Hostap configuration problems, is this a bug?

Russell Yount russell.yount at gmail.com
Wed Nov 25 02:35:35 UTC 2009 

I have been trying setup an access point using FreeBSD 8.0-RC3
using a configuration similar to one I have working on FreeBSD 7.2.

I have tried 8.0-RC3 with both 5004MP Atheros 4G/CM9 and
NL-5354MP+Aries2 mini-PCI radios on different Soekris boxes
with the same results.
My windows XP laptop fails to authenticate to 8.0-RC3 using
client side certificates. If I leave the access point open without
hostapd authentication the laptop can connect and communicate
over the link fine.

Attached is the hopefully useful configuration and debug
information of the laptop trying to authenticate.

Have I missed somthing that changed in 8.0 or is this a bug?

Any help would be appreciated.

------

In /etc/rc.conf

 wlans_ath0="wlan1"
 create_args_wlan1="wlanmode hostap"
 ifconfig_wlan1="ssid wireless1 mode 11a channel 60 up"
 cloned_interfaces="vlan1 vlan4 bridge1"
 ifconfig_sis0="up"
 ifconfig_vlan1="                 vlan 11 vlandev sis0"
 ifconfig_vlan4="192.168.4.100/24 vlan  4 vlandev sis0"
 ifconfig_bridge1="addm vlan1 -autoedge vlan1 -autoptp vlan1 \
      addm wlan1 edge wlan1 -autoedge wlan1 -autoptp wlan1 up"

------

In /etc/hostapd.conf

 interface=wlan1
 driver=bsd
 logger_syslog=-1
 logger_syslog_level=0
 logger_stdout=-1
 logger_stdout_level=2
 dump_file=/tmp/hostapd.dump
 ctrl_interface=/var/run/hostapd
 ctrl_interface_group=0
 ssid=wireless1
 hw_mode=a
 channel=60
 beacon_int=100
 dtim_period=2
 max_num_sta=255
 rts_threshold=2347
 fragm_threshold=2346
 macaddr_acl=0
 auth_algs=1
 ignore_broadcast_ssid=0
 wme_enabled=0
 ieee8021x=1
 eapol_version=2
 eapol_key_index_workaround=0
 own_ip_addr=192.168.4.100
 nas_identifier=s0-wireless1
 auth_server_addr=192.168.30.76
 auth_server_port=1822
 auth_server_shared_secret=XXXXX
 wpa=3
 wpa_key_mgmt=WPA-EAP
 wpa_pairwise=CCMP
 wpa_strict_rekey=0

------

>From /var/log/daemon

 18:16:28 s0 hostapd: wlan1: STA 0:1:2:3:4:5 IEEE 802.11: associated
 18:16:28 s0 hostapd: wlan1: STA 0:1:2:3:4:5 WPA: event 1 notification
 18:16:28 s0 hostapd: wlan1: STA 0:1:2:3:4:5 IEEE 802.1X: start
authentication
 18:16:28 s0 hostapd: wlan1: STA 0:1:2:3:4:5 WPA: start authentication
 18:16:28 s0 hostapd: wlan1: STA 0:1:2:3:4:5 IEEE 802.1X: unauthorizing port
 18:16:32 s0 hostapd: wlan1: STA 0:1:2:3:4:5 IEEE 802.1X: received
EAPOL-Start from STA
 18:16:32 s0 hostapd: wlan1: STA 0:1:2:3:4:5 WPA: event 5 notification
 18:17:22 s0 hostapd: wlan1: STA 0:1:2:3:4:5 IEEE 802.1X: received
EAPOL-Start from STA
 18:17:22 s0 hostapd: wlan1: STA 0:1:2:3:4:5 WPA: event 5 notification
 18:18:12 s0 hostapd: wlan1: STA 0:1:2:3:4:5 IEEE 802.1X: received
EAPOL-Start from STA
 18:18:12 s0 hostapd: wlan1: STA 0:1:2:3:4:5 WPA: event 5 notification
 18:19:02 s0 hostapd: wlan1: STA 0:1:2:3:4:5 IEEE 802.1X: received
EAPOL-Logoff from STA
 18:19:02 s0 hostapd: wlan1: STA 0:1:2:3:4:5 IEEE 802.1X: unauthorizing port
 18:19:59 s0 hostapd: wlan1: STA 0:1:2:3:4:5 IEEE 802.11: deassociated
 18:19:59 s0 hostapd: wlan1: STA 0:1:2:3:4:5 WPA: event 2 notification

