It appears that, at least according to this Cisco help page:
https://documentation.meraki.com/MR/Wi-Fi_Basics_and_Best_Practices/WPA3_Encryption_and_Configuration_Guide#WPA3_192-bit
that only WPA3-EAP 192-bit has this restriction and I could confirm it
from my own testing.
All the WPA3-EAP (including when not setting the WPA3-192-bit)options do
not work on my devices.
I tried on both my Android and iPhone and while I do get the
username/password prompt,
it claims I inputted the wrong password.
On 5/19/23 22:53, Alan DeKok wrote:
On May 19, 2023, at 11:29 AM, Robert Senger <robert.senger@xxxxxxxxxxxxxxxxxxxxx> wrote:
I just wonder why you say that WPA3-EAP only supports certificate based
authentication, which means eap=tls in my understanding. I found that
WPA3-EAP works well with username/password based authentication, e.g.
eap=ttls, the same way as WPA2-EAP does.
There is no way it supports "only" certificate-based authentication. That isn't how EAP works.
Any EAP method should work, so long as the method provides the encryption keys sent in RADIUS as MS-MPPE-*-Key.
Alan DeKok.
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
