<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2900.2963" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2></FONT><BR> </DIV>
<DIV><FONT face=Arial size=2>Hi,</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I can't get wpa_supplicant to work with any kind of
radius Authentication. I have no problems when using wpa-psk.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I am trying to use:</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>eap-peap/mschapv2</FONT></DIV>
<DIV><FONT face=Arial size=2>eap-tls</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>with both wep and wpa. I have tried hundreds
of variations on all of the examples in the wpa_supplicant demo config
file.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I have verified the AP works using a windows
client.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>It appears to not be responding to the Access
Challenge from the radius server. I am using freeradius.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I dont know if either of these 2 lines are the
problem or not, but I cant figure out how to fix it.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>EAP: Building EAP-Nak (requested type 21 not
allowed)<BR> or</FONT></DIV>
<DIV><FONT face=Arial size=2>EAP: method process -> ignore=FALSE
methodState=MAY_CONT decision=FAIL</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Any help is appreciated.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Joel</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Here is the log</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>#wpa_supplicant -Dmadwifi -iath0
-c/persistant/temp/wpa_supplicant.conf -dd<BR>Initializing interface 'ath0' conf
'/persistant/temp/wpa_supplicant.conf' driver 'madwifi' ctrl_interface
'N/A'<BR>Configuration file '/persistant/temp/wpa_supplicant.conf' ->
'/persistant/temp/wpa_supplicant.conf'<BR>Reading configuration file
'/persistant/temp/wpa_supplicant.conf'<BR>ctrl_interface='/var/run/wpa_supplicant'<BR>ctrl_interface_group=10
(from group name 'wheel')<BR>Line: 3 - start of a new network block<BR>ssid -
hexdump_ascii(len=8):<BR> 57 54 6e 65 74 4c 6f
77
WTnetLow<BR>scan_ssid=1 (0x1)<BR>key_mgmt: 0x1<BR>eap methods - hexdump(len=2):
19 00<BR>identity - hexdump_ascii(len=4):<BR> 6a 6f 65
6c
joel<BR>password - hexdump_ascii(len=5): [REMOVED]<BR>phase1 -
hexdump_ascii(len=11):<BR> 70 65 61 70 6c 61 62 65 6c 3d
30
peaplabel=0<BR>phase2 - hexdump_ascii(len=13):<BR> 61 75
74 68 3d 4d 53 43 48 41 50 56
32
auth=MSCHAPV2<BR>Priority group 0<BR> id=0
ssid='WTnetLow'<BR>Initializing interface (2) 'ath0'<BR>EAPOL: SUPP_PAE entering
state DISCONNECTED<BR>EAPOL: KEY_RX entering state NO_KEY_RECEIVE<BR>EAPOL:
SUPP_BE entering state INITIALIZE<BR>EAP: EAP entering state DISABLED<BR>EAPOL:
External notification - portEnabled=0<BR>EAPOL: External notification -
portValid=0<BR>SIOCGIWRANGE: too old (short) data - assuming WPA is not
