I've got a cisco 1200 AP using LEAP with WEP/TKIP which is basically the same thing as wpa I think
Its just the pre standard version of it that cisco has been using for years -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ian Pritchard Sent: Thursday, October 02, 2003 4:23 PM To: [EMAIL PROTECTED] Subject: RE: WPA w/ EAP-TLS against 0.8.1 Hi Guy (and others who replied to the original thread), I've read the responses to this and to the TLS/TTLS thread... tried to find somewhere in the Funk client where I might be able to control some kind of reauthentication interval (there's a setting on the AP), but no luck there unfortunately. Anyway, it still doesn't answer the question... has anyone managed to get a "WPA-capable" AP (not just one which says it does 802.1x) running in a WPA+RADIUS setting with TKIP, authenticating against FreeRADIUS? We certainly haven't (can't get it to run with AES either), and we're not really sure why.... Given that WPA is "the 802.11 security protocol suite of the future", I guess it might be quite important.... regardless of which EAP flavour is used... ;-) Thanks, Ian >From: Guy Davies <[EMAIL PROTECTED]> >Reply-To: [EMAIL PROTECTED] >To: "'[EMAIL PROTECTED]'" ><[EMAIL PROTECTED]> >Subject: RE: WPA w/ EAP-TLS against 0.8.1 >Date: Fri, 26 Sep 2003 14:37:52 +0100 > > >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >Artur is right. This was a problem previously seen by one AP vendor >with whom I talk, which affected both Microsoft's IAS and Funk's Steel >Belted RADIUS servers. The session-timeout returned by default by >those was very low and caused repeated authentication which >dramatically reduced the perceived throughput. I found that explicitly >setting the session-timeout value for MAC authenticated users >dramatically improved things. It is possible that such an explicit >session-timeout is required for users authenticating using TLS? > >As Artur said, nothing to do with the supplicant (those bring their own >problems ;-). Apologies for the confusion. > >Regards, > >Guy > _________________________________________________________________ The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
