unsubscribe

Adrian Patten wireless
Mon Jul 5 15:19:06 PDT 2004


unsubscribe

-----Original Message-----
From: hostap-bounces+wireless=octa4.net.au at shmoo.com
[mailto:hostap-bounces+wireless=octa4.net.au at shmoo.com]On Behalf Of
hostap-request at shmoo.com
Sent: Tuesday, 6 July 2004 3:30 AM
To: hostap at shmoo.com
Subject: HostAP Digest, Vol 15, Issue 8


Send HostAP mailing list submissions to
	hostap at shmoo.com

To subscribe or unsubscribe via the World Wide Web, visit
	http://lists.shmoo.com/mailman/listinfo/hostap
or, via email, send a message with subject or body 'help' to
	hostap-request at shmoo.com

You can reach the person managing the list at
	hostap-owner at shmoo.com

When replying, please edit your Subject line so it is more specific
than "Re: Contents of HostAP digest..."


Today's Topics:

   1. RE: Help with EAP-TTLS/EAP-MD5 & PEAP/MSCHAPv2
      (Ivan Sanchez Valencia)
   2. Re: Help with EAP-TTLS/EAP-MD5 & PEAP/MSCHAPv2 (Jouni Malinen)


----------------------------------------------------------------------

Message: 1
Date: Mon, 5 Jul 2004 18:14:33 +0200
From: "Ivan Sanchez Valencia" <isanchez at piltrafa.dhis.org>
Subject: RE: Help with EAP-TTLS/EAP-MD5 & PEAP/MSCHAPv2
To: "HostAP" <hostap at shmoo.com>
Message-ID: <20040705160920.M43260 at piltrafa.dhis.org>
Content-Type: text/plain;	charset=iso-8859-1


Yes... I've got a misstake in users file because of it wasn't working.

Now I got:
...
Mon Jul  5 18:10:06 2004 : Info: rlm_eap_mschapv2: Issuing Challenge
Mon Jul  5 18:10:07 2004 : Auth: Login OK: [user/<no User-Password
attribute>] (from client localhost port 0)
Mon Jul  5 18:10:07 2004 : Auth: Login OK: [anonimo/<no User-Password
attribute>] (from client machine.domain.com port 1
cli XX-XX-XX-XX-XX-XX)
...

and with md5:
...
Mon Jul  5 18:13:09 2004 : Info: rlm_eap_md5: Issuing Challenge
Mon Jul  5 18:13:09 2004 : Auth: Login OK: [user/<no User-Password
attribute>] (from client localhost port 0)
Mon Jul  5 18:13:09 2004 : Auth: Login OK: [anonimo/<no User-Password
attribute>] (from client machine.domain.com port 1
cli XX-XX-XX-XX-XX-XX)
...

My question now is if "[user/<no User-Password attribute>]" is a normal
message... this "<no User-Password attribute>" :-/

Thanks to all!!!

Ivan.


On Mon, 5 Jul 2004 16:22:39 +0200, Hoogervorst, J.W. wrote
> Hello,
>
> I have a working EAP/TTLS connection, and have this in
> wpa_supplicant.conf:
>
> network={
> 	ssid="xxxxx"
> 	scan_ssid=1
> 	key_mgmt=IEEE8021X
> 	eap=TTLS
> 	anonymous_identity="anonymous at uva.nl"
> 	phase2="auth=PAP"
> 	identity="user-identity at uva.nl"
> 	password="user-password"
> 	ca_cert="/etc/1x/certs/root.pem"
> }
>
> Hope this helps.
>
> Regards,
> Jeroen Hoogervorst
> ----------------------------------------------------------------------
> J.W. Hoogervorst
> Informatiseringscentrum UvA
> Mail      : Herengracht 182
>             1016 BR Amsterdam
> Deliveries: Raadhuisstraat 36-38
>             1016 DG Amsterdam
> E-Mail    : J.W.Hoogervorst at uva.nl
> Phone     : +31-20-525 4878
> ----------------------------------------------------------------------


--

               "I didn't know it was impossible when I did it."

        ---------------------------------------------------------------
         Ivan Sanchez Valencia
         Email: isanchez at piltrafa.dhis.org
         PGP public key: http://www.piltrafa.dhis.org/pubkey.asc
        ---------------------------------------------------------------


------------------------------

Message: 2
Date: Mon, 5 Jul 2004 10:12:56 -0700
From: Jouni Malinen <jkmaline at cc.hut.fi>
Subject: Re: Help with EAP-TTLS/EAP-MD5 & PEAP/MSCHAPv2
To: hostap at shmoo.com
Message-ID: <20040705171256.GA7360 at jm.kir.nu>
Content-Type: text/plain; charset=us-ascii

On Mon, Jul 05, 2004 at 12:12:22PM +0200, Ivan Sanchez Valencia wrote:

> I'm trying to configure PEAP/MSCHAPv2 too, and I got the same results:
> ...
> Mon Jul  5 12:08:23 2004 : Info: rlm_eap_mschapv2: Issuing Challenge
> Mon Jul  5 12:08:23 2004 : Auth: Login incorrect: [user/<no User-Password
attribute>] (from client localhost port 0)

Based on your another email, I'm now assuming that after fixing
something in the users file, you got it working. Is this correct? If
not, you will need to give more detailed information about the
FreeRADIUS configuration and run it with debugging enabled (radiusd -X
-A). Anyway, this sounds like an issue with the RADIUS server not with
wpa_supplicant or hostapd..

> I'm doing something wrong and I don't know what. Or freeRADIUS don't catch
the User-Password or wpa_supplicant doesn't
> send it...

That RADIUS attribute (User-Password) is not used in EAP authentication.
FreeRADIUS uses it internally to get the password for the EAP methods
that need one. Anyway, wpa_supplicant is a IEEE 802.1X Supplicant and it
does not send RADIUS messages in the first place..

--
Jouni Malinen                                            PGP id EFC895FA

------------------------------

_______________________________________________
HostAP mailing list
HostAP at shmoo.com
http://lists.shmoo.com/mailman/listinfo/hostap


End of HostAP Digest, Vol 15, Issue 8
*************************************





More information about the Hostap mailing list