[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-devel
Subject: EAP Testing - Newbie
From: Sergio NNX <sfhacker () hotmail ! com>
Date: 2011-10-16 15:49:10
Message-ID: BAY147-W494C26111D4FFBC5CA850ECCE70 () phx ! gbl
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Ciao all,
First of all, I'm new to this project so I may ask 'dumb' questions and I may be slow \
to understand. Be patient!
I'm in the process of testing FreeRADIUS 2.1.11, just basic/standard setup. I've been \
following the following user guide: \
http://deployingradius.com/documents/configuration/pap.html. Very useful, by the way.
PAP, MSCHAP and MSCHAPv2 work ok, but I'm unable to get any EAP tests to pass. I've \
tries almost everything, including: \
http://deployingradius.com/documents/configuration/eap-problems.html
I need some help!
Thanks in advance.
Sergio.
Test output
-------------
radtest -t eap-md5 ....... (it works ok)
(Client side)
Sending Access-Request packet to host 127.0.0.1 port 1812, id=229, length=0
User-Name = "testuser"
User-Password = "testpw"
NAS-IP-Address = 127.0.0.1
NAS-Port = 1812
EAP-Code = Response
EAP-Type-Identity = "testuser"
Message-Authenticator = 0x00
EAP-Message = 0x02e4000d017465737475736572
Received Access-Challenge packet from host 127.0.0.1 port 1812, id=229, length=97
Reply-Message = "Hello, testuser"
EAP-Message = 0x01e5001604103823185ef840cc37ad7436a904db9605
Message-Authenticator = 0xf5a2da42e33cfe56a80104afb9931946
State = 0x3dcf853c3d2a813191ce5fb05bf39134
EAP-Id = 229
EAP-Code = Request
EAP-Type-MD5 = 0x103823185ef840cc37ad7436a904db9605
Sending Access-Request packet to host 127.0.0.1 port 1812, id=230, length=93
User-Name = "testuser"
User-Password = "testpw"
NAS-IP-Address = 127.0.0.1
NAS-Port = 1812
EAP-Code = Response
Message-Authenticator = 0x00000000000000000000000000000000
EAP-Type-MD5 = 0x105a160cce9524d55843b32d1fcbaedb6b
EAP-Id = 229
State = 0x3dcf853c3d2a813191ce5fb05bf39134
EAP-Message = 0x02e5001604105a160cce9524d55843b32d1fcbaedb6b
Received Access-Accept packet from host 127.0.0.1 port 1812, id=230, length=71
Reply-Message = "Hello, testuser"
EAP-Message = 0x03e50004
Message-Authenticator = 0xa9e17bcb7d0b8e0ad062f9b3c5d0399c
User-Name = "testuser"
EAP-Id = 229
EAP-Code = Success
Total approved auths: 1
Total denied auths: 0
(Server side)
Ready to process requests.
# Executing section authorize from file ..\etc\raddb/radiusd.conf
+- entering group authorize {...}
[auth_log] ../var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d.log \
expands to ../var/log/radius/radacct/127.0.0.1/auth-detail-20111016.log ++[auth_log] \
returns ok [pap] WARNING! No "known good" password found for the user. \
Authentication may fail because of this. ++[pap] returns noop
++[mschap] returns noop
[files] users: Matched entry testuser at line 29
++[files] returns ok
[eap] EAP packet type response id 228 length 13
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
Found Auth-Type = EAP
# Executing group from file ..\etc\raddb/radiusd.conf
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type md5
++[eap] returns handled
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
# Executing section authorize from file ..\etc\raddb/radiusd.conf
+- entering group authorize {...}
[auth_log] ../var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d.log \
expands to ../var/log/radius/radacct/127.0.0.1/auth-detail-20111016.log ++[auth_log] \
returns ok [pap] WARNING! No "known good" password found for the user. \
Authentication may fail because of this. ++[pap] returns noop
++[mschap] returns noop
[files] users: Matched entry testuser at line 29
++[files] returns ok
[eap] EAP packet type response id 229 length 22
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
Found Auth-Type = EAP
# Executing group from file ..\etc\raddb/radiusd.conf
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/md5
[eap] processing type md5
[eap] Freeing handler
++[eap] returns ok
WARNING: Empty post-auth section. Using default return values.
