wpa_supplicant - Navisradius5 failure parsing ClientHello

Jouni Malinen j
Wed Mar 5 23:57:16 PST 2008

On Thu, Mar 06, 2008 at 04:36:24PM +1300, caz riley wrote:

>   I'm using wpa_suuplicant to test eap-ttls and cannot get the TLS session to setup. I've used other supplicants against the navisradius without problems.
>   Here is the radius log...
>   9 <tls.protocolhandler> Not a V2Hello: Two-byte length marker not set

This looks odd.. I'm not sure what the RADIUS server is trying to do
here, but if "V2Hello" is referring to SSL v2, this is certainly not
supposed to be used..

>   9 <tls.protocolhandler> server/15 >>> Transmitting AlertMessage: Fatal: decode_error (50)

I haven't seen this in my tests with NavisRadius. Though, I think I've
only tested with older versions of the server. Would you be able to
capture the packets sent between wpa_supplicant and the RADIUS server? I
would be interested in seeing a capture log showing this message with
the ClientHello that is triggering the fatal error. I would be fine with
this captured as an EAPOL frame from the client or as the encapsulated
RADIUS packet between the authentication server and authenticator.

Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list