help !something about hostap-xsupplicant-freeradius!!
tan keen
keentan_coldfire
Tue Mar 25 19:44:19 PST 2003
hi,
i just do it all follow
1)HOWTO on EAP/TLS authentication between freeRadius and xsupplicant(http://www.missl.cs.umd.edu/wireless/eaptls/) ,
2) README_prism2.htm
to build a wlan using 802.1x . (two pc running linux RedHat 7.2 ; AP and FreeRadius are in one pc)
i finish those work sugesting in the above two document and i have changed the ATTR_FRAMED_MTU value in ieee802_1x.c file to 1500 from 2304., but i can not be authoried by AP successfully.
where is my error come from ? Can anyone told me? thank you!!
========================
######xsupplicant -i wlan0
i got this : failed to verify cert error : Certificate has expired
================================
######./hostapd -dd -x -o 192.168.2.155 -a 192.168.2.155 -s whatever wlan0
i got :EEE 802.1X: 4 bytes from 00:40:05:af:05:2e
IEEE 802.1X: version=1 type=1 length=0
EAPOL-Start
IEEE 802.1X: 00:40:05:af:05:2e AUTH_PAE entering state CONNECTING
IEEE 802.1X: Sending EAP Request-Identity to 00:40:05:af:05:2e (identifier 1)
IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE
Received 49 bytes management frame
DATA
IEEE 802.1X: 17 bytes from 00:40:05:af:05:2e
IEEE 802.1X: version=1 type=0 length=13
EAP: code=2 identifier=1 length=13 (response)
EAP Response-Identity
IEEE 802.1X: 00:40:05:af:05:2e AUTH_PAE entering state AUTHENTICATING
IEEE 802.1X: 00:40:05:af:05:2e BE_AUTH entering state RESPONSE
Encapsulating EAP message into a RADIUS packet
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=0 length=154
Attribute 1 (User-Name) length=10
Value: 'adam-ctl'
Attribute 4 (NAS-IP-Address) length=6
Value: 192.168.2.155
Attribute 5 (NAS-Port) length=6
Value: 1
Attribute 30 (Called-Station-Id) length=24
Value: '00-40-05-AF-05-14:test'
Attribute 31 (Calling-Station-Id) length=19
Value: '00-40-05-AF-05-2E'
Attribute 12 (Framed-MTU) length=6
Value: 1500
Attribute 61 (NAS-Port-Type) length=6
Value: 19
Attribute 77 (Connect-Info) length=24
Value: 'CONNECT 11Mbps 802.11b'
Attribute 79 (EAP-Message) length=15
Attribute 80 (Message-Authenticator) length=18
IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE
Received 84 bytes from authentication server
Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=0 length=84
Attribute 79 (EAP-Message) length=8
Attribute 80 (Message-Authenticator) length=18
Attribute 24 (State) length=38
RADIUS packet matching with station 00:40:05:af:05:2e
IEEE 802.1X: 00:40:05:af:05:2e BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:40:05:af:05:2e (identifier 2)
IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE
Received 98 bytes management frame
DATA
IEEE 802.1X: 66 bytes from 00:40:05:af:05:2e
IEEE 802.1X: version=1 type=0 length=62
EAP: code=2 identifier=2 length=62 (response)
EAP Response-TLS
IEEE 802.1X: 00:40:05:af:05:2e BE_AUTH entering state RESPONSE
Encapsulating EAP message into a RADIUS packet
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=1 length=241
Attribute 1 (User-Name) length=10
Value: 'adam-ctl'
Attribute 4 (NAS-IP-Address) length=6
Value: 192.168.2.155
Attribute 5 (NAS-Port) length=6
Value: 1
Attribute 30 (Called-Station-Id) length=24
Value: '00-40-05-AF-05-14:test'
Attribute 31 (Calling-Station-Id) length=19
Value: '00-40-05-AF-05-2E'
Attribute 12 (Framed-MTU) length=6
Value: 1500
Attribute 61 (NAS-Port-Type) length=6
Value: 19
Attribute 77 (Connect-Info) length=24
Value: 'CONNECT 11Mbps 802.11b'
Attribute 79 (EAP-Message) length=64
Attribute 24 (State) length=38
Attribute 80 (Message-Authenticator) length=18
IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE
Received 1120 bytes from authentication server
Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=1 length=1120
Attribute 79 (EAP-Message) length=255
Attribute 79 (EAP-Message) length=255
Attribute 79 (EAP-Message) length=255
Attribute 79 (EAP-Message) length=255
Attribute 79 (EAP-Message) length=24
