hi > Using a Windows 2000 client (with SP3 and 802.1x patch): > I turned off WEP encryption. The client was able to authenticate > successfully according to the Ethereal capture. But it keeps sending > an EAPOL start message after a EAP Success packet is received. > The EAPOLDBG trace messages in windows says "Dropping invalid SUCCESS > packet". > Why would a SUCCESS packet be invalid ?
i have no idea why a success packet would be invalid but it is not produced by the freeradius server and that's what matters. the eap success is produced by your AP on reception of the Access Accept which comes from the server. so see, what happens at your AP. > XP client: > I then setup an XP client with encryption turned off. Authentication was > successful and there were no msgs about invalid packets. EAPOL start > was resent after about 10-12 minutes. This is different from the EAPOL > logoff messages (I saw these as well) that are sent for automatic > re-authentication. > I turned on WEP encryption and it resent the EAPOL start message immediately > after a EAP success was received just like in the Windows 2000 case. > > I believe this is not normal behaviour. There should not be > re-authentication > without a reason. I am not sure how to go about debugging this problem. > Has anyone seen this king of behaviour before ? If so, please email me your > fix. I am not in the list, so please please email me your replies. me too, i believe that it is not normal :-) what AP are you using? what is its configuration? who is sending the EAP start packet? (both ends could...) update the firmware. ask the manufacturer. ciao artur -- Artur Hecker artur[at]hecker.info - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
