i changed user file and now what i am getting is: on client or supplicant side EAP FAILURE :-( response: No keys have been configured - skip key clearing wpa_driver_wext_set_drop_unencrypted State: DISCONNECTED -> ASSOCIATING wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT) WEXT: Operstate: linkmode=-1, operstate=5 wpa_driver_wext_associate Setting authentication timeout: 10 sec 0 usec EAPOL: External notification - portControl=Auto RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP]) Wireless event: cmd=0x8b06 len=8 RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP]) Wireless event: cmd=0x8b04 len=12 RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP]) Wireless event: cmd=0x8b1a len=14 RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP]) Wireless event: cmd=0x8b15 len=20 Wireless event: new AP: 00:03:7f:09:60:a0 State: ASSOCIATING -> ASSOCIATED wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT) WEXT: Operstate: linkmode=-1, operstate=5 Associated to a new BSS: BSSID=00:03:7f:09:60:a0 No keys have been configured - skip key clearing Associated with 00:03:7f:09:60:a0 WPA: Association event - clear replay counter EAPOL: External notification - portEnabled=0 EAPOL: External notification - portValid=0 EAPOL: External notification - portEnabled=1 EAPOL: SUPP_PAE entering state CONNECTING EAPOL: SUPP_BE entering state IDLE EAP: EAP entering state INITIALIZE EAP: deinitialize previously used EAP method (4, MD5) at INITIALIZE EAP: EAP entering state IDLE Setting authentication timeout: 10 sec 0 usec Cancelling scan request RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP]) RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added RX EAPOL from 00:03:7f:09:60:a0 RX EAPOL - hexdump(len=9): 01 00 00 05 01 00 00 05 01 Setting authentication timeout: 70 sec 0 usec EAPOL: Received EAP-Packet frame EAPOL: SUPP_PAE entering state RESTART EAP: EAP entering state INITIALIZE EAP: EAP entering state IDLE EAPOL: SUPP_PAE entering state AUTHENTICATING EAPOL: SUPP_BE entering state REQUEST EAPOL: getSuppRsp EAP: EAP entering state RECEIVED EAP: Received EAP-Request id=0 method=1 vendor=0 vendorMethod=0 EAP: EAP entering state IDENTITY CTRL-EVENT-EAP-STARTED EAP authentication started EAP: EAP-Request Identity data - hexdump_ascii(len=0): EAP: using real identity - hexdump_ascii(len=8): 74 65 73 74 75 73 65 72 testuser EAP: EAP entering state SEND_RESPONSE EAP: EAP entering state IDLE EAPOL: SUPP_BE entering state RESPONSE EAPOL: txSuppRsp TX EAPOL - hexdump(len=17): 01 00 00 0d 02 00 00 0d 01 74 65 73 74 75 73 65 72 EAPOL: SUPP_BE entering state RECEIVE RX EAPOL from 00:03:7f:09:60:a0 RX EAPOL - hexdump(len=26): 01 00 00 16 01 01 00 16 04 10 12 e6 77 bb e2 c5 16 59 16 f3 d7 ed 57 79 14 9d EAPOL: Received EAP-Packet frame EAPOL: SUPP_BE entering state REQUEST EAPOL: getSuppRsp EAP: EAP entering state RECEIVED EAP: Received EAP-Request id=1 method=4 vendor=0 vendorMethod=0 EAP: EAP entering state GET_METHOD EAP: Initialize selected EAP method: vendor 0 method 4 (MD5) CTRL-EVENT-EAP-METHOD EAP vendor 0 method 4 (MD5) selected EAP: EAP entering state METHOD EAP-MD5: Challenge - hexdump(len=16): 12 e6 77 bb e2 c5 16 59 16 f3 d7 ed 57 79 14 9d EAP-MD5: Generating Challenge Response EAP-MD5: Response - hexdump(len=16): 8c 3f 26 07 9d 3a ad b5 37 fb 5a 61 8e a9 c9 04 EAP: method process -> ignore=FALSE methodState=DONE decision=UNCOND_SUCC EAP: EAP entering state SEND_RESPONSE EAP: EAP entering state IDLE EAPOL: SUPP_BE entering state RESPONSE EAPOL: txSuppRsp TX EAPOL - hexdump(len=26): 01 00 00 16 02 01 00 16 04 10 8c 3f 26 07 9d 3a ad b5 37 fb 5a 61 8e a9 c9 04 EAPOL: SUPP_BE entering state RECEIVE RX EAPOL from 00:03:7f:09:60:a0 RX EAPOL - hexdump(len=8): 01 00 00 04 04 01 00 04 EAPOL: Received EAP-Packet frame EAPOL: SUPP_BE entering state REQUEST EAPOL: getSuppRsp EAP: EAP entering state RECEIVED EAP: Received EAP-Failure EAP: EAP entering state DISCARD EAP: EAP entering state IDLE EAPOL: SUPP_BE entering state RECEIVE EAPOL: startWhen --> 0 EAPOL: authWhile --> 0 EAPOL: SUPP_BE entering state TIMEOUT EAPOL: SUPP_PAE entering state CONNECTING EAPOL: SUPP_BE entering state IDLE RX EAPOL from 00:03:7f:09:60:a0 RX EAPOL - hexdump(len=9): 01 00 00 05 01 02 00 05 01 EAPOL: Received EAP-Packet frame EAPOL: SUPP_PAE entering state RESTART EAP: EAP entering state INITIALIZE EAP: deinitialize previously used EAP method (4, MD5) at INITIALIZE EAP: EAP entering state IDLE EAPOL: SUPP_PAE entering state AUTHENTICATING EAPOL: SUPP_BE entering state REQUEST EAPOL: getSuppRsp EAP: EAP entering state RECEIVED EAP: Received EAP-Request id=2 method=1 vendor=0 vendorMethod=0 EAP: EAP entering state IDENTITY CTRL-EVENT-EAP-STARTED EAP authentication started EAP: EAP-Request Identity data - hexdump_ascii(len=0): EAP: using real identity - hexdump_ascii(len=8): 74 65 73 74 75 73 65 72 testuser EAP: EAP entering state SEND_RESPONSE EAP: EAP entering state IDLE EAPOL: SUPP_BE entering state RESPONSE EAPOL: txSuppRsp TX EAPOL - hexdump(len=17): 01 00 00 0d 02 02 00 0d 01 74 65 73 74 75 73 65 72 EAPOL: SUPP_BE entering state RECEIVE RX EAPOL from 00:03:7f:09:60:a0 RX EAPOL - hexdump(len=26): 01 00 00 16 01 03 00 16 04 10 c2 73 c1 bc 8f 95 e1 3e 31 e0 67 5a b0 4e 4b b7 EAPOL: Received EAP-Packet frame EAPOL: SUPP_BE entering state REQUEST EAPOL: getSuppRsp EAP: EAP entering state RECEIVED EAP: Received EAP-Request id=3 method=4 vendor=0 vendorMethod=0 EAP: EAP entering state GET_METHOD EAP: Initialize selected EAP method: vendor 0 method 4 (MD5) CTRL-EVENT-EAP-METHOD EAP vendor 0 method 4 (MD5) selected EAP: EAP entering state METHOD EAP-MD5: Challenge - hexdump(len=16): c2 73 c1 bc 8f 95 e1 3e 31 e0 67 5a b0 4e 4b b7 EAP-MD5: Generating Challenge Response EAP-MD5: Response - hexdump(len=16): 7e fc ef e7 cd c7 3d 07 49 80 8a 43 11 10 3c d1 EAP: method process -> ignore=FALSE methodState=DONE decision=UNCOND_SUCC EAP: EAP entering state SEND_RESPONSE EAP: EAP entering state IDLE EAPOL: SUPP_BE entering state RESPONSE EAPOL: txSuppRsp TX EAPOL - hexdump(len=26): 01 00 00 16 02 03 00 16 04 10 7e fc ef e7 cd c7 3d 07 49 80 8a 43 11 10 3c d1 EAPOL: SUPP_BE entering state RECEIVE RX EAPOL from 00:03:7f:09:60:a0 RX EAPOL - hexdump(len=8): 01 00 00 04 04 03 00 04 EAPOL: Received EAP-Packet frame EAPOL: SUPP_BE entering state REQUEST EAPOL: getSuppRsp EAP: EAP entering state RECEIVED EAP: Received EAP-Failure EAP: EAP entering state DISCARD EAP: EAP entering state IDLE EAPOL: SUPP_BE entering state RECEIVE EAPOL: startWhen --> 0 EAPOL: authWhile --> 0 EAPOL: SUPP_BE entering state TIMEOUT EAPOL: SUPP_PAE entering state CONNECTING EAPOL: SUPP_BE entering state IDLE RX EAPOL from 00:03:7f:09:60:a0 RX EAPOL - hexdump(len=9): 01 00 00 05 01 04 00 05 01 EAPOL: Received EAP-Packet frame EAPOL: SUPP_PAE entering state RESTART EAP: EAP entering state INITIALIZE EAP: deinitialize previously used EAP method (4, MD5) at INITIALIZE EAP: EAP entering state IDLE EAPOL: SUPP_PAE entering state AUTHENTICATING EAPOL: SUPP_BE entering state REQUEST EAPOL: getSuppRsp EAP: EAP entering state RECEIVED EAP: Received EAP-Request id=4 method=1 vendor=0 vendorMethod=0 EAP: EAP entering state IDENTITY CTRL-EVENT-EAP-STARTED EAP authentication started EAP: EAP-Request Identity data - hexdump_ascii(len=0): EAP: using real identity - hexdump_ascii(len=8): 74 65 73 74 75 73 65 72 testuser EAP: EAP entering state SEND_RESPONSE EAP: EAP entering state IDLE EAPOL: SUPP_BE entering state RESPONSE EAPOL: txSuppRsp TX EAPOL - hexdump(len=17): 01 00 00 0d 02 04 00 0d 01 74 65 73 74 75 73 65 72 EAPOL: SUPP_BE entering state RECEIVE RX EAPOL from 00:03:7f:09:60:a0 RX EAPOL - hexdump(len=26): 01 00 00 16 01 05 00 16 04 10 01 2d 73 38 fb 62 76 d1 6f bd 47 50 9e bd 9f 21 EAPOL: Received EAP-Packet frame EAPOL: SUPP_BE entering state REQUEST EAPOL: getSuppRsp EAP: EAP entering state RECEIVED EAP: Received EAP-Request id=5 method=4 vendor=0 vendorMethod=0 EAP: EAP entering state GET_METHOD EAP: Initialize selected EAP method: vendor 0 method 4 (MD5) CTRL-EVENT-EAP-METHOD EAP vendor 0 method 4 (MD5) selected EAP: EAP entering state METHOD EAP-MD5: Challenge - hexdump(len=16): 01 2d 73 38 fb 62 76 d1 6f bd 47 50 9e bd 9f 21 EAP-MD5: Generating Challenge Response EAP-MD5: Response - hexdump(len=16): af 0f d8 8c b5 ef 19 2d ac 34 15 84 20 21 6c 2e EAP: method process -> ignore=FALSE methodState=DONE decision=UNCOND_SUCC EAP: EAP entering state SEND_RESPONSE EAP: EAP entering state IDLE EAPOL: SUPP_BE entering state RESPONSE EAPOL: txSuppRsp TX EAPOL - hexdump(len=26): 01 00 00 16 02 05 00 16 04 10 af 0f d8 8c b5 ef 19 2d ac 34 15 84 20 21 6c 2e EAPOL: SUPP_BE entering state RECEIVE RX EAPOL from 00:03:7f:09:60:a0 RX EAPOL - hexdump(len=8): 01 00 00 04 04 05 00 04 EAPOL: Received EAP-Packet frame EAPOL: SUPP_BE entering state REQUEST EAPOL: getSuppRsp EAP: EAP entering state RECEIVED EAP: Received EAP-Failure EAP: EAP entering state DISCARD EAP: EAP entering state IDLE EAPOL: SUPP_BE entering state RECEIVE EAPOL: startWhen --> 0 Authentication with 00:03:7f:09:60:a0 timed out. Added BSSID 00:03:7f:09:60:a0 into blacklist State: ASSOCIATED -> DISCONNECTED it is getting an EAP-FAILURE and disconnected!!!!! on server side i am getting::- rad_recv: Access-Request packet from host 192.168.2.182:1028, id=1, length=177 Message-Authenticator = 0x4dbd919a94aef63f5f7c98a53564e16a Service-Type = Framed-User User-Name = "testuser" Framed-MTU = 1488 Called-Station-Id = "00-03-7F-09-60-A0:ATH182" Calling-Station-Id = "00-03-7F-05-C0-9C" NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 54Mbps 802.11g" EAP-Message = 0x0201000d017465737475736572 NAS-IP-Address = 192.168.2.182 NAS-Port = 1 NAS-Port-Id = "STA port # 1" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "testuser", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: EAP packet type response id 1 length 13 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 0 users: Matched entry testuser at line 155 modcall[authorize]: module "files" returns ok for request 0 rlm_pap: Found existing Auth-Type, not changing it. modcall[authorize]: module "pap" returns noop for request 0 modcall: leaving group authorize (returns updated) for request 0 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 rlm_eap: EAP Identity rlm_eap: processing type md5 rlm_eap_md5: Issuing Challenge modcall[authenticate]: module "eap" returns handled for request 0 modcall: leaving group authenticate (returns handled) for request 0 Sending Access-Challenge of id 1 to 192.168.2.182 port 1028 EAP-Message = 0x0102001604100cb0085e760ad18f68b23c2841499fbc Message-Authenticator = 0x00000000000000000000000000000000 State = 0x7896162694484bb6e2351d3dd2fe9be6 Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.2.182:1028, id=2, length=204 Message-Authenticator = 0x85fab68d100d5316c3033ba5faeaacc1 Service-Type = Framed-User User-Name = "testuser" Framed-MTU = 1488 State = 0x7896162694484bb6e2351d3dd2fe9be6 Called-Station-Id = "00-03-7F-09-60-A0:ATH182" Calling-Station-Id = "00-03-7F-05-C0-9C" NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 54Mbps 802.11g" EAP-Message = 0x02020016041090f6880a694790dad2ff127e5e3841aa NAS-IP-Address = 192.168.2.182 NAS-Port = 1 NAS-Port-Id = "STA port # 1" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 1 modcall[authorize]: module "preprocess" returns ok for request 1 modcall[authorize]: module "chap" returns noop for request 1 modcall[authorize]: module "mschap" returns noop for request 1 rlm_realm: No '@' in User-Name = "testuser", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 1 rlm_eap: EAP packet type response id 2 length 22 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 1 users: Matched entry testuser at line 155 modcall[authorize]: module "files" returns ok for request 1 rlm_pap: Found existing Auth-Type, not changing it. modcall[authorize]: module "pap" returns noop for request 1 modcall: leaving group authorize (returns updated) for request 1 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 1 rlm_eap: Request found, released from the list rlm_eap: EAP/md5 rlm_eap: processing type md5 rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns ok for request 1 modcall: leaving group authenticate (returns ok) for request 1 Sending Access-Accept of id 2 to 192.168.2.182 port 1028 EAP-Message = 0x03020004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = "testuser" Finished request 1 Going to the next request Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 1 with timestamp 465d506e Cleaning up request 1 ID 2 with timestamp 465d506e Nothing to do. Sleeping until we see a request. it is sending ACCESS ACCEPT but no access reject or failure!!!! and when i try to check AP statistics from server it is showing an entry for AUTHENTICATION FAILURE!!!!!!! sorry for disturbing u again n again but can u help me out???? please!! shantanu tnt@kalik.co.yu wrote: Your request is accepted but you are picking up an IP adress of 255.255.255.254 from the DEFAULT entry in users file for Service-Type Framed-User. Assign a proper IP address or address pool in your user configuration. And put the user before DEFAULT entries. Ivan Kalik Kalik Informatika ISP ---snip ---
users: Matched entry DEFAULT at line 153 users: Matched entry DEFAULT at line 172 users: Matched entry testuser at line 216 --- snip --- Sending Access-Accept of id 1 to 192.168.2.183 port 1079 Framed-IP-Address = 255.255.255.254 Framed-MTU = 576 Service-Type = Framed-User EAP-Message = 0x03010004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = "testuser" Finished request 1 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 1 ID 1 with timestamp 465abee0 Nothing to do. Sleeping until we see a request.
can any one help me out it is really important and urgent. if u need i will also tell u my radius.conf, eap.conf and users file!! thank you regards shantanu
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html --------------------------------- Download prohibited? No problem! CHAT from any browser, without download.