LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking > Linux - Wireless Networking
User Name
Password
Linux - Wireless Networking This forum is for the discussion of wireless networking in Linux.

Notices

Reply
 
LinkBack Search this Thread
Old 10-18-2004, 08:43 AM   #1
Micah
Member
 
Registered: Apr 2002
Location: OK, USA
Distribution: Slackware64 14
Posts: 180

Rep: Reputation: 31
Question 802.1x, Radius, MSChapv2, PEAP


I've been doing alot of research and everything I have read says it works but I can't find specific examples and my config fails.

How do I get my Linux Box talking to a Microsoft PEAP, MSChapV2, Radius Server?

I am using the 2.6.x kernel driver for the Cisco Aironet 350 series pcmcia card.
Software on a Gentoo Laptop:
Cisco's utilities (ACU, not the driver)
wpa_supplicant
xsupplicant
linux wireless utilities

My Network uses a Microsoft Radius Server, Microsoft Cert Server, PEAP, MSCHAPv2, a Certificate and what else do I need to know?

using wpa_supplicant, I get - no network detected. We don't broadcast SSID's.
xsupplicant doesn't want to connect.
one of the iwtools - to detect ssid's - find all 4 Access Points but fails to get the SSIDs (I know what they are though)

Any help is appreciated.
Micah
 
Old 10-18-2004, 08:53 AM   #2
darkleaf
Senior Member
 
Registered: Jun 2004
Location: the Netherlands
Distribution: debian SID
Posts: 2,170

Rep: Reputation: 45
You can set the essid with:
Code:
iwconfig wlan0 essid xxxx
xxxx = your essid. If you're using another interface change wlan0 to that as well
 
Old 10-18-2004, 09:14 AM   #3
Micah
Member
 
Registered: Apr 2002
Location: OK, USA
Distribution: Slackware64 14
Posts: 180

Original Poster
Rep: Reputation: 31
When i set the essid with iwconfig it fails to work...

the /proc/driver/aironet/eth0/SSID file may show it but iwcofig just shows: "" for the essid...

At home on my unencrypted network, I can set it.
 
Old 10-18-2004, 10:14 AM   #4
darkleaf
Senior Member
 
Registered: Jun 2004
Location: the Netherlands
Distribution: debian SID
Posts: 2,170

Rep: Reputation: 45
And after trying a couple of times setting the essid. I don't know for modules in the kernel but in my old ndiswrapper it took me a couple of tries as well to set the essid.
 
Old 10-18-2004, 10:19 AM   #5
Micah
Member
 
Registered: Apr 2002
Location: OK, USA
Distribution: Slackware64 14
Posts: 180

Original Poster
Rep: Reputation: 31
I read something somewhere that the guy set the essid and then waited for the card to stop flashing - to him this meant it became associated.

Do I have to worry about that?

Can I set the SSID's HW Mac Address instead?
iwlist wifi0 scanning
this shows 4 Cells. None have an essid but I get all of their MAC addresses. ( Quality is also 0/10 but everything else on the look ok )
 
Old 10-18-2004, 10:39 AM   #6
2Gnu
Senior Member
 
Registered: Jan 2002
Location: Southern California
Distribution: Slackware 14.0
Posts: 1,874

Rep: Reputation: 49
Try running XSupplicant in the debug mode, maybe, to see if it gives you some insight into what's failing. Is there anything of value in the RADIUS logs?

Not broadcasting the SSID beacon often results in connection difficulties (and never improves security). Consider turning it back on, at least for testing.

One of the better setup docs around seems to be gone, as in the hosting site is not found, so I'll keep looking.
 
