From: B Potter (gdead_at_novawireless.org)
Date: 2002-09-06 15:16:43 UTC
On Fri, 6 Sep 2002, Jouni Malinen wrote:
> On Sun, Sep 01, 2002 at 09:10:10PM +0300, Jouni Malinen wrote:
> > I used only Xsupplicant (from www.open1x.org) in testing. So if anyone
> > would be interested in testing hostapd with IEEE 802.1X and WinXP
> > Supplicant, I would be interested in hearing whether this works. Even
> > the minimal authentication server should provide useful information and
> > it should be trivial to setup.
> I have now implemented the needed EAPOL state machines for the .1X
> Authenticator in hostapd (few bugs were just fixed in CVS) and I did
> some testing with WinXP as the Supplicant and FreeRADIUS as the
> Authentication Server.
> EAP/MD5-Challenge seems to work fine both with FreeRADIUS and the
> minimal test auth. server included in hostapd. I was able to configure
> the user identification and password for FreeRADIUS and use the same
> info on WinXP Supplicant to get the port authorized.
> I'm not very familiar with WinXP certificate configuration and EAP/TLS
> seemed to miss something in the client side. I was able to add the
> trusted root certificate and a client certificate, but WinXP did not
> seem to find them when Supplicant needed certificates. Anyway, since the
> authenticator PAE and backend authentication state machines are now
> fully implemented, I would assume that also EAP/TLS would work with
> WinXP--assuming one were able to add suitable certificates for it.
> Jouni Malinen PGP id EFC895FA