<P>hi, </P>
<P>i just do it all follow </P>
<P>1)HOWTO on EAP/TLS authentication between freeRadius and xsupplicant(<A href="http://www.missl.cs.umd.edu/wireless/eaptls/" target=_blank>http://www.missl.cs.umd.edu/wireless/eaptls/</A>) , </P>
<P> 2) README_prism2.htm </P>
<P>to build a wlan using 802.1x . (two pc running linux RedHat 7.2 ; AP and FreeRadius are in one pc)</P>
<P> i finish those work sugesting in the above two document and i have changed the ATTR_FRAMED_MTU value in ieee802_1x.c file to 1500 from 2304., but i can not be authoried by AP successfully. </P>
<P> where is my error come from ? Can anyone told me? thank you!!</P>
<P>========================</P>
<P>######xsupplicant -i wlan0</P>
<P> i got this : failed to verify cert error : Certificate has expired</P>
<P>================================</P>
<P>######./hostapd -dd -x -o 192.168.2.155 -a 192.168.2.155 -s whatever wlan0</P>
<P>i got :EEE 802.1X: 4 bytes from 00:40:05:af:05:2e<BR> IEEE 802.1X: version=1 type=1 length=0<BR> EAPOL-Start<BR>IEEE 802.1X: 00:40:05:af:05:2e AUTH_PAE entering state CONNECTING<BR>IEEE 802.1X: Sending EAP Request-Identity to 00:40:05:af:05:2e (identifier 1)<BR>IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE<BR>IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE<BR>Received 49 bytes management frame<BR>DATA<BR>IEEE 802.1X: 17 bytes from 00:40:05:af:05:2e<BR> IEEE 802.1X: version=1 type=0 length=13<BR> EAP: code=2 identifier=1 length=13 (response)<BR> EAP Response-Identity<BR>IEEE 802.1X: 00:40:05:af:05:2e AUTH_PAE entering state AUTHENTICATING<BR>IEEE 802.1X: 00:40:05:af:05:2e BE_AUTH entering state RESPONSE<BR>Encapsulating EAP message into a RADIUS packet<BR>Sending RADIUS message to authentication server<BR>RADIUS message: code=1 (Access-Request) identifier=0 length=154<!
BR> Attribute 1 (User-Name) length=10<BR> Value: 'adam-ctl'<BR> Attribute 4 (NAS-IP-Address) length=6<BR> Value: 192.168.2.155<BR> Attribute 5 (NAS-Port) length=6<BR> Value: 1<BR> Attribute 30 (Called-Station-Id) length=24<BR> Value: '00-40-05-AF-05-14:test'<BR> Attribute 31 (Calling-Station-Id) length=19<BR> Value: '00-40-05-AF-05-2E'<BR> Attribute 12 (Framed-MTU) length=6<BR> Value: 1500<BR> Attribute 61 (NAS-Port-Type) length=6<BR> Value: 19<BR> Attribute 77 (Connect-Info) length=24<BR> Value: 'CONNECT 11Mbps 802.11b'<BR> Attribute 79 (EAP-Message) length=15<BR> Attribute 80 (Message-Authenticator) length=18<BR>IEEE 8!
02.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE<BR>IEE
E 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE<BR>Received 84 bytes from authentication server<BR>Received RADIUS message<BR>RADIUS message: code=11 (Access-Challenge) identifier=0 length=84<BR> Attribute 79 (EAP-Message) length=8<BR> Attribute 80 (Message-Authenticator) length=18<BR> Attribute 24 (State) length=38<BR>RADIUS packet matching with station 00:40:05:af:05:2e<BR>IEEE 802.1X: 00:40:05:af:05:2e BE_AUTH entering state REQUEST<BR>IEEE 802.1X: Sending EAP Packet to 00:40:05:af:05:2e (identifier 2)<BR>IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE<BR>IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE<BR>Received 98 bytes management frame<BR>DATA<BR>IEEE 802.1X: 66 bytes from 00:40:05:af:05:2e<BR> IEEE 802.1X: version=1 type=0 length=62<BR> EAP: code=2 identifier=2 length=62 (response)<BR> EAP Response-TLS<BR>IEEE 802.1X: 00:40:05:af:05:2!
