Does wpa supplicant version 0.6.4 support Windows Server2008NAP IEEE802.1X Enforcement ?
Tomonari Yoshimura
yosimura
Wed Oct 1 20:09:05 PDT 2008
>Did you add the field marked with TODO? If I remember correctly, some of them were marked as mandatory in the
>specification. As a quick test, you could just copy the data from the SoH example below for MS-Machine-Inventory,
>MS-Quarantine-State, and MS-MachineName. It would be interesting to see whether that is all that is needed to get
>the server accepting the message.
Thank you for your assistance.
I tested using the SoH example that is shown in the previous mail.
The EAP authentication completes successfully,
however the following messages are received from Server 2008,
EAP-TLV: Unsupported TLV Type 7
EAP-TLV: Unsupported TLV Type 12
I suppose TLV Type7 and 12 are not mandatory for NAP authentication, so these are ignored.
------------------------------------------------------------------------------------------------------------------------------------
-----------------------------
### NAP experiment ### SoH Setting
EAP-PEAP: Phase 2 Request: Nak type=254
EAP-PEAP: Allowed Phase2 EAP types - hexdump(len=1): 1a
EAP-PEAP: Encrypting Phase 2 data - hexdump(len=442): 02 07 01 ba fe 00 01 37 00 00 00 21 00 07 01 aa 00 00 01 37 00 01 01 a2 00 07
01 9e 00 00 01 37 00 02 01 96 00 07 00 1e 00 00 01 37 6f a0 2d f4 d8 51 4e 00 bb 76 28 c4 8a e5 1d f1 01 c8 8d 8e f9 1f a1 32 01 00
00 02 00 04 00 01 37 00 00 07 00 4f 00 00 01 37 03 11 01 00 00 00 05 00 00 00 01 00 00 0a 28 00 03 00 00 00 00 05 00 06 4a 6f 75 6e
69 00 06 6f a0 2d f4 d8 51 4e 00 bb 76 28 c4 8a e5 1d f1 01 c8 8d 8e f9 1f a1 32 02 00 09 ff ff ff ff ff ff ff ff 00 01 00 08 de ca
fb ad 01 00 02 00 04 00 01 37 80 00 07 00 08 00 01 37 80 02 00 00 00 00 07 00 08 00 01 37 80 00 00 01 05 00 08 00 01 00 00 0a 00 40
4e 00 6f 00 72 00 74 00 6f 00 6e 00 20 00 49 00 6e 00 74 00 65 00 72 00 6e 00 65 00 74 00 20 00 57 00 6f 00 72 00 6d 00 20 00 50 00
72 00 6f 00 74 00 65 00 63 00 74 00 69 00 6f 00 6e 00 00 00 00 0b 00 04 00 00 00 01 00 0a 00 24 4d 00 49 00 43 00 52 00 4f 00 53 00
4f 00 46 00 54 00 20 00 50 00 52 00 4f 00 44 00 55 00 43 00 54 00 00 00 00 0b 00 04 00 00 00 04 00 08 00 01 01 00 0a 00 2c 4e 00 6f
00 72 00 74 00 6f 00 6e 00 20 00 41 00 6e 00 74 00 69 00 56 00 69 00 72 00 75 00 73 00 20 00 32 00 30 00 30 00 35 00 00 00 00 0b 00
04 00 00 00 01 00 08 00 01 03 00 0b 00 04 00 00 00 03 00 08 00 01 04 00 0b 00 04 00 ff 00 05 00 07 00 08 00 01 37 80 b3 f1 00 00 00
07 00 05 00 01 37 80 00 00 07 00 08 00 01 37 80 00 40 00 00
(snip)
### NAP experiment ### eap_peap_phase2_request enter *pos = 33
EAP-TLV: Received TLVs - hexdump(len=289): 80 03 00 02 00 01 00 07 00 db 00 00 01 37 00 03 00 d3 00 07 00 cf 00 00 01 37 00 02 00 c7
00 07 00 1e 00 00 01 37 6f a0 2d f4 d8 51 4e 00 bb 76 28 c4 8a e5 1d f1 01 c8 8d 8e f9 1f a1 32 00 00 00 02 00 04 00 01 37 00 00 07
00 55 00 00 01 37 03 01 05 00 1e 57 49 4e 2d 4b 37 4b 47 55 56 35 4d 51 34 30 2e 65 78 61 6d 70 6c 65 2e 63 6f 2e 6a 70 00 06 6f a0
2d f4 d8 51 4e 00 bb 76 28 c4 8a e5 1d f1 01 c8 8d 8e f9 1f a1 32 02 00 03 ff ff ff ff ff ff ff ff 00 01 00 07 00 04 00 01 37 80 00
02 00 04 00 01 37 80 00 08 00 01 00 00 04 00 04 00 00 00 00 00 08 00 01 01 00 04 00 08 00 00 00 00 c0 ff 00 48 00 08 00 01 03 00 04
00 04 00 00 00 00 00 08 00 01 04 00 04 00 08 00 00 00 00 00 00 00 00 00 0c 00 38 00 00 00 00 f4 f2 ed 97 07 5b 22 92 91 e0 c1 30 f3
01 3b fb e6 bb fc 37 0d 7d 9c 96 72 1e db 63 f4 5c df b3 8f d0 a7 17 06 22 00 56 70 2b d5 b8 c6 08 c3 51 7a 3b 73 7c
EAP-TLV: Unsupported TLV Type 7
EAP-TLV: Unsupported TLV Type 12
EAP-TLV: Result TLV - hexdump(len=2): 00 01
EAP-TLV: TLV Result - Success - EAP-TLV/Phase2 Completed
(snip)
RX EAPOL - hexdump(len=46): 01 00 00 04 03 0a 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Success
EAP: EAP entering state SUCCESS
CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
State: DISCONNECTED -> COMPLETED
CTRL-EVENT-CONNECTED - Connection to 00:00:00:00:00:00 completed (auth)
EAPOL: SUPP_PAE entering state AUTHENTICATED
EAPOL: SUPP_BE entering state RECEIVE
EAPOL: SUPP_BE entering state SUCCESS
EAPOL: SUPP_BE entering state IDLE
------------------------------------------------------------------------------------------------------------------------------------
-----------------------------
Thanks,
Yoshi
More information about the Hostap
mailing list