FreeBSD Mail Archives

Date:      Sun, 29 Mar 2015 15:31:23 +0200
From:      =?utf-8?Q?Peter_Ankerst=C3=A5l?= <peter@pean.org>
To:        freebsd-wireless@freebsd.org
Subject:   WPA2 Enterprise with hostapd and iphone
Message-ID:  <2643C4C9-AE61-4F14-9DE4-2272C0FFCEE2@pean.org>

next in thread | raw e-mail | index | archive | help


[-- Attachment #1 --]
Hi!

I have problems with my iphone since i switched to wpa2 enterprise on my home network. (All other devices work fine including ipad and macs). The connection seems to work fine at first but then it gets REALLY slow or no connection at all. (but iOS still shows it as connected).

machine: 
FreeBSD gw 10.1-RELEASE-p1 FreeBSD 10.1-RELEASE-p1 #2 r275849

# hostapd -v
hostapd v2.0
User space daemon for IEEE 802.11 AP management,
IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
Copyright (c) 2002-2012, Jouni Malinen <j@w1.fi> and contributors

hostapd.conf:
—
interface=wlan0
driver=bsd
logger_syslog=-1
logger_syslog_level=0
ctrl_interface=/var/run/hostapd
ctrl_interface_group=wheel
ssid=web
wpa=2
wpa_key_mgmt=WPA-EAP
wpa_pairwise=TKIP CCMP
macaddr_acl=0
auth_algs=1
own_ip_addr=127.0.0.1
ieee8021x=1
eap_server=1
eapol_version=1
eap_user_file=/etc/hostapd_eap_user
ca_cert=/etc/ssl/startssl.ca.pem
server_cert=/etc/ssl/auth.pean.org/auth.pean.org.crt
private_key=/etc/ssl/auth.pean.org/auth.pean.org.key
—

This is what hostapd spits out when I connect with the phone:

