[Resend] EAP response never arrives at hostapd; IEEE 802.1X: 00:14:6c:d7:a4:c7 REAUTH_TIMER entering state INITIALIZE

Sjors Gielen dazjorz at dazjorz.com
Tue Oct 28 11:29:49 EDT 2008


Hey all,

I sent this e-mail right after signing up, and it may not have come
through correctly because IIRC, I got the final signup e-mail only after
I sent this mail. I didn't receive any answers anyway, so I think it
didn't come through.

I'm having problems getting my laptop to join a WPA2-Enterprise network
which I created myself. There is already another AP which is configured
the same and uses `nas` as an authenticator. Associating and
authenticating with that AP works fine.

For testing purposes, I have renamed the essid of the non-functioning AP
to 'dazjorz-fon' (because it runs on a Fonera). The authenticator here
is hostapd 0.5.3. The supplicant on my laptop is wpa_supplicant 0.5.8. I
have a FreeRADIUS server set up, which is not being queried at all, so
version number is irrelevant.

wpa_supplicant succeeds in associating with the network:
wpa_supplicant> Associated with 00:18:84:80:91:c3

Then, hostapd sends an EAP identity request which is received by
wpa_supplicant:
hostapd> IEEE 802.1X: Sending EAP Packet to 00:14:6c:d7:a4:c7 (identifier 0)
hostapd> TX EAPOL - hexdump(len=23): 00 14 6c d7 a4 c7 00 18 84 80 91 c3
88 8e 02 00 00 05 01 00 00 05 01
wpa_supplicant> RX EAPOL from 00:18:84:80:91:c3
wpa_supplicant> RX EAPOL - hexdump(len=9): 02 00 00 05 01 00 00 05 01

wpa_supplicant sends an EAP identity response (see the dump? it has
version number 01 instead of 02!) which says identity is "dazjorz":
wpa_supplicant> TX EAPOL - hexdump(len=16): 01 00 00 0c 02 01 00 0c 01
64 61 7a 6a 6f 72 7a

However, hostapd never seems to receive this response and only outputs
timeout messages:
hostapd> IEEE 802.1X: 00:14:6c:d7:a4:c7 REAUTH_TIMER entering state
INITIALIZE

I've ran a tcpdump on the AP, which shows the identity request being
sent and the identity response being received (with the changing version
numbers).

Question is: Does anybody know why hostapd doesn't receive the identity
response? Also, why does wpa_supplicant send 1 for EAP version instead
of the 2 hostapd sends? Is this also why hostapd filters the packages
away? Can I force wpa_supplicant to send EAPv2 ?

Let me know if you need anything else. Thanks a lot,
Sjors


More information about the HostAP mailing list