Re: EAP / AP1200 / Windows XP

laddepp · ‎06-03-2004

Hello,

I'm attemping to authenticate from Windows XP to a 3rd party radius server via EAP. I'm debugging the radius server and it seems that the access point is not communicating with it at all. Below is some debugging information from the access point. Any help would be greatly appreciated!

Thanks in advance,

Ladd

Jun 3 21:41:18.200: dot11_auth_add_client_entry: Create new client 000c.4138.ccd9

Jun 3 21:41:18.201: dot11_auth_initialize_client: 000c.4138.ccd9 is added to the client list

Jun 3 21:41:18.201: dot11_auth_add_client_entry: req->auth_type 0

Jun 3 21:41:18.201: dot11_auth_add_client_entry: auth_methods_inprocess: 2

Jun 3 21:41:18.202: dot11_auth_add_client_entry: eap list name: eap_methods

Jun 3 21:41:18.202: dot11_run_auth_methods: Start auth method EAP or LEAP

Jun 3 21:41:18.202: dot11_auth_dot1x_start: in the dot11_auth_dot1x_start

Jun 3 21:41:18.202: dot11_auth_dot1x_send_id_req_to_client: sending identity request for 000c.4138.ccd9

Jun 3 21:41:18.202: EAPOL pak dump tx

Jun 3 21:41:18.202: EAPOL Version: 0x1 type: 0x0 length: 0x0005

Jun 3 21:41:18.202: EAP code: 0x1 id: 0x1 length: 0x0005 type: 0x1

00E00680: 01000005 01010005 01 .........

Jun 3 21:41:18.202: dot11_auth_send_msg: sending data to requestor status 1

Jun 3 21:41:18.202: dot11_auth_send_msg: Sending EAPOL to requestor

Jun 3 21:41:18.203: dot11_auth_dot1x_send_id_req_to_client: Started timer client_timeout 30 seconds

Jun 3 21:41:18.208: dot11_auth_parse_client_pak: Received EAPOL packet from 000c.4138.ccd9

Jun 3 21:41:18.208: EAPOL pak dump rx

Jun 3 21:41:18.208: EAPOL Version: 0x1 type: 0x1 length: 0x0000

00E12800: 01010000 ....

Jun 3 21:41:18.208: dot11_auth_dot1x_run_rfsm: Executing Action(CLIENT_WAIT,EAP_START) for 000c.4138.ccd9

Jun 3 21:41:18.208: dot11_auth_dot1x_send_id_req_to_client: sending identity request for 000c.4138.ccd9

Jun 3 21:41:18.208: EAPOL pak dump tx

Jun 3 21:41:18.208: EAPOL Version: 0x1 type: 0x0 length: 0x0005

Jun 3 21:41:18.208: EAP code: 0x1 id: 0x2 length: 0x0005 type: 0x1

00E002E0: 01000005 01020005 ........

00E002F0: 01 .

Jun 3 21:41:18.209: dot11_auth_send_msg: sending data to requestor status 1

Jun 3 21:41:18.209: dot11_auth_send_msg: Sending EAPOL to requestor

Jun 3 21:41:18.209: dot11_auth_dot1x_send_id_req_to_client: Started timer client_timeout 30 seconds

verdann · ‎06-04-2004

Looks like the AP didn't like the identity-response from the XP supplicant - what type of wireless card and driver are you using?

laddepp · ‎06-04-2004

The card is a Linksys WUSB12 using the lswlusb.sys driver (USB Wireless adaptor). I was under the impression that the AP just passes along the authentication info to the RADIUS server. Am I wrong here? Also, is there anything I can try to get this to work with my existing hardware?

Thank You for your help.

lje

laddepp · ‎06-04-2004

The following was recorded from a:

debug dot11 aaa manager all

This time, I'm using a Cisco Aironet 350 card using the XP supplicant. I'm by no means an expert here, but it looks like the AP is trying to authenticate to itself. Why doesn't it try to authenticate against my RADIUS server?

Thank You for your assistance.

Jun 4 20:21:32.929: dot11_mgr_sm_send_resp_to_authent: Sending client response to local Authenticator

Jun 4 20:21:32.929: dot11_mgr_disp_auth_eapol: Sending pak from client 0009.b77e.c315 to local Authenticator

Jun 4 20:21:32.929: dot11_auth_parse_client_pak: Received EAPOL packet from 0009.b77e.c315

Jun 4 20:21:32.929: dot11_auth_parse_client_pak: no client found