Old 10-18-2004, 10:53 AM   #7
Micah
Member
 
Registered: Apr 2002
Location: OK, USA
Distribution: Slackware64 14
Posts: 180

Original Poster
Rep: Reputation: 31
I don't have access to the Radius Logs - and its a Microsoft Server (If that helps) - At lunch I will see if I can get anythign from our security people.

xsupplicant -i eth1 -d 6
Code:
Couldn't get information for interface wifi0!
Error , 1: syntax error
Calling do_eapol, with device eth1
Setup on device eth1 complete
(EAPMD5) Initialized
(EAPMS-CHAP) Initialized
Done with init.
You do not appear to be associated to a wireless network!
You do not appear to be associated to a wireless network!
Sending EAPOL-Start #1
You do not appear to be associated to a wireless network!
....
You do not appear to be associated to a wireless network!
Sending EAPOL-Start #2
You do not appear to be associated to a wireless network!
...
No authenticator found! Assuming the port is authorized!
You do not appear to be associated to a wireless network!
...
LOGOFF
(EAPMD5) Cleaning up.
(EAPMS-CHAP) Cleaning up.
I'll also see if I can get security to turn on SSID broadcasting of at least one access point. (Toughy... =)
 
Old 10-18-2004, 11:13 AM   #8
2Gnu
Senior Member
 
Registered: Jan 2002
Location: Southern California
Distribution: Slackware 14.0
Posts: 1,874

Rep: Reputation: 49
Clearly, from the output, you are not associated with an AP. You can't authenticate until you get past that hurdle.

Which version of XSupplicant? Do you have a config file, perhaps, that's overriding the iwconfig essid youressid eth0 setting?
 
Old 10-18-2004, 11:23 AM   #9
Micah
Member
 
Registered: Apr 2002
Location: OK, USA
Distribution: Slackware64 14
Posts: 180

Original Poster
Rep: Reputation: 31
xsupplicant 0.8b ... There is a newer out so I will try and install it =)

iwconfig eth0 essid xxxx won't set it...

I've also tried:
Code:
echo "SSID: xxxx" > /proc/driver/aironet/eth0/SSID
Here, it sets it for a minute and then it disappears
Code:
iwconfig eth0 ap 00:xx:xx:xx:xx:xx
Does nothing =(

Again - this works at home on my unencrypted wireless....
 
Old 10-18-2004, 11:54 AM   #10
Micah
Member
 
Registered: Apr 2002
Location: OK, USA
Distribution: Slackware64 14
Posts: 180

Original Poster
Rep: Reputation: 31
Unhappy New Info

I've installed XSupplicant 1.0pre(something)

in README.wireless_cards...
Cisco 340/350 - No (Auth) - No (dWEP) - "The Cisco driver Hijacks 0x888e which prevents xsupplicant from obtaining the frames. We are evaluating this problem."

It appears my card will fail anyways. Maybe... I don't know if it means Cisco as in Kernel or as in Cisco's implementation (I don't even know if they are different ro the same.)

Looks like I'm going shopping this evening. =)

In the mean time, I think I will try installing Cisco's driver again.
 
Old 11-05-2004, 01:10 PM   #11
otisthegbs
Member
 
Registered: May 2003
Location: Vancouver
Distribution: RH9
Posts: 100

Rep: Reputation: 15
if I ever want to associate on to hidden ssid i just set the id manually

iwconfig eth2 essid "( . Y . )"

then request an ip via dhcp, like sudo dhcpcd eth2, or sudo dhclient eth2, whether there's a dhcp server running or not doesnt matter, the card has to bind to that AP in order to TRY to request an IP. works for me on my orinoco card. it's kind of a hack solution but it works for me.

Last edited by otisthegbs; 11-05-2004 at 01:11 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Using PEAP protocol and profile switching in Mandrake 10.2 Kramer Mandriva 7 10-09-2005 08:22 PM
How to use xsupplicant, wpa_supplicant for wpa/tkip/peap-mschapv2 weeds84 Linux - Wireless Networking 2 03-13-2005 05:17 AM
Xsupplicant PEAP Type Handler error y0shi Linux - Wireless Networking 0 11-18-2004 02:19 PM
Problems to enable 802.11g instead of 802.11b on WMP54g ronannormandie Linux - Wireless Networking 0 01-14-2004 02:59 PM
RedHat 8.0 with 802.11a 802.11b and 802.11g Bryanx Linux - Hardware 2 05-23-2003 02:12 AM


All times are GMT -5. The time now is 05:18 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration