EAP-FAST under Windows XP
jianping jiang
jpjiang
Tue Mar 21 17:45:30 PST 2006
I am trying to use EAP-FAST under Windows XP SP2. I am using WPA-Supplicant
5.2. So far no luck. I am wondering if anyone has made it work under
Windows. And here is my configuration and output messages. I have changed
several parameters back and forth, but still not working. I'll appreciate if
you can point out any mistake. Thanks!
config file as follow:
+++++++++++++++++++++++++
eapol_version=1
ap_scan=1
# EAP-FAST with WPA (WPA or WPA2)
network={
ssid="Voice"
key_mgmt=WPA-EAP
eap=FAST
pairwise=TKIP
anonymous_identity="anonymous"
identity="user"
password="password"
phase1="fast_provisioning=1"
# phase2="auth=MSCHAPV2"
pac_file="C:/wpa_supplicanteap-fast.pac"
#pac_file="blob://eap-fast-pac"
}
+++++++++++++++++++
Output :
C:\WPA-Supplicant\wpa_supplicant-windows-bin-0.5.2>.\wpa_supplicant.exe -i
ORiNO
CO -c EAP-FAST.conf -d
Initializing interface 'ORiNOCO' conf 'EAP-FAST.conf' driver 'default'
ctrl_inte
rface 'N/A' bridge 'N/A'
Reading configuration file 'EAP-FAST.conf'
eapol_version=2
ap_scan=1
Line 19: removed CCMP from group cipher list since it was not allowed for
pairwi
se cipher
Priority group 0
id=0 ssid='Voice'
Initializing interface (2) 'ORiNOCO'
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
NDIS: Packet.dll version: 3, 1, 0, 27
NDIS: 4 adapter names found
NDIS: 4 adapter descriptions found
NDIS: 0 - \Device\NPF_GenericDialupAdapter - Generic dialup adapter
NDIS: 1 - \Device\NPF_{3916E046-39B1-4861-8C57-BD59B4EAEA25} - ORiNOCO
802.11abg
ComboCard Gold (Microsoft's Packet Scheduler)
NDIS: 2 - \Device\NPF_{E81584C8-9FF2-4088-9561-C06D101E14B9} - Dell Wireless
145
0 Dual Band WLAN Mini-PCI Card (Microsoft's Packet Scheduler)
NDIS: 3 - \Device\NPF_{47450170-B5B3-4E94-96C0-84459019AB71} - Broadcom
NetXtrem
e Gigabit Ethernet Driver (Microsoft's Packet Scheduler)
NDIS: Matched interface '\Device\NPF_{3916E046-39B1-4861-8C57-BD59B4EAEA25}'
bas
ed on description 'ORiNOCO 802.11abg ComboCard Gold (Microsoft's Packet
Schedule
r) '
NDIS: Adapter description prefix 'ORiNOCO 802.11abg ComboCard Gold'
ndis_get_oid: oid=0xd010122 len (512) failed
NDIS: verifying driver WPA capability
NDIS: WPA key management supported
NDIS: WPA-PSK key management supported
NDIS: CCMP encryption supported
NDIS: TKIP encryption supported
NDIS: driver supports WPA
NDIS: driver capabilities: key_mgmt 0x5 enc 0xc auth 0x3
Connected to ROOT\WMI.
Driver interface replaced interface name with
'\Device\NPF_{3916E046-39B1-4861-8
C57-BD59B4EAEA25}'
Own MAC address: 00:20:a6:51:59:43
wpa_driver_ndis_set_wpa: enabled=1
ndis_get_oid: oid=0xd010101 len (6) failed
ndis_get_oid: oid=0xd010101 len (6) failed
ndis_get_oid: oid=0xd010101 len (6) failed
ndis_get_oid: oid=0xd010101 len (6) failed
Setting scan request: 0 sec 100000 usec
Added interface \Device\NPF_{3916E046-39B1-4861-8C57-BD59B4EAEA25}
State: DISCONNECTED -> SCANNING
Starting AP scan (broadcast SSID)
Trying to get current scan results first without requesting a new scan to
speed
up initial association
Scan results: 0
Selecting BSS from priority group 0
No suitable AP found.
