Re: IEEE 802.1X support with Host AP driver


From: Mody Sachin \(Princeton\) (ModyS_at_tce.com)
Date: 2002-09-25 15:16:17 UTC



Hi,
Sorry the message I posted the first time around had both plain text and HTML formats. I'm sending the same thing again in plain text. Hopefully this time it will show in the right format for everyone. I've been trying to use the hostapd 802.1x to do EAP/TTLS and EAP/TLS authentication and I seem to be having a problem. Following if the description of my system setup and the problem that i have been having:

Client Machine:
Windows 2000. 802.1x client from Funnk Software, capable of TLS and TTLS. Orinoco Silver Card with support for dynamic keys and 802.1x

Access Point:
Hostapd software with Linksys WPC11 card, Linux PC, kernel 2.4.7-10

Authenticatio Server:
MeetingHouse.com Aegis server on same machine as the AP. The Aegis server works as a TTLS proxy, with FreeRadius as the final authentication serevr.(EAP-MD5 as the authentication protocol within the tunnel).

Everytime I try the TLS or TTLS authentication I get an error message saying Message too long on a ieee802.1x send.
Below are the debug messages for the problem, this is for the EAP-TLS case, the problem with EAP-TTLS is also exactly the same: (Its very long)

opening raw packet socket for ifindex 6
Using interface wlan0ap with hwaddr 00:06:25:a8:74:3a and ssid '802.1X' Flushing old station entries

Received 30 bytes management frame
  dump: b0 00 02 01 00 06 25 a8 74 3a 00 02 2d 2b 0e cb 00 06 25 a8 74 3a b0 00 00 00 01 00 00 00
MGMT
mgmt::auth
authentication: STA=00:02:2d:2b:0e:cb auth_alg=0 auth_transaction=1 status_code=0 New STA
Station 00:02:2d:2b:0e:cb authenticated (open system) Received 42 bytes management frame
  dump: 00 00 02 01 00 06 25 a8 74 3a 00 02 2d 2b 0e cb 00 06 25 a8 74 3a c0 00 11 00 01 00 00 06 38 30 32 2e 31 58 01 04 02 04 0b 16 MGMT
mgmt::assoc_req
association request: STA=00:02:2d:2b:0e:cb capab_info=0x11 listen_interval=1   new AID 1
Station 00:02:2d:2b:0e:cb associated (aid 1)

IEEE 802.1X: Start authentication for new station 00:02:2d:2b:0e:cb
IEEE 802.1X: 00:02:2d:2b:0e:cb AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb AUTH_KEY_TX entering state NO_KEY_TRANSMIT
IEEE 802.1X: 00:02:2d:2b:0e:cb AUTH_PAE entering state DISCONNECTED
IEEE 802.1X: Unauthorizing station 00:02:2d:2b:0e:cb
IEEE 802.1X: Sending canned EAP packet FAILURE to 00:02:2d:2b:0e:cb
(identifier 0)IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state IDLE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb AUTH_PAE entering state CONNECTING
IEEE 802.1X: Sending EAP Request-Identity to 00:02:2d:2b:0e:cb (identifier
1)
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE Received 51 bytes management frame
  dump: 08 01 02 01 00 06 25 a8 74 3a 00 02 2d 2b 0e cb 00 06 25 a8 74 3a d0 00 aa aa 03 00 00 00 88 8e 01 00 00 0f 02 01 00 0f 01 38 30 32 31 78 2d 75 73 65 72
DATA
IEEE 802.1X: 19 bytes from 00:02:2d:2b:0e:cb

   IEEE 802.1X: version=1 type=0 length=15    EAP: code=2 identifier=1 length=15 (response)    EAP Response-Identity
IEEE 802.1X: 00:02:2d:2b:0e:cb AUTH_PAE entering state AUTHENTICATING IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state RESPONSE Encapsulating EAP message into a RADIUS packet Sending RADIUS message to authentication server RADIUS message: code=1 (Access-Request) identifier=0 length=160

