problem in autehtication with EAP-MD5
tnt at kalik.co.yu
tnt at kalik.co.yu
Fri Jun 1 11:14:30 CEST 2007
Yes, radius is now working fine. What are you using (? going to use) to
assign an IP address to the client - radius or DHCP? If you are using
DHCP something is wrong with address/netmask assignment. If you are not
using anything at the moment you will need to pick one.
As for wpasupplicant log - it doesn't mean much to me (our WiFi lot is
all XP). At a glance, you fail to associate with an AP even before
radius traffic starts. It's complaining about IP address from the
start. Are you sure that's working properly?
Framed-IP-Address and Framed-IP-Netmask are used to assign them to the
client if NAS is not doing DHCP.
Ivan Kalik
Kalik Informatika ISP
Dana 1/6/2007, "shantanu choudhary" <shantanu_843 at yahoo.co.in> piše:
>sorry for the confusion and delay!!
>i am attaching user file, server output and client output.
>server is still giving access accept, but client is displaying cant assign requested address!!
>one thing what parameters should i add and what does framed ip address used for??
>now this user file is giving no error and is rserver is running without any problem!
>
>user file:-
>
>
># Please read the documentation file ../doc/processing_users_file,
># or 'man 5 users' (after installing the server) for more information.
>#
># As of 1.1.4, you SHOULD NOT use Auth-Type. See "man rlm_pap"
># for a much better way of dealing with differing passwords.
># If you set Auth-Type, SOME AUTHENTICATION METHODS WILL NOT WORK.
># If you don't set Auth-Type, the server will figure out what to do,
># and will almost always do the right thing.
>#
># This file contains authentication security and configuration
># information for each user. Accounting requests are NOT processed
># through this file. Instead, see 'acct_users', in this directory.
>#
># The first field is the user's name and can be up to
># 253 characters in length. This is followed (on the same line) with
># the list of authentication requirements for that user. This can
># include password, comm server name, comm server port number, protocol
># type (perhaps set by the "hints" file), and huntgroup name (set by
># the "huntgroups" file).
>#
># Indented (with the tab character) lines following the first
># line indicate the configuration values to be passed back to
># the comm server to allow the initiation of a user session.
># This can include things like the PPP configuration values
># or the host to log the user onto.
>#
># If you are not sure why a particular reply is being sent by the
># server, then run the server in debugging mode (radiusd -X), and
># you will see which entries in this file are matched.
>#
># When an authentication request is received from the comm server,
># these values are tested. Only the first match is used unless the
># "Fall-Through" variable is set to "Yes".
>#
># A special user named "DEFAULT" matches on all usernames.
># You can have several DEFAULT entries. All entries are processed
># in the order they appear in this file. The first entry that
># matches the login-request will stop processing unless you use
># the Fall-Through variable.
>#
># You can include another `users' file with `$INCLUDE users.other'
>#
>
>#
># For a list of RADIUS attributes, and links to their definitions,
># see:
>#
># http://www.freeradius.org/rfc/attributes.html
>#
>
>#
># Deny access for a specific user. Note that this entry MUST
># be before any other 'Auth-Type' attribute which results in the user
># being authenticated.
>#
># Note that there is NO 'Fall-Through' attribute, so the user will not
># be given any additional resources.
>#
>#lameuser Auth-Type := Reject
># Reply-Message = "Your account has been disabled."
>
>#
># Deny access for a group of users.
>#
># Note that there is NO 'Fall-Through' attribute, so the user will not
># be given any additional resources.
>#
>#DEFAULT Group == "disabled", Auth-Type := Reject
># Reply-Message = "Your account has been disabled."
>#
>
>#
># This is a complete entry for "steve". Note that there is no Fall-Through
># entry so that no DEFAULT entry will be used, and the user will NOT
># get any attributes in addition to the ones listed here.
