From owner-freebsd-wireless@FreeBSD.ORG Mon Mar 30 00:22:44 2015 Return-Path: Delivered-To: freebsd-wireless@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D0BC938E for ; Mon, 30 Mar 2015 00:22:44 +0000 (UTC) Received: from mail-ie0-x22e.google.com (mail-ie0-x22e.google.com [IPv6:2607:f8b0:4001:c03::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 9610A7F for ; Mon, 30 Mar 2015 00:22:44 +0000 (UTC) Received: by ierf6 with SMTP id f6so38033284ier.2 for ; Sun, 29 Mar 2015 17:22:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=8ztvgbonTm+nr0kE37Z4taKUzt0KfRiukFRsOS2oD3A=; b=e6d1gTo6JJPP5Mf6WCbgxmIJSkc6qPy5BoJXfO0cs0tgvuVeAN78QzKKqKPQ+Xl5Lp VCz8z4GehgrQkqxQfmcqGcxn8iZWkQ0t9tYIJv9jsSlarj1zdSvIkiA0z+rBMGCmWJLb Znu+uJCgOGF1xBkEWW5lMFe4yyrLzT1gMxfaZG6X74HGFhMCFr3e6chgLr+uuo9ainFy GPHae2ITcstR966sS5AW2NjuDVzJe5pTXe+p8xepJEYCqWwzV/17JEsRx2JmKCt+KByi QetjbW9ZMcCeRBgxmzwG4Exfz7KiLujZcliVCGyUYp+EwgG0ya5lYoe6bLDPAuuwRBRK pZ+g== MIME-Version: 1.0 X-Received: by 10.50.36.65 with SMTP id o1mr14103380igj.32.1427674963782; Sun, 29 Mar 2015 17:22:43 -0700 (PDT) Received: by 10.36.17.194 with HTTP; Sun, 29 Mar 2015 17:22:43 -0700 (PDT) In-Reply-To: <2643C4C9-AE61-4F14-9DE4-2272C0FFCEE2@pean.org> References: <2643C4C9-AE61-4F14-9DE4-2272C0FFCEE2@pean.org> Date: Sun, 29 Mar 2015 17:22:43 -0700 Message-ID: Subject: Re: WPA2 Enterprise with hostapd and iphone From: Adrian Chadd To: =?UTF-8?Q?Peter_Ankerst=C3=A5l?= Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Cc: "freebsd-wireless@freebsd.org" X-BeenThere: freebsd-wireless@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Discussions of 802.11 stack, tools device driver development." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Mar 2015 00:22:44 -0000 Hi! * which NIC is this? * can you please try -HEAD A lot of bugs have been fixed! -a On 29 March 2015 at 06:31, Peter Ankerst=C3=A5l wrote: > Hi! > > I have problems with my iphone since i switched to wpa2 enterprise on my = home network. (All other devices work fine including ipad and macs). The co= nnection seems to work fine at first but then it gets REALLY slow or no con= nection at all. (but iOS still shows it as connected). > > machine: > FreeBSD gw 10.1-RELEASE-p1 FreeBSD 10.1-RELEASE-p1 #2 r275849 > > # hostapd -v > hostapd v2.0 > User space daemon for IEEE 802.11 AP management, > IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator > Copyright (c) 2002-2012, Jouni Malinen and contributors > > hostapd.conf: > =E2=80=94 > interface=3Dwlan0 > driver=3Dbsd > logger_syslog=3D-1 > logger_syslog_level=3D0 > ctrl_interface=3D/var/run/hostapd > ctrl_interface_group=3Dwheel > ssid=3Dweb > wpa=3D2 > wpa_key_mgmt=3DWPA-EAP > wpa_pairwise=3DTKIP CCMP > macaddr_acl=3D0 > auth_algs=3D1 > own_ip_addr=3D127.0.0.1 > ieee8021x=3D1 > eap_server=3D1 > eapol_version=3D1 > eap_user_file=3D/etc/hostapd_eap_user > ca_cert=3D/etc/ssl/startssl.ca.pem > server_cert=3D/etc/ssl/auth.pean.org/auth.pean.org.crt > private_key=3D/etc/ssl/auth.pean.org/auth.pean.org.key > =E2=80=94 > > This is what hostapd spits out when I connect with the phone: > > =E2=80=94 > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: ass= ociated > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 1 not= ification > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: sta= rt authentication > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: start authe= ntication > Mar 29 15:14:08 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: ass= ociated > Mar 29 15:14:08 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: ass= ociated > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: una= uthorizing port > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sen= ding EAP Packet (identifier 105) > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: rec= eived EAP packet (code=3D2 id=3D105 len=3D19) from STA: EAP Response-Identi= ty (1) > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sen= ding EAP Packet (identifier 106) > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: rec= eived EAP packet (code=3D2 id=3D106 len=3D152) from STA: EAP Response-PEAP = (25) > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sen= ding EAP Packet (identifier 107) > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: rec= eived EAP packet (code=3D2 id=3D107 len=3D6) from STA: EAP Response-PEAP (2= 5) > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sen= ding EAP Packet (identifier 108) > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: rec= eived EAP packet (code=3D2 id=3D108 len=3D6) from STA: EAP Response-PEAP (2= 5) > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sen= ding EAP Packet (identifier 109) > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: rec= eived EAP packet (code=3D2 id=3D109 len=3D6) from STA: EAP Response-PEAP (2= 5) > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sen= ding EAP Packet (identifier 110) > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: rec= eived EAP packet (code=3D2 id=3D110 len=3D592) from STA: EAP Response-PEAP = (25) > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sen= ding EAP Packet (identifier 111) > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: rec= eived EAP packet (code=3D2 id=3D111 len=3D6) from STA: EAP Response-PEAP (2= 5) > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sen= ding EAP Packet (identifier 112) > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: rec= eived EAP packet (code=3D2 id=3D112 len=3D59) from STA: EAP Response-PEAP (= 25) > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sen= ding EAP Packet (identifier 113) > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: rec= eived EAP packet (code=3D2 id=3D113 len=3D107) from STA: EAP Response-PEAP = (25) > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sen= ding EAP Packet (identifier 114) > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: rec= eived EAP packet (code=3D2 id=3D114 len=3D43) from STA: EAP Response-PEAP (= 25) > Mar 29 15:14:08 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sen= ding EAP Packet (identifier 115) > Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: rec= eived EAP packet (code=3D2 id=3D115 len=3D43) from STA: EAP Response-PEAP (= 25) > Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sen= ding EAP Packet (identifier 115) > Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1/4= msg of 4-Way Handshake > Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: received EA= POL-Key