I forgot to mention an important data point. I see via WireShark the EAPOL
from the supplicant to the server and the server requesting identity but
the supplicant doesn't appear to see the request.
---------- Forwarded message ----------
Date: Fri, 14 Jan 2011 07:34:27 -0700 (MST)
From: Dennis Glatting <free...@penx.com>
To: freebsd-net@freebsd.org
Subject: Looking for hints re 802.1X wired
I am trouble with 802.1x wired and I am wondering whether there is some
required characteristic of the Ethernet driver. AFAICT, I have my
wap_supplicant running correctly and I do have wireless interfaces that work
both AP and supplicant.
My Ethernet is:
Bart# dmesg|grep em0
em0: <Intel(R) PRO/1000 Network Connection 7.1.8> port 0x4000-0x401f mem
0xfdbe0000-0xfdbfffff,0xfdb00000-0xfdb7ffff irq 16 at device 0.0 on pci11
em0: Using an MSI interrupt
em0: [FILTER]
em0: Ethernet address: 00:26:55:d8:47:b5
Bart# ifconfig em0
em0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=19b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4>
ether 00:26:55:d8:47:b5
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
The command I run is:
wpa_supplicant -ddd -iem0 -Dwired -c wpa.conf
My conf file has changed many times but its present content is:
Bart# cat wpa.conf
ctrl_interface=/var/run/wpa_eth1
ap_scan=no
network={
# bssid=00:17:8b:05:39:8f
key_mgmt=IEEE8021X
eap=TLS
eapol_flags=0
# pairwise=CCMP TKIP
# group=CCMP TKIP
identity="foo"
ca_cert="/root/ml.test.06Jan2011/CAd.cert.cer"
client_cert="/root/ml.test.06Jan2011/CAd.ml.cert.pem"
private_key="/root/ml.test.06Jan2011/CAd.ml.priv.pem"
private_key_passwd="frogger"
}
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
