help

c k Wed, 02 Aug 2006 06:17:34 -0700

Hi friends,
I want to deploy freeradius authentication in my wireless lan.
I m using EAP-TLS with Windows XP SP2 inbuilt supplicant.
Everything works fine till the freeradius server and hostapd is initialized.But then i think authentication fails.It shows a list of "REAUTH_TIMER entering state INITIALIZE" message.For more details i m pasting he hostapd output.Plz help.

hostapd -dd hostapd.conf
Configuration file: hostapd.conf
ctrl_interface_group=0
madwifi_set_iface_flags: dev_up=0
Using interface ath0 with hwaddr 00:15:6d:50:02:53 and ssid 'Havanet-EDS'
ath0: RADIUS Authentication server 192.168.2.224:1812
ath0: RADIUS Accounting server 192.168.2.224:1813
madwifi_set_ieee8021x: enabled=1
madwifi_configure_wpa: group key cipher=1
madwifi_configure_wpa: pairwise key ciphers=0xa
madwifi_configure_wpa: key management algorithms=0x1
madwifi_configure_wpa: rsn capabilities=0x0
madwifi_configure_wpa: enable WPA= 0x1
madwifi_set_iface_flags: dev_up=1
WPA: group state machine entering state GTK_INIT
GMK - hexdump(len=32): [REMOVED]
GTK - hexdump(len=32): [REMOVED]
WPA: group state machine entering state SETKEYSDONE
madwifi_set_key: alg=TKIP addr=00:00:00:00:00:00 key_idx=1
madwifi_set_privacy: enabled=1
ath0: RADIUS Sending RADIUS message to accounting server
ath0: RADIUS Next RADIUS client retransmit in 3 seconds

SIOCGIWRANGE: WE(compiled)=19 WE(source)=13 enc_capa=0xf
Flushing old station entries
madwifi_sta_deauth: addr=ff:ff:ff:ff:ff:ff reason_code=3
Deauthenticate all stations
l2_packet_receive - recvfrom: Network is down
Wireless event: cmd=0x8c03 len=20
ath0: STA 00:16:b6:99:81:13 IEEE 802.11: associated
New STA
ath0: STA 00:16:b6:99:81:13 WPA: event 1 notification
madwifi_del_key: addr=00:16:b6:99:81:13 key_idx=0
ath0: STA 00:16:b6:99:81:13 IEEE 802.1X: start authentication
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 BE_AUTH entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_KEY_TX entering state NO_KEY_TRANSMIT
IEEE 802.1X: 00:16:b6:99:81:13 KEY_RX entering state NO_KEY_RECEIVE
IEEE 802.1X: 00:16:b6:99:81:13 CTRL_DIR entering state IN_OR_BOTH
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 BE_AUTH entering state IDLE
IEEE 802.1X: 00:16:b6:99:81:13 KEY_RX entering state NO_KEY_RECEIVE
IEEE 802.1X: 00:16:b6:99:81:13 CTRL_DIR entering state FORCE_BOTH
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 KEY_RX entering state NO_KEY_RECEIVE
ath0: STA 00:16:b6:99:81:13 WPA: start authentication
WPA: 00:16:b6:99:81:13 WPA_PTK entering state INITIALIZE
madwifi_del_key: addr=00:16:b6:99:81:13 key_idx=0
WPA: 00:16:b6:99:81:13 WPA_PTK_GROUP entering state IDLE
WPA: 00:16:b6:99:81:13 WPA_PTK entering state AUTHENTICATION
WPA: 00:16:b6:99:81:13 WPA_PTK entering state AUTHENTICATION2
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_PAE entering state DISCONNECTED
ath0: STA 00:16:b6:99:81:13 IEEE 802.1X: unauthorizing port
madwifi_set_sta_authorized: addr=00:16:b6:99:81:13 authorized=0
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_PAE entering state RESTART
IEEE 802.1X: station 00:16:b6:99:81:13 - new auth session, clearing State
IEEE 802.1X: Generated EAP Request-Identity for 00:16:b6:99:81:13 (identifier 0, timeout 30)
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_PAE entering state CONNECTING
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_PAE entering state AUTHENTICATING
IEEE 802.1X: 00:16:b6:99:81:13 BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:16:b6:99:81:13 (identifier 0)
TX EAPOL - hexdump(len=42): 00 16 b6 99 81 13 00 15 6d 50 02 53 88 8e 01 00 00 18 01 00 00 18 01 57 65 6c 63 6f 6d 65 54 6f 48 61 76 61 6e 65 74 57 44 53
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 15 bytes from 00:16:b6:99:81:13
   IEEE 802.1X: version=1 type=0 length=11
   EAP: code=2 identifier=0 length=11 (response)
ath0: STA 00:16:b6:99:81:13 IEEE 802.1X: received EAP packet (code=2 id=0 len=11) from STA: EAP Response-Identity (1)
ath0: STA 00:16:b6:99:81:13 IEEE 802.1X: STA identity 'client'
IEEE 802.1X: 00:16:b6:99:81:13 BE_AUTH entering state RESPONSE
Encapsulating EAP message into a RADIUS packet
ath0: RADIUS Sending RADIUS message to authentication server
ath0: RADIUS Next RADIUS client retransmit in 0 seconds

IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 5 bytes from 00:16:b6:99:81:13
   IEEE 802.1X: version=1 type=1 length=0
   ignoring 1 extra octets after IEEE 802.1X packet
ath0: STA 00:16:b6:99:81:13 IEEE 802.1X: received EAPOL-Start from STA
ath0: STA 00:16:b6:99:81:13 WPA: event 5 notification
WPA: 00:16:b6:99:81:13 WPA_PTK entering state AUTHENTICATION2
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_PAE entering state ABORTING
IEEE 802.1X: 00:16:b6:99:81:13 BE_AUTH entering state INITIALIZE
ath0: STA 00:16:b6:99:81:13 IEEE 802.1X: aborting authentication
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_PAE entering state RESTART
IEEE 802.1X: station 00:16:b6:99:81:13 - new auth session, clearing State
IEEE 802.1X: Generated EAP Request-Identity for 00:16:b6:99:81:13 (identifier 1, timeout 30)
IEEE 802.1X: 00:16:b6:99:81:13 BE_AUTH entering state IDLE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_PAE entering state CONNECTING
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 AUTH_PAE entering state AUTHENTICATING
IEEE 802.1X: 00:16:b6:99:81:13 BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:16:b6:99:81:13 (identifier 1)
TX EAPOL - hexdump(len=42): 00 16 b6 99 81 13 00 15 6d 50 02 53 88 8e 01 00 00 18 01 01 00 18 01 57 65 6c 63 6f 6d 65 54 6f 48 61 76 61 6e 65 74 57 44 53
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 15 bytes from 00:16:b6:99:81:13
   IEEE 802.1X: version=1 type=0 length=11
   EAP: code=2 identifier=1 length=11 (response)
ath0: STA 00:16:b6:99:81:13 IEEE 802.1X: received EAP packet (code=2 id=1 len=11) from STA: EAP Response-Identity (1)
ath0: STA 00:16:b6:99:81:13 IEEE 802.1X: STA identity 'client'
IEEE 802.1X: 00:16:b6:99:81:13 BE_AUTH entering state RESPONSE
Encapsulating EAP message into a RADIUS packet
ath0: RADIUS Sending RADIUS message to authentication server
ath0: RADIUS Next RADIUS client retransmit in 0 seconds

IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 15 bytes from 00:16:b6:99:81:13
   IEEE 802.1X: version=1 type=0 length=11
   EAP: code=2 identifier=0 length=11 (response)
ath0: STA 00:16:b6:99:81:13 IEEE 802.1X: EAP Identifier of the Response-Identity does not match (was 0, expected 1) - ignored
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 15 bytes from 00:16:b6:99:81:13
   IEEE 802.1X: version=1 type=0 length=11
   EAP: code=2 identifier=1 length=11 (response)
ath0: STA 00:16:b6:99:81:13 IEEE 802.1X: received EAP packet (code=2 id=1 len=11) from STA: EAP Response-Identity (1)
ath0: STA 00:16:b6:99:81:13 IEEE 802.1X: STA identity 'client'
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
ath0: STA 00:00:00:00:00:00 RADIUS: Resending RADIUS message (id=0)
ath0: RADIUS Next RADIUS client retransmit in 3 seconds
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:16:b6:99:81:13 REAUTH_TIMER entering state INITIALIZE
ath0: STA 00:16:b6:99:81:13 RADIUS: Resending RADIUS message (id=2)
ath0: STA 00:16:b6:99:81:13 RADIUS: Resending RADIUS message (id=1)
ath0: RADIUS Next RADIUS client retransmit in 3 seconds.

The authentication does not get successful and the wireless network notification icon on the windows XP side shows "validating" status for hours.
Plzzz help.

How low will we go? Check out Yahoo! Messengers low PC-to-Phone call rates.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

help

Reply via email to