problem in autehtication with EAP-MD5

tnt at kalik.co.yu tnt at kalik.co.yu
Fri Jun 1 11:14:30 CEST 2007


Yes, radius is now working fine. What are you using (? going to use) to
assign an IP address to the client - radius or DHCP? If you are using
DHCP something is wrong with address/netmask assignment. If you are not
using anything at the moment you will need to pick one.

As for wpasupplicant log - it doesn't mean much to me (our WiFi lot is
all XP). At a glance, you fail to associate with an AP even before
radius traffic starts. It's complaining about IP address from the
start. Are you sure that's working properly?

Framed-IP-Address and Framed-IP-Netmask are used to assign them to the
client if NAS is not doing DHCP.

Ivan Kalik
Kalik Informatika ISP

Dana 1/6/2007, "shantanu choudhary" <shantanu_843 at yahoo.co.in> piše:

>sorry for the confusion and delay!!
>i am attaching user file, server output and client output.
>server is still giving access accept, but client is displaying cant assign requested address!!
>one thing what parameters should i add and what does framed ip address used for??
>now this user file is giving no error and is rserver is running without any problem!
>
>user file:-
>
>
>#    Please read the documentation file ../doc/processing_users_file,
>#    or 'man 5 users' (after installing the server) for more information.
>#
>#    As of 1.1.4, you SHOULD NOT use Auth-Type.  See "man rlm_pap"
>#    for a much better way of dealing with differing passwords.
>#    If you set Auth-Type, SOME AUTHENTICATION METHODS WILL NOT WORK.
>#    If you don't set Auth-Type, the server will figure out what to do,
>#    and will almost always do the right thing.
>#
>#    This file contains authentication security and configuration
>#    information for each user.  Accounting requests are NOT processed
>#    through this file.  Instead, see 'acct_users', in this directory.
>#
>#    The first field is the user's name and can be up to
>#    253 characters in length.  This is followed (on the same line) with
>#    the list of authentication requirements for that user.  This can
>#    include password, comm server name, comm server port number, protocol
>#    type (perhaps set by the "hints" file), and huntgroup name (set by
>#    the "huntgroups" file).
>#
>#    Indented (with the tab character) lines following the first
>#    line indicate the configuration values to be passed back to
>#    the comm server to allow the initiation of a user session.
>#    This can include things like the PPP configuration values
>#    or the host to log the user onto.
>#
>#    If you are not sure why a particular reply is being sent by the
>#    server, then run the server in debugging mode (radiusd -X), and
>#    you will see which entries in this file are matched.
>#
>#    When an authentication request is received from the comm server,
>#    these values are tested. Only the first match is used unless the
>#    "Fall-Through" variable is set to "Yes".
>#
>#    A special user named "DEFAULT" matches on all usernames.
>#    You can have several DEFAULT entries. All entries are processed
>#    in the order they appear in this file. The first entry that
>#    matches the login-request will stop processing unless you use
>#    the Fall-Through variable.
>#
>#    You can include another `users' file with `$INCLUDE users.other'
>#
>
>#
>#    For a list of RADIUS attributes, and links to their definitions,
>#    see:
>#
>#    http://www.freeradius.org/rfc/attributes.html
>#
>
>#
># Deny access for a specific user.  Note that this entry MUST
># be before any other 'Auth-Type' attribute which results in the user
># being authenticated.
>#
># Note that there is NO 'Fall-Through' attribute, so the user will not
># be given any additional resources.
>#
>#lameuser    Auth-Type := Reject
>#        Reply-Message = "Your account has been disabled."
>
>#
># Deny access for a group of users.
>#
># Note that there is NO 'Fall-Through' attribute, so the user will not
># be given any additional resources.
>#
>#DEFAULT    Group == "disabled", Auth-Type := Reject
>#        Reply-Message = "Your account has been disabled."
>#
>
>#
># This is a complete entry for "steve". Note that there is no Fall-Through
># entry so that no DEFAULT entry will be used, and the user will NOT
># get any attributes in addition to the ones listed here.
