Hi, I have a freeradius with LDAP, supplicants use either EAP-PEAP or EAP-TTLS. Sometimes, Windows (mainly XP) systems won't connect, packages arrive only to Access Point but no to radius server. Generally, solution is rebooting the AP but I wonder if I need to tweak something on AP, this the result from tcpdump:
12:45:07.808808 00:22:5f:43:f4:31 (oui Unknown) > Broadcast Null Unnumbered, xid, Flags [Response], length 6: 01 00 12:45:07.815594 02:25:9c:14:06:6e (oui Unknown) > 00:25:9c:14:06:6e (oui Unknown), ethertype Unknown (0x886c), length 94: 0x0000: 8001 007a 0000 1018 0001 0001 0000 0000 ...z............ 0x0010: 0008 0000 0000 0000 0000 0000 0000 0000 ................ 0x0020: 0016 0022 5f43 f431 776c 3000 0000 0000 ..."_C.1wl0..... 0x0030: 0000 0000 0000 0000 3014 0100 000f ac02 ........0....... 0x0040: 0100 000f ac04 0100 000 ac01 0000 0000 ................ 12:45:07.819711 EAPOL start (1) v1, len 0 12:45:07.825580 02:25:9c:14:06:6e (oui Unknown) > 00:25:9c:14:06:6e (oui Unknown), ethertype Unknown (0x886c), length 77: 0x0000: 8001 0069 0000 1018 0001 0001 0000 0000 ...i............ 0x0010: 0019 0000 0000 0000 0000 0000 0000 0000 ................ 0x0020: 0005 0022 5f43 f431 776d 3000 0000 0000 ..."_C.1wl0..... 0x0030: 0000 0000 0000 0000 0101 0000 0000 00 ............... 12:45:18.821489 IP 192.168.188.131.17500 > 192.168.188.255.17500: UDP, length 127 12:45:20.417512 ARP, Request who-has 192.168.188.1 (00:25:9c:14:06:6c (oui Unknown)) tell 192.168.188.187, length 28 12:45:20.417682 ARP, Reply 192.168.188.1 is-at 00:25:9c:14:06:6c (oui Unknown), length 28 12:45:28.095608 ARP, Request who-has 192.168.188.131 tell 192.168.188.1, length 28 12:45:28.098097 ARP, Reply 192.168.188.131 is-at 00:1f:5b:bb:77:f2 (oui Unknown), length 28 12:45:31.165528 ARP, Request who-has 192.168.188.187 tell 192.168.188.1, length 28 12:45:31.169815 ARP, Reply 192.168.188.187 is-at 00:25:d3:74:49:ac (oui Unknown), length 28 12:45:48.919456 ARP, Request who-has 192.168.188.1 (00:25:9c:14:06:6c (oui Unknown)) tell 192.168.188.187, length 28 12:45:48.919612 ARP, Reply 192.168.188.1 is-at 00:25:9c:14:06:6c (oui Unknown), length 28 12:46:04.655521 ARP, Request who-has 192.168.188.187 tell 192.168.188.1, length 28 12:46:04.656464 ARP, Reply 192.168.188.187 is-at 00:25:d3:74:49:ac (oui Unknown), length 28 12:46:09.114950 EAPOL start (1) v1, len 0 12:46:09.115553 02:25:9c:14:06:6e (oui Unknown) > 00:25:9c:14:06:6e (oui Unknown), ethertype Unknown (0x886c), length 77: 0x0000: 8001 0069 0000 1018 0001 0001 0000 0000 ...i............ 0x0010: 0019 0000 0000 0000 0000 0000 0000 0000 ................ 0x0020: 0005 0022 5f43 f431 776d 3000 0000 0000 ..."_.1wl0..... 0x0030: 0000 0000 0000 0000 0101 0000 0000 00 ............... 12:46:14.920025 ARP, Request who-has 192.168.188.1 (00:25:9c:14:06:6c (oui Unknown)) tell 192.168.188.187, length 28 12:46:14.920228 ARP, Reply 192.168.188.1 is-at 00:25:9c:14:06:6c (oui Unknown), length 28 Thanks in advance! -- -- Sergio Belkin http://www.sergiobelkin.com Watch More TV http://sebelk.blogspot.com Sergio Belkin - - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html