:15:28 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b MLME: MLME-DELETEKEYS.request(cb:aa:3a:a1:78:7b)
Mar 29 15:15:29 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: EAPOL-Key timeout
Mar 29 15:15:29 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1/4 msg of 4-Way Handshake
Mar 29 15:15:30 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: EAPOL-Key timeout
Mar 29 15:15:30 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1/4 msg of 4-Way Handshake
Mar 29 15:15:31 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: EAPOL-Key timeout
Mar 29 15:15:31 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1/4 msg of 4-Way Handshake
Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: EAPOL-Key timeout
Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: PTKSTART: Retry limit 4 reached
Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 3 notification
Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: disassociated
Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 2 notification
Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: disassociated
Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 2 notification
Mar 29 15:15:32 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: disassociated
Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 1 notification
Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: start authentication
Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: start authentication
Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 1 notification
Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: start authentication
Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: start authentication
Mar 29 15:15:32 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DISASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1)
Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DELETEKEYS.request(cb:aa:3a:a1:78:7b)
Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: unauthorizing port
Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 220)
Mar 29 15:15:56 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: disassociated
Mar 29 15:15:56 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 2 notification
Mar 29 15:15:56 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: disassociated
Mar 29 15:15:56 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 2 notification
Mar 29 15:15:56 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: disassociated
—
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4097 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-wireless/attachments/20150329/5c730b27/attachment.bin>
More information about the freebsd-wireless
mailing list