OpenSolaris

1. Community: Laptop
   1. Discussions
   2. Contributors
   3. Observers
   4. Wireless Networking
      1. Solaris Wireless FAQ
      2. WiFi Devices List
      3. ipw driver
      4. iwi driver
      5. pcwl driver
      6. pcan driver
      7. rtw driver
      8. ath driver
      9. ral driver
      10. wpi driver
      11. cardbus driver
      12. malo driver
      13. iwk driver
      14. wificonfig
      15. wpa_supplicant
      16. zyd driver
      17. ural driver
      18. rum driver
      19. ndis wrapper
      20. urtw driver
      21. rwn driver
      22. atu driver
      23. arn driver
      24. rwd driver
   5. Suspend and Resume
   6. Intel Active Management Technology
   7. Downloads
   8. Blogs
   9. Leaders
   10. Inetmenu
   11. HAL Cpufreq
   12. Hotkey Display Device Switch
   13. Gnome Power Management
   14. Enhanced ACPI support
   15. frkit
   16. Power Management
   17. Completed Laptop CRs
   18. Announcements
   19. Solaris Laptop Hotkey Support

Wireless WPA/WPA2/IEEE802.1X supplicant

NOTE: WPA/Personal support has been integrated into OpenSolaris build 64, please refer wpad(1M), dladm(1M) for more details.

This tool is based on the Linux WPA/WPA2/IEEE 802.1X Supplicant project and Sun elected to provide it under the BSD license.

The wpa_supplicant is the IEEE 802.1X/WPA component that is used on wireless clients and implements key negotiation with WPA Authenticator, controls roaming and IEEE 802.11 authentication/association of the wlan driver. wpa_supplicant is a daemon that runs in the background and acts as backend component controlling wireless connections.

Supported WPA/IEEE 802.11i features:

• WPA-PSK ("WPA-Personal")
• WPA with EAP (e.g., with RADIUS authentication server) ("WPA-Enterprise")
• Key management for CCMP, TKIP, WEP104, WEP40
• WPA and full IEEE 802.11i/RSN/WPA2
• RSN: PMKSA caching, pre-authentication

Supported EAP methods (IEEE 802.1X Supplicant)

• EAP-TLS

Downloads

• wpa_supplicant v0.1 daemon package
• ath-0.5 driver package
• wificonfig-0.3 utility package

• wpa_supplicant source code
• ath-0.4 driver source code

Note that these binary packages only works before OpenSolaris build 64, after that, you should download source code, and build in lastest workspace.

Installation

Download pre-compiled wpa_supplicant package and install it

# wget http://www.opensolaris.org/os/community/laptop/downloads/wpa-0.1-pkg.tar.gz
# gzip -dc wpa-0.1-pkg.tar.gz | tar xvf -
# cd wpa-0.1; pkgadd -d . SUNWwupu

Download pre-compiled ath-0.4 driver package and install it

# wget http://www.opensolaris.org/os/community/laptop/downloads/ath-0.4-pkg.tar.gz
# gzip -dc ath-0.4-pkg.tar.gz | tar xvf -
# cd ath-0.4; pkgadd -d . SUNWatheros

Download pre-compiled wificonfig-0.3 utility package and install it

# wget http://www.opensolaris.org/os/community/laptop/downloads/wificonfig-0.3-pkg.tar.gz
# gzip -dc wificonfig-0.3-pkg.tar.gz | tar xvf -
# cd wificonfig-0.3; pkgadd -d . SUNwlanu

Note that Solaris Express already contains SUNWatheros (v0.1) and SUNWwlanu (0.1) packages, so you need to manually remove them first using pkgrm(1M).

Configuration

The wpa_supplicant daemon runs in the background, and wificonfig can be used to connect to access points with WPA similarly to how it is done for WEP.

Step 1. Start wpa_supplicant daemon:

# wpa_supplicant -i ath0

To see debugging information, wpa_supplicant can be started as a frontend program:

# wpa_supplicant -i ath0 -F -dd

Step 2. Use wificonfig to create new profile. Note that configuration parameters are case sensitive. For WPA-PSK mode:

# wificonfig createprofile home essid=dlink psk=whatever

Additional parameters can be specified (e.g., "proto=WPA key_mgmt=WPA-PSK pairwise=TKIP"), but they're not required.

For EAP-TLS mode:

# wificonfig createprofile office essid=linksys key_mgmt=WPA-EAP eap=TLS identity=user at sun dot com ca_cert=/etc/inet/WPA/cacert.pem client_cert=/etc/inet/WPA/client_cert.pem private_key=/etc/inet/WPA/client_key.pem private_key_passwd=whatever

Step 3. Connect to your profile.

# ifconfig ath0 plumb
# wificonfig -i ath0 connect home

You might want to check the status of the wireless link:

# wificonfig -i ath0 showstatus

Link status property should say "connected". If not, try using the -dd option for wpa_supplicant to get additional debugging information.

Step 4. Start DHCP client:

# ifconfig ath0 dhcp

Step 5. You can connect to another AP at any time using wificonfig:

# wificonfig -i ath0 disconnect
# wificonfig -i ath0 connect office

FAQ

1) I can connect to my access point successfully, but I can't get an IP address through DHCP.

Due to certain export control restrictions, stardard Solaris encryption kit only supports 128 bit RC4, so you might need to download and install new SUNWcry package.

2) wpa_supplicant fails to start with error message °ld.so.1: wpa_supplicant: fatal : libssl.so.0.9.7: open failed: No such file or directory".

Make sure that openssl 0.9.7 or higher is installed on your system. You can use the following command to determine your openssl version:

# /usr/sfw/bin/openssl version
OpenSSL 0.9.7d 17 Mar 2004

3) wpa_supplicant exits with "Failed to enable WPA in the driver error.

Make sure your wireless driver supports WPA. Currently, only Atheros driver v0.4 or higher version supports WPA. Other drivers with WPA support have not yet been released.

4) EAP-TLS doesn't work.

The EAP-TLS mode needs a Radius Server, such as Freeradius. Please contact your network administrator to make sure your Radius Server and your AP are configured correctly and you have a certificate for your machine.

5) Why doesn't CCMP encryption work?

The wpa_supplicant deamon supports both TKIP and CCMP, but Atheros wireless driver v0.4 does not yet support CCMP encryption.

Notes

This is work in progress. Please send your questions and comments to laptop dash discuss at opensolaris dot org mailing list.