I ran the following test on my Radhat (Fodora 6) server to test eap-tls
(after I started radiusd):
./eapol_test -c ../network -a 127.0.0.1 -p1812 -s secret -r 1
It failed after some handshake with the server:
.......
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=3 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state METHOD
SSL: Received packet(len=213) - Flags 0x80
SSL: TLS Message Length: 1227
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 read server hello A
TLS: Certificate verification failed, error 18 (self signed certificate)
depth 0 for '/C=US/ST=California/L=Oak Park/O=Jins
Company/OU=Engineering/CN=jinlu/[EMAIL PROTECTED]'
SSL: (where=0x4008 ret=0x230)
SSL: SSL3 alert: write (local SSL3 detected an error):fatal:unknown CA
SSL: (where=0x1002 ret=0xffffffff)
SSL: SSL_connect:error in SSLv3 read server certificate B
OpenSSL: tls_connection_handshake - SSL_connect error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
........
The configuration is
network={
ssid="roofnet"
key_mgmt=WPA-EAP
eap=TLS
ca_cert="/etc/pki/CA/cacert.pem"
identity="jinlu"
client_cert="/etc/pki/tls/misc/cert-clt.pem"
private_key="/etc/pki/tls/misc/cert-key.pem"
private_key_passwd="......"
}
where the certificates are created based on a standard procedure.
Could someone shed some light into the problem (unknown CA...)? Thanks in
advance for your help.
For your information, I include the long test output in the following (after
removing some lines).
----------------------------------------------------------------------------------------------------------
[EMAIL PROTECTED] wpa_supplicant-0.5.8]# ./eapol_test -c ../network
-a127.0.0.1 -p1812 -s secret -r 1
Reading configuration file '../network'
Line: 1 - start of a new network block
ssid - hexdump_ascii(len=7):
72 6f 6f 66 6e 65 74 roofnet
key_mgmt: 0x1
eap methods - hexdump(len=16): 00 00 00 00 0d 00 00 00 00 00 00 00 00 00 00
00
ca_cert - hexdump_ascii(len=22):
2f 65 74 63 2f 70 6b 69 2f 43 41 2f 63 61 63 65 /etc/pki/CA/cace
72 74 2e 70 65 6d rt.pem
identity - hexdump_ascii(len=5):
6a 69 6e 6c 75 jinlu
client_cert - hexdump_ascii(len=30):
2f 65 74 63 2f 70 6b 69 2f 74 6c 73 2f 6d 69 73 /etc/pki/tls/mis
63 2f 63 65 72 74 2d 63 6c 74 2e 70 65 6d c/cert-clt.pem
private_key - hexdump_ascii(len=30):
2f 65 74 63 2f 70 6b 69 2f 74 6c 73 2f 6d 69 73 /etc/pki/tls/mis
63 2f 63 65 72 74 2d 6b 65 79 2e 70 65 6d c/cert-key.pem
private_key_passwd - hexdump_ascii(len=8):
--- line omitted ---
Priority group 0
id=0 ssid='roofnet'
Authentication server 127.0.0.1:1812
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portValid=0
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_BE entering state IDLE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
Sending fake EAP-Request-Identity
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_PAE entering state RESTART
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=0 method=1 vendor=0 vendorMethod=0
EAP: EAP entering state IDENTITY
CTRL-EVENT-EAP-STARTED EAP authentication started
EAP: EAP-Request Identity data - hexdump_ascii(len=0):
EAP: using real identity - hexdump_ascii(len=5):
6a 69 6e 6c 75 jinlu
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=10)
TX EAP -> RADIUS - hexdump(len=10): 02 00 00 0a 01 6a 69 6e 6c 75
Encapsulating EAP message into a RADIUS packet
Learned identity from EAP-Response-Identity - hexdump(len=5): 6a 69 6e 6c 75
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=0 length=118
Attribute 1 (User-Name) length=7
Value: 'jinlu'
Attribute 4 (NAS-IP-Address) length=6
Value: 127.0.0.1
Attribute 31 (Calling-Station-Id) length=19
Value: '02-00-00-00-00-01'
Attribute 12 (Framed-MTU) length=6
Value: 1400
Attribute 61 (NAS-Port-Type) length=6
Value: 19
Attribute 77 (Connect-Info) length=24
Value: 'CONNECT 11Mbps 802.11b'
Attribute 79 (EAP-Message) length=12
Value: 02 00 00 0a 01 6a 69 6e 6c 75
Attribute 80 (Message-Authenticator) length=18
Value: 4d 62 5a c4 38 ed f1 b8 7a 98 48 67 4b 37 64 57
Next RADIUS client retransmit in 3 seconds
EAPOL: SUPP_BE entering state RECEIVE
Received 64 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=0 length=64
Attribute 79 (EAP-Message) length=8
Value: 01 01 00 06 0d 20
Attribute 80 (Message-Authenticator) length=18
Value: 4b e0 7f d9 8c 4a d5 07 3f de d0 d3 87 9e 4c c3
Attribute 24 (State) length=18
Value: 7a 7d 47 98 47 26 f2 04 bb 85 c6 f5 ce ba 05 11
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending
request, round trip time 0.00 sec
RADIUS packet matching with station
decapsulated EAP packet (code=1 id=1 len=6) from RADIUS server:
EAP-Request-TLS (13)
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=1 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state GET_METHOD
EAP: Initialize selected EAP method: vendor 0 method 13 (TLS)
TLS: Trusted root certificate(s) loaded
OpenSSL: tls_connection_client_cert - SSL_use_certificate_file (DER) failed
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
OpenSSL: pending error: error:0D07803A:asn1 encoding
routines:ASN1_ITEM_EX_D2I:nested asn1 error
OpenSSL: pending error: error:140C800D:SSL
routines:SSL_use_certificate_file:ASN1 lib
OpenSSL: SSL_use_certificate_file (PEM) --> OK
OpenSSL: tls_connection_private_key - SSL_use_PrivateKey_File (DER) failed
error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag
OpenSSL: pending error: error:0D0680A8:asn1 encoding
routines:ASN1_CHECK_TLEN:wrong tag
OpenSSL: pending error: error:0D07803A:asn1 encoding
routines:ASN1_ITEM_EX_D2I:nested asn1 error
OpenSSL: pending error: error:0D09A00D:asn1 encoding
routines:d2i_PrivateKey:ASN1 lib
OpenSSL: pending error: error:140CB00D:SSL
routines:SSL_use_PrivateKey_file:ASN1 lib
OpenSSL: SSL_use_PrivateKey_File (PEM) --> OK
SSL: Private key loaded successfully
CTRL-EVENT-EAP-METHOD EAP vendor 0 method 13 (TLS) selected
EAP: EAP entering state METHOD
SSL: Received packet(len=6) - Flags 0x20
EAP-TLS: Start
SSL: (where=0x10 ret=0x1)
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:before/connect initialization
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 write client hello A
SSL: (where=0x1002 ret=0xffffffff)
SSL: SSL_connect:error in SSLv3 read server hello A
SSL: SSL_connect - want more data
SSL: 101 bytes pending from ssl_out
SSL: 101 bytes left to be sent out (of total 101 bytes)
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=107)
TX EAP -> RADIUS - hexdump(len=107): 02 01 00 6b 0d 00 16 03 01 00 60 01 00
00 5c 03 01 46 bb fa f5 f7 67 fd cb 52 99 b3 03 5f 34 51 9e 0f 29 0d 60 ed
34 63 c7 dc a1 5e 2f cb d9 07 f6 00 00 34 00 39 00 38 00 35 00 16 00 13 00
0a 00 33 00 32 00 2f 00 66 00 05 00 04 00 63 00 62 00 61 00 15 00 12 00 09
00 65 00 64 00 60 00 14 00 11 00 08 00 06 00 03 02 01 00
Encapsulating EAP message into a RADIUS packet
Copied RADIUS State Attribute
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=1 length=233
