Problem in arp
over flow
overster
Sun Nov 7 08:01:08 PST 2004
Hi,
Hi have a DLW-G650 (with atheros chip) card, Asus WL-500g (Ap) and
Freeradius 1.0.1.
Aparently all works, wpa_supplicant gets the wep keys from radius but
i can't ping nothing nor can i connect to some server. My laptop's arp
tables are clean also.
Thanks for any help
Overster
$ cat /etc/wpa_supplicant.conf
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
eapol_version=1
ap_scan=1
network={
ssid="MYSSID"
scan_ssid=1
key_mgmt=IEEE8021X
eap=PEAP
identity="GOBLIN\npf"
password="LAMEPASSHERE"
ca_cert="/etc/cert/cacert.pem"
# private_key="/etc/cert/client.key"
phase2="auth=MSCHAPV2"
}
Dmesg output:
PCI: Enabling device 02:00.0 (0000 -> 0002)
ath_hal: 0.9.12.14 (AR5210, AR5211, AR5212)
wlan: 0.8.4.4 (EXPERIMENTAL)
ath_rate_onoe: 1.0
ath_pci: 0.9.4.11 (EXPERIMENTAL)
ath0: 11b rates: 1Mbps 2Mbps 5.5Mbps 11Mbps
ath0: 11g rates: 1Mbps 2Mbps 5.5Mbps 11Mbps 6Mbps 9Mbps 12Mbps 18Mbps
24Mbps 36Mbps 48Mbps 54Mbps
ath0: mac 5.9 phy 4.3 radio 4.6
ath0: 802.11 address: 00:0f:3d:87:54:3f
ath0: Use hw queue 0 for WME_AC_BE traffic
ath0: Use hw queue 1 for WME_AC_BK traffic
ath0: Use hw queue 2 for WME_AC_VI traffic
ath0: Use hw queue 3 for WME_AC_VO traffic
ath0: Atheros 5212: mem=0x20800000, irq=3
startup script:
/usr/local/sbin/wpa_supplicant -w -d -c/etc/wpa_supplicant.conf
-iath0 -Dmadwifi
Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant.conf'
ctrl_interface='/var/run/wpa_supplicant'
ctrl_interface_group=0
eapol_version=1
ap_scan=1
Priority group 0
id=0 ssid='c4s4wir'
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
wpa_driver_madwifi_set_wpa: enabled=1
wpa_driver_madwifi_del_key: keyidx=0
wpa_driver_madwifi_del_key: keyidx=1
wpa_driver_madwifi_del_key: keyidx=2
wpa_driver_madwifi_del_key: keyidx=3
wpa_driver_madwifi_set_countermeasures: enabled=0
wpa_driver_madwifi_set_drop_unencrypted: enabled=1
Setting scan request: 0 sec 100000 usec
Starting AP scan (specific SSID)
Scan SSID - hexdump_ascii(len=7):
63 34 73 34 77 69 72 c4s4wir
RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
Wireless event: cmd=0x8b1a len=20
Wireless event: cmd=0x8b19 len=12
Received 202 bytes of scan results (1 BSSes)
Scan results: 1
Selecting BSS from priority group 0
0: 00:0e:a6:f0:4d:b5 ssid='c4s4wir' wpa_ie_len=0 rsn_ie_len=0
skip - no WPA/RSN IE
selected non-WPA AP 00:0e:a6:f0:4d:b5 ssid='c4s4wir'
Trying to associate with 00:0e:a6:f0:4d:b5 (SSID='c4s4wir' freq=2412 MHz)
Cancelling scan request
wpa_driver_madwifi_del_key: keyidx=0
wpa_driver_madwifi_del_key: keyidx=1
wpa_driver_madwifi_del_key: keyidx=2
wpa_driver_madwifi_del_key: keyidx=3
wpa_driver_madwifi_del_key: keyidx=0
wpa_driver_madwifi_set_drop_unencrypted: enabled=1
wpa_driver_madwifi_associate
Setting authentication timeout: 5 sec 0 usec
EAPOL: External notification - portControl=Auto
Wireless event: cmd=0x8b1a len=20
Wireless event: cmd=0x8b15 len=20
Wireless event: new AP: 00:0e:a6:f0:4d:b5
Association event - clear replay counter
Associated to a new BSS: BSSID=00:0e:a6:f0:4d:b5
wpa_driver_madwifi_del_key: keyidx=0
wpa_driver_madwifi_del_key: keyidx=1
wpa_driver_madwifi_del_key: keyidx=2
wpa_driver_madwifi_del_key: keyidx=3
wpa_driver_madwifi_del_key: keyidx=0
EAPOL: External notification - portValid=0
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: txStart
EAPOL: SUPP_BE entering state IDLE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
Setting authentication timeout: 10 sec 0 usec
RX EAPOL from 00:0e:a6:f0:4d:b5
Setting authentication timeout: 10 sec 0 usec
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_PAE entering state RESTART
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=1 id=0
