Egy ujabb szinttel elorebb a megoldashoz (leirom hatha masnak is jo lehet kesobb), az elobb emlitett oldalon talaltam eap teszteleshez egesz jo leirast ( http://deployingradius.com/scripts/eapol_test/ ), mint kiderult a radeapclient nemigazan hasznalhato erre, ezert maradt a eapol_test hasznalata.
Ugyhogy jelenleg ott tartok, h eap-ttls-en belul eap nelkuli auth-al mukodik, vagyis ha eap-ttls pap/chap/mschap tesztet futtatok akkor success valaszt visszakapom:
RADIUS packet matching with station
MS-MPPE-Send-Key (sign) - hexdump(len=32): c8 97 0d c2 22 14 02 c5 81 d9 92 4e a3 62 dc f6 72 61 26 be a2 bc 95 6a d5 0d 1c c9 46 f2 16 b9
MS-MPPE-Recv-Key (crypt) - hexdump(len=32): 10 14 d1 2a 6c 6b 42 cc ba 97 f6 6a 96 6c c5 24 5b 9e f4 cb 56 62 70 e7 09 b5 af a9 5c b2 86 f4
decapsulated EAP packet (code=3 id=6 len=4) from RADIUS server: EAP Success
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Success
EAP: EAP entering state SUCCESS
CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
EAPOL: IEEE 802.1X for plaintext connection; no EAPOL-Key frames required
WPA: EAPOL processing complete
EAPOL: SUPP_PAE entering state AUTHENTICATED
EAPOL: SUPP_BE entering state RECEIVE
EAPOL: SUPP_BE entering state SUCCESS
EAPOL: SUPP_BE entering state IDLE
eapol_sm_cb: success=1
EAPOL: Successfully fetched key (len=32)
PMK from EAPOL - hexdump(len=32): 10 14 d1 2a 6c 6b 42 cc ba 97 f6 6a 96 6c c5 24 5b 9e f4 cb 56 62 70 e7 09 b5 af a9 5c b2 86 f4
EAP: deinitialize previously used EAP method (21, TTLS) at EAP deinit
ENGINE: engine deinit
MPPE keys OK: 1 mismatch: 0
SUCCESS
Ha eap-ttls eap-md5/eap-mschapv2, eap-peap eap-mschapv2 -t akarom tesztelni akkor viszont elhasal:
RADIUS packet matching with station
decapsulated EAP packet (code=4 id=6 len=4) from RADIUS server: EAP Failure
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Failure
EAP: EAP entering state FAILURE
CTRL-EVENT-EAP-FAILURE EAP authentication failed
EAPOL: SUPP_PAE entering state HELD
EAPOL: SUPP_BE entering state RECEIVE
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_BE entering state IDLE
eapol_sm_cb: success=0
EAPOL: EAP key not available
EAP: deinitialize previously used EAP method (21, TTLS) at EAP deinit
ENGINE: engine deinit
MPPE keys OK: 0 mismatch: 1
FAILURE
Otlet vkinek h hol lehet a gond vagy mit ellenorizzek?
--
Don't Panic if you see me laughing,
that's not a bug, just a feature.