—
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 1 notification
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: start authentication
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: start authentication
Mar 29 15:14:08 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:14:08 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: unauthorizing port
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 105)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=105 len=19) from STA: EAP Response-Identity (1)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 106)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=106 len=152) from STA: EAP Response-PEAP (25)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 107)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=107 len=6) from STA: EAP Response-PEAP (25)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 108)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=108 len=6) from STA: EAP Response-PEAP (25)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 109)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=109 len=6) from STA: EAP Response-PEAP (25)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 110)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=110 len=592) from STA: EAP Response-PEAP (25)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 111)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=111 len=6) from STA: EAP Response-PEAP (25)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 112)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=112 len=59) from STA: EAP Response-PEAP (25)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 113)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=113 len=107) from STA: EAP Response-PEAP (25)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 114)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=114 len=43) from STA: EAP Response-PEAP (25)
Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 115)
Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: received EAP packet (code=2 id=115 len=43) from STA: EAP Response-PEAP (25)
Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 115)
Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1/4 msg of 4-Way Handshake
Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: received EAPOL-Key frame (2/4 Pairwise)
Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 3/4 msg of 4-Way Handshake
Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: received EAPOL-Key frame (4/4 Pairwise)
Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: pairwise key handshake completed (RSN)
Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: authorizing port
Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b RADIUS: starting accounting session 54E5E3BB-00000E3D
Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: authenticated - EAP type: 0 ((null))
Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: Added PMKSA cache entry (IEEE 802.1X)
Mar 29 15:14:09 gw dhcpd: DHCPREQUEST for 172.25.0.70 from cb:aa:3a:a1:78:7b via bridge0
Mar 29 15:14:09 gw dhcpd: DHCPACK on 172.25.0.70 to cb:aa:3a:a1:78:7b via bridge0
Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 1 notification
Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 4 notification
Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 1 notification
Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: start authentication
Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: start authentication
Mar 29 15:15:20 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b MLME: MLME-DISASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1)
Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b MLME: MLME-DELETEKEYS.request(cb:aa:3a:a1:78:7b)
Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DISASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1)
Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DELETEKEYS.request(cb:aa:3a:a1:78:7b)
Mar 29 15:15:20 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b MLME: MLME-DISASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1)
Mar 29 15:15:20 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b MLME: MLME-DELETEKEYS.request(cb:aa:3a:a1:78:7b)
Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: PMKID found from PMKSA cache eap_type=0 vlan_id=0
Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 1 notification
Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: start authentication
Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: PMK from PMKSA cache - skip IEEE 802.1X/EAP
Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1/4 msg of 4-Way Handshake
Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 1 notification
Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: start authentication
Mar 29 15:15:28 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b MLME: MLME-DISASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1)
Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b MLME: MLME-DELETEKEYS.request(cb:aa:3a:a1:78:7b)
Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DISASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1)
Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DELETEKEYS.request(cb:aa:3a:a1:78:7b)
Mar 29 15:15:28 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b MLME: MLME-DISASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1)
Mar 29 15:15:28 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b MLME: MLME-DELETEKEYS.request(cb:aa:3a:a1:78:7b)
Mar 29 15:15:29 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: EAPOL-Key timeout
Mar 29 15:15:29 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1/4 msg of 4-Way Handshake
Mar 29 15:15:30 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: EAPOL-Key timeout
Mar 29 15:15:30 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1/4 msg of 4-Way Handshake
Mar 29 15:15:31 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: EAPOL-Key timeout
Mar 29 15:15:31 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1/4 msg of 4-Way Handshake
Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: EAPOL-Key timeout
Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: PTKSTART: Retry limit 4 reached
Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 3 notification
Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: disassociated
Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 2 notification
Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: disassociated
Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 2 notification
Mar 29 15:15:32 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: disassociated
Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 1 notification
Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: start authentication
Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: start authentication
Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 1 notification
Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: start authentication
Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: start authentication
Mar 29 15:15:32 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: associated
Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DISASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1)
Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DELETEKEYS.request(cb:aa:3a:a1:78:7b)
Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: unauthorizing port
Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sending EAP Packet (identifier 220)
Mar 29 15:15:56 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: disassociated
Mar 29 15:15:56 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 2 notification
Mar 29 15:15:56 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: disassociated
Mar 29 15:15:56 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 2 notification
Mar 29 15:15:56 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: disassociated
—


[-- Attachment #2 --]
0�	*�H��
��0�10	+0�	*�H��
��T0�0���0
	*�H��
0��10	UIL10U

StartCom Ltd.1+0)U"Secure Digital Certificate Signing1806U/StartCom Class 1 Primary Intermediate Client CA0
150120233316Z
160121194839Z0810Upeter@pean.org10	*�H��
	peter@pean.org0�"0
	*�H��
�0�
��2RSk��"�e�Fd�n�Ka����z�쪋ǺO��?�_�+�^�=J�R&p�U�sZ��ݡ�lC��w�50�8+�V���u�ʠ��0f�f�Z��`|��m	�����d\fP�E��룏�2�gd|��5���3hH[����NJ�]X�We���,�����94�YVYc΢dk=;�:^��X��8��r&��W�
�8`'�z�
��-~=���θ�x�j�#���ԉ� H��(���"@P�ŏ���0��0	U00U�0U%0++0U<�)���4{�zZ{���10U#0�Sr풜���\|~�5N�ԸQ�0U0�peter@pean.org0�LU �C0�?0�;+��70�*0.+"http://www.startssl.com/policy.pdf0��+0��0' StartCom Certification Authority0��This certificate was issued according to the Class 1 Validation requirements of the StartCom CA policy, reliance only for the intended purpose in compliance of the relying party obligations.06U/0-0+�)�'�%http://crl.startssl.com/crtu1-crl.crl0��+��009+0�-http://ocsp.startssl.com/sub/class1/client/ca0B+0�6http://aia.startssl.com/certs/sub.class1.client.ca.crt0#U0�http://www.startssl.com/0
	*�H��
�"D����s���G���]q��S��a��tT��Z!��'D~."8u.��P�d�LIe���YE�j�)�Ld=HeJM^n�Ʃ'�i������A�C�_�� ��I"�$�W5R����&՗T"כ{7��_�Q%D�m�wU�n�ɴ�q!��b��a����V@�z���IA��a��e�t��~nFM%-&z�����pۦ�]:0mԣ��(��$E��j�C�%6���Y�Y���R��fE��ha0�40��0
	*�H��
0}10	UIL10U

