problems authenticating using madwifi, hostapd and freeradius

pelusa vali pelusitavali at hotmail.com
Thu Mar 2 01:03:09 CET 2006


hi everybody, well this is a quite large mail: i'm using debian sarge kernel 
2.6.13, openssl 0.9.8a, hostapd 0.5.1, freeradius 1.0.5, madwifi-ng-r1406, i 
want to use eap-tls in my wlan and over my own ap over linux. so i can 
install and configure all programs (except hostapd, so instead compile 
myself i installed it from .deb format), now i have my certificates and 
programs running but when try to connect a windows client it always stops in 
this state:"Trying to authenticate", and any more happen. i generate 
certificates using winxp extensions.

here is my madwifi configuration:

modprobe ath_pci
wlanconfig ath0 create wlandev wifi0 wlanmode ap
ifconfig ath0 up
/etc/init.d/networking restart
IPTABLES=/sbin/iptables
$IPTABLES -F -t nat
$IPTABLES -A POSTROUTING -t nat -o eth0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
/etc/init.d/dhcp restart
iwpriv ath0 mode 3
iwconfig ath0 essid MYWLAN
iwconfig ath0 channel 5
iwconfig ath0 bitrate 54M
iwconfig ath0 frag 512
iwconfig ath0 rts 250

and this is my hostapd.conf file:

interface=ath0
driver=madwifi
logger_syslog=-1
logger_syslog_level=2
logger_stdout=-1
logger_stdout_level=2
debug=3
ctrl_interface=/var/run/hostapd
ctrl_interface_group=0
ssid=MYWLAN
macaddr_acl=0
auth_algs=3
ieee8021x=1
eap_message=hello_clients
eapol_key_index_workaround=0
eap_reauth_period=3600
eap_server=0
auth_server_addr=192.168.50.1
auth_server_port=1812
auth_server_shared_secret=pupis
acct_server_addr=192.168.50.1
acct_server_port=1813
acct_server_shared_secret=pupis
wpa=1
wpa_key_mgmt=WPA-EAP
wpa_pairwise=TKIP
wpa_group_rekey=600
rsn_preauth=1

this is clients.conf in radius:

client 192.168.50.0/24 {
	secret = pupis
	shortname	= www.mymachine.com
}

users file:

"Administrador"	Auth-Type := EAP

eap.conf file:

tls {
			private_key_file = /root/miscerts/servidor.pem
			certificate_file = /root/miscerts/servidor.pem
			CA_file = /root/miscerts/cacert.pem
			dh_file = /root/miscerts/dh
			random_file = /root/miscerts/random
			fragment_size = 1024
			include_length = yes
			check_crl = yes
                        check_cert_cn = %{User-Name}
		}

and this is radiusd.conf file:

user = nobody
group = nobody
bind_address = *
port = 0



here you have an extract from freeradius messages:

