Intel adapters can be a little tricky. Try switching off the power management settings for the adapters. This can usually be found in the device driver properties for the card.
Also use the latest Intel driver for the adapter. Good luck, I hope this helps, Ken ----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, January 03, 2004 7:01 PM Subject: Can't authenticate EAP-TLS with Intel Adapter > > > Hello, > > I have a Freeradius 0.9.3 installation running on a Redhat 9 machine. It works > GREAT for my home laptop. Thanks so much for this excellent software. I'm > running a DLink 900+ AP and my home laptop has a matching DLink 650+ PCMCIA > wireless card. I'm using EAP-TLS on Windows XP and it is working great for that > machine. > > I recently got a new Dell Latitude D600 laptop for work and I cannot seem to get > this silly machine to correctly connect to the wireless network using EAP-TLS. > I first tried the same certificate I created (using OpenSSL) and have been using > on my personal laptop. It gets to Attempting Authentication and just stays > there. I also tried creating a new certificate for this machine, but got the > same results. I don't see anything obvious in the log file for FreeRadius, but > I'm attaching the relevant information in hopes that someone can offer an idea > of what might be wrong. > > The new machine has a built-in Intel(R) PRO/Wireless LAN 2100 3A Mini PCI > Adapter. It is running Windows XP + SP1 and patches. I guess I'm unsure why a > different wireless card would have trouble, as it seems to talk to the AP just fine. > > Thanks for any help you can give. > Craig > > Ready to process requests > rad_recv: Access-Request packet from host 192.168.0.50:1248, id=106, length=135 > User-Name = "csetera" > NAS-IP-Address = 192.168.0.50 > NAS-Port = 0 > Called-Station-Id = "00-40-05-CA-6D-42" > Calling-Station-Id = "00-04-23-53-0D-63" > NAS-Identifier = "DWL-900AP+" > Framed-MTU = 1380 > NAS-Port-Type = Wireless-802.11 > EAP-Message = 0x0201000c0163736574657261 > Message-Authenticator = 0xe5b9e009b38dac2fb879dd1a06885026 > modcall: entering group authorize for request 0 > modcall[authorize]: module "preprocess" returns ok for request 0 > rlm_eap: EAP packet type notification id 1 length 12 > rlm_eap: EAP Start not found > modcall[authorize]: module "eap" returns updated for request 0 > users: Matched csetera at 91 > modcall[authorize]: module "files" returns ok for request 0 > modcall: group authorize returns updated for request 0 > rad_check_password: Found Auth-Type EAP > auth: type "EAP" > modcall: entering group authenticate for request 0 > rlm_eap: EAP packet type notification id 1 length 12 > rlm_eap: EAP Start not found > rlm_eap: EAP Identity > rlm_eap: processing type tls > rlm_eap_tls: Initiate > rlm_eap_tls: Start returned 1 > modcall[authenticate]: module "eap" returns ok for request 0 > modcall: group authenticate returns ok for request 0 > Sending Access-Challenge of id 106 to 192.168.0.50:1248 > EAP-Message = 0x010200060d20 > Message-Authenticator = 0x00000000000000000000000000000000 > State = 0x0f1812cd9e34e3291e6614767b2ef0cf2608f73fa740ded30adc1d88ff5b012f9f5b4915 > Finished request 0 > Going to the next request > --- Walking the entire request list --- > Waking up in 6 seconds... > rad_recv: Access-Request packet from host 192.168.0.50:1248, id=107, length=135 > User-Name = "csetera" > NAS-IP-Address = 192.168.0.50 > NAS-Port = 0 > Called-Station-Id = "00-40-05-CA-6D-42" > Calling-Station-Id = "00-04-23-53-0D-63" > NAS-Identifier = "DWL-900AP+" > Framed-MTU = 1380 > NAS-Port-Type = Wireless-802.11 > EAP-Message = 0x0203000c0163736574657261 > Message-Authenticator = 0xb189b0090592766341676a4d888e29ea > modcall: entering group authorize for request 1 > modcall[authorize]: module "preprocess" returns ok for request 1 > rlm_eap: EAP packet type notification id 3 length 12 > rlm_eap: EAP Start not found > modcall[authorize]: module "eap" returns updated for request 1 > users: Matched csetera at 91 > modcall[authorize]: module "files" returns ok for request 1 > modcall: group authorize returns updated for request 1 > rad_check_password: Found Auth-Type EAP > auth: type "EAP" > modcall: entering group authenticate for request 1 > rlm_eap: EAP packet type notification id 3 length 12 > rlm_eap: EAP Start not found > rlm_eap: EAP Identity > rlm_eap: processing type tls > rlm_eap_tls: Initiate > rlm_eap_tls: Start returned 1 > modcall[authenticate]: module "eap" returns ok for request 1 > modcall: group authenticate returns ok for request 1 > Sending Access-Challenge of id 107 to 192.168.0.50:1248 > EAP-Message = 0x010400060d20 > Message-Authenticator = 0x00000000000000000000000000000000 > State = 0xc813bc0205103cd2019947a069e31de32908f73fac424fb83bd323f40336a2002c26867d > Finished request 1 > Going to the next request > --- Walking the entire request list --- > Waking up in 3 seconds... > --- Walking the entire request list --- > Cleaning up request 0 ID 106 with timestamp 3ff70826 > Waking up in 3 seconds... > --- Walking the entire request list --- > Cleaning up request 1 ID 107 with timestamp 3ff70829 > Nothing to do. Sleeping until we see a request. > rad_recv: Access-Request packet from host 192.168.0.50:1248, id=108, length=135 > User-Name = "csetera" > NAS-IP-Address = 192.168.0.50 > NAS-Port = 0 > Called-Station-Id = "00-40-05-CA-6D-42" > Calling-Station-Id = "00-04-23-53-0D-63" > NAS-Identifier = "DWL-900AP+" > Framed-MTU = 1380 > NAS-Port-Type = Wireless-802.11 > EAP-Message = 0x0205000c0163736574657261 > Message-Authenticator = 0x7d374f69da0b52547a736c9dba71cfd0 > modcall: entering group authorize for request 2 > modcall[authorize]: module "preprocess" returns ok for request 2 > rlm_eap: EAP packet type notification id 5 length 12 > rlm_eap: EAP Start not found > modcall[authorize]: module "eap" returns updated for request 2 > users: Matched csetera at 91 > modcall[authorize]: module "files" returns ok for request 2 > modcall: group authorize returns updated for request 2 > rad_check_password: Found Auth-Type EAP > auth: type "EAP" > modcall: entering group authenticate for request 2 > rlm_eap: EAP packet type notification id 5 length 12 > rlm_eap: EAP Start not found > rlm_eap: EAP Identity > rlm_eap: processing type tls > rlm_eap_tls: Initiate > rlm_eap_tls: Start returned 1 > modcall[authenticate]: module "eap" returns ok for request 2 > modcall: group authenticate returns ok for request 2 > Sending Access-Challenge of id 108 to 192.168.0.50:1248 > EAP-Message = 0x010600060d20 > Message-Authenticator = 0x00000000000000000000000000000000 > State = 0x90c8276fb1b85771e266008d8374c9874708f73fb6c346dcc8687d12328a5c0e6ddfff3b > Finished request 2 > Going to the next request > --- Walking the entire request list --- > Waking up in 6 seconds... > rad_recv: Access-Request packet from host 192.168.0.50:1248, id=109, length=241 > User-Name = "csetera" > NAS-IP-Address = 192.168.0.50 > NAS-Port = 0 > Called-Station-Id = "00-40-05-CA-6D-42" > Calling-Station-Id = "00-04-23-53-0D-63" > NAS-Identifier = "DWL-900AP+" > Framed-MTU = 1380 > NAS-Port-Type = Wireless-802.11 > EAP-Message = > 0x020600500d800000004616030100410100003d03013ff7084e23a0dc39789f221340229262 b6ac939e26f5bf00b82859a59a2bc7d800001600040005000a00090064006200030006001300 1200630100 > State = 0x90c8276fb1b85771e266008d8374c9874708f73fb6c346dcc8687d12328a5c0e6ddfff3b > Message-Authenticator = 0xa2735b37679a5b259c808d3aafef1ff8 > modcall: entering group authorize for request 3 > modcall[authorize]: module "preprocess" returns ok for request 3 > rlm_eap: EAP packet type notification id 6 length 80 > rlm_eap: EAP Start not found > modcall[authorize]: module "eap" returns updated for request 3 > users: Matched csetera at 91 > modcall[authorize]: module "files" returns ok for request 3 > modcall: group authorize returns updated for request 3 > rad_check_password: Found Auth-Type EAP > auth: type "EAP" > modcall: entering group authenticate for