<HTML><HEAD><META http-equiv=Content-Type content='text/html; charset=windows-1252'>
<title>Samsung Enterprise Portal mySingle</title>
<style> P, td, li {font-family:Arial, arial; font-size:9pt; margin-top:5px;margin-bottom:5px;} body{font-family:Arial, arial; font-size:9pt;}</style>
</HEAD>
<BODY><br>Hi,
<p> I am trying to test WPA2-PSK, AES. Its getting connected and I am able
to ping. But I would like to know why I am getting</p>
<p><b>RSN: not in suitable state for new pre-authentication</b>, message.</p>
<p>My supplicant.conf file is</p>
<p>#-----------------------------------------------------------------------------------------------------------------------</p>
<p>update_config=1</p>
<p>eapol_version=1</p>
<p>ap_scan=1</p>
<p>fast_reauth=1</p>
<p> </p>
<p>network={</p>
<p> ssid="3Com"</p>
<p> scan_ssid=1</p>
<p> auth_alg=OPEN</p>
<p> proto=WPA RSN</p>
<p> key_mgmt=WPA-EAP IEEE8021X
WPA-PSK</p>
<p> pairwise=TKIP CCMP</p>
<p> group=CCMP TKIP WEP104 WEP40</p>
<p> eap=TLS TTLS PEAP</p>
<p> identity="jbibe"</p>
<p> password="whatever"</p>
<p> psk="raghu123456"</p>
<p> phase2="autheap=MD5"</p>
<p>} </p>
<p>#------------------------------------------------------------------------------------------------------------------------</p>
<p>As I am using same config file for EAP methods also. You can see EAP parameters
also. does these affect any way. or I have to use some other parameter to avoid
this.</p>
<p>Logs are below.</p>
<p>--------------------------------</p>
<p># ./wpa_supplicant -ieth0 -Dmarvell -c ./wpa_supplicant.ttls.conf -w -d &</p>
<p># Initializing interface 'eth0' conf './wpa_supplicant.ttls.conf' driver
'marvell' ctrl_interface 'N/A' bridge 'N/A'</p>
<p>Configuration file './wpa_supplicant.ttls.conf' -> '/mnt/nfs/./wpa_supplicant.ttls.conf'</p>
<p>Reading configuration file '/mnt/nfs/./wpa_supplicant.ttls.conf'</p>
<p>update_config=1</p>
<p>eapol_version=1</p>
<p>ap_scan=1</p>
<p>fast_reauth=1</p>
<p>Priority group 2</p>
<p> id=0 ssid='3Com'</p>
<p>Initializing interface (2) 'eth0'</p>
<p>EAPOL: SUPP_PAE entering state DISCONNECTED</p>
<p>EAPOL: KEY_RX entering state NO_KEY_RECEIVE</p>
<p>EAPOL: SUPP_BE entering state INITIALIZE</p>
<p>EAP: EAP entering state DISABLED</p>
<p>EAPOL: External notification - portEnabled=0</p>
<p>EAPOL: External notification - portValid=0</p>
<p>IOCTL extscan: 0x8bfa, 0x0</p>
<p> </p>
<p>IOCTL authalgs: 0x8bf8, 0x4</p>
<p> </p>
<p>IOCTL setwpaie: 0x8be0, 0x0</p>
<p> </p>
<p>IOCTL deauth: 0x8be8, 0x1</p>
<p> </p>
<p>IOCTL encryptionmode: 0x8bf8, 0x5</p>
<p> </p>
<p>IOCTL reasso-on: 0x8be8, 0x8</p>
<p> </p>
<p>IOCTL reasso-off: 0x8be8, 0x9</p>
<p> </p>
