eapol_test works but not wpa_supplicant with wired interface
xxiao8
xxiao8 at fosiao.com
Tue Sep 9 19:51:44 CEST 2014
Hello,
I just set up freeradius 2.1.2(default) on debian and try to do
wpa_supplicant via wired interface to it. while eapol_test worked fine,
when wpa_supplicant is used on the freeradius server side I can never
see any incoming RADIUS packets(or any packets) at all.
I'm running wpa_supplicant/eapol_test on a ubuntu 12.04 while the
freeradius is hosted on a VM/debian-wheezy in the same bridged network.
Am I missing something basic? all logs are below.
Thanks,
xxiao
==========config file used==================
$cat ttls-mschapv2.conf
ctrl_interface=/var/run/wpa_supplicant
ap_scan=0
fast_reauth=1
network={
key_mgmt=IEEE8021X
identity="bob"
password="hello"
eapol_flags=0
eap=TTLS
anonymous_identity="anonymous"
phase2="auth=MSCHAPV2"
}
===============eapol_test works====================
$sudo eapol_test -c ttls-mschapv2.conf -a192.168.1.132 -p1812
-stesting123 -r2
RADIUS packet matching with station
MS-MPPE-Send-Key (sign) - hexdump(len=32): 0e 41 0d 3b 24 75 5f 43 08 cc
1c 63 c6 f8 21 d5 9c 2f f2 89 dd ab d9 d9 31 18 39 00 16 c3 92 86
MS-MPPE-Recv-Key (crypt) - hexdump(len=32): e2 9b ce e2 c6 69 e9 d9 c0
37 10 75 58 53 ba 51 a1 a4 38 b8 86 3d dc f5 6d 71 35 b1 18 a8 53 0f
decapsulated EAP packet (code=3 id=6 len=4) from RADIUS server: EAP Success
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Success
EAP: Status notification: completion (param=success)
EAP: EAP entering state SUCCESS
CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
EAPOL: SUPP_PAE entering state AUTHENTICATED
EAPOL: SUPP_BE entering state RECEIVE
EAPOL: SUPP_BE entering state SUCCESS
EAPOL: SUPP_BE entering state IDLE
eapol_sm_cb: result=1
EAPOL: Successfully fetched key (len=32)
PMK from EAPOL - hexdump(len=32): e2 9b ce e2 c6 69 e9 d9 c0 37 10 75 58
53 ba 51 a1 a4 38 b8 86 3d dc f5 6d 71 35 b1 18 a8 53 0f
No EAP-Key-Name received from server
EAP: deinitialize previously used EAP method (21, TTLS) at EAP deinit
ENGINE: engine deinit
MPPE keys OK: 3 mismatch: 0
SUCCESS
======wpa_supplicant wired does not work===========
$ sudo wpa_supplicant -Dwired -ieth0 -cttls-mschapv2.conf -d
wpa_supplicant v2.2
random: Trying to read entropy from /dev/random
Successfully initialized wpa_supplicant
Initializing interface 'eth0' conf 'ttls-mschapv2.conf' driver 'wired'
ctrl_interface 'N/A' bridge 'N/A'
Configuration file 'ttls-mschapv2.conf' -> '/tmp/ttls-mschapv2.conf'
Reading configuration file '/tmp/ttls-mschapv2.conf'
ctrl_interface='/var/run/wpa_supplicant'
ap_scan=0
fast_reauth=1
Priority group 0
id=0 ssid=''
wpa_driver_wired_init: Added multicast membership with packet socket
Add interface eth0 to a new radio N/A
eth0: Own MAC address: 18:03:73:e0:ba:f1
eth0: RSN: flushing PMKID list in the driver
eth0: Setting scan request: 0.100000 sec
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: Supplicant port status: Unauthorized
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
eth0: Added interface eth0
eth0: State: DISCONNECTED -> DISCONNECTED
random: Got 20/20 bytes from /dev/random
EAPOL: External notification - EAP success=0
EAPOL: External notification - EAP fail=0
EAPOL: External notification - portControl=Auto
eth0: Already associated with a configured network - generating
associated event
eth0: Event ASSOC (0) received
eth0: Association info event
eth0: State: DISCONNECTED -> ASSOCIATED
eth0: Associated to a new BSS: BSSID=01:80:c2:00:00:03
eth0: Select network based on association information
eth0: Network configuration found for the current AP
eth0: WPA: clearing AP WPA IE
eth0: WPA: clearing AP RSN IE
eth0: WPA: clearing own WPA/RSN IE
eth0: Failed to get scan results
EAPOL: External notification - EAP success=0
EAPOL: External notification - EAP fail=0
EAPOL: External notification - portControl=Auto
eth0: Associated with 01:80:c2:00:00:03
eth0: WPA: Association event - clear replay counter
eth0: WPA: Clear old PTK
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_BE entering state IDLE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
eth0: Cancelling scan request
EAPOL: startWhen --> 0
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: txStart
TX EAPOL: dst=01:80:c2:00:00:03
EAPOL: startWhen --> 0
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: txStart
TX EAPOL: dst=01:80:c2:00:00:03
EAPOL: idleWhile --> 0
EAP: EAP entering state FAILURE
eth0: CTRL-EVENT-EAP-FAILURE EAP authentication failed
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_PAE entering state HELD
EAPOL: Supplicant port status: Unauthorized
EAPOL: SUPP_BE entering state IDLE
EAPOL authentication completed - result=FAILURE
^Ceth0: Removing interface eth0
eth0: Request to deauthenticate - bssid=01:80:c2:00:00:03
pending_bssid=00:00:00:00:00:00 reason=3 state=ASSOCIATED
eth0: Event DEAUTH (12) received
eth0: Deauthentication notification
eth0: * reason 3 (locally generated)
Deauthentication frame IE(s) - hexdump(len=0): [NULL]
eth0: CTRL-EVENT-DISCONNECTED bssid=01:80:c2:00:00:03 reason=3
locally_generated=1
eth0: CTRL-EVENT-SSID-TEMP-DISABLED id=0 ssid="" auth_failures=1
duration=10 reason=AUTH_FAILED
eth0: Auto connect disabled: do not try to re-connect
eth0: Ignore connection failure indication since interface has been put
into disconnected state
eth0: State: ASSOCIATED -> DISCONNECTED
EAPOL: External notification - portEnabled=0
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: Supplicant port status: Unauthorized
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portValid=0
eth0: State: DISCONNECTED -> DISCONNECTED
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
eth0: Cancelling scan request
eth0: Cancelling authentication timeout
Remove interface eth0 from radio
Remove radio
eth0: CTRL-EVENT-TERMINATING
More information about the Freeradius-Users
mailing list