eapol_test and Microsoft NPS Radius PEAP MSCHAPV2

Klein, Thomas thomas.klein
Tue Mar 17 08:23:00 PDT 2015 

eapol_test output:
....
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portValid=0
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_BE entering state IDLE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
Sending fake EAP-Request-Identity
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_PAE entering state RESTART
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=0 method=1 vendor=0 vendorMethod=0
EAP: EAP entering state IDENTITY
CTRL-EVENT-EAP-STARTED EAP authentication started
EAP: Status notification: started (param=)
EAP: EAP-Request Identity data - hexdump_ascii(len=0):
EAP: using anonymous identity - hexdump_ascii(len=13):
     6e 6f 74 20 61 6e 6f 6e 79 6d 6f 75 73            not anonymous
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=18)
TX EAP -> RADIUS - hexdump(len=18): 02 00 00 12 01 6e 6f 74 20 61 6e 6f 6e 79 6d
6f 75 73
Encapsulating EAP message into a RADIUS packet
Learned identity from EAP-Response-Identity - hexdump(len=13): 6e 6f 74 20 61 6e
6f 6e 79 6d 6f 75 73
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=0 length=152
   Attribute 1 (User-Name) length=15
      Value: 'not anonymous'
   Attribute 4 (NAS-IP-Address) length=6
      Value: 127.0.0.1
   Attribute 95 (NAS-IPv6-Address) length=18
      Value: ::1
   Attribute 31 (Calling-Station-Id) length=19
      Value: '02-00-00-00-00-01'
   Attribute 12 (Framed-MTU) length=6
      Value: 1400
   Attribute 61 (NAS-Port-Type) length=6
      Value: 19
   Attribute 77 (Connect-Info) length=24
      Value: 'CONNECT 11Mbps 802.11b'
   Attribute 79 (EAP-Message) length=20
      Value: 02000012016e6f7420616e6f6e796d6f7573
   Attribute 80 (Message-Authenticator) length=18
      Value: 86d26309ea2a90c0109c7ccddc79697a
Next RADIUS client retransmit in 3 seconds
EAPOL: SUPP_BE entering state RECEIVE
Received 44 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=3 (Access-Reject) identifier=0 length=44
   Attribute 79 (EAP-Message) length=6
      Value: 04000004
   Attribute 80 (Message-Authenticator) length=18
      Value: 6fe178e81be227713b639ac4adff7edc
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending request, ro
und trip time 0.04 sec

RADIUS packet matching with station
decapsulated EAP packet (code=4 id=0 len=4) from RADIUS server: EAP Failure
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Failure
EAP: Status notification: completion (param=failure)
EAP: EAP entering state FAILURE
CTRL-EVENT-EAP-FAILURE EAP authentication failed
EAPOL: SUPP_PAE entering state HELD
EAPOL: SUPP_BE entering state RECEIVE
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_BE entering state IDLE
eapol_sm_cb: result=0
EAPOL: EAP key not available
EAPOL: EAP Session-Id not available
MPPE keys OK: 0  mismatch: 1
FAILURE



What is going wrong and how can i try to fix it?

Greetings,
Thomas

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.shmoo.com/pipermail/hostap/attachments/20150317/359542b5/attachment-0001.htm>

More information about the Hostap mailing list