RSN pre-authentication environment
superd
superd1230
Sat Nov 12 08:39:08 PST 2005
I use preauth_test to check
thanks.
========== hostapd.conf ====================
interface=ath0
driver=bsd
logger_syslog=-1
logger_syslog_level=0
logger_stdout=-1
logger_stdout_level=0
debug=3
dump_file=/home/hostapd/hostapd.dump
ctrl_interface=/var/run/hostapd
ctrl_interface_group=wheel
ssid=wmnet
macaddr_acl=0
auth_algs=1
ieee8021x=1
own_ip_addr=192.168.71.54 <-- 2 APs' IP are different
auth_server_addr=140.114.71.149
auth_server_port=1812
auth_server_shared_secret=SharedSecret99
wpa=2
wpa_key_mgmt=WPA-EAP
wpa_pairwise=CCMP TKIP
rsn_preauth=1
rsn_preauth_interfaces=rl0
========== hostapd start ===================
Configuration file: ./hostapd.conf
bsd_set_iface_flags: dev_up=0
bsd_get_ssid: ssid="wmnet"
Using interface ath0 with hwaddr 00:11:95:f4:cf:63 and ssid 'wmnet'
Nov 12 16:18:42.149529: ath0: RADIUS Authentication server 140.114.71.149:1812
bsd_set_ieee8021x: enabled=1
bsd_configure_wpa: group key cipher=TKIP (1)
bsd_configure_wpa: pairwise key ciphers=0xa
bsd_configure_wpa: key management algorithms=0x1
bsd_configure_wpa: rsn capabilities=0x1
bsd_configure_wpa: enable WPA= 0x2
bsd_set_iface_flags: dev_up=1
RSN pre-auth interface 'rl0'
bsd_set_privacy: enabled=1
WPA: group state machine entering state GTK_INIT
GMK - hexdump(len=32): f9 e6 99 00 4a 59 5e 2f 54 76 ec 62 f9 bd ce 9c
b9 a5 49 df ca 74 33 4f 00 4a 81 d2 b1 78 48 92
GTK - hexdump(len=32): 9e 0e 0e f2 40 2f 52 e3 80 04 85 bb 8b 5c ff 1c
bc 6b 14 65 fa 0d 0e 4a 6f 7f 68 45 ba 27 c0 a2
WPA: group state machine entering state SETKEYSDONE
bsd_set_key: alg=TKIP addr=00:00:00:00:00:00 key_idx=1
Flushing old station entries
bsd_sta_deauth: addr=ff:ff:ff:ff:ff:ff reason_code=3
Deauthenticate all stations
==== wpa_supplicant =========
> ./preauth_test wpa_supplicant.conf 00:11:95:f4:cf:63 fxp0
ctrl_interface='/var/run/wpa_supplicant'
ctrl_interface_group=0 (from group name 'wheel')
eapol_version=1
ap_scan=1
fast_reauth=1
Line: 10 - start of a new network block
ssid - hexdump_ascii(len=5):
77 6d 6e 65 74 wmnet
scan_ssid=1 (0x1)
mode=0 (0x0)
proto: 0x2
key_mgmt: 0x1
auth_alg: 0x1
eap methods - hexdump(len=2): 0d 00
identity - hexdump_ascii(len=5):
74 65 65 6d 75 teemu
ca_cert - hexdump_ascii(len=25):
2f 68 6f 6d 65 2f 77 70 61 2f 63 65 72 74 2f 63 /home/wpa/cert/c
61 63 65 72 74 2e 70 65 6d acert.pem
client_cert - hexdump_ascii(len=29):
2f 68 6f 6d 65 2f 77 70 61 2f 63 65 72 74 2f 63 /home/wpa/cert/c
6c 69 65 6e 74 63 65 72 74 2e 70 65 6d lientcert.pem
private_key - hexdump_ascii(len=29):
2f 68 6f 6d 65 2f 77 70 61 2f 63 65 72 74 2f 63 /home/wpa/cert/c
6c 69 65 6e 74 63 65 72 74 2e 70 65 6d lientcert.pem
private_key_passwd - hexdump_ascii(len=9):
70 77 34 63 6c 69 65 6e 74 pw4client
Priority group 0
id=0 ssid='wmnet'
RSN: starting pre-authentication with 00:11:95:f4:cf:63
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portValid=1
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_BE entering state IDLE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
EAPOL: startWhen --> 0
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: txStart
TX EAPOL (preauth) - hexdump(len=4): 01 01 00 00
EAPOL: startWhen --> 0
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: txStart
TX EAPOL (preauth) - hexdump(len=4): 01 01 00 00
EAPOL: startWhen --> 0
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: txStart
TX EAPOL (preauth) - hexdump(len=4): 01 01 00 00
EAPOL: startWhen --> 0
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: txStart
TX EAPOL (preauth) - hexdump(len=4): 01 01 00 00
EAPOL: startWhen --> 0
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: txStart
TX EAPOL (preauth) - hexdump(len=4): 01 01 00 00
EAPOL: startWhen --> 0
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: txStart
TX EAPOL (preauth) - hexdump(len=4): 01 01 00 00
EAPOL test timed out
===== server side I use tcpdump to check packet ========
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on rl0, link-type EN10MB (Ethernet), capture size 96 bytes
16:19:24.080983 00:0d:60:cb:f4:7f (oui Unknown) > 00:11:95:f4:cf:63
(oui Unknown), ethertype Unknown (0x88c7), length 60:
16:19:28.216489 00:0d:60:cb:f4:7f (oui Unknown) > 00:11:95:f4:cf:63
(oui Unknown), ethertype Unknown (0x88c7), length 60:
16:19:33.225924 00:0d:60:cb:f4:7f (oui Unknown) > 00:11:95:f4:cf:63
(oui Unknown), ethertype Unknown (0x88c7), length 60:
16:19:38.235353 00:0d:60:cb:f4:7f (oui Unknown) > 00:11:95:f4:cf:63
(oui Unknown), ethertype Unknown (0x88c7), length 60:
16:19:43.244796 00:0d:60:cb:f4:7f (oui Unknown) > 00:11:95:f4:cf:63
(oui Unknown), ethertype Unknown (0x88c7), length 60:
16:19:48.254229 00:0d:60:cb:f4:7f (oui Unknown) > 00:11:95:f4:cf:63
(oui Unknown), ethertype Unknown (0x88c7), length 60:
16:19:53.263677 00:0d:60:cb:f4:7f (oui Unknown) > 00:11:95:f4:cf:63
(oui Unknown), ethertype Unknown (0x88c7), length 60:
^[^[^[^C26057 packets captured
26407 packets received by filter
0 packets dropped by kernel
On 11/13/05, Jouni Malinen <jkmaline at cc.hut.fi> wrote:
> On Sun, Nov 13, 2005 at 12:11:01AM +0800, superd wrote:
> > I used hostapd 0.3.9, wpa_supplicant 0.3.9 under freebsd 6.0 to build
> > my pre-authentication environment, but wpa_supplicant always tell me
> > pre-authentication timed out.
> > do any people success building pre-authentication environment?
> > What OS, hostapd,and wpa_supplicant version do you use?
>
> I've tested pre-authentication successfully with 0.3.x and 0.4.x version
> and Linux and WinXP. Please give more details of your configuration and
> debug log from both wpa_supplicant and hostapd.
>
> --
> Jouni Malinen PGP id EFC895FA
> _______________________________________________
> HostAP mailing list
> HostAP at shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
>
More information about the Hostap
mailing list