Finished request 1.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 0 ID 229 with timestamp +14
Cleaning up request 1 ID 230 with timestamp +14
Ready to process requests.
--------- EAP-MD5 test ---------
http://deployingradius.com/scripts/eapol_test/
eapol_test.exe -c md5.conf -s testing123 ( it doesn't work!)
Output:
Reading configuration file 'md5.conf'
Line: 1 - start of a new network block
ssid - hexdump_ascii(len=7):
45 78 61 6d 70 6c 65 Example
eap methods - hexdump(len=16): 00 00 00 00 15 00 00 00 00 00 00 00 00 00 00 00
eapol_flags=0 (0x0)
key_mgmt: 0x1
identity - hexdump_ascii(len=8):
74 65 73 74 75 73 65 72 testuser
password - hexdump_ascii(len=6):
74 65 73 74 70 77 testpw
ca_cert - hexdump_ascii(len=40):
63 3a 2f 46 72 65 65 52 41 44 49 55 53 2f 65 74 c:/FreeRADIUS/et
63 2f 72 61 64 64 62 2f 63 65 72 74 73 2f 52 6f c/raddb/certs/Ro
6f 74 43 41 2e 70 65 6d otCA.pem
phase2 - hexdump_ascii(len=8):
61 75 74 68 3d 4d 44 35 auth=MD5
anonymous_identity - hexdump_ascii(len=9):
61 6e 6f 6e 79 6d 6f 75 73 anonymous
Priority group 0
id=0 ssid='Example'
Authentication server 127.0.0.1:1812
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portValid=0
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_BE entering state IDLE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
Sending fake EAP-Request-Identity
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_PAE entering state RESTART
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=0 method=1 vendor=0 vendorMethod=0
EAP: EAP entering state IDENTITY
CTRL-EVENT-EAP-STARTED EAP authentication started
EAP: EAP-Request Identity data - hexdump_ascii(len=0):
EAP: using anonymous identity - hexdump_ascii(len=9):
61 6e 6f 6e 79 6d 6f 75 73 anonymous
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=14)
TX EAP -> RADIUS - hexdump(len=14): 02 00 00 0e 01 61 6e 6f 6e 79 6d 6f 75 73
Encapsulating EAP message into a RADIUS packet
Learned identity from EAP-Response-Identity - hexdump(len=9): 61 6e 6f 6e 79 6d 6f 75 \
73 Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=0 length=126
Attribute 1 (User-Name) length=11
Value: 'anonymous'
Attribute 4 (NAS-IP-Address) length=6
Value: 127.0.0.1
Attribute 31 (Calling-Station-Id) length=19
Value: '02-00-00-00-00-01'
Attribute 12 (Framed-MTU) length=6
Value: 1400
Attribute 61 (NAS-Port-Type) length=6
Value: 19
Attribute 77 (Connect-Info) length=24
Value: 'CONNECT 11Mbps 802.11b'
Attribute 79 (EAP-Message) length=16
Value: 02 00 00 0e 01 61 6e 6f 6e 79 6d 6f 75 73
Attribute 80 (Message-Authenticator) length=18
Value: 8a 2a d9 3f 9a 16 02 d3 9e be 52 a3 cc a2 a0 b6
Next RADIUS client retransmit in 3 seconds
EAPOL: SUPP_BE entering state RECEIVE
Received 80 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=0 length=80
Attribute 79 (EAP-Message) length=24
Value: 01 01 00 16 04 10 2d 5a 5e ca fd 46 31 37 33 67 ef 5f ec 14 64 c3
Attribute 80 (Message-Authenticator) length=18
Value: 37 83 06 12 9c 7b 2d 98 9a e8 6b 81 79 03 ce 63
Attribute 24 (State) length=18
Value: cb 7a ce 96 cb 7b ca 0b 07 a3 2c 75 4a 0c c4 c6
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending request, round \
trip time 0.00 sec
RADIUS packet matching with station
decapsulated EAP packet (code=1 id=1 len=22) from RADIUS server: EAP-Request-MD5 (4)