Sending Access-Challenge of id 45 to 192.168.50.1:32770
        EAP-Message = 0x010c032f0d8000000325160301004a020000 
4603014405e74b513e9996de87211edb20c47f40dd002af273747f4f3744 
dc22b2a929204cc9d701379ab60764bf9571959b7cf99bf0a051b8079df5 
5ff610793318fc25000400160301025c0b0002580002550002523082024e 
308201b7a003020102020428022006300d06092a864886f70d0101050500 
305f310b3009060355040613024543311330110603550408130a4368696d 
626f72617a6f3111300f0603550407130852696f62616d6261310f300d06 
0355040a13064553504f4348311730150603550403130e7777772e61706d 
6167612e636f6d301e170d3036303232373135303735335a17
        EAP-Message = 0x0d3037303232373135303735335a305f310b 
3009060355040613024543311330110603550408130a4368696d626f7261 
7a6f3111300f0603550407130852696f62616d6261310f300d060355040a 
13064553504f4348311730150603550403130e7777772e61706d6167612e 
636f6d30819f300d06092a864886f70d010101050003818d003081890281 
8100b94ddf014e77cbcc5b23133a98b77090353f7b9fba6db33b2cd1510e 
8f8c8f533bcec923900dad61e3a0c02e04700c9c95856bdf7d559147a4af 
c8cb5c38d410178d9552d322aedcce46483f7dd761e7583b1e6d075cd107 
27c0941416b9accb097baaec90b46c04aef567ffd08c4acff6
        EAP-Message = 0x88252d81a766ce4e63d9a21c774d97020301 
0001a317301530130603551d25040c300a06082b06010505070301300d06 
092a864886f70d0101050500038181007f41e4ef50c1c77d450dee7b0b43 
72c3cb68163fec851512100ac72fc77d70a83fe87d93d1447842eb919bac 
6a0ad112b687550ad520f50e4651cfde1246343e6f458a1501de2e4018db 
fbb5658b9da522e6283e3d0ab083e8e344befc0628d3ec0245dc672333ac 
e70c8d44d0f1cfce9571c74a4ead43597c4567322e09954e16030100700d 
00006802010200630061305f310b30090603550406130245433113301106 
03550408130a4368696d626f72617a6f3111300f0603550407
        EAP-Message = 0x130852696f62616d6261310f300d06035504 
0a13064553504f4348311730150603550403130e7777772e61706d616761 
2e636f6d0e000000
        Message-Authenticator = 0x00000000000000000000000000 000000
        State = 0x1a0c83eb55ba1000a03c23980883a7aa
Finished request 54
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.50.1:32770 , id=46, 
length=176
        User-Name = "Administrador"
        NAS-IP-Address = 192.168.50.1
        NAS-Port = 0
        Called-Station-Id = "00-0F-66-11-C1-97:MYWLAN"
        Calling-Station-Id = "00-0F-66-11-C1-96"
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        Connect-Info = "CONNECT 11Mbps 802.11b"
        EAP-Message = 0x020c00060d00
        State = 0x1a0c83eb55ba1000a03c23980883a7aa
        Message-Authenticator = 0x27cc4322bbd111e4235b4675cb 9bbbc5
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 55
  modcall[authorize]: module "preprocess" returns ok for req uest 55
  modcall[authorize]: module "chap" returns noop for request  55
  modcall[authorize]: module "mschap" returns noop for reque st 55
    rlm_realm: No '@' in User-Name = "Administrador", lookin g up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for reque st 55
  rlm_eap: EAP packet type response id 12 length 6
  rlm_eap: No EAP Start, assuming it's an on-going EAP conve rsation
  modcall[authorize]: module "eap" returns updated for reque st 55
    users: Matched entry Administrador at line 97
  modcall[authorize]: module "files" returns ok for request 55
modcall: group authorize returns updated for request 55
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 55
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/tls
  rlm_eap: processing type tls
  rlm_eap_tls: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
  rlm_eap_tls: ack handshake fragment handler
  eaptls_verify returned 1
  eaptls_process returned 13
  modcall[authenticate]: module "eap" returns handled for re quest 55
modcall: group authenticate returns handled for request 55
Sending Access-Challenge of id 46 to 192.168.50.1:32770
        EAP-Message = 0x010d000a0d8000000000
        Message-Authenticator = 0x00000000000000000000000000 000000
        State = 0x683f2718a7a0a8cdcb646c2b11cb50d3
Finished request 55
Going to the next request
Waking up in 6 seconds...
rad_recv: Accounting-Request packet from host 192.168.50.1:3 2771, id=47, 
length=74
        Acct-Status-Type = Accounting-Off
        Acct-Authentic = RADIUS
        NAS-IP-Address = 192.168.50.1
        Called-Station-Id = "00-0F-66-11-C1-97:MYWLAN"
        Acct-Terminate-Cause = NAS-Reboot
  Processing the preacct section of radiusd.conf
modcall: entering group preacct for request 56
  modcall[preacct]: module "preprocess" returns noop for req uest 56
rlm_acct_unique: WARNING: Attribute NAS-Port was not found i n request, 
unique ID MAY be inconsistent
rlm_acct_unique: WARNING: Attribute Acct-Session-Id was not found in 
request, unique ID MAY be inconsistent
rlm_acct_unique: WARNING: Attribute User-Name was not found in request, 
unique ID MAY be inconsistent
rlm_acct_unique: Hashing ',Client-IP-Address = 192.168.50.1, NAS-IP-Address 
= 192.168.50.1,,'
rlm_acct_unique: Acct-Unique-Session-ID = "6ce5fd9afe1e7263" .
  modcall[preacct]: module "acct_unique" returns ok for requ est 56
    rlm_realm: Proxy reply, or no User-Name.  Ignoring.
  modcall[preacct]: module "suffix" returns noop for request  56
  modcall[preacct]: module "files" returns noop for request 56
modcall: group preacct returns ok for request 56
  Processing the accounting section of radiusd.conf
modcall: entering group accounting for request 56
radius_xlat:  '/usr/local/var/log/radius/radacct/192.168.50. 
1/detail-20060301'
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Ad 
dress}/detail-%Y%m%d expands to /usr/local/var/log/radius/ra 
dacct/192.168.50.1/detail-20060301
rlm_detail: Failed to create directory /usr/local/var/log/ra 
dius/radacct/192.168.50.1: Permission denied
  modcall[accounting]: module "detail" returns fail for requ est 56
modcall: group accounting returns fail for request 56
Finished request 56
Going to the next request
--- Walking the entire request list ---
Cleaning up request 53 ID 44 with timestamp 4405e74b
Cleaning up request 54 ID 45 with timestamp 4405e74b
Cleaning up request 55 ID 46 with timestamp 4405e74b
Cleaning up request 56 ID 47 with timestamp 4405e751
Nothing to do.  Sleeping until we see a request.