Attribute 80 (Message-Authenticator) length=18
Attribute 24 (State) length=38
RADIUS packet matching with station 00:40:05:af:05:2e
IEEE 802.1X: 00:40:05:af:05:2e BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:40:05:af:05:2e (identifier 3)
IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE
Received 42 bytes management frame
DATA
IEEE 802.1X: 10 bytes from 00:40:05:af:05:2e
IEEE 802.1X: version=1 type=0 length=6
EAP: code=2 identifier=3 length=6 (response)
EAP Response-TLS
IEEE 802.1X: 00:40:05:af:05:2e BE_AUTH entering state RESPONSE
Encapsulating EAP message into a RADIUS packet
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=2 length=185
Attribute 1 (User-Name) length=10
Value: 'adam-ctl'
Attribute 4 (NAS-IP-Address) length=6
Value: 192.168.2.155
Attribute 5 (NAS-Port) length=6
Value: 1
Attribute 30 (Called-Station-Id) length=24
Value: '00-40-05-AF-05-14:test'
Attribute 31 (Calling-Station-Id) length=19
Value: '00-40-05-AF-05-2E'
Attribute 12 (Framed-MTU) length=6
Value: 1500
Attribute 61 (NAS-Port-Type) length=6
Value: 19
Attribute 77 (Connect-Info) length=24
Value: 'CONNECT 11Mbps 802.11b'
Attribute 79 (EAP-Message) length=8
Attribute 24 (State) length=38
Attribute 80 (Message-Authenticator) length=18
IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE
Received 60 bytes management frame
MGMT
mgmt::beacon
Received 1120 bytes from authentication server
Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=2 length=1120
Attribute 79 (EAP-Message) length=255
Attribute 79 (EAP-Message) length=255
Attribute 79 (EAP-Message) length=255
Attribute 79 (EAP-Message) length=255
Attribute 79 (EAP-Message) length=24
Attribute 80 (Message-Authenticator) length=18
Attribute 24 (State) length=38
RADIUS packet matching with station 00:40:05:af:05:2e
IEEE 802.1X: 00:40:05:af:05:2e BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:40:05:af:05:2e (identifier 4)
IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE
Received 42 bytes management frame
DATA
IEEE 802.1X: 10 bytes from 00:40:05:af:05:2e
IEEE 802.1X: version=1 type=0 length=6
EAP: code=2 identifier=4 length=6 (response)
EAP Response-TLS
IEEE 802.1X: 00:40:05:af:05:2e BE_AUTH entering state RESPONSE
Encapsulating EAP message into a RADIUS packet
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=3 length=185
Attribute 1 (User-Name) length=10
Value: 'adam-ctl'
Attribute 4 (NAS-IP-Address) length=6
Value: 192.168.2.155
Attribute 5 (NAS-Port) length=6
Value: 1
Attribute 30 (Called-Station-Id) length=24
Value: '00-40-05-AF-05-14:test'
Attribute 31 (Calling-Station-Id) length=19
Value: '00-40-05-AF-05-2E'
Attribute 12 (Framed-MTU) length=6
Value: 1500
Attribute 61 (NAS-Port-Type) length=6
Value: 19
Attribute 77 (Connect-Info) length=24
Value: 'CONNECT 11Mbps 802.11b'
Attribute 79 (EAP-Message) length=8
Attribute 24 (State) length=38
Attribute 80 (Message-Authenticator) length=18
IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE
Received 267 bytes from authentication server
Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=3 length=267
Attribute 79 (EAP-Message) length=191
Attribute 80 (Message-Authenticator) length=18
Attribute 24 (State) length=38
RADIUS packet matching with station 00:40:05:af:05:2e
IEEE 802.1X: 00:40:05:af:05:2e BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:40:05:af:05:2e (identifier 5)
IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE
Received 60 bytes management frame
MGMT
mgmt::beacon
Received 60 bytes management frame
MGMT
mgmt::beacon
Signal 2 received - terminating
Flushing old station entries
Deauthenticate all stations
=======================================
it seem ok ,but xsupplicant cant be authoried by AP!
what the problem ? i need your help!
---------------------------------
Do You Yahoo!?
"?????KTV, ????????OK~~"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20030326/c336a11a/attachment.htm
More information about the Hostap
mailing list