Encryption mode:open doesn't work?

From: Santiago Garcia Mantinan (hostap_at_manty.net)
Date: 2002-07-15 16:44:17 UTC


I'm new to this so sorry if I'm asking something silly, maybe I didn't understand this well :-?

I'm running an AP using hostap on a prism 2.5 card (conceptronic) and I'd like to have this in open mode, so I configured it with a key and told it to be in open mode, iwconfig confirms this:

Encryption key:XXXX-XXXX-XXXX-XXXX-XXXX-XXXX-XX Encryption mode:open

Also I have some clients using also the hostap driver and if I configure them to use the same key as the AP it works, but if I tell them to use no key at all they don't. When not working iwconfig confirms that they are not using any key:

Encryption key:off

Doing tcpdumps on both machines one can see what is going on, and seems to me like the outgoing packages of the AP to this unencrypted machine are going encrypted, as the receiving machine doesn't show them. Could this be it?

If so... are there any fixes available? maybe it is just that I'm doing something wrong, as I have tried from last released driver to latest cvs and they all behave this way.

This is the tcpdump on the managed machine:

11:03:58.321977 arp who-has tell
11:03:59.320564 arp who-has tell
11:04:00.320553 arp who-has tell

And this is the same on the AP:

11:03:48.992788 arp who-has tell
11:03:48.992831 arp reply is-at 0:50:c2:1:9b:99
11:03:48.993100 arp who-has tell
11:03:49.991415 arp who-has tell
11:03:49.991454 arp reply is-at 0:50:c2:1:9b:99
11:03:49.991726 arp who-has tell
11:03:50.991277 arp who-has tell
11:03:50.991316 arp reply is-at 0:50:c2:1:9b:99
11:03:50.991582 arp who-has tell

I was wondering why the double arp packages but I suppose that is ok as it only happens when the receving station doesn't understand the sending one, if they are working ok then there is only one arp request.

One thing I was wondering around all this, is there any way to differenciate the packages that came encrypted from those that didn't? This is looking to cutting some ports with iptables for the machines that are not encrypted and things like that.

Thanks in advance...

Manty/BestiaTester -> http://manty.net

This archive was generated by hypermail 2.1.4.