<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Tahoma
}
--></style></head>
<body class='hmmessage'><div dir='ltr'>
Hi guys,<br><br>i'm still trying to authenticate a EAP SIM Client with
the Freeraduis 3.0.0. By Using the Nokia E51 and E52, the eap-sim
authentication process just stops after the raduis has sent the "
EAP-REQUEST, SIM-CHALLENGE" (containing AT_RAND and AT_MAC) message (see
log info.).<br>I did some changes in the in the " eapsimlib.c" regarding the AT_IDENTITY by using the patch '<span class="sha-block">commit <span class="sha js-selectable-text">cfd61d24b99022eb613054bbf7e0da4fa3af1bde</span></span>' but the result didn't change. <br><br>I decided to change the Client. I downloaded and installed
Xsupplicant 2.2.3.553 on my windows XP. This is a software capable to be
used as EAP-SIM Client. I didn't change anything on the server side.
This time Xsupplicant replys with a " EAP-RESPONSE, SIM-CHALLENGE"
(containing AT_MAC) after recieving the " EAP-REQUEST, SIM-CHALLENGE"
(containing AT_RAND and AT_MAC). The Freeradius Server recieves the "
EAP-RESPONSE, SIM-CHALLENGE" (containing AT_MAC), says that the received
MAC doesn't match and breaks the authentication process with a "access
reject"<br><br><u><br>Here the log messages with Nokia:</u><br><br>Listening on authentication address * port 1812<br>Listening on accounting address * port 1813<br>Listening on command file /var/run/radiusd/radiusd.sock<br>Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel<br>Opening new proxy address * port 1814<br>Listening on proxy address * port 1814<br>Ready to process requests.<br><font style="" color="#4F81BD">rad_recv: Access-Request packet from host 192.168.10.212 port 48077, id=19, length=308</font><br> Service-Type = Framed-User<br> Framed-MTU = 1400<br> User-Name = "1901700000000653@wlan.mnc070.mcc901.3gppnetwork.org"<br> NAS-Port-Id = "ap_hotspot"<br> NAS-Port-Type = Wireless-802.11<br> Acct-Session-Id = "82500003"<br> Acct-Multi-Session-Id = "00-0C-42-64-41-9D-A8-7E-33-3E-9C-5B-82-50-00-00-00-00-00-03"<br> Calling-Station-Id = "A8-7E-33-3E-9C-5B"<br> Called-Station-Id = "00-0C-42-64-41-9D:YANN"<br> <font style="" color="#4F81BD">EAP-Message = 0x02010038013139303137303030303030303036353340776c616e2e6d6e633037302e6d63633930312e336770706e6574776f726b2e6f7267</font><br> Message-Authenticator = 0x429b263e5293fadbae0a13f28dad2775<br> NAS-Identifier = "MT_Yann"<br> NAS-IP-Address = 192.168.10.212<br>(0) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default<br>(0) group authorize {<br>(0) - entering group authorize {...}<br>(0) [preprocess] = ok<br>(0) [chap] = noop<br>(0) auth_log : expand: %{Packet-Src-IP-Address} -> 192.168.10.212<br>(0)
auth_log : expand:
/var/log/radiusd/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
-> /var/log/radiusd/radacct/192.168.10.212/auth-detail-20121108<br>(0)
auth_log :
/var/log/radiusd/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
expands to /var/log/radiusd/radacct/192.168.10.212/auth-detail-20121108<br>(0) auth_log : expand: %t -> Thu Nov 8 14:20:05 2012<br>(0) [auth_log] = ok<br>(0) [mschap] = noop<br>(0) [digest] = noop<br>(0)
suffix : Looking up realm "wlan.mnc070.mcc901.3gppnetwork.org" for
User-Name = "1901700000000653@wlan.mnc070.mcc901.3gppnetwork.org"<br>(0) suffix : Found realm "~.*.3gppnetwork.org$"<br>(0) suffix : Adding Stripped-User-Name = "1901700000000653"<br>(0) suffix : Adding Realm = "wlan.mnc070.mcc901.3gppnetwork.org"<br>(0) suffix : Authentication realm is LOCAL.<br>(0) [suffix] = ok<br>rlm_sim_files: authorized user/imsi 1901700000000653 <br>rlm_sim_files: Adding EAP-Type: eap-sim<br>(0) [sim_files] = ok<br>(0) eap : EAP packet type response id 1 length 56<br>(0) eap : EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize<br>(0) [eap] = ok<br>(0) Found Auth-Type = EAP<br>(0) # Executing group from file /usr/local/etc/raddb/sites-enabled/default<br>(0) group authenticate {<br>(0) - entering group authenticate {...}<br>(0) eap : EAP Identity<br>(0) eap : processing type sim<br>(0) eap : Underlying EAP-Type set EAP ID to 133<br>(0) [eap] = handled<br><font style="" color="#00B050">Sending Access-Challenge of id 19 to 192.168.10.212 port 48077</font><br> <font style="" color="#00B050">EAP-Message = 0x01850014120a00000f0200020001000011010100</font><br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0x077b668807fe746db0e5f555c7ca40d2<br>(0) Finished request 0.<br>Waking up in 0.3 seconds.<br><font style="" color="#974806">rad_recv: Access-Request packet from host 192.168.10.212 port 41383, id=20, length=358</font><br> Service-Type = Framed-User<br> Framed-MTU = 1400<br> User-Name = "1901700000000653@wlan.mnc070.mcc901.3gppnetwork.org"<br> State = 0x077b668807fe746db0e5f555c7ca40d2<br> NAS-Port-Id = "ap_hotspot"<br> NAS-Port-Type = Wireless-802.11<br> Acct-Session-Id = "82500003"<br> Acct-Multi-Session-Id = "00-0C-42-64-41-9D-A8-7E-33-3E-9C-5B-82-50-00-00-00-00-00-03"<br> Calling-Station-Id = "A8-7E-33-3E-9C-5B"<br> Called-Station-Id = "00-0C-42-64-41-9D:YANN"<br><font style="" color="#974806">
EAP-Message =
0x02850058120a000007050000be65a474dc99300354fdd97e5176bbc5100100010e0e00333139303137303030303030303036353340776c616e2e6d6e633037302e6d63633930312e336770706e6574776f726b2e6f726700</font><br> Message-Authenticator = 0x07c87b76cd6232ca08dc4529913d5cac<br> NAS-Identifier = "MT_Yann"<br> NAS-IP-Address = 192.168.10.212<br>(1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default<br>(1) group authorize {<br>(1) - entering group authorize {...}<br>(1) [preprocess] = ok<br>(1) [chap] = noop<br>(1) auth_log : expand: %{Packet-Src-IP-Address} -> 192.168.10.212<br>(1)
auth_log : expand:
/var/log/radiusd/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
-> /var/log/radiusd/radacct/192.168.10.212/auth-detail-20121108<br>(1)
auth_log :
/var/log/radiusd/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
expands to /var/log/radiusd/radacct/192.168.10.212/auth-detail-20121108<br>(1) auth_log : expand: %t -> Thu Nov 8 14:20:05 2012<br>(1) [auth_log] = ok<br>(1) [mschap] = noop<br>(1) [digest] = noop<br>(1)
suffix : Looking up realm "wlan.mnc070.mcc901.3gppnetwork.org" for