EAP: EAP entering state IDENTITY
EAP: EAP-Request Identity data - hexdump_ascii(len=0):
EAP: using real identity - hexdump_ascii(len=10):
47 4f 42 4c 49 4e 5c 6e 70 66 GOBLIN\npf
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
EAPOL: SUPP_BE entering state RECEIVE
WPA: EAPOL frame too short, len 9, expecting at least 99
RX EAPOL from 00:0e:a6:f0:4d:b5
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=21 id=1
EAP: EAP entering state GET_METHOD
EAP: Building EAP-Nak (requested type 21 not allowed)
EAP: allowed methods - hexdump(len=1): 19
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
EAPOL: SUPP_BE entering state RECEIVE
WPA: EAPOL frame too short, len 10, expecting at least 99
RX EAPOL from 00:0e:a6:f0:4d:b5
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=25 id=2
EAP: EAP entering state GET_METHOD
EAP-PEAP: Phase2 type: MSCHAPV2
SSL: Trusted root certificate(s) loaded
EAP: EAP entering state METHOD
EAP-PEAP: Received packet(len=6) - Flags 0x20
EAP-PEAP: Start (server ver=0, own ver=1)
EAP-PEAP: Using PEAP version 0
SSL: (where=0x10 ret=0x1)
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:before/connect initialization
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 write client hello A
SSL: (where=0x1002 ret=0xffffffff)
SSL: SSL_connect:error in SSLv3 read server hello A
SSL: SSL_connect - want more data
SSL: 100 bytes left to be sent out (of total 100 bytes)
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
EAPOL: SUPP_BE entering state RECEIVE
WPA: EAPOL frame too short, len 10, expecting at least 99
RX EAPOL from 00:0e:a6:f0:4d:b5
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=25 id=3
EAP: EAP entering state METHOD
EAP-PEAP: Received packet(len=1034) - Flags 0xc0
EAP-PEAP: TLS Message Length: 1777
SSL: Need 753 bytes more input data
SSL: Building ACK
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
EAPOL: SUPP_BE entering state RECEIVE
IEEE 802.1X RX: version=1 type=0 length=1034
WPA: EAPOL frame (type 0) discarded, not a Key frame
RX EAPOL from 00:0e:a6:f0:4d:b5
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=25 id=4
EAP: EAP entering state METHOD
EAP-PEAP: Received packet(len=759) - Flags 0x00
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 read server hello A
SSL: eap_tls_verify_cb - preverify_ok=1 err=0 (ok) depth=1
buf='/C=CA/ST=Province/L=Some
City/O=Organization/OU=localhost/CN=Client
certificate/emailAddress=client at example.com'
SSL: eap_tls_verify_cb - preverify_ok=1 err=0 (ok) depth=0
buf='/C=CA/ST=Province/L=Some City/O=Organization/OU=localhost/CN=Root
certificate/emailAddress=root at example.com'
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 read server certificate A
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 read server done A
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 write client key exchange A
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 write change cipher spec A
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 write finished A
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 flush data
SSL: (where=0x1002 ret=0xffffffff)
SSL: SSL_connect:error in SSLv3 read finished A
SSL: SSL_connect - want more data
SSL: 198 bytes left to be sent out (of total 198 bytes)
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
EAPOL: SUPP_BE entering state RECEIVE
IEEE 802.1X RX: version=1 type=0 length=759
WPA: EAPOL frame (type 0) discarded, not a Key frame
RX EAPOL from 00:0e:a6:f0:4d:b5
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=25 id=5
EAP: EAP entering state METHOD
EAP-PEAP: Received packet(len=65) - Flags 0x00
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 read finished A
