[prev in list] [next in list] [prev in thread] [next in thread]
List: hostap
Subject: Using wpa_supplicant for 802.1x wired network.
From: phil lemelin <phil.lemelin () gmail ! com>
Date: 2009-03-23 15:55:33
Message-ID: efe037fe0903230855ld917ec5n14c482409f5c52d1 () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Good morning mailing list users,
I am configuring my network to test different security approach and I'm
currently testing a dell switch with port based authentication ( 802.1x )
against a radius server. I have one question and one issue I would like
suggestions on.
First, the issue :
At the moment, I start wpa_supplicant and it correctly authenticate the my
box to the network. I restart the networking and I can access my network.
However, if I reboot the machine and start wpa_supplicant once I'm logged, I
cant authenticate unless I manually unplug and replug the network cable.
Now, I would like to know if it's a switch issue or an OS issue or a
wpa_supplicant issue. (See the wpa_supplicant -dd log after.) Mainly I see
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_PAE entering state HELD
EAPOL: SUPP_BE entering state IDLE
Finnaly, the question :
Now, i've setup wpa_supplicant, it mostly works, but i'm doing everything
manually, ie : start wpa_supplicant, get authenticated, restart the network,
get my ip. Do you have a suggestion on how to automate the process ? Can
wpa_supplicant restart the network and ask an IP ?
I hope someone can help me figure it out !
Thank you in advance.
############## Start of wpa_supplicant log ##################
[root@localhost phil]# wpa_supplicant -dd -w -Dwired -i eth0 -c
/etc/wpa_supplicant.conf
Initializing interface 'eth0' conf '/etc/wpa_supplicant.conf' driver 'wired'
ctrl_interface 'N/A' bridge 'N/A'
Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant.conf'
ctrl_interface='/var/run/wpa_supplicant'
eapol_version=1
ap_scan=0
fast_reauth=1
Line: 763 - start of a new network block
key_mgmt: 0x8
eap methods - hexdump(len=16): 00 00 00 00 04 00 00 00 00 00 00 00 00 00 00
00
identity - hexdump_ascii(len=3):
62 6f 62 bob
password - hexdump_ascii(len=5): [REMOVED]
eapol_flags=0 (0x0)
Priority group 0
id=0 ssid=''
Initializing interface (2) 'eth0'
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
wpa_driver_wired_init: Added multicast membership with packet socket
Own MAC address: 00:04:5f:87:c5:ba
RSN: flushing PMKID list in the driver
Setting scan request: 0 sec 100000 usec
Added interface eth0
EAPOL: External notification - portControl=Auto
Already associated with a configured network - generating associated event
Association info event
State: DISCONNECTED -> ASSOCIATED
Associated to a new BSS: BSSID=01:80:c2:00:00:03
No keys have been configured - skip key clearing
Network configuration found for the current AP
WPA: clearing AP WPA IE
WPA: clearing AP RSN IE
WPA: clearing own WPA/RSN IE
EAPOL: External notification - portControl=Auto
Associated with 01:80:c2:00:00:03
WPA: Association event - clear replay counter
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_BE entering state IDLE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
Cancelling scan request
EAPOL: startWhen --> 0
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: txStart
TX EAPOL: dst=01:80:c2:00:00:03
TX EAPOL - hexdump(len=4): 01 01 00 00
EAPOL: startWhen --> 0
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: txStart
TX EAPOL: dst=01:80:c2:00:00:03
TX EAPOL - hexdump(len=4): 01 01 00 00
EAPOL: idleWhile --> 0
EAP: EAP entering state FAILURE
CTRL-EVENT-EAP-FAILURE EAP authentication failed
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_PAE entering state HELD
EAPOL: SUPP_BE entering state IDLE
EAPOL: startWhen --> 0
EAPOL: heldWhile --> 0
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_PAE entering state HELD
EAPOL: SUPP_BE entering state IDLE
EAPOL: startWhen --> 0
EAPOL: heldWhile --> 0
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_PAE entering state HELD
EAPOL: SUPP_BE entering state IDLE
EAPOL: startWhen --> 0
--
Phil
[Attachment #5 (text/html)]
Good morning mailing list users, <br><br>I am configuring my network to test \
different security approach and I'm currently testing a dell switch with port \
based authentication ( 802.1x ) against a radius server. I have one question and one \
issue I would like suggestions on.<br> <br>First, the issue :<br><br>At the moment, I \
start wpa_supplicant and it correctly authenticate the my box to the network. I \
restart the networking and I can access my network. However, if I reboot the machine \
