eapol_test configuration

Norbert Wegener nw at sbs.de
Mon Dec 12 05:40:29 EST 2005


I have setup freeradius for 802.1x port authentication at a cisco switch 
with eap-tls and an appended look into an ad-server to get needed values 
form there. This works without problems.

Now I want to do some automated tests using eapol_test instead of the 
cisco switch.
Therefore I setup this configfile file:

network={
        key_mgmt=IEEE8021X
    eap=TLS
    identity="myid"
        client_cert="/home/norbert/8021x/ZZZZZ1EC-1763.crt"
        private_key="/home/norbert/8021x/ZZZZZ1EC-1763.key"
        phase1="TLS tunnel"
    ca_cert="/home/norbert/8021x/Sitest-ROOT-CA.cer"
}

and startet

 eapol_test -a192.168.1.1 -p 1645 -s maxen -c eapol_test.conf

freeradius receives:
ad_recv: Access-Request packet from host 149.246.133.44 port 32777, 
id=0, length=204
        User-Name = "myid"
        NAS-IP-Address = 127.0.0.1
        Calling-Station-Id = "00-00-00-00-00-02"
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        Connect-Info = "CONNECT 11Mbps 802.11b"
        EAP-Message = 
0x02000035012f4f3d5369656d656e732d323030352f434e3d4e6f726265727420576567656e65722054434749443d5a5a5a5a5a3145
        Message-Authenticator = 0x26b6fb63d6a3b87a5bf42fed7dd93939

but does not start an eap-tls authentication. Instead it directly 
searches the AD server.

Any idea on how to change that behaviour to the desired one would be 
appreciated.
Thanks
Norbert




More information about the HostAP mailing list