No subject
bogus at does.not.exist.com
bogus at does.not.exist.com
Sun Jun 2 21:10:54 PDT 2013
Access-Request.
However, the response is always ACCESS-REJECT as hostapd is not able to
find the user in its database.
Logs:
------
RADIUS SRV: Received 112 bytes from 127.0.0.1:43469
RADIUS SRV: Received data - hexdump(len=112): 01 dd 00 70 61 5c a6 27 f0 99
f6 2e 8a f6 cb 05 38 75 35 62 01 11 32 33 32 30 31 30 30 30 30 30 30 30 30
30 30 4f 17 02 00 00 15 01 30 32 33 32 30 31 30 30 30 30 30 30 30 30 30 30
1f 11 32 33 32 30 31 30 30 30 30 30 30 30 30 30 30 20 0b 6c 6f 63 61 6c 68
6f 73 74 05 06 00 00 00 dd 50 12 92 67 27 a1 22 5b bc 2b ab 2a f9 94 a5 71
eb 3a
RADIUS message: code=1 (Access-Request) identifier=221 length=112
Attribute 1 (User-Name) length=17
Value: '232010000000000'
Attribute 79 (EAP-Message) length=23
Value: 020000150130323332303130303030303030303030
Attribute 31 (Calling-Station-Id) length=17
Value: '232010000000000'
Attribute 32 (NAS-Identifier) length=11
Value: 'localhost'
Attribute 5 (NAS-Port) length=6
Value: 221
Attribute 80 (Message-Authenticator) length=18
Value: 926727a1225bbc2bab2af994a571eb3a
RADIUS SRV: Creating a new session
RADIUS SRV: User-Name - hexdump_ascii(len=15):
32 33 32 30 31 30 30 30 30 30 30 30 30 30 30 232010000000000
RADIUS SRV: Matching user entry found
RADIUS SRV: [0x2 127.0.0.1] New session created
EAP: Server state machine created
RADIUS SRV: New session 0x2 initialized
RADIUS SRV: Received EAP data - hexdump(len=21): 02 00 00 15 01 30 32 33 32
30 31 30 30 30 30 30 30 30 30 30 30
EAP: EAP entering state INITIALIZE
EAP: parseEapResp: rxResp=1 rxInitiate=0 respId=0 respMethod=1 respVendor=0
respVendorMethod=0
eth0: CTRL-EVENT-EAP-STARTED 00:00:00:00:00:00
EAP: EAP entering state PICK_UP_METHOD
eth0: CTRL-EVENT-EAP-PROPOSED-METHOD method=1
EAP: EAP entering state METHOD_RESPONSE
EAP-Identity: Peer identity - hexdump_ascii(len=16):
30 32 33 32 30 31 30 30 30 30 30 30 30 30 30 30 0232010000000000
RADIUS SRV: [0x2 127.0.0.1] EAP: EAP-Response/Identity '0232010000000000'
EAP: EAP entering state SELECT_ACTION
EAP: getDecision: user not found from database -> FAILURE
EAP: EAP entering state FAILURE
EAP: Building EAP-Failure (id=0)
eth0: CTRL-EVENT-EAP-FAILURE 00:00:00:00:00:00
RADIUS SRV: EAP data from the state machine - hexdump(len=4): 04 00 00 04
RADIUS SRV: [0x2 127.0.0.1] EAP authentication failed
RADIUS SRV: Reply to 127.0.0.1:43469
RADIUS message: code=3 (Access-Reject) identifier=221 length=44
Attribute 79 (EAP-Message) length=6
Value: 04000004
Attribute 80 (Message-Authenticator) length=18
Value: 159e546370c38713669d2827a32de85a
RADIUS SRV: [0x2 127.0.0.1] Sending Access-Reject
RADIUS SRV: Removing completed session 0x2 after timeout
RADIUS SRV: Removing completed session 0x2
EAP: Server state machine removed
Am I missing any configurations - due to which hostapd is not able to find
the user in its database.
Help is much appreciated.