Setting scan request: 0 sec 0 usec
Starting AP scan (broadcast SSID)
NDIS: turning radio on before the first scan
ndis_get_oid: oid=0xd010101 len (6) failed
Scan timeout - try to get results
Scan results: 3
Selecting BSS from priority group 0
0: 00:13:10:bc:b6:d0 ssid='deco_designs' wpa_ie_len=24 rsn_ie_len=0
caps=0x10
skip - SSID mismatch
1: 00:11:20:ee:70:5d ssid='WLAB-A' wpa_ie_len=24 rsn_ie_len=0 caps=0x10
skip - SSID mismatch
2: 00:12:d9:c8:be:50 ssid='Voice' wpa_ie_len=26 rsn_ie_len=0 caps=0x10
selected based on WPA IE
Trying to associate with 00:12:d9:c8:be:50 (SSID='Voice' freq=5220 MHz)
Cancelling scan request
WPA: clearing own WPA/RSN IE
Automatic auth_alg selection: 0x1
WPA: using IEEE 802.11i/D3.0
WPA: Selected cipher suites: group 8 pairwise 8 key_mgmt 1
WPA: set AP WPA IE - hexdump(len=26): dd 18 00 50 f2 01 01 00 00 50 f2 02 01
00
00 50 f2 02 01 00 00 50 f2 01 28 00
WPA: clearing AP RSN IE
WPA: using GTK TKIP
WPA: using PTK TKIP
WPA: using KEY_MGMT 802.1X
WPA: Set own WPA IE default - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50
f2
02 01 00 00 50 f2 02 01 00 00 50 f2 01
No keys have been configured - skip key clearing
State: SCANNING -> ASSOCIATING
Setting authentication timeout: 10 sec 0 usec
EAPOL: External notification - portControl=Auto
MSNdis_StatusMediaConnect
InstanceName: 'ORiNOCO 802.11abg ComboCard Gold'
NDIS: event - type 0
NDIS: Media Connect Event
NDIS: ReqFixed=0x3 RespFixed=0x7 off_req=40 off_resp=140 len_req=100
len_resp=68
NDIS: 3 BSSID items to process for AssocInfo
Association info event
req_ies - hexdump(len=100): 00 05 56 6f 69 63 65 01 08 0c 12 18 24 30 48 60
6c d
d 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 01 85 1e
00
00 66 00 00 00 00 00 18 00 00 00 00 00 08 60 a4 85 00 00 00 00 00 00 00 00
00 00
00 00 95 0a 00 40 96 00 00 00 00 00 00 00 dd 06 00 40 96 01 01 00 dd 05 00
40 9
6 03 02
resp_ies - hexdump(len=68): 01 08 8c 12 98 24 b0 48 60 6c 85 1e 00 00 84 00
0f 0
0 ff 03 01 00 43 69 73 63 6f 31 00 c8 00 6f e3 4c 00 af dd 30 00 00 00 26 95
0a
00 40 96 00 0a 0a 0a 0a 01 00 dd 05 00 40 96 03 04 dd 05 00 40 96 0b 01
beacon_ies - hexdump(len=43): 00 05 56 6f 69 63 65 01 08 8c 12 98 24 b0 48
60 6c
dd 18 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 01 28
00
WPA: set own WPA/RSN IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2
02 0
1 00 00 50 f2 02 01 00 00 50 f2 01
WPA: set AP WPA IE - hexdump(len=26): dd 18 00 50 f2 01 01 00 00 50 f2 02 01
00
00 50 f2 02 01 00 00 50 f2 01 28 00
WPA: clearing AP RSN IE
State: ASSOCIATING -> ASSOCIATED
Associated to a new BSS: BSSID=00:12:d9:c8:be:50
No keys have been configured - skip key clearing
Associated with 00:12:d9:c8:be:50
WPA: Association event - clear replay counter
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_BE entering state IDLE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
Setting authentication timeout: 10 sec 0 usec
RX EAPOL from 00:12:d9:c8:be:50
Setting authentication timeout: 70 sec 0 usec
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_PAE entering state RESTART
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=1 method=1 vendor=0 vendorMethod=0
EAP: EAP entering state IDENTITY
CTRL-EVENT-EAP-STARTED EAP authentication started
EAP: EAP-Request Identity data - hexdump_ascii(len=38):
00 6e 65 74 77 6f 72 6b 69 64 3d 56 6f 69 63 65 _networkid=Voice
2c 6e 61 73 69 64 3d 43 69 73 63 6f 31 2c 70 6f ,nasid=Cisco1,po
72 74 69 64 3d 30 rtid=0