Attribute 1 (User-Name) length=7
Value: 'jinlu'
Attribute 4 (NAS-IP-Address) length=6
Value: 127.0.0.1
Attribute 31 (Calling-Station-Id) length=19
Value: '02-00-00-00-00-01'
Attribute 12 (Framed-MTU) length=6
Value: 1400
Attribute 61 (NAS-Port-Type) length=6
Value: 19
Attribute 77 (Connect-Info) length=24
Value: 'CONNECT 11Mbps 802.11b'
Attribute 79 (EAP-Message) length=109
Value: 02 01 00 6b 0d 00 16 03 01 00 60 01 00 00 5c 03 01 46 bb fa f5 f7 67
fd cb 52 99 b3 03 5f 34 51 9e 0f 29 0d 60 ed 34 63 c7 dc a1 5e 2f cb d9 07
f6 00 00 34 00 39 00 38 00 35 00 16 00 13 00 0a 00 33 00 32 00 2f 00 66 00
05 00 04 00 63 00 62 00 61 00 15 00 12 00 09 00 65 00 64 00 60 00 14 00 11
00 08 00 06 00 03 02 01 00
Attribute 24 (State) length=18
Value: 7a 7d 47 98 47 26 f2 04 bb 85 c6 f5 ce ba 05 11
Attribute 80 (Message-Authenticator) length=18
Value: b0 84 c6 41 88 20 b7 26 24 39 a0 b1 e9 85 ff e9
Next RADIUS client retransmit in 3 seconds
EAPOL: SUPP_BE entering state RECEIVE
Received 1100 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=1 length=1100
Attribute 79 (EAP-Message) length=255
Value: 01 02 04 0a 0d c0 00 00 04 cb 16 03 01 00 4a 02 00 00 46 03 01 46 bb
fa f5 57 38 38 bf 2a e4 bb 09 14 5e 6a 8a 9f 3b b2 20 3d 76 ad 16 7a 06 63
d9 35 87 c4 73 20 a6 ef c4 e3 0b 74 12 65 ab c5 57 65 12 fe 0a 3d 07 bd 48
42 ea 62 f4 a2 b3 34 31 10 3a 26 9e 64 00 39 01 16 03 01 02 c9 0b 00 02 c5
00 02 c2 00 02 bf 30 82 02 bb 30 82 02 24 a0 03 02 01 02 02 01 01 30 0d 06
09 2a 86 48 86 f7 0d 01 01 05 05 00 30 81 96 31 0b 30 09 06 03 55 04 06 13
02 55 53 31 13 30 11 06 03 55 04 08 13 0a 43 61 6c 69 66 6f 72 6e 69 61 31
11 30 0f 06 03 55 04 07 13 08 4f 61 6b 20 50 61 72 6b 31 15 30 13 06 03 55
04 0a 13 0c 4a 69 6e 73 20 43 6f 6d 70 61 6e 79 31 14 30 12 06 03 55 04 0b
13 0b 45 6e 67 69 6e 65 65 72 69 6e 67 31 0e 30 0c 06 03 55 04 03 13 05 6a
69 6e 6c 75 31
Attribute 79 (EAP-Message) length=255
Value: 22 30 20 06 09 2a 86 48 86 f7 0d 01 09 01 16 13 6a 69 6e 6c 75 38 35
39 31 40 79 61 68 6f 6f 2e 63 6f 6d 30 1e 17 0d 30 37 30 37 31 39 31 31 31
38 32 32 5a 17 0d 30 38 30 37 31 38 31 31 31 38 32 32 5a 30 81 96 31 0b 30
09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 43 61 6c 69
66 6f 72 6e 69 61 31 11 30 0f 06 03 55 04 07 13 08 4f 61 6b 20 50 61 72 6b
31 15 30 13 06 03 55 04 0a 13 0c 4a 69 6e 73 20 43 6f 6d 70 61 6e 79 31 14
30 12 06 03 55 04 0b 13 0b 45 6e 67 69 6e 65 65 72 69 6e 67 31 0e 30 0c 06
03 55 04 03 13 05 6a 69 6e 6c 75 31 22 30 20 06 09 2a 86 48 86 f7 0d 01 09
01 16 13 6a 69 6e 6c 75 38 35 39 31 40 79 61 68 6f 6f 2e 63 6f 6d 30 81 9f
30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 81
00 ac 5d dd 1b
Attribute 79 (EAP-Message) length=255
Value: 4a c0 83 9e 76 98 29 d5 c8 5c 9c 31 70 8a 19 ec b3 01 35 45 c8 c5 10
53 58 6a 29 81 b0 3b ab 03 4b 34 71 fa 9d dc 53 59 7f ba c6 43 75 da bc 87
85 3e 6f ac a3 cf 8b 53 cd ea 40 ea 28 ed ea 63 1f f1 bc 69 cb 04 03 b3 02
d6 e4 b9 6d 7d c8 4d ea 18 b6 f2 ca f7 3a fa d5 64 1b 9e ae 42 8f e0 85 1f
9f 5c 41 50 d9 63 d5 e3 5d 7a ba ab 14 52 42 72 7f 47 bf 37 c6 be 40 8e b4
e3 02 03 01 00 01 a3 17 30 15 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b 06
01 05 05 07 03 01 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00
88 07 66 f2 ce 74 08 a4 be 06 35 5f e8 74 92 56 fb 54 89 cb fd 7e 3e 13 f9
14 03 2b 85 9d 12 66 26 fb b2 95 37 5d d8 c9 c3 af 12 8a 01 ed d6 f8 cf a8
a4 01 65 a5 82 b7 02 c6 01 23 2e 2f ba 1e 1f a8 6d d2 c0 d7 62 92 a2 ad 88
e9 ea 98 88 14
Attribute 79 (EAP-Message) length=255
Value: d4 40 e7 01 88 ef ae ac 1e 29 1c e3 4d 51 59 1e f8 aa 1d ed 80 09 8b
1c da 97 a4 14 83 e6 03 20 6d cc a8 f8 63 f8 00 71 92 4a c7 de 3b 71 a5 39
16 03 01 01 0d 0c 00 01 09 00 40 f4 55 ff 48 c7 dd e1 e9 a1 9c 2d 4d 0a 1b
d4 5c 56 e6 6c 13 3a 11 c0 9e 59 20 42 9b 7d 56 f5 f8 4f f0 68 9d c3 57 4c
0d c0 90 75 2d 86 cc 4a d1 5c 4d 81 ac e2 ba 90 23 86 cc 30 26 aa 17 ca 0b
00 01 02 00 40 7f 8a 85 b5 af 2e 76 e8 56 a0 fd 41 e6 cb 05 2d 17 4e 9a eb
47 08 6d 75 5e ef 29 3d d7 42 18 df 21 5b 9b 56 cf fa 7a c0 8a 88 46 00 fe
27 a3 92 fd 30 4a 6e 82 3e 26 ee 69 5e e5 ce 9f 78 f7 a1 00 80 8c 1a 55 2f
d9 b2 0b 6a fb 27 15 f8 a4 af b6 4a c5 1f 24 49 5d 2c 50 60 20 7c 9a 0d 70
61 cf b8 20 b3 c6 7b 78 b9 ba 13 9e 48 8c 67 be 18 9b 31 5e 72 ac a9 1a f0
ac 75 0a 2b d5
Attribute 79 (EAP-Message) length=24
Value: bd 99 51 4b a9 51 ed 4f dd 9d f3 58 bb 68 b0 84 64 09 56 82 18 40
Attribute 80 (Message-Authenticator) length=18
Value: 12 59 88 7a 60 55 f3 ec 87 2d cc 1e b5 30 87 1c
Attribute 24 (State) length=18
Value: 02 94 35 6e ba 17 63 c8 36 be fd ca b0 bd 0e b2
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending
request, round trip time 0.00 sec
RADIUS packet matching with station
decapsulated EAP packet (code=1 id=2 len=1034) from RADIUS server:
EAP-Request-TLS (13)
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=2 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state METHOD
SSL: Received packet(len=1034) - Flags 0xc0
SSL: TLS Message Length: 1227
SSL: Need 203 bytes more input data
SSL: Building ACK
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=6)
TX EAP -> RADIUS - hexdump(len=6): 02 02 00 06 0d 00
Encapsulating EAP message into a RADIUS packet
Copied RADIUS State Attribute
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=2 length=132
Attribute 1 (User-Name) length=7
Value: 'jinlu'
Attribute 4 (NAS-IP-Address) length=6
Value: 127.0.0.1
Attribute 31 (Calling-Station-Id) length=19
Value: '02-00-00-00-00-01'
Attribute 12 (Framed-MTU) length=6
Value: 1400
Attribute 61 (NAS-Port-Type) length=6
Value: 19
Attribute 77 (Connect-Info) length=24
Value: 'CONNECT 11Mbps 802.11b'
Attribute 79 (EAP-Message) length=8
Value: 02 02 00 06 0d 00
Attribute 24 (State) length=18
Value: 02 94 35 6e ba 17 63 c8 36 be fd ca b0 bd 0e b2
Attribute 80 (Message-Authenticator) length=18
Value: c7 19 1d 9c 59 b2 71 6f 53 66 56 39 e1 d8 f8 43
Next RADIUS client retransmit in 3 seconds
EAPOL: SUPP_BE entering state RECEIVE
Received 271 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=2 length=271
Attribute 79 (EAP-Message) length=215
Value: 01 03 00 d5 0d 80 00 00 04 cb 9a e6 89 25 59 d6 a3 5a fc 29 ca b0 33
64 f1 d2 07 5f d1 18 3d 92 eb d3 8b 6e d9 5b 26 fa 18 e5 98 9b e4 96 39 24
31 48 3e 0d f0 b0 c7 9a bc 16 03 01 00 97 0d 00 00 8f 04 03 04 01 02 00 88
00 86 30 81 83 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55
04 08 13 0a 43 61 6c 69 66 6f 72 6e 69 61 31 15 30 13 06 03 55 04 0a 13 0c
4a 69 6e 73 20 43 6f 6d 70 61 6e 79 31 14 30 12 06 03 55 04 0b 13 0b 45 6e
67 69 6e 65 65 72 69 6e 67 31 0e 30 0c 06 03 55 04 03 13 05 6a 69 6e 6c 75
31 22 30 20 06 09 2a 86 48 86 f7 0d 01 09 01 16 13 6a 69 6e 6c 75 38 35 39
31 40 79 61 68 6f 6f 2e 63 6f 6d 0e 00 00 00
Attribute 80 (Message-Authenticator) length=18
Value: 6a b5 d5 15 78 ec 0d a6 92 50 8e 45 38 63 ba 52
Attribute 24 (State) length=18
