help
c k
malicious_male_20 at yahoo.com
Wed Aug 2 15:07:16 CEST 2006
Hi friends,
I want to deploy freeradius authentication in my wireless lan.
I m using EAP-TLS with Windows XP SP2 inbuilt supplicant.
Everything works fine till the freeradius server and hostapd is initialized.But then i think authentication fails.It shows a list of "REAUTH_TIMER entering state INITIALIZE" message.For more details i m pasting he hostapd output.Plz help.
hostapd -dd hostapd.conf
Configuration file: hostapd.conf
ctrl_interface_group=0
madwifi_set_iface_flags: dev_up=0
Using interface ath0 with hwaddr 00:15:6d:50:02:53 and ssid 'Havanet-EDS'
ath0: RADIUS Authentication server 192.168.2.224:1812
ath0: RADIUS Accounting server 192.168.2.224:1813
madwifi_set_ieee8021x: enabled=1
madwifi_configure_wpa: group key cipher=1
madwifi_configure_wpa: pairwise key ciphers=0xa
madwifi_configure_wpa: key management algorithms=0x1
madwifi_configure_wpa: rsn capabilities=0x0
madwifi_configure_wpa: enable WPA= 0x1
madwifi_set_iface_flags: dev_up=1
WPA: group state machine entering state GTK_INIT
GMK - hexdump(len=32): [REMOVED]
GTK - hexdump(len=32): [REMOVED]
WPA: group state machine entering state SETKEYSDONE
madwifi_set_key: alg=TKIP addr=00:00:00:00:00:00 key_idx=1
madwifi_set_privacy: enabled=1
ath0: RADIUS Sending RADIUS message to accounting server
ath0: RADIUS Next RADIUS client retransmit in 3 seconds
SIOCGIWRANGE: WE(compiled)=19 WE(source)=13 enc_capa=0xf
Flushing old station entries
madwifi_sta_deauth: addr=ff:ff:ff:ff:ff:ff reason_code=3
Deauthenticate all stations
l2_packet_receive - recvfrom: Network is down
Wireless event: cmd=0x8c03 len=20
ath0: STA 00:16:b6:99:81:13 IEEE 802.11: associated
New STA
ath0: STA 00:16:b6:99:81:13 WPA: event 1 notification
madwifi_del_key: addr=00:16:b6:99:81:13 key_idx=0
ath0: STA 00:16:b6:99:81:13 IEEE 802.1X: start authentication
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 BE_AUTH entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_KEY_TX entering state NO_KEY_TRANSMIT
IEEE 802.1X: 00:16:b6:99:81:13 KEY_RX entering state NO_KEY_RECEIVE
IEEE 802.1X: 00:16:b6:99:81:13 CTRL_DIR entering state IN_OR_BOTH
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 BE_AUTH entering state IDLE
IEEE 802.1X: 00:16:b6:99:81:13 KEY_RX entering state NO_KEY_RECEIVE
IEEE 802.1X: 00:16:b6:99:81:13 CTRL_DIR entering state FORCE_BOTH
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 KEY_RX entering state NO_KEY_RECEIVE
ath0: STA 00:16:b6:99:81:13 WPA: start authentication
WPA: 00:16:b6:99:81:13 WPA_PTK entering state INITIALIZE
madwifi_del_key: addr=00:16:b6:99:81:13 key_idx=0
WPA: 00:16:b6:99:81:13 WPA_PTK_GROUP entering state IDLE
WPA: 00:16:b6:99:81:13 WPA_PTK entering state AUTHENTICATION
WPA: 00:16:b6:99:81:13 WPA_PTK entering state AUTHENTICATION2
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_PAE entering state DISCONNECTED
ath0: STA 00:16:b6:99:81:13 IEEE 802.1X: unauthorizing port
madwifi_set_sta_authorized: addr=00:16:b6:99:81:13 authorized=0
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_PAE entering state RESTART
IEEE 802.1X: station 00:16:b6:99:81:13 - new auth session, clearing State
IEEE 802.1X: Generated EAP Request-Identity for 00:16:b6:99:81:13 (identifier 0, timeout 30)
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_PAE entering state CONNECTING
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_PAE entering state AUTHENTICATING
IEEE 802.1X: 00:16:b6:99:81:13 BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:16:b6:99:81:13 (identifier 0)
TX EAPOL - hexdump(len=42): 00 16 b6 99 81 13 00 15 6d 50 02 53 88 8e 01 00 00 18 01 00 00 18 01 57 65 6c 63 6f 6d 65 54 6f 48 61 76 61 6e 65 74 57 44 53
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 15 bytes from 00:16:b6:99:81:13
IEEE 802.1X: version=1 type=0 length=11
