seit heute morgen können sich unsere Clients auf einem AP nicht mehr anmelden. OHNE das am AP irgend etwas verändert wurde.
Folgender EAP Trace...
[EAP] 2005/10/28 19:01:04,450
Passphrase used for WPA/PSK-based key exchange with peer 001310830bf4 on SSID GraitschenNet_WPA is 2005zierbock2005wpa
[EAP] 2005/10/28 19:01:04,450
***Starting EAP key exchange with supplicant 001310830bf4
-->PMK not yet available, postpone negotiation
[EAP] 2005/10/28 19:01:04,470
Passphrase used for WPA/PSK-based key exchange with peer 001310830bfa on SSID GraitschenNet_WPA is 2005reiber2005wpa
[EAP] 2005/10/28 19:01:04,470
***Starting EAP key exchange with supplicant 001310830bfa
-->PMK not yet available, postpone negotiation
[EAP] 2005/10/28 19:01:04,480
Passphrase used for WPA/PSK-based key exchange with peer 001310830bfc on SSID GraitschenNet_WPA is 2005muellerjens2005wpa
[EAP] 2005/10/28 19:01:04,480
***Starting EAP key exchange with supplicant 001310830bfc
-->PMK not yet available, postpone negotiation
[EAP] 2005/10/28 19:01:04,520
Passphrase used for WPA/PSK-based key exchange with peer 001217b869b7 on SSID GraitschenNet_WPA is 2005rathsmannmartina2005wpa
[EAP] 2005/10/28 19:01:04,520
***Starting EAP key exchange with supplicant 001217b869b7
-->PMK not yet available, postpone negotiation
[EAP] 2005/10/28 19:01:04,540
Passphrase used for WPA/PSK-based key exchange with peer 001310830a81 on SSID GraitschenNet_WPA is 2005krokerstefan2005wpa
[EAP] 2005/10/28 19:01:04,540
***Starting EAP key exchange with supplicant 001310830a81
-->PMK not yet available, postpone negotiation
[EAP] 2005/10/28 19:01:04,570
Passphrase used for WPA/PSK-based key exchange with peer 001217b86b58 on SSID GraitschenNet_WPA is 2005neundorf2005wpa
[EAP] 2005/10/28 19:01:04,570
***Starting EAP key exchange with supplicant 001217b86b58
-->PMK not yet available, postpone negotiation
[EAP] 2005/10/28 19:01:04,630
Passphrase used for WPA/PSK-based key exchange with peer 001217b86992 on SSID GraitschenNet_WPA is 2005krauseheiko2005wpa
[EAP] 2005/10/28 19:01:04,630
***Starting EAP key exchange with supplicant 001217b86992
-->PMK not yet available, postpone negotiation
[EAP] 2005/10/28 19:01:04,640
Passphrase used for WPA/PSK-based key exchange with peer 000ea6b50d4f on SSID GraitschenNet_WPA is 2005krokeroliver2005wpa
[EAP] 2005/10/28 19:01:04,640
***Starting EAP key exchange with supplicant 000ea6b50d4f
-->PMK not yet available, postpone negotiation
[EAP] 2005/10/28 19:01:07,190
Passphrase used for WPA/PSK-based key exchange with peer 001310830bfa on SSID GraitschenNet_WPA is 2005reiber2005wpa
[EAP] 2005/10/28 19:01:07,190
***Starting EAP key exchange with supplicant 001310830bfa
-->PMK not yet available, postpone negotiation
[EAP] 2005/10/28 19:01:07,290
Passphrase used for WPA/PSK-based key exchange with peer 001217b86992 on SSID GraitschenNet_WPA is 2005krauseheiko2005wpa
[EAP] 2005/10/28 19:01:07,290
***Starting EAP key exchange with supplicant 001217b86992
-->PMK not yet available, postpone negotiation
[EAP] 2005/10/28 19:01:07,610
***Received EAP packet:
-->EAPOL Header
Protocol Version : 1
Packet Type : Start
Packet Length : 0
-->forwarding non-key packet to 802.1x
[EAP] 2005/10/28 19:01:07,750
***Received EAP packet:
-->EAPOL Header
Protocol Version : 1
Packet Type : Start
Packet Length : 0
-->forwarding non-key packet to 802.1x
[EAP] 2005/10/28 19:01:07,820
Passphrase used for WPA/PSK-based key exchange with peer 001217b869b7 on SSID GraitschenNet_WPA is 2005rathsmannmartina2005wpa
[EAP] 2005/10/28 19:01:07,820
***Starting EAP key exchange with supplicant 001217b869b7
-->PMK not yet available, postpone negotiation
[EAP] 2005/10/28 19:01:08,220
***Received EAP packet:
-->EAPOL Header
Protocol Version : 1
Packet Type : Start
Packet Length : 0
-->forwarding non-key packet to 802.1x
[EAP] 2005/10/28 19:01:08,240
Passphrase used for WPA/PSK-based key exchange with peer 001310830bfc on SSID GraitschenNet_WPA is 2005muellerjens2005wpa
[EAP] 2005/10/28 19:01:08,250
***Starting EAP key exchange with supplicant 001310830bfc
-->PMK not yet available, postpone negotiation
[EAP] 2005/10/28 19:01:08,430
Passphrase used for WPA/PSK-based key exchange with peer 000ea6b50d4f on SSID GraitschenNet_WPA is 2005krokeroliver2005wpa
[EAP] 2005/10/28 19:01:08,430
***Starting EAP key exchange with supplicant 000ea6b50d4f
-->PMK not yet available, postpone negotiation
... an was liegt es?
