From owner-freebsd-wireless@FreeBSD.ORG Fri Apr 3 16:12:41 2015 Return-Path: Delivered-To: freebsd-wireless@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5FC6F8BB for ; Fri, 3 Apr 2015 16:12:41 +0000 (UTC) Received: from mail-ie0-x22b.google.com (mail-ie0-x22b.google.com [IPv6:2607:f8b0:4001:c03::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 219F7E51 for ; Fri, 3 Apr 2015 16:12:41 +0000 (UTC) Received: by iedfl3 with SMTP id fl3so105727513ied.1 for ; Fri, 03 Apr 2015 09:12:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=zPH1pObvWfVV/wuQ7thyAOoAi/c6KuT0LTcTusjoUM4=; b=c8T6INkDFB5poTS68ELHK32GV97NJ8yZ6JbNjgRvFjyBm5mxcbfj5vWMMCTGBRAWTq s0oj9yKp8kM8jPqzlSpGoGj/2nEUu5Kn5w5LGLVR7m6JpVOd1FRgPyGN8TUSm/KO4cAL bAlW2YIvQa0USBoG6mXlDhRdGGNH3NVsi2vIEoAvpOYiYVvwKXX6cNsgeOFqkL+IdA46 HKaJgBvCd85T/bFEt5dNUTXZd27p2EGs/bBEQ+oJv98Fz8ON28x0ztCzm+IvDqPJZfAn wm0Ct5JL4G3zOFjPzSNJwCFtmdtWm04vaYQUvymGhd7i6/2Guy87K2WO9hgB1So+RhZQ syyg== MIME-Version: 1.0 X-Received: by 10.42.41.200 with SMTP id q8mr4712086ice.61.1428077560466; Fri, 03 Apr 2015 09:12:40 -0700 (PDT) Received: by 10.36.17.194 with HTTP; Fri, 3 Apr 2015 09:12:40 -0700 (PDT) In-Reply-To: References: <2643C4C9-AE61-4F14-9DE4-2272C0FFCEE2@pean.org> Date: Fri, 3 Apr 2015 09:12:40 -0700 Message-ID: Subject: Re: WPA2 Enterprise with hostapd and iphone From: Adrian Chadd To: =?UTF-8?Q?Peter_Ankerst=C3=A5l?= Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Cc: "freebsd-wireless@freebsd.org" X-BeenThere: freebsd-wireless@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Discussions of 802.11 stack, tools device driver development." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Apr 2015 16:12:41 -0000 I don't know. Can you do this tes tagain but with the wpa_supplicant debugging turned all the way up? -a On 3 April 2015 at 04:08, Peter Ankerst=C3=A5l wrote: > Is there any point in trying just the hostapd code from head? Will that w= ork at all on a 10.1 machine? > >> On 30 mar 2015, at 02:22, Adrian Chadd wrote: >> >> Hi! >> >> * which NIC is this? >> * can you please try -HEAD A lot of bugs have been fixed! >> >> >> -a >> >> >>> On 29 March 2015 at 06:31, Peter Ankerst=C3=A5l wrote: >>> Hi! >>> >>> I have problems with my iphone since i switched to wpa2 enterprise on m= y home network. (All other devices work fine including ipad and macs). The = connection seems to work fine at first but then it gets REALLY slow or no c= onnection at all. (but iOS still shows it as connected). >>> >>> machine: >>> FreeBSD gw 10.1-RELEASE-p1 FreeBSD 10.1-RELEASE-p1 #2 r275849 >>> >>> # hostapd -v >>> hostapd v2.0 >>> User space daemon for IEEE 802.11 AP management, >>> IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator >>> Copyright (c) 2002-2012, Jouni Malinen and contributors >>> >>> hostapd.conf: >>> =E2=80=94 >>> interface=3Dwlan0 >>> driver=3Dbsd >>> logger_syslog=3D-1 >>> logger_syslog_level=3D0 >>> ctrl_interface=3D/var/run/hostapd >>> ctrl_interface_group=3Dwheel >>> ssid=3Dweb >>> wpa=3D2 >>> wpa_key_mgmt=3DWPA-EAP >>> wpa_pairwise=3DTKIP CCMP >>> macaddr_acl=3D0 >>> auth_algs=3D1 >>> own_ip_addr=3D127.0.0.1 >>> ieee8021x=3D1 >>> eap_server=3D1 >>> eapol_version=3D1 >>> eap_user_file=3D/etc/hostapd_eap_user >>> ca_cert=3D/etc/ssl/startssl.ca.pem >>> server_cert=3D/etc/ssl/auth.pean.org/auth.pean.org.crt >>> private_key=3D/etc/ssl/auth.pean.org/auth.pean.org.key >>> =E2=80=94 >>> >>> This is what hostapd spits out when I connect with the phone: >>> >>> =E2=80=94 >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: a= ssociated >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 1 n= otification >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: s= tart authentication >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: start aut= hentication >>> Mar 29 15:14:08 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: a= ssociated >>> Mar 29 15:14:08 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: a= ssociated >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: u= nauthorizing port >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: S= ending EAP Packet (identifier 105) >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: r= eceived EAP packet (code=3D2 id=3D105 len=3D19) from STA: EAP Response-Iden= tity (1) >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: S= ending EAP Packet (identifier 106) >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: r= eceived EAP packet (code=3D2 id=3D106 len=3D152) from STA: EAP Response-PEA= P (25) >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: S= ending EAP Packet (identifier 107) >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: r= eceived EAP packet (code=3D2 id=3D107 len=3D6) from STA: EAP Response-PEAP = (25) >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: S= ending EAP Packet (identifier 108) >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: r= eceived EAP packet (code=3D2 id=3D108 len=3D6) from STA: EAP Response-PEAP = (25) >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: S= ending EAP Packet (identifier 109) >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: r= eceived EAP packet (code=3D2 id=3D109 len=3D6) from STA: EAP Response-PEAP = (25) >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: S= ending EAP Packet (identifier 110) >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: r= eceived EAP packet (code=3D2 id=3D110 len=3D592) from STA: EAP Response-PEA= P (25) >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: S= ending EAP Packet (identifier 111) >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: r= eceived EAP packet (code=3D2 id=3D111 len=3D6) from STA: EAP Response-PEAP = (25) >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: S= ending EAP Packet (identifier 112) >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: r= eceived EAP packet (code=3D2 id=3D112 len=3D59) from STA: EAP Response-PEAP= (25) >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: S= ending EAP Packet (identifier 113) >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: r= eceived EAP packet (code=3D2 id=3D113 len=3D107) from STA: EAP Response-PEA= P (25) >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: S= ending EAP Packet (identifier 114) >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: r= eceived EAP packet (code=3D2 id=3D114 len=3D43) from STA: EAP Response-PEAP= (25) >>> Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: S= ending EAP Packet (identifier 115) >>> Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: r= eceived EAP packet (code=3D2 id=3D115 len=3D43) from STA: EAP Response-PEAP= (25) >>> Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: S= ending EAP Packet (identifier 