   Attribute 1 (User-Name) length=12

      Value: '8021x-user'
   Attribute 4 (NAS-IP-Address) length=6

      Value: 192.168.0.100
   Attribute 5 (NAS-Port) length=6

      Value: 1
   Attribute 30 (Called-Station-Id) length=26

      Value: '00-06-25-A8-74-3A:802.1X'
   Attribute 31 (Calling-Station-Id) length=19

      Value: '00-02-2D-2B-0E-CB'
   Attribute 12 (Framed-MTU) length=6

      Value: 2304
   Attribute 61 (NAS-Port-Type) length=6

      Value: 19
   Attribute 77 (Connect-Info) length=24

      Value: 'CONNECT 11Mbps 802.11b'
   Attribute 79 (EAP-Message) length=17
   Attribute 80 (Message-Authenticator) length=18 IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE Received 98 bytes from authentication server Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=0 length=98

   Attribute 79 (EAP-Message) length=39
   Attribute 24 (State) length=21
   Attribute 80 (Message-Authenticator) length=18
RADIUS packet matching with station 00:02:2d:2b:0e:cb
IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:02:2d:2b:0e:cb (identifier 2)
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
Received 42 bytes management frame
  dump: 08 01 02 01 00 06 25 a8 74 3a 00 02 2d 2b 0e cb 00 06 25 a8 74 3a f0 00 aa aa 03 00 00 00 88 8e 01 00 00 06 02 02 00 06 03 0d DATA
IEEE 802.1X: 10 bytes from 00:02:2d:2b:0e:cb

   IEEE 802.1X: version=1 type=0 length=6    EAP: code=2 identifier=2 length=6 (response)    EAP Response-Nak
IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state RESPONSE Encapsulating EAP message into a RADIUS packet Sending RADIUS message to authentication server RADIUS message: code=1 (Access-Request) identifier=1 length=172

   Attribute 1 (User-Name) length=12

      Value: '8021x-user'
   Attribute 4 (NAS-IP-Address) length=6

      Value: 192.168.0.100
   Attribute 5 (NAS-Port) length=6

      Value: 1
   Attribute 30 (Called-Station-Id) length=26

      Value: '00-06-25-A8-74-3A:802.1X'
   Attribute 31 (Calling-Station-Id) length=19

      Value: '00-02-2D-2B-0E-CB'
   Attribute 12 (Framed-MTU) length=6

      Value: 2304
   Attribute 61 (NAS-Port-Type) length=6

      Value: 19
   Attribute 77 (Connect-Info) length=24

      Value: 'CONNECT 11Mbps 802.11b'

   Attribute 79 (EAP-Message) length=8
   Attribute 24 (State) length=21
   Attribute 80 (Message-Authenticator) length=18
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE Received 67 bytes from authentication server Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=1 length=67
   Attribute 79 (EAP-Message) length=8
   Attribute 24 (State) length=21
   Attribute 80 (Message-Authenticator) length=18
RADIUS packet matching with station 00:02:2d:2b:0e:cb
IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:02:2d:2b:0e:cb (identifier 3)
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
Received 134 bytes management frame
  dump: 08 01 02 01 00 06 25 a8 74 3a 00 02 2d 2b 0e cb 00 06 25 a8 74 3a 00 01 aa aa 03 00 00 00 88 8e 01 00 00 62 02 03 00 62 0d 80 00 00 00 58 16 03 01 00 53 01 00 00 4f 03 01 3d 90 c4 5d 6a dc 71 22 9c f2 a0 38 da 50 39 64 68 02 9f 4d 3d fb 92 1c dc d0 e8 fc a1 e5 0e a1 00 00 28 00 16 00 13 00 66 00 15 00 12 00 0a 00 05 00 04 00 09 00 63 00 65 00 60 00 62 00 61 00 64 00 14 00 11 00 03 00 06 00 08 01 00 DATA
IEEE 802.1X: 102 bytes from 00:02:2d:2b:0e:cb

   IEEE 802.1X: version=1 type=0 length=98    EAP: code=2 identifier=3 length=98 (response)    EAP Response-TLS
IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state RESPONSE Encapsulating EAP message into a RADIUS packet Sending RADIUS message to authentication server RADIUS message: code=1 (Access-Request) identifier=2 length=264

   Attribute 1 (User-Name) length=12

      Value: '8021x-user'
   Attribute 4 (NAS-IP-Address) length=6

      Value: 192.168.0.100
   Attribute 5 (NAS-Port) length=6

      Value: 1
   Attribute 30 (Called-Station-Id) length=26

      Value: '00-06-25-A8-74-3A:802.1X'
   Attribute 31 (Calling-Station-Id) length=19

      Value: '00-02-2D-2B-0E-CB'
   Attribute 12 (Framed-MTU) length=6

      Value: 2304
   Attribute 61 (NAS-Port-Type) length=6

      Value: 19
   Attribute 77 (Connect-Info) length=24

      Value: 'CONNECT 11Mbps 802.11b'

   Attribute 79 (EAP-Message) length=100
   Attribute 24 (State) length=21
   Attribute 80 (Message-Authenticator) length=18
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE Received 2369 bytes from authentication server Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=2 length=2369
   Attribute 79 (EAP-Message) length=255
   Attribute 79 (EAP-Message) length=255
   Attribute 79 (EAP-Message) length=255
   Attribute 79 (EAP-Message) length=255
   Attribute 79 (EAP-Message) length=255
   Attribute 79 (EAP-Message) length=255
   Attribute 79 (EAP-Message) length=255
   Attribute 79 (EAP-Message) length=255
   Attribute 79 (EAP-Message) length=255
   Attribute 79 (EAP-Message) length=15
   Attribute 24 (State) length=21
   Attribute 80 (Message-Authenticator) length=18
RADIUS packet matching with station 00:02:2d:2b:0e:cb IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state REQUEST IEEE 802.1X: Sending EAP Packet to 00:02:2d:2b:0e:cb (identifier 4)
ieee802_1x_send: send: Message too long
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb Port Timers TICK (timers: 29 0 3599 29)
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE

-do-
-do-

IEEE 802.1X: 00:02:2d:2b:0e:cb Port Timers TICK (timers: 10 0 3599 10) IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE Received 36 bytes management frame
  dump: 08 01 02 01 00 06 25 a8 74 3a 00 02 2d 2b 0e cb 00 06 25 a8 74 3a 30 01 aa aa 03 00 00 00 88 8e 01 01 00 00
DATA
IEEE 802.1X: 4 bytes from 00:02:2d:2b:0e:cb

   IEEE 802.1X: version=1 type=1 length=0    EAPOL-Start

IEEE 802.1X: 00:02:2d:2b:0e:cb AUTH_PAE entering state ABORTING
IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb AUTH_PAE entering state CONNECTING
IEEE 802.1X: Sending EAP Request-Identity to 00:02:2d:2b:0e:cb (identifier
5)
IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state IDLE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
Received 51 bytes management frame
  dump: 08 01 02 01 00 06 25 a8 74 3a 00 02 2d 2b 0e cb 00 06 25 a8 74 3a 40 01 aa aa 03 00 00 00 88 8e 01 00 00 0f 02 05 00 0f 01 38 30 32 31 78 2d 75 73 65 72
DATA
IEEE 802.1X: 19 bytes from 00:02:2d:2b:0e:cb

   IEEE 802.1X: version=1 type=0 length=15    EAP: code=2 identifier=5 length=15 (response)    EAP Response-Identity
IEEE 802.1X: 00:02:2d:2b:0e:cb AUTH_PAE entering state AUTHENTICATING IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state RESPONSE Encapsulating EAP message into a RADIUS packet Sending RADIUS message to authentication server RADIUS message: code=1 (Access-Request) identifier=3 length=181

   Attribute 1 (User-Name) length=12

      Value: '8021x-user'
   Attribute 4 (NAS-IP-Address) length=6

      Value: 192.168.0.100
   Attribute 5 (NAS-Port) length=6

      Value: 1
   Attribute 30 (Called-Station-Id) length=26

      Value: '00-06-25-A8-74-3A:802.1X'
   Attribute 31 (Calling-Station-Id) length=19

      Value: '00-02-2D-2B-0E-CB'
   Attribute 12 (Framed-MTU) length=6

      Value: 2304
   Attribute 61 (NAS-Port-Type) length=6

      Value: 19
   Attribute 77 (Connect-Info) length=24

      Value: 'CONNECT 11Mbps 802.11b'