------

>From /var/log/kern (during boot)

18:49:20 s0 kernel: wlan: mac acl policy registered
18:49:20 s0 kernel: ath0: <Atheros 5212> mem 0xa0000000-0xa000ffff irq 10 at
device 16.0 on pci0
18:49:20 s0 kernel: ath0: [ITHREAD]
18:49:20 s0 kernel: ath0: AR5212 mac 5.9 RF5112 phy 4.3
18:49:20 s0 kernel: wlan1: Ethernet address: 00:02:6f:02:02:02

>From /var/log/kern (wlandebug -i wlan1
+crypto+node+assoc+auth+state+wpa+acl+wme)

 18:16:28 s0 kernel: wlan1: ieee80211_ref_node
(ieee80211_send_proberesp:2391) 0xc1331000<00:02:6f:42:1c:c8> refcnt 5
 18:16:28 s0 kernel: wlan1: [0:1:2:3:4:5] recv auth frame with algorithm 0
seq 1
 18:16:28 s0 kernel: wlan1: ieee80211_alloc_node 0xc1345000<0:1:2:3:4:5> in
station table
 18:16:28 s0 kernel: wlan1: ieee80211_ref_node (ieee80211_send_mgmt:1876)
0xc1345000<0:1:2:3:4:5> refcnt 2
 18:16:28 s0 kernel: wlan1: [0:1:2:3:4:5] station authenticated (open)
 18:16:28 s0 kernel: wlan1: [0:1:2:3:4:5] recv deauth (reason 1)
 18:16:28 s0 kernel: wlan1: [0:1:2:3:4:5] station with aid 0 leaves
 18:16:28 s0 kernel: wlan1: node_reclaim: remove 0xc1345000<0:1:2:3:4:5>
from station table, refcnt 2
 18:16:28 s0 kernel: wlan1: ieee80211_ref_node
(ieee80211_send_proberesp:2391) 0xc1331000<00:02:6f:42:1c:c8> refcnt 6
 18:16:28 s0 kernel: wlan1: [0:1:2:3:4:5] recv auth frame with algorithm 0
seq 1
 18:16:28 s0 kernel: wlan1: ieee80211_alloc_node 0xc1348000<0:1:2:3:4:5> in
station table
 18:16:28 s0 kernel: wlan1: ieee80211_ref_node (ieee80211_send_mgmt:1876)
0xc1348000<0:1:2:3:4:5> refcnt 2
 18:16:28 s0 kernel: wlan1: [0:1:2:3:4:5] station authenticated (open)
 18:16:28 s0 kernel: wlan1: [0:1:2:3:4:5] RSN ie: mc 3/0 uc 3/0 key 1 caps
0x3c
 18:16:28 s0 kernel: wlan1: [0:1:2:3:4:5] station associated at aid 1: short
preamble, short slot time, QoS
 18:16:28 s0 kernel: wlan1: ieee80211_ref_node (ieee80211_send_mgmt:1876)
0xc1348000<0:1:2:3:4:5> refcnt 4
 18:16:28 s0 kernel: wlan1: [0:1:2:3:4:5] node join
 18:16:28 s0 kernel: wlan1: [0:1:2:3:4:5] station unauthorize via MLME
 18:19:02 s0 kernel: wlan1: [0:1:2:3:4:5] station unauthorize via MLME
 18:19:56 s0 kernel: wlan1: ieee80211_ref_node
(ieee80211_send_proberesp:2391) 0xc1331000<00:02:6f:42:1c:c8> refcnt 5
 18:19:56 s0 kernel: wlan1: ieee80211_ref_node
(ieee80211_send_proberesp:2391) 0xc1331000<00:02:6f:42:1c:c8> refcnt 6
 18:19:56 s0 kernel: wlan1: ieee80211_ref_node
(ieee80211_send_proberesp:2391) 0xc1331000<00:02:6f:42:1c:c8> refcnt 7
 18:19:59 s0 kernel: wlan1: [0:1:2:3:4:5] recv deauth (reason 1)
 18:19:59 s0 kernel: wlan1: [0:1:2:3:4:5] station with aid 1 leaves
 18:19:59 s0 kernel: wlan1: [0:1:2:3:4:5] node leave
 18:19:59 s0 kernel: wlan1: node_reclaim: remove 0xc1348000<0:1:2:3:4:5>
from station table, refcnt 1
------
]

More information about the freebsd-current mailing list