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=1 method=4 vendor=0 vendorMethod=0
EAP: EAP entering state GET_METHOD
EAP: configuration does not allow: vendor 0 method 4
EAP: vendor 0 method 4 not allowed
CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=4 -> NAK
EAP: Building EAP-Nak (requested type 4 vendor=0 method=0 not allowed)
EAP: allowed methods - hexdump(len=1): 15
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=6)
TX EAP -> RADIUS - hexdump(len=6): 02 01 00 06 03 15
Encapsulating EAP message into a RADIUS packet
Copied RADIUS State Attribute
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=1 length=136
Attribute 1 (User-Name) length=11
Value: 'anonymous'
Attribute 4 (NAS-IP-Address) length=6
Value: 127.0.0.1
Attribute 31 (Calling-Station-Id) length=19
Value: '02-00-00-00-00-01'
Attribute 12 (Framed-MTU) length=6
Value: 1400
Attribute 61 (NAS-Port-Type) length=6
Value: 19
Attribute 77 (Connect-Info) length=24
Value: 'CONNECT 11Mbps 802.11b'
Attribute 79 (EAP-Message) length=8
Value: 02 01 00 06 03 15
Attribute 24 (State) length=18
Value: cb 7a ce 96 cb 7b ca 0b 07 a3 2c 75 4a 0c c4 c6
Attribute 80 (Message-Authenticator) length=18
Value: 6b 08 01 29 89 bc 34 13 49 53 aa 7a 8d 43 4d f4
Next RADIUS client retransmit in 3 seconds
EAPOL: SUPP_BE entering state RECEIVE
EAPOL: startWhen --> 0
STA 02:00:00:00:00:01: Resending RADIUS message (id=1)
Next RADIUS client retransmit in 6 seconds
STA 02:00:00:00:00:01: Resending RADIUS message (id=1)
Next RADIUS client retransmit in 12 seconds
STA 02:00:00:00:00:01: Resending RADIUS message (id=1)
Next RADIUS client retransmit in 24 seconds
EAPOL test timed out
EAPOL: EAP key not available
MPPE keys OK: 0 mismatch: 1
FAILURE
The server shows: rad_recv: Access-Request packet ....
then Sending Access-Challenge of id 0 to 127.0.0.1
then .... nothing at all!
[Attachment #5 (text/html)]
<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Tahoma
}
--></style>
</head>
<body class='hmmessage'><div dir='ltr'>
Ciao all,<br><br>First of all, I'm new to this project so I may ask 'dumb' questions \
and I may be slow to understand. Be patient!<br><br>I'm in the process of testing \
FreeRADIUS 2.1.11, just basic/standard setup. I've been following the following user \
guide: http://deployingradius.com/documents/configuration/pap.html. Very useful, by \
the way.<br><br>PAP, MSCHAP and MSCHAPv2 work ok, but I'm unable to get any EAP tests \
to pass. I've tries almost everything, including: \
http://deployingradius.com/documents/configuration/eap-problems.html<br><br><br>I \
need some help!<br><br>Thanks in advance.<br><br><br>Sergio.<br><br><br>Test \
output<br>-------------<br><br><br>radtest -t eap-md5 \
....... \
(it works ok)<br><br>(Client side)<br><br>Sending Access-Request packet to host \
127.0.0.1 port 1812, id=229, length=0<br> User-Name = \
"testuser"<br> User-Password = "testpw"<br> \
NAS-IP-Address = 127.0.0.1<br> NAS-Port = \
1812<br> EAP-Code = Response<br> \
EAP-Type-Identity = "testuser"<br> Message-Authenticator = \
0x00<br> EAP-Message = 0x02e4000d017465737475736572<br>Received \
Access-Challenge packet from host 127.0.0.1 port 1812, id=229, \
length=97<br> Reply-Message = "Hello, \
testuser"<br> EAP-Message = \
0x01e5001604103823185ef840cc37ad7436a904db9605<br> \
