aparcar
commented
7 years ago kraut:
Attached is a packet-trace on wlan1, which servces the wifi-interface for that ssid. It seems, that EAP packets got dropped.
Closed aparcar closed 6 years ago
aparcar
commented
7 years ago kraut:
Attached is a packet-trace on wlan1, which servces the wifi-interface for that ssid. It seems, that EAP packets got dropped.
aparcar
commented
7 years ago kraut:
If it helps, attached is a debug output of radius. From the packet capture i don't believe it's a radius issue, because there are eap packets missing.
aparcar
commented
7 years ago kraut:
Am i the only person with such problems? It's really unusable for me.
aparcar
commented
7 years ago yousong:
Just in case, what's the version of wpad, hostapd, wpa_supplicant you are using? The default wpad-mini package is very likely stripped off these remote auth features.
If the installed program version is okay, the following measures may help to further debug the issue if you are willing to compile your own firmware
kraut:
Device: TP-Link Archer C7 V2 LEDE: 17.01.0, r3205-59508e3
Sometimes it is impossible to connect to an AP. It just looks like that he pairwise key handshake fails. This is what i see in the log:
Feb 28 20:13:41 10.0.0.3 hostapd: wlan1: STA 00:13:ef:60:0a:3a IEEE 802.11: authenticated Feb 28 20:13:41 10.0.0.3 hostapd: wlan1: STA 00:13:ef:60:0a:3a IEEE 802.11: associated (aid 1) Feb 28 20:13:41 10.0.0.3 hostapd: wlan1: CTRL-EVENT-EAP-STARTED 00:13:ef:60:0a:3a Feb 28 20:13:41 10.0.0.3 hostapd: wlan1: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1My config for wpa2-eap is pretty simple:
config wifi-iface 'default_radio1' option device 'radio1' option mode 'ap' option ssid 'SSID' option encryption 'wpa2' option auth_server '10.0.0.1' option auth_port '1812' option auth_secret 'foobar' option nasid 'ap02g' option network 'lan' option wpa_group_rekey '2000'