radius access-challenge as response to inner auth (PAP) of EAP-TTLS gives following error

fundu fundu2all
Tue Apr 7 02:53:32 PDT 2009


HI,

Im trying to use WPA-enterprise on my home laptop( wpa_supplicant 6.4 ) having windows XP preofessional sp3 with intel wireless card(for knowledge purpose only, wpa-personal is working properly). The TLS tunnel gets established successfully but as my custom radius implementation returns access-challenge by default for any initial access-request the wpa-supplicant log says "EAP-TTLS: Phase 2 received unexpected tunneled data (no EAP)".  

Here is the log snnipet :

EAP-TTLS: TLS done, proceed to Phase 2
EAP-TTLS: Derived key - hexdump(len=64): [REMOVED]
EAP-TTLS: received 0 bytes encrypted data for Phase 2
EAP-TTLS: empty data in beginning of Phase 2 - use fake EAP-Request Identity
EAP-TTLS: Phase 2 PAP Request
EAP-TTLS: Encrypting Phase 2 data - hexdump(len=48): [REMOVED]
SSL: 122 bytes left to be sent out (of total 122 bytes)
EAP-TTLS: Authentication completed successfully
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=COND_SUCC
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL: dst=00:1d:7e:eb:b6:0b
TX EAPOL - hexdump(len=132): 01 00 00 80 02 04 00 80 15 00 17 03 01 00 20 5b a8 ef 37 25 6a a2 a1 12 50 98 4e 99 58 a0 fd 55 11 ee 2c 26 a2 b6 be aa 5b c1 bd 31 a1 8c 91 17 03 01 00 50 bc d0 d6 dd 59 3f d4 ab c3 2f a6 a0 bc 44 68 98 0c 69 45 68 5f 11 e8 ef 42 31 d2 8c e9 47 35 82 c6 fc 84 cf cd 1a 95 b8 5e 53 e0 42 24 0d c7 13 b7 cb fc 8d 1a 2a 0b ef da 72 61 36 cb fc 9b f5 4a ee 21 6f a1 7d 03 e1 fd f1 5d e4 2a ab 4e 21
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:1d:7e:eb:b6:0b
RX EAPOL - hexdump(len=115): 01 00 00 6f 01 05 00 6f 15 80 00 00 00 65 17 03 01 00 60 e7 1a 00 c0 57 2d 8c a9 39 10 c9 da 82 61 e5 b7 d1 ca ee 29 01 17 49 f5 e9 0f 52 d3 7d 94 cf a5 8c 26 31 e6 59 37 01 b4 52 ed f8 7a 26 a1 2d 28 bf 8f 37 49 8f 17 3f 6f 5e 39 5f de 7a 51 32 f5 2d 7b c3 ef 41 08 4f ef 3b eb 91 48 0d 7d 82 83 ce ed ab 4c 47 67 70 3f 36 2c b8 78 c3 0e 9a a5
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=5 method=21 vendor=0 vendorMethod=0
EAP: EAP entering state METHOD
SSL: Received packet(len=111) - Flags 0x80
SSL: TLS Message Length: 101
EAP-TTLS: received 101 bytes encrypted data for Phase 2
EAP-TTLS: Decrypted Phase 2 AVPs - hexdump(len=72): 00 00 00 12 40 00 00 45 41 52 43 31 31 74 6a 4e 68 66 56 56 6b 4f 65 75 54 4a 4c 57 6b 4f 6f 70 6a 62 48 54 33 39 59 76 65 6e 4a 51 54 6a 41 55 69 57 6f 70 4f 2f 6b 63 36 6d 4d 35 32 79 72 57 72 63 51 3d 3d 00 00 00
EAP-TTLS: AVP: code=18 flags=0x40 length=69
EAP-TTLS: AVP data - hexdump(len=61): 41 52 43 31 31 74 6a 4e 68 66 56 56 6b 4f 65 75 54 4a 4c 57 6b 4f 6f 70 6a 62 48 54 33 39 59 76 65 6e 4a 51 54 6a 41 55 69 57 6f 70 4f 2f 6b 63 36 6d 4d 35 32 79 72 57 72 63 51 3d 3d
EAP-TTLS: AVP - Reply-Message - hexdump_ascii(len=61):
     41 52 43 31 31 74 6a 4e 68 66 56 56 6b 4f 65 75   ARC11tjNhfVVkOeu
     54 4a 4c 57 6b 4f 6f 70 6a 62 48 54 33 39 59 76   TJLWkOopjbHT39Yv
     65 6e 4a 51 54 6a 41 55 69 57 6f 70 4f 2f 6b 63   enJQTjAUiWopO/kc
     36 6d 4d 35 32 79 72 57 72 63 51 3d 3d            6mM52yrWrcQ==   
EAP-TTLS: Phase 2 received unexpected tunneled data (no EAP)
EAP: method process -> ignore=FALSE methodState=DONE decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
CTRL: Overlapped read completed: dst=00039EB0 err=0 bytes=4

Can anybody help me out in understanding this? 
does it mean i can not return challenge from my radius implementation?

Thanks,
Sunil Parolia



      Add more friends to your messenger and enjoy! Go to http://messenger.yahoo.com/invite/



More information about the Hostap mailing list