# HostAP WPA-EAP timeout



## Aeterno (Mar 18, 2011)

I'm trying to set up a WPA-EAP access-point on a soekris board running nanoBSD (built on FreeBSD 8.1 source), and ran into a rather puzzling issue. Authentication times out immediately after the client sends the EAPOL-START packet, without the access-point appearing to send any packets at all.

An open unsecured SSID or one secured with WPA2-PSK works just fine on the device as-is. WPA2-PSK authenticates normally and network connectivity is established perfectly. In other words, the hardware itself appears to function.

hostapd.conf

```
interface=wlan2
driver=bsd
logger_syslog=-1
logger_syslog_level=2
logger_stdout=-1
logger_stdout_level=2
ssid=Mode3_AP
channel=10
hw_mode=g
macaddr_acl=0
ignore_broadcast_ssid=0
wpa=1
wpa_key_mgmt=WPA-EAP
wpa_pairwise=TKIP CCMP

ieee8021x=1
eapol_version=2
eap_reauth_period=3600

own_ip_addr=127.0.0.1
nas_identifier=blaat
auth_server_addr=192.168.2.1
auth_server_port=1812
auth_server_shared_secret=somepassword
acct_server_addr=192.168.2.1
acct_server_port=1813
acct_server_shared_secret=somepassword
radius_acct_interim_interval=360
radius_retry_primary_interval=60
```

In an attempt to debug the problem I tried the above configuration on my laptop (which runs linux) while swapping only the driver, for obvious reasons. Clients managed to successfully authenticate in this setup.

 Unfortunately my laptop runs Hostapd version 0.6.10 whereas FreeBSD is running 0.6.8. Attempts to compile 0.6.10 on FreeBSD have been unsuccessful. But the lack of any errors with a near identical configuration leads me to believe the configuration itself is at least reasonable.

Hostapd debug output on pastebin

The above debug information is from attempting to associate and authenticate with my linux box. Attempting to authenticate with a windows 7 client has been found to produce identical results.

The client receives no incoming packets (at all), but hostap insists it is sending them. So do the rest of the networking systems:

[cmd=""]netstat -i[/cmd]

```
wlan2  1500 <Link#13>     00:0b:6b:36:11:50       10     0     0       12     0     0
```

shows 12 outgoing packets over the course of my authentication attempts. These packet numbers have been verified to increment when attempting to authenticate, so it obviously sent something at some point, but running wireshark reveals none of the expected packets ever make it to the client.

I'm hoping someone here has some insight into what may be causing this behavior.


----------

