Client output isn't showing Access-Accept packet content. Post radiusd -X output and your users file.
Ivan Kalik Kalik Informatika ISP Dana 31/5/2007, "shantanu choudhary" <[EMAIL PROTECTED]> piše: >hello, >this is my client side output: >Authentication with 00:03:7f:09:60:a0 timed out. >Added BSSID 00:03:7f:09:60:a0 into blacklist >State: ASSOCIATED -> DISCONNECTED >wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT) >WEXT: Operstate: linkmode=-1, operstate=5 >wpa_driver_wext_disassociate >No keys have been configured - skip key clearing >EAPOL: External notification - portEnabled=0 >EAPOL: SUPP_PAE entering state DISCONNECTED >EAPOL: SUPP_BE entering state INITIALIZE >EAP: EAP entering state DISABLED >EAPOL: External notification - portValid=0 >Setting scan request: 0 sec 0 usec >State: DISCONNECTED -> SCANNING >Starting AP scan (specific SSID) >Scan SSID - hexdump_ascii(len=6): > 41 54 48 31 38 32 ATH182 >RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP]) >Wireless event: cmd=0x8b15 len=20 >Wireless event: new AP: 00:00:00:00:00:00 >BSSID 00:03:7f:09:60:a0 blacklist count incremented to 2 >CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys >wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0 >wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0 >wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0 >wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0 >wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0 >State: SCANNING -> DISCONNECTED >wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT) >WEXT: Operstate: linkmode=-1, operstate=5 >EAPOL: External notification - portEnabled=0 >EAPOL: External notification - portValid=0 >RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP]) >RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added >RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP]) >Wireless event: cmd=0x8b19 len=8 >Received 1844 bytes of scan results (7 BSSes) >Scan results: 7 >Selecting BSS from priority group 0 >0: 00:03:7f:09:60:7e ssid='ATH183' wpa_ie_len=0 rsn_ie_len=22 caps=0x11 > skip - SSID mismatch >1: 00:03:7f:09:60:a0 ssid='ATH182' wpa_ie_len=0 rsn_ie_len=26 caps=0x11 > skip - blacklisted >2: 00:18:0a:01:0f:31 ssid='AUKBC_MESH' wpa_ie_len=0 rsn_ie_len=0 caps=0x1 > skip - no WPA/RSN IE >3: 00:a0:f8:ce:7d:18 ssid='symbol3' wpa_ie_len=0 rsn_ie_len=0 caps=0x1 > skip - no WPA/RSN IE >4: 00:03:7f:09:60:15 ssid='AUKBC4' wpa_ie_len=0 rsn_ie_len=0 caps=0x1 > skip - no WPA/RSN IE >5: 00:18:0a:01:03:fe ssid='AUKBC_MESH' wpa_ie_len=0 rsn_ie_len=0 caps=0x1 > skip - no WPA/RSN IE >6: 00:18:0a:01:07:34 ssid='AUKBC_MESH' wpa_ie_len=0 rsn_ie_len=0 caps=0x1 > skip - no WPA/RSN IE >No APs found - clear blacklist and try again >Removed BSSID 00:03:7f:09:60:a0 from blacklist (clear) >Selecting BSS from priority group 0 >0: 00:03:7f:09:60:7e ssid='ATH183' wpa_ie_len=0 rsn_ie_len=22 caps=0x11 > skip - SSID mismatch >1: 00:03:7f:09:60:a0 ssid='ATH182' wpa_ie_len=0 rsn_ie_len=26 caps=0x11 > selected based on RSN IE >Trying to associate with 00:03:7f:09:60:a0 (SSID='ATH182' freq=2437 MHz) >Cancelling scan request >WPA: clearing own WPA/RSN IE >Automatic auth_alg selection: 0x1 >RSN: using IEEE 802.11i/D9.0 >WPA: Selected cipher suites: group 8 pairwise 24 key_mgmt 1 proto 2 >WPA: clearing AP WPA IE >WPA: set AP