authentication failure. what means EAP "packets were not identical"?
Jouni Malinen
jkmaline at cc.hut.fi
Fri Jun 3 21:15:21 EDT 2005
On Fri, Jun 03, 2005 at 08:46:07PM +0200, Tilman Schoop wrote:
> I have the problem that a client (wpa_supplicant 0.3.8, ndiswrapper)
> does not authenticate with an Cisco AP (secured with LEAP+TKIP).
> It tries ever and ever again with no result.
Please send full wpa_supplicant debug log if you want me to take a
closer look at this.
> I tried to analyse the wpa_supplicant's logs and have found the
> following sequence after the username/password for LEAP are sent and
> the answer is expected:
>
> EAP: EAP entering state RECEIVED
> EAP: Received EAP-Failure
Authentication server denied authentication for some reason. This debug
log excerpt does not include enough information to say why that
happened.
> EAP: AS used the same Id again, but EAP packets were not identical
> EAP: workaround - assume this is not a duplicate packet
These are from a EAP workaround that some authentication servers
require. In this case, this can safely be ignored.
> EAP: EAP entering state FAILURE
> EAPOL: SUPP_PAE entering state HELD
This is from processing of the failed EAP authenticationa.
> or is this just a warning that can be ignored and the real cause is a
> negative authentication response?
Yes.
--
Jouni Malinen PGP id EFC895FA
More information about the HostAP
mailing list