Message-Authenticator = 0xf5a2da42e33cfe56a80104afb9931946<br> \
State = 0x3dcf853c3d2a813191ce5fb05bf39134<br> EAP-Id = \
229<br> EAP-Code = Request<br> EAP-Type-MD5 = \
0x103823185ef840cc37ad7436a904db9605<br>Sending Access-Request packet to host \
127.0.0.1 port 1812, id=230, length=93<br> User-Name = \
"testuser"<br> User-Password = "testpw"<br> \
NAS-IP-Address = 127.0.0.1<br> NAS-Port = \
1812<br> EAP-Code = Response<br> \
Message-Authenticator = 0x00000000000000000000000000000000<br> \
EAP-Type-MD5 = 0x105a160cce9524d55843b32d1fcbaedb6b<br> EAP-Id = \
229<br> State = \
0x3dcf853c3d2a813191ce5fb05bf39134<br> EAP-Message = \
0x02e5001604105a160cce9524d55843b32d1fcbaedb6b<br>Received Access-Accept packet from \
host 127.0.0.1 port 1812, id=230, length=71<br> Reply-Message = \
"Hello, testuser"<br> EAP-Message = \
0x03e50004<br> Message-Authenticator = \
0xa9e17bcb7d0b8e0ad062f9b3c5d0399c<br> User-Name = \
"testuser"<br> EAP-Id = 229<br> EAP-Code = \
Success<br><br> Total approved auths: \
1<br> Total denied auths: \
0<br><br><br>(Server side)<br>Ready to process requests.<br># Executing section \
authorize from file ..\etc\raddb/radiusd.conf<br>+- entering group authorize \
{...}<br>[auth_log] ../var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d.log \
expands to ../var/log/radius/radacct/127.0.0.1/auth-detail-20111016.log<br>++[auth_log] \
returns ok<br>[pap] WARNING! No "known good" password found for the user. \
Authentication may fail because of this.<br>++[pap] returns noop<br>++[mschap] \
returns noop<br>[files] users: Matched entry testuser at line 29<br>++[files] returns \
ok<br>[eap] EAP packet type response id 228 length 13<br>[eap] No EAP Start, assuming \
it's an on-going EAP conversation<br>++[eap] returns updated<br>Found Auth-Type = \
EAP<br># Executing group from file ..\etc\raddb/radiusd.conf<br>+- entering group \
authenticate {...}<br>[eap] EAP Identity<br>[eap] processing type md5<br>++[eap] \
returns handled<br>Finished request 0.<br>Going to the next request<br>Waking up in \
4.9 seconds.<br># Executing section authorize from file \
..\etc\raddb/radiusd.conf<br>+- entering group authorize {...}<br>[auth_log] \
../var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d.log expands to \
../var/log/radius/radacct/127.0.0.1/auth-detail-20111016.log<br>++[auth_log] returns \
ok<br>[pap] WARNING! No "known good" password found for the user. \
Authentication may fail because of this.<br>++[pap] returns noop<br>++[mschap] \
returns noop<br>[files] users: Matched entry testuser at line 29<br>++[files] returns \
ok<br>[eap] EAP packet type response id 229 length 22<br>[eap] No EAP Start, assuming \
it's an on-going EAP conversation<br>++[eap] returns updated<br>Found Auth-Type = \
EAP<br># Executing group from file ..\etc\raddb/radiusd.conf<br>+- entering group \
authenticate {...}<br>[eap] Request found, released from the list<br>[eap] \
EAP/md5<br>[eap] processing type md5<br>[eap] Freeing handler<br>++[eap] returns \
ok<br> WARNING: Empty post-auth section. Using default return \
values.<br>Finished request 1.<br>Going to the next request<br>Waking up in 4.9 \
seconds.<br>Cleaning up request 0 ID 229 with timestamp +14<br>Cleaning up request 1 \
ID 230 with timestamp +14<br>Ready to process requests.<br><br><br>--------- EAP-MD5 \