supported<BR>Own MAC address: 00:0b:6b:36:b9:2f<BR>wpa_driver_madwifi_del_key:
keyidx=0<BR>wpa_driver_madwifi_del_key: keyidx=1<BR>wpa_driver_madwifi_del_key:
keyidx=2<BR>wpa_driver_madwifi_del_key: keyidx=3<BR><BR>RX EAPOL from
00:0b:6b:36:b9:35<BR>RX EAPOL - hexdump(len=9): 01 00 00 05 01 00 00 05
01<BR>Setting authentication timeout: 70 sec 0 usec<BR>EAPOL: Received
EAP-Packet frame<BR>State: DISCONNECTED -> SCANNING<BR>Starting AP scan
(broadcast SSID)<BR>Wireless event: cmd=0x8b1a len=12<BR>RTM_NEWLINK,
IFLA_IFNAME: Interface 'ath0' added<BR>EAPOL: startWhen --> 0<BR>Wireless
event: cmd=0x8b19 len=12<BR>Received 1222 bytes of scan results (5
BSSes)<BR>Scan results: 5<BR>Selecting BSS from priority group 0<BR>0:
00:0b:6b:36:b9:58 ssid='WTnet8021x' wpa_ie_len=24 rsn_ie_len=0
caps=0x11<BR> skip - SSID mismatch<BR>1: 00:0b:6b:36:b9:35
ssid='WTnetLow' wpa_ie_len=24 rsn_ie_len=0 caps=0x11<BR> selected
based on WPA IE<BR>Trying to associate with 00:0b:6b:36:b9:35 (SSID='WTnetLow'
freq=2452 MHz)<BR>Cancelling scan request<BR>WPA: clearing own WPA/RSN
IE<BR>Automatic auth_alg selection: 0x1<BR>WPA: using IEEE 802.11i/D3.0<BR>WPA:
Selected cipher suites: group 8 pairwise 8 key_mgmt 1<BR>WPA: set AP WPA IE -
hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00
50 f2 01<BR>WPA: clearing AP RSN IE<BR>WPA: using GTK TKIP<BR>WPA: using PTK
TKIP<BR>WPA: using KEY_MGMT 802.1X<BR>WPA: Set own WPA IE default -
hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00
50 f2 01<BR>No keys have been configured - skip key
clearing<BR>wpa_driver_madwifi_set_drop_unencrypted: enabled=1<BR>State:
SCANNING -> ASSOCIATING<BR>wpa_driver_madwifi_associate<BR>ioctl[unknown???]:
Invalid argument<BR>Association request to the driver failed<BR>Setting
authentication timeout: 5 sec 0 usec<BR>EAPOL: External notification -
portControl=Auto<BR>Wireless event: cmd=0x8b1a len=21<BR>Wireless event:
cmd=0x8b15 len=20<BR>Wireless event: new AP: 00:0b:6b:36:b9:35<BR>State:
ASSOCIATING -> ASSOCIATED<BR>Associated to a new BSS:
BSSID=00:0b:6b:36:b9:35<BR>No keys have been configured - skip key
clearing<BR>Associated with 00:0b:6b:36:b9:35<BR>WPA: Association event - clear
replay counter<BR>EAPOL: External notification - portEnabled=0<BR>EAPOL:
External notification - portValid=0<BR>EAPOL: External notification -
portEnabled=1<BR>EAPOL: SUPP_PAE entering state CONNECTING<BR>EAPOL: SUPP_BE
entering state IDLE<BR>EAP: EAP entering state INITIALIZE<BR>EAP: EAP entering
state IDLE<BR>Setting authentication timeout: 10 sec 0 usec<BR>RTM_NEWLINK,
IFLA_IFNAME: Interface 'ath0' added<BR>RX EAPOL from 00:0b:6b:36:b9:35<BR>RX
EAPOL - hexdump(len=9): 01 00 00 05 01 00 00 05 01<BR>Setting authentication
timeout: 70 sec 0 usec<BR>EAPOL: Received EAP-Packet frame<BR>EAPOL: SUPP_PAE
entering state RESTART<BR>EAP: EAP entering state INITIALIZE<BR>EAP: EAP
entering state IDLE<BR>EAPOL: SUPP_PAE entering state AUTHENTICATING<BR>EAPOL:
SUPP_BE entering state REQUEST<BR>EAPOL: getSuppRsp<BR>EAP: EAP entering state