Es wurde wirklich nichts verändert.
Bitte um Hilfestellung, Grüße experde
Hi,
Moderator: Lancom-Systems Moderatoren
nochmal...
haben jetzt alle clients bis auf einen gesperrt, folgender eap trace
[EAP] 2005/10/28 21:04:10,210
***Starting EAP key exchange with supplicant 001217b86992
-->Switching to key exchange phase 1, send corresponding packet
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 ACK
Key Length : 32
Replay Counter : 0000000000000001
Nonce : b2 19 91 2a 59 0c c8 95 ...*Y...
c1 3e e7 6a 60 9f 73 b5 .>.j`.s.
dd f7 3a fa 6e fb 9d 7d ..:.n..}
da c5 4d 9e 6d 62 a6 cf ..M.mb..
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key Data Length : 0
[EAP] 2005/10/28 21:04:10,230
***Received EAP packet:
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 119
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 MIC
Key Length : 0
Replay Counter : 0000000000000001
Nonce : b6 54 7c b9 23 29 90 36 .T|.#).6
a8 3c 31 6b 1a d9 ca a8 .<1k....
82 8d 30 75 07 5c 11 4e ..0u.\.N
74 83 63 89 de 33 f2 12 t.c..3..
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 29 14 3d 87 00 06 35 a0 ).=...5.
ce d2 82 5c 8c 25 4a bd ...\.%J.
Key Data Length : 24
Key Data : dd 16 00 50 f2 01 01 00 ...P....
00 50 f2 02 01 00 00 50 .P.....P
f2 02 01 00 00 50 f2 02 .....P..
-->Received properly sequenced packet from supplicant for phase 2
-->Computing PTK
-->MIC failure, discarding
[EAP] 2005/10/28 21:04:11,210
***Timeout occured for negotiation with 001217b86992 in phase 1
-->Retrying, this time with 1000 ms timeout...
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 ACK
Key Length : 32
Replay Counter : 0000000000000001
Nonce : b2 19 91 2a 59 0c c8 95 ...*Y...
c1 3e e7 6a 60 9f 73 b5 .>.j`.s.
dd f7 3a fa 6e fb 9d 7d ..:.n..}
da c5 4d 9e 6d 62 a6 cf ..M.mb..
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key Data Length : 0
[EAP] 2005/10/28 21:04:11,320
***Starting EAP key exchange with supplicant 001217b86992
-->Switching to key exchange phase 1, send corresponding packet
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 ACK
Key Length : 32
Replay Counter : 0000000000000001
Nonce : db 09 d0 47 80 3c 6b 03 ...G.<k.
ad a6 b6 a1 bb 6b d8 70 .....k.p
5d b5 ec 38 2e da f6 1c ]..8....
17 6d 7b 0e 0b b6 bd 87 .m{.....
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key Data Length : 0
[EAP] 2005/10/28 21:04:11,330
***Received EAP packet:
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 119
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 MIC
Key Length : 0
Replay Counter : 0000000000000001
Nonce : 41 c6 d8 b4 5f f1 a8 84 A..._...
82 57 b3 b3 d0 5b ed 82 .W...[..
69 cd 27 8a b1 41 d1 50 i.'..A.P
67 27 5f 4e 3e 7b 21 dd g'_N>{!.
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : bb 0b dc b0 60 f5 db 84 ....`...
cf 25 5f 6f dc d2 ec 2b .%_o...+
Key Data Length : 24
Key Data : dd 16 00 50 f2 01 01 00 ...P....
00 50 f2 02 01 00 00 50 .P.....P
f2 02 01 00 00 50 f2 02 .....P..
-->Received properly sequenced packet from supplicant for phase 2
-->Computing PTK
-->MIC failure, discarding
[EAP] 2005/10/28 21:04:12,400
***Timeout occured for negotiation with 001217b86992 in phase 1
-->Retrying, this time with 1000 ms timeout...
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 ACK
Key Length : 32
Replay Counter : 0000000000000001
Nonce : db 09 d0 47 80 3c 6b 03 ...G.<k.
ad a6 b6 a1 bb 6b d8 70 .....k.p
5d b5 ec 38 2e da f6 1c ]..8....
17 6d 7b 0e 0b b6 bd 87 .m{.....
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key Data Length : 0
[EAP] 2005/10/28 21:04:12,430
***Received EAP packet:
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 119
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 MIC
Key Length : 0
Replay Counter : 0000000000000001
Nonce : f9 35 9a be 90 05 2a 24 .5....*$
76 79 4d f0 96 06 d7 16 vyM.....
5e 19 e5 72 0b d6 3d c5 ^..r..=.
2d 8b f9 7b 77 ba 39 e0 -..{w.9.
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : c4 32 14 36 34 8f af c3 .2.64...
b7 f0 46 6d 06 00 79 47 ..Fm..yG
Key Data Length : 24
Key Data : dd 16 00 50 f2 01 01 00 ...P....
00 50 f2 02 01 00 00 50 .P.....P
f2 02 01 00 00 50 f2 02 .....P..
