Hello All,
I would like some help configuring my
Freeradius.
I just started with Freeradius and i am not that
familiar with wireless/certificates so i thougt to start with EAP/MD5 isof
EAP/TLS.
At this moment it looks like i can authenticate
with my WinXP wireless client with Radius.
After this first step, i believe WEP keys need to
be negotiated, but i think i have that part missing/wrong.
My AP is configurable for 64 / 128 / 256 keys
incombination with Radius.
Also no ip adress is provided, wich normally is
dhcp. I guess this only starts after WEP is enabled correctly.
I tried several options from the documentation /
newsgroup but i could not find a satisfactory answer. Most use use
EAP/TLS.
Log from Dlink950+ :
Sep 10 08:52:23 accesspoint Wireless PC
connected 00-06-25-A8-1A-41^M
Sep 10 08:52:23 accesspoint EAP-Request/Identity ^M Sep 10 08:52:27 accesspoint EAP-Request/Identity ^M Sep 10 08:52:28 accesspoint EAP-Response/Identity test^M Sep 10 08:52:28 accesspoint EAP-Success 00-06-25-A8-1A-41^M Sep 10 08:52:28 accesspoint Authentication success 00-06-25-A8-1A-41^M Log from 'radiusd -X'
Listening on IP address *, ports 1812/udp and
1813/udp.
Ready to process requests. rad_recv: Access-Request packet from host 192.168.1.50:1208, id=5, length=127 User-Name = "test" NAS-IP-Address = 192.168.1.50 NAS-Port = 0 Called-Station-Id = "00-06-25-57-19-30" Calling-Station-Id = "00-06-25-A8-1A-41" NAS-Identifier = "DLinksys" Framed-MTU = 1380 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x020100090174657374 Message-Authenticator = 0x184aa44ed364409f16c602d99246001f modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok rlm_eap: EAP packet type notification id 1 length 9 rlm_eap: EAP Start not found modcall[authorize]: module "eap" returns updated rlm_realm: No '@' in User-Name = "test", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop users: Matched test at 65 modcall[authorize]: module "files" returns ok modcall: group authorize returns updated rad_check_password: Found Auth-Type Eap auth: type "EAP" modcall: entering group authenticate rlm_eap: EAP packet type notification id 1 length 9 rlm_eap: EAP Start not found rlm_eap: EAP Identity rlm_eap: processing type md5 rlm_eap_md5: Issuing Challenge modcall[authenticate]: module "eap" returns ok modcall: group authenticate returns ok Sending Access-Challenge of id 5 to 192.168.1.50:1208 Service-Type = Framed-User Framed-IP-Address = 192.168.1.60 EAP-Message = 0x01020016041023d501626551f8686251a69aa65d1673 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xfa177e6e7af08f0a7d81cdc88fb0ec36c7e85e3fef6eb9e9076194ae611171657670ad58 Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.1.50:1208, id=6, length=182 User-Name = "test" NAS-IP-Address = 192.168.1.50 NAS-Port = 0 Called-Station-Id = "00-06-25-57-19-30" Calling-Station-Id = "00-06-25-A8-1A-41" NAS-Identifier = "DLinksys" Framed-MTU = 1380 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0202001a0410dc1a846ef45ec42e6a34841cd457c24d74657374 State = 0xfa177e6e7af08f0a7d81cdc88fb0ec36c7e85e3fef6eb9e9076194ae611171657670ad58 Message-Authenticator = 0x9abd4fa94be9f54c3eb4d2a5f8b08e88 modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok rlm_eap: EAP packet type notification id 2 length 26 rlm_eap: EAP Start not found modcall[authorize]: module "eap" returns updated rlm_realm: No '@' in User-Name = "test", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop users: Matched test at 65 modcall[authorize]: module "files" returns ok modcall: group authorize returns updated rad_check_password: Found Auth-Type Eap auth: type "EAP" modcall: entering group authenticate rlm_eap: EAP packet type notification id 2 length 26 rlm_eap: EAP Start not found rlm_eap: Request found, released from the list rlm_eap: EAP_TYPE - md5 rlm_eap: processing type md5 rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns ok modcall: group authenticate returns ok Sending Access-Accept of id 6 to 192.168.1.50:1208 Service-Type = Framed-User Framed-IP-Address = 192.168.1.60 EAP-Message = 0x03020004 Message-Authenticator = 0x00000000000000000000000000000000 Finished request 1 Going to the next request Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 5 with timestamp 3f5ee8c7 Cleaning up request 1 ID 6 with timestamp 3f5ee8c7 Nothing to do. Sleeping until we see a request. [EMAIL PROTECTED]:/home/ron# |
- Re: EAP/MD5 question Ronald Jochems
- Re: EAP/MD5 question Artur Hecker
- Re: EAP/MD5 question Ronald Jochems