and here is hostapd output:

RADIUS packet matching with station 00:0f:66:11:c1:96
ath0: STA 00:0f:66:11:c1:96 IEEE 802.1X: using EAP timeout of 30 seconds
ath0: STA 00:0f:66:11:c1:96 IEEE 802.1X: decapsulated EAP packet (code=1 
id=12 l en=815) from RADIUS server: EAP-Request-TLS (13)
IEEE 802.1X: 00:0f:66:11:c1:96 BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:0f:66:11:c1:96 (identifier 12)
TX EAPOL - hexdump(len=833): 00 0f 66 11 c1 96 00 0f 66 11 c1 97 88 8e 02 00 
03 2f 01 0c 03 2f 0d 80 00 00 03 25 16 03 01 00 4a 02 00 00 46 03 01 44 05 
e7 4b 51  3e 99 96 de 87 21 1e db 20 c4 7f 40 dd 00 2a f2 73 74 7f 4f 37 44 
dc 22 b2 a9 2 9 20 4c c9 d7 01 37 9a b6 07 64 bf 95 71 95 9b 7c f9 9b f0 a0 
51 b8 07 9d f5 5f f6 10 79 33 18 fc 25 00 04 00 16 03 01 02 5c 0b 00 02 58 
00 02 55 00 02 52 30 82  02 4e 30 82 01 b7 a0 03 02 01 02 02 04 28 02 20 06 
30 0d 06 09 2a 86 48 86 f7 0 d 01 01 05 05 00 30 5f 31 0b 30 09 06 03 55 04 
06 13 02 45 43 31 13 30 11 06 03 55 04 08 13 0a 43 68 69 6d 62 6f 72 61 7a 
6f 31 11 30 0f 06 03 55 04 07 13 08 52  69 6f 62 61 6d 62 61 31 0f 30 0d 06 
03 55 04 0a 13 06 45 53 50 4f 43 48 31 17 3 0 15 06 03 55 04 03 13 0e 77 77 
77 2e 61 70 6d 61 67 61 2e 63 6f 6d 30 1e 17 0d 30 36 30 32 32 37 31 35 30 
37 35 33 5a 17 0d 30 37 30 32 32 37 31 35 30 37 35 33  5a 30 5f 31 0b 30 09 
06 03 55 04 06 13 02 45 43 31 13 30 11 06 03 55 04 08 13 0 a 43 68 69 6d 62 
6f 72 61 7a 6f 31 11 30 0f 06 03 55 04 07 13 08 52 69 6f 62 61 6d 62 61 31 
0f 30 0d 06 03 55 04 0a 13 06 45 53 50 4f 43 48 31 17 30 15 06 03 55  04 03 
13 0e 77 77 77 2e 61 70 6d 61 67 61 2e 63 6f 6d 30 81 9f 30 0d 06 09 2a 8 6 
48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 b9 4d df 01 4e 
77 cb cc 5b 23 13 3a 98 b7 70 90 35 3f 7b 9f ba 6d b3 3b 2c d1 51 0e 8f 8c 
8f 53 3b  ce c9 23 90 0d ad 61 e3 a0 c0 2e 04 70 0c 9c 95 85 6b df 7d 55 91 
47 a4 af c8 c b 5c 38 d4 10 17 8d 95 52 d3 22 ae dc ce 46 48 3f 7d d7 61 e7 
58 3b 1e 6d 07 5c d1 07 27 c0 94 14 16 b9 ac cb 09 7b aa ec 90 b4 6c 04 ae 
f5 67 ff d0 8c 4a cf f6  88 25 2d 81 a7 66 ce 4e 63 d9 a2 1c 77 4d 97 02 03 
01 00 01 a3 17 30 15 30 13 0 6 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 
07 03 01 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 7f 41 e4 
