mac based auth with radius problem!

saurav barik saurav.barik at gmail.com
Tue Jul 18 06:46:36 EDT 2006


Hi,
I am trying mac based authentication with my hostapd version-0.4.8
running on debian sarge, with radius server.
Its been long I am only able to send accounting information but no
authentication request. In fact, radius log says there is no username
present in the auth req sent from the radius client.
I browsed through the mailing list, but did not get adequate help.
Could anybody tell me what should be the solution for this?
For attaining only mac based authentication with radius server, what
should be the content of hostapd.conf file?

thanks in advance.
saurav

Here is my hostapd.conf file :--
##################################
interface=ath0
driver=madwifi
bridge=br0
logger_syslog=-1
logger_syslog_level=2
logger_stdout=-1
logger_stdout_level=1
debug=0
ssid=saurav
macaddr_acl=2
accept_mac_file=/etc/network/hostapd/hostapd.accept
auth_algs=1
ieee8021x=1

own_ip_addr=192.168.157.100

auth_server_addr=192.168.157.211
auth_server_port=1812
auth_server_shared_secret=saurav

acct_server_addr=192.168.157.211
acct_server_port=1813
acct_server_shared_secret=saurav
###############################

 hostapd -dd /etc/hostapd.conf output :--

###################################
Configuration file: hostapd-test.conf
Configure bridge br0 for EAPOL traffic.
madwifi_set_iface_flags: dev_up=0
Using interface ath0 with hwaddr xx:xx:xx:xx:xx:xx and ssid 'saurav'
ath0: RADIUS Authentication server 192.168.157.211:1812
ath0: RADIUS Accounting server 192.168.157.211:1813
madwifi_set_ieee8021x: enabled=1
madwifi_set_iface_flags: dev_up=1
ath0: RADIUS Sending RADIUS message to accounting server
ath0: RADIUS Next RADIUS client retransmit in 3 seconds

Flushing old station entries
madwifi_sta_deauth: addr=ff:ff:ff:ff:ff:ff reason_code=3
Deauthenticate all stations
ath0: RADIUS Received 20 bytes from RADIUS server
ath0: RADIUS Received RADIUS message
ath0: STA 00:00:00:00:00:00 RADIUS: Received RADIUS packet matched with a pendin
g request, round trip time 0.05 sec
Wireless event: cmd=0x8b19 len=8
Wireless event: cmd=0x8c03 len=20
ath0: STA 00:20:a6:54:94:32 IEEE 802.11: associated
  New STA
ath0: STA 00:20:a6:54:94:32 WPA: event 1 notification