frame (2/4 Pairwise) > Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 3/4= msg of 4-Way Handshake > Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: received EA= POL-Key frame (4/4 Pairwise) > Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: pairwise ke= y handshake completed (RSN) > Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: aut= horizing port > Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b RADIUS: starting= accounting session 54E5E3BB-00000E3D > Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: aut= henticated - EAP type: 0 ((null)) > Mar 29 15:14:09 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: Added PMKSA= cache entry (IEEE 802.1X) > Mar 29 15:14:09 gw dhcpd: DHCPREQUEST for 172.25.0.70 from cb:aa:3a:a1:78= :7b via bridge0 > Mar 29 15:14:09 gw dhcpd: DHCPACK on 172.25.0.70 to cb:aa:3a:a1:78:7b via= bridge0 > Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: ass= ociated > Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 1 not= ification > Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 4 not= ification > Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: ass= ociated > Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 1 not= ification > Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: sta= rt authentication > Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: start authe= ntication > Mar 29 15:15:20 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: ass= ociated > Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b MLME: MLME-DISAS= SOCIATE.indication(cb:aa:3a:a1:78:7b, 1) > Mar 29 15:15:20 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b MLME: MLME-DELET= EKEYS.request(cb:aa:3a:a1:78:7b) > Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DISAS= SOCIATE.indication(cb:aa:3a:a1:78:7b, 1) > Mar 29 15:15:20 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DELET= EKEYS.request(cb:aa:3a:a1:78:7b) > Mar 29 15:15:20 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b MLME: MLME-DISAS= SOCIATE.indication(cb:aa:3a:a1:78:7b, 1) > Mar 29 15:15:20 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b MLME: MLME-DELET= EKEYS.request(cb:aa:3a:a1:78:7b) > Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: ass= ociated > Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: PMKID found= from PMKSA cache eap_type=3D0 vlan_id=3D0 > Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 1 not= ification > Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: sta= rt authentication > Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: PMK= from PMKSA cache - skip IEEE 802.1X/EAP > Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1/4= msg of 4-Way Handshake > Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: ass= ociated > Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 1 not= ification > Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: sta= rt authentication > Mar 29 15:15:28 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: ass= ociated > Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b MLME: MLME-DISAS= SOCIATE.indication(cb:aa:3a:a1:78:7b, 1) > Mar 29 15:15:28 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b MLME: MLME-DELET= EKEYS.request(cb:aa:3a:a1:78:7b) > Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DISAS= SOCIATE.indication(cb:aa:3a:a1:78:7b, 1) > Mar 29 15:15:28 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DELET= EKEYS.request(cb:aa:3a:a1:78:7b) > Mar 29 15:15:28 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b MLME: MLME-DISAS= SOCIATE.indication(cb:aa:3a:a1:78:7b, 1) > Mar 29 15:15:28 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b MLME: MLME-DELET= EKEYS.request(cb:aa:3a:a1:78:7b) > Mar 29 15:15:29 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: EAPOL-Key t= imeout > Mar 29 15:15:29 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1/4= msg of 4-Way Handshake > Mar 29 15:15:30 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: EAPOL-Key t= imeout > Mar 29 15:15:30 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1/4= msg of 4-Way Handshake > Mar 29 15:15:31 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: EAPOL-Key t= imeout > Mar 29 15:15:31 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: sending 1/4= msg of 4-Way Handshake > Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: EAPOL-Key t= imeout > Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: PTKSTART: R= etry limit 4 reached > Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 3 not= ification > Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: dis= associated > Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 2 not= ification > Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: dis= associated > Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 2 not= ification > Mar 29 15:15:32 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: dis= associated > Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: ass= ociated > Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 1 not= ification > Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.1X: sta= rt authentication > Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: start authe= ntication > Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: ass= ociated > Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 1 not= ification > Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: sta= rt authentication > Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: start authe= ntication > Mar 29 15:15:32 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: ass= ociated > Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DISAS= SOCIATE.indication(cb:aa:3a:a1:78:7b, 1) > Mar 29 15:15:32 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b MLME: MLME-DELET= EKEYS.request(cb:aa:3a:a1:78:7b) > Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: una= uthorizing port > Mar 29 15:15:32 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.1X: Sen= ding EAP Packet (identifier 220) > Mar 29 15:15:56 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b IEEE 802.11: dis= associated > Mar 29 15:15:56 gw hostapd: wlan0: STA cb:aa:3a:a1:78:7b WPA: event 2 not= ification > Mar 29 15:15:56 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b IEEE 802.11: dis= associated > Mar 29 15:15:56 gw hostapd: wlan1: STA cb:aa:3a:a1:78:7b WPA: event 2 not= ification > Mar 29 15:15:56 gw hostapd: wlan2: STA cb:aa:3a:a1:78:7b IEEE 802.11: dis= associated > =E2=80=94 >