<p>ioctl[SIOCSIWPMKSA]: Invalid argument</p>
<p>SIOCGIWRANGE: WE(compiled)=22 WE(source)=15 enc_capa=0x0</p>
<p> capabilities: key_mgmt 0x0 enc 0x3</p>
<p>WEXT: Operstate: linkmode=1, operstate=5</p>
<p>Own MAC address: 00:13:e0:9e:9b:2e</p>
<p>wpa_driver_marvell_set_wpa: enabled=1</p>
<p>IOCTL: CMD = 0x8B2A</p>
<p> </p>
<p>IOCTL: CMD = 0x8B2A</p>
<p> </p>
<p>IOCTL: CMD = 0x8B2A</p>
<p> </p>
<p>IOCTL: CMD = 0x8B2A</p>
<p> </p>
<p>wpa_driver_marvell_set_countermeasures: enabled=0</p>
<p>wpa_driver_marvell_set_drop_unencrypted: enabled=1</p>
<p>Setting scan request: 0 sec 100000 usec</p>
<p>Added interface eth0</p>
<p>RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])</p>
<p>Wireless event: cmd=0x8b06 len=8</p>
<p>State: DISCONNECTED -> SCANNING</p>
<p>Starting AP scan (specific SSID)</p>
<p>Scan SSID - hexdump_ascii(len=4):</p>
<p> 33 43 6f 6d 3Com</p>
<p>Trying to get current scan results first without requesting a new scan to
speed up initial association</p>
<p>Received 316 bytes of scan results (3 BSSes)</p>
<p>Scan results: 3</p>
<p>Selecting BSS from priority group 2</p>
<p>0: 00:90:4c:91:00:01 ssid='linksys' wpa_ie_len=26 rsn_ie_len=0 caps=0x11</p>
<p> skip - SSID mismatch</p>
<p>1: 00:0f:cb:fe:2f:5f ssid='3Com' wpa_ie_len=0 rsn_ie_len=22 caps=0x11</p>
<p> selected based on RSN IE</p>
<p>Trying to associate with 00:0f:cb:fe:2f:5f (SSID='3Com' freq=2412 MHz)</p>
<p>Cancelling scan request</p>
<p>WPA: clearing own WPA/RSN IE</p>
<p>Automatic auth_alg selection: 0x1</p>
<p>Overriding auth_alg selection: 0x1</p>
<p>Setting Auth Alg to 0x1</p>
<p> </p>
<p>RSN: using IEEE 802.11i/D9.0</p>
<p>WPA: Selected cipher suites: group 16 pairwise 16 key_mgmt 2 proto 2</p>
<p>WPA: clearing AP WPA IE</p>
<p>WPA: set AP RSN IE - hexdump(len=22): 30 14 01 00 00 0f ac 04 01 00 00 0f
ac 04 01 00 00 0f ac 02 01 00</p>
<p>WPA: using GTK CCMP</p>
<p>WPA: using PTK CCMP</p>
<p>WPA: using KEY_MGMT WPA-PSK</p>
<p>WPA: Set own WPA IE default - hexdump(len=22): 30 14 01 00 00 0f ac 04 01
00 00 0f ac 04 01 00 00 0f ac 02 00 00</p>
<p>No keys have been configured - skip key clearing</p>
<p>wpa_driver_marvell_set_drop_unencrypted: enabled=1</p>
<p>State: SCANNING -> ASSOCIATING</p>
<p>wpa_driver_marvell_associate</p>
<p>marvell: auto association off</p>
<p>IOCTL: CMD = 0x8BE0</p>
<p> </p>
<p>Setting authentication timeout: 10 sec 0 usec</p>
<p>EAPOL: External notification - EAP success=0</p>
<p>EAPOL: External notification - EAP fail=0</p>
<p>EAPOL: External notification - portControl=Auto</p>
<p>RSN: added PMKSA cache candidate 00:0f:cb:fe:2f:5f prio 1000</p>
<p>RSN: processing PMKSA candidate list</p>
<p>RSN: not in suitable state for new pre-authentication</p>
