my80211.com

Thursday

Dec152011

Basic Cisco AP Debugging - Autonomous IOS

Thursday, December 15, 2011 at 7:54PM

A great post from Aaron Leonard (Cisco TAC)

These are debugs that you can collect while logged into the IOS CLI.

Basic setup

If you see a prompt that ends in a right angle bracket, like this:

ap>

it means that you are in unprivileged mode, so get privileged (which shows a # prompt):

ap>enable

Password:

ap#

(default username/password on APs is "Cisco".)

Configure NTP, timestamps, line timeout

ap#configure terminal

ap(config)#sntp server 1.2.3.4

ap(config)#service timestamp debug datetime msec

ap(config)#service timestamp log datetime msec

ap(config)#logging rate-limit 500

ap(config)#no logging console

[1]

ap(config)#line con 0

ap(config-line)#no exec-timeout

ap(config-line)#line vty 0 4

ap(config-line)#no exec-timeout

ap(config)#exit

ap#write (if you wan to to save the configuration changes to NVRAM)

[1] if you're going to generate debug messages at an extremely high rate, should be sure to turn off console logging, otherwise the AP will hang. (If your access is via the console, then of course you would need some other way to see the debugs then - e.g.

write them to a logging buffer, or to an external syslog server

. Or

increase the console port speed to 115200

Collecting debugs from telnet or ssh session

Telnet/ssh into the AP, then enter the command "terminal monitor". The debug messages will be written to your terminal window. To save the messages, configure your terminal emulator accordingly.

Collecting debugs from a console session

Some development special debug output will be written only to the console. So in such a case, you must connect a serial cable to the AP's console port and access this cable via a terminal emulator program (e.g. Windows Hyperterminal talking to a PC COM port.) The default console port speed is 9600 bps which is too slow to collect a large volume of debugs - so increase the speed to 115200 bps, its maximum:

ap#configure terminal

ap(config)#logging console
ap(config)#line con 0

ap(config-line)#no exec-timeout
ap(config-file)#speed 115200

at this point, the terminal emulator program on the serial line will no longer be able to communicate with the console port, till you reset its speed to 115200 bps to match.

Radio names

The radios are usually called Dot11Radio0 (2.4GHz) and Dot11Radio1 (5GHz.)

ajax#show ip int brief
Interface                  IP-Address      OK? Method Status                Protocol
BVI1                       10.0.47.21      YES DHCP   up                    up  
Dot11Radio0                unassigned      YES unset  up                    up  
Dot11Radio1                unassigned      YES unset  administratively down down
FastEthernet0              unassigned      YES other  up                    up 

You can abbreviate them to do0 and do1:

ajax#show controller do0
[...]
Radio AIR-AP1131G, Base Address 0012.44b3.e000, BBlock version 0.00, Software version 6.20.6
[...]
Configured Frequency: 2442 MHz  Channel 7

Basic show commands

radio information

ajax#show interface dot11radio0
ajax#show controller dot11radio0

client information

ajax#show dot11 associations
ajax#show dot11 associations all

AP information

ajax#show config     <= configuration (from NVRAM)
ajax#show run          <= configuration (in memory)
ajax#show version     <= model, version info
ajax#show tech          <= everything - do "term length 0" first

Other basic commands

ajax#clear dot11 client 0011.2233.4455  <= deauthenticate a client
ajax#clear int dot11radio0              <= reset a radio
ajax#reload                    <= reboot the AP

Basic debug commands

radio debugs

ajax#no debug dot11 dot11radio0 print printf <= sometimes necessary to get radio debugs to log correctly

ajax#debug dot11 dot11radio0 trace print ?    <= show list of flags
-- example:
-- debug dot11 dot11radio0 trace print mgmt keys  <= mgmt frames & keying

dot1x/RADIUS debugs

ajax#debug dot11 aaa authenticator state-machine
ajax#debug dot11 aaa authenticator txdata
ajax#debug dot11 aaa authenticator rxdata
ajax#debug radius