>#
>#steve Cleartext-Password := "testing"
># Service-Type = Framed-User,
># Framed-Protocol = PPP,
># Framed-IP-Address = 172.16.3.33,
># Framed-IP-Netmask = 255.255.255.0,
># Framed-Routing = Broadcast-Listen,
># Framed-Filter-Id = "std.ppp",
># Framed-MTU = 1500,
># Framed-Compression = Van-Jacobsen-TCP-IP
>
>#
># This is an entry for a user with a space in their name.
># Note the double quotes surrounding the name.
>#
>#"John Doe" Cleartext-Password := "hello"
># Reply-Message = "Hello, %u"
>
>#
># Dial user back and telnet to the default host for that port
>#
>#Deg Cleartext-Password := "ge55ged"
># Service-Type = Callback-Login-User,
># Login-IP-Host = 0.0.0.0,
># Callback-Number = "9,5551212",
># Login-Service = Telnet,
># Login-TCP-Port = Telnet
>
>#
># Another complete entry. After the user "dialbk" has logged in, the
># connection will be broken and the user will be dialed back after which
># he will get a connection to the host "timeshare1".
>#
>#dialbk Cleartext-Password := "callme"
># Service-Type = Callback-Login-User,
># Login-IP-Host = timeshare1,
># Login-Service = PortMaster,
># Callback-Number = "9,1-800-555-1212"
>
>#
># user "swilson" will only get a static IP number if he logs in with
># a framed protocol on a terminal server in Alphen (see the huntgroups file).
>#
># Note that by setting "Fall-Through", other attributes will be added from
># the following DEFAULT entries
>#
>#swilson Service-Type == Framed-User, Huntgroup-Name == "alphen"
># Framed-IP-Address = 192.168.1.65,
># Fall-Through = Yes
>
>#
># If the user logs in as 'username.shell', then authenticate them
># against the system database, give them shell access, and stop processing
># the rest of the file.
>#
># Note that authenticating against an /etc/passwd file works ONLY for PAP,
># and not for CHAP, MS-CHAP, or EAP.
>#
>#DEFAULT Suffix == ".shell", Auth-Type := System
># Service-Type = Login-User,
># Login-Service = Telnet,
># Login-IP-Host = your.shell.machine
>
>
>#
># The rest of this file contains the several DEFAULT entries.
># DEFAULT entries match with all login names.
># Note that DEFAULT entries can also Fall-Through (see first entry).
># A name-value pair from a DEFAULT entry will _NEVER_ override
># an already existing name-value pair.
>#
>
>#
># First setup all accounts to be checked against the UNIX /etc/passwd.
># (Unless a password was already given earlier in this file).
>#
>
>testuser Password = "whatever"
>
> Service-Type = Framed-User,
># Framed-IP-Address = 192.168.2.32+,
># Framed-IP-Netmask = 255.255.255.255,
> Framed-MTU = 1438
>DEFAULT Auth-Type = System
> Fall-Through = 1
>
>#
># Set up different IP address pools for the terminal servers.
># Note that the "+" behind the IP address means that this is the "base"
># IP address. The Port-Id (S0, S1 etc) will be added to it.
>#
>#DEFAULT Service-Type == Framed-User, Huntgroup-Name == "alphen"
># Framed-IP-Address = 192.168.1.32+,
># Fall-Through = Yes
>
>#DEFAULT Service-Type == Framed-User, Huntgroup-Name == "delft"
># Framed-IP-Address = 192.168.2.32+,
># Fall-Through = Yes
>
>#
># Defaults for all framed connections.
>#
>DEFAULT Service-Type == Framed-User
> Framed-IP-Address = 192.168.2.132+,
> Framed-MTU = 576,
> Service-Type = Framed-User,
> Fall-Through = No
>
>#
># Default for PPP: dynamic IP address, PPP mode, VJ-compression.
># NOTE: we do not use Hint = "PPP", since PPP might also be auto-detected
># by the terminal server in which case there may not be a "P" suffix.
