From owner-freebsd-wireless@FreeBSD.ORG Thu May 21 18:03:57 2015 Return-Path: Delivered-To: freebsd-wireless@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 551E7318 for ; Thu, 21 May 2015 18:03:57 +0000 (UTC) Received: from mail-ig0-x22f.google.com (mail-ig0-x22f.google.com [IPv6:2607:f8b0:4001:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 1C9661128 for ; Thu, 21 May 2015 18:03:57 +0000 (UTC) Received: by igbpi8 with SMTP id pi8so16559827igb.1 for ; Thu, 21 May 2015 11:03:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=99l689yuIz9CiwIMwUlajmZTvBpK4CxVB2TwtPrpAEc=; b=I/LTy3mHElVPJdQwfIO950wIhAgDkPnKkGr8Xebw2MiaXeaw0NzLjxAkYLq/+FZTfh 3Yo7lqyNErwvVvbU1hJtz8fgNqBwndUJZaeatotOCd3rc/1z1345YscULGeZqGoE+5am q6cu+fywHprcVej3mVPMzT/FtXM7FdduoGhycBPkY9g6Dn9/2ivMW7kic76qnMKWXu4p OlIJe7r4WwIZO8qyaXjAyGNCpgyOCcG2gW6+n197cOIVbsPhObg5puq7JtnnO5oz86wb 5SVBduQ/A4Ceb1fwKjUw8UW5Br+wfEfHQ8DF3kEkp3GcUC3SOJyysa2ZMywsh1Sb3HrS WonA== MIME-Version: 1.0 X-Received: by 10.42.176.8 with SMTP id bc8mr4713460icb.22.1432231436520; Thu, 21 May 2015 11:03:56 -0700 (PDT) Sender: adrian.chadd@gmail.com Received: by 10.36.38.133 with HTTP; Thu, 21 May 2015 11:03:56 -0700 (PDT) In-Reply-To: <555E1346.8010509@gmail.com> References: <01e701d08d75$fed02bd0$fc708370$@gmail.com> <003c01d08dbe$6018b900$204a2b00$@gmail.com> <555CB658.6040103@gmail.com> <555CC261.8080505@gmail.com> <20150521083957.GB5453@vpn.offrom.nl> <555E1346.8010509@gmail.com> Date: Thu, 21 May 2015 11:03:56 -0700 X-Google-Sender-Auth: 4XOwsWAUOlh-qxQLlT9zFHcuUTU Message-ID: Subject: Re: hostapd + freeradius can't connect From: Adrian Chadd To: Johann Cc: Willem@offermans.rompen.nl, "freebsd-wireless@freebsd.org" Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-wireless@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Discussions of 802.11 stack, tools device driver development." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 May 2015 18:03:57 -0000 HI, Would you mind creating a tarball up with your radius and hostapd configs? I'd like to repliate it at home ASAP. Thanks! -a On 21 May 2015 at 10:17, Johann wrote: > I've tried it this morning on 11.0-CURRENT #172 r280972: Thu Apr 2 and it > worked. > > Here is my configs. > rc.conf > wlans_ath0="wlan0" > create_args_wlan0="wlanmode hostap country ZA" > ifconfig_wlan0="mode 11g channel 6" > hostapd_enable="YES" > cloned_interfaces="bridge0" > ifconfig_bridge0="addm vr0 addm wlan0 up" > ifconfig_vr0="146.64.5.5/24 up" > defaultrouter="146.64.5.1" > > > hostapd.conf > interface=wlan0 > ctrl_interface=/var/run/hostapd > ctrl_interface_group=wheel > ssid=testAP > hw_mode=g > channel=6 > > wpa=2 > ignore_broadcast_ssid=0 > wpa_pairwise=CCMP TKIP > wpa_key_mgmt=WPA-EAP > wpa_pairwise=TKIP CCMP > rsn_pairwise=CCMP > > ieee8021x=1 > own_ip_addr=146.64.5.5 > auth_server_addr=146.64.8.20 > auth_server_port=1812 > auth_server_shared_secret=test123 > > Regards > Johann > > > On 2015/05/21 06:47 PM, Adrian Chadd wrote: >> >> That's the plan. Once I fix a couple other things I'm going to go see >> why it currently isn't working. >> >> >> >> -adrian >> >> On 21 May 2015 at 01:39, Willem Offermans >> wrote: >>> >>> Dear FreeBSD friends, >>> >>> Sorry to interrupt here, but I got triggered by this e-mail thread. >>> >>> Do I understand correctly that it is possible to connect hostapd with >>> FreeRadius and OpenLDAP? Would it be possible to do the authentication of >>> wireless access over the ldap server? If yes, do I need FreeRadius to >>> intermediate between hostapd and OpenLDAP? >>> >>> Is there some documentation around to setup hostapd + OpenLDAP or hostapd >>> + >>> FreeRadius + OpenLDAP under FreeBSD? >>> >>> Sorry, to interrp >>> >>> On Wed, May 20, 2015 at 07:20:33PM +0200, Johann wrote: >>>> >>>> On 2015/05/20 06:29 PM, Johann wrote: >>>>> >>>>> On 2015/05/16 08:03 AM, Adrian Chadd wrote: >>>>>> >>>>>> Hi, >>>>>> Has this ever worked? >>>>> >>>>> Yes. >>>>> >>>>> I got it working in April 2012 on FreeBSD 8 and 9. I've used a >>>>> FreeRadius server and a FreeBSD client with wpa_supplicant to test >>>>> it. >>>>> >>>>> At that stage you had to enable the eap_server when you compile hostapd >>>>> >>>>> # echo HOSTAPD_CFLAGS+=-DEAP_SERVER >> /etc/src.conf >>>>> # cd /usr/src/usr.sbin/wpa/hostapd >>>>> # make >>>>> # make install >>>>> >>>>> but Bernhard Schmidt fixed it so that EAP_SERVER was enabled by >>>>> default. >>>>> >>>>> >>>>> Here is the configs that I used: >>>>> >>>>> rc.conf >>>>> hostname="AP-vlan" >>>>> wlans_ath0="wlan0" >>>>> create_args_wlan0="wlanmode hostap country ZA" >>>>> ifconfig_wlan0="146.64.5.5/24 mode 11g channel 6" >>>>> defaultrouter="146.64.5.1" >>>>> hostapd_enable="YES" >>>>> cloned_interfaces="bridge0" >>>>> ifconfig_bridge0="addm sis0 addm wlan0 up" >>>>> ifconfig_sis0="up" >>>>> >>>>> >>>>> hostapd.conf >>>>> interface=wlan0 >>>>> ctrl_interface=/var/run/hostapd >>>>> ctrl_interface_group=wheel >>>>> ssid=testAP >>>>> hw_mode=g >>>>> channel=6 >>>>> >>>>> wpa=1 >>>>> wpa_pairwise=CCMP TKIP >>>>> wpa_key_mgmt=WPA-EAP >>>>> wpa_pairwise=TKIP CCMP >>>>> rsn_pairwise=CCMP >>>>> >>>>> Hope it helps >>>>> >>>>> Regards >>>>> Johann >>>>> _______________________________________________ >>>>> freebsd-wireless@freebsd.org mailing list >>>>> http://lists.freebsd.org/mailman/listinfo/freebsd-wireless >>>>> To unsubscribe, send any mail to >>>>> "freebsd-wireless-unsubscribe@freebsd.org" >>>>> >>>> Looks like this part of hostapd.conf got lost. >>>> >>>> ieee8021x=1 >>>> own_ip_addr=146.64.5.5 >>>> auth_server_addr=146.64.8.25 >>>> auth_server_port=1812 >>>> auth_server_shared_secret=same-as-on-freeradius >>>> >>>> Johann >>>> >>>> _______________________________________________ >>>> freebsd-wireless@freebsd.org mailing list >>>> http://lists.freebsd.org/mailman/listinfo/freebsd-wireless >>>> To unsubscribe, send any mail to >>>> "freebsd-wireless-unsubscribe@freebsd.org" >>> >>> -- >>> Met vriendelijke groeten, >>> With kind regards, >>> Mit freundlichen Gruessen, >>> De jrus wah, >>> >>> Wiel >>> >>> ************************************* >>> W.K. Offermans >>> _______________________________________________ >>> freebsd-wireless@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-wireless >>> To unsubscribe, send any mail to >>> "freebsd-wireless-unsubscribe@freebsd.org" > >