I tried to use my cisco aironet card to conect to a netgear router which is setup to enforce encryption. If I set up the card with neat it does not work. If I set it up using the acu utility from cisco it does work. Further investigation showed that the difference is the value of WEP in /proc/driver/aironet/eth1/Config In fact, if I configer the card with neat, start the interface and then say echo "WEP: shared" > /proc/driver/aironet/eth1/Config everything works fine. Not sure where this should be fixed; neat/initscripts/iwconfig? Here is my ifcfg-eth1 file: ------------------ DEVICE=eth1 USERCTL=no ONBOOT=no TYPE=Wireless DHCP_HOSTNAME=soliton BOOTPROTO=dhcp DOMAIN= ESSID=XXXXXX KEY=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX MODE=Managed #RATE=11Mb/s HWADDR= PEERDNS=no RATE= CHANNEL=
either iwconfig or the driver for this card...
The cisco provided driver does not support the wireless-tools ioctls, and therefore will not work out-of-the-box with wireless-tools/neat.
I am not using the cisco driver, I use the driver that comes with the redhat kernel! All I am saying is that the card will not work with ifup eth1 until I use echo "WEP: shared" > /proc/driver/aironet/eth1/Config (And I found this out using the client utility provided by cisco.)
I just found a better solution: Adding options airo auto_wep=1 seems to do the trick as well. Should this be done by neat?
Woops, sorry, I was confusing aironet drivers. There's airo/airo_cs in the kernel, mpi350 from Cisco, and airo_mpi from sourceforge, and some others... I guess it depends on whether that's exposed through the wireless-tools interface; perhaps it should be?
I am a bit confused by this whole thing. There seem to be three possibilities for WEP in airo.c: 1) AUTH_OPEN; // disable encryption 2) AUTH_SHAREDKEY; // Only Both 3) AUTH_ENCRYPT; // Only Wep and airo.c turns on AUTH_ENCRYPT, once an encryption key is set. The comments seem to indicate that using AUTH_ENCRYPT the connection should fail if the base station does not offer encryption, whereas AUTH_SHAREDKEY should work. However, my base station only accepts encrypted connections and my laptop can connect if and only if AUTH_SHAREDKEY is used. Moreover in line 4795 we have: switch(local->config.authType) { case AUTH_ENCRYPT: dwrq->flags = IW_ENCODE_OPEN; break; case AUTH_SHAREDKEY: dwrq->flags = IW_ENCODE_RESTRICTED; break; default: case AUTH_OPEN: dwrq->flags = IW_ENCODE_DISABLED; break; } and IMHO the two cases are just switched? --- airo.c.save 2003-08-25 13:44:42.000000000 +0200 +++ airo.c 2003-10-29 15:40:55.000000000 +0100 @@ -4781,10 +4781,10 @@ /* Check encryption mode */ switch(local->config.authType) { case AUTH_ENCRYPT: - dwrq->flags = IW_ENCODE_OPEN; + dwrq->flags = IW_ENCODE_RESTRICTED; break; case AUTH_SHAREDKEY: - dwrq->flags = IW_ENCODE_RESTRICTED; + dwrq->flags = IW_ENCODE_OPEN; break; default: case AUTH_OPEN:
still a problem with latest errata kernel ?
Fedora Core 2 has now reached end of life, and no further updates will be provided by Red Hat. The Fedora legacy project will be producing further kernel updates for security problems only. If this bug has not been fixed in the latest Fedora Core 2 update kernel, please try to reproduce it under Fedora Core 3, and reopen if necessary, changing the product version accordingly. Thank you.