Hi, I'm working at Axis Communication AB in Lund, Sweden, as Software Engineer with customer related cases. We have experienced problems during eap-tls authentications when many clients tries to use the same port in a Cisco environment where the switch has been configured with a multi-auth option. The problem occur when several clients sending authentication requests that are received by clients that already have started their authentication sequence. The received packets from the other clients cause the eapol state machine to enter the wrong state making the authentication fail. Please check the attachment for further details. We have used this patch for several years in many installations and have not seen any negative side effects. Please give us your opinion and advice how we should proceed to push a solution into wpa supplicant official codebase for future releases. Best Regards, Peter Dersén
Attachment:
0001-802.1X-multi-auth-fix.patch
Description: 0001-802.1X-multi-auth-fix.patch
_______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