e BE_AUTH entering state RESPONSE<BR>Encapsulating EAP message into a RADIUS packet<BR>Sending RADIUS message to authentication server<BR>RADIUS message: code=1 (Access-Request) identifier=1 length=241<BR> Attribute 1 (User-Name) length=10<BR> Value: 'adam-ctl'<BR> Attribute 4 (NAS-IP-Address) length=6<BR> Value: 192.168.2.155<BR> Attribute 5 (NAS-Port) length=6<BR> Value: 1<BR> Attribute 30 (Called-Station-Id) length=24<BR> Value: '00-40-05-AF-05-14:test'<BR> Attribute 31 (Calling-Station-Id) length=19<BR> Value: '00-40-05-AF-05-2E'<BR> Attribute 12 (Framed-MTU) length=6<BR> Value: 1500<BR> Attribute 61 (NAS-Port-Type) length=6<BR> Value: 19<BR> Attribute 77 (Connect-Info)!
length=24<BR> Value: 'CONNECT 11Mbps 80
2.11b'<BR> Attribute 79 (EAP-Message) length=64<BR> Attribute 24 (State) length=38<BR> Attribute 80 (Message-Authenticator) length=18<BR>IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE<BR>IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE<BR>Received 1120 bytes from authentication server<BR>Received RADIUS message<BR>RADIUS message: code=11 (Access-Challenge) identifier=1 length=1120<BR> Attribute 79 (EAP-Message) length=255<BR> Attribute 79 (EAP-Message) length=255<BR> Attribute 79 (EAP-Message) length=255<BR> Attribute 79 (EAP-Message) length=255<BR> Attribute 79 (EAP-Message) length=24<BR> Attribute 80 (Message-Authenticator) length=18<BR> Attribute 24 (State) length=38<BR>RADIUS packet matching with station 00:40:05:af:05:2e<BR>IEEE 802.1X: 00:40:05:af:05:2e BE_AUTH entering state REQUEST<BR>IEEE 802.1X: Sending !
EAP Packet to 00:40:05:af:05:2e (identifier 3)<BR>IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE<BR>IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE<BR>Received 42 bytes management frame<BR>DATA<BR>IEEE 802.1X: 10 bytes from 00:40:05:af:05:2e<BR> IEEE 802.1X: version=1 type=0 length=6<BR> EAP: code=2 identifier=3 length=6 (response)<BR> EAP Response-TLS<BR>IEEE 802.1X: 00:40:05:af:05:2e BE_AUTH entering state RESPONSE<BR>Encapsulating EAP message into a RADIUS packet<BR>Sending RADIUS message to authentication server<BR>RADIUS message: code=1 (Access-Request) identifier=2 length=185<BR> Attribute 1 (User-Name) length=10<BR> Value: 'adam-ctl'<BR> Attribute 4 (NAS-IP-Address) length=6<BR> Value: 192.168.2.155<BR> Attribute 5 (NAS-Port) length=6<BR> Value: 1<BR> !
Attribute 30 (Called-Station-Id) length=24<BR>
Value: '00-40-05-AF-05-14:test'<BR> Attribute 31 (Calling-Station-Id) length=19<BR> Value: '00-40-05-AF-05-2E'<BR> Attribute 12 (Framed-MTU) length=6<BR> Value: 1500<BR> Attribute 61 (NAS-Port-Type) length=6<BR> Value: 19<BR> Attribute 77 (Connect-Info) length=24<BR> Value: 'CONNECT 11Mbps 802.11b'<BR> Attribute 79 (EAP-Message) length=8<BR> Attribute 24 (State) length=38<BR> Attribute 80 (Message-Authenticator) length=18<BR>IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE<BR>IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE<BR>Received 60 bytes management frame<BR>MGMT<BR>mgmt::beacon<BR>Received 1120 bytes from authentication server<BR>Received RADIUS message<BR>RADIUS message: code=11 (Access-Challenge) identifier=2 length=1!
