Menu
▾
▴
Re: [Open1x-xsupplicant] LEAP
|
From: Nick P. <npe...@cs...> - 2003-07-23 17:39:56
|
I don't have time to write much now, but I will mention that I have specifically looked at implementing LEAP and started an implementation and I believe it requires firmware/card support in a true LEAP deployment. There are 802.11 messages that have proprietary formats (specifically, there is a cisco-specific autentication type that is not shared or open in the management frames). I believe they have a hybrid LEAP/EAP mode where open authentication is allowed, but I was tasked to achieve this very goal in an enterprise environment and we determined a pure LEAP deployement would require firmware support. Basically, I think that adding LEAP support is possible, but it would only work with LEAP-enabled equipment and that equipment is generally distributed with a free client anyway (the cisco cards certain are). It would not work with general-purpose "802.1x enabled" equipment in a pure LEAP environment. One other point I will mention is that some cards (e.g. PRISM-based) have a mode whereby the driver can control the management frames. It would be a lot of work, but I believe it theoretically possible to implement a "host-client" mode where the driver handles the management frames and includes LEAP support. Also, I am not completley sure what limits the firmware puts on management frames. nick Nick L. Petroni, Jr. Graduate Student, Computer Science Maryland Information Systems Security Lab University of Maryland http://www.cs.umd.edu/~npetroni On Wed, 23 Jul 2003, Chris Hessing wrote: > There is a "free" LEAP client for Linux, but it only works if you have a > Cisco card. (Cisco has embedded LEAP in their card firmware.) > > I have a desire to take a stab at implementing LEAP. There are opensource > server products out there, and I don't believe they have had any problems > with Cisco. So, based on that, I wouldn't mind putting it in. The > problem I have is that LEAP is a strange animal with it's form of > authentication. As a result, you have to have an Access Point that > specifically supports LEAP. (Which pretty much limits you to Cisco APs. > I had a Cisco rep tell me the other day that the LinkSys (which is owned > by Cisco now) APs can also do LEAP.) > > If someone else on the list has an interest in doing this implementation, > and has access to the needed hardware, I would be happy to help them out. > (Or, if someone wants to send me some hardware, I'll do it. ;) > > ---------- > Chris "Spanky" Hessing Networking > University of Utah > Chr...@ut... Marriott Library > > Friends are people that know everything about you, but love you anyway. > > > > > > On Wed, 23 Jul 2003, Matthew Eaton wrote: > > > Is LEAP out of the scope of this project or is it planned? My .edu uses > > it for their campus wireless access and I haven't seen any free Linux > > supplicants (commercial = mtghouse) that support it. > > > > Thanks, > > Matthew > > > > > > > > > > ------------------------------------------------------- > > This SF.Net email sponsored by: Free pre-built ASP.NET sites including > > Data Reports, E-commerce, Portals, and Forums are available now. > > Download today and enter to win an XBOX or Visual Studio .NET. > > http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 > > _______________________________________________ > > Open1x-xsupplicant mailing list > > Ope...@li... > > https://lists.sourceforge.net/lists/listinfo/open1x-xsupplicant > > > > > > ------------------------------------------------------- > This SF.Net email sponsored by: Free pre-built ASP.NET sites including > Data Reports, E-commerce, Portals, and Forums are available now. > Download today and enter to win an XBOX or Visual Studio .NET. > http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 > _______________________________________________ > Open1x-xsupplicant mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/open1x-xsupplicant > |