RECEIVED<BR>EAP: Received EAP-Request method=1 id=0<BR>EAP: EAP entering state
IDENTITY<BR>CTRL-EVENT-EAP-STARTED EAP authentication started<BR>EAP:
EAP-Request Identity data - hexdump_ascii(len=0):<BR>EAP: using real identity -
hexdump_ascii(len=4):<BR> 6a 6f 65
6c
joel<BR>EAP: EAP entering state SEND_RESPONSE<BR>EAP: EAP entering state
IDLE<BR>EAPOL: SUPP_BE entering state RESPONSE<BR>EAPOL: txSuppRsp<BR>TX EAPOL -
hexdump(len=13): 01 00 00 09 02 00 00 09 01 6a 6f 65 6c<BR>EAPOL: SUPP_BE
entering state RECEIVE<BR>RX EAPOL from 00:0b:6b:36:b9:35<BR>RX EAPOL -
hexdump(len=10): 01 00 00 06 01 01 00 06 15 20<BR>EAPOL: Received EAP-Packet
frame<BR>EAPOL: SUPP_BE entering state REQUEST<BR>EAPOL: getSuppRsp<BR>EAP: EAP
entering state RECEIVED<BR>EAP: Received EAP-Request method=21 id=1<BR>EAP: EAP
entering state GET_METHOD<BR>EAP: Building EAP-Nak (requested type 21 not
allowed)<BR>EAP: allowed methods - hexdump(len=1): 19<BR>EAP: EAP entering state
SEND_RESPONSE<BR>EAP: EAP entering state IDLE<BR>EAPOL: SUPP_BE entering state
RESPONSE<BR>EAPOL: txSuppRsp<BR>TX EAPOL - hexdump(len=10): 01 00 00 06 02 01 00
06 03 19<BR>EAPOL: SUPP_BE entering state RECEIVE<BR>RX EAPOL from
00:0b:6b:36:b9:35<BR>RX EAPOL - hexdump(len=10): 01 00 00 06 01 02 00 06 19
20<BR>EAPOL: Received EAP-Packet frame<BR>EAPOL: SUPP_BE entering state
REQUEST<BR>EAPOL: getSuppRsp<BR>EAP: EAP entering state RECEIVED<BR>EAP:
Received EAP-Request method=25 id=2<BR>EAP: EAP entering state
GET_METHOD<BR>EAP: Initialize selected EAP method (25, PEAP)<BR>EAP-PEAP: Phase2
EAP types - hexdump(len=1): 1a<BR>CTRL-EVENT-EAP-METHOD EAP method 25 (PEAP)
selected<BR>EAP: EAP entering state METHOD<BR>SSL: Received packet(len=6) -
Flags 0x20<BR>EAP-PEAP: Start (server ver=0, own ver=1)<BR>EAP-PEAP: Using PEAP
version 0<BR>EAP: method process -> ignore=FALSE methodState=MAY_CONT
decision=FAIL<BR>EAP: EAP entering state SEND_RESPONSE<BR>EAP: EAP entering
state IDLE<BR>EAPOL: startWhen --> 0<BR>RX EAPOL from 00:0b:6b:36:b9:35<BR>RX
EAPOL - hexdump(len=10): 01 00 00 06 01 02 00 06 19 20<BR>EAPOL: Received
EAP-Packet frame<BR>CTRL-EVENT-TERMINATING - signal 2 received<BR>Removing
interface ath0<BR>State: ASSOCIATED ->
DISCONNECTED<BR>wpa_driver_madwifi_deauthenticate<BR>No keys have been
configured - skip key clearing<BR>EAPOL: External notification -
portEnabled=0<BR>EAPOL: SUPP_PAE entering state DISCONNECTED<BR>EAPOL: SUPP_BE
entering state INITIALIZE<BR>EAP: EAP entering state DISABLED<BR>EAPOL: External
notification - portValid=0<BR>wpa_driver_madwifi_set_drop_unencrypted:
enabled=0<BR>wpa_driver_madwifi_set_countermeasures: enabled=0<BR>No keys have
been configured - skip key clearing<BR>EAP: deinitialize previously used EAP
method (25, PEAP) at EAP deinit<BR>Removed BSSID 00:00:00:00:00:00 from
blacklist (clear)</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Joel Lindsay, B.Eng<BR>Project Engineer<BR>Waveteq
Communications<BR>(250) 766-9229</FONT></DIV></BODY></HTML>