Value: 5f 54 ce c4 d3 14 cd b3 23 76 96 b7 c4 27 2a 3e
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending
request, round trip time 0.00 sec
RADIUS packet matching with station
decapsulated EAP packet (code=1 id=3 len=213) from RADIUS server:
EAP-Request-TLS (13)
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=3 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state METHOD
SSL: Received packet(len=213) - Flags 0x80
SSL: TLS Message Length: 1227
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 read server hello A
TLS: Certificate verification failed, error 18 (self signed certificate)
depth 0 for '/C=US/ST=California/L=Oak Park/O=Jins
Company/OU=Engineering/CN=jinlu/[EMAIL PROTECTED]'
SSL: (where=0x4008 ret=0x230)
SSL: SSL3 alert: write (local SSL3 detected an error):fatal:unknown CA
SSL: (where=0x1002 ret=0xffffffff)
SSL: SSL_connect:error in SSLv3 read server certificate B
OpenSSL: tls_connection_handshake - SSL_connect error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
SSL: 7 bytes pending from ssl_out
SSL: Failed - tls_out available to report error
SSL: 7 bytes left to be sent out (of total 7 bytes)
EAP-TLS: TLS processing failed
EAP: method process -> ignore=FALSE methodState=DONE decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=13)
TX EAP -> RADIUS - hexdump(len=13): 02 03 00 0d 0d 00 15 03 01 00 02 02 30
Encapsulating EAP message into a RADIUS packet
Copied RADIUS State Attribute
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=3 length=139
Attribute 1 (User-Name) length=7
Value: 'jinlu'
Attribute 4 (NAS-IP-Address) length=6
Value: 127.0.0.1
Attribute 31 (Calling-Station-Id) length=19
Value: '02-00-00-00-00-01'
Attribute 12 (Framed-MTU) length=6
Value: 1400
Attribute 61 (NAS-Port-Type) length=6
Value: 19
Attribute 77 (Connect-Info) length=24
Value: 'CONNECT 11Mbps 802.11b'
Attribute 79 (EAP-Message) length=15
Value: 02 03 00 0d 0d 00 15 03 01 00 02 02 30
Attribute 24 (State) length=18
Value: 5f 54 ce c4 d3 14 cd b3 23 76 96 b7 c4 27 2a 3e
Attribute 80 (Message-Authenticator) length=18
Value: c1 6a 58 d8 74 f7 5f dc 07 9d 85 6f 8d b6 14 5d
Next RADIUS client retransmit in 3 seconds
EAPOL: SUPP_BE entering state RECEIVE
EAPOL: startWhen --> 0
STA 02:00:00:00:00:01: Resending RADIUS message (id=3)
Next RADIUS client retransmit in 6 seconds
Received 44 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=3 (Access-Reject) identifier=3 length=44
Attribute 79 (EAP-Message) length=6
Value: 04 03 00 04
Attribute 80 (Message-Authenticator) length=18
Value: a2 c8 1a 01 9b 4b 9b 3f 98 29 ee c0 74 7b 37 6a
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending
request, round trip time 0.00 sec
RADIUS packet matching with station
decapsulated EAP packet (code=4 id=3 len=4) from RADIUS server: EAP Failure
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Failure
EAP: EAP entering state FAILURE
CTRL-EVENT-EAP-FAILURE EAP authentication failed
EAPOL: SUPP_PAE entering state HELD
EAPOL: SUPP_BE entering state RECEIVE
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_BE entering state IDLE
eapol_sm_cb: success=0
EAP: deinitialize previously used EAP method (13, TLS) at EAP deinit
ENGINE: engine deinit
MPPE keys OK: 0 mismatch: 2
FAILURE
--
View this message in context:
http://www.nabble.com/eapol_test---failed%2C--please-help-tf4324490.html#a12315550
Sent from the OpenSSL - User mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