request 3 > rlm_eap: EAP packet type notification id 6 length 80 > rlm_eap: EAP Start not found > rlm_eap: Request found, released from the list > rlm_eap: EAP_TYPE - tls > rlm_eap: processing type tls > rlm_eap_tls: Authenticate > rlm_eap_tls: Length Included > undefined: before/accept initialization > TLS_accept: before/accept initialization > rlm_eap_tls: <<< TLS 1.0 Handshake [length 0041], ClientHello > TLS_accept: SSLv3 read client hello A > rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello > TLS_accept: SSLv3 write server hello A > rlm_eap_tls: >>> TLS 1.0 Handshake [length 0674], Certificate > TLS_accept: SSLv3 write certificate A > rlm_eap_tls: >>> TLS 1.0 Handshake [length 00a8], CertificateRequest > TLS_accept: SSLv3 write certificate request A > TLS_accept: SSLv3 flush data > TLS_accept:error in SSLv3 read client certificate A > rlm_eap_tls: SSL_read Error > Error code is ..... 2 > SSL Error ..... 2 > modcall[authenticate]: module "eap" returns ok for request 3 > modcall: group authenticate returns ok for request 3 > Sending Access-Challenge of id 109 to 192.168.0.50:1248 > EAP-Message = > 0x0107040a0dc000000775160301004a0200004603013ff7084720d989adedcef68233466369 eb4e611e9c53cf8010aa63b5a468ef4e200c5801f095434c442a081ea007869c95ce7e0cd9c3 58cb000de5960097c9258900040016030106740b00067000066d0002c8308202c43082022da0 03020102020101300d06092a864886f70d0101040500308196310b3009060355040613025553 31123010060355040813094d696e6e65736f74613112301006035504071309526f6368657374 6572310f300d060355040a130653657465726131143012060355040b130b536574657261486f 7573653111300f06035504031308536574657261434131253023 > EAP-Message = > 0x06092a864886f70d01090116167365746572616a756e6b40636861727465722e6e6574301e 170d3033303431353031323335335a170d3038303431333031323335335a30819f310b300906 035504061302555331123010060355040813094d696e6e65736f746131123010060355040713 09526f63686573746572310f300d060355040a130653657465726131143012060355040b130b 536574657261486f757365311a3018060355040313117365746572612e676f74646e732e6f72 673125302306092a864886f70d01090116167365746572616a756e6b40636861727465722e6e 657430819f300d06092a864886f70d010101050003818d003081 > EAP-Message = > 0x8902818100a811bb47cecf7b0f9fbe6b1dbcf02bcec5f0e2ca60794f11d0a2c1a01892bfd6 aa9293e4c8d557a23814aacae9c0f50367df4843edc0ddd1573d8585e9a04f7e3586c4bb0347 dcb9eb5beab2298901a28bb798027a6e5e3c691a388e93eaccef33520ca7328b9a43f73ad66e e7dedafe4d14c29deb953a579b5467def5fff1710203010001a317301530130603551d25040c 300a06082b06010505070301300d06092a864886f70d01010405000381810039efb2b87a31df 7125afeaa0ebb0f1a174bc6ac8acd57dabc8c0e22aad93d7ba805ba580690989a27293ce8862 7341870490128d530802e49388dbccaa4125f324e226a8f0f0a1 > EAP-Message = > 0xd1cda6aca8b22918938fe6927c608deed36d9c83d2a2fe7a447fa96706f468b00a266873f2 e4bd96efc4dcc3b5c27106673de5525d87a99a1e00039f3082039b30820304a0030201020201 00300d06092a864886f70d0101040500308196310b3009060355040613025553311230100603 55040813094d696e6e65736f74613112301006035504071309526f63686573746572310f300d 060355040a130653657465726131143012060355040b130b536574657261486f757365311130 0f0603550403130853657465726143413125302306092a864886f70d01090116167365746572 616a756e6b40636861727465722e6e6574301e170d3033303431 > EAP-Message = 0x353031323331315a170d303830343133303132333131 > Message-Authenticator = 0x00000000000000000000000000000000 > State = 0x8552c4636991b3488d5e021870005f564708f73f534b4886050e5fbe1d42c312a596aee2 > Finished request 3 > Going to the next request > Waking up in 6 seconds... > --- Walking the entire request list --- > Cleaning up request 2 ID 108 with timestamp 3ff70847 > Cleaning up request 3 ID 109 with timestamp 3ff70847 > Nothing to do. Sleeping until we see a request. > > > ------------------------------------------------- > This mail sent through IMP: http://horde.org/imp/ > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.558 / Virus Database: 350 - Release Date: 1/2/2004 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