115) >>> Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1= /4 msg of 4-Way Handshake >>> Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: received = EAPOL-Key frame (2/4 Pairwise) >>> Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 3= /4 msg of 4-Way Handshake >>> Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: received = EAPOL-Key frame (4/4 Pairwise) >>> Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: pairwise = key handshake completed (RSN) >>> Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: a= uthorizing port >>> Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b RADIUS: starti= ng accounting session 54E5E3BB-00000E3D >>> Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: a= uthenticated - EAP type: 0 ((null)) >>> Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: Added PMK= SA cache entry (IEEE 802.1X) >>> Mar 29 15:14:09 gw dhcpd: DHCPREQUEST for 172.25.0.70 from cb:aa:3a:a1:= 78:7b via bridge0 >>> Mar 29 15:14:09 gw dhcpd: DHCPACK on 172.25.0.70 to cb:aa:3a:a1:78:7b v= ia bridge0 >>> Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: a= ssociated >>> Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 1 n= otification >>> Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 4 n= otification >>> Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: a= ssociated >>> Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 1 n= otification >>> Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: s= tart authentication >>> Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: start aut= hentication >>> Mar 29 15:15:20 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: a= ssociated >>> Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b MLME: MLME-DIS= ASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1) >>> Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b MLME: MLME-DEL= ETEKEYS.request(cb:aa:3a:a1:78:7b) >>> Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DIS= ASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1) >>> Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DEL= ETEKEYS.request(cb:aa:3a:a1:78:7b) >>> Mar 29 15:15:20 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b MLME: MLME-DIS= ASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1) >>> Mar 29 15:15:20 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b MLME: MLME-DEL= ETEKEYS.request(cb:aa:3a:a1:78:7b) >>> Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: a= ssociated >>> Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: PMKID fou= nd from PMKSA cache eap_type=3D0 vlan_id=3D0 >>> Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 1 n= otification >>> Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: s= tart authentication >>> Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: P= MK from PMKSA cache - skip IEEE 802.1X/EAP >>> Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1= /4 msg of 4-Way Handshake >>> Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: a= ssociated >>> Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 1 n= otification >>> Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: s= tart authentication >>> Mar 29 15:15:28 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: a= ssociated >>> Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b MLME: MLME-DIS= ASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1) >>> Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b MLME: MLME-DEL= ETEKEYS.request(cb:aa:3a:a1:78:7b) >>> Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DIS= ASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1) >>> Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DEL= ETEKEYS.request(cb:aa:3a:a1:78:7b) >>> Mar 29 15:15:28 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b MLME: MLME-DIS= ASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1) >>> Mar 29 15:15:28 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b MLME: MLME-DEL= ETEKEYS.request(cb:aa:3a:a1:78:7b) >>> Mar 29 15:15:29 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: EAPOL-Key= timeout >>> Mar 29 15:15:29 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1= /4 msg of 4-Way Handshake >>> Mar 29 15:15:30 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: EAPOL-Key= timeout >>> Mar 29 15:15:30 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1= /4 msg of 4-Way Handshake >>> Mar 29 15:15:31 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: EAPOL-Key= timeout >>> Mar 29 15:15:31 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1= /4 msg of 4-Way Handshake >>> Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: EAPOL-Key= timeout >>> Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: PTKSTART:= Retry limit 4 reached >>> Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 3 n= otification >>> Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: d= isassociated >>> Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 2 n= otification >>> Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: d= isassociated >>> Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 2 n= otification >>> Mar 29 15:15:32 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: d= isassociated >>> Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: a= ssociated >>> Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 1 n= otification >>> Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: s= tart authentication >>> Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: start aut= hentication >>> Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: a= ssociated >>> Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 1 n= otification >>> Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: s= tart authentication >>> Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: start aut= hentication >>> Mar 29 15:15:32 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: a= ssociated >>> Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DIS= ASSOCIATE.indication(cb:aa:3a:a1:78:7b, 1) >>> Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DEL= ETEKEYS.request(cb:aa:3a:a1:78:7b) >>> Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: u= nauthorizing port >>> Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: S= ending EAP Packet (identifier 220) >>> Mar 29 15:15:56 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: d= isassociated >>> Mar 29 15:15:56 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 2 n= otification >>> Mar 29 15:15:56 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: d= isassociated >>> Mar 29 15:15:56 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 2 n= otification >>> Mar 29 15:15:56 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: d= isassociated >>> =E2=80=94 >>