Hi Sam, I would like to inform you about just successfully tested wired driver with wpa_supplicant in startting process of OS. 802.1x configuration with PEAP. Version of wpa_supplicant is lower than last imported. server# egrep em0 /etc/rc.conf ifconfig_em0="WPA DHCP" server# uname -a FreeBSD server 7.1-RELEASE-p4 FreeBSD 7.1-RELEASE-p4 #0: Sun Mar 22 12:35:36 UTC 2009 root_at_i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386 server# cat /etc/wpa_supplicant.conf update_config=1 ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=wheel eapol_version=1 ap_scan=0 fast_reauth=1 network={ eapol_flags=0 key_mgmt=IEEE8021X eap=PEAP identity="SERVER$" password="!--- Output suppressed" # ca_cert="" phase1="peaplabel=0 peapver=1 include_tls_length=1" phase2="auth=MSCHAPV2" } server# wpa_supplicant -v wpa_supplicant v0.5.10 Copyright (c) 2003-2008, Jouni Malinen <j_at_w1.fi> and contributors server# wpa_cli status Selected interface 'em0' bssid=01:80:c2:00:00:03 ssid= id=0 pairwise_cipher=NONE group_cipher=NONE key_mgmt=IEEE 802.1X (no WPA) wpa_state=COMPLETED ip_address=W.X.Y.Z Supplicant PAE state=AUTHENTICATED suppPortStatus=Authorized EAP state=SUCCESS selectedMethod=25 (EAP-PEAP) EAP TLS cipher=AES256-SHA EAP-PEAPv1 Phase2 method=MSCHAPV2 GREATCISCOSWITCH6500#sh dot1x interface gigabitEthernet 7/3 details Dot1x Info for GigabitEthernet7/3 ----------------------------------- PAE = AUTHENTICATOR PortControl = AUTO ControlDirection = Both HostMode = SINGLE_HOST ReAuthentication = Enabled QuietPeriod = 10 ServerTimeout = 30 SuppTimeout = 30 ReAuthPeriod = 3600 (Locally configured) ReAuthMax = 1 MaxReq = 1 TxPeriod = 20 Mac-Auth-Bypass = Enabled Dot1x Authenticator Client List ------------------------------- Supplicant = 00c0.wxyz.2c1f Auth SM State = AUTHENTICATED Auth BEND SM Stat = IDLE Port Status = AUTHORIZED ReAuthPeriod = 3600 ReAuthAction = Reauthenticate TimeToNextReauth = 2367 Authentication Method = Dot1x User-Name = SERVER$ Authorized By = Authentication Server Vlan Policy = 437 Starting wpa_supplicant. em0: no link ... . . got link DHCPREQUEST on em0 to 255.255.255.255 port 67 DHCPDISCOVER on em0 to 255.255.255.255 port 67 interval 7 DHCPOFFER from W.X.Y.Z DHCPREQUEST on em0 to 255.255.255.255 port 67 DHCPACK from W.X.Y.Z bound to W.X.Y.Z -- renewal in 345600 seconds. lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2 inet6 ::1 prefixlen 128 inet 127.0.0.1 netmask 0xff000000 em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM> ether 00:c0:wx:yz:2c:1f inet W.X.Y.Z netmask 0xffffff00 broadcast W.X.Y.Z media: Ethernet autoselect (1000baseTX <full-duplex>) status: active I had to add em* definition to /etc/rc.d/wpa_supplicant script to execute wpa_supplicant with -Dwired, because fbsd 7.1 does not support it by default. And I would like to ask you to change it in fbsd 7.2, becuase it works and newer version 0.6.8 is not needed. ifn="$2" if [ -z "$ifn" ]; then return 1 fi case ${ifn} in ndis*) driver="ndis" ;; em*) driver="wired" ;; *) driver="bsd" ;; esac Bye Daniel -----Original Message----- From: owner-freebsd-current_at_freebsd.org [mailto:owner-freebsd-current_at_freebsd.org] On Behalf Of Sam Leffler Sent: Monday, March 02, 2009 3:33 AM To: freebsd-current_at_freebsd.org Subject: HEADS UP: new wpa_supplicant and hostapd I've imported v0.6.8 which is now the tip of the stable branch in Jouni's repository. One side effect is there is now a combined tree in contrib. You should see no regressions but this has been lightly tested so beware (and -Dwired support in wpa_supplicant is not tested). Not sure what new functionality comes with this code. If something is not enabled in the build that should be please let me know. Sam _______________________________________________ freebsd-current_at_freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscribe_at_freebsd.org"Received on Thu Apr 16 2009 - 20:17:36 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:46 UTC