RSN IE - hexdump(len=26): 30 18 01 00 00 0f ac 02 02 00 00 0f ac >02 00 0f ac 04 01 00 00 0f ac 01 01 00 >WPA: using GTK TKIP >WPA: using PTK CCMP >WPA: using KEY_MGMT 802.1X >WPA: Set own WPA IE default - hexdump(len=22): 30 14 01 00 00 0f ac 02 01 00 >00 0f ac 04 01 00 00 0f ac 01 00 00 >No keys have been configured - skip key clearing >wpa_driver_wext_set_drop_unencrypted >State: DISCONNECTED -> ASSOCIATING >wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT) >WEXT: Operstate: linkmode=-1, operstate=5 >wpa_driver_wext_associate >Setting authentication timeout: 10 sec 0 usec >EAPOL: External notification - portControl=Auto >RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP]) >Wireless event: cmd=0x8b06 len=8 >RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP]) >Wireless event: cmd=0x8b04 len=12 >RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP]) >Wireless event: cmd=0x8b1a len=14 >RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP]) >Wireless event: cmd=0x8b15 len=20 >Wireless event: new AP: 00:03:7f:09:60:a0 >State: ASSOCIATING -> ASSOCIATED >wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT) >WEXT: Operstate: linkmode=-1, operstate=5 >Associated to a new BSS: BSSID=00:03:7f:09:60:a0 >No keys have been configured - skip key clearing >Associated with 00:03:7f:09:60:a0 >WPA: Association event - clear replay counter >EAPOL: External notification - portEnabled=0 >EAPOL: External notification - portValid=0 >EAPOL: External notification - portEnabled=1 >EAPOL: SUPP_PAE entering state CONNECTING >EAPOL: SUPP_BE entering state IDLE >EAP: EAP entering state INITIALIZE >EAP: deinitialize previously used EAP method (4, MD5) at INITIALIZE >EAP: EAP entering state IDLE >Setting authentication timeout: 10 sec 0 usec >Cancelling scan request >RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP]) >RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added >RX EAPOL from 00:03:7f:09:60:a0 >RX EAPOL - hexdump(len=9): 01 00 00 05 01 00 00 05 01 >Setting authentication timeout: 70 sec 0 usec >EAPOL: Received EAP-Packet frame >EAPOL: SUPP_PAE entering state RESTART >EAP: EAP entering state INITIALIZE >EAP: EAP entering state IDLE >EAPOL: SUPP_PAE entering state AUTHENTICATING >EAPOL: SUPP_BE entering state REQUEST >EAPOL: getSuppRsp >EAP: EAP entering state RECEIVED >EAP: Received EAP-Request id=0 method=1 vendor=0 vendorMethod=0 >EAP: EAP entering state IDENTITY >CTRL-EVENT-EAP-STARTED EAP authentication started >EAP: EAP-Request Identity data - hexdump_ascii(len=0): >EAP: using real identity - hexdump_ascii(len=8): > 74 65 73 74 75 73 65 72 testuser >EAP: EAP entering state SEND_RESPONSE >EAP: EAP entering state IDLE >EAPOL: SUPP_BE entering state RESPONSE >EAPOL: txSuppRsp >TX EAPOL - hexdump(len=17): 01 00 00 0d 02 00 00 0d 01 74 65 73 74 75 73 65 72 >EAPOL: SUPP_BE entering state RECEIVE >RX EAPOL from 00:03:7f:09:60:a0 >RX EAPOL - hexdump(len=26): 01 00 00 16 01 01 00 16 04 10 6d db 12 c2 ff 1f c6 >22 64 45 01 07 f9 73 8b 14 >EAPOL: Received EAP-Packet frame >EAPOL: SUPP_BE entering state REQUEST >EAPOL: getSuppRsp >EAP: EAP entering state RECEIVED >EAP: Received EAP-Request id=1 method=4 vendor=0 vendorMethod=0 >EAP: EAP entering state GET_METHOD >EAP: Initialize selected EAP method: vendor 0 method 4 (MD5) >CTRL-EVENT-EAP-METHOD