User-Name = "1901700000000653@wlan.mnc070.mcc901.3gppnetwork.org"<br>(1) suffix : Found realm "~.*.3gppnetwork.org$"<br>(1) suffix : Adding Stripped-User-Name = "1901700000000653"<br>(1) suffix : Adding Realm = "wlan.mnc070.mcc901.3gppnetwork.org"<br>(1) suffix : Authentication realm is LOCAL.<br>(1) [suffix] = ok<br>rlm_sim_files: authorized user/imsi 1901700000000653 <br>rlm_sim_files: Adding EAP-Type: eap-sim<br>(1) [sim_files] = ok<br>(1) eap : EAP packet type response id 133 length 88<br>(1) eap : No EAP Start, assuming it's an on-going EAP conversation<br>(1) [eap] = updated<br>(1) [files] = noop<br>(1) [expiration] = noop<br>(1) [logintime] = noop<br>(1) pap : WARNING! No "known good" password found for the user. Authentication may fail because of this.<br>(1) [pap] = noop<br>(1) Found Auth-Type = EAP<br>(1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default<br>(1) group authenticate {<br>(1) - entering group authenticate {...}<br>(1) eap : Request found, released from the list<br>(1) eap : EAP/sim<br>(1) eap : processing type sim<br>+++> EAP-sim decoded packet:<br> Service-Type = Framed-User<br> Framed-MTU = 1400<br> User-Name = "1901700000000653@wlan.mnc070.mcc901.3gppnetwork.org"<br> State = 0x077b668807fe746db0e5f555c7ca40d2<br> NAS-Port-Id = "ap_hotspot"<br> NAS-Port-Type = Wireless-802.11<br> Acct-Session-Id = "82500003"<br> Acct-Multi-Session-Id = "00-0C-42-64-41-9D-A8-7E-33-3E-9C-5B-82-50-00-00-00-00-00-03"<br> Calling-Station-Id = "A8-7E-33-3E-9C-5B"<br> Called-Station-Id = "00-0C-42-64-41-9D:YANN"<br>
EAP-Message =
0x02850058120a000007050000be65a474dc99300354fdd97e5176bbc5100100010e0e00333139303137303030303030303036353340776c616e2e6d6e633037302e6d63633930312e336770706e6574776f726b2e6f726700<br> Message-Authenticator = 0x07c87b76cd6232ca08dc4529913d5cac<br> NAS-Identifier = "MT_Yann"<br> NAS-IP-Address = 192.168.10.212<br> Stripped-User-Name = "1901700000000653"<br> Realm = "wlan.mnc070.mcc901.3gppnetwork.org"<br> EAP-Type = SIM<br> EAP-Sim-Subtype = Start<br> EAP-Sim-NONCE_MT = 0x0000be65a474dc99300354fdd97e5176bbc5<br> EAP-Sim-SELECTED_VERSION = 0x0001<br> EAP-Sim-IDENTITY = 0x3139303137303030303030303036353340776c616e2e6d6e633037302e6d63633930312e336770706e6574776f726b2e6f7267<br>(1) eap : Underlying EAP-Type set EAP ID to 134<br>(1) [eap] = handled<br><font style="" color="#C00000">Sending Access-Challenge of id 20 to 192.168.10.212 port 41383</font><br> <font style="" color="#C00000">
EAP-Message =
0x01860050120b0000010d00000123456789abcdef0123456789abcdef658719018376aab4d2a5ccde7a21b6510123456789abcdef0123456789abcdff0b050000217a0ab3b008a413f570885bca13bbe8</font><br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0x077b668806fd746db0e5f555c7ca40d2<br>(1) Finished request 1.<br><font style="" color="#FF0000">Going to the next request</font><br>Waking up in 0.3 seconds.<br>Waking up in 4.6 seconds.<br>(0) Cleaning up request packet ID 19 with timestamp +14<br>(1) Cleaning up request packet ID 20 with timestamp +14<br>Ready to process requests.<br><br><----------------------><br><br><u>Here the log messages by using Xsupplicant:</u><br><br>Listening on authentication address * port 1812<br>Listening on accounting address * port 1813<br>Listening on command file /var/run/radiusd.sock<br>Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel<br>Opening new proxy address * port 1814<br>Listening on proxy address * port 1814<br>Ready to process requests.<br>rad_recv: Access-Request packet from host 192.168.10.212 port 34456, id=63, length=238<br> Service-Type = Framed-User<br> Framed-MTU = 1400<br> User-Name = "1901700000000653"<br> NAS-Port-Id = "ap_hotspot"<br> NAS-Port-Type = Wireless-802.11<br> Acct-Session-Id = "82900026"<br> Acct-Multi-Session-Id = "00-0C-42-64-41-9D-00-16-6F-BB-2D-CE-82-90-00-00-00-00-00-26"<br> Calling-Station-Id = "00-16-6F-BB-2D-CE"<br> Called-Station-Id = "00-0C-42-64-41-9D:YANN"<br> EAP-Message = 0x020100150131393031373030303030303030363533<br> Message-Authenticator = 0x653921257bd23ec322ee3b4924d32751<br> NAS-Identifier = "MT_Yann"<br> NAS-IP-Address = 192.168.10.212<br>(0) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default<br>(0) group authorize {<br>(0) - entering group authorize {...}<br>(0) [preprocess] = ok<br>(0) [chap] = noop<br>(0) auth_log : expand: %{Packet-Src-IP-Address} -> 192.168.10.212<br>(0)
auth_log : expand:
/var/log/radiusd/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
-> /var/log/radiusd/radacct/192.168.10.212/auth-detail-20121114<br>(0)
auth_log :
/var/log/radiusd/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
expands to /var/log/radiusd/radacct/192.168.10.212/auth-detail-20121114<br>(0) auth_log : expand: %t -> Wed Nov 14 17:30:30 2012<br>(0) [auth_log] = ok<br>(0) [mschap] = noop<br>(0) [digest] = noop<br>(0) suffix : No '@' in User-Name = "1901700000000653", looking up realm NULL<br>(0) suffix : No such realm "NULL"<br>(0) [suffix] = noop<br>rlm_sim_files: authorized user/imsi 1901700000000653<br>rlm_sim_files: Adding EAP-Type: eap-sim<br>(0) [sim_files] = ok<br>(0) eap : EAP packet type response id 1 length 21<br>(0) eap : EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize<br>(0) [eap] = ok<br>(0) Found Auth-Type = EAP<br>(0) # Executing group from file /usr/local/etc/raddb/sites-enabled/default<br>(0) group authenticate {<br>(0) - entering group authenticate {...}<br>(0) eap : EAP Identity<br>(0) eap : processing type sim<br>(0) eap : Underlying EAP-Type set EAP ID to 38<br>(0) [eap] = handled<br>Sending Access-Challenge of id 63 to 192.168.10.212 port 34456<br> EAP-Message = 0x01260014120a00000f0200020001000011010100<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0x5b17c53a5b31d7c6686a4d2738ee4ab7<br>(0) Finished request 0.<br>Waking up in 0.3 seconds.<br>rad_recv: Access-Request packet from host 192.168.10.212 port 57441, id=64, length=267<br> Service-Type = Framed-User<br> Framed-MTU = 1400<br> User-Name = "1901700000000653"<br> State = 0x5b17c53a5b31d7c6686a4d2738ee4ab7<br> NAS-Port-Id = "ap_hotspot"<br> NAS-Port-Type = Wireless-802.11<br> Acct-Session-Id = "82900026"<br> Acct-Multi-Session-Id = "00-0C-42-64-41-9D-00-16-6F-BB-2D-CE-82-90-00-00-00-00-00-26"<br> Calling-Station-Id = "00-16-6F-BB-2D-CE"<br> Called-Station-Id = "00-0C-42-64-41-9D:YANN"<br> EAP-Message = 0x02260020120a001b07050000a8605e360593e63583c864b6051046f410010001<br> Message-Authenticator = 0x0133a5fba265cea77256e0b429f11c02<br> NAS-Identifier = "MT_Yann"<br> NAS-IP-Address = 192.168.10.212<br>(1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default<br>(1) group authorize {<br>(1) - entering group authorize {...}<br>(1) [preprocess] = ok<br>(1) [chap] = noop<br>(1) auth_log : expand: %{Packet-Src-IP-Address} -> 192.168.10.212<br>(1)
auth_log : expand:
/var/log/radiusd/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
-> /var/log/radiusd/radacct/192.168.10.212/auth-detail-20121114<br>(1)
auth_log :
/var/log/radiusd/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
expands to /var/log/radiusd/radacct/192.168.10.212/auth-detail-20121114<br>(1) auth_log : expand: %t -> Wed Nov 14 17:30:30 2012<br>(1) [auth_log] = ok<br>(1) [mschap] = noop<br>(1) [digest] = noop<br>(1) suffix : No '@' in User-Name = "1901700000000653", looking up realm NULL<br>(1) suffix : No such realm "NULL"<br>(1) [suffix] = noop<br>rlm_sim_files: authorized user/imsi 1901700000000653<br>rlm_sim_files: Adding EAP-Type: eap-sim<br>(1) [sim_files] = ok<br>(1) eap : EAP packet type response id 38 length 32<br>(1) eap : No EAP Start, assuming it's an on-going EAP conversation<br>(1) [eap] = updated<br>(1) [files] = noop<br>(1) [expiration] = noop<br>(1) [logintime] = noop<br>(1) pap : WARNING! No "known good" password found for the user. Authentication may fail because of this.<br>(1) [pap] = noop<br>(1) Found Auth-Type = EAP<br>(1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default<br>(1) group authenticate {<br>(1) - entering group authenticate {...}<br>(1) eap : Request found, released from the list<br>(1) eap : EAP/sim<br>(1) eap : processing type sim<br>+++> EAP-sim decoded packet:<br> Service-Type = Framed-User<br> Framed-MTU = 1400<br> User-Name = "1901700000000653"<br> State = 0x5b17c53a5b31d7c6686a4d2738ee4ab7<br> NAS-Port-Id = "ap_hotspot"<br> NAS-Port-Type = Wireless-802.11<br> Acct-Session-Id = "82900026"<br> Acct-Multi-Session-Id = "00-0C-42-64-41-9D-00-16-6F-BB-2D-CE-82-90-00-00-00-00-00-26"<br> Calling-Station-Id = "00-16-6F-BB-2D-CE"<br> Called-Station-Id = "00-0C-42-64-41-9D:YANN"<br> EAP-Message = 0x02260020120a001b07050000a8605e360593e63583c864b6051046f410010001<br> Message-Authenticator = 0x0133a5fba265cea77256e0b429f11c02<br> NAS-Identifier = "MT_Yann"<br> NAS-IP-Address = 192.168.10.212<br> EAP-Type = SIM<br> EAP-Sim-Subtype = Start<br> EAP-Sim-NONCE_MT = 0x0000a8605e360593e63583c864b6051046f4<br> EAP-Sim-SELECTED_VERSION = 0x0001<br>(1) eap : Underlying EAP-Type set EAP ID to 39<br>(1) [eap] = handled<br>Sending Access-Challenge of id 64 to 192.168.10.212 port 57441<br>
EAP-Message =
0x01270050120b0000010d0000db1f1a922a6044b1ac9193596d34b701a20fd51626bd4f24b91755d927101729eeb85a0437da4ea4ab99cfbc1c439ce40b05000016397dc340ea5e69ab39925507ad8438<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0x5b17c53a5a30d7c6686a4d2738ee4ab7<br>(1) Finished request 1.<br>Waking up in 0.2 seconds.<br>rad_recv: Access-Request packet from host 192.168.10.212 port 36917, id=65, length=263<br> Service-Type = Framed-User<br> Framed-MTU = 1400<br> User-Name = "1901700000000653"<br> State = 0x5b17c53a5a30d7c6686a4d2738ee4ab7<br> NAS-Port-Id = "ap_hotspot"<br> NAS-Port-Type = Wireless-802.11<br> Acct-Session-Id = "82900026"<br> Acct-Multi-Session-Id = "00-0C-42-64-41-9D-00-16-6F-BB-2D-CE-82-90-00-00-00-00-00-26"<br> Calling-Station-Id = "00-16-6F-BB-2D-CE"<br> Called-Station-Id = "00-0C-42-64-41-9D:YANN"<br> EAP-Message = 0x0227001c120b00170b0500007f86aeaeded71ccd418687567f8f8eb3<br> Message-Authenticator = 0xf263cce3cc9890197ca080b7f4629af2<br> NAS-Identifier = "MT_Yann"<br> NAS-IP-Address = 192.168.10.212<br>(2) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default<br>(2) group authorize {<br>(2) - entering group authorize {...}<br>(2) [preprocess] = ok<br>(2) [chap] = noop<br>(2) auth_log : expand: %{Packet-Src-IP-Address} -> 192.168.10.212<br>(2)
auth_log : expand:
/var/log/radiusd/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
-> /var/log/radiusd/radacct/192.168.10.212/auth-detail-20121114<br>(2)
auth_log :
/var/log/radiusd/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
expands to /var/log/radiusd/radacct/192.168.10.212/auth-detail-20121114<br>(2) auth_log : expand: %t -> Wed Nov 14 17:30:30 2012<br>(2) [auth_log] = ok<br>(2) [mschap] = noop<br>(2) [digest] = noop<br>(2) suffix : No '@' in User-Name = "1901700000000653", looking up realm NULL<br>(2) suffix : No such realm "NULL"<br>(2) [suffix] = noop<br>rlm_sim_files: authorized user/imsi 1901700000000653<br>rlm_sim_files: Adding EAP-Type: eap-sim<br>(2) [sim_files] = ok<br>(2) eap : EAP packet type response id 39 length 28<br>(2) eap : No EAP Start, assuming it's an on-going EAP conversation<br>(2) [eap] = updated<br>(2) [files] = noop<br>(2) [expiration] = noop<br>(2) [logintime] = noop<br>(2) pap : WARNING! No "known good" password found for the user. Authentication may fail because of this.<br>(2) [pap] = noop<br>(2) Found Auth-Type = EAP<br>(2) # Executing group from file /usr/local/etc/raddb/sites-enabled/default<br>(2) group authenticate {<br>(2) - entering group authenticate {...}<br>(2) eap : Request found, released from the list<br>(2) eap : EAP/sim<br>(2) eap : processing type sim<br><font style="" color="#FF0000">calculated MAC (05248e0d_917db8e0_55e8b312_b489d982_20c54ef4) did not match</font><font style="" color="#FF0000"><br></font><font style="" color="#FF0000">(2) eap : Handler failed in EAP/sim</font><font style="" color="#FF0000"><br></font><font style="" color="#FF0000">(2) eap : Failed in EAP select</font><font style="" color="#FF0000"><br></font><font style="" color="#FF0000">(2) [eap] = invalid</font><font style="" color="#FF0000"><br></font><font style="" color="#FF0000">(2) Failed to authenticate the user.</font><br>(2) Using Post-Auth-Type Reject<br>(2) # Executing group from file /usr/local/etc/raddb/sites-enabled/default<br>(2) group REJECT {<br>(2) - entering group REJECT {...}<br>(2) attr_filter.access_reject : expand: %{User-Name} -> 1901700000000653<br>(2) attr_filter.access_reject : Matched entry DEFAULT at line 11<br>(2) [attr_filter.access_reject] = updated<br>(2) Finished request 2.<br>Waking up in 0.2 seconds.<br>rad_recv: Access-Request packet from host 192.168.10.212 port 36917, id=65, length=263<br>Discarding duplicate request from client bipsbk port 36917 - ID: 65 due to unfinished request 2<br>Waking up in 0.6 seconds.<br>rad_recv: Access-Request packet from host 192.168.10.212 port 36917, id=65, length=263<br>Discarding duplicate request from client bipsbk port 36917 - ID: 65 due to delayed reject 2<br>Waking up in 0.4 seconds.<br>(2) Sending delayed reject<br><font style="" color="#FF0000">Sending Access-Reject of id 65 to 192.168.10.212 port 36917</font><font style="" color="#FF0000"><br></font><font style="" color="#FF0000"> EAP-Message = 0x04270004</font><br> Message-Authenticator = 0x00000000000000000000000000000000<br>Waking up in 3.9 seconds.<br><br>Has
anyone an idea why the MAC not matches although Client and Server are
using the same algorithm version (Version 1 mentioned in AT_VERSION_LIST
from Server and in AT_SELECTED_VERSION from client) ?<br><br>Best regards<br><br>Yann </div></body>
</html>