> you can't be serious : this message is never the last one... this is a
> challenge. if this is the last message, the authentication has not been
> finished yet. you definitely should have EAP-TLS running correclty
> before even thinking about dynamic keys.
> The last message has to be Access-Accept.
:)
I am very sorry...
Wrong log file.
I tried again.
It worked fine!
The radius server is sending the WEP key to the client and the AP.
I also tried session timeout, this also works fine.
Here is the *correct* last response from the radius server:
Sending Access-Accept of id 17 to 192.168.1.50:1041
Session-Timeout = 60
MS-MPPE-Recv-Key =
0xc86d140abd8a14c351b5f5fe57d1a80fa9f8cb4cd031df826799f6a5ea26a35d0636652e66
a3d38e20e2c95849b306ebcd12
MS-MPPE-Send-Key =
0xc86ea9f84be30702154115cfc2f365ebd9ac7455de3f00e7b35c659ff600f3300396b1b975
1dd219fbc95faa9c94452edde4
EAP-Message = "\003\005\000\004"
Message-Authenticator = 0x00000000000000000000000000000000
Finished request 9
and the last packet after the first re-authentication:
Sending Access-Accept of id 22 to 192.168.1.50:1046
Session-Timeout = 60
MS-MPPE-Recv-Key =
0x9d74e62ce37e6361a2847632c373ba5628eccc12c6e06ca347b1b9783e1713a0d4ac0c7628
97fca4dd2cda40b2351271dab9
MS-MPPE-Send-Key =
0x9d73bb620d16b0948f70848be54a316cb2da912aef4a882d2f78bf671f07ecd9ff0a0f6400
625289f67f483ca93d8440cce6
EAP-Message = "\003\006\000\004"
Message-Authenticator = 0x00000000000000000000000000000000
Finished request 14
Where can i find out how these keys are created?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