   Attribute 79 (EAP-Message) length=17
   Attribute 24 (State) length=21
   Attribute 80 (Message-Authenticator) length=18
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb Port Timers TICK (timers: 29 0 3599 29)
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb Port Timers TICK (timers: 28 0 3599 28) IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
-do-
-do-
IEEE 802.1X: 00:02:2d:2b:0e:cb Port Timers TICK (timers: 11 0 3599 11)
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb Port Timers TICK (timers: 10 0 3599 10)
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
Received 36 bytes management frame
  dump: 08 01 02 01 00 06 25 a8 74 3a 00 02 2d 2b 0e cb 00 06 25 a8 74 3a 50 01 aa aa 03 00 00 00 88 8e 01 01 00 00
DATA
IEEE 802.1X: 4 bytes from 00:02:2d:2b:0e:cb

   IEEE 802.1X: version=1 type=1 length=0    EAPOL-Start

IEEE 802.1X: 00:02:2d:2b:0e:cb AUTH_PAE entering state ABORTING
IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb AUTH_PAE entering state CONNECTING
IEEE 802.1X: Sending EAP Request-Identity to 00:02:2d:2b:0e:cb (identifier
6)
IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state IDLE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb AUTH_PAE entering state DISCONNECTED
IEEE 802.1X: Unauthorizing station 00:02:2d:2b:0e:cb
IEEE 802.1X: Sending canned EAP packet FAILURE to 00:02:2d:2b:0e:cb
(identifier 6)IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb AUTH_PAE entering state CONNECTING IEEE 802.1X: Sending EAP Request-Identity to 00:02:2d:2b:0e:cb (identifier 7)
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
Received 51 bytes management frame
  dump: 08 01 02 01 00 06 25 a8 74 3a 00 02 2d 2b 0e cb 00 06 25 a8 74 3a 60 01 aa aa 03 00 00 00 88 8e 01 00 00 0f 02 06 00 0f 01 38 30 32 31 78 2d 75 73 65 72
DATA
IEEE 802.1X: 19 bytes from 00:02:2d:2b:0e:cb

   IEEE 802.1X: version=1 type=0 length=15    EAP: code=2 identifier=6 length=15 (response) EAP Identifier of the Response-Identity from 00:02:2d:2b:0e:cb does not match (was 6, expected 7)
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE Received 51 bytes management frame
  dump: 08 01 02 01 00 06 25 a8 74 3a 00 02 2d 2b 0e cb 00 06 25 a8 74 3a 70 01 aa aa 03 00 00 00 88 8e 01 00 00 0f 02 07 00 0f 01 38 30 32 31 78 2d 75 73 65 72
DATA
IEEE 802.1X: 19 bytes from 00:02:2d:2b:0e:cb

   IEEE 802.1X: version=1 type=0 length=15    EAP: code=2 identifier=7 length=15 (response)    EAP Response-Identity
IEEE 802.1X: 00:02:2d:2b:0e:cb AUTH_PAE entering state AUTHENTICATING IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state RESPONSE Encapsulating EAP message into a RADIUS packet Sending RADIUS message to authentication server RADIUS message: code=1 (Access-Request) identifier=4 length=181

   Attribute 1 (User-Name) length=12

      Value: '8021x-user'
   Attribute 4 (NAS-IP-Address) length=6

      Value: 192.168.0.100
   Attribute 5 (NAS-Port) length=6

      Value: 1
   Attribute 30 (Called-Station-Id) length=26

      Value: '00-06-25-A8-74-3A:802.1X'
   Attribute 31 (Calling-Station-Id) length=19

      Value: '00-02-2D-2B-0E-CB'
   Attribute 12 (Framed-MTU) length=6

      Value: 2304
   Attribute 61 (NAS-Port-Type) length=6

      Value: 19
   Attribute 77 (Connect-Info) length=24

      Value: 'CONNECT 11Mbps 802.11b'

   Attribute 79 (EAP-Message) length=17
   Attribute 24 (State) length=21
   Attribute 80 (Message-Authenticator) length=18
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb Port Timers TICK (timers: 29 0 3599 29) IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
-do-
-do-