and start wpa_supplicant once I'm logged, I cant authenticate unless I manually \
unplug and replug the network cable. Now, I would like to know if it's a switch \
issue or an OS issue or a wpa_supplicant issue. (See the wpa_supplicant -dd log \
after.) Mainly I see <br>
EAPOL: SUPP_PAE entering state CONNECTING<br>
EAPOL: SUPP_PAE entering state AUTHENTICATING<br>
EAPOL: SUPP_BE entering state FAIL<br>
EAPOL: SUPP_PAE entering state HELD<br>
EAPOL: SUPP_BE entering state IDLE<br><br><br>Finnaly, the question :<br><br>Now, \
i've setup wpa_supplicant, it mostly works, but i'm doing everything \
manually, ie : start wpa_supplicant, get authenticated, restart the network, get my \
ip. Do you have a suggestion on how to automate the process ? Can wpa_supplicant \
restart the network and ask an IP ?<br clear="all"> <br>I hope someone can help me \
figure it out !<br><br>Thank you in advance.<br><br>############## Start of \
wpa_supplicant log ##################<br>[root@localhost phil]# wpa_supplicant -dd -w \
-Dwired -i eth0 -c /etc/wpa_supplicant.conf <br> Initializing interface \
'eth0' conf '/etc/wpa_supplicant.conf' driver 'wired' \
ctrl_interface 'N/A' bridge 'N/A'<br>Configuration file \
'/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'<br> \
Reading configuration file \
'/etc/wpa_supplicant.conf'<br>ctrl_interface='/var/run/wpa_supplicant'<br>eapol_version=1<br>ap_scan=0<br>fast_reauth=1<br>Line: \
763 - start of a new network block<br>key_mgmt: 0x8<br> eap methods - \
hexdump(len=16): 00 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00<br>identity - \
hexdump_ascii(len=3):<br> 62 6f 62 bob \
<br>password - hexdump_ascii(len=5): [REMOVED]<br> eapol_flags=0 (0x0)<br>Priority \
group 0<br> id=0 ssid=''<br>Initializing interface (2) \
'eth0'<br>EAPOL: SUPP_PAE entering state DISCONNECTED<br>EAPOL: KEY_RX \
entering state NO_KEY_RECEIVE<br>EAPOL: SUPP_BE entering state \
INITIALIZE<br>
EAP: EAP entering state DISABLED<br>EAPOL: External notification - \
portEnabled=0<br>EAPOL: External notification - portValid=0<br>wpa_driver_wired_init: \
Added multicast membership with packet socket<br>Own MAC address: \
00:04:5f:87:c5:ba<br>
RSN: flushing PMKID list in the driver<br>Setting scan request: 0 sec 100000 \
usec<br>Added interface eth0<br>EAPOL: External notification - \
portControl=Auto<br>Already associated with a configured network - generating \
associated event<br> Association info event<br>State: DISCONNECTED -> \
ASSOCIATED<br>Associated to a new BSS: BSSID=01:80:c2:00:00:03<br>No keys have been \
configured - skip key clearing<br>Network configuration found for the current \
AP<br>WPA: clearing AP WPA IE<br>
WPA: clearing AP RSN IE<br>WPA: clearing own WPA/RSN IE<br>EAPOL: External \
notification - portControl=Auto<br>Associated with 01:80:c2:00:00:03<br>WPA: \
Association event - clear replay counter<br>EAPOL: External notification - \
portEnabled=0<br>
EAPOL: External notification - portValid=0<br>EAPOL: External notification - \
portEnabled=1<br>EAPOL: SUPP_PAE entering state CONNECTING<br>EAPOL: SUPP_BE entering \
state IDLE<br>EAP: EAP entering state INITIALIZE<br>EAP: EAP entering state IDLE<br> \
Cancelling scan request<br>EAPOL: startWhen --> 0<br>EAPOL: SUPP_PAE entering \
state CONNECTING<br>EAPOL: txStart<br>TX EAPOL: dst=01:80:c2:00:00:03<br>TX EAPOL - \
hexdump(len=4): 01 01 00 00<br>EAPOL: startWhen --> 0<br>
EAPOL: SUPP_PAE entering state CONNECTING<br>EAPOL: txStart<br>TX EAPOL: \
dst=01:80:c2:00:00:03<br>TX EAPOL - hexdump(len=4): 01 01 00 00<br>EAPOL: idleWhile \
--> 0<br>EAP: EAP entering state FAILURE<br>CTRL-EVENT-EAP-FAILURE EAP \
authentication failed<br>
EAPOL: SUPP_PAE entering state AUTHENTICATING<br>EAPOL: SUPP_BE entering state \
FAIL<br>EAPOL: SUPP_PAE entering state HELD<br>EAPOL: SUPP_BE entering state \
IDLE<br>EAPOL: startWhen --> 0<br>EAPOL: heldWhile --> 0<br>
EAPOL: SUPP_PAE entering state CONNECTING<br>EAPOL: SUPP_PAE entering state \
AUTHENTICATING<br>EAPOL: SUPP_BE entering state FAIL<br>EAPOL: SUPP_PAE entering \
state HELD<br>EAPOL: SUPP_BE entering state IDLE<br>EAPOL: startWhen \
--> 0<br>
EAPOL: heldWhile --> 0<br>EAPOL: SUPP_PAE entering state CONNECTING<br>EAPOL: \
SUPP_PAE entering state AUTHENTICATING<br>EAPOL: SUPP_BE entering state \
FAIL<br>EAPOL: SUPP_PAE entering state HELD<br>EAPOL: SUPP_BE \
entering state IDLE<br>
EAPOL: startWhen --> 0<br><br><br><br>--<br>Phil<br>
_______________________________________________
HostAP mailing list
HostAP@lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/hostap
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic