problem with MD5 EAP Radius

dongyining dongyining_seu at yahoo.com.cn
Tue Sep 27 03:11:53 CEST 2005


hi all,
I wanted to make an AP with MD5 eap auths on the linux kernel 2.4.20,hostapd 
0.4.2,madwifi 20050629,chip 5212.I have execessed in the wpa-psk mode.But when 
I tried the MD5 and Radius,the user can't pass the authorization.I didn't know 
where is the mistake.I hoped to find the same cases in the internet,but 
nothing found.
I hope some one can help me,any suggestion will be greatly appreicated

here is the DEBUG message:
IEEE 802.1X: 5 bytes from 00:0c:41:c2:2f:7a
   IEEE 802.1X: version=1 type=1 length=0
   ignoring 1 extra octets after IEEE 802.1X packet
ath0: STA 00:0c:41:c2:2f:7a IEEE 802.1X: received EAPOL-Start from STA
ath0: STA 00:0c:41:c2:2f:7a WPA: event 5 notification
WPA: 00:0c:41:c2:2f:7a WPA_PTK entering state AUTHENTICATION2
IEEE 802.1X: 00:0c:41:c2:2f:7a AUTH_PAE entering state ABORTING
IEEE 802.1X: 00:0c:41:c2:2f:7a BE_AUTH entering state INITIALIZE
ath0: STA 00:0c:41:c2:2f:7a IEEE 802.1X: aborting authentication
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a AUTH_PAE entering state RESTART
IEEE 802.1X: Integrated EAP server in use - do not generate EAP-
Request/IdentityIEEE 802.1X: 00:0c:41:c2:2f:7a BE_AUTH entering state IDLE
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state SELECT_ACTION
EAP: getDecision: no identity known yet -> CONTINUE
EAP: EAP entering state PROPOSE_METHOD
EAP: getNextMethod: type 1
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 41
EAP: EAP entering state SEND_REQUEST
EAP: eapReqData -> EAPOL - hexdump(len=10): 01 29 00 0a 01 68 65 6c 6c 6f
EAP: EAP entering state IDLE
IEEE 802.1X: 00:0c:41:c2:2f:7a AUTH_PAE entering state CONNECTING
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a AUTH_PAE entering state DISCONNECTED
ath0: STA 00:0c:41:c2:2f:7a IEEE 802.1X: unauthorizing port
madwifi_set_sta_authorized: addr=00:0c:41:c2:2f:7a authorized=0
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a AUTH_PAE entering state RESTART
IEEE 802.1X: Integrated EAP server in use - do not generate EAP-
Request/IdentityIEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state 
INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state SELECT_ACTION
EAP: getDecision: no identity known yet -> CONTINUE
EAP: EAP entering state PROPOSE_METHOD
EAP: getNextMethod: type 1
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 205
EAP: EAP entering state SEND_REQUEST
EAP: eapReqData -> EAPOL - hexdump(len=10): 01 cd 00 0a 01 68 65 6c 6c 6f
EAP: EAP entering state IDLE
IEEE 802.1X: 00:0c:41:c2:2f:7a AUTH_PAE entering state CONNECTING
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a AUTH_PAE entering state AUTHENTICATING
IEEE 802.1X: 00:0c:41:c2:2f:7a BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:0c:41:c2:2f:7a (identifier 205)
TX EAPOL - hexdump(len=28): 00 0c 41 c2 2f 7a 00 02 c7 23 6d 3e 88 8e 02 00 00 
fIEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a Port Timers TICK (timers: 0 0 3599)
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a Port Timers TICK (timers: 0 0 3599)
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a Port Timers TICK (timers: 0 0 3599)
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a Port Timers TICK (timers: 0 0 3599)
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a Port Timers TICK (timers: 0 0 3599)
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a Port Timers TICK (timers: 0 0 3599)
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a Port Timers TICK (timers: 0 0 3599)
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a Port Timers TICK (timers: 0 0 3599)
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a Port Timers TICK (timers: 0 0 3599)
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a Port Timers TICK (timers: 0 0 3599)
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a Port Timers TICK (timers: 0 0 3599)
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a Port Timers TICK (timers: 0 0 3599)
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a Port Timers TICK (timers: 0 0 3599)
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
Wireless event: cmd=0x8c04 len=20
ath0: STA 00:0c:41:c2:2f:7a IEEE 802.11: deassociated
ath0: STA 00:0c:41:c2:2f:7a WPA: event 2 notification
madwifi_del_key: addr=00:0c:41:c2:2f:7a key_idx=0
ioctl[IEEE80211_IOCTL_DELKEY]: Invalid argument
WPA: 00:0c:41:c2:2f:7a WPA_PTK entering state DISCONNECTED
WPA: 00:0c:41:c2:2f:7a WPA_PTK entering state INITIALIZE
madwifi_del_key: addr=00:0c:41:c2:2f:7a key_idx=0
ioctl[IEEE80211_IOCTL_DELKEY]: Invalid argument
IEEE 802.1X: station 00:0c:41:c2:2f:7a port disabled
IEEE 802.1X: 00:0c:41:c2:2f:7a AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a KEY_RX entering state NO_KEY_RECEIVE
IEEE 802.1X: 00:0c:41:c2:2f:7a AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a KEY_RX entering state NO_KEY_RECEIVE
EAP: EAP entering state DISABLED
IEEE 802.1X: 00:0c:41:c2:2f:7a AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a KEY_RX entering state NO_KEY_RECEIVE
EAP: State machine removed
Wireless event: cmd=0x8c03 len=20
ath0: STA 00:0c:41:c2:2f:7a IEEE 802.11: associated
  New STA
ath0: STA 00:0c:41:c2:2f:7a WPA: event 1 notification
ath0: STA 00:0c:41:c2:2f:7a IEEE 802.1X: start authentication
EAP: State machine created
IEEE 802.1X: 00:0c:41:c2:2f:7a AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a BE_AUTH entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a AUTH_KEY_TX entering state NO_KEY_TRANSMIT
IEEE 802.1X: 00:0c:41:c2:2f:7a KEY_RX entering state NO_KEY_RECEIVE
IEEE 802.1X: 00:0c:41:c2:2f:7a CTRL_DIR entering state IN_OR_BOTH
IEEE 802.1X: 00:0c:41:c2:2f:7a AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a BE_AUTH entering state IDLE
IEEE 802.1X: 00:0c:41:c2:2f:7a KEY_RX entering state NO_KEY_RECEIVE
IEEE 802.1X: 00:0c:41:c2:2f:7a CTRL_DIR entering state FORCE_BOTH
IEEE 802.1X: 00:0c:41:c2:2f:7a AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a KEY_RX entering state NO_KEY_RECEIVE
ath0: STA 00:0c:41:c2:2f:7a WPA: start authentication
WPA: 00:0c:41:c2:2f:7a WPA_PTK entering state INITIALIZE
madwifi_del_key: addr=00:0c:41:c2:2f:7a key_idx=0
WPA: 00:0c:41:c2:2f:7a WPA_PTK_GROUP entering state IDLE
WPA: 00:0c:41:c2:2f:7a WPA_PTK entering state AUTHENTICATION
WPA: 00:0c:41:c2:2f:7a WPA_PTK entering state AUTHENTICATION2
IEEE 802.1X: 5 bytes from 00:0c:41:c2:2f:7a
   IEEE 802.1X: version=1 type=1 length=0
   ignoring 1 extra octets after IEEE 802.1X packet
ath0: STA 00:0c:41:c2:2f:7a IEEE 802.1X: received EAPOL-Start from STA
ath0: STA 00:0c:41:c2:2f:7a WPA: event 5 notification
WPA: 00:0c:41:c2:2f:7a WPA_PTK entering state AUTHENTICATION2
IEEE 802.1X: 00:0c:41:c2:2f:7a AUTH_PAE entering state DISCONNECTED
ath0: STA 00:0c:41:c2:2f:7a IEEE 802.1X: unauthorizing port
madwifi_set_sta_authorized: addr=00:0c:41:c2:2f:7a authorized=0
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a AUTH_PAE entering state RESTART
IEEE 802.1X: Integrated EAP server in use - do not generate EAP-
Request/IdentityIEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state 
INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state SELECT_ACTION
EAP: getDecision: no identity known yet -> CONTINUE
EAP: EAP entering state PROPOSE_METHOD
EAP: getNextMethod: type 1
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 186
EAP: EAP entering state SEND_REQUEST
EAP: eapReqData -> EAPOL - hexdump(len=10): 01 ba 00 0a 01 68 65 6c 6c 6f
EAP: EAP entering state IDLE
IEEE 802.1X: 00:0c:41:c2:2f:7a AUTH_PAE entering state CONNECTING
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a AUTH_PAE entering state AUTHENTICATING
IEEE 802.1X: 00:0c:41:c2:2f:7a BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:0c:41:c2:2f:7a (identifier 186)
TX EAPOL - hexdump(len=28): 00 0c 41 c2 2f 7a 00 02 c7 23 6d 3e 88 8e 02 00 00 
fIEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a Port Timers TICK (timers: 0 0 3599)
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a Port Timers TICK (timers: 0 0 3599)
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0c:41:c2:2f:7a Port Timers TICK (timers: 0 0 3599)
IEEE 802.1X: 00:0c:41:c2:2f:7a REAUTH_TIMER entering state INITIALIZE
.......

here is the hostapd.conf
interface=ath0
driver=madwifi
logger_syslog=-1
logger_syslog_level=2
logger_stdout=-1
logger_stdout_level=2
debug=4
dump_file=/tmp/hostapd.dump
ssid=dongyining
macaddr_acl=2
accept_mac_file=/etc/hostapd.accept
deny_mac_file=/etc/hostapd.deny
auth_algs=1
ieee8021x=1
eapol_key_index_workaround=1
eap_reauth_period=3600
eap_server=1
eap_user_file=/etc/hostapd.eap_user
own_ip_addr=192.168.1.1
auth_server_addr=192.168.1.1
auth_server_port=1812
auth_server_shared_secret=secret
radius_retry_primary_interval=600
radius_acct_interim_interval=600
radius_server_clients=/etc/hostapd.radius_clients
radius_server_auth_port=1812
wpa=3
wpa_passphrase=dongyining
wpa_key_mgmt=WPA-PSK WPA-EAP
wpa_pairwise=TKIP CCMP	
wpa_group_rekey=600
wpa_strict_rekey=1
wpa_gmk_rekey=86400
rsn_preauth=1

here is the hostapd.eap_user
# Phase 1 users
"FORD"		MD5     "secret"






More information about the Freeradius-Users mailing list