IEEE 802.1X: 00:02:2d:2b:0e:cb Port Timers TICK (timers: 10 0 3599 10) IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE Received 36 bytes management frame
  dump: 08 01 02 01 00 06 25 a8 74 3a 00 02 2d 2b 0e cb 00 06 25 a8 74 3a 80 01 aa aa 03 00 00 00 88 8e 01 01 00 00
DATA
IEEE 802.1X: 4 bytes from 00:02:2d:2b:0e:cb

   IEEE 802.1X: version=1 type=1 length=0    EAPOL-Start

IEEE 802.1X: 00:02:2d:2b:0e:cb AUTH_PAE entering state ABORTING
IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb AUTH_PAE entering state CONNECTING
IEEE 802.1X: Sending EAP Request-Identity to 00:02:2d:2b:0e:cb (identifier
8)
IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state IDLE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
Received 51 bytes management frame
  dump: 08 01 02 01 00 06 25 a8 74 3a 00 02 2d 2b 0e cb 00 06 25 a8 74 3a 90 01 aa aa 03 00 00 00 88 8e 01 00 00 0f 02 08 00 0f 01 38 30 32 31 78 2d 75 73 65 72
DATA
IEEE 802.1X: 19 bytes from 00:02:2d:2b:0e:cb

   IEEE 802.1X: version=1 type=0 length=15    EAP: code=2 identifier=8 length=15 (response)    EAP Response-Identity
IEEE 802.1X: 00:02:2d:2b:0e:cb AUTH_PAE entering state AUTHENTICATING IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state RESPONSE Encapsulating EAP message into a RADIUS packet Sending RADIUS message to authentication server RADIUS message: code=1 (Access-Request) identifier=5 length=181

   Attribute 1 (User-Name) length=12

      Value: '8021x-user'
   Attribute 4 (NAS-IP-Address) length=6

      Value: 192.168.0.100
   Attribute 5 (NAS-Port) length=6

      Value: 1
   Attribute 30 (Called-Station-Id) length=26

      Value: '00-06-25-A8-74-3A:802.1X'
   Attribute 31 (Calling-Station-Id) length=19

      Value: '00-02-2D-2B-0E-CB'
   Attribute 12 (Framed-MTU) length=6

      Value: 2304
   Attribute 61 (NAS-Port-Type) length=6

      Value: 19
   Attribute 77 (Connect-Info) length=24

      Value: 'CONNECT 11Mbps 802.11b'

   Attribute 79 (EAP-Message) length=17
   Attribute 24 (State) length=21
   Attribute 80 (Message-Authenticator) length=18
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:02:2d:2b:0e:cb Port Timers TICK (timers: 29 0 3599 29)
-do-
-do-
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb Port Timers TICK (timers: 10 0 3599 10)
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
Received 36 bytes management frame
  dump: 08 01 02 01 00 06 25 a8 74 3a 00 02 2d 2b 0e cb 00 06 25 a8 74 3a a0 01 aa aa 03 00 00 00 88 8e 01 01 00 00
DATA
IEEE 802.1X: 4 bytes from 00:02:2d:2b:0e:cb

   IEEE 802.1X: version=1 type=1 length=0    EAPOL-Start

IEEE 802.1X: 00:02:2d:2b:0e:cb AUTH_PAE entering state ABORTING
IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb AUTH_PAE entering state CONNECTING
IEEE 802.1X: Sending EAP Request-Identity to 00:02:2d:2b:0e:cb (identifier
9)
IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state IDLE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb AUTH_PAE entering state DISCONNECTED
IEEE 802.1X: Unauthorizing station 00:02:2d:2b:0e:cb
IEEE 802.1X: Sending canned EAP packet FAILURE to 00:02:2d:2b:0e:cb
(identifier 9)IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb AUTH_PAE entering state CONNECTING IEEE 802.1X: Sending EAP Request-Identity to 00:02:2d:2b:0e:cb (identifier 10)
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
Received 51 bytes management frame
  dump: 08 01 02 01 00 06 25 a8 74 3a 00 02 2d 2b 0e cb 00 06 25 a8 74 3a b0 01 aa aa 03 00 00 00 88 8e 01 00 00 0f 02 09 00 0f 01 38 30 32 31 78 2d 75 73 65 72
DATA
IEEE 802.1X: 19 bytes from 00:02:2d:2b:0e:cb