EAP: using anonymous identity - hexdump_ascii(len=9):
61 6e 6f 6e 79 6d 6f 75 73 anonymous
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:12:d9:c8:be:50
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=2 method=43 vendor=0 vendorMethod=0
EAP: EAP entering state GET_METHOD
EAP: initialize selected EAP method: vendor 0 method 43 (FAST)
EAP-FAST: Automatic PAC provisioning is allowed
EAP-FAST: Phase2 EAP types - hexdump(len=8): 00 00 00 00 1a 00 00 00
EAP-FAST: read 1 PAC entries from 'C:/wpa_supplicanteap-fast.pac'
CTRL-EVENT-EAP-METHOD EAP vendor 0 method 43 (FAST) selected
EAP: EAP entering state METHOD
SSL: Received packet(len=26) - Flags 0x21
EAP-FAST: Start (server ver=1, own ver=1)
EAP-FAST: Using FAST version 1
EAP-FAST: A-ID - hexdump_ascii(len=16):
4c 4f 43 41 4c 20 52 41 44 49 55 53 20 53 45 52 LOCAL RADIUS SER
EAP-FAST: PAC found for this A-ID
SSL: (where=0x10 ret=0x1)
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:before/connect initialization
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 write client hello A
SSL: (where=0x1002 ret=0xffffffff)
SSL: SSL_connect:error in SSLv3 read server hello A
SSL: SSL_connect - want more data
SSL: 240 bytes pending from ssl_out
SSL: 240 bytes left to be sent out (of total 240 bytes)
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:12:d9:c8:be:50
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=3 method=43 vendor=0 vendorMethod=0
EAP: EAP entering state METHOD
SSL: Received packet(len=594) - Flags 0x81
SSL: TLS Message Length: 584
EAP-FAST: client_random - hexdump(len=32): 44 20 ab 13 3c 51 4c b4 fd b5 86
7b d
e 88 31 9a f6 79 6d 03 22 c9 0c 5b e5 f1 1e 80 92 dc 10 9c
EAP-FAST: server_random - hexdump(len=32): d3 f8 78 7b 75 d3 f8 36 19 47 31
19 c
f 19 47 b6 0d 61 7f 64 bc 0d 61 70 59 5a 14 74 9f 59 5a bb
EAP-FAST: TLS pre-master-secret - hexdump(len=48): [REMOVED]
SSL: (where=0x4008 ret=0x22f)
SSL: SSL3 alert: write (local SSL3 detected an error):fatal:illegal
parameter
SSL: (where=0x1002 ret=0xffffffff)
SSL: SSL_connect:error in SSLv3 read server hello B
OpenSSL: tls_connection_handshake - SSL_connect error:14092105:SSL
routines:SSL3
_GET_SERVER_HELLO:wrong cipher returned
SSL: 7 bytes pending from ssl_out
SSL: Failed - tls_out available to report error
SSL: 7 bytes left to be sent out (of total 7 bytes)
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:12:d9:c8:be:50
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Failure
EAP: EAP entering state FAILURE
CTRL-EVENT-EAP-FAILURE EAP authentication failed
EAPOL: SUPP_PAE entering state HELD
EAPOL: SUPP_BE entering state RECEIVE
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_BE entering state IDLE
CTRL-EVENT-TERMINATING - signal 0 received
Removing interface \Device\NPF_{3916E046-39B1-4861-8C57-BD59B4EAEA25}
State: ASSOCIATED -> DISCONNECTED
No keys have been configured - skip key clearing
EAPOL: External notification - portEnabled=0
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portValid=0
wpa_driver_ndis_set_wpa: enabled=0
No keys have been configured - skip key clearing
ndis_set_oid: oid=0xd010115 len (4) failed
NDIS: failed to disassociate and turn radio off
EAP: deinitialize previously used EAP method (43, FAST) at EAP deinit
Cancelling scan request
C:\WPA-Supplicant\wpa_supplicant-windows-bin-0.5.2>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20060321/080d5182/attachment.htm
More information about the Hostap
mailing list