EAP: code=2 identifier=0 length=11 (response)
ath0: STA 00:16:b6:99:81:13 IEEE 802.1X: received EAP packet (code=2 id=0 len=11) from STA: EAP Response-Identity (1)
ath0: STA 00:16:b6:99:81:13 IEEE 802.1X: STA identity 'client'
IEEE 802.1X: 00:16:b6:99:81:13 BE_AUTH entering state RESPONSE
Encapsulating EAP message into a RADIUS packet
ath0: RADIUS Sending RADIUS message to authentication server
ath0: RADIUS Next RADIUS client retransmit in 0 seconds
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 5 bytes from 00:16:b6:99:81:13
IEEE 802.1X: version=1 type=1 length=0
ignoring 1 extra octets after IEEE 802.1X packet
ath0: STA 00:16:b6:99:81:13 IEEE 802.1X: received EAPOL-Start from STA
ath0: STA 00:16:b6:99:81:13 WPA: event 5 notification
WPA: 00:16:b6:99:81:13 WPA_PTK entering state AUTHENTICATION2
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_PAE entering state ABORTING
IEEE 802.1X: 00:16:b6:99:81:13 BE_AUTH entering state INITIALIZE
ath0: STA 00:16:b6:99:81:13 IEEE 802.1X: aborting authentication
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_PAE entering state RESTART
IEEE 802.1X: station 00:16:b6:99:81:13 - new auth session, clearing State
IEEE 802.1X: Generated EAP Request-Identity for 00:16:b6:99:81:13 (identifier 1, timeout 30)
IEEE 802.1X: 00:16:b6:99:81:13 BE_AUTH entering state IDLE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_PAE entering state CONNECTING
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_PAE entering state AUTHENTICATING
IEEE 802.1X: 00:16:b6:99:81:13 BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:16:b6:99:81:13 (identifier 1)
TX EAPOL - hexdump(len=42): 00 16 b6 99 81 13 00 15 6d 50 02 53 88 8e 01 00 00 18 01 01 00 18 01 57 65 6c 63 6f 6d 65 54 6f 48 61 76 61 6e 65 74 57 44 53
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 15 bytes from 00:16:b6:99:81:13
IEEE 802.1X: version=1 type=0 length=11
EAP: code=2 identifier=1 length=11 (response)
ath0: STA 00:16:b6:99:81:13 IEEE 802.1X: received EAP packet (code=2 id=1 len=11) from STA: EAP Response-Identity (1)
ath0: STA 00:16:b6:99:81:13 IEEE 802.1X: STA identity 'client'
IEEE 802.1X: 00:16:b6:99:81:13 BE_AUTH entering state RESPONSE
Encapsulating EAP message into a RADIUS packet
ath0: RADIUS Sending RADIUS message to authentication server
ath0: RADIUS Next RADIUS client retransmit in 0 seconds
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 15 bytes from 00:16:b6:99:81:13
IEEE 802.1X: version=1 type=0 length=11
EAP: code=2 identifier=0 length=11 (response)
ath0: STA 00:16:b6:99:81:13 IEEE 802.1X: EAP Identifier of the Response-Identity does not match (was 0, expected 1) - ignored
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 15 bytes from 00:16:b6:99:81:13
IEEE 802.1X: version=1 type=0 length=11
EAP: code=2 identifier=1 length=11 (response)
ath0: STA 00:16:b6:99:81:13 IEEE 802.1X: received EAP packet (code=2 id=1 len=11) from STA: EAP Response-Identity (1)
ath0: STA 00:16:b6:99:81:13 IEEE 802.1X: STA identity 'client'
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
ath0: STA 00:00:00:00:00:00 RADIUS: Resending RADIUS message (id=0)
ath0: RADIUS Next RADIUS client retransmit in 3 seconds
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
ath0: STA 00:16:b6:99:81:13 RADIUS: Resending RADIUS message (id=2)
ath0: STA 00:16:b6:99:81:13 RADIUS: Resending RADIUS message (id=1)
ath0: RADIUS Next RADIUS client retransmit in 3 seconds.
The authentication does not get successful and the wireless network notification icon on the windows XP side shows "validating" status for hours.
Plzzz help.
---------------------------------
How low will we go? Check out Yahoo! Messengers low PC-to-Phone call rates.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060802/3702daaa/attachment.html>
More information about the Freeradius-Users
mailing list