># The terminal server sends "Framed-Protocol = PPP" for auto PPP.
>#
>DEFAULT Framed-Protocol == PPP
> Framed-Protocol = PPP,
> Framed-Compression = Van-Jacobson-TCP-IP
>
>#
># Default for CSLIP: dynamic IP address, SLIP mode, VJ-compression.
>#
>DEFAULT Hint == "CSLIP"
> Framed-Protocol = SLIP,
> Framed-Compression = Van-Jacobson-TCP-IP
>
>#
># Default for SLIP: dynamic IP address, SLIP mode.
>#
>DEFAULT Hint == "SLIP"
> Framed-Protocol = SLIP
>
>#
># Last default: rlogin to our main server.
>#
>#DEFAULT
># Service-Type = Login-User,
># Login-Service = Rlogin,
># Login-IP-Host = shellbox.ispdomain.com
>
># #
># # Last default: shell on the local terminal server.
># #
># DEFAULT
># Service-Type = Shell-User
>
># On no match, the user is denied access.
>
>
>Server side output:-
>
>rad_recv: Access-Request packet from host 192.168.2.183:1031, id=0, length=177
> Message-Authenticator = 0x589528b2bceeed66a2d4d26fefe7bf2c
> Service-Type = Framed-User
> User-Name = "testuser"
> Framed-MTU = 1488
> Called-Station-Id = "00-03-7F-09-60-7E:ATH183"
> Calling-Station-Id = "00-03-7F-05-C0-9C"
> NAS-Port-Type = Wireless-802.11
> Connect-Info = "CONNECT 54Mbps 802.11g"
> EAP-Message = 0x0200000d017465737475736572
> NAS-IP-Address = 192.168.2.183
> NAS-Port = 1
> NAS-Port-Id = "STA port # 1"
> Processing the authorize section of radiusd.conf
>modcall: entering group authorize for request 0
> modcall[authorize]: module "preprocess" returns ok for request 0
> modcall[authorize]: module "chap" returns noop for request 0
> modcall[authorize]: module "mschap" returns noop for request 0
> rlm_realm: No '@' in User-Name = "testuser", looking up realm NULL
> rlm_realm: No such realm "NULL"
> modcall[authorize]: module "suffix" returns noop for request 0
> rlm_eap: EAP packet type response id 0 length 13
> rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
> modcall[authorize]: module "eap" returns updated for request 0
> users: Matched entry testuser at line 155
> modcall[authorize]: module "files" returns ok for request 0
>rlm_pap: Found existing Auth-Type, not changing it.
> modcall[authorize]: module "pap" returns noop for request 0
>modcall: leaving group authorize (returns updated) for request 0
> rad_check_password: Found Auth-Type EAP
>auth: type "EAP"
> Processing the authenticate section of radiusd.conf
>modcall: entering group authenticate for request 0
> rlm_eap: EAP Identity
> rlm_eap: processing type md5
>rlm_eap_md5: Issuing Challenge
> modcall[authenticate]: module "eap" returns handled for request 0
>modcall: leaving group authenticate (returns handled) for request 0
>Sending Access-Challenge of id 0 to 192.168.2.183 port 1031
> Service-Type = Framed-User
> Framed-MTU = 1438
> EAP-Message = 0x010100160410c321416d83ead87330b8226effb8b924
> Message-Authenticator = 0x00000000000000000000000000000000
> State = 0x658952967ab1a3f98332d7b9a168e752
>Finished request 0
>Going to the next request
>--- Walking the entire request list ---
>Waking up in 6 seconds...
>rad_recv: Access-Request packet from host 192.168.2.183:1031, id=1, length=204
> Message-Authenticator = 0x351c009d3401181ca0410e9cd1971a24
> Service-Type = Framed-User
> User-Name = "testuser"
> Framed-MTU = 1488
> State = 0x658952967ab1a3f98332d7b9a168e752
> Called-Station-Id = "00-03-7F-09-60-7E:ATH183"
> Calling-Station-Id = "00-03-7F-05-C0-9C"
> NAS-Port-Type = Wireless-802.11
> Connect-Info = "CONNECT 54Mbps 802.11g"
> EAP-Message = 0x0201001604101df014c337b67c17a0f7a7df8564814c
> NAS-IP-Address = 192.168.2.183
> NAS-Port = 1
> NAS-Port-Id = "STA port # 1"
> Processing the authorize section of radiusd.conf
>modcall: entering group authorize for request 1
> modcall[authorize]: module "preprocess" returns ok for request 1
> modcall[authorize]: module "chap" returns noop for request 1
> modcall[authorize]: module "mschap" returns noop for request 1
> rlm_realm: No '@' in User-Name = "testuser", looking up realm NULL
> rlm_realm: No such realm "NULL"
> modcall[authorize]: module "suffix" returns noop for request 1
> rlm_eap: EAP packet type response id 1 length 22
> rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
> modcall[authorize]: module "eap" returns updated for request 1
> users: Matched entry testuser at line 155
> modcall[authorize]: module "files" returns ok for request 1
>rlm_pap: Found existing Auth-Type, not changing it.
> modcall[authorize]: module "pap" returns noop for request 1
>modcall: leaving group authorize (returns updated) for request 1
> rad_check_password: Found Auth-Type EAP
>auth: type "EAP"
> Processing the authenticate section of radiusd.conf
>modcall: entering group authenticate for request 1
> rlm_eap: Request found, released from the list
> rlm_eap: EAP/md5
> rlm_eap: processing type md5
> rlm_eap: Freeing handler
> modcall[authenticate]: module "eap" returns ok for request 1
>modcall: leaving group authenticate (returns ok) for request 1
>Sending Access-Accept of id 1 to 192.168.2.183 port 1031
> Service-Type = Framed-User
> Framed-MTU = 1438
> EAP-Message = 0x03010004
> Message-Authenticator = 0x00000000000000000000000000000000
> User-Name = "testuser"
>Finished request 1
>Going to the next request
>Waking up in 6 seconds...
>--- Walking the entire request list ---
>Cleaning up request 0 ID 0 with timestamp 465fabbe
>Cleaning up request 1 ID 1 with timestamp 465fabbe
>Nothing to do. Sleeping until we see a request.
>
>Client side output:-
>
>Initializing interface 'ath0' conf '/etc/wpa_supplicant/WPA_EAP_TLS1.conf' driver 'wext' ctrl_interface 'N/A' bridge 'N/A'
>Configuration file '/etc/wpa_supplicant/WPA_EAP_TLS1.conf' -> '/etc/wpa_supplicant/WPA_EAP_TLS1.conf'
>Reading configuration file '/etc/wpa_supplicant/WPA_EAP_TLS1.conf'
>ctrl_interface='/var/run/wpa_supplicant'
>ctrl_interface_group='wheel' (DEPRECATED)
>eapol_version=1
>ap_scan=1
>fast_reauth=1
>Line: 6 - start of a new network block
>ssid - hexdump_ascii(len=6):
> 41 54 48 31 38 33 ATH183
>scan_ssid=1 (0x1)
>key_mgmt: 0x1
>eap methods - hexdump(len=16): 00 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00
>identity - hexdump_ascii(len=8):
> 74 65 73 74 75 73 65 72 testuser
>password - hexdump_ascii(len=8): [REMOVED]
>Priority group 0
> id=0 ssid='ATH183'
>Initializing interface (2) 'ath0'
>EAPOL: SUPP_PAE entering state DISCONNECTED
>EAPOL: KEY_RX entering state NO_KEY_RECEIVE
>EAPOL: SUPP_BE entering state INITIALIZE
>EAP: EAP entering state DISABLED
>EAPOL: External notification - portEnabled=0
>EAPOL: External notification - portValid=0
>SIOCGIWRANGE: WE(compiled)=22 WE(source)=13 enc_capa=0xf
> capabilities: key_mgmt 0xf enc 0xf
>WEXT: Operstate: linkmode=1, operstate=5
>Own MAC address: 00:03:7f:05:c0:9c
>wpa_driver_wext_set_wpa
>wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
>wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
>wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
>wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
>wpa_driver_wext_set_countermeasures
>wpa_driver_wext_set_drop_unencrypted
>Setting scan request: 0 sec 100000 usec
>ctrl_interface_group=10 (from group name 'wheel')
>Added interface ath0
>RTM_NEWLINK: operstate=0 ifi_flags=0x1002 ()
>Wireless event: cmd=0x8b06 len=8
>Ignore event for foreign ifindex 3
>RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
>RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
>RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
>RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
>RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
>Wireless event: cmd=0x8b15 len=20
>Wireless event: new AP: 00:03:7f:09:60:7e
>State: DISCONNECTED -> ASSOCIATED
>wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
>WEXT: Operstate: linkmode=-1, operstate=5
>Associated with 00:00:00:00:00:00
>WPA: Association event - clear replay counter
>EAPOL: External notification - portEnabled=0
>EAPOL: External notification - portValid=0
>EAPOL: External notification - portEnabled=1
>EAPOL: SUPP_PAE entering state CONNECTING
>EAPOL: SUPP_BE entering state IDLE
>EAP: EAP entering state INITIALIZE
>EAP: EAP entering state IDLE
>Setting authentication timeout: 10 sec 0 usec
>Cancelling scan request
>RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
>RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
>RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
>Wireless event: cmd=0x8b15 len=20
>Wireless event: new AP: 00:00:00:00:00:00
>Setting scan request: 0 sec 100000 usec
>Added BSSID 00:00:00:00:00:00 into blacklist
>CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
>wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
>wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
>wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
>wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
>wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
>State: ASSOCIATED -> DISCONNECTED
>wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
>WEXT: Operstate: linkmode=-1, operstate=5
>EAPOL: External notification - portEnabled=0
>EAPOL: SUPP_PAE entering state DISCONNECTED
>EAPOL: SUPP_BE entering state INITIALIZE
>EAP: EAP entering state DISABLED
>EAPOL: External notification - portValid=0
>CTRL_IFACE monitor attached - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 33 39 31 32 2d 37 35 00
>RX ctrl_iface - hexdump_ascii(len=10):
> 49 4e 54 45 52 46 41 43 45 53 INTERFACES
>RX ctrl_iface - hexdump_ascii(len=6):
> 53 54 41 54 55 53 STATUS
>ioctl[SIOCGIFADDR]: Cannot assign requested address
>RX ctrl_iface - hexdump_ascii(len=13):
> 4c 49 53 54 5f 4e 45 54 57 4f 52 4b 53 LIST_NETWORKS
>RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
>Wireless event: cmd=0x8b15 len=20
>Wireless event: new AP: 00:03:7f:09:60:7e
>State: DISCONNECTED -> ASSOCIATED
>wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
>WEXT: Operstate: linkmode=-1, operstate=5
>Associated to a new BSS: BSSID=00:03:7f:09:60:7e
>No keys have been configured - skip key clearing
>Network configuration found for the current AP
>WPA: No WPA/RSN IE available from association info
>WPA: Set cipher suites based on configuration
>WPA: Selected cipher suites: group 30 pairwise 24 key_mgmt 1 proto 2
>WPA: clearing AP WPA IE
>WPA: clearing AP RSN IE
>WPA: using GTK CCMP
>WPA: using PTK CCMP
>WPA: using KEY_MGMT 802.1X
>WPA: Set own WPA IE default - hexdump(len=22): 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 01 00 00
>EAPOL: External notification - portControl=Auto
>Associated with 00:03:7f:09:60:7e
>CTRL_IFACE monitor send - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 33 39 31 32 2d 37 35 00
>WPA: Association event - clear replay counter
>EAPOL: External notification - portEnabled=0
>EAPOL: External notification - portValid=0
>EAPOL: External notification - portEnabled=1
>EAPOL: SUPP_PAE entering state CONNECTING
>EAPOL: SUPP_BE entering state IDLE
>EAP: EAP entering state INITIALIZE
>EAP: EAP entering state IDLE
>Setting authentication timeout: 10 sec 0 usec
>Cancelling scan request
>RX EAPOL from 00:03:7f:09:60:7e
>RX EAPOL - hexdump(len=9): 01 00 00 05 01 00 00 05 01
>Setting authentication timeout: 70 sec 0 usec
>EAPOL: Received EAP-Packet frame
>EAPOL: SUPP_PAE entering state RESTART
>EAP: EAP entering state INITIALIZE
>EAP: EAP entering state IDLE
>EAPOL: SUPP_PAE entering state AUTHENTICATING
>EAPOL: SUPP_BE entering state REQUEST
>EAPOL: getSuppRsp
>EAP: EAP entering state RECEIVED
>EAP: Received EAP-Request id=0 method=1 vendor=0 vendorMethod=0
>EAP: EAP entering state IDENTITY
>CTRL-EVENT-EAP-STARTED EAP authentication started
>CTRL_IFACE monitor send - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 33 39 31 32 2d 37 35 00
>EAP: EAP-Request Identity data - hexdump_ascii(len=0):
>EAP: using real identity - hexdump_ascii(len=8):
> 74 65 73 74 75 73 65 72 testuser
>EAP: EAP entering state SEND_RESPONSE
>EAP: EAP entering state IDLE
>EAPOL: SUPP_BE entering state RESPONSE
>EAPOL: txSuppRsp
>TX EAPOL - hexdump(len=17): 01 00 00 0d 02 00 00 0d 01 74 65 73 74 75 73 65 72
>EAPOL: SUPP_BE entering state RECEIVE
>RX EAPOL from 00:03:7f:09:60:7e
>RX EAPOL - hexdump(len=26): 01 00 00 16 01 01 00 16 04 10 c3 21 41 6d 83 ea d8 73 30 b8 22 6e ff b8 b9 24
>EAPOL: Received EAP-Packet frame
>EAPOL: SUPP_BE entering state REQUEST
>EAPOL: getSuppRsp
>EAP: EAP entering state RECEIVED
>EAP: Received EAP-Request id=1 method=4 vendor=0 vendorMethod=0
>EAP: EAP entering state GET_METHOD
>EAP: Initialize selected EAP method: vendor 0 method 4 (MD5)
>CTRL-EVENT-EAP-METHOD EAP vendor 0 method 4 (MD5) selected
>CTRL_IFACE monitor send - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 33 39 31 32 2d 37 35 00
>EAP: EAP entering state METHOD
>EAP-MD5: Challenge - hexdump(len=16): c3 21 41 6d 83 ea d8 73 30 b8 22 6e ff b8 b9 24
>EAP-MD5: Generating Challenge Response
>EAP-MD5: Response - hexdump(len=16): 1d f0 14 c3 37 b6 7c 17 a0 f7 a7 df 85 64 81 4c
>EAP: method process -> ignore=FALSE methodState=DONE decision=UNCOND_SUCC
>EAP: EAP entering state SEND_RESPONSE
>EAP: EAP entering state IDLE
>EAPOL: SUPP_BE entering state RESPONSE
>EAPOL: txSuppRsp
>TX EAPOL - hexdump(len=26): 01 00 00 16 02 01 00 16 04 10 1d f0 14 c3 37 b6 7c 17 a0 f7 a7 df 85 64 81 4c
>EAPOL: SUPP_BE entering state RECEIVE
>RX EAPOL from 00:03:7f:09:60:7e
>RX EAPOL - hexdump(len=8): 01 00 00 04 04 01 00 04
>EAPOL: Received EAP-Packet frame
>EAPOL: SUPP_BE entering state REQUEST
>EAPOL: getSuppRsp
>EAP: EAP entering state RECEIVED
>EAP: Received EAP-Failure
>EAP: EAP entering state DISCARD
>EAP: EAP entering state IDLE
>EAPOL: SUPP_BE entering state RECEIVE
>RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
>RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
>RX ctrl_iface - hexdump_ascii(len=4):
> 50 49 4e 47 PING
>RX ctrl_iface - hexdump_ascii(len=6):
> 53 54 41 54 55 53 STATUS
>ioctl[SIOCGIFADDR]: Cannot assign requested address
>RX ctrl_iface - hexdump_ascii(len=13):
> 4c 49 53 54 5f 4e 45 54 57 4f 52 4b 53 LIST_NETWORKS
>RX ctrl_iface - hexdump_ascii(len=4):
> 50 49 4e 47 PING
>EAPOL: startWhen --> 0
>RX ctrl_iface - hexdump_ascii(len=4):
> 50 49 4e 47 PING
>RX ctrl_iface - hexdump_ascii(len=4):
> 50 49 4e 47 PING
>RX ctrl_iface - hexdump_ascii(len=4):
> 50 49 4e 47 PING
>RX ctrl_iface - hexdump_ascii(len=4):
> 50 49 4e 47 PING
>RX ctrl_iface - hexdump_ascii(len=4):
> 50 49 4e 47 PING
>RX ctrl_iface - hexdump_ascii(len=4):
> 50 49 4e 47 PING
>RX ctrl_iface - hexdump_ascii(len=4):
> 50 49 4e 47 PING
>RX ctrl_iface - hexdump_ascii(len=4):
> 50 49 4e 47 PING
>RX ctrl_iface - hexdump_ascii(len=4):
> 50 49 4e 47 PING
>RX ctrl_iface - hexdump_ascii(len=6):
> 53 54 41 54 55 53 STATUS
>ioctl[SIOCGIFADDR]: Cannot assign requested address
>RX ctrl_iface - hexdump_ascii(len=4):
> 50 49 4e 47 PING
>RX ctrl_iface - hexdump_ascii(len=4):
> 50 49 4e 47 PING
>RX ctrl_iface - hexdump_ascii(len=4):
> 50 49 4e 47 PING
>RX ctrl_iface - hexdump_ascii(len=4):
> 50 49 4e 47 PING
>RX ctrl_iface - hexdump_ascii(len=4):
> 50 49 4e 47 PING
>CTRL-EVENT-TERMINATING - signal 2 received
>CTRL_IFACE monitor send - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 33 39 31 32 2d 37 35 00
>Removing interface ath0
>State: ASSOCIATED -> DISCONNECTED
>wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
>WEXT: Operstate: linkmode=-1, operstate=5
>wpa_driver_wext_deauthenticate
>No keys have been configured - skip key clearing
>EAPOL: External notification - portEnabled=0
>EAPOL: SUPP_PAE entering state DISCONNECTED
>EAPOL: SUPP_BE entering state INITIALIZE
>EAP: EAP entering state DISABLED
>EAPOL: External notification - portValid=0
>wpa_driver_wext_set_wpa
>wpa_driver_wext_set_drop_unencrypted
>wpa_driver_wext_set_countermeasures
>No keys have been configured - skip key clearing
>CTRL_IFACE wait for attached monitors to receive messages
>EAP: deinitialize previously used EAP method (4, MD5) at EAP deinit
>Removed BSSID 00:00:00:00:00:00 from blacklist (clear)
>Cancelling scan request
>Cancelling authentication timeout
>WEXT: Operstate: linkmode=0, operstate=6
>
>
>
>
>
>---------------------------------
> Download prohibited? No problem! CHAT from any browser, without download.
>
More information about the Freeradius-Users
mailing list