120<BR> Attribute 79 (EAP-Message) length=255<BR> Attribute 79 (EAP-Message) length=255<BR> Attribute 79 (EAP-Message) length=255<BR> Attribute 79 (EAP-Message) length=255<BR> Attribute 79 (EAP-Message) length=24<BR> Attribute 80 (Message-Authenticator) length=18<BR> Attribute 24 (State) length=38<BR>RADIUS packet matching with station 00:40:05:af:05:2e<BR>IEEE 802.1X: 00:40:05:af:05:2e BE_AUTH entering state REQUEST<BR>IEEE 802.1X: Sending EAP Packet to 00:40:05:af:05:2e (identifier 4)<BR>IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE<BR>IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE<BR>Received 42 bytes management frame<BR>DATA<BR>IEEE 802.1X: 10 bytes from 00:40:05:af:05:2e<BR> IEEE 802.1X: version=1 type=0 length=6<BR> EAP: code=2 identifier=4 length=6 (response)<BR> EAP Response-TLS<BR>IEEE 802.1X: 00:40:0!
5:af:05:2e BE_AUTH entering state RESPONSE<BR>Encapsulating EAP messag
e into a RADIUS packet<BR>Sending RADIUS message to authentication server<BR>RADIUS message: code=1 (Access-Request) identifier=3 length=185<BR> Attribute 1 (User-Name) length=10<BR> Value: 'adam-ctl'<BR> Attribute 4 (NAS-IP-Address) length=6<BR> Value: 192.168.2.155<BR> Attribute 5 (NAS-Port) length=6<BR> Value: 1<BR> Attribute 30 (Called-Station-Id) length=24<BR> Value: '00-40-05-AF-05-14:test'<BR> Attribute 31 (Calling-Station-Id) length=19<BR> Value: '00-40-05-AF-05-2E'<BR> Attribute 12 (Framed-MTU) length=6<BR> Value: 1500<BR> Attribute 61 (NAS-Port-Type) length=6<BR> Value: 19<BR> Attribute 77 (Connect-Info) length=24<BR> Value: 'CONNECT 1!
1Mbps 802.11b'<BR> Attribute 79 (EAP-Message) length=8<BR> Attribute 24 (State) length=38<BR> Attribute 80 (Message-Authenticator) length=18<BR>IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE<BR>IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE<BR>Received 267 bytes from authentication server<BR>Received RADIUS message<BR>RADIUS message: code=11 (Access-Challenge) identifier=3 length=267<BR> Attribute 79 (EAP-Message) length=191<BR> Attribute 80 (Message-Authenticator) length=18<BR> Attribute 24 (State) length=38<BR>RADIUS packet matching with station 00:40:05:af:05:2e<BR>IEEE 802.1X: 00:40:05:af:05:2e BE_AUTH entering state REQUEST<BR>IEEE 802.1X: Sending EAP Packet to 00:40:05:af:05:2e (identifier 5)<BR>IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE<BR>IEEE 802.1X: 00:40:05:af:05:2e REAUTH_TIMER entering state INITIALIZE<BR>Received 60 b!
ytes management frame<BR>MGMT<BR>mgmt::beacon<BR>Received 60 bytes man
agement frame<BR>MGMT<BR>mgmt::beacon<BR>Signal 2 received - terminating<BR>Flushing old station entries<BR>Deauthenticate all stations</P>
<P> </P>
<P>=======================================</P>
<P>it seem ok ,but xsupplicant cant be authoried by AP!</P>
<P>what the problem ? i need your help!<BR></P>
<P><BR></P><p><br><hr size=1><b>Do You Yahoo!?</b><br>
<a href="http://rd.yahoo.com/mail_cn/tag/?http://cn.messenger.yahoo.com//chat/index.html
">"雅虎通网络KTV, 随时随地免费卡拉OK~~"</a>