On Fri, 14 Jan 2011, Bernhard Schmidt wrote:
On Friday 14 January 2011 15:40:18 Dennis Glatting wrote:
I forgot to mention an important data point. I see via WireShark the
EAPOL from the supplicant to the server and the server requesting
identity but the supplicant doesn't appear to see the r
On Friday 14 January 2011 15:40:18 Dennis Glatting wrote:
> I forgot to mention an important data point. I see via WireShark the
> EAPOL from the supplicant to the server and the server requesting
> identity but the supplicant doesn't appear to see the request.
Which FreeBSD version are you runnin
From: Dennis Glatting
To: freebsd-net@freebsd.org
Subject: Looking for hints re 802.1X wired
I am trouble with 802.1x wired and I am wondering whether there is some
required characteristic of the Ethernet driver. AFAICT, I have my
wap_supplicant running correctly and I do have wireless interfaces
I am trouble with 802.1x wired and I am wondering whether there is some
required characteristic of the Ethernet driver. AFAICT, I have my
wap_supplicant running correctly and I do have wireless interfaces that
work both AP and supplicant.
My Ethernet is:
Bart# dmesg|grep em0
em0: port
Synopsis: [wlan] 802.1x broken after SVN rev 189592
State-Changed-From-To: open->closed
State-Changed-By: bschmidt
State-Changed-When: Mon Jan 3 21:15:34 UTC 2011
State-Changed-Why:
According to originator this issue is fixed.
Responsible-Changed-From-To: freebsd-net->bschmidt
Respo
On Fri, 19 Jun 2009 13:55:26 +0300
Vladimir Terziev wrote:
> What should i put for HOSTAPD_CFLAGS, HOSTAPD_DPADD, HOSTAPD_LDADD or
> WPA_SUPPLICANT_* (not sure which ones i should use) in order to get
> hostapd rebuilt with the functionality i want ?
For the archives, the following lines in /et
> > Also, how can i enable it ?
> >
> > Thanks,
> >
> > Vladimir
> >
> >
> > On Thu, 2009-06-18 at 13:55 +0300, Paul B. Mahol wrote:
> >
> >> On 6/18/09, Vladimir Terziev wrote:
> >>
> >>> Hi,
> >>&g
:
Hi,
i try to setup wireless access point at home, based on FreeBSD
7.2R-i386, ral(4) wireless card and hostpad(8).
I want my wireless AP to support 802.1x EAP-TLS/TTLS authentication.
I
issued a custom SSL certificate for the hostapd(8) and put the
following
> >
> > i try to setup wireless access point at home, based on FreeBSD
> > 7.2R-i386, ral(4) wireless card and hostpad(8).
> >
> > I want my wireless AP to support 802.1x EAP-TLS/TTLS authentication.
> I
> > issued a custom SSL certificate for the host
On 6/18/09, Vladimir Terziev wrote:
> Hi,
>
> i try to setup wireless access point at home, based on FreeBSD
> 7.2R-i386, ral(4) wireless card and hostpad(8).
>
> I want my wireless AP to support 802.1x EAP-TLS/TTLS authentication. I
> issued a custom SSL certificate for t
Hi,
i try to setup wireless access point at home, based on FreeBSD
7.2R-i386, ral(4) wireless card and hostpad(8).
I want my wireless AP to support 802.1x EAP-TLS/TTLS authentication. I
issued a custom SSL certificate for the hostapd(8) and put the following
directives in hostapd.conf
The following reply was made to PR kern/132885; it has been noted by GNATS.
From: Vany Serezhkin
To: bug-follo...@freebsd.org
Cc:
Subject: Re: kern/132885: [wlan] 802.1x broken after SVN rev 189592
Date: Tue, 31 Mar 2009 10:35:57 +0400
Hello again.
In last weekend i update system and this
Synopsis: [wlan] 802.1x broken after SVN rev 189592
Responsible-Changed-From-To: freebsd-bugs->freebsd-net
Responsible-Changed-By: linimon
Responsible-Changed-When: Sat Mar 21 15:15:07 UTC 2009
Responsible-Changed-Why:
Reassign.
http://www.freebsd.org/cgi/query-pr.cgi?pr=132
Hello.
Sam Leffler wrote:
Are you certain it's that revision? Have you tried r189931 which
worked around certain problems in the initial commit?
Yes, problem still here.
Can you provide sufficient info to reproduce your problem? Filing a
PR for reference is likely the best thing to do.
ok.
Hello again.
Bruce Simpson wrote:
General questions:
Are you running any routing protocols on this machine, or anything
which opens a multicast socket at system startup?
No, any it is a simple work notebook. May be it avahi or hald
starts something, but i think they isn't.
Do you have m
t :
after the current updated to
20090309 Merge IGMPv3 and Source-Specific Multicast (SSM) to the FreeBSD
IPv4 stack.
I can't use any wpa_supplicant related networks.
It faulted in any WPA authentications , that i tried.
Also it faulted when i try to login via 802.1x in my job network.
Ge
so it faulted when i try to login via 802.1x in my job network.
