authentication failure. what means EAP "packets were not identical"?

Jouni Malinen jkmaline
Fri Jun 3 18:15:21 PDT 2005

On Fri, Jun 03, 2005 at 08:46:07PM +0200, Tilman Schoop wrote:

> I have the problem that a client (wpa_supplicant 0.3.8, ndiswrapper)
> does not authenticate with an Cisco AP (secured with LEAP+TKIP).
> It tries ever and ever again with no result.

Please send full wpa_supplicant debug log if you want me to take a
closer look at this.

> I tried to analyse the wpa_supplicant's logs and have found the
> following sequence after the username/password for LEAP are sent and
> the answer is expected:
> EAP: EAP entering state RECEIVED
> EAP: Received EAP-Failure

Authentication server denied authentication for some reason. This debug
log excerpt does not include enough information to say why that

> EAP: AS used the same Id again, but EAP packets were not identical
> EAP: workaround - assume this is not a duplicate packet

These are from a EAP workaround that some authentication servers
require. In this case, this can safely be ignored.

> EAP: EAP entering state FAILURE
> EAPOL: SUPP_PAE entering state HELD

This is from processing of the failed EAP authenticationa.

> or is this just a warning that can be ignored and the real cause is a
> negative authentication response?


Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list