From: Jouni Malinen (jkmaline_at_cc.hut.fi)
Date: 2002-07-15 06:19:45 UTC
On Sun, Jul 14, 2002 at 03:37:36PM -0500, J Yunke wrote:
> In fact, even turning on 'open' mode renders the station useless, which I
> thought meant that clients could connect even if they didn't have WEP
> turned on.
Actually, it does not mean that.. Open mode (vs. the default restricted) accepts incoming frames with no encryption, but it still encrypts outgoing frames. I don't see much use for this mode.
> Station 1
> Key #4 (default) is 1561-B874-AA, written to flash.
>
> AP
> Non-working Situations (stations keep asking to authenticate, but can't)
> iwconfig wlan0 key 1561-b874-aa open
> iwconfig wlan0 key 1561-b874-aa restricted
So, you are using key #4 in the station, but key #1 in the AP? That won't work since station encrypts using key #4 and AP drops these since it does not have a matching key #4 (and same for AP->STA with key #1).
If your station is used shared key authentication, first two auth frames are sent unencrypted (and you will get an entry to AP's log). Station will then encrypt 3rd frame, but AP cannot decrypt it with this configuration. The frame is silently dropped and the station will retry authentication. If you would use open authentication, the station should be able to authenticate and associate, but data frames from AP to STA would be dropped.
-- Jouni Malinen PGP id EFC895FA