All happens after i starts wpa_supplicant and looks like these:
#11 0xc05cabec in panic (fmt=0xc08b16e9 "sbappendaddr_locked") at
/opt/src/sys/kern/kern_shutdown.c:559
#12 0xc061fd40 in sbappendaddr_locked (sb=0xc66dd670,
ry to login via 802.1x in my job network.
All happens after i starts wpa_supplicant and looks like these:
#11 0xc05cabec in panic (fmt=0xc08b16e9 "sbappendaddr_locked") at
/opt/src/sys/kern/kern_shutdown.c:559
#12 0xc061fd40 in sbappendaddr_locked (sb=0xc66dd670, asa=0xc09021b4,
m0=0xce
On Wed, Apr 09, 2008 at 01:43:07PM -0700, Sam Leffler wrote:
>
> I believe it's done w/ bpf and the important change for wired support was
> to accept mcast frames from the PAE mcast address. Like I said to you
> privately; you might try this on releng7 where it was tested by someone.
I debuge
Guido van Rooij wrote:
On Wed, Apr 09, 2008 at 09:58:31PM +0200, Guido van Rooij wrote:
wpa_supplicant send a EAPOL start (version 1, type start)
procurve sends EAP failure (version 1, type: eap packet (code failure, id: 2)
procurve send EAP request identify (veersion 1, type: eap packet (cod
On Wed, Apr 09, 2008 at 09:58:31PM +0200, Guido van Rooij wrote:
>
> wpa_supplicant send a EAPOL start (version 1, type start)
> procurve sends EAP failure (version 1, type: eap packet (code failure, id: 2)
> procurve send EAP request identify (veersion 1, type: eap packet (code:
> request
> type
On Wed, Apr 09, 2008 at 09:11:05AM -0700, Sam Leffler wrote:
> Brooks Davis wrote:
>> On Wed, Apr 09, 2008 at 03:05:31PM +0200, Guido van Rooij wrote:
>>> What is the best way to be able to have a FreeBSD system connect
>>> via 802.1x to a wired network? Wap_su
Brooks Davis wrote:
On Wed, Apr 09, 2008 at 03:05:31PM +0200, Guido van Rooij wrote:
What is the best way to be able to have a FreeBSD system connect
via 802.1x to a wired network? Wap_supplicant seems to insist on
calling 80211 ioctl's and thus fails.
I found the open1x project, but di
On Wed, Apr 09, 2008 at 03:05:31PM +0200, Guido van Rooij wrote:
> What is the best way to be able to have a FreeBSD system connect
> via 802.1x to a wired network? Wap_supplicant seems to insist on
> calling 80211 ioctl's and thus fails.
>
> I found the open1x project, bu
What is the best way to be able to have a FreeBSD system connect
via 802.1x to a wired network? Wap_supplicant seems to insist on
calling 80211 ioctl's and thus fails.
I found the open1x project, but did not find it in the ports tree.
This suggests that perhaps there is a native solution
Marco Molteni wrote:
On Thu, 20 May 2004 11:20:27 +1000
Phillip Crumpler <[EMAIL PROTECTED]> wrote:
[..]
I need a neat and tidy way of notifying either a netgraph node or a
user process about associations.
[..]
You did search the archives, did you? ;-)
Have a look at the following thread:
h
On Thu, 20 May 2004 Sam Leffler <[EMAIL PROTECTED]> wrote:
[..]
> I pointed him at the madwifi project on sourceforge. It's a Linux
> port of the net80211 layer that now includes an 802.1x authenticator
> and soon will have WPA support too. Backporting to FreeBSD should
tribute it to FreeBSD.
I pointed him at the madwifi project on sourceforge. It's a Linux port of the
net80211 layer that now includes an 802.1x authenticator and soon will have
WPA support too. Backporting to FreeBSD should be straightforward. For
user-level notification I have some simp
On Thu, 20 May 2004 11:20:27 +1000
Phillip Crumpler <[EMAIL PROTECTED]> wrote:
[..]
> I need a neat and tidy way of notifying either a netgraph node or a
> user process about associations.
[..]
You did search the archives, did you? ;-)
Have a look at the following thread:
http://docs.FreeBSD.o
Hi folks!
As part of a university project I'm building a IEEE 802.1x authenticator
for use with wireless networks. The project is based upon a FreeBSD
machine using a Prism based NIC in HOSTAP mode. The role of the
authenticator is to selectively allow hosts use of the access point.
Pa
give you
> > commit powers :)
>
> I would just note that I am working on an alternative that is not
> netgraph-based. It is not yet ready to commit but will be within a month.
Fine, however it would be nice to explain the differences between the
features, the architecture, ... of
Julian Elischer wrote:
You make that sound like netgraph was a bad thing..
It's a good thing. Esp. on a dual 2.8GHz box. ;-)
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
On Tue, 18 Feb 2003, Sam Leffler wrote:
> > See everyone is asking for the same thing
> > integration in the tree.
> >
> > Julian Elischer can sure help do this if
> > not other people will surely try to help
> > you either commit thru someone or give you
> > commit powers :)
> >
>
> I would ju
That's cool as well :)
On Tue, 18 Feb 2003 09:03:50 -0800
"Sam Leffler" <[EMAIL PROTECTED]> wrote:
> > See everyone is asking for the same thing
> > integration in the tree.
