Eapol Testing Fails

Surendranath.C. surendranath.c at tatacommunications.com
Tue Dec 2 08:11:37 EST 2008


Here are the excerpts from the log file which I sent earlier. Need your help
in troubleshooting.

rad_recv: Access-Request packet from host 127.0.0.1 port 42040, id=5,
length=273
	User-Name = "mihir at test.wifi.vsnl.net"
	NAS-IP-Address = 127.0.0.1
	Calling-Station-Id = "02-00-00-00-00-01"
	Framed-MTU = 1400
	NAS-Port-Type = Wireless-802.11
	Connect-Info = "CONNECT 11Mbps 802.11b"
	EAP-Message = 

0x02050080150017030100204da9d15698172d52f9e62422d9a7d51a3d1eda357d807052b921
3bdafaecae1d1703010050596444b156ae90aa346438f4b0d

fc7c4c772f0773810e2ee437f922aae22ad18f88342fdec3988e7455d230d16a0ef96a8db6a9
f14f6f111bd5b5078a2767a477e8b674939f23f92b22dc463

b8eab55c
	State = 0x9978d34b9d7dc66d9342e10c42427792
	Message-Authenticator = 0x07d46508d4fcac3199678f7999f8f923
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "test.wifi.vsnl.net" for User-Name =
"mihir at test.wifi.vsnl.net"
[suffix] No such realm "test.wifi.vsnl.net"
++[suffix] returns noop
[eap] EAP packet type response id 5 length 128
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/ttls
[eap] processing type ttls
[ttls] Authenticate
[ttls] processing EAP-TLS
[ttls] eaptls_verify returned 7 
[ttls] Done initial handshake
[ttls] eaptls_process returned 7 
[ttls] Session established.  Proceeding to decode tunneled attributes.
[ttls] Got tunneled request
	EAP-Message =
0x0200001d016d6968697240746573742e776966692e76736e6c2e6e6574
	FreeRADIUS-Proxied-To = 127.0.0.1
[ttls] Got tunneled identity of mihir at test.wifi.vsnl.net
[ttls] Setting default EAP type for tunneled EAP session.
[ttls] Sending tunneled request
	EAP-Message =
0x0200001d016d6968697240746573742e776966692e76736e6c2e6e6574
	FreeRADIUS-Proxied-To = 127.0.0.1
	User-Name = "mihir at test.wifi.vsnl.net"
server inner-tunnel {
+- entering group authorize {...}
++[chap] returns noop
++[mschap] returns noop
++[unix] returns notfound
[suffix] Looking up realm "test.wifi.vsnl.net" for User-Name =
"mihir at test.wifi.vsnl.net"
[suffix] No such realm "test.wifi.vsnl.net"
++[suffix] returns noop
++[control] returns noop
[eap] Request is supposed to be proxied to Realm LOCAL.  Not doing EAP.
++[eap] returns noop
[files] users: Matched entry mihir at test.wifi.vsnl.net at line 1
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] No clear-text password in the request.  Not performing PAP.
++[pap] returns noop

WARNING: You set Proxy-To-Realm = LOCAL, but the realm does not exist!
Cancelling invalid proxy request.
WARNING: Please update your configuration, and remove 'Auth-Type = Local'
WARNING: Use the PAP or CHAP modules instead.
No User-Password or CHAP-Password attribute in the request.
Cannot perform authentication.
Failed to authenticate the user.
} # server inner-tunnel
[ttls] Got tunneled reply code 3
	Framed-Protocol = PPP
	Idle-Timeout = 300
	Session-Timeout = 1000
	Cisco-Account-Info = "ARoaming-postpaid-Internet-512k"
	Reply-Message = "Hello Mihir"
[ttls] Got tunneled Access-Reject
[eap] Handler failed in EAP/ttls
rlm_eap_ttls: Freeing handler for user mihir at test.wifi.vsnl.net
[eap] Failed in EAP select
++[eap] returns invalid
Failed to authenticate the user.
Using Post-Auth-Type Reject
+- entering group REJECT {...}
	expand: %{User-Name} -> mihir at test.wifi.vsnl.net
 attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 5 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 5
Sending Access-Reject of id 5 to 127.0.0.1 port 42040
	EAP-Message = 0x04050004
	Message-Authenticator = 0x00000000000000000000000000000000
Waking up in 3.9 seconds.
Cleaning up request 0 ID 0 with timestamp +36
Cleaning up request 1 ID 1 with timestamp +36
Cleaning up request 2 ID 2 with timestamp +36
Cleaning up request 3 ID 3 with timestamp +36
Cleaning up request 4 ID 4 with timestamp +36
Waking up in 1.0 seconds.
Cleaning up request 5 ID 5 with timestamp +36
Ready to process requests.

Thanks & Regards,

Surendranath. C.



More information about the HostAP mailing list