SSL: (where=0x20 ret=0x1)
SSL: (where=0x1002 ret=0x1)
SSL: No data to be sent out
EAP-PEAP: TLS done, proceed to Phase 2
EAP-PEAP: using label 'client EAP encryption' in key derivation
EAP-PEAP: Derived key - hexdump(len=64): cd eb 91 20 34 b5 6b bc 55 3b
e2 95 ab dd b6 3a dc 5c 2b ea 91 a3 d3 56 44 4d 36 7f 75 6d 3a 7d 30
e8 23 d3 2a 05 bd 01 c3 1f 17 3f dd 33 f1 61 b1 94 39 d8 3a ed 0c 50
31 0d 32 57 3b a6 59 24
SSL: Building ACK
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
EAPOL: SUPP_BE entering state RECEIVE
WPA: EAPOL frame too short, len 69, expecting at least 99
RX EAPOL from 00:0e:a6:f0:4d:b5
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=25 id=6
EAP: EAP entering state METHOD
EAP-PEAP: Received packet(len=80) - Flags 0x00
EAP-PEAP: received 74 bytes encrypted data for Phase 2
EAP-PEAP: Decrypted Phase 2 EAP - hexdump(len=5): 01 06 00 05 01
EAP-PEAP: received Phase 2: code=1 identifier=6 length=5
EAP-PEAP: Phase 2 Request: type=1
EAP: using real identity - hexdump_ascii(len=10):
47 4f 42 4c 49 4e 5c 6e 70 66 GOBLIN\npf
EAP-PEAP: Encrypting Phase 2 data - hexdump(len=15): 02 06 00 0f 01 47
4f 42 4c 49 4e 5c 6e 70 66
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
EAPOL: SUPP_BE entering state RECEIVE
WPA: EAPOL frame too short, len 84, expecting at least 99
RX EAPOL from 00:0e:a6:f0:4d:b5
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=25 id=7
EAP: EAP entering state METHOD
EAP-PEAP: Received packet(len=112) - Flags 0x00
EAP-PEAP: received 106 bytes encrypted data for Phase 2
EAP-PEAP: Decrypted Phase 2 EAP - hexdump(len=32): 1a 01 07 00 1f 10
db 30 10 1d 4f 4f 19 67 33 f1 78 a1 73 97 3f 15 47 4f 42 4c 49 4e 5c
6e 70 66
EAP-PEAP: received Phase 2: code=1 identifier=7 length=36
EAP-PEAP: Phase 2 Request: type=26
EAP-PEAP: Phase 2 EAP packet
EAP-MSCHAPV2: Received challenge
EAP-MSCHAPV2: Authentication Servername - hexdump_ascii(len=10):
47 4f 42 4c 49 4e 5c 6e 70 66 GOBLIN\npf
EAP-MSCHAPV2: Generating Challenge Response
EAP-MSCHAPV2: auth_challenge - hexdump(len=16): db 30 10 1d 4f 4f 19
67 33 f1 78 a1 73 97 3f 15
EAP-MSCHAPV2: peer_challenge - hexdump(len=16): 8e ca 57 e6 e8 38 c6
42 3c d7 d6 0a f3 48 d3 59
EAP-MSCHAPV2: username - hexdump_ascii(len=3):
6e 70 66 npf
EAP-MSCHAPV2: password - hexdump_ascii(len=8):
XX XX XX XX XX XX XX XX LAMEPASSHERE
EAP-MSCHAPV2: response - hexdump(len=24): 76 80 68 cf 8c df 03 4b d1
61 bc e2 e6 a2 ad 11 af 51 42 25 51 7d 86 61
EAP-PEAP: Encrypting Phase 2 data - hexdump(len=69): 02 07 00 45 1a 02
07 00 40 31 8e ca 57 e6 e8 38 c6 42 3c d7 d6 0a f3 48 d3 59 00 00 00
00 00 00 00 00 76 80 68 cf 8c df 03 4b d1 61 bc e2 e6 a2 ad 11 af 51
42 25 51 7d 86 61 00 47 4f 42 4c 49 4e 5c 6e 70 66
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
EAPOL: SUPP_BE entering state RECEIVE
IEEE 802.1X RX: version=1 type=0 length=112
WPA: EAPOL frame (type 0) discarded, not a Key frame
RX EAPOL from 00:0e:a6:f0:4d:b5
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=25 id=8
EAP: EAP entering state METHOD
EAP-PEAP: Received packet(len=128) - Flags 0x00
EAP-PEAP: received 122 bytes encrypted data for Phase 2
EAP-PEAP: Decrypted Phase 2 EAP - hexdump(len=47): 1a 03 07 00 2e 53
3d 32 39 30 36 44 45 42 31 44 30 41 38 43 32 36 30 45 32 33 42 35 34
43 43 42 44 38 32 43 39 34 43 30 33 34 37 33 34 43 38
EAP-PEAP: received Phase 2: code=1 identifier=8 length=51
EAP-PEAP: Phase 2 Request: type=26
EAP-PEAP: Phase 2 EAP packet
EAP-MSCHAPV2: Received success
EAP-MSCHAPV2: Success message - hexdump(len=0):
EAP-MSCHAPV2: Authentication succeeded
EAP-PEAP: Encrypting Phase 2 data - hexdump(len=6): 02 08 00 06 1a 03
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