StartCom Ltd.1+0)U"Secure Digital Certificate Signing1)0'U StartCom Certification Authority0
071024210155Z
171024210155Z0��10	UIL10U

StartCom Ltd.1+0)U"Secure Digital Certificate Signing1806U/StartCom Class 1 Primary Intermediate Client CA0�"0
	*�H��
�0�
��	���-��)�.����2����A�UG��o��#G�
�B|N�D�����Rp�M-��B��=o���-�we�5��J�Qpa>O��.�#������.���_�<���V��
[~�*��*�p�z��~�3�W�G�.ᘟ����Ml�r[�<C�e�6���f����q������O���"��u��xf�WN�#�u����i���c�gk��v$����Lb�%�������y��`�����_�{`���xK'G�N�����0��0U�0�0U�0USr풜���\|~�5N�ԸQ�0U#0�N��@[�i�0�4hC�A��0f+Z0X0'+0�http://ocsp.startssl.com/ca0-+0�!http://www.startssl.com/sfsca.crt0[UT0R0'�%�#�!http://www.startssl.com/sfsca.crl0'�%�#�!http://crl.startssl.com/sfsca.crl0��U y0w0u+��70f0.+"http://www.startssl.com/policy.pdf04+(http://www.startssl.com/intermediate.pdf0
	*�H��
�
�}x�,\�c�^��#wM�q�}��>UK/��^y��X֏y	����f�rMIŲ�B6�1ymQ󸟆�ҨݬZ���0���&��;�@��#13qۑ��&	��̢������o�	6�r��_��;�GO>*I�(	7�4���XS1r3��)!�Ǉ�y��6Ko����tˆ#
_�w�S�r���
�;�B
A�Dp�(f��s�������䰷6%�����.W0J3�:b�C�<�8t X����1�<��C��n�=�����t==�wS���T������~���\�wkB�f�|1��5���zU��P)��(���I��j��VB��!����OfI=b��b�\4�-*em��/нSJm�7���N�����[�]'��@ڽ��D9�Kr>���R��7/��|�o���^I@�ټ'��Pa$ z��9�a'L�)��(�
�I��}v��c�H]�۸�D����*�W�}
m�>Q����|�C.�(,�l��Q�1�o0�k0��0��10	UIL10U

StartCom Ltd.1+0)U"Secure Digital Certificate Signing1806U/StartCom Class 1 Primary Intermediate Client CA�0	+���0	*�H��
	1	*�H��
0	*�H��
	1
150329133132Z0#	*�H��
	1ץK�7%���]�6�Mӗ�!0��	+�71��0��0��10	UIL10U

StartCom Ltd.1+0)U"Secure Digital Certificate Signing1806U/StartCom Class 1 Primary Intermediate Client CA�0��*�H��
	1�����0��10	UIL10U

StartCom Ltd.1+0)U"Secure Digital Certificate Signing1806U/StartCom Class 1 Primary Intermediate Client CA�0
	*�H��
�
��vǦ�h�S^︚�
�ʃ�{��v	E�:nC�͒6Ij0l@N�+1�هՆ�[29X���Z�32�Pb�#��%��
���� )�7��%��Do։�XN��#�"
#3i��H������j,��w�%Kq�b�tt����"�!�,�����9���L���O�������Emz��\�Ṛ��{�n�|������O�|R�������+�9�\j�����*�g�wŕ���������R'�

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2643C4C9-AE61-4F14-9DE4-2272C0FFCEE2>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation