From owner-freebsd-net@FreeBSD.ORG  Fri Jan 14 15:28:51 2011
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 244631065672
	for <freebsd-net@freebsd.org>; Fri, 14 Jan 2011 15:28:51 +0000 (UTC)
	(envelope-from freebsd@penx.com)
Received: from Elmer.dco.penx.com (elmer.dco.penx.com [174.46.214.114])
	by mx1.freebsd.org (Postfix) with ESMTP id F03BC8FC12
	for <freebsd-net@freebsd.org>; Fri, 14 Jan 2011 15:28:50 +0000 (UTC)
Received: from localhost (localhost [IPv6:::1])
	by Elmer.dco.penx.com (8.14.4/8.14.4) with ESMTP id p0EEeIIU046159
	for <freebsd-net@freebsd.org>; Fri, 14 Jan 2011 07:40:18 -0700 (MST)
	(envelope-from freebsd@penx.com)
Date: Fri, 14 Jan 2011 07:40:18 -0700 (MST)
From: Dennis Glatting <freebsd@penx.com>
X-X-Sender: dennisg@Elmer.dco.penx.com
To: freebsd-net@freebsd.org
Message-ID: <alpine.BSF.2.00.1101140738470.45957@Elmer.dco.penx.com>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Subject: Looking for hints re 802.1X wired (fwd)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Jan 2011 15:28:51 -0000


I forgot to mention an important data point. I see via WireShark the EAPOL 
from the supplicant to the server and the server requesting identity but 
the supplicant doesn't appear to see the request.


---------- Forwarded message ----------
Date: Fri, 14 Jan 2011 07:34:27 -0700 (MST)
From: Dennis Glatting <freebsd@penx.com>
To: freebsd-net@freebsd.org
Subject: Looking for hints re 802.1X wired


I am trouble with 802.1x wired and I am wondering whether there is some 
required characteristic of the Ethernet driver. AFAICT, I have my 
wap_supplicant running correctly and I do have wireless interfaces that work 
both AP and supplicant.


My Ethernet is:

Bart# dmesg|grep em0
em0: <Intel(R) PRO/1000 Network Connection 7.1.8> port 0x4000-0x401f mem 
0xfdbe0000-0xfdbfffff,0xfdb00000-0xfdb7ffff irq 16 at device 0.0 on pci11
em0: Using an MSI interrupt
em0: [FILTER]
em0: Ethernet address: 00:26:55:d8:47:b5

Bart# ifconfig em0
em0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500

options=19b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4>
         ether 00:26:55:d8:47:b5
         media: Ethernet autoselect (100baseTX <full-duplex>)
         status: active


The command I run is:

wpa_supplicant -ddd -iem0 -Dwired -c wpa.conf


My conf file has changed many times but its present content is:

Bart# cat wpa.conf

ctrl_interface=/var/run/wpa_eth1

ap_scan=no


network={

#       bssid=00:17:8b:05:39:8f

         key_mgmt=IEEE8021X
         eap=TLS
eapol_flags=0
#       pairwise=CCMP TKIP
#       group=CCMP TKIP
         identity="foo"

         ca_cert="/root/ml.test.06Jan2011/CAd.cert.cer"
         client_cert="/root/ml.test.06Jan2011/CAd.ml.cert.pem"
         private_key="/root/ml.test.06Jan2011/CAd.ml.priv.pem"
         private_key_passwd="frogger"
}