OpenWrt Forum Archive

Topic: WPA TKIP working fine, WPA AES not associating?

The content of this topic has been archived on 30 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
Borromini
3 Aug 2007, 21:40

Ok guys, just put Kamikaze (7.07) on my router - a WL-500G Deluxe. It's cool and stuff - I like to fiddle around big_smile.

However, whereas White Russian worked just fine, Kamikaze does not seem to handle my wifi settings. I am using WPA AES (kind of a hybrid solution), which works fine on the stable branch (same for Oleg's firmware & the official Asus one).

This is the scan of my AP:

[root@hephaistos stijn]# iwlist intel scan
intel     Scan completed :
          Cell 01 - Address: xx:xx:xx:xx:xx:xx
                    ESSID:"BorrominiNet"
                    Protocol:IEEE 802.11bg
                    Mode:Master
                    Channel:1
                    Frequency:2.412 GHz (Channel 1)
                    Encryption key:on
                    Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 6 Mb/s; 9 Mb/s
                              11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s
                              48 Mb/s; 54 Mb/s
                    Quality=92/100  Signal level=-36 dBm  
                    IE: WPA Version 1
                        Group Cipher : TKIP
                        Pairwise Ciphers (1) : TKIP
                        Authentication Suites (1) : PSK
                    Extra: Last beacon: 146ms ago

This is my /etc/config/wireless:

root@OpenWrt:/etc/config# cat wireless 
config wifi-device  wl0
        option type     broadcom
        option channel  10
        option maxassoc '3'
        option distance '10'
        option disabled '0'
        option channel  1-13

        # REMOVE THIS LINE TO ENABLE WIFI:

config wifi-iface
        option device   wl0
        option network  lan
        option mode     ap
        option ssid     'BorrominiNet'
        option encryption       'psk'
        option hidden   '0'
        option key      "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
        option key1     'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'

As you can see it just specifies 'psk' - according to documentation WPA 1 - but I have found no clue as to how i get WPA 1 working with AES. First key line is ASCII, second line is the hex version.

This is the behaviour of wpa_supplicant with this config:

[root@hephaistos stijn]# wpa_supplicant -D wext -i intel -c /etc/wpa_supplicant.conf

It just hangs there... Have to do Ctrl+C to kill it.

When I switch from CCMP to TKIP in /etc/wpa_supplicant.conf, it authenticates just fine. However, I'd like to keep using the AES... Is this possible?

Thanks in advance smile.

Edit: I managed to find some more info on this one online.
Here is an IRC log, in which you can read the following:

[01:19] <nbd> btw. i'll drop support for non-standard configurations like wpa1 with aes or mixed wpa1+wpa2
[01:19] <nbd> stuff like that is asking for trouble, anyway

If this is true for Kamikaze, this is truly disappointing. I thought the nice stuff about projects like this is empower users to do what they want, and not what corporations want us to do? I mean... I can perfectly decide whether I want to 'brick' my router or not, it's my stuff after all. I've been running this setup for years now - and not a single problem.

Any light that can be shed on this is welcomed.

(Last edited by Borromini on 4 Aug 2007, 08:18)

Post #2
Borromini
5 Aug 2007, 16:36

Well, nevermind tongue.

I migrated my network to full WPA2 in the progress. And it runs okay smile.

The discussion might have continued from here.