# Getting WPA2 to work

## JC99

Greetings,

I have configured my Gentoo box as a wireless access point using madwifi-ng and hostapd but it is using WPA and not WPA2 encryption. Here is my hostapd.conf file...

```
interface=ath0

bridge=br0

driver=madwifi

logger_syslog=-1

logger_syslog_level=2

logger_stdout=-1

logger_stdout_level=1

debug=0

dump_file=/tmp/hostapd.dump

ctrl_interface=/var/run/hostapd

ctrl_interface_group=0

ssid=MyNetwork

macaddr_acl=0

accept_mac_file=/etc/hostapd/hostapd.accept

deny_mac_file=/etc/hostapd/hostapd.deny

auth_algs=1

wpa=1

wpa_passphrase=MyPassphase

wpa_key_mgmt=WPA-PSK

wpa_pairwise=TKIP CCMP
```

I have tried the following configurations with limited success...

```
auth_algs=1

wpa=2

```

```
auth_algs=2

wpa=2
```

```
auth_algs=2

wpa=3
```

```
auth_algs=3

wpa=3
```

What I mean by limited success is that in the "Wireless Network Connection" window in WinXP it shows my network as WPA2 but when I try to connect it doesn't connect.

My network card is a D-Link DWL-G520

Anyone know what to do?

----------

## rufnut

I just had a bit of success configuring the hostapd.conf file with:

```

##### WPA/IEEE 802.11i configuration ##########################################

# Enable WPA. Setting this variable configures the AP to require WPA (either

# WPA-PSK or WPA-RADIUS/EAP based on other configuration). For WPA-PSK, either

# wpa_psk or wpa_passphrase must be set and wpa_key_mgmt must include WPA-PSK.

# For WPA-RADIUS/EAP, ieee8021x must be set (but without dynamic WEP keys),

# RADIUS authentication server must be configured, and WPA-EAP must be included

# in wpa_key_mgmt.

# This field is a bit field that can be used to enable WPA (IEEE 802.11i/D3.0)

# and/or WPA2 (full IEEE 802.11i/RSN):

# bit0 = WPA

# bit1 = IEEE 802.11i/RSN (WPA2) (dot11RSNAEnabled)

wpa=10

```

Seemed to work in wpa2 but I need the device in managed mode  :Sad: 

Hope you are still around.

----------

## gsra99

I think I was having this problem. I solved it by using:

```
auth_algs=1

wpa=2 # for WPA2
```

and adding these 2 extra lines:

```
ieee8021x=0

eap_server=0
```

You can also use this for better encryption:

```
rsn_pairwise=CCMP

#wpa_pairwise=TKIP CCMP # comment this line out
```

----------

## ewaller

You might also check your kernel configuration to ensure you have AES encryption enabled.

----------

## solamour

 *ewaller wrote:*   

> You might also check your kernel configuration to ensure you have AES encryption enabled.

 

Are you referring to the following?

```
CONFIG_CRYPTO_AES=y

CONFIG_CRYPTO_AES_586=y
```

__

sol

----------