-->Received properly sequenced packet from supplicant for phase 2
-->Computing PTK
-->MIC failure, discarding
[EAP] 2005/10/28 21:04:13,410
***Timeout occured for negotiation with 001217b86992 in phase 1
-->Retrying, this time with 1000 ms timeout...
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 ACK
Key Length : 32
Replay Counter : 0000000000000001
Nonce : db 09 d0 47 80 3c 6b 03 ...G.<k.
ad a6 b6 a1 bb 6b d8 70 .....k.p
5d b5 ec 38 2e da f6 1c ]..8....
17 6d 7b 0e 0b b6 bd 87 .m{.....
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key Data Length : 0
[EAP] 2005/10/28 21:04:13,440
***Received EAP packet:
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 119
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 MIC
Key Length : 0
Replay Counter : 0000000000000001
Nonce : 8b b5 32 0a 25 dd f7 58 ..2.%..X
28 fe d8 ac e8 b9 46 fd (.....F.
e1 3c 70 af fa 8f 64 f0 .<p...d.
84 52 d0 6c db de da 9b .R.l....
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 35 1e 71 f1 d1 0e 83 30 5.q....0
5f 59 36 b0 25 36 2c ef _Y6.%6,.
Key Data Length : 24
Key Data : dd 16 00 50 f2 01 01 00 ...P....
00 50 f2 02 01 00 00 50 .P.....P
f2 02 01 00 00 50 f2 02 .....P..
-->Received properly sequenced packet from supplicant for phase 2
-->Computing PTK
-->MIC failure, discarding
hilft das?
grüße, experde
[EAP] 2005/10/28 21:04:10,210
***Starting EAP key exchange with supplicant 001217b86992
-->Switching to key exchange phase 1, send corresponding packet
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 ACK
Key Length : 32
Replay Counter : 0000000000000001
Nonce : b2 19 91 2a 59 0c c8 95 ...*Y...
c1 3e e7 6a 60 9f 73 b5 .>.j`.s.
dd f7 3a fa 6e fb 9d 7d ..:.n..}
da c5 4d 9e 6d 62 a6 cf ..M.mb..
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key Data Length : 0
[EAP] 2005/10/28 21:04:10,230
***Received EAP packet:
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 119
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 MIC
Key Length : 0
Replay Counter : 0000000000000001
Nonce : b6 54 7c b9 23 29 90 36 .T|.#).6
a8 3c 31 6b 1a d9 ca a8 .<1k....
82 8d 30 75 07 5c 11 4e ..0u.\.N
74 83 63 89 de 33 f2 12 t.c..3..
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 29 14 3d 87 00 06 35 a0 ).=...5.
ce d2 82 5c 8c 25 4a bd ...\.%J.
Key Data Length : 24
Key Data : dd 16 00 50 f2 01 01 00 ...P....
00 50 f2 02 01 00 00 50 .P.....P
f2 02 01 00 00 50 f2 02 .....P..
-->Received properly sequenced packet from supplicant for phase 2
-->Computing PTK
-->MIC failure, discarding
[EAP] 2005/10/28 21:04:11,210
***Timeout occured for negotiation with 001217b86992 in phase 1
-->Retrying, this time with 1000 ms timeout...
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 ACK
Key Length : 32
Replay Counter : 0000000000000001
Nonce : b2 19 91 2a 59 0c c8 95 ...*Y...
c1 3e e7 6a 60 9f 73 b5 .>.j`.s.
dd f7 3a fa 6e fb 9d 7d ..:.n..}
da c5 4d 9e 6d 62 a6 cf ..M.mb..
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key Data Length : 0
[EAP] 2005/10/28 21:04:11,320
***Starting EAP key exchange with supplicant 001217b86992
-->Switching to key exchange phase 1, send corresponding packet
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 ACK
Key Length : 32
Replay Counter : 0000000000000001
Nonce : db 09 d0 47 80 3c 6b 03 ...G.<k.
ad a6 b6 a1 bb 6b d8 70 .....k.p
5d b5 ec 38 2e da f6 1c ]..8....
17 6d 7b 0e 0b b6 bd 87 .m{.....
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key Data Length : 0
[EAP] 2005/10/28 21:04:11,330
***Received EAP packet:
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 119
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 MIC
Key Length : 0
Replay Counter : 0000000000000001
Nonce : 41 c6 d8 b4 5f f1 a8 84 A..._...
82 57 b3 b3 d0 5b ed 82 .W...[..
69 cd 27 8a b1 41 d1 50 i.'..A.P
67 27 5f 4e 3e 7b 21 dd g'_N>{!.
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : bb 0b dc b0 60 f5 db 84 ....`...
cf 25 5f 6f dc d2 ec 2b .%_o...+
Key Data Length : 24
Key Data : dd 16 00 50 f2 01 01 00 ...P....
00 50 f2 02 01 00 00 50 .P.....P
f2 02 01 00 00 50 f2 02 .....P..
-->Received properly sequenced packet from supplicant for phase 2
-->Computing PTK
-->MIC failure, discarding
[EAP] 2005/10/28 21:04:12,400
***Timeout occured for negotiation with 001217b86992 in phase 1
-->Retrying, this time with 1000 ms timeout...
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 ACK
Key Length : 32
Replay Counter : 0000000000000001
Nonce : db 09 d0 47 80 3c 6b 03 ...G.<k.
ad a6 b6 a1 bb 6b d8 70 .....k.p
5d b5 ec 38 2e da f6 1c ]..8....
17 6d 7b 0e 0b b6 bd 87 .m{.....
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key Data Length : 0
[EAP] 2005/10/28 21:04:12,430
***Received EAP packet:
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 119
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 MIC
Key Length : 0
Replay Counter : 0000000000000001
Nonce : f9 35 9a be 90 05 2a 24 .5....*$
76 79 4d f0 96 06 d7 16 vyM.....
5e 19 e5 72 0b d6 3d c5 ^..r..=.
2d 8b f9 7b 77 ba 39 e0 -..{w.9.
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : c4 32 14 36 34 8f af c3 .2.64...
b7 f0 46 6d 06 00 79 47 ..Fm..yG
Key Data Length : 24
Key Data : dd 16 00 50 f2 01 01 00 ...P....
00 50 f2 02 01 00 00 50 .P.....P
f2 02 01 00 00 50 f2 02 .....P..
-->Received properly sequenced packet from supplicant for phase 2
-->Computing PTK
-->MIC failure, discarding
[EAP] 2005/10/28 21:04:13,410
***Timeout occured for negotiation with 001217b86992 in phase 1
-->Retrying, this time with 1000 ms timeout...
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 ACK
Key Length : 32
Replay Counter : 0000000000000001
Nonce : db 09 d0 47 80 3c 6b 03 ...G.<k.
ad a6 b6 a1 bb 6b d8 70 .....k.p
5d b5 ec 38 2e da f6 1c ]..8....
17 6d 7b 0e 0b b6 bd 87 .m{.....
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key Data Length : 0
[EAP] 2005/10/28 21:04:13,440
***Received EAP packet:
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 119
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 MIC
Key Length : 0
Replay Counter : 0000000000000001
Nonce : 8b b5 32 0a 25 dd f7 58 ..2.%..X
28 fe d8 ac e8 b9 46 fd (.....F.
e1 3c 70 af fa 8f 64 f0 .<p...d.
84 52 d0 6c db de da 9b .R.l....
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 35 1e 71 f1 d1 0e 83 30 5.q....0
5f 59 36 b0 25 36 2c ef _Y6.%6,.
Key Data Length : 24
Key Data : dd 16 00 50 f2 01 01 00 ...P....
00 50 f2 02 01 00 00 50 .P.....P
f2 02 01 00 00 50 f2 02 .....P..
-->Received properly sequenced packet from supplicant for phase 2
-->Computing PTK
-->MIC failure, discarding
hilft das?
grüße, experde
* der Weg ist das Ziel
xfach Lancom/L54g/ag/dual/3550/821/1711/L10/I10,
3xMikrotik Server, >10 Subnetze,
>250 Endgeräte,
xfach Lancom/L54g/ag/dual/3550/821/1711/L10/I10,
3xMikrotik Server, >10 Subnetze,
>250 Endgeräte,
nabend,
kann aber doch nicht sein, da die clients (alle) bis heute ca. 8:00uhr arbeiten konnten.
es war garantiert niemand bei denen bzw. am ap und hat was verstellt.
kann es noch einen anderen grund geben?
grüße, experde
es war garantiert niemand bei denen bzw. am ap und hat was verstellt.
kann es noch einen anderen grund geben?
grüße, experde
* der Weg ist das Ziel
xfach Lancom/L54g/ag/dual/3550/821/1711/L10/I10,
3xMikrotik Server, >10 Subnetze,
>250 Endgeräte,
xfach Lancom/L54g/ag/dual/3550/821/1711/L10/I10,
3xMikrotik Server, >10 Subnetze,
>250 Endgeräte,
Siehe da: http://www.lancom-forum.de/topic,1686,- ... e+weg.html
Vielleicht sollten wir die mal zusammen bringen - wäre dann sowas wie die anonymen Alkoholiker der Router Technik
Gruß
COMCARGRU
Vielleicht sollten wir die mal zusammen bringen - wäre dann sowas wie die anonymen Alkoholiker der Router Technik
Gruß
COMCARGRU
Wann zum Teufel werden ALLE PCs grundsätzlich nur noch mit Hardware RAID 1 ausgestattet???
morsche,
ap neu gebootet, firmware 5.02 (die immer ohne probs lief) neu gestartet, wlan-iface neu gestartet - trotzdem kann sich kein kunde einbuchen!
die cpu rödelt immer bei 100% last weil pro/sek. die clients eingebucht und sofort wieder ausgebucht werden...
wir verwenden wpa mit persönlichen passphrases. ich glaube wirklich nicht, dass sich alle kunden abgesprochen haben und ihre phrase geändert haben...
wir werden heute den ap mal tauschen.
grüße, experde
die cpu rödelt immer bei 100% last weil pro/sek. die clients eingebucht und sofort wieder ausgebucht werden...
wir verwenden wpa mit persönlichen passphrases. ich glaube wirklich nicht, dass sich alle kunden abgesprochen haben und ihre phrase geändert haben...
wir werden heute den ap mal tauschen.
grüße, experde
* der Weg ist das Ziel
xfach Lancom/L54g/ag/dual/3550/821/1711/L10/I10,
3xMikrotik Server, >10 Subnetze,
>250 Endgeräte,
xfach Lancom/L54g/ag/dual/3550/821/1711/L10/I10,
3xMikrotik Server, >10 Subnetze,
>250 Endgeräte,
juhu,
habe das wlan-iface ausgeschaltet, dann einen cold-boot gemacht um die cpu wieder ins lot (2-5% last) zu bekommen.
dann habe ich zu 5.04 geswitcht, den ap-modus auf only54g geschaltet und das wlan-iface wieder zugeschaltet....alle können sich nun wieder einbuch(t)en...
schon am morgen ein erfolgserlebnis ... mal sehn wie der tag wird.
viele grüße aus thüringen vom experden
p.s.: alle eingebuchtet und nur 1%! cpu-last.
dann habe ich zu 5.04 geswitcht, den ap-modus auf only54g geschaltet und das wlan-iface wieder zugeschaltet....alle können sich nun wieder einbuch(t)en...
schon am morgen ein erfolgserlebnis ... mal sehn wie der tag wird.
viele grüße aus thüringen vom experden
p.s.: alle eingebuchtet und nur 1%! cpu-last.
* der Weg ist das Ziel
xfach Lancom/L54g/ag/dual/3550/821/1711/L10/I10,
3xMikrotik Server, >10 Subnetze,
>250 Endgeräte,
xfach Lancom/L54g/ag/dual/3550/821/1711/L10/I10,
3xMikrotik Server, >10 Subnetze,
>250 Endgeräte,
Hi,
kann es sein, dass die Zeit, die der AP zur Beantwortung des ersten Pakets zur Schlüsselaushandlung abwartet zu kurz ist?
siehe->
[EAP] 2005/10/31 18:49:31,390
Passphrase used for WPA/PSK-based key exchange with peer 00508df92b59 on SSID GraitschenNet_WPA is 2005maulmario2005wpa
[EAP] 2005/10/31 18:49:31,390
***Starting EAP key exchange with supplicant 00508df92b59
-->PMK not yet available, postpone negotiation
[EAP] 2005/10/31 18:49:32,140
***PMK became available for negotiation with 00508df92b59
-->Switching to key exchange phase 1, send corresponding packet
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 ACK
Key Length : 32
Replay Counter : 0000000000000001
Nonce : 06 a9 43 cd ee ec 22 c6 ..C...".
77 76 11 63 d6 03 8b 91 wv.c....
86 b9 46 e8 43 5c a3 74 ..F.C\.t
21 ae 51 ba 10 d7 28 dd !.Q...(.
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key Data Length : 0
[EAP] 2005/10/31 18:49:33,150
***Timeout occured for negotiation with 00508df92b59 in phase 1
-->Retrying, this time with 1000 ms timeout...
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 ACK
Key Length : 32
Replay Counter : 0000000000000001
Nonce : 06 a9 43 cd ee ec 22 c6 ..C...".
77 76 11 63 d6 03 8b 91 wv.c....
86 b9 46 e8 43 5c a3 74 ..F.C\.t
21 ae 51 ba 10 d7 28 dd !.Q...(.
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key Data Length : 0
[EAP] 2005/10/31 18:49:34,180
***Timeout occured for negotiation with 00508df92b59 in phase 1
-->Retrying, this time with 1000 ms timeout...
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 ACK
Key Length : 32
Replay Counter : 0000000000000001
Nonce : 06 a9 43 cd ee ec 22 c6 ..C...".
77 76 11 63 d6 03 8b 91 wv.c....
86 b9 46 e8 43 5c a3 74 ..F.C\.t
21 ae 51 ba 10 d7 28 dd !.Q...(.
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key Data Length : 0
[EAP] 2005/10/31 18:49:35,180
***Timeout occured for negotiation with 00508df92b59 in phase 1
-->Retrying, this time with 1000 ms timeout...
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 ACK
Key Length : 32
Replay Counter : 0000000000000001
Nonce : 06 a9 43 cd ee ec 22 c6 ..C...".
77 76 11 63 d6 03 8b 91 wv.c....
86 b9 46 e8 43 5c a3 74 ..F.C\.t
21 ae 51 ba 10 d7 28 dd !.Q...(.
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key Data Length : 0
[EAP] 2005/10/31 18:49:36,180
***Timeout occured for negotiation with 00508df92b59 in phase 1
-->Retrying, this time with 1000 ms timeout...
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 ACK
Key Length : 32
Replay Counter : 0000000000000001
Nonce : 06 a9 43 cd ee ec 22 c6 ..C...".
77 76 11 63 d6 03 8b 91 wv.c....
86 b9 46 e8 43 5c a3 74 ..F.C\.t
21 ae 51 ba 10 d7 28 dd !.Q...(.
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key Data Length : 0
[EAP] 2005/10/31 18:49:37,210
***Timeout occured for negotiation with 00508df92b59 in phase 1
-->Maximum number of retries reached
-->Terminatimg session and deauthenticating client, better luck next time
[EAP] 2005/10/31 18:49:37,990
Passphrase used for WPA/PSK-based key exchange with peer 00508df92b59 on SSID GraitschenNet_WPA is 2005maulmario2005wpa
[EAP] 2005/10/31 18:49:38,000
***Starting EAP key exchange with supplicant 00508df92b59
-->PMK not yet available, postpone negotiation
[EAP] 2005/10/31 18:49:38,480
***PMK became available for negotiation with 00508df92b59
-->Switching to key exchange phase 1, send corresponding packet
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 ACK
Key Length : 32
Replay Counter : 0000000000000001
Nonce : e5 d3 17 4e 72 e9 8b a7 ...Nr...
d4 cc 46 f3 87 de a0 59 ..F....Y
ae 57 d3 0c 57 2b e9 86 .W..W+..