>#
>#steve    Cleartext-Password := "testing"
>#    Service-Type = Framed-User,
>#    Framed-Protocol = PPP,
>#    Framed-IP-Address = 172.16.3.33,
>#    Framed-IP-Netmask = 255.255.255.0,
>#    Framed-Routing = Broadcast-Listen,
>#    Framed-Filter-Id = "std.ppp",
>#    Framed-MTU = 1500,
>#    Framed-Compression = Van-Jacobsen-TCP-IP
>
>#
># This is an entry for a user with a space in their name.
># Note the double quotes surrounding the name.
>#
>#"John Doe"    Cleartext-Password := "hello"
>#        Reply-Message = "Hello, %u"
>
>#
># Dial user back and telnet to the default host for that port
>#
>#Deg    Cleartext-Password := "ge55ged"
>#    Service-Type = Callback-Login-User,
>#    Login-IP-Host = 0.0.0.0,
>#    Callback-Number = "9,5551212",
>#    Login-Service = Telnet,
>#    Login-TCP-Port = Telnet
>
>#
># Another complete entry. After the user "dialbk" has logged in, the
># connection will be broken and the user will be dialed back after which
># he will get a connection to the host "timeshare1".
>#
>#dialbk    Cleartext-Password := "callme"
>#    Service-Type = Callback-Login-User,
>#    Login-IP-Host = timeshare1,
>#    Login-Service = PortMaster,
>#    Callback-Number = "9,1-800-555-1212"
>
>#
># user "swilson" will only get a static IP number if he logs in with
># a framed protocol on a terminal server in Alphen (see the huntgroups file).
>#
># Note that by setting "Fall-Through", other attributes will be added from
># the following DEFAULT entries
>#
>#swilson    Service-Type == Framed-User, Huntgroup-Name == "alphen"
>#        Framed-IP-Address = 192.168.1.65,
>#        Fall-Through = Yes
>
>#
># If the user logs in as 'username.shell', then authenticate them
># against the system database, give them shell access, and stop processing
># the rest of the file.
>#
># Note that authenticating against an /etc/passwd file works ONLY for PAP,
># and not for CHAP, MS-CHAP, or EAP.
>#
>#DEFAULT    Suffix == ".shell", Auth-Type := System
>#        Service-Type = Login-User,
>#        Login-Service = Telnet,
>#        Login-IP-Host = your.shell.machine
>
>
>#
># The rest of this file contains the several DEFAULT entries.
># DEFAULT entries match with all login names.
># Note that DEFAULT entries can also Fall-Through (see first entry).
># A name-value pair from a DEFAULT entry will _NEVER_ override
># an already existing name-value pair.
>#
>
>#
># First setup all accounts to be checked against the UNIX /etc/passwd.
># (Unless a password was already given earlier in this file).
>#
>
>testuser        Password = "whatever"
>
>        Service-Type = Framed-User,
>#       Framed-IP-Address = 192.168.2.32+,
>#       Framed-IP-Netmask = 255.255.255.255,
>       Framed-MTU = 1438
>DEFAULT    Auth-Type = System
>    Fall-Through = 1
>
>#
># Set up different IP address pools for the terminal servers.
># Note that the "+" behind the IP address means that this is the "base"
># IP address. The Port-Id (S0, S1 etc) will be added to it.
>#
>#DEFAULT    Service-Type == Framed-User, Huntgroup-Name == "alphen"
>#        Framed-IP-Address = 192.168.1.32+,
>#        Fall-Through = Yes
>
>#DEFAULT    Service-Type == Framed-User, Huntgroup-Name == "delft"
>#        Framed-IP-Address = 192.168.2.32+,
>#        Fall-Through = Yes
>
>#
># Defaults for all framed connections.
>#
>DEFAULT    Service-Type == Framed-User
>    Framed-IP-Address = 192.168.2.132+,
>    Framed-MTU = 576,
>    Service-Type = Framed-User,
>    Fall-Through = No
>
>#
># Default for PPP: dynamic IP address, PPP mode, VJ-compression.
