wpa_supplicant + madwifi <--Peap--- SenaoAP ---Peap--> freeradius

Pieter E Smit smitpe at gmail.com
Wed May 4 15:44:28 EDT 2005


Hi,

I am connecting with a madwifi (wpa_supplicant) to a senao AP with wpa
peap and freeradius server.
I can see the server and supplicant talking but am not sure if i am
authenticated.

Full Dump
http://www.vigor.co.za/linux/wpa_supplicant_20050504.txt
http://www.vigor.co.za/linux/freeradius_20050504.txt

wpa_supplicant
network={
	ssid="wireless_11g"	
	key_mgmt=WPA-EAP
	eap=PEAP
	pairwise=TKIP
	group=TKIP
	identity="user at vigor"
	password="foobar"
	#anonymous_identity="anonymous"
	#ca_cert="/etc/cert/ca.pem"
	#phase1="peaplabel=1 includes_tls_length=1" <<Does not change anything.	
	phase2="auth=MSCHAPV2"
	priority=2
}

#/usr/sbin/wpa_supplicant -w -dd -D madwifi -i ath0
...
...
EAP-PEAP: received Phase 2: code=1 identifier=98 length=11
EAP-PEAP: Phase 2 Request: type=33
EAP-TLV: Received TLVs - hexdump(len=6): 80 03 00 02 00 01
EAP-TLV: Result TLV - hexdump(len=2): 00 01
EAP-TLV: TLV Result - Success - EAP-TLV/Phase2 Completed
EAP-PEAP: Encrypting Phase 2 data - hexdump(len=11): [REMOVED]
EAP: method process -> ignore=FALSE methodState=DONE decision=UNCOND_SUCC
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=98): 00 02 6f 22 a8 76 00 02 6f 20 55 80 88 8e 01
00 00 50 02 62 00 50 19 00 17 03 01 00 20 75 cf fc 43 4d 24 9e 20 b4 54
03 ac 98 ad e1 b7 bd f5 6f 28 d6 98 c3 5b 13 36 1f 1b 70 71 a3 92 17 03
01 00 20 25 7e 09 d8 4b 30 93 c8 ef 7c 1f 26 a9 44 d2 7a 6a 27 aa 6e 60
7c 48 b7 93 2b 5f 86 cc 79 d7 0f
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:02:6f:22:a8:76
RX EAPOL - hexdump(len=8): 01 00 00 04 03 59 00 04
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Success
EAP: EAP-Success Id mismatch - reqId=89 lastId=98
EAP: EAP entering state DISCARD
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RECEIVE

And there it pauses for 30 seconds and it all starts over again with.

EAPOL: startWhen --> 0
RX EAPOL from 00:02:6f:22:a8:76
RX EAPOL - hexdump(len=9): 01 00 00 05 01 61 00 05 01
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=1 id=97
EAP: EAP entering state DISCARD
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RECEIVE

Wait another 20 sec

EAPOL: authWhile --> 0
EAPOL: SUPP_BE entering state TIMEOUT
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: txStart
TX EAPOL - hexdump(len=18): 00 02 6f 22 a8 76 00 02 6f 20 55 80 88 8e 01
01 00 00
EAPOL: SUPP_BE entering state IDLE
RX EAPOL from 00:02:6f:22:a8:76
RX EAPOL - hexdump(len=9): 01 00 00 05 01 61 00 05 01
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_PAE entering state RESTART
EAP: EAP entering state INITIALIZE

And it continues with tls peap etc.
Q1. The line "EAP: Received EAP-Success" does this mean i have been
authenticated ?
Q2. "EAP: EAP-Success Id mismatch - reqId=89 lastId=98" i see often, it
seems the ap is sending new requestes during the authentication. Is this
a problem ?
Q3. "How do I know if the AP and supplicant has exchanged keys ?

Regards,
Pieter Smit




More information about the HostAP mailing list