From owner-freebsd-mobile Thu Oct 19 1: 0:13 2000 Delivered-To: freebsd-mobile@freebsd.org Received: from cisco.com (flipper.cisco.com [171.69.25.141]) by hub.freebsd.org (Postfix) with ESMTP id 7B89F37B4D7 for ; Thu, 19 Oct 2000 01:00:11 -0700 (PDT) Received: from kitab.cisco.com (kitab.cisco.com [171.69.187.233]) by cisco.com (8.8.5-Cisco.2-SunOS.5.5.1.sun4/8.8.8) with ESMTP id BAA03219 for ; Thu, 19 Oct 2000 01:00:10 -0700 (PDT) Received: (from raj@localhost) by kitab.cisco.com (8.11.0/8.9.2) id e9J80Hb00464; Thu, 19 Oct 2000 01:00:17 -0700 (PDT) (envelope-from raj) From: Richard Johnson MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Date: Thu, 19 Oct 2000 01:00:16 -0700 (PDT) To: freebsd-mobile@freebsd.org Subject: Aironet encryption w/ Lucent base works! X-Mailer: VM 6.43 under 20.4 "Emerald" XEmacs Lucid Message-ID: <14830.41949.618252.648414@kitab.cisco.com> Sender: owner-freebsd-mobile@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I have a Cabletron/Lucent "Access Point" base station and recently purchased a Cisco (Aironet) 342 (128 bit encryption) PC card. My base station has a Lucent/Orinoco Gold card. I've been trying to get the encryption working between these two systems without any luck. I couldn't even get the Cisco card working with the Lucent card when the Cisco card was running under Windows95, much less under FreeBSD! I finally have it working! Here's the deal: I, of course, rebuilt my kernel with Doug Ambrisko's changes along with rebuilding "ancontrol" with his changes to support WEP. I have set a 26 hex digit encryption key on the base station as "key 1" and told it to use "key 1" as the transmit key. I set the base station to use encryption, and *not* to allow unencrypted data (this is important). I then configured my laptop with something like: ancontrol -i an0 -n home ancontrol -i an0 -o 1 ancontrol -i an0 -v 0 -k 0x12345678901234567890123456 ancontrol -i an0 -K 2 ancontrol -i an0 -W 1 and it all worked just fine! It has been already stated here that you must have the *same* keys defined the same for *all* keys on both sides. I didn't have any other, unused, keys defined, so I can't say if that would have stopped it from working or not. It has also been stated that the ancontrol program always sets the last key programmed as the "transmit key". Also, key "0" for ancontrol corresponds to key "1" on the base station. The important change I finally tried which made things work was to program the base station to "not allow unencrypted data". When I programmed this, and restarted the base station, the encryption worked just fine! I hope this helps someone. I couldn't find any documentation on this anywhere on the net. /raj To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-mobile" in the body of the message