<p>RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])</p>
<p>Wireless event: cmd=0x8b06 len=8</p>
<p>RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])</p>
<p>Wireless event: cmd=0x8b15 len=20</p>
<p>Wireless event: new AP: 00:0f:cb:fe:2f:5f</p>
<p>State: ASSOCIATING -> ASSOCIATED</p>
<p>Associated to a new BSS: BSSID=00:0f:cb:fe:2f:5f</p>
<p>No keys have been configured - skip key clearing</p>
<p>Associated with 00:0f:cb:fe:2f:5f</p>
<p>WPA: Association event - clear replay counter</p>
<p>EAPOL: External notification - portEnabled=0</p>
<p>EAPOL: External notification - portValid=0</p>
<p>EAPOL: External notification - EAP success=0</p>
<p>EAPOL: External notification - portEnabled=1</p>
<p>EAPOL: SUPP_PAE entering state CONNECTING</p>
<p>EAPOL: SUPP_BE entering state IDLE</p>
<p>Setting authentication timeout: 10 sec 0 usec</p>
<p>Cancelling scan request</p>
<p>RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])</p>
<p>Wireless event: cmd=0x8b1a len=12</p>
<p>RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])</p>
<p>RTM_NEWLINK, IFLA_IFNAME: Interface 'eth0' added</p>
<p>RX EAPOL from 00:0f:cb:fe:2f:5f</p>
<p>Setting authentication timeout: 10 sec 0 usec</p>
<p>IEEE 802.1X RX: version=1 type=3 length=95</p>
<p> EAPOL-Key type=2</p>
<p> key_info 0x8a (ver=2 keyidx=0 rsvd=0 Pairwise Ack)</p>
<p> key_length=16 key_data_length=0</p>
<p> replay_counter - hexdump(len=8): 00 00 00 00 00 00 00 01</p>
<p> key_nonce - hexdump(len=32): d0 df 5c a5 cf 43 08 42 6e 8a b8
87 80 87 8a d4 72 2a d4 ac 38 7f a5 3d 27 40 70 8c 25 07 12 e7</p>
<p> key_iv - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00</p>
<p> key_rsc - hexdump(len=8): 00 00 00 00 00 00 00 00</p>
<p> key_id (reserved) - hexdump(len=8): 00 00 00 00 00 00 00 00</p>
<p> key_mic - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00</p>
<p>State: ASSOCIATED -> 4WAY_HANDSHAKE</p>
<p>WPA: RX message 1 of 4-Way Handshake from 00:0f:cb:fe:2f:5f (ver=2)</p>
<p>RSN: msg 1/4 key data - hexdump(len=0):</p>
<p>WPA: Renewed SNonce - hexdump(len=32): 34 8e 54 04 7f 62 b8 d9 e0 86 0e 25
d9 56 75 fa e0 3d 46 6b af 6a b9 02 85 b5 5d 68 95 0b 13 98</p>
<p>WPA: PMK - hexdump(len=32): [REMOVED]</p>
<p>WPA: PTK - hexdump(len=64): [REMOVED]</p>
<p>WPA: WPA IE for msg 2/4 - hexdump(len=22): 30 14 01 00 00 0f ac 04 01 00
00 0f ac 04 01 00 00 0f ac 02 00 00</p>
<p>WPA: Sending EAPOL-Key 2/4</p>
<p>RX EAPOL from 00:0f:cb:fe:2f:5f</p>
<p>IEEE 802.1X RX: version=1 type=3 length=151</p>
<p> EAPOL-Key type=2</p>
<p> key_info 0x13ca (ver=2 keyidx=0 rsvd=0 Pairwise Install Ack MIC
Secure Encr)</p>
<p> key_length=16 key_data_length=56</p>
