Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 29 Jul 2013 12:56:40 -0700
From:      Rui Paulo <rpaulo@felyko.com>
To:        =?iso-8859-1?Q?Jean-S=E9bastien_P=E9dron?= <jean-sebastien.pedron@dumbbell.fr>
Cc:        freebsd-current@freebsd.org, wireless@freebsd.org
Subject:   Re: 802.1X: dhclient started before the auth. process ends
Message-ID:  <5FE3C8E1-E073-423D-84E2-242D16CA31E4@felyko.com>
In-Reply-To: <51F6758C.9020004@dumbbell.fr>
References:  <51F26CEB.9010200@dumbbell.fr> <20130729095946.GK59101@e-new.0x20.net> <CAJ-Vmo=yw-jL%2BT2QUfiOfx8oGZweNt%2BgWFBaVriVPtWsrVCEiA@mail.gmail.com> <51F6758C.9020004@dumbbell.fr>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 29 Jul 2013, at 07:00, Jean-S=E9bastien P=E9dron =
<jean-sebastien.pedron@dumbbell.fr> wrote:

> On 29.07.2013 15:34, Adrian Chadd wrote:
>> I think you were lucky.
>=20
> I think you're right.
>=20
> It works perfectly on FreeBSD 9.1, because wpa_supplicant finishes the
> auth process really quickly, ie. before dhclient receives an answer =
from
> dhcpd from the unauthenticated network:
>=20
> Jul 29 15:39:46 - kernel: bge0: link state changed to UP
> Jul 29 15:39:46 - dhclient[46150]: DHCPREQUEST on bge0 to
> 255.255.255.255 port 67
> Jul 29 15:39:47 - wpa_supplicant[46119]: CTRL-EVENT-EAP-STARTED EAP
> authentication started
> ...
> Jul 29 15:39:47 - wpa_supplicant[46119]: CTRL-EVENT-EAP-SUCCESS EAP
> authentication completed successfully
> Jul 29 15:39:48 - dhclient[46150]: DHCPREQUEST on bge0 to
> 255.255.255.255 port 67
> Jul 29 15:39:48 - dhclient[46150]: DHCPACK from 192.168.200.224
> Jul 29 15:39:48 - dhclient: New IP Address (bge0): 192.168.200.91
> Jul 29 15:39:48 - dhclient: New Subnet Mask (bge0): 255.255.255.0
> Jul 29 15:39:48 - dhclient: New Broadcast Address (bge0): =
192.168.200.255
> Jul 29 15:39:48 - dhclient: New Routers (bge0): 192.168.200.254
>=20
> On -CURRENT, wpa_supplicant is started more than 10 seconds after the
> interface is UP and dhclient sent its request
> (http://pastebin.com/ZHcbHLQZ). Therefore, a lease from the
> unauthenticated network arrives first. It was working with a previous
> -CURRENT (buildworld from around April if memory serves).


Disable all the configuration settings and run wpa_supplicant -ddd <all =
your other options...>

--
Rui Paulo

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5FE3C8E1-E073-423D-84E2-242D16CA31E4>