ath0: STA 00:20:a6:54:94:32 IEEE 802.1X: start authentication
IEEE 802.1X: 00:20:a6:54:94:32 AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 BE_AUTH entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 AUTH_KEY_TX entering state NO_KEY_TRANSMIT
IEEE 802.1X: 00:20:a6:54:94:32 KEY_RX entering state NO_KEY_RECEIVE
IEEE 802.1X: 00:20:a6:54:94:32 CTRL_DIR entering state IN_OR_BOTH
IEEE 802.1X: 00:20:a6:54:94:32 AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 BE_AUTH entering state IDLE
IEEE 802.1X: 00:20:a6:54:94:32 KEY_RX entering state NO_KEY_RECEIVE
IEEE 802.1X: 00:20:a6:54:94:32 CTRL_DIR entering state FORCE_BOTH
IEEE 802.1X: 00:20:a6:54:94:32 AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 KEY_RX entering state NO_KEY_RECEIVE
IEEE 802.1X: 00:20:a6:54:94:32 AUTH_PAE entering state DISCONNECTED
ath0: STA 00:20:a6:54:94:32 IEEE 802.1X: unauthorizing port
madwifi_set_sta_authorized: addr=00:20:a6:54:94:32 authorized=0
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 AUTH_PAE entering state RESTART
IEEE 802.1X: station 00:20:a6:54:94:32 - new auth session, clearing State
IEEE 802.1X: Generated EAP Request-Identity for 00:20:a6:54:94:32 (identifier 0,
 timeout 30)
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 AUTH_PAE entering state CONNECTING
IEEE 802.1X: 00:20:a6:54:94:32 AUTH_PAE entering state CONNECTING
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 AUTH_PAE entering state AUTHENTICATING
IEEE 802.1X: 00:20:a6:54:94:32 BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:20:a6:54:94:32 (identifier 0)
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
ath0: STA 00:20:a6:54:94:32 IEEE 802.1X: EAP timeout
IEEE 802.1X: 00:20:a6:54:94:32 BE_AUTH entering state TIMEOUT
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 AUTH_PAE entering state ABORTING
IEEE 802.1X: 00:20:a6:54:94:32 BE_AUTH entering state INITIALIZE
ath0: STA 00:20:a6:54:94:32 IEEE 802.1X: aborting authentication
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 AUTH_PAE entering state RESTART
IEEE 802.1X: station 00:20:a6:54:94:32 - new auth session, clearing State
IEEE 802.1X: Generated EAP Request-Identity for 00:20:a6:54:94:32 (identifier 1,
 timeout 30)
IEEE 802.1X: 00:20:a6:54:94:32 BE_AUTH entering state IDLE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 AUTH_PAE entering state CONNECTING
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 AUTH_PAE entering state AUTHENTICATING
IEEE 802.1X: 00:20:a6:54:94:32 BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:20:a6:54:94:32 (identifier 1)
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
.
.
ath0: STA 00:20:a6:54:94:32 IEEE 802.1X: ER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 BE_AUTH enntering state ABORTING
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMtering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 AUTH_PAE eaborting authentication
IEEE 802.1X: 00:20:a6:54:94:32 BE_AUTH enER entering state INITIALIZE
ath0: STA 00:20:a6:54:94:32 IEEE 802.1X: ntering state RESTART
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMnew auth session, clearing State
IEEE 802.1X: 00:20:a6:54:94:32 AUTH_PAE ety for 00:20:a6:54:94:32 (identifier 2,
IEEE 802.1X: station 00:20:a6:54:94:32 -
IEEE 802.1X: Generated EAP Request-Identitering state IDLE
 timeout 30)                             ER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 BE_AUTH enntering state CONNECTING
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:20:a6:54:94:32 AUTH_PAE entering state DISCONNECTED
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMunauthorizing port
IEEE 802.1X: 00:20:a6:54:94:32 AUTH_PAE e:54:94:32 authorized=0
ath0: STA 00:20:a6:54:94:32 IEEE 802.1X: ER entering state INITIALIZE
madwifi_set_sta_authorized: addr=00:20:a6ntering state RESTART
IEEE 802.1X: 00:20:a6:54:94:32 REAUTH_TIMnew auth session, clearing State
IEEE 802.1X: 00:20:a6:54:94:32 AUTH_PAE ety for 00:20:a6:54:94:32 (identifier 3,
IEEE 802.1X: station 00:20:a6:54:94:32 -
IEEE 802.1X: Generated EAP Request-IdentiER entering state INITIALIZE

###############################################################

Radius Log :--
#############################################################

07/12/2005 20:57:03 Proxy Error: no username in request - request not
proxy forwarded
07/12/2005 20:57:03 Sending accounting response
07/12/2005 20:57:03 Sending accounting response
07/12/2005 20:58:24 Proxy Error: no username in request - request not
proxy forwarded
07/12/2005 20:58:24 Sending accounting response
07/12/2005 20:58:24 Sending accounting response
07/12/2005 20:59:23 Proxy Error: no username in request - request not
proxy forwarded
07/12/2005 20:59:23 Sending accounting response
07/12/2005 20:59:23 Sending accounting response
07/12/2005 20:59:40 Proxy Error: no username in request - request not
proxy forwarded
07/12/2005 20:59:40 Sending accounting response
07/12/2005 20:59:40 Sending accounting response
07/12/2005 21:01:01 Proxy Error: no username in request - request not
proxy forwarded



More information about the HostAP mailing list