> >
> > Julian Elischer can sure help do this if
> > not other people will surely try to help
> > you either commit thru s
> See everyone is asking for the same thing
> integration in the tree.
>
> Julian Elischer can sure help do this if
> not other people will surely try to help
> you either commit thru someone or give you
> commit powers :)
>
I would just note that I am working on an alternative that is not
netgrap
gt; Folks,
>
> There is a new version of my 802.1x code available,
> downloadable from http://www.tml.hut.fi/~pnr/eapol/
>
> As new features, this version now includes server
> side support for talking to several clients at the
> same time, and includes a beginnings for regre
We are interested in any 802.1x developments too. Is this in the 4.7 or 5.0
tree?
We are small ISP that does 802.11 wireless. We use IPSEC to tunnel to
business customers, but would really like a secure way for our
roaming/laptop users to connect.
- Mike
On 2/17/03 12:39 PM, "Vincent J
2003 14:43, Pekka Nikander a écrit :
> Folks,
>
> There is a new version of my 802.1x code available,
> downloadable from http://www.tml.hut.fi/~pnr/eapol/
>
> As new features, this version now includes server
> side support for talking to several clients at the
> same
Folks,
There is a new version of my 802.1x code available,
downloadable from http://www.tml.hut.fi/~pnr/eapol/
As new features, this version now includes server
side support for talking to several clients at the
same time, and includes a beginnings for regression test
suite using tools that
jeremie le-hen wrote:
However, I fight with 802.1x under FreeBSD. I know Pekka Nikander worked on an
802.1x implementation under FreeBSD (see [1]), but I wasn't able to make it
work with a FreeRadius server.
My 802.1x implementation is still lacking quite a lot,
especially at the user
e-hen wrote:
Hi,
I'm currently working on a transparent gateway running FreeBSD, which
must
provide two major features:
* transparent border gateway between an IPv6 and an IPv4 network
(using
NAT-PT, described in RFC 2766)
* network authentication (using IEEE 802.1x)
NAT-PT is currently i
Hi,
I'm currently working on a transparent gateway running FreeBSD, which must
provide two major features:
* transparent border gateway between an IPv6 and an IPv4 network (using
NAT-PT, described in RFC 2766)
* network authentication (using IEEE 802.1x)
NAT-
We are running the SecureID clients on freeBSD 4.4
I don't think they have the server running on FreeBSD
but we are just using a sun for that.
The radiusd code has the option to link with their libraries
so we did that.. that gives us a freebsd SecureID based radiusd.
(it's the ascend radiusd)
t
> >
> > This one is pretty critical. If you can't support SecurID passwords
> > (60sec lifetime) then there are lots of sites that won't be
> able to work
> > with the system at all. We've already seen this problem
> with the Cisco
> > LEAP stuff.
>
> Does anyone else have secureID fobs runn
On Sat, 10 Nov 2001, Pekka Nikander wrote:
>
>
> That's one of the tricky parts with the current architecture.
> I have to somehow tag the packets going to the userland with
> both the interface and MAC address. The code is planned to
> do that, but I still don't know what's the cleanest way
Thanks for your comments. This is exactly what I need
so that we get an architecturally beautiful but still
flexible enough implementation.
> I think it would be far cleaner to implement only the 802.1x packet
> capturing/sending as a netgraph node, do some sanity checks and then
> pa
well it went to -net :-)
On Fri, 9 Nov 2001, Landon Stewart wrote:
> It might be better to post your entire situation to the list so that not
> only one person can have an opportunity to help you out. Generally you
> catch more people that way I think.
>
> >Does anyone else have secureID fo
It might be better to post your entire situation to the list so that not
only one person can have an opportunity to help you out. Generally
you catch more people that way I think.
Does anyone else have secureID fobs
running in FreeBSD based systems?
(if so I'd like to chat)
>
> -- Brooks
---
La
On Fri, 9 Nov 2001, Brooks Davis wrote:
> On Fri, Nov 09, 2001 at 10:40:28PM +0100, Andre Oppermann wrote:
> > It could also better interact with other userland services like login
> > or PAM. Think with logging in, it will authenticate you to the
> > (physical) network and the (ethernet) switc
On Fri, Nov 09, 2001 at 10:40:28PM +0100, Andre Oppermann wrote:
> It could also better interact with other userland services like login
> or PAM. Think with logging in, it will authenticate you to the
> (physical) network and the (ethernet) switch will put you into the
> right VLAN for example. O
Pekka Nikander wrote:
> Hi,
>
> My IEEE 802.1x EAPOL implementation is now minimally
> functional and tested. It doesn't include any EAP modules,
> but the EAPOL state machines seem to work fine.
>
> I'd appreciate if someone with more experience with netgraph
Hi,
Just in case somebody is interested to help, I am implementing IEEE
802.1x standard for FreeBSD as a netgraph module. For those that
don't happen to know, 802.1x (aka EAPOL) is an Ethernet level protocol
for authenticating users very much in the same way PPP authentication
is perf
52 matches
Mail list logo