># NOTE: we do not use Hint = "PPP", since PPP might also be auto-detected
>#    by the terminal server in which case there may not be a "P" suffix.
>#    The terminal server sends "Framed-Protocol = PPP" for auto PPP.
>#
>DEFAULT    Framed-Protocol == PPP
>    Framed-Protocol = PPP,
>    Framed-Compression = Van-Jacobson-TCP-IP
>
>#
># Default for CSLIP: dynamic IP address, SLIP mode, VJ-compression.
>#
>DEFAULT    Hint == "CSLIP"
>    Framed-Protocol = SLIP,
>    Framed-Compression = Van-Jacobson-TCP-IP
>
>#
># Default for SLIP: dynamic IP address, SLIP mode.
>#
>DEFAULT    Hint == "SLIP"
>    Framed-Protocol = SLIP
>
>#
># Last default: rlogin to our main server.
>#
>#DEFAULT
>#    Service-Type = Login-User,
>#    Login-Service = Rlogin,
>#    Login-IP-Host = shellbox.ispdomain.com
>
># #
># # Last default: shell on the local terminal server.
># #
># DEFAULT
>#     Service-Type = Shell-User
>
># On no match, the user is denied access.
>
>
>Server side output:-
>
>rad_recv: Access-Request packet from host 192.168.2.183:1031, id=0, length=177
>        Message-Authenticator = 0x589528b2bceeed66a2d4d26fefe7bf2c
>        Service-Type = Framed-User
>        User-Name = "testuser"
>        Framed-MTU = 1488
>        Called-Station-Id = "00-03-7F-09-60-7E:ATH183"
>        Calling-Station-Id = "00-03-7F-05-C0-9C"
>        NAS-Port-Type = Wireless-802.11
>        Connect-Info = "CONNECT 54Mbps 802.11g"
>        EAP-Message = 0x0200000d017465737475736572
>        NAS-IP-Address = 192.168.2.183
>        NAS-Port = 1
>        NAS-Port-Id = "STA port # 1"
>  Processing the authorize section of radiusd.conf
>modcall: entering group authorize for request 0
>  modcall[authorize]: module "preprocess" returns ok for request 0
>  modcall[authorize]: module "chap" returns noop for request 0
>  modcall[authorize]: module "mschap" returns noop for request 0
>    rlm_realm: No '@' in User-Name = "testuser", looking up realm NULL
>    rlm_realm: No such realm "NULL"
>  modcall[authorize]: module "suffix" returns noop for request 0
>  rlm_eap: EAP packet type response id 0 length 13
>  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
>  modcall[authorize]: module "eap" returns updated for request 0
>    users: Matched entry testuser at line 155
>  modcall[authorize]: module "files" returns ok for request 0
>rlm_pap: Found existing Auth-Type, not changing it.
>  modcall[authorize]: module "pap" returns noop for request 0
>modcall: leaving group authorize (returns updated) for request 0
>  rad_check_password:  Found Auth-Type EAP
>auth: type "EAP"
>  Processing the authenticate section of radiusd.conf
>modcall: entering group authenticate for request 0
>  rlm_eap: EAP Identity
>  rlm_eap: processing type md5
>rlm_eap_md5: Issuing Challenge
>  modcall[authenticate]: module "eap" returns handled for request 0
>modcall: leaving group authenticate (returns handled) for request 0
>Sending Access-Challenge of id 0 to 192.168.2.183 port 1031
>        Service-Type = Framed-User
>        Framed-MTU = 1438
>        EAP-Message = 0x010100160410c321416d83ead87330b8226effb8b924
>        Message-Authenticator = 0x00000000000000000000000000000000
>        State = 0x658952967ab1a3f98332d7b9a168e752
>Finished request 0
>Going to the next request
>--- Walking the entire request list ---
>Waking up in 6 seconds...
>rad_recv: Access-Request packet from host 192.168.2.183:1031, id=1, length=204
>        Message-Authenticator = 0x351c009d3401181ca0410e9cd1971a24
>        Service-Type = Framed-User
>        User-Name = "testuser"
>        Framed-MTU = 1488
>        State = 0x658952967ab1a3f98332d7b9a168e752
>        Called-Station-Id = "00-03-7F-09-60-7E:ATH183"
>        Calling-Station-Id = "00-03-7F-05-C0-9C"
>        NAS-Port-Type = Wireless-802.11
>        Connect-Info = "CONNECT 54Mbps 802.11g"
>        EAP-Message = 0x0201001604101df014c337b67c17a0f7a7df8564814c
>        NAS-IP-Address = 192.168.2.183
>        NAS-Port = 1
>        NAS-Port-Id = "STA port # 1"
>  Processing the authorize section of radiusd.conf
>modcall: entering group authorize for request 1
>  modcall[authorize]: module "preprocess" returns ok for request 1
>  modcall[authorize]: module "chap" returns noop for request 1
>  modcall[authorize]: module "mschap" returns noop for request 1
>    rlm_realm: No '@' in User-Name = "testuser", looking up realm NULL
>    rlm_realm: No such realm "NULL"
>  modcall[authorize]: module "suffix" returns noop for request 1
>  rlm_eap: EAP packet type response id 1 length 22
>  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
>  modcall[authorize]: module "eap" returns updated for request 1
>    users: Matched entry testuser at line 155
>  modcall[authorize]: module "files" returns ok for request 1
>rlm_pap: Found existing Auth-Type, not changing it.
>  modcall[authorize]: module "pap" returns noop for request 1
>modcall: leaving group authorize (returns updated) for request 1
>  rad_check_password:  Found Auth-Type EAP
>auth: type "EAP"
>  Processing the authenticate section of radiusd.conf
>modcall: entering group authenticate for request 1
>  rlm_eap: Request found, released from the list
>  rlm_eap: EAP/md5
>  rlm_eap: processing type md5
>  rlm_eap: Freeing handler
>  modcall[authenticate]: module "eap" returns ok for request 1
>modcall: leaving group authenticate (returns ok) for request 1
>Sending Access-Accept of id 1 to 192.168.2.183 port 1031
>        Service-Type = Framed-User
>        Framed-MTU = 1438
>        EAP-Message = 0x03010004
>        Message-Authenticator = 0x00000000000000000000000000000000
>        User-Name = "testuser"
>Finished request 1
>Going to the next request
>Waking up in 6 seconds...
>--- Walking the entire request list ---
>Cleaning up request 0 ID 0 with timestamp 465fabbe
>Cleaning up request 1 ID 1 with timestamp 465fabbe
>Nothing to do.  Sleeping until we see a request.
>
>Client side output:-
>
>Initializing interface 'ath0' conf '/etc/wpa_supplicant/WPA_EAP_TLS1.conf' driver 'wext' ctrl_interface 'N/A' bridge 'N/A'
>Configuration file '/etc/wpa_supplicant/WPA_EAP_TLS1.conf' -> '/etc/wpa_supplicant/WPA_EAP_TLS1.conf'
>Reading configuration file '/etc/wpa_supplicant/WPA_EAP_TLS1.conf'
>ctrl_interface='/var/run/wpa_supplicant'
>ctrl_interface_group='wheel' (DEPRECATED)
>eapol_version=1
>ap_scan=1
>fast_reauth=1
>Line: 6 - start of a new network block
>ssid - hexdump_ascii(len=6):
>     41 54 48 31 38 33                                 ATH183
>scan_ssid=1 (0x1)
>key_mgmt: 0x1
>eap methods - hexdump(len=16): 00 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00
>identity - hexdump_ascii(len=8):
>     74 65 73 74 75 73 65 72                           testuser
>password - hexdump_ascii(len=8): [REMOVED]
>Priority group 0
>   id=0 ssid='ATH183'
>Initializing interface (2) 'ath0'
>EAPOL: SUPP_PAE entering state DISCONNECTED
>EAPOL: KEY_RX entering state NO_KEY_RECEIVE
>EAPOL: SUPP_BE entering state INITIALIZE
>EAP: EAP entering state DISABLED
>EAPOL: External notification - portEnabled=0
>EAPOL: External notification - portValid=0
>SIOCGIWRANGE: WE(compiled)=22 WE(source)=13 enc_capa=0xf
>  capabilities: key_mgmt 0xf enc 0xf
>WEXT: Operstate: linkmode=1, operstate=5
>Own MAC address: 00:03:7f:05:c0:9c
>wpa_driver_wext_set_wpa
>wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
>wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
>wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
>wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
>wpa_driver_wext_set_countermeasures
>wpa_driver_wext_set_drop_unencrypted
>Setting scan request: 0 sec 100000 usec
>ctrl_interface_group=10 (from group name 'wheel')
>Added interface ath0
>RTM_NEWLINK: operstate=0 ifi_flags=0x1002 ()
>Wireless event: cmd=0x8b06 len=8
>Ignore event for foreign ifindex 3
>RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
>RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
>RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
>RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
>RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
>Wireless event: cmd=0x8b15 len=20
>Wireless event: new AP: 00:03:7f:09:60:7e
>State: DISCONNECTED -> ASSOCIATED
>wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
>WEXT: Operstate: linkmode=-1, operstate=5
>Associated with 00:00:00:00:00:00
>WPA: Association event - clear replay counter
>EAPOL: External notification - portEnabled=0
>EAPOL: External notification - portValid=0
>EAPOL: External notification - portEnabled=1
>EAPOL: SUPP_PAE entering state CONNECTING
>EAPOL: SUPP_BE entering state IDLE
>EAP: EAP entering state INITIALIZE
>EAP: EAP entering state IDLE
>Setting authentication timeout: 10 sec 0 usec
>Cancelling scan request
>RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
>RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
>RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
>Wireless event: cmd=0x8b15 len=20
>Wireless event: new AP: 00:00:00:00:00:00
>Setting scan request: 0 sec 100000 usec
>Added BSSID 00:00:00:00:00:00 into blacklist
>CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
>wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
>wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
>wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
>wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
>wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
>State: ASSOCIATED -> DISCONNECTED
>wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
>WEXT: Operstate: linkmode=-1, operstate=5
>EAPOL: External notification - portEnabled=0
>EAPOL: SUPP_PAE entering state DISCONNECTED
>EAPOL: SUPP_BE entering state INITIALIZE
>EAP: EAP entering state DISABLED
>EAPOL: External notification - portValid=0
>CTRL_IFACE monitor attached - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 33 39 31 32 2d 37 35 00
>RX ctrl_iface - hexdump_ascii(len=10):
>     49 4e 54 45 52 46 41 43 45 53                     INTERFACES
>RX ctrl_iface - hexdump_ascii(len=6):
>     53 54 41 54 55 53                                 STATUS
>ioctl[SIOCGIFADDR]: Cannot assign requested address
>RX ctrl_iface - hexdump_ascii(len=13):
>     4c 49 53 54 5f 4e 45 54 57 4f 52 4b 53            LIST_NETWORKS
>RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
>Wireless event: cmd=0x8b15 len=20
>Wireless event: new AP: 00:03:7f:09:60:7e
>State: DISCONNECTED -> ASSOCIATED
>wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
>WEXT: Operstate: linkmode=-1, operstate=5
>Associated to a new BSS: BSSID=00:03:7f:09:60:7e
>No keys have been configured - skip key clearing
>Network configuration found for the current AP
>WPA: No WPA/RSN IE available from association info
>WPA: Set cipher suites based on configuration
>WPA: Selected cipher suites: group 30 pairwise 24 key_mgmt 1 proto 2
>WPA: clearing AP WPA IE
>WPA: clearing AP RSN IE
>WPA: using GTK CCMP
>WPA: using PTK CCMP
>WPA: using KEY_MGMT 802.1X
>WPA: Set own WPA IE default - hexdump(len=22): 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 01 00 00
>EAPOL: External notification - portControl=Auto
>Associated with 00:03:7f:09:60:7e
>CTRL_IFACE monitor send - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 33 39 31 32 2d 37 35 00
>WPA: Association event - clear replay counter
>EAPOL: External notification - portEnabled=0
>EAPOL: External notification - portValid=0
>EAPOL: External notification - portEnabled=1
>EAPOL: SUPP_PAE entering state CONNECTING
>EAPOL: SUPP_BE entering state IDLE
>EAP: EAP entering state INITIALIZE
>EAP: EAP entering state IDLE
>Setting authentication timeout: 10 sec 0 usec
>Cancelling scan request
>RX EAPOL from 00:03:7f:09:60:7e
>RX EAPOL - hexdump(len=9): 01 00 00 05 01 00 00 05 01
>Setting authentication timeout: 70 sec 0 usec
>EAPOL: Received EAP-Packet frame
>EAPOL: SUPP_PAE entering state RESTART
>EAP: EAP entering state INITIALIZE
>EAP: EAP entering state IDLE
>EAPOL: SUPP_PAE entering state AUTHENTICATING
>EAPOL: SUPP_BE entering state REQUEST
>EAPOL: getSuppRsp
>EAP: EAP entering state RECEIVED
>EAP: Received EAP-Request id=0 method=1 vendor=0 vendorMethod=0
>EAP: EAP entering state IDENTITY
>CTRL-EVENT-EAP-STARTED EAP authentication started
>CTRL_IFACE monitor send - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 33 39 31 32 2d 37 35 00
>EAP: EAP-Request Identity data - hexdump_ascii(len=0):
>EAP: using real identity - hexdump_ascii(len=8):
>     74 65 73 74 75 73 65 72                           testuser
>EAP: EAP entering state SEND_RESPONSE
>EAP: EAP entering state IDLE
>EAPOL: SUPP_BE entering state RESPONSE
>EAPOL: txSuppRsp
>TX EAPOL - hexdump(len=17): 01 00 00 0d 02 00 00 0d 01 74 65 73 74 75 73 65 72
>EAPOL: SUPP_BE entering state RECEIVE
>RX EAPOL from 00:03:7f:09:60:7e
>RX EAPOL - hexdump(len=26): 01 00 00 16 01 01 00 16 04 10 c3 21 41 6d 83 ea d8 73 30 b8 22 6e ff b8 b9 24
>EAPOL: Received EAP-Packet frame
>EAPOL: SUPP_BE entering state REQUEST
>EAPOL: getSuppRsp
>EAP: EAP entering state RECEIVED
>EAP: Received EAP-Request id=1 method=4 vendor=0 vendorMethod=0
>EAP: EAP entering state GET_METHOD
>EAP: Initialize selected EAP method: vendor 0 method 4 (MD5)
>CTRL-EVENT-EAP-METHOD EAP vendor 0 method 4 (MD5) selected
>CTRL_IFACE monitor send - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 33 39 31 32 2d 37 35 00
>EAP: EAP entering state METHOD
>EAP-MD5: Challenge - hexdump(len=16): c3 21 41 6d 83 ea d8 73 30 b8 22 6e ff b8 b9 24
>EAP-MD5: Generating Challenge Response
>EAP-MD5: Response - hexdump(len=16): 1d f0 14 c3 37 b6 7c 17 a0 f7 a7 df 85 64 81 4c
>EAP: method process -> ignore=FALSE methodState=DONE decision=UNCOND_SUCC
>EAP: EAP entering state SEND_RESPONSE
>EAP: EAP entering state IDLE
>EAPOL: SUPP_BE entering state RESPONSE
>EAPOL: txSuppRsp
>TX EAPOL - hexdump(len=26): 01 00 00 16 02 01 00 16 04 10 1d f0 14 c3 37 b6 7c 17 a0 f7 a7 df 85 64 81 4c
>EAPOL: SUPP_BE entering state RECEIVE
>RX EAPOL from 00:03:7f:09:60:7e
>RX EAPOL - hexdump(len=8): 01 00 00 04 04 01 00 04
>EAPOL: Received EAP-Packet frame
>EAPOL: SUPP_BE entering state REQUEST
>EAPOL: getSuppRsp
>EAP: EAP entering state RECEIVED
>EAP: Received EAP-Failure
>EAP: EAP entering state DISCARD
>EAP: EAP entering state IDLE
>EAPOL: SUPP_BE entering state RECEIVE
>RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
>RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
>RX ctrl_iface - hexdump_ascii(len=4):
>     50 49 4e 47                                       PING
>RX ctrl_iface - hexdump_ascii(len=6):
>     53 54 41 54 55 53                                 STATUS
>ioctl[SIOCGIFADDR]: Cannot assign requested address
>RX ctrl_iface - hexdump_ascii(len=13):
>     4c 49 53 54 5f 4e 45 54 57 4f 52 4b 53            LIST_NETWORKS
>RX ctrl_iface - hexdump_ascii(len=4):
>     50 49 4e 47                                       PING
>EAPOL: startWhen --> 0
>RX ctrl_iface - hexdump_ascii(len=4):
>     50 49 4e 47                                       PING
>RX ctrl_iface - hexdump_ascii(len=4):
>     50 49 4e 47                                       PING
>RX ctrl_iface - hexdump_ascii(len=4):
>     50 49 4e 47                                       PING
>RX ctrl_iface - hexdump_ascii(len=4):
>     50 49 4e 47                                       PING
>RX ctrl_iface - hexdump_ascii(len=4):
>     50 49 4e 47                                       PING
>RX ctrl_iface - hexdump_ascii(len=4):
>     50 49 4e 47                                       PING
>RX ctrl_iface - hexdump_ascii(len=4):
>     50 49 4e 47                                       PING
>RX ctrl_iface - hexdump_ascii(len=4):
>     50 49 4e 47                                       PING
>RX ctrl_iface - hexdump_ascii(len=4):
>     50 49 4e 47                                       PING
>RX ctrl_iface - hexdump_ascii(len=6):
>     53 54 41 54 55 53                                 STATUS
>ioctl[SIOCGIFADDR]: Cannot assign requested address
>RX ctrl_iface - hexdump_ascii(len=4):
>     50 49 4e 47                                       PING
>RX ctrl_iface - hexdump_ascii(len=4):
>     50 49 4e 47                                       PING
>RX ctrl_iface - hexdump_ascii(len=4):
>     50 49 4e 47                                       PING
>RX ctrl_iface - hexdump_ascii(len=4):
>     50 49 4e 47                                       PING
>RX ctrl_iface - hexdump_ascii(len=4):
>     50 49 4e 47                                       PING
>CTRL-EVENT-TERMINATING - signal 2 received
>CTRL_IFACE monitor send - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 33 39 31 32 2d 37 35 00
>Removing interface ath0
>State: ASSOCIATED -> DISCONNECTED
>wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
>WEXT: Operstate: linkmode=-1, operstate=5
>wpa_driver_wext_deauthenticate
>No keys have been configured - skip key clearing
>EAPOL: External notification - portEnabled=0
>EAPOL: SUPP_PAE entering state DISCONNECTED
>EAPOL: SUPP_BE entering state INITIALIZE
>EAP: EAP entering state DISABLED
>EAPOL: External notification - portValid=0
>wpa_driver_wext_set_wpa
>wpa_driver_wext_set_drop_unencrypted
>wpa_driver_wext_set_countermeasures
>No keys have been configured - skip key clearing
>CTRL_IFACE wait for attached monitors to receive messages
>EAP: deinitialize previously used EAP method (4, MD5) at EAP deinit
>Removed BSSID 00:00:00:00:00:00 from blacklist (clear)
>Cancelling scan request
>Cancelling authentication timeout
>WEXT: Operstate: linkmode=0, operstate=6
>
>
>
>
>
>---------------------------------
> Download prohibited? No problem! CHAT from any browser, without download.
>




More information about the Freeradius-Users mailing list