Thanks,
Premraj
--001a11c2629c066afa0518c076df
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div><div><div><div><div><div><div><div>Hi Experts,<br><br=
></div>I am trying to perform EAP-AKA for the IMSI mentioned as an example =
along with hostapd install. <br><br></div><div>File: hlr_auc_gw.milenage.db=
<br></div><div><br></div># IMSI Ki OPc AMF SQN<br>232010000000000 90dca4eda=
45b53cf0f12d7c9c3bc6a89 cb9cccc4b9258e6dca4760379fb82581 61df 000000000000<=
br><br># These values are from Test Set 19 which has the AMF separation bit=
set to 1<br># and as such, is suitable for EAP-AKA' test.<br>555444333=
222111 5122250214c33e723a5dd523fc145fc0 981d464c7c52eb6e5036234984ad0bcf c3=
ab 16f3b3f70fc1<br><br></div><div>Run ./hostapd hostapd.conf<br></div><div>=
Run ./hlr_auc_gw -m hlr_auc_gw.milenage_db<br></div><div><br></div>From Rad=
ius client, I try to sent the IMSI 232010000000000 for Access-Request.<br><=
/div><div>However, the response is always ACCESS-REJECT as hostapd is not a=
ble to find the user in its database. <br></div><div><br></div>Logs:<br>---=
---<br><br>RADIUS SRV: Received 112 bytes from <a href=3D"http://127.0.0.1:=
43469">127.0.0.1:43469</a><br>RADIUS SRV: Received data - hexdump(len=3D112=
): 01 dd 00 70 61 5c a6 27 f0 99 f6 2e 8a f6 cb 05 38 75 35 62 01 11 32 33 =
32 30 31 30 30 30 30 30 30 30 30 30 30 4f 17 02 00 00 15 01 30 32 33 32 30 =
31 30 30 30 30 30 30 30 30 30 30 1f 11 32 33 32 30 31 30 30 30 30 30 30 30 =
30 30 30 20 0b 6c 6f 63 61 6c 68 6f 73 74 05 06 00 00 00 dd 50 12 92 67 27 =
a1 22 5b bc 2b ab 2a f9 94 a5 71 eb 3a<br>RADIUS message: code=3D1 (Access-=
Request) identifier=3D221 length=3D112<br>=C2=A0=C2=A0 Attribute 1 (User-Na=
me) length=3D17<br>=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Value: '2320100000000=
00'<br>=C2=A0=C2=A0 Attribute 79 (EAP-Message) length=3D23<br>=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0 Value: 020000150130323332303130303030303030303030<br>=
=C2=A0=C2=A0 Attribute 31 (Calling-Station-Id) length=3D17<br>=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0 Value: '232010000000000'<br>=C2=A0=C2=A0 Attribu=
te 32 (NAS-Identifier) length=3D11<br>=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Value:=
'localhost'<br>=C2=A0=C2=A0 Attribute 5 (NAS-Port) length=3D6<br>=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Value: 221<br>=C2=A0=C2=A0 Attribute 80 (Mes=
sage-Authenticator) length=3D18<br>=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Value: 92=
6727a1225bbc2bab2af994a571eb3a<br>RADIUS SRV: Creating a new session<br>RAD=
IUS SRV: User-Name - hexdump_ascii(len=3D15):<br>=C2=A0=C2=A0=C2=A0=C2=A0 3=
2 33 32 30 31 30 30 30 30 30 30 30 30 30 30=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 2=
32010000000000<br>RADIUS SRV: Matching user entry found<br>RADIUS SRV: [0x2=
127.0.0.1] New session created<br>EAP: Server state machine created<br>RAD=
IUS SRV: New session 0x2 initialized<br>RADIUS SRV: Received EAP data - hex=
dump(len=3D21): 02 00 00 15 01 30 32 33 32 30 31 30 30 30 30 30 30 30 30 30=
30<br>EAP: EAP entering state INITIALIZE<br>EAP: parseEapResp: rxResp=3D1 =
rxInitiate=3D0 respId=3D0 respMethod=3D1 respVendor=3D0 respVendorMethod=3D=
0<br>eth0: CTRL-EVENT-EAP-STARTED 00:00:00:00:00:00<br>EAP: EAP entering st=
ate PICK_UP_METHOD<br>eth0: CTRL-EVENT-EAP-PROPOSED-METHOD method=3D1<br>EA=
P: EAP entering state METHOD_RESPONSE<br>EAP-Identity: Peer identity - hexd=
ump_ascii(len=3D16):<br>=C2=A0=C2=A0=C2=A0=C2=A0 30 32 33 32 30 31 30 30 30=
30 30 30 30 30 30 30=C2=A0=C2=A0 0232010000000000<br>RADIUS SRV: [0x2 127.=
0.0.1] EAP: EAP-Response/Identity '0232010000000000'<br>EAP: EAP en=
tering state SELECT_ACTION<br><span style=3D"color:rgb(0,0,0)">EAP: getDeci=
sion: user not found from database -> FAILURE</span><br>EAP: EAP enterin=
g state FAILURE<br>EAP: Building EAP-Failure (id=3D0)<br>eth0: CTRL-EVENT-E=
AP-FAILURE 00:00:00:00:00:00<br>RADIUS SRV: EAP data from the state machine=
- hexdump(len=3D4): 04 00 00 04<br>RADIUS SRV: [0x2 127.0.0.1] EAP authent=
ication failed<br>RADIUS SRV: Reply to <a href=3D"http://127.0.0.1:43469">1=
27.0.0.1:43469</a><br>RADIUS message: code=3D3 (Access-Reject) identifier=
=3D221 length=3D44<br>=C2=A0=C2=A0 Attribute 79 (EAP-Message) length=3D6<br=
>=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Value: 04000004<br>=C2=A0=C2=A0 Attribute 8=
0 (Message-Authenticator) length=3D18<br>=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Val=
ue: 159e546370c38713669d2827a32de85a<br>RADIUS SRV: [0x2 127.0.0.1] Sending=
Access-Reject<br>RADIUS SRV: Removing completed session 0x2 after timeout<=
br>RADIUS SRV: Removing completed session 0x2<br>EAP: Server state machine =
removed<br><br></div>Am I missing any configurations - due to which hostapd=
is not able to find the user in its database.<br><br></div>Help is much ap=
preciated.<br><br></div>Thanks,<br></div>Premraj<br><div><div><div><div><di=
v><div><br><br><br><br><div><br><br><div><br></div></div></div></div></div>=
</div></div></div></div>
--001a11c2629c066afa0518c076df--
More information about the Hostap
mailing list