<p> replay_counter - hexdump(len=8): 00 00 00 00 00 00 00 02</p>
<p> key_nonce - hexdump(len=32): d0 df 5c a5 cf 43 08 42 6e 8a b8
87 80 87 8a d4 72 2a d4 ac 38 7f a5 3d 27 40 70 8c 25 07 12 e7</p>
<p> key_iv - hexdump(len=16): cf db 09 f9 f3 83 24 dd 73 2a 99 35
ed 31 d3 b9</p>
<p> key_rsc - hexdump(len=8): 00 00 00 00 00 00 00 00</p>
<p> key_id (reserved) - hexdump(len=8): 00 00 00 00 00 00 00 00</p>
<p> key_mic - hexdump(len=16): 71 0e ad d9 c5 97 3e 14 c4 fb 39 de
2f 08 d7 9b</p>
<p>RSN: encrypted key data - hexdump(len=56): a9 7e ce 1c d8 9a 12 dc 9c 54
1b 8d 57 ab 9b c4 40 65 66 b8 d6 97 81 1e c9 cf 4d c5 aa 08 1a a9 a1 21 8e cb
d8 ab 75 3e ac 8a 30 25 78 98 0e 03 ff 8d e2 ad c8 f2 50 e8</p>
<p>WPA: decrypted EAPOL-Key key data - hexdump(len=48): [REMOVED]</p>
<p>State: 4WAY_HANDSHAKE -> 4WAY_HANDSHAKE</p>
<p>WPA: RX message 3 of 4-Way Handshake from 00:0f:cb:fe:2f:5f (ver=2)</p>
<p>WPA: IE KeyData - hexdump(len=48): 30 14 01 00 00 0f ac 04 01 00 00 0f ac
04 01 00 00 0f ac 02 01 00 dd 16 00 0f ac 01 02 00 b6 63 93 bd ec 58 6f ab ba
a1 8c 25 62 85 a5 74 00 00</p>
<p>WPA: Unrecognized EAPOL-Key Key Data IE - hexdump(len=2): 00 00</p>
<p>WPA: Sending EAPOL-Key 4/4</p>
<p>WPA: Installing PTK to the driver.</p>
<p>wpa_driver_marvell_set_key: alg=CCMP key_idx=0 set_tx=1 seq_len=6 key_len=16</p>
<p>IOCTL: CMD = 0x8B2A</p>
<p> </p>
<p>EAPOL: External notification - portValid=1</p>
<p>State: 4WAY_HANDSHAKE -> GROUP_HANDSHAKE</p>
<p>RSN: received GTK in pairwise handshake - hexdump(len=18): [REMOVED]</p>
<p>WPA: Group Key - hexdump(len=16): [REMOVED]</p>
<p>WPA: Installing GTK to the driver (keyidx=2 tx=0).</p>
<p>WPA: RSC - hexdump(len=6): 00 00 00 00 00 00</p>
<p>wpa_driver_marvell_set_key: alg=CCMP key_idx=2 set_tx=0 seq_len=6 key_len=16</p>
<p>IOCTL: CMD = 0x8B2A</p>
<p> </p>
<p>WPA: Key negotiation completed with 00:0f:cb:fe:2f:5f [PTK=CCMP GTK=CCMP]</p>
<p>Cancelling authentication timeout</p>
<p>State: GROUP_HANDSHAKE -> COMPLETED</p>
<p>CTRL-EVENT-CONNECTED - Connection to 00:0f:cb:fe:2f:5f completed (auth) [id=0
id_str=]</p>
<p>EAPOL: External notification - portValid=1</p>
<p>EAPOL: External notification - EAP success=1</p>
<p>EAPOL: SUPP_PAE entering state AUTHENTICATING</p>
<p>EAPOL: SUPP_BE entering state SUCCESS</p>
<p>EAP: EAP entering state DISABLED</p>
<p>EAPOL: SUPP_PAE entering state AUTHENTICATED</p>
<p>EAPOL: SUPP_BE entering state IDLE</p>
<p><b>RSN: processing PMKSA candidate list</b></p>
<p><b>RSN: not in suitable state for new pre-authentication</b></p>
<p>EAPOL: startWhen --> 0</p>
<p> </p>
<p>-Raghu</p>
<p> </p>
<p> </p>
<p> </p><p> </p><!--SP:s.raghu--><!--s.raghu:EP--></BODY></HTML>