I have tried and it was working. :) Great!<br>Though I have errors
related to the server certificate... The server certificate
(server_keycert.pem: the certificate and private key are in the same
file) is on the server side, but maybe eapol_test expects it to be at a
specific path? Or to be in a different format?<br>
<br>This is part of the log: <br><div id="1eq2" class="ArwC7c ckChnd">OpenSSL:
tls_connection_client_cert - SSL_use_certificate_file (DER) failed
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag <br>
OpenSSL: pending error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error <br>OpenSSL: pending error: error:140C800D:SSL routines:SSL_use_certificate_file:ASN1 lib <br>
OpenSSL: SSL_use_certificate_file (PEM) --> OK <br>OpenSSL:
tls_connection_private_key - SSL_use_PrivateKey_File (DER) failed
error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag <br>
OpenSSL: pending error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag <br>OpenSSL: pending error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error <br>
OpenSSL: pending error: error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib <br>OpenSSL: pending error: error:140CB00D:SSL routines:SSL_use_PrivateKey_file:ASN1 lib <br>
OpenSSL: SSL_use_PrivateKey_File (PEM) --> OK <br>SSL: Private key loaded successfully <br>
CTRL-EVENT-EAP-METHOD EAP vendor 0 method 13 (TLS) selected <br>EAP: EAP entering state METHOD <br>
SSL: Received packet(len=6) - Flags 0x20 <br>EAP-TLS: Start <br>SSL: (where=0x10 ret=0x1) <br>SSL: (where=0x1001 ret=0x1) <br>
SSL: SSL_connect:before/connect initialization <br>SSL: (where=0x1001 ret=0x1) <br>SSL: SSL_connect:SSLv3 write client hello A <br>
SSL: (where=0x1002 ret=0xffffffff) <br>SSL: SSL_connect:error in SSLv3 read server hello A <br>SSL: SSL_connect - want more data </div>
<br><br><div class="gmail_quote">On Fri, Jun 13, 2008 at 2:38 PM, Dana Blanaru <<a href="mailto:dana.blanaru@gmail.com">dana.blanaru@gmail.com</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Jouni, thank you very much for your quick response.<br>So after configuring the NAS client on the RADIUS server side, the command i have to use is:<br><br><pre style="font-family: arial,sans-serif;"><font size="2">eapol_test -c <eapol_test config file> -a<IP of Radius server> -p1812 -s<shared secret><br>
<br>Please confirm.<br></font></pre><div><div></div><div class="Wj3C7c"><br><br><div class="gmail_quote">On Fri, Jun 13, 2008 at 2:31 PM, Jouni Malinen <<a href="mailto:j@w1.fi" target="_blank">j@w1.fi</a>> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div>On Fri, Jun 13, 2008 at 11:34:37AM +0200, Dana Blanaru wrote:<br>
<br>
> Is it possible to use eapol_test tool to test other authentication servers?<br>
> I want to test our AAA server using eapol_test tool and i don't know how to<br>
> link these 2 together.<br>
<br>
</div>Sure. There is nothing FreeRADIUS-specific in eapol_test.<br>
<div><br>
> Did anybody tried to do this? How to setup my server in order to work with<br>
> eapol_test?<br>
<br>
</div>Yes, I use eapol_test to test wpa_supplicant EAP peer implementation<br>
against number of RADIUS authentication servers. The server side does<br>
not need any additional configuration apart from allowing the host that<br>
you use to run eapol_test on to act as a RADIUS client. In other words,<br>
you will just need to configure that host as a NAS/client in the RADIUS<br>
server configuration. At that point, you will also assign a shared<br>
secret for the client (i.e., the one that you set with -s option for<br>
eapol_test).<br>
<font color="#888888"><br>
--<br>
Jouni Malinen PGP id EFC895FA<br>
_______________________________________________<br>
HostAP mailing list<br>
<a href="mailto:HostAP@lists.shmoo.com" target="_blank">HostAP@lists.shmoo.com</a><br>
<a href="http://lists.shmoo.com/mailman/listinfo/hostap" target="_blank">http://lists.shmoo.com/mailman/listinfo/hostap</a><br>
</font></blockquote></div><br>
</div></div></blockquote></div><br>