Project

General

Profile

Actions

Bug #3562

closed

Wireless Radius Setup Fails - partially due to empty config strings

Added by not george over 10 years ago. Updated about 10 years ago.

Status:
Resolved
Priority:
Normal
Category:
Wireless
Target version:
Start date:
04/01/2014
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.1
Affected Architecture:

Description

Been trying to get WPA2-Enterprise with freeradius auth setup with an onboard wireless interface. The settings were right, but the interface refused to switch out of OPEN mode. After digging through the wireless config it appears that the culprit is at least partially a result of empty secondary radius server data in the hostapd conf file generated by interface_wireless_configure in interfaces.inc.

If the Secondary 802.1X Auth Server IP Address or the Secondary 802.1X Auth Server Shared Secret are empty then the resulting config at /var/etc/hostapd_<iface>.conf includes those variables, but leaves them blank. This results in the call to hostapd with that config to silently fail with an " invalid IP address '' " and "empty shared secret is not allowed".

There's a simple enough workaround to just copy and paste the primary 802.1x auth server ip and key to at least have something in those fields when the config is automagically regenerated.

The real fix would be to modify the interfaces.inc script starting around line 2562 to only output the auth_server_port and auth_server_shared_secret if the corresponding values were actually set.

Making the changes got the interface to come up properly and presented a WPA2-Enterprise username / password field to wireless clients, but I still haven't successfully managed to get the clients to authenticate.

Actions

Also available in: Atom PDF