EAP/MD5 question

[Ronald Jochems]

Hello All,   I would like some help configuring my Freeradius. I just started with Freeradius and i am not that familiar with wireless/certificates so i thougt to start with EAP/MD5 isof EAP/TLS.   At this moment it looks like i can authenticate with my WinXP wireless client with Radius. After this first step, i believe WEP keys need to be negotiated, but i think i have that part missing/wrong. My AP is configurable for 64 / 128 / 256 keys incombination with Radius. Also no ip adress is provided, wich normally is dhcp. I guess this only starts after WEP is enabled correctly.   I tried several options from the documentation / newsgroup but i could not find a satisfactory answer. Most use use EAP/TLS.     Log from  Dlink950+ : Sep 10 08:52:23 accesspoint Wireless PC connected   00-06-25-A8-1A-41^M Sep 10 08:52:23 accesspoint EAP-Request/Identity   ^M Sep 10 08:52:27 accesspoint EAP-Request/Identity   ^M Sep 10 08:52:28 accesspoint EAP-Response/Identity   test^M Sep 10 08:52:28 accesspoint EAP-Success   00-06-25-A8-1A-41^M Sep 10 08:52:28 accesspoint Authentication success   00-06-25-A8-1A-41^M   Log from 'radiusd -X'   Listening on IP address *, ports 1812/udp and 1813/udp. Ready to process requests. rad_recv: Access-Request packet from host 192.168.1.50:1208, id=5, length=127         User-Name = "test"         NAS-IP-Address = 192.168.1.50         NAS-Port = 0         Called-Station-Id = "00-06-25-57-19-30"         Calling-Station-Id = "00-06-25-A8-1A-41"         NAS-Identifier = "DLinksys"         Framed-MTU = 1380         NAS-Port-Type = Wireless-802.11         EAP-Message = 0x020100090174657374         Message-Authenticator = 0x184aa44ed364409f16c602d99246001f modcall: entering group authorize   modcall[authorize]: module "preprocess" returns ok   rlm_eap: EAP packet type notification id 1 length 9   rlm_eap: EAP Start not found   modcall[authorize]: module "eap" returns updated     rlm_realm: No '@' in User-Name = "test", looking up realm NULL     rlm_realm: No such realm "NULL"   modcall[authorize]: module "suffix" returns noop     users: Matched test at 65   modcall[authorize]: module "files" returns ok modcall: group authorize returns updated   rad_check_password:  Found Auth-Type Eap auth: type "EAP" modcall: entering group authenticate   rlm_eap: EAP packet type notification id 1 length 9   rlm_eap: EAP Start not found   rlm_eap: EAP Identity   rlm_eap: processing type md5 rlm_eap_md5: Issuing Challenge   modcall[authenticate]: module "eap" returns ok modcall: group authenticate returns ok Sending Access-Challenge of id 5 to 192.168.1.50:1208         Service-Type = Framed-User         Framed-IP-Address = 192.168.1.60         EAP-Message = 0x01020016041023d501626551f8686251a69aa65d1673         Message-Authenticator = 0x00000000000000000000000000000000         State = 0xfa177e6e7af08f0a7d81cdc88fb0ec36c7e85e3fef6eb9e9076194ae611171657670ad58 Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.1.50:1208, id=6, length=182         User-Name = "test"         NAS-IP-Address = 192.168.1.50         NAS-Port = 0         Called-Station-Id = "00-06-25-57-19-30"         Calling-Station-Id = "00-06-25-A8-1A-41"         NAS-Identifier = "DLinksys"         Framed-MTU = 1380         NAS-Port-Type = Wireless-802.11         EAP-Message = 0x0202001a0410dc1a846ef45ec42e6a34841cd457c24d74657374         State = 0xfa177e6e7af08f0a7d81cdc88fb0ec36c7e85e3fef6eb9e9076194ae611171657670ad58         Message-Authenticator = 0x9abd4fa94be9f54c3eb4d2a5f8b08e88 modcall: entering group authorize   modcall[authorize]: module "preprocess" returns ok   rlm_eap: EAP packet type notification id 2 length 26   rlm_eap: EAP Start not found   modcall[authorize]: module "eap" returns updated     rlm_realm: No '@' in User-Name = "test", looking up realm NULL     rlm_realm: No such realm "NULL"   modcall[authorize]: module "suffix" returns noop     users: Matched test at 65   modcall[authorize]: module "files" returns ok modcall: group authorize returns updated   rad_check_password:  Found Auth-Type Eap auth: type "EAP" modcall: entering group authenticate   rlm_eap: EAP packet type notification id 2 length 26   rlm_eap: EAP Start not found   rlm_eap: Request found, released from the list   rlm_eap: EAP_TYPE - md5   rlm_eap: processing type md5   rlm_eap: Freeing handler   modcall[authenticate]: module "eap" returns ok modcall: group authenticate returns ok Sending Access-Accept of id 6 to 192.168.1.50:1208         Service-Type = Framed-User         Framed-IP-Address = 192.168.1.60         EAP-Message = 0x03020004         Message-Authenticator = 0x00000000000000000000000000000000 Finished request 1 Going to the next request Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 5 with timestamp 3f5ee8c7 Cleaning up request 1 ID 6 with timestamp 3f5ee8c7 Nothing to do.  Sleeping until we see a request. [EMAIL PROTECTED]:/home/ron#