Trouble connecting to WPA PEAP TKIP network.

Kearney, Chris Chris_Kearney at mentor.com
Mon Dec 5 16:07:13 EST 2005


Hello folks, I am struggling with connecting to a wpa peap tkip network
at my office. I have tried to be as verbose as possible with the
following information.  Any ideas/suggestions would be most appreciated!
Thanks in advance
 
Chris Kearney
 
 
CERT FILE
-----------------
We have a cert, I have saved it in /usr/share/ssl/certs/CollabSvcsCA.crt
-rw-r--r--  1 root root 828 Dec  5 12:29
/usr/share/ssl/certs/CollabSvcsCA.crt

VERSION INFO
------------------
I have ieee80211-1.1.6, ipw2200-1.0.8, ipw-firmware 2.4-7,
wpa_supplicant-0.4.7 RHEL 4u2
 
here is some lsmod output:
 
ipw2200               102496  0
ieee80211              25416  1 ipw2200
ieee80211_crypt         6660  3 ieee80211_crypt_tkip,ipw2200,ieee80211

CONFIG FILE
-------------------
 
This is my /etc/wpa_supplicant.conf
 
ctrl_interface=/var/run/wpa_supplicant
 
network={
ssid="MGC"
key_mgmt=WPA-EAP
eap=PEAP
pairwise=TKIP
group=TKIP
phase2="auth=MSCHAPV2"
identity="ckearney"
password=""<not included for obvious reasons"
ca_cert="/usr/share/ssl/certs/CollabSvcsCA.crt"
}
 
COMMAND OUTPUT
--------------
For some reason unless I run iwconfig eth1 essid MGC, wpa_supplicant
will tell me that no suitable AP is found.
 
[root at gadget Dell_700M]# iwconfig eth1 essid MGC
[root at gadget Dell_700M]# /usr/sbin/wpa_supplicant -d -D ipw -i eth1 -c
/etc/wpa_supplicant.conf
Initializing interface 'eth1' conf '/etc/wpa_supplicant.conf' driver
'ipw' ctrl_interface 'N/A'
Configuration file '/etc/wpa_supplicant.conf' ->
'/etc/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant.conf'
ctrl_interface='/var/run/wpa_supplicant'
Priority group 0
   id=0 ssid='MGC'
Initializing interface (2) 'eth1'
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
wpa_driver_ipw_init is called
SIOCGIWRANGE: too old (short) data - assuming WPA is not supported
Own MAC address: 00:13:ce:8e:99:2e
wpa_driver_ipw_set_wpa: enabled=1
wpa_driver_ipw_set_key: alg=none key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_ipw_set_key: alg=none key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_ipw_set_key: alg=none key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_ipw_set_key: alg=none key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_ipw_set_countermeasures: enabled=0
wpa_driver_ipw_set_drop_unencrypted: enabled=1
Setting scan request: 0 sec 100000 usec
Added interface eth1
Wireless event: cmd=0x8b06 len=8
RTM_NEWLINK, IFLA_IFNAME: Interface 'eth1' added
RTM_NEWLINK, IFLA_IFNAME: Interface 'eth1' added
State: DISCONNECTED -> SCANNING
Starting AP scan (broadcast SSID)
Wireless event: cmd=0x8b15 len=20
Wireless event: new AP: 00:00:00:00:00:00
Added BSSID 00:00:00:00:00:00 into blacklist
State: SCANNING -> DISCONNECTED
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
wpa_driver_ipw_set_key: alg=none key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_ipw_set_key: alg=none key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_ipw_set_key: alg=none key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_ipw_set_key: alg=none key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_ipw_set_key: alg=none key_idx=0 set_tx=0 seq_len=0 key_len=0
RTM_NEWLINK, IFLA_IFNAME: Interface 'eth1' added
Scan timeout - try to get results
Received 1175 bytes of scan results (5 BSSes)
Scan results: 5
Selecting BSS from priority group 0
0: 00:13:60:d4:e6:00 ssid='MGC' wpa_ie_len=26 rsn_ie_len=0 caps=0x11
   selected based on WPA IE
Trying to associate with 00:13:60:d4:e6:00 (SSID='MGC' freq=0 MHz)
Cancelling scan request
WPA: clearing own WPA/RSN IE
Automatic auth_alg selection: 0x1
wpa_driver_ipw_set_auth_alg: auth_alg=0x1
WPA: using IEEE 802.11i/D3.0
WPA: Selected cipher suites: group 8 pairwise 8 key_mgmt 1
WPA: set AP WPA IE - hexdump(len=26): dd 18 00 50 f2 01 01 00 00 50 f2
02 01 00 00 50 f2 02 01 00 00 50 f2 01 28 00
WPA: clearing AP RSN IE
WPA: using GTK TKIP
WPA: using PTK TKIP
WPA: using KEY_MGMT 802.1X
WPA: Set own WPA IE default - hexdump(len=24): dd 16 00 50 f2 01 01 00
00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 01
No keys have been configured - skip key clearing
wpa_driver_ipw_set_drop_unencrypted: enabled=1
State: DISCONNECTED -> ASSOCIATING
Setting authentication timeout: 10 sec 0 usec
EAPOL: External notification - portControl=Auto
Wireless event: cmd=0x8b1a len=16
Wireless event: cmd=0x8b15 len=20
Wireless event: new AP: 00:13:60:d4:e6:00
State: ASSOCIATING -> ASSOCIATED
Associated to a new BSS: BSSID=00:13:60:d4:e6:00
No keys have been configured - skip key clearing
Associated with 00:13:60:d4:e6:00
WPA: Association event - clear replay counter
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_BE entering state IDLE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
Setting authentication timeout: 10 sec 0 usec
RTM_NEWLINK, IFLA_IFNAME: Interface 'eth1' added
RX EAPOL from 00:13:60:d4:e6:00
Setting authentication timeout: 70 sec 0 usec
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_PAE entering state RESTART
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=1 id=1
EAP: EAP entering state IDENTITY
CTRL-EVENT-EAP-STARTED EAP authentication started
EAP: EAP-Request Identity data - hexdump_ascii(len=40):
     00 6e 65 74 77 6f 72 6b 69 64 3d 4d 47 43 2c 6e   _networkid=MGC,n
     61 73 69 64 3d 77 76 6c 61 6e 61 70 31 30 31 2c   asid=wvlanap101,
     70 6f 72 74 69 64 3d 30                           portid=0
EAP: using real identity - hexdump_ascii(len=8):
     63 6b 65 61 72 6e 65 79                           ckearney
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:13:60:d4:e6:00
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=25 id=2
EAP: EAP entering state GET_METHOD
EAP: initialize selected EAP method (25, PEAP)
EAP-PEAP: Phase2 EAP types - hexdump(len=1): 1a
OpenSSL: tls_connection_ca_cert - Failed to load root certificates
error:00000000:lib(0):func(0):reason(0)
TLS: Failed to set TLS connection parameters
EAP-PEAP: Failed to initialize SSL.



 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20051205/672e22ac/attachment.htm 


More information about the HostAP mailing list