EAP vendor 0 method 4 (MD5) selected >EAP: EAP entering state METHOD >EAP-MD5: Challenge - hexdump(len=16): 6d db 12 c2 ff 1f c6 22 64 45 01 07 f9 >73 8b 14 >EAP-MD5: Generating Challenge Response >EAP-MD5: Response - hexdump(len=16): e8 5f fa a3 fe 5d 10 a6 4a 65 11 6d f0 25 >19 35 >EAP: method process -> ignore=FALSE methodState=DONE decision=UNCOND_SUCC >EAP: EAP entering state SEND_RESPONSE >EAP: EAP entering state IDLE >EAPOL: SUPP_BE entering state RESPONSE >EAPOL: txSuppRsp >TX EAPOL - hexdump(len=26): 01 00 00 16 02 01 00 16 04 10 e8 5f fa a3 fe 5d 10 >a6 4a 65 11 6d f0 25 19 35 >EAPOL: SUPP_BE entering state RECEIVE >RX EAPOL from 00:03:7f:09:60:a0 >RX EAPOL - hexdump(len=8): 01 00 00 04 04 01 00 04 >EAPOL: Received EAP-Packet frame >EAPOL: SUPP_BE entering state REQUEST >EAPOL: getSuppRsp >EAP: EAP entering state RECEIVED >EAP: Received EAP-Failure >EAP: EAP entering state DISCARD >EAP: EAP entering state IDLE >EAPOL: SUPP_BE entering state RECEIVE >EAPOL: startWhen --> 0 >EAPOL: authWhile --> 0 >EAPOL: SUPP_BE entering state TIMEOUT >EAPOL: SUPP_PAE entering state CONNECTING >EAPOL: SUPP_BE entering state IDLE >RX EAPOL from 00:03:7f:09:60:a0 >RX EAPOL - hexdump(len=9): 01 00 00 05 01 02 00 05 01 >EAPOL: Received EAP-Packet frame >EAPOL: SUPP_PAE entering state RESTART >EAP: EAP entering state INITIALIZE >EAP: deinitialize previously used EAP method (4, MD5) at INITIALIZE >EAP: EAP entering state IDLE >EAPOL: SUPP_PAE entering state AUTHENTICATING >EAPOL: SUPP_BE entering state REQUEST >EAPOL: getSuppRsp >EAP: EAP entering state RECEIVED >EAP: Received EAP-Request id=2 method=1 vendor=0 vendorMethod=0 >EAP: EAP entering state IDENTITY >CTRL-EVENT-EAP-STARTED EAP authentication started >EAP: EAP-Request Identity data - hexdump_ascii(len=0): >EAP: using real identity - hexdump_ascii(len=8): > 74 65 73 74 75 73 65 72 testuser >EAP: EAP entering state SEND_RESPONSE >EAP: EAP entering state IDLE >EAPOL: SUPP_BE entering state RESPONSE >EAPOL: txSuppRsp >TX EAPOL - hexdump(len=17): 01 00 00 0d 02 02 00 0d 01 74 65 73 74 75 73 65 72 >EAPOL: SUPP_BE entering state RECEIVE >RX EAPOL from 00:03:7f:09:60:a0 >RX EAPOL - hexdump(len=26): 01 00 00 16 01 03 00 16 04 10 68 c8 ea 0c 97 f7 11 >d3 f3 2a cd 62 8c 37 4d 40 >EAPOL: Received EAP-Packet frame >EAPOL: SUPP_BE entering state REQUEST >EAPOL: getSuppRsp >EAP: EAP entering state RECEIVED >EAP: Received EAP-Request id=3 method=4 vendor=0 vendorMethod=0 >EAP: EAP entering state GET_METHOD >EAP: Initialize selected EAP method: vendor 0 method 4 (MD5) >CTRL-EVENT-EAP-METHOD EAP vendor 0 method 4 (MD5) selected >EAP: EAP entering state METHOD >EAP-MD5: Challenge - hexdump(len=16): 68 c8 ea 0c 97 f7 11 d3 f3 2a cd 62 8c >37 4d 40 >EAP-MD5: Generating Challenge Response >EAP-MD5: Response - hexdump(len=16): 03 76 fc e7 ce bc 66 b6 cd 50 2a 73 b3 cf >eb 93 >EAP: method process -> ignore=FALSE methodState=DONE decision=UNCOND_SUCC >EAP: EAP entering state SEND_RESPONSE >EAP: EAP entering state IDLE >EAPOL: SUPP_BE entering state RESPONSE >EAPOL: txSuppRsp >TX EAPOL - hexdump(len=26): 01 00 00 16 02 03 00 16 04 10 03 76 fc e7 ce bc 66 >b6 cd 50 2a 73 b3 cf eb 93 >EAPOL: SUPP_BE entering state RECEIVE >RX EAPOL from 00:03:7f:09:60:a0 >RX EAPOL - hexdump(len=8): 01 00 00 04 04 03 00 04 >EAPOL: Received