   IEEE 802.1X: version=1 type=0 length=15    EAP: code=2 identifier=9 length=15 (response) EAP Identifier of the Response-Identity from 00:02:2d:2b:0e:cb does not match (was 9, expected 10)
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE Received 51 bytes management frame
  dump: 08 01 02 01 00 06 25 a8 74 3a 00 02 2d 2b 0e cb 00 06 25 a8 74 3a c0 01 aa aa 03 00 00 00 88 8e 01 00 00 0f 02 0a 00 0f 01 38 30 32 31 78 2d 75 73 65 72
DATA
IEEE 802.1X: 19 bytes from 00:02:2d:2b:0e:cb

   IEEE 802.1X: version=1 type=0 length=15    EAP: code=2 identifier=10 length=15 (response)    EAP Response-Identity
IEEE 802.1X: 00:02:2d:2b:0e:cb AUTH_PAE entering state AUTHENTICATING IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state RESPONSE Encapsulating EAP message into a RADIUS packet Sending RADIUS message to authentication server RADIUS message: code=1 (Access-Request) identifier=6 length=181

   Attribute 1 (User-Name) length=12

      Value: '8021x-user'
   Attribute 4 (NAS-IP-Address) length=6

      Value: 192.168.0.100
   Attribute 5 (NAS-Port) length=6

      Value: 1
   Attribute 30 (Called-Station-Id) length=26

      Value: '00-06-25-A8-74-3A:802.1X'
   Attribute 31 (Calling-Station-Id) length=19

      Value: '00-02-2D-2B-0E-CB'
   Attribute 12 (Framed-MTU) length=6

      Value: 2304
   Attribute 61 (NAS-Port-Type) length=6

      Value: 19
   Attribute 77 (Connect-Info) length=24

      Value: 'CONNECT 11Mbps 802.11b'

   Attribute 79 (EAP-Message) length=17
   Attribute 24 (State) length=21
   Attribute 80 (Message-Authenticator) length=18
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE Received 98 bytes from authentication server Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=6 length=98
   Attribute 79 (EAP-Message) length=39
   Attribute 24 (State) length=21
   Attribute 80 (Message-Authenticator) length=18
RADIUS packet matching with station 00:02:2d:2b:0e:cb
IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:02:2d:2b:0e:cb (identifier 11)
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
Received 42 bytes management frame
  dump: 08 01 02 01 00 06 25 a8 74 3a 00 02 2d 2b 0e cb 00 06 25 a8 74 3a d0 01 aa aa 03 00 00 00 88 8e 01 00 00 06 02 0b 00 06 03 0d DATA
IEEE 802.1X: 10 bytes from 00:02:2d:2b:0e:cb

   IEEE 802.1X: version=1 type=0 length=6    EAP: code=2 identifier=11 length=6 (response)    EAP Response-Nak
IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state RESPONSE Encapsulating EAP message into a RADIUS packet Sending RADIUS message to authentication server RADIUS message: code=1 (Access-Request) identifier=7 length=172

   Attribute 1 (User-Name) length=12

      Value: '8021x-user'
   Attribute 4 (NAS-IP-Address) length=6

      Value: 192.168.0.100
   Attribute 5 (NAS-Port) length=6

      Value: 1
   Attribute 30 (Called-Station-Id) length=26

      Value: '00-06-25-A8-74-3A:802.1X'
   Attribute 31 (Calling-Station-Id) length=19

      Value: '00-02-2D-2B-0E-CB'
   Attribute 12 (Framed-MTU) length=6

      Value: 2304
   Attribute 61 (NAS-Port-Type) length=6

      Value: 19
   Attribute 77 (Connect-Info) length=24

      Value: 'CONNECT 11Mbps 802.11b'