2b 95 f4 c3 f8 72 79 41 +....ryA
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key Data Length : 0
[EAP] 2005/10/31 18:49:38,490
***Received EAP packet:
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 119
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 MIC
Key Length : 0
Replay Counter : 0000000000000001
Nonce : 3d fc 19 78 0e b1 ac 82 =..x....
9b 9e 90 a4 43 c2 f0 3d ....C..=
da 8d 9d cc 65 77 72 a1 ....ewr.
94 f4 69 be 98 5f 4a 93 ..i.._J.
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : d6 88 8a 8f ca e5 43 e2 ......C.
b0 90 be b7 a5 58 98 a0 .....X..
Key Data Length : 24
Key Data : dd 16 00 50 f2 01 01 00 ...P....
00 50 f2 02 01 00 00 50 .P.....P
f2 02 01 00 00 50 f2 02 .....P..
-->Received properly sequenced packet from supplicant for phase 2
-->Computing PTK
-->Switching to key exchange phase 3, send corresponding packet
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 123
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 Install ACK MIC
Key Length : 32
Replay Counter : 0000000000000002
Nonce : e5 d3 17 4e 72 e9 8b a7 ...Nr...
d4 cc 46 f3 87 de a0 59 ..F....Y
ae 57 d3 0c 57 2b e9 86 .W..W+..
2b 95 f4 c3 f8 72 79 41 +....ryA
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 65 c3 c6 c6 bb c0 1c b5 e.......
35 18 67 37 ff f3 67 3b 5.g7..g;
Key Data Length : 28
Key Data : dd 1a 00 50 f2 01 01 00 ...P....
00 50 f2 02 02 00 00 50 .P.....P
f2 04 00 50 f2 02 01 00 ...P....
00 50 f2 02 .P..
[EAP] 2005/10/31 18:49:38,500
***Received EAP packet:
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 MIC
Key Length : 0
Replay Counter : 0000000000000002
Nonce : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 28 e9 d3 73 d2 32 40 86 (..s.2@.
05 5d 3c eb 6d ff 9e 59 .]<.m..Y
Key Data Length : 0
-->Received properly sequenced packet from supplicant for phase 4
-->PTK handshake successfully performed, configuring pairwise key into hardware
-->Switching to GTK negotiation
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 127
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Group Key-Index 1 Install ACK MIC Secure
Key Length : 32
Replay Counter : 0000000000000003
Nonce : 85 5e db 98 42 af 6d cc .^..B.m.
21 57 b6 e6 10 ab db 73 !W.....s
e5 ed 6e 99 9f 4e 34 6c ..n..N4l
4f a7 1a 36 27 d3 8d 1b O..6'...
Key IV : 09 03 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 6e 25 00 00 00 00 00 00 n%......
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : d7 20 be 5e d0 b8 0d 6f . .^...o
4d 5a 76 f5 d2 46 01 16 MZv..F..
Key Data Length : 32
Key Data : 2a 71 0d b1 cc 7b a1 b9 *q...{..
ae 16 51 c4 fa ee c3 ac ..Q.....
4a f9 88 fd f9 9a 1e 23 J......#
de f9 6f 7b 18 4c 61 04 ..o{.La.
[EAP] 2005/10/31 18:49:38,550
***Received EAP packet:
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Group Key-Index 0 MIC Secure
Key Length : 0
Replay Counter : 0000000000000003
Nonce : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : e9 8f af 41 4d 2f e8 d1 ...AM/..
a4 8b 86 87 69 a8 04 de ....i...
Key Data Length : 0
-->Received properly sequenced packet from supplicant for phase 6
-->GTK handshake successfully performed, enabling client for normal data transfer
Warum kommt hier:
[EAP] 2005/10/31 18:49:37,210
***Timeout occured for negotiation with 00508df92b59 in phase 1
-->Maximum number of retries reached
-->Terminatimg session and deauthenticating client, better luck next time
... obwohl er dann doch eingebucht wird?
Am Client verstellt bei uns niemand was, weil da niemand drauf kommt!
siehe->
[EAP] 2005/10/31 18:49:31,390
Passphrase used for WPA/PSK-based key exchange with peer 00508df92b59 on SSID GraitschenNet_WPA is 2005maulmario2005wpa
[EAP] 2005/10/31 18:49:31,390
***Starting EAP key exchange with supplicant 00508df92b59
-->PMK not yet available, postpone negotiation
[EAP] 2005/10/31 18:49:32,140
***PMK became available for negotiation with 00508df92b59
-->Switching to key exchange phase 1, send corresponding packet
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 ACK
Key Length : 32
Replay Counter : 0000000000000001
Nonce : 06 a9 43 cd ee ec 22 c6 ..C...".
77 76 11 63 d6 03 8b 91 wv.c....
86 b9 46 e8 43 5c a3 74 ..F.C\.t
21 ae 51 ba 10 d7 28 dd !.Q...(.
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key Data Length : 0
[EAP] 2005/10/31 18:49:33,150
***Timeout occured for negotiation with 00508df92b59 in phase 1
-->Retrying, this time with 1000 ms timeout...