ef 50 c1 c7 7d 45 0d ee 7b 0b 43 72 c3  cb 68 16 3f ec 85 15 12 10 0a c7 2f 
c7 7d 70 a8 3f e8 7d 93 d1 44 78 42 eb 91 9 b ac 6a 0a d1 12 b6 87 55 0a d5 
20 f5 0e 46 51 cf de 12 46 34 3e 6f 45 8a 15 01 de 2e 40 18 db fb b5 65 8b 
9d a5 22 e6 28 3e 3d 0a b0 83 e8 e3 44 be fc 06 28 d3  ec 02 45 dc 67 23 33 
ac e7 0c 8d 44 d0 f1 cf ce 95 71 c7 4a 4e ad 43 59 7c 45 6 7 32 2e 09 95 4e 
16 03 01 00 70 0d 00 00 68 02 01 02 00 63 00 61 30 5f 31 0b 30 09 06 03 55 
04 06 13 02 45 43 31 13 30 11 06 03 55 04 08 13 0a 43 68 69 6d 62 6f  72 61 
7a 6f 31 11 30 0f 06 03 55 04 07 13 08 52 69 6f 62 61 6d 62 61 31 0f 30 0 d 
06 03 55 04 0a 13 06 45 53 50 4f 43 48 31 17 30 15 06 03 55 04 03 13 0e 77 
77 77 2e 61 70 6d 61 67 61 2e 63 6f 6d 0e 00 00 00
IEEE 802.1X: 00:0f:66:11:c1:96 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0f:66:11:c1:96 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 10 bytes from 00:0f:66:11:c1:96
   IEEE 802.1X: version=1 type=0 length=6
   EAP: code=2 identifier=12 length=6 (response)
ath0: STA 00:0f:66:11:c1:96 IEEE 802.1X: received EAP packet (code=2 id=12 
len=6 ) from STA: EAP Response-TLS (13)
IEEE 802.1X: 00:0f:66:11:c1:96 BE_AUTH entering state RESPONSE
Encapsulating EAP message into a RADIUS packet
  Copied RADIUS State Attribute
ath0: RADIUS Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=46 length=176
   Attribute 1 (User-Name) length=15
      Value: 'Administrador'
   Attribute 4 (NAS-IP-Address) length=6
      Value: 192.168.50.1
   Attribute 5 (NAS-Port) length=6
      Value: 0
   Attribute 30 (Called-Station-Id) length=30
      Value: '00-0F-66-11-C1-97:MYWLAN'
   Attribute 31 (Calling-Station-Id) length=19
      Value: '00-0F-66-11-C1-96'
   Attribute 12 (Framed-MTU) length=6
      Value: 1400
   Attribute 61 (NAS-Port-Type) length=6
      Value: 19
   Attribute 77 (Connect-Info) length=24
      Value: 'CONNECT 11Mbps 802.11b'
   Attribute 79 (EAP-Message) length=8
      Value: 02 0c 00 06 0d 00
   Attribute 24 (State) length=18
      Value: 1a 0c 83 eb 55 ba 10 00 a0 3c 23 98 08 83 a7 aa
   Attribute 80 (Message-Authenticator) length=18
      Value: 27 cc 43 22 bb d1 11 e4 23 5b 46 75 cb 9b bb c5
ath0: RADIUS Next RADIUS client retransmit in 3 seconds

IEEE 802.1X: 00:0f:66:11:c1:96 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0f:66:11:c1:96 REAUTH_TIMER entering state INITIALIZE
ath0: RADIUS Received 68 bytes from RADIUS server
ath0: RADIUS Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=46 length=68
   Attribute 79 (EAP-Message) length=12
      Value: 01 0d 00 0a 0d 80 00 00 00 00
   Attribute 80 (Message-Authenticator) length=18
      Value: 8f 71 dd a8 2c 37 db d0 4a d6 ed 2f 99 29 e3 7b
   Attribute 24 (State) length=18
      Value: 68 3f 27 18 a7 a0 a8 cd cb 64 6c 2b 11 cb 50 d3
ath0: STA 00:0f:66:11:c1:96 RADIUS: Received RADIUS packet matched with a 
pendin g request, round trip time 0.00 sec
RADIUS packet matching with station 00:0f:66:11:c1:96
ath0: STA 00:0f:66:11:c1:96 IEEE 802.1X: using EAP timeout of 30 seconds
ath0: STA 00:0f:66:11:c1:96 IEEE 802.1X: decapsulated EAP packet (code=1 
id=13 l en=10) from RADIUS server: EAP-Request-TLS (13)
IEEE 802.1X: 00:0f:66:11:c1:96 BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:0f:66:11:c1:96 (identifier 13)
TX EAPOL - hexdump(len=28): 00 0f 66 11 c1 96 00 0f 66 11 c1 97 88 8e 02 00 
00 0 a 01 0d 00 0a 0d 80 00 00 00 00
IEEE 802.1X: 00:0f:66:11:c1:96 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0f:66:11:c1:96 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0f:66:11:c1:96 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0f:66:11:c1:96 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0f:66:11:c1:96 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0f:66:11:c1:96 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:0f:66:11:c1:96 REAUTH_TIMER entering state INITIALIZE
Signal 2 received - terminating
Removing station 00:0f:66:11:c1:96
Flushing old station entries
madwifi_sta_deauth: addr=ff:ff:ff:ff:ff:ff reason_code=3
Deauthenticate all stations
ath0: RADIUS Sending RADIUS message to accounting server
RADIUS message: code=4 (Accounting-Request) identifier=47 length=74
   Attribute 40 (Acct-Status-Type) length=6
      Value: 8
   Attribute 45 (Acct-Authentic) length=6
      Value: 1
   Attribute 4 (NAS-IP-Address) length=6
      Value: 192.168.50.1
   Attribute 30 (Called-Station-Id) length=30
      Value: '00-0F-66-11-C1-97:MYWLAN'
   Attribute 49 (Acct-Terminate-Cause) length=6
      Value: 11
madwifi_set_privacy: enabled=0
madwifi_set_ieee8021x: enabled=0
madwifi_set_iface_flags: dev_up=0

i use ethereal so this is what it shows:

Cisco-Li_11:c1:96          TLS		Server Hello, Certificate Request, Server 
Hello
			   EAP          Response, EAP-TLS
			   TLS	        Client Hello
			   TLS		Server Hello, Certificate Request, Server Hello
			   EAP		Response, EAP-TLS

i also run 80211debug from madwifi and this is what i get:

Mar  1 13:01:18 localhost kernel: 08 01 2c 00 00 0f 66 11  c1 97 00 0f 66 11 
c1 96
Mar  1 13:01:18 localhost kernel: 00 0f 66 11 c1 97 10 da  aa aa 03 00 00 00 
08 00
Mar  1 13:01:18 localhost kernel: 45 00 00 28 3a ac 40 00  80 06 09 1c c0 a8 
32 04
Mar  1 13:01:18 localhost kernel: c1 2d 03 2e 04 3c 00 50  b6 55 47 86 ee 5b 
7c 42
Mar  1 13:01:18 localhost kernel: 50 10 44 70 47 56 00 00  1b 87 e5 89
Mar  1 13:01:18 localhost kernel:
Mar  1 13:01:18 localhost kernel: ath_intr: status 0x4009
Mar  1 13:01:18 localhost kernel: ath_rx_tasklet
Mar  1 13:01:18 localhost kernel: R (dd40b390 1d40b390) 1d40b3c0 1083b020 
00000000 00000c60 1fc60000 51e51911 !
Mar  1 13:01:18 localhost kernel: ath_intr: status 0x4009
Mar  1 13:01:18 localhost kernel: ath_rx_tasklet
Mar  1 13:01:18 localhost kernel: R (dd40b3c0 1d40b3c0) 1d40b3f0 1269a020 
00000000 00000c60 1fd60000 33ef1911 !
Mar  1 13:01:18 localhost kernel: ath_intr: status 0x4009
Mar  1 13:01:18 localhost kernel: R (dd40b3f0 1d40b3f0) 1d40b420 1262b020 
00000000 00000c60 10a60000 340b1111 !
Mar  1 13:01:18 localhost kernel: ath_rx_tasklet
Mar  1 13:01:18 localhost kernel: ath_intr: status 0x4009
Mar  1 13:01:18 localhost kernel: ath_rx_tasklet
Mar  1 13:01:18 localhost kernel: R (dd40b420 1d40b420) 1d40b450 12666020 
00000000 00000c60 10160000 36801911 !
Mar  1 13:01:18 localhost kernel: ath_intr: status 0x4009
Mar  1 13:01:18 localhost kernel: ath_rx_tasklet
Mar  1 13:01:18 localhost kernel: R (dd40b450 1d40b450) 1d40b480 16393020 
00000000 00000c60 1fb60000 5ee41911 !
Mar  1 13:01:18 localhost kernel: ath_intr: status 0x10000
Mar  1 13:01:18 localhost kernel: ath_beacon_setup: m d61493e0 len 124
Mar  1 13:01:18 localhost kernel: ath_intr: status 0x4009
Mar  1 13:01:18 localhost kernel: ath_rx_tasklet
Mar  1 13:01:18 localhost kernel: R (dd40b480 1d40b480) 1d40b4b0 12627020 
00000000 00000c60 1fe60000 281d1911 !
Mar  1 13:01:18 localhost kernel: ath_intr: status 0x10000
Mar  1 13:01:18 localhost kernel: ath_beacon_setup: m d61493e0 len 124
Mar  1 13:01:18 localhost kernel: ath_tx_start: skb0 d6633a40 [data d25ce84e 
len 512] skbaddr 125ce84e
Mar  1 13:01:18 localhost kernel: FRDS 
00:0f:66:11:c1:97->00:0f:66:11:c1:96(00:0f:66:11:c1:97) data 54M
Mar  1 13:01:18 localhost kernel:
Mar  1 13:01:18 localhost kernel: 08 06 cc 00 00 0f 66 11  c1 96 00 0f 66 11 
c1 97
Mar  1 13:01:18 localhost kernel: 00 0f 66 11 c1 97 f0 29  aa aa 03 00 00 00 
08 00
Mar  1 13:01:18 localhost kernel: 45 00 05 dc 24 0f 40 00  2b 06 6f 05 c1 2d 
03 2e
Mar  1 13:01:18 localhost kernel: c0 a8 32 04 00 50 04 3c  ee 5b 7c 42 b6 55 
47 86
Mar  1 13:01:18 localhost kernel: 50 10 21 80 83 2a 00 00  84 e6 91 f7 fb 35 
9d b5
Mar  1 13:01:18 localhost kernel: 65 d1 5a df da 24 a9 19  e9 26 11 d1 e9 7e 
39 01
Mar  1 13:01:18 localhost kernel: 17 9e 38 f4 a4 84 23 ac  42 42 f3 9e 89 a1 
18 f0
Mar  1 13:01:18 localhost kernel: 25 55 19 22 63 d6 64 ee  19 bd 0f 72 a6 21 
6a b0
Mar  1 13:01:18 localhost kernel: cf cf e1 07 ba 7b ba 81  bc 62 98 88 5d 1d 
c5 ba
Mar  1 13:01:18 localhost kernel: 7b fb 65 b4 57 44 e6 e7  6b ad 59 fc 2a 60 
f7 eb
Mar  1 13:01:18 localhost kernel: 30 fe d6 d0 bb fd 39 4a  02 76 d7 de 7a d4 
03 3e
Mar  1 13:01:18 localhost kernel: 35 9c 94 0b b5 76 cb e3  4d 61 d9 d9 0f 19 
64 25
Mar  1 13:01:18 localhost kernel: 8b 61 3c 43 4c c5 84 35  58 da ca 9e 0f 52 
b6 0b
Mar  1 13:01:18 localhost kernel: 36 55 12 9c 38 e1 12 d0  7f ad 95 13 b9 87 
26 1e
Mar  1 13:01:18 localhost kernel: f8 08 55 96 9e e6 18 26  83 56 fd 1c 17 61 
5c f8
Mar  1 13:01:18 localhost kernel: 98 d8 e2 4c ac 67 88 b0  fe e2 75 ed 2a 8d 
98 4e
Mar  1 13:01:18 localhost kernel: 7d ae e4 94 2d 44 fa ba  6b b0 2b 7a 8c d4 
9b b0
Mar  1 13:01:18 localhost kernel: 57 26 64 09 b5 b4 33 fc  c4 4b 09 dc 1d b5 
94 12
Mar  1 13:01:18 localhost kernel: 4a 79 e6 ce 92 c0 f8 b7  55 ef 57 43 48 97 
e8 7d
Mar  1 13:01:18 localhost kernel: f1 8c 9b eb 48 6b 60 05  99 c9 5c e0 c8 bf 
62 cd
Mar  1 13:01:18 localhost kernel: 6b be e3 45 d9 17 98 df  66 b1 69 53 9b b5 
ef f1
Mar  1 13:01:18 localhost kernel: 40 c8 1f 4e e1 04 69 49  b6 76 55 78 98 36 
e2 12
Mar  1 13:01:18 localhost kernel: 3a 59 17 72 1e b3 3a e9  38 05 f3 e4 7f 9d 
54 12
Mar  1 13:01:18 localhost kernel: f3 34 e9 24 75 b4 4b 84  cd 53 8d b2 85 4e 
ea 2b
Mar  1 13:01:18 localhost kernel: 00 1a de 05 0c 33 00 1f  af ad ab 67 ff b3 
e1 25
Mar  1 13:01:18 localhost kernel: cb fd a3 74 3c ec 38 a1  4d 3e 5d 33 ba 80 
67 8b
Mar  1 13:01:18 localhost kernel: bf af b8 44 b9 32 02 58  37 77 b6 08 14 18 
3b eb
Mar  1 13:01:18 localhost kernel: 22 be cd 43 d4 57 61 38  7e 10 24 c6 4a a1 
1e df
Mar  1 13:01:18 localhost kernel: 1f 98 58 05 9f 36 ca 59  ef 6c 3a ea fc 13 
70 2c
Mar  1 13:01:18 localhost kernel: 04 1e ed 87 b3 db 88 07  9b d0 28 bd ea 37 
8e f1
Mar  1 13:01:18 localhost kernel: 1d 45 8c e3 c1 e9 f8 d7  af cf 0c 24 6d 26 
4b 20
Mar  1 13:01:18 localhost kernel: 3f ae 42 0d 1b f6 df 62  67 af 64 34 b3 36 
6c aa
Mar  1 13:01:18 localhost kernel:
Mar  1 13:01:18 localhost kernel: ath_tx_start: Q1: (ds)dcf82040 
(lk)00000000 (d)125ce84e (c0)41620204 (c1)06008200 000b00cc 0090000c
Mar  1 13:01:18 localhost kernel: ath_tx_txqaddbuf: txq depth = 2
Mar  1 13:01:18 localhost kernel: ath_tx_txqaddbuf: link[1] 
(dcf81fe0)=1cf82040 (dcf82040)
Mar  1 13:01:18 localhost kernel: ath_tx_start: skb0 ddfd1c40 [data d07f1410 
len 512] skbaddr 107f1410
Mar  1 13:01:18 localhost kernel: FRDS 
00:0f:66:11:c1:97->00:0f:66:11:c1:96(00:0f:66:11:c1:97) data 54M
Mar  1 13:01:18 localhost kernel:
Mar  1 13:01:18 localhost kernel: 08 06 cc 00 00 0f 66 11  c1 96 00 0f 66 11 
c1 97
Mar  1 13:01:18 localhost kernel: 00 0f 66 11 c1 97 f1 ath_intr: status 0x40
Mar  1 13:01:18 localhost kernel: 29  8a 19 f3 17 c5 9e 9e a8
Mar  1 13:01:18 localhost kernel: 97 38 45 60 ac 38 77 33  72 a0 40 53 c0 a1 
24 70
Mar  1 13:01:18 localhost kernel: 4f 2a ca 1c 6c f8 88 22  47 4c 64 58 cd a8 
f1 a1
Mar  1 13:01:18 localhost kernel: fa c4 03 7e d3 ab 87 91  f1 10 ff 8f 29 72 
3b 45
Mar  1 13:01:18 localhost kernel: 24 41 5e c9 00 0c ed 2e  00 e7 ee de 28 d2 
94 f6
Mar  1 13:01:18 localhost kernel: 81 93 d8 4a a8 2d 84 64  c9 32 b8 03 ca 35 
7c 26
Mar  1 13:01:18 localhost kernel: f6 b6 d0 0b dc d1 cc 9f  fe 47 af ec 70 49 
27 6a
Mar  1 13:01:18 localhost kernel: ec b8 97 59 33 1b 11 44  84 c7 f8 2d 72 ee 
19 9c
Mar  1 13:01:18 localhost kernel: 08 89 49 00 91 7b 59 97  ef ca 7a 83 fa 3b 
c4 e1
Mar  1 13:01:18 localhost kernel: 1f f6 fb 1f e0 37 25 bf  c7 18 11 1f b2 00 
fd 6b
Mar  1 13:01:18 localhost kernel: bc a0 97 1e c7 59 de af  4d b3 79 22 19 05 
e0 fb
Mar  1 13:01:18 localhost kernel: 3f d7 dd 7f 6b a0 0f e7  7b 1a 09 9a 73 08 
c7 5b
Mar  1 13:01:18 localhost kernel: d0 ea f8 38 12 6a db 96  06 9e 4c b6 59 6b 
79 5e
Mar  1 13:01:18 localhost kernel: ca 5a 83 2e 40 8b 32 0e  35 ca e0 ec ec dc 
fa 4b
Mar  1 13:01:18 localhost kernel: f8 ca 26 16 d1 91 89 12  bd c2 ca 59 b3 9d 
9b dc
Mar  1 13:01:18 localhost kernel: 16 cb c9 50 d9 4c 42 c0  34 ba df ba cd 76 
7d 0b
Mar  1 13:01:18 localhost kernel: c4 df 42 79 be b5 37 88  da c2 b7 f6 ae 82 
fc 6d
Mar  1 13:01:18 localhost kernel: e3 fa 67 72 ec d9 89 15  d0 98 4f 77 54 28 
5b 5a
Mar  1 13:01:18 localhost kernel: 75 be b9 0a 54 cc c8 73  0f 95 23 24 1a 38 
c6 84
Mar  1 13:01:18 localhost kernel: 95 49 34 f4 a1 1d 00 9c  ea 9f 18 d4 3a 66 
55 db
Mar  1 13:01:18 localhost kernel: 09 bf 81 9e db ad c1 2c  5d ec f8 cd 50 eb 
08 78
Mar  1 13:01:18 localhost kernel: 2f 50 f4 7d 0a 99 31 53  93 ce 89 ed 4e 9e 
2c 4e
Mar  1 13:01:18 localhost kernel: 87 7d 5c 07 68 0e f5 2c  d2 87 44 0b a8 e7 
e0 3e
Mar  1 13:01:18 localhost kernel: 52 7e 23 aa 01 b1 32 0f  39 f0 59 03 47 e5 
8a a0
Mar  1 13:01:18 localhost kernel: a3 72 27 bf 3d f8 d7 4b  1a b1 f0 47 17 bd 
0a 85
Mar  1 13:01:18 localhost kernel: 26 15 3e a3 c1 e0 dd dc  04 b4 3f f6 c5 50 
89 0f
Mar  1 13:01:18 localhost kernel: 15 a1 2f 85 30 43 70 99  c7 8a b6 8a 93 b3 
f8 70
Mar  1 13:01:18 localhost kernel: 52 fc cb 05 d5 e3 36 37  09 70 46 35 38 b3 
4d d8
Mar  1 13:01:18 localhost kernel: 54 33 37 c4 52 ac 3a 89  3f 7e 13 69 1c da 
a4 77
Mar  1 13:01:18 localhost kernel: ae ca 58 a3 7b 71 01 63  38 52 44 20 16 37 
68 61
Mar  1 13:01:18 localhost kernel: 0b 8f 9f f3 2e 3c b5 60  63 60 e6 3f 38 33 
a4 ed
Mar  1 13:01:18 localhost kernel:
Mar  1 13:01:18 localhost kernel: ath_tx_start: Q1: (ds)dcf820a0 
(lk)00000000 (d)107f1410 (c0)41620204 (c1)06008200 000b00cc 0090000c
Mar  1 13:01:18 localhost kernel: ath_tx_txqaddbuf: txq depth = 3


so my questions are:
1) why client cann't authenticate to freeradius? maybe i'm missing any 
configuration
or freeradius and hostapd aren't working well together?
2) is there any way i can test my certificates from freeradius?? any 
command?
or may be install wpa-supplicant over my debian and test from there 
(authenticator and supplicant in same machine??).
3) why client stops in "Trying to authenticate"? maybe any configuration or 
password am i missing??
4)as you can see en freeradius and hostapd log they say "CONNECT 11Mbps 
802.11b" but i configured my ap to work with 802.11g, so why this behavior?

could any body try to help? i'm really desperate because this is a work for 
university and i must present it next week. please!!!

thanks in advance for your help and time.

_________________________________________________________________
MSN Amor: busca tu ½ naranja http://latam.msn.com/amor/




More information about the Freeradius-Users mailing list