could anybody tell me if this scenario works with RouteOS:
AP: (RouterOS v3.0beta10 also tested v2.9.44)-----ethernet------Freeradius Server (gets Access Request and send Access Accepts, in configured for EAP-LEAP)
|
|
|
|
wlan
|
|
|
non RouterOS Client (madwifi card driver + wpa_supplicant)
The Clients connects, but get after 10-20 sec. disconnected with ths is failure "00:....:9D@wlan1: disconnected, 802.1x athentication timeout". Also the 802.1x Port Enabled field in the AP-Client info is not set. Is it possible to enable it by hand.
Bride-Config:
Bridge-Port-Config:0 R name="bridge1" mtu=1500 arp=proxy-arp mac-address=00:50:22:B0:F8:C1 protocol-mode=none
priority=0x8000 auto-mac=yes admin-mac=00:00:00:00:00:00 max-message-age=20s
forward-delay=15s transmit-hold-count=6 ageing-time=5m
Wlan Interface Config:# INTERFACE BRIDGE PRIORITY PATH-COST
0 ether1 bridge1 0x80 10
1 wlan1 bridge1 0x80 10
Security Profile:lags: X - disabled, R - running
0 name="wlan1" mtu=1500 mac-address=00:90:4B:DC:07:E0 arp=enabled disable-running-check=no
interface-type=Atheros AR5213 radio-name="00904BDC07E0" mode=ap-bridge ssid="Kundennetz"
area="" frequency-mode=manual-txpower country=no_country_set antenna-gain=0 frequency=2412
band=2.4ghz-b scan-list=default rate-set=default
supported-rates-b=1Mbps,2Mbps,5.5Mbps,11Mbps
supported-rates-a/g=6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps
basic-rates-b=1Mbps basic-rates-a/g=6Mbps max-station-count=2007 ack-timeout=dynamic
tx-power-mode=default noise-floor-threshold=default periodic-calibration=default
periodic-calibration-interval=60 burst-time=disabled dfs-mode=none antenna-mode=ant-a
wds-mode=disabled wds-default-bridge=none wds-default-cost=100 wds-cost-range=50-150
wds-ignore-ssid=no update-stats-interval=disabled default-authentication=yes
default-forwarding=yes default-ap-tx-limit=0 default-client-tx-limit=0
proprietary-extensions=post-2.9.25 wmm-support=disabled hide-ssid=no
security-profile=WPA2 EAP disconnect-timeout=3s on-fail-retry-time=100ms
preamble-mode=both compression=no allow-sharedkey=no
station-bridge-clone-mac=00:00:00:00:00:00 hw-retries=15 frame-lifetime=0
On Client:2 name="WPA2 EAP" mode=dynamic-keys authentication-types=wpa2-eap unicast-ciphers=aes-ccm
group-ciphers=aes-ccm wpa-pre-shared-key="" wpa2-pre-shared-key="" supplicant-identity=""
eap-methods=passthrough tls-mode=no-certificates tls-certificate=none static-algo-0=none
static-key-0="" static-algo-1=none static-key-1="" static-algo-2=none static-key-2=""
static-algo-3=none static-key-3="" static-transmit-key=key-0 static-sta-private-algo=none
static-sta-private-key="" radius-mac-authentication=no radius-mac-accounting=no
radius-eap-accounting=no interim-update=0s radius-mac-format=XX:XX:XX:XX:XX:XX
radius-mac-mode=as-username radius-mac-caching=disabled group-key-update=5m
wpa_supplicant.conf:
ap_scan=2
fast_reauth=1
eapol_version=1
ctrl_interface_group=0
ctrl_interface=/var/run/wpa_supplicant
network={
ssid="Kundennetz"
scan_ssid=1
key_mgmt=WPA-EAP
eap=LEAP
auth_alg=LEAP
proto=WPA RSN
pairwise=CCMP TKIP
group=CCMP TKIP
identity="karl"
password="karl"
}
thanks + best regards
laslo