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 ACK
Key Length : 32
Replay Counter : 0000000000000001
Nonce : 06 a9 43 cd ee ec 22 c6 ..C...".
77 76 11 63 d6 03 8b 91 wv.c....
86 b9 46 e8 43 5c a3 74 ..F.C\.t
21 ae 51 ba 10 d7 28 dd !.Q...(.
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key Data Length : 0
[EAP] 2005/10/31 18:49:34,180
***Timeout occured for negotiation with 00508df92b59 in phase 1
-->Retrying, this time with 1000 ms timeout...
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 ACK
Key Length : 32
Replay Counter : 0000000000000001
Nonce : 06 a9 43 cd ee ec 22 c6 ..C...".
77 76 11 63 d6 03 8b 91 wv.c....
86 b9 46 e8 43 5c a3 74 ..F.C\.t
21 ae 51 ba 10 d7 28 dd !.Q...(.
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key Data Length : 0
[EAP] 2005/10/31 18:49:35,180
***Timeout occured for negotiation with 00508df92b59 in phase 1
-->Retrying, this time with 1000 ms timeout...
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 ACK
Key Length : 32
Replay Counter : 0000000000000001
Nonce : 06 a9 43 cd ee ec 22 c6 ..C...".
77 76 11 63 d6 03 8b 91 wv.c....
86 b9 46 e8 43 5c a3 74 ..F.C\.t
21 ae 51 ba 10 d7 28 dd !.Q...(.
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key Data Length : 0
[EAP] 2005/10/31 18:49:36,180
***Timeout occured for negotiation with 00508df92b59 in phase 1
-->Retrying, this time with 1000 ms timeout...
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 ACK
Key Length : 32
Replay Counter : 0000000000000001
Nonce : 06 a9 43 cd ee ec 22 c6 ..C...".
77 76 11 63 d6 03 8b 91 wv.c....
86 b9 46 e8 43 5c a3 74 ..F.C\.t
21 ae 51 ba 10 d7 28 dd !.Q...(.
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key Data Length : 0
[EAP] 2005/10/31 18:49:37,210
***Timeout occured for negotiation with 00508df92b59 in phase 1
-->Maximum number of retries reached
-->Terminatimg session and deauthenticating client, better luck next time
[EAP] 2005/10/31 18:49:37,990
Passphrase used for WPA/PSK-based key exchange with peer 00508df92b59 on SSID GraitschenNet_WPA is 2005maulmario2005wpa
[EAP] 2005/10/31 18:49:38,000
***Starting EAP key exchange with supplicant 00508df92b59
-->PMK not yet available, postpone negotiation
[EAP] 2005/10/31 18:49:38,480
***PMK became available for negotiation with 00508df92b59
-->Switching to key exchange phase 1, send corresponding packet
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 ACK
Key Length : 32
Replay Counter : 0000000000000001
Nonce : e5 d3 17 4e 72 e9 8b a7 ...Nr...
d4 cc 46 f3 87 de a0 59 ..F....Y
ae 57 d3 0c 57 2b e9 86 .W..W+..
2b 95 f4 c3 f8 72 79 41 +....ryA
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key Data Length : 0
[EAP] 2005/10/31 18:49:38,490
***Received EAP packet:
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 119
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 MIC
Key Length : 0
Replay Counter : 0000000000000001
Nonce : 3d fc 19 78 0e b1 ac 82 =..x....
9b 9e 90 a4 43 c2 f0 3d ....C..=
da 8d 9d cc 65 77 72 a1 ....ewr.
94 f4 69 be 98 5f 4a 93 ..i.._J.
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : d6 88 8a 8f ca e5 43 e2 ......C.
b0 90 be b7 a5 58 98 a0 .....X..
Key Data Length : 24
Key Data : dd 16 00 50 f2 01 01 00 ...P....
00 50 f2 02 01 00 00 50 .P.....P
f2 02 01 00 00 50 f2 02 .....P..
-->Received properly sequenced packet from supplicant for phase 2
-->Computing PTK
-->Switching to key exchange phase 3, send corresponding packet
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 123
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 Install ACK MIC
Key Length : 32
Replay Counter : 0000000000000002
Nonce : e5 d3 17 4e 72 e9 8b a7 ...Nr...
d4 cc 46 f3 87 de a0 59 ..F....Y
ae 57 d3 0c 57 2b e9 86 .W..W+..
2b 95 f4 c3 f8 72 79 41 +....ryA
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 65 c3 c6 c6 bb c0 1c b5 e.......
35 18 67 37 ff f3 67 3b 5.g7..g;
Key Data Length : 28
Key Data : dd 1a 00 50 f2 01 01 00 ...P....
00 50 f2 02 02 00 00 50 .P.....P
f2 04 00 50 f2 02 01 00 ...P....
00 50 f2 02 .P..
[EAP] 2005/10/31 18:49:38,500
***Received EAP packet:
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Pairwise Key-Index 0 MIC
Key Length : 0
Replay Counter : 0000000000000002
Nonce : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : 28 e9 d3 73 d2 32 40 86 (..s.2@.
