Trouble getting eap_server=1 to run: "Supplicant used different EAP type: 1 (Identity)"
Linus Lüssing
linus.luessing at c0d3.blue
Wed Jul 20 06:13:25 PDT 2016
Hi,
I'm currently trying to get a hostapd v2.3 running for WPA-EAP on
a Debian unstable (kernel 4.6). I am trying to connect with a Nokia N900
(OS: Linux/Maemo) which unfortunately always results in the lines:
wlan0: STA 00:0d:d5:8c:7a:97 IEEE 802.1X: authentication failed - EAP type: 0 ((null))
wlan0: STA 00:0d:d5:8c:7a:97 IEEE 802.1X: Supplicant used different EAP type: 1 (Identity)
On the N900 GUI I have selected the following options:
-----
EAP Type: TTLS
Certificate: None
EAP Methode: EAP-MSCHAPv2
User: testuser
Password: testpw
-----
On the hostapd side, eap_user.conf looks like this:
-----
"testuser" TTLS
"testuser" TTLS-MSCHAPV2 "testpw" [2]
-----
And hostapd-eap.conf like this:
-----
interface=wlan0
driver=nl80211
country_code=DE
ssid=testnet
ieee80211d=1
hw_mode=g
ieee80211n=1
channel=0
disassoc_low_ack=1
wmm_enabled=1
wpa=2
wpa_key_mgmt=WPA-EAP
wpa_pairwise=CCMP
rsn_pairwise=CCMP
ieee8021x=1
eap_server=1
eap_user_file=/etc/hostapd/eap_user
ca_cert=/etc/hostapd/ca.crt
server_cert=/etc/hostapd/server.pem
dh_file=/etc/hostapd/dh2048.pem
-----
Finally, the output of hostapd itself is the following:
-----
$ hostapd ./hostapd-eap.conf
Configuration file: ./hostapd-eap.conf
wlan0: interface state UNINITIALIZED->COUNTRY_UPDATE
ACS: Automatic channel selection started, this may take a bit
wlan0: interface state COUNTRY_UPDATE->ACS
wlan0: ACS-STARTED
wlan0: ACS-COMPLETED freq=2462 channel=11
Using interface wlan0 with hwaddr 00:1b:b1:f2:f3:e3 and ssid "testnet"
wlan0: interface state ACS->ENABLED
wlan0: AP-ENABLED
wlan0: STA 00:0d:d5:8c:7a:97 IEEE 802.11: authenticated
wlan0: STA 00:0d:d5:8c:7a:97 IEEE 802.11: associated (aid 1)
wlan0: CTRL-EVENT-EAP-STARTED 00:0d:d5:8c:7a:97
wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
wlan0: CTRL-EVENT-EAP-STARTED 00:0d:d5:8c:7a:97
wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
wlan0: CTRL-EVENT-EAP-FAILURE 00:0d:d5:8c:7a:97
wlan0: STA 00:0d:d5:8c:7a:97 IEEE 802.1X: authentication failed - EAP type: 0 ((null))
wlan0: STA 00:0d:d5:8c:7a:97 IEEE 802.1X: Supplicant used different EAP type: 1 (Identity)
wlan0: STA 00:0d:d5:8c:7a:97 IEEE 802.11: authenticated
wlan0: STA 00:0d:d5:8c:7a:97 IEEE 802.11: associated (aid 1)
wlan0: CTRL-EVENT-EAP-STARTED 00:0d:d5:8c:7a:97
wlan0: CTRL-EVENT-EAP-FAILURE 00:0d:d5:8c:7a:97
wlan0: STA 00:0d:d5:8c:7a:97 IEEE 802.1X: authentication failed - EAP type: 0 ((null))
wlan0: STA 00:0d:d5:8c:7a:97 IEEE 802.1X: Supplicant used different EAP type: 1 (Identity)
wlan0: STA 00:0d:d5:8c:7a:97 IEEE 802.11: deauthenticated due to local deauth request
-----
Anyone having an idea why the authentication might fail?
Regards, Linus
PS: The following combinations did not work either, they resulted
in the same output and error on the hostapd side:
-----
N900: EAP Type: TTLS; EAP Methode: MSCHAPv2 (instead of "EAP-MSCHAPv2")
eap_user.conf: phase1 -> TTLS, phase2 -> TTLS-MSCHAPV2
----
----
N900: EAP Type: TTLS; EAP Methode: EAP-MSCHAPv2 (or just "MSCHAPv2")
eap_user.conf: phase1 -> TTLS, phase2 -> MSCHAPV2 (instead of "TTLS-MSCHAPV2")
----
----
N900: EAP Type: PEAP; EAP Methode: EAP-MSCHAPv2
eap_user.conf: phase1 -> PEAP, phase2 -> MSCHAPv2
----
More information about the Hostap
mailing list