test ---------<br><br>http://deployingradius.com/scripts/eapol_test/<br><br><br>eapol_test.exe \
-c md5.conf -s testing123 \
( it doesn't work!)<br><br><br>Output:<br><br>Reading configuration file \
'md5.conf'<br>Line: 1 - start of a new network block<br>ssid - \
hexdump_ascii(len=7):<br> 45 78 61 6d 70 6c \
65 \
\
Example <br>eap methods - \
hexdump(len=16): 00 00 00 00 15 00 00 00 00 00 00 00 00 00 00 00<br>eapol_flags=0 \
(0x0)<br>key_mgmt: 0x1<br>identity - \
hexdump_ascii(len=8):<br> 74 65 73 74 75 73 65 \
72 \
testuser <br>password - \
hexdump_ascii(len=6):<br> 74 65 73 74 70 \
77 \
\
testpw <br>ca_cert - \
hexdump_ascii(len=40):<br> 63 3a 2f 46 72 65 65 52 41 44 49 \
55 53 2f 65 74 c:/FreeRADIUS/et<br> 63 2f 72 61 \
64 64 62 2f 63 65 72 74 73 2f 52 6f \
c/raddb/certs/Ro<br> 6f 74 43 41 2e 70 65 \
6d \
otCA.pem <br>phase2 - \
hexdump_ascii(len=8):<br> 61 75 74 68 3d 4d 44 \
35 \
auth=MD5 <br>anonymous_identity - \
hexdump_ascii(len=9):<br> 61 6e 6f 6e 79 6d 6f 75 \
73 \
anonymous <br>Priority group 0<br> \
id=0 ssid='Example'<br>Authentication server 127.0.0.1:1812<br>EAPOL: SUPP_PAE \
entering state DISCONNECTED<br>EAPOL: KEY_RX entering state NO_KEY_RECEIVE<br>EAPOL: \
SUPP_BE entering state INITIALIZE<br>EAP: EAP entering state DISABLED<br>EAPOL: \
External notification - portValid=0<br>EAPOL: External notification - \
portEnabled=1<br>EAPOL: SUPP_PAE entering state CONNECTING<br>EAPOL: SUPP_BE entering \
state IDLE<br>EAP: EAP entering state INITIALIZE<br>EAP: EAP entering state \
IDLE<br>Sending fake EAP-Request-Identity<br>EAPOL: Received EAP-Packet \
frame<br>EAPOL: SUPP_PAE entering state RESTART<br>EAP: EAP entering state \
INITIALIZE<br>EAP: EAP entering state IDLE<br>EAPOL: SUPP_PAE entering state \
AUTHENTICATING<br>EAPOL: SUPP_BE entering state REQUEST<br>EAPOL: getSuppRsp<br>EAP: \
EAP entering state RECEIVED<br>EAP: Received EAP-Request id=0 method=1 vendor=0 \
vendorMethod=0<br>EAP: EAP entering state IDENTITY<br>CTRL-EVENT-EAP-STARTED EAP \
authentication started<br>EAP: EAP-Request Identity data - \
hexdump_ascii(len=0):<br>EAP: using anonymous identity - \
hexdump_ascii(len=9):<br> 61 6e 6f 6e 79 6d 6f 75 \
73 \
anonymous <br>EAP: EAP entering state \
SEND_RESPONSE<br>EAP: EAP entering state IDLE<br>EAPOL: SUPP_BE entering state \
RESPONSE<br>EAPOL: txSuppRsp<br>WPA: eapol_test_eapol_send(type=0 len=14)<br>TX EAP \
-> RADIUS - hexdump(len=14): 02 00 00 0e 01 61 6e 6f 6e 79 6d 6f 75 \
73<br>Encapsulating EAP message into a RADIUS packet<br>Learned identity from \
EAP-Response-Identity - hexdump(len=9): 61 6e 6f 6e 79 6d 6f 75 73<br>Sending RADIUS \
message to authentication server<br>RADIUS message: code=1 (Access-Request) \
identifier=0 length=126<br> Attribute 1 (User-Name) \
length=11<br> Value: 'anonymous'<br> \
Attribute 4 (NAS-IP-Address) length=6<br> Value: \
127.0.0.1<br> Attribute 31 (Calling-Station-Id) \
length=19<br> Value: \
'02-00-00-00-00-01'<br> Attribute 12 (Framed-MTU) \
length=6<br> Value: 1400<br> Attribute 61 \
(NAS-Port-Type) length=6<br> Value: 19<br> \
Attribute 77 (Connect-Info) length=24<br> Value: \
'CONNECT 11Mbps 802.11b'<br> Attribute 79 (EAP-Message) \
length=16<br> Value: 02 00 00 0e 01 61 6e 6f 6e 79 6d \
6f 75 73<br> Attribute 80 (Message-Authenticator) \
length=18<br> Value: 8a 2a d9 3f 9a 16 02 d3 9e be 52 \