   Attribute 79 (EAP-Message) length=8
   Attribute 24 (State) length=21
   Attribute 80 (Message-Authenticator) length=18
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE Received 67 bytes from authentication server Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=7 length=67
   Attribute 79 (EAP-Message) length=8
   Attribute 24 (State) length=21
   Attribute 80 (Message-Authenticator) length=18
RADIUS packet matching with station 00:02:2d:2b:0e:cb
IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:02:2d:2b:0e:cb (identifier 12)
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
Received 134 bytes management frame
  dump: 08 01 02 01 00 06 25 a8 74 3a 00 02 2d 2b 0e cb 00 06 25 a8 74 3a e0 01 aa aa 03 00 00 00 88 8e 01 00 00 62 02 0c 00 62 0d 80 00 00 00 58 16 03 01 00 53 01 00 00 4f 03 01 3d 90 c4 ad 3c 0a 2f 2e 2f a2 48 c3 2d 60 4f 1a d1 72 c0 39 3a e0 d3 f0 9b 60 d4 f9 90 90 99 6e 00 00 28 00 16 00 13 00 66 00 15 00 12 00 0a 00 05 00 04 00 09 00 63 00 65 00 60 00 62 00 61 00 64 00 14 00 11 00 03 00 06 00 08 01 00 DATA
IEEE 802.1X: 102 bytes from 00:02:2d:2b:0e:cb

   IEEE 802.1X: version=1 type=0 length=98    EAP: code=2 identifier=12 length=98 (response)    EAP Response-TLS
IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state RESPONSE Encapsulating EAP message into a RADIUS packet Sending RADIUS message to authentication server RADIUS message: code=1 (Access-Request) identifier=8 length=264

   Attribute 1 (User-Name) length=12

      Value: '8021x-user'
   Attribute 4 (NAS-IP-Address) length=6

      Value: 192.168.0.100
   Attribute 5 (NAS-Port) length=6

      Value: 1
   Attribute 30 (Called-Station-Id) length=26

      Value: '00-06-25-A8-74-3A:802.1X'
   Attribute 31 (Calling-Station-Id) length=19

      Value: '00-02-2D-2B-0E-CB'
   Attribute 12 (Framed-MTU) length=6

      Value: 2304
   Attribute 61 (NAS-Port-Type) length=6

      Value: 19
   Attribute 77 (Connect-Info) length=24

      Value: 'CONNECT 11Mbps 802.11b'

   Attribute 79 (EAP-Message) length=100
   Attribute 24 (State) length=21
   Attribute 80 (Message-Authenticator) length=18
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE Received 2369 bytes from authentication server Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=8 length=2369
   Attribute 79 (EAP-Message) length=255
   Attribute 79 (EAP-Message) length=255
   Attribute 79 (EAP-Message) length=255
   Attribute 79 (EAP-Message) length=255
   Attribute 79 (EAP-Message) length=255
   Attribute 79 (EAP-Message) length=255
   Attribute 79 (EAP-Message) length=255
   Attribute 79 (EAP-Message) length=255
   Attribute 79 (EAP-Message) length=255
   Attribute 79 (EAP-Message) length=15
   Attribute 24 (State) length=21
   Attribute 80 (Message-Authenticator) length=18
RADIUS packet matching with station 00:02:2d:2b:0e:cb IEEE 802.1X: 00:02:2d:2b:0e:cb BE_AUTH entering state REQUEST IEEE 802.1X: Sending EAP Packet to 00:02:2d:2b:0e:cb (identifier 13)
ieee802_1x_send: send: Message too long
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb Port Timers TICK (timers: 29 0 3599 29)
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:02:2d:2b:0e:cb Port Timers TICK (timers: 28 0 3599 28)
IEEE 802.1X: 00:02:2d:2b:0e:cb REAUTH_TIMER entering state INITIALIZE
Signal 2 received - terminating
Flushing old station entries
Deauthenticate all stations

Has anyone else had a similar problem trying to use TLS? I'm not trying to use encryption as yet.

Regards,

Sachin S. Mody
Thomson Multimedia, Corporate Research
2 Independence Way,
Princeton, NJ 08543
Ph# 609-987-7321
Fax# 609-987-7299



This archive was generated by hypermail 2.1.4.