wpa_supplicant problem with EAP
daniel escartin EXCHANGE03_VirtYH04
escartid
Mon Feb 23 03:01:08 PST 2004
Hi all,
I'm trying to authenticate my wpa_supplicant in Linux Red Hat 9.0
and Kernel 2.4.20-8 join with xsupplicant againts one cisco-ap and RADIUS
server, in my case I tried to work with PreShared key and I was
successful, but now I'm trying with EAP authentication, I got work with
this,but know I get next error:
########################################################################
[root at test-radius root]# xsupplicant -i wlan0 -c /etc/xsupplicant.conf
Interface initalized!
Connection established, authenticating...
Authenticated!
Processing EAPoL-Key!
WPA EAPOL-Key - ignoring it
Processing EAPoL-Key!
WPA EAPOL-Key - ignoring it
Processing EAPoL-Key!
WPA EAPOL-Key - ignoring it
########################################################################
This is RADIUS log:
#####################################################################
rad_recv: Access-Request packet from host 192.168.1.60:1645, id=74,
length=161 User-Name = "cisco-wlan"
Framed-MTU = 1400
Called-Station-Id = "000d.2888.d602"
Calling-Station-Id = "0006.2530.7374"
Message-Authenticator = 0x208156361854c4cb3259dfe02670c699
EAP-Message = 0x020400060d00
NAS-Port-Type = Virtual
NAS-Port = 351
State =
0x675f6e273ae8c8a59cbf8244cc1bcd941ed939402be082ba836edc990f0824569609e621
NAS-IP-Address = 192.168.1.60
NAS-Identifier = "ciscoap"
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "chap" returns noop
rlm_eap: EAP packet type notification id 4 length 6
rlm_eap: EAP Start not found
modcall[authorize]: module "eap" returns updated
rlm_realm: No '@' in User-Name = "cisco-wlan", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop
users: Matched cisco-wlan at 99
modcall[authorize]: module "files" returns ok
modcall[authorize]: module "mschap" returns noop
modcall: group authorize returns updated
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: EAP packet type notification id 4 length 6
rlm_eap: EAP Start not found
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Authenticate
rlm_eap_tls: Received EAP-TLS ACK message
modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Sending Access-Challenge of id 74 to 192.168.1.60:1645
EAP-Message =
0x010501360d800000092c20666f722....
EAP-Message =
0x11300f0603550403130843616d616....
Message-Authenticator = 0x00000000000000000000000000000000
State =
0x135c9b5b2d4aaeee888d864ccfef779d1ed939406b5e8db832ec91503371b822da69b4c0
Finished request 10
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.1.60:1645, id=75,
length=1573
User-Name = "cisco-wlan"
Framed-MTU = 1400
Called-Station-Id = "000d.2888.d602"
Calling-Station-Id = "0006.2530.7374"
Message-Authenticator = 0x2b64f7bae478b9e24006f9ac1cac31f0
EAP-Message =
0x020505800dc0000008b816030107620b0...
EAP-Message =
0x064e796c616e64310d300b06035504071...
EAP-Message =
0x8a1090ca927fd82a2df606d3dee702030...
EAP-Message =
0x6e64310d300b060355040713044573626...
EAP-Message =
0x965dda6a7d00037530820371308202daa...
EAP-Message =
0x044573626f310f300d060355040a13064...
NAS-Port-Type = Virtual
NAS-Port = 351
State =
0x135c9b5b2d4aaeee888d864ccfef779d1ed939406b5e8db832ec91503371b822da69b4c0
NAS-IP-Address = 192.168.1.60
NAS-Identifier = "ciscoap"
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "chap" returns noop
rlm_eap: EAP packet type notification id 5 length 1408
rlm_eap: EAP Start not found
modcall[authorize]: module "eap" returns updated
rlm_realm: No '@' in User-Name = "cisco-wlan", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop
users: Matched cisco-wlan at 99
modcall[authorize]: module "files" returns ok
modcall[authorize]: module "mschap" returns noop
modcall: group authorize returns updated
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: EAP packet type notification id 5 length 1408
rlm_eap: EAP Start not found
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Authenticate
rlm_eap_tls: Received EAP-TLS First Fragment of the message
Total Length Included
modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Sending Access-Challenge of id 75 to 192.168.1.60:1645
EAP-Message = 0x010600060d00
Message-Authenticator = 0x00000000000000000000000000000000
State =
0x6c1eb4fb81d87220c7625db9c80c65441fd93940ae63f806d1689b4334d77dc182429ac4
####################################################################
These is the wpa_supplicant.conf
####################################################################
network={
ssid="cisco-wlan"
key_mgmt=WPA-EAP
pairwise=TKIP
}
##################################################################
And this is xsupplicant.conf
network_list = all
default_netname = cisco-wlan
cisco-wlan
{
type = wireless
allow_types = eap_tls
identity = <BEGIN_ID>cisco-wlan<END_ID>
eap-tls {
random_file = /dev/urandom
chunk_size = 1398
root_cert = /trusted-ca-list/ca-list.pem
cert = /certgen/pemcerts/User1cert.pem
key = /certgen/privatekeys/User1key.pem
key_pass = <BEGIN_PASS>User1<END_PASS>
}
}
######################################################
My wireless card is a Linksys WPC11 version 3 with wpa_support,
its really weird, because before it worked well but suddenly it
started with this error, Can anyone say me what is wrong here?
Thank you in advance, Regards Daniel.
More information about the Hostap
mailing list