EAPOL: SUPP_BE entering state RECEIVE
IEEE 802.1X RX: version=1 type=0 length=128
WPA: EAPOL frame (type 0) discarded, not a Key frame
RX EAPOL from 00:0e:a6:f0:4d:b5
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=25 id=9
EAP: EAP entering state METHOD
EAP-PEAP: Received packet(len=80) - Flags 0x00
EAP-PEAP: received 74 bytes encrypted data for Phase 2
EAP-PEAP: Decrypted Phase 2 EAP - hexdump(len=11): 01 09 00 0b 21 80
03 00 02 00 01
EAP-PEAP: received Phase 2: code=1 identifier=9 length=11
EAP-PEAP: Phase 2 Request: type=33
EAP-PEAP: Received TLVs - hexdump(len=6): 80 03 00 02 00 01
EAP-PEAP: Result TLV - hexdump(len=2): 00 01
EAP-PEAP: TLV Result - Success - EAP-PEAP/Phase2 Completed
EAP-PEAP: Encrypting Phase 2 data - hexdump(len=11): 02 09 00 0b 21 80
03 00 02 00 01
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
EAPOL: SUPP_BE entering state RECEIVE
WPA: EAPOL frame too short, len 84, expecting at least 99
RX EAPOL from 00:0e:a6:f0:4d:b5
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Success
EAP: EAP entering state SUCCESS
EAPOL: SUPP_BE entering state RECEIVE
EAPOL: SUPP_BE entering state SUCCESS
EAPOL: SUPP_BE entering state IDLE
WPA: EAPOL frame too short, len 8, expecting at least 99
RX EAPOL from 00:0e:a6:f0:4d:b5
EAPOL: Received EAPOL-Key frame
EAPOL: KEY_RX entering state KEY_RECEIVE
EAPOL: processKey
EAPOL: RX IEEE 802.1X ver=1 type=3 len=57 EAPOL-Key: type=1
key_length=13 key_index=0x1
EAPOL: EAPOL-Key key signature verified
EAPOL: Decrypted(RC4) key - hexdump(len=13): c3 a2 28 8b 42 61 43 c2
f8 e0 19 9d f1
EAPOL: Setting dynamic WEP key: broadcast keyidx 1 len 13
wpa_driver_madwifi_set_key: alg=WEP key_idx=1 set_tx=0 seq_len=0 key_len=13
WPA: EAPOL frame too short, len 61, expecting at least 99
RX EAPOL from 00:0e:a6:f0:4d:b5
EAPOL: Received EAPOL-Key frame
EAPOL: KEY_RX entering state KEY_RECEIVE
EAPOL: processKey
EAPOL: RX IEEE 802.1X ver=1 type=3 len=44 EAPOL-Key: type=1
key_length=13 key_index=0x83
EAPOL: EAPOL-Key key signature verified
EAPOL: using part of EAP keying material data encryption key -
hexdump(len=13): cd eb 91 20 34 b5 6b bc 55 3b e2 95 ab
EAPOL: Setting dynamic WEP key: unicast keyidx 3 len 13
wpa_driver_madwifi_set_key: alg=WEP key_idx=3 set_tx=128 seq_len=0 key_len=13
EAPOL: all required EAPOL-Key frames received
WPA: EAPOL processing complete
Cancelling authentication timeout
EAPOL: SUPP_PAE entering state AUTHENTICATED
WPA: EAPOL frame too short, len 48, expecting at least 99
$ iwconfig ath0
Warning: Driver for device ath0 has been compiled with version 16
of Wireless Extension, while this program is using version 15.
Some things may be broken...
ath0 IEEE 802.11g ESSID:"MYSSID"
Mode:Managed Frequency:2.412GHz Access Point: 00:0E:A6:F0:4D:B5
Bit Rate:36Mb/s Tx-Power:50 dBm Sensitivity=0/0
Retry:off RTS thr:off Fragment thr:off
Power Management:off
Link Quality:42/0 Signal level:-53 dBm Noise level:-95 dBm
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0
Radius log:
...
2004-11-07 16:00:28.244162500 modcall: group authenticate returns ok
for request 310
2004-11-07 16:00:28.245462500 Sending Access-Accept of id 1 to
192.168.1.253:2049
2004-11-07 16:00:28.245474500 MS-MPPE-Recv-Key =
0xcdeb912034b56bbc553be295abddb63adc5c2bea91a3d356444d367f756d3a7d
2004-11-07 16:00:28.245486500 MS-MPPE-Send-Key =
0x30e823d32a05bd01c31f173fdd33f161b19439d83aed0c50310d32573ba65924
2004-11-07 16:00:28.245497500 EAP-Message = 0x03090004
2004-11-07 16:00:28.245503500 Message-Authenticator =
0x00000000000000000000000000000000
2004-11-07 16:00:28.245513500 User-Name = "npf"
2004-11-07 16:00:28.245518500 Finished request 310
More information about the Hostap
mailing list