a3 cc a2 a0 b6<br>Next RADIUS client retransmit in 3 seconds<br><br>EAPOL: SUPP_BE \
entering state RECEIVE<br>Received 80 bytes from RADIUS server<br>Received RADIUS \
message<br>RADIUS message: code=11 (Access-Challenge) identifier=0 \
length=80<br> Attribute 79 (EAP-Message) \
length=24<br> Value: 01 01 00 16 04 10 2d 5a 5e ca fd \
46 31 37 33 67 ef 5f ec 14 64 c3<br> Attribute 80 (Message-Authenticator) \
length=18<br> Value: 37 83 06 12 9c 7b 2d 98 9a e8 6b \
81 79 03 ce 63<br> Attribute 24 (State) \
length=18<br> Value: cb 7a ce 96 cb 7b ca 0b 07 a3 2c \
75 4a 0c c4 c6<br>STA 02:00:00:00:00:01: Received RADIUS packet matched with a \
pending request, round trip time 0.00 sec<br><br>RADIUS packet matching with \
station<br>decapsulated EAP packet (code=1 id=1 len=22) from RADIUS server: \
EAP-Request-MD5 (4)<br>EAPOL: Received EAP-Packet frame<br>EAPOL: SUPP_BE entering \
state REQUEST<br>EAPOL: getSuppRsp<br>EAP: EAP entering state RECEIVED<br>EAP: \
Received EAP-Request id=1 method=4 vendor=0 vendorMethod=0<br>EAP: EAP entering state \
GET_METHOD<br>EAP: configuration does not allow: vendor 0 method 4<br>EAP: vendor 0 \
method 4 not allowed<br>CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=4 -> \
NAK<br>EAP: Building EAP-Nak (requested type 4 vendor=0 method=0 not allowed)<br>EAP: \
allowed methods - hexdump(len=1): 15<br>EAP: EAP entering state SEND_RESPONSE<br>EAP: \
EAP entering state IDLE<br>EAPOL: SUPP_BE entering state RESPONSE<br>EAPOL: \
txSuppRsp<br>WPA: eapol_test_eapol_send(type=0 len=6)<br>TX EAP -> RADIUS - \
hexdump(len=6): 02 01 00 06 03 15<br>Encapsulating EAP message into a RADIUS \
packet<br> Copied RADIUS State Attribute<br>Sending RADIUS message to \
authentication server<br>RADIUS message: code=1 (Access-Request) identifier=1 \
length=136<br> Attribute 1 (User-Name) \
length=11<br> Value: 'anonymous'<br> \
Attribute 4 (NAS-IP-Address) length=6<br> Value: \
127.0.0.1<br> Attribute 31 (Calling-Station-Id) \
length=19<br> Value: \
'02-00-00-00-00-01'<br> Attribute 12 (Framed-MTU) \
length=6<br> Value: 1400<br> Attribute 61 \
(NAS-Port-Type) length=6<br> Value: 19<br> \
Attribute 77 (Connect-Info) length=24<br> Value: \
'CONNECT 11Mbps 802.11b'<br> Attribute 79 (EAP-Message) \
length=8<br> Value: 02 01 00 06 03 15<br> \
Attribute 24 (State) length=18<br> Value: cb 7a ce 96 \
cb 7b ca 0b 07 a3 2c 75 4a 0c c4 c6<br> Attribute 80 \
(Message-Authenticator) length=18<br> Value: 6b 08 01 \
29 89 bc 34 13 49 53 aa 7a 8d 43 4d f4<br>Next RADIUS client retransmit in 3 \
seconds<br><br>EAPOL: SUPP_BE entering state RECEIVE<br>EAPOL: startWhen --> \
0<br>STA 02:00:00:00:00:01: Resending RADIUS message (id=1)<br><br>Next RADIUS client \
retransmit in 6 seconds<br>STA 02:00:00:00:00:01: Resending RADIUS message \
(id=1)<br><br>Next RADIUS client retransmit in 12 seconds<br>STA 02:00:00:00:00:01: \
Resending RADIUS message (id=1)<br><br>Next RADIUS client retransmit in 24 \
seconds<br>EAPOL test timed out<br>EAPOL: EAP key not available<br>MPPE keys OK: \
0 mismatch: 1<br>FAILURE<br><br><br>The server shows: rad_recv: Access-Request \
packet ....<br><br>then \
Sending Access-Challenge of id 0 to 127.0.0.1<br><br>then .... nothing at \
all!<br><br><br> </div></body> </html>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic