wpa_supplicant eap trouble
Alan DeKok
aland at deployingradius.com
Sun Nov 18 18:43:02 CET 2007
Patrick Welche wrote:
> I have set up radiusd-CVS of 15 Nov, and can't connect to it with
> wpa_supplicant 0.4.9/bsd/ath0. (I also tried vista but that's worse.)
Try also eapol_test, which is included with wpa_supplicant.
> The authentication seems to succeed:
...
> EAP-Message = 0x03010004
> But, now on the client (whose clock is 2.180s slow):
...
> Nov 18 15:11:13.026165: RX EAPOL - hexdump(len=8): 01 00 00 04 04 01 00 04
i.e. it really does receive an EAP failure. The last 4 bytes are
*not* the same as what the server is sending.
> Am I right in guessing that
>
> EAP-Message = 0x03010004 means 03 = EAP-Success, 01 = id, 0004 = 4 bytes long?
Yes.
> Sending... gets printed before the packet is signed, so I assume that
> the correct Message-Authenticator gets computed.
Yes.
> How can I break the configuration files such that all communication up to
> Access-Accept is OK, and yet the connection fails?
wpa_supplicant isn't receiving the data that FreeRADIUS sends. This
has nothing to do with FreeRADIUS.
Alan DeKok.
More information about the Freeradius-Users
mailing list