05 5d 3c eb 6d ff 9e 59 .]<.m..Y
Key Data Length : 0
-->Received properly sequenced packet from supplicant for phase 4
-->PTK handshake successfully performed, configuring pairwise key into hardware
-->Switching to GTK negotiation
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 127
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Group Key-Index 1 Install ACK MIC Secure
Key Length : 32
Replay Counter : 0000000000000003
Nonce : 85 5e db 98 42 af 6d cc .^..B.m.
21 57 b6 e6 10 ab db 73 !W.....s
e5 ed 6e 99 9f 4e 34 6c ..n..N4l
4f a7 1a 36 27 d3 8d 1b O..6'...
Key IV : 09 03 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 6e 25 00 00 00 00 00 00 n%......
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : d7 20 be 5e d0 b8 0d 6f . .^...o
4d 5a 76 f5 d2 46 01 16 MZv..F..
Key Data Length : 32
Key Data : 2a 71 0d b1 cc 7b a1 b9 *q...{..
ae 16 51 c4 fa ee c3 ac ..Q.....
4a f9 88 fd f9 9a 1e 23 J......#
de f9 6f 7b 18 4c 61 04 ..o{.La.
[EAP] 2005/10/31 18:49:38,550
***Received EAP packet:
-->EAPOL Header
Protocol Version : 1
Packet Type : Key
Packet Length : 95
Key Type : 254
-->802.11i RSN Key Descriptor
Key Information : Version 1 Group Key-Index 0 MIC Secure
Key Length : 0
Replay Counter : 0000000000000003
Nonce : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key IV : 00 00 00 00 00 00 00 00 ........
00 00 00 00 00 00 00 00 ........
Key RSC : 00 00 00 00 00 00 00 00 ........
Key ID : 00 00 00 00 00 00 00 00 ........
Key MIC : e9 8f af 41 4d 2f e8 d1 ...AM/..
a4 8b 86 87 69 a8 04 de ....i...
Key Data Length : 0
-->Received properly sequenced packet from supplicant for phase 6
-->GTK handshake successfully performed, enabling client for normal data transfer
Warum kommt hier:
[EAP] 2005/10/31 18:49:37,210
***Timeout occured for negotiation with 00508df92b59 in phase 1
-->Maximum number of retries reached
-->Terminatimg session and deauthenticating client, better luck next time
... obwohl er dann doch eingebucht wird?
Am Client verstellt bei uns niemand was, weil da niemand drauf kommt!
* der Weg ist das Ziel
xfach Lancom/L54g/ag/dual/3550/821/1711/L10/I10,
3xMikrotik Server, >10 Subnetze,
>250 Endgeräte,
xfach Lancom/L54g/ag/dual/3550/821/1711/L10/I10,
3xMikrotik Server, >10 Subnetze,
>250 Endgeräte,
Moin,
dann ja geklappt hat.
sogar noch um einiges härter (wenn auch mit mehr Versuchen...). Ein
Client, der sich gerade assoziiert hat, sollte eigentlich in der Lage sein,
innerhalb von 3..4 Sekunden EAP-mäßig das Maul aufzubekommen...es
sei den, es ist eine hoffnungslos überlastete Windows-Kiste, die ihren
Supplicant erstmal wieder reinpagen muß...
Gruß Alfred
Weil's im zweiten Anlauf (den der Client direkt hinterhergeschoben hat)Warum kommt hier:
[EAP] 2005/10/31 18:49:37,210
***Timeout occured for negotiation with 00508df92b59 in phase 1
-->Maximum number of retries reached
-->Terminatimg session and deauthenticating client, better luck next time
... obwohl er dann doch eingebucht wird?
dann ja geklappt hat.
die Timeouts sind in WPA/802.11i so vorgegeben. Bei WPA2 sind siekann es sein, dass die Zeit, die der AP zur Beantwortung des ersten Pakets zur Schlüsselaushandlung abwartet zu kurz ist?
sogar noch um einiges härter (wenn auch mit mehr Versuchen...). Ein
Client, der sich gerade assoziiert hat, sollte eigentlich in der Lage sein,
innerhalb von 3..4 Sekunden EAP-mäßig das Maul aufzubekommen...es
sei den, es ist eine hoffnungslos überlastete Windows-Kiste, die ihren
Supplicant erstmal wieder reinpagen muß...
Gruß Alfred
“There is no death, there is just a change of our cosmic address."
-- Edgar Froese, 1944 - 2015
-- Edgar Froese, 1944 - 2015
Mahlzeit,
unsere Clients sind alles Linksys WET54G, die bis jetzt ohne Probleme liefen und auch wieder laufen.
An "zugequetschten" Windoofs Rechnern kann es also nicht liegen...
Wir können es uns bis jetzt nicht erklären.
Soll die Aushandlung auf WPA1 oder WPA2 stehen?
Im Moment ist WPA1/2 aktiv.
Grüße, experde
An "zugequetschten" Windoofs Rechnern kann es also nicht liegen...
Wir können es uns bis jetzt nicht erklären.
Soll die Aushandlung auf WPA1 oder WPA2 stehen?
Im Moment ist WPA1/2 aktiv.
Grüße, experde
* der Weg ist das Ziel
xfach Lancom/L54g/ag/dual/3550/821/1711/L10/I10,
3xMikrotik Server, >10 Subnetze,
>250 Endgeräte,
xfach Lancom/L54g/ag/dual/3550/821/1711/L10/I10,
3xMikrotik Server, >10 Subnetze,
>250 Endgeräte,