EAP-Packet frame >EAPOL: SUPP_BE entering state REQUEST >EAPOL: getSuppRsp >EAP: EAP entering state RECEIVED >EAP: Received EAP-Failure >EAP: EAP entering state DISCARD >EAP: EAP entering state IDLE >EAPOL: SUPP_BE entering state RECEIVE >EAPOL: startWhen --> 0 >EAPOL: authWhile --> 0 >EAPOL: SUPP_BE entering state TIMEOUT >EAPOL: SUPP_PAE entering state CONNECTING >EAPOL: SUPP_BE entering state IDLE >RX EAPOL from 00:03:7f:09:60:a0 >RX EAPOL - hexdump(len=9): 01 00 00 05 01 04 00 05 01 >EAPOL: Received EAP-Packet frame >EAPOL: SUPP_PAE entering state RESTART >EAP: EAP entering state INITIALIZE >EAP: deinitialize previously used EAP method (4, MD5) at INITIALIZE >EAP: EAP entering state IDLE >EAPOL: SUPP_PAE entering state AUTHENTICATING >EAPOL: SUPP_BE entering state REQUEST >EAPOL: getSuppRsp >EAP: EAP entering state RECEIVED >EAP: Received EAP-Request id=4 method=1 vendor=0 vendorMethod=0 >EAP: EAP entering state IDENTITY >CTRL-EVENT-EAP-STARTED EAP authentication started >EAP: EAP-Request Identity data - hexdump_ascii(len=0): >EAP: using real identity - hexdump_ascii(len=8): > 74 65 73 74 75 73 65 72 testuser >EAP: EAP entering state SEND_RESPONSE >EAP: EAP entering state IDLE >EAPOL: SUPP_BE entering state RESPONSE > > >the problem is i am getting EAP-FAILURE on client side even when server is >giving ACCESS-ACCEPT!!!! >i am not able to figure out the problem output of server is same as that in >earlier mail, >one more thing what will be end message of this, will it be authentication or >association? When i run GUI for supplicant it is showing associated not >authenticated! is it end of connection and after it should i get an IP from >that AP, even if i try for DHCP i am not able to get an IP!!!! >it is all messed up, please do reply for this prob!!! >regards >shantanu > >[EMAIL PROTECTED] wrote: Well, now you dont have any IP address in your accept >packet. Not a >problem if you are doing DHCP. Otherwise you need to return IP address, >netmask, MTU, Service-Type, DNS servers etc. > >Leave that Framed-User DEFAULT entry alone - it should be there. You need >to add stuff to your user config: > >testuser Cleartext-Password:=yourpassword > Framed-IP-Address=1.2.3.4 > Framed-MTU=yourMTU > Framed-IP-Netmask=255.255.255.255 >etc. > >Ivan Kalik >Kalik Informatika ISP > > >Dana 30/5/2007, "shantanu choudhary" piše: > >--- snip --- >>Sending Access-Accept of id 2 to 192.168.2.182 port 1028 >> EAP-Message = 0x03020004 >> Message-Authenticator = 0x00000000000000000000000000000000 >> User-Name = "testuser" >>Finished request 1 >>Going to the next request >>Waking up in 6 seconds... >>--- Walking the entire request list --- >>Cleaning up request 0 ID 1 with timestamp 465d506e >>Cleaning up request 1 ID 2 with timestamp 465d506e >>Nothing to do. Sleeping until we see a request. >> >>it is sending ACCESS ACCEPT but no access reject or failure!!!! >>and when i try to check AP statistics from server it is showing an entry for >>AUTHENTICATION FAILURE!!!!!!! >> >>sorry for disturbing u again n again but can u help me out???? >>please!! >>shantanu >> > >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > > > > >--------------------------------- > Did you know? You can CHAT without downloading messenger. Know how! > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