Example debug output

This example uses all of the above listed debugs. This shows a client being deauthed, then successfully associating in LEAP with WPA2/AES. Note that the messages aren't all logged in order, i.e. the 802.11 association response sent by the AP is logged after the EAP ID-Request message is logged.

ajax#clear dot11 client 0040.96b4.7e8f
ajax#
Dec  5 23:14:58.537: %DOT11-6-DISASSOC: Interface Dot11Radio0, Deauthenticating Station 0040.96b4.7e8f Reason: Previous authentication no longer valid
Dec  5 23:14:58.619: 2149F234 t 1     0  - C040 13A B47E8F B3E000 B3E000 8250 deauth l 2
        reason 2
Dec  5 23:14:58.623: 214A02B6-0 0040.96b4.7e8f- delete session key
Dec  5 23:15:02.184: 218059FB r 1      75/ 13- B000 130 B3E000 B47E8F B3E000 0290 auth l 6
        algorithm 128
        sequence 1
        status 0
Dec  5 23:15:02.185: 21805E40 t 1     0  - B000 13A B47E8F B3E000 B3E000 84B0 auth l 6
        algorithm 128
        sequence 2
        status 0
Dec  5 23:15:02.186: 218064A6 r 1      76/ 12- 0000 130 B3E000 B47E8F B3E000 02A0 assreq l 141
        cap 431 infra privacy shorthdr
        listen interval 10
        ssid LEaP
        rates 2 4 B C 12 16 18 24
        extrates 30 48 60 6C
        rsn1 mcst aes ucst aes keymgmt wpa2 cap 2800
        221 - 0 50 F2 2 0 1 0
        aironet AARON-GW-XP load 0 clients 0 hops 0 device 87-0
                refresh 10 CW 0-0 flags 18 distance 0
        IP 10.0.47.206 0
        221 - 0 40 96 1 1 0
        ccxver 5
        221 - 0 40 96 14 7
Dec  5 23:15:02.188: dot11_auth_dot1x_send_id_req_to_client: Sending identity request to 0040.96b4.7e8f
Dec  5 23:15:02.189: EAPOL pak dump tx
Dec  5 23:15:02.189: EAPOL Version: 0x1  type: 0x0  length: 0x0028
Dec  5 23:15:02.189: EAP code: 0x1  id: 0x1  length: 0x0028 type: 0x1
01806BC0:                   01000028 01010028          ...(...(
01806BD0: 01006E65 74776F72 6B69643D 4C456150  ..networkid=LEaP
01806BE0: 2C6E6173 69643D61 6A61782C 706F7274  ,nasid=ajax,port
01806BF0: 69643D30                             id=0
Dec  5 23:15:02.190: dot11_auth_dot1x_send_id_req_to_client: Client 0040.96b4.7e8f timer started for 30 seconds
Dec  5 23:15:02.190: 21806A65-0 0040.96b4.7e8f- session key type 200 len 16, idx: 1, E2164DEDE9F1AA1D
Dec  5 23:15:02.191: 21807239 t 1     0  - 1000 13A B47E8F B3E000 B3E000 84C0 assrsp l 113
        cap 431 infra privacy shorthdr
        status 0
        aid C001
        rates 82 84 8B C 12 96 18 24
        extrates 30 48 60 6C
        aironet ajax load 0 clients 0 hops 0 device 89-2700
                refresh 10 CW 15-1023 flags 1 distance 0
        IP 10.0.47.21 1
        ccxver 5
        221 - 0 40 96 B 9
        221 - 0 40 96 14 1
        221 - 0 50 F2 2 1 1 8C 0 3 A4 0 0 27 A4 0 0 42 43 BC 0 62 32 66 0
Dec  5 23:15:02.192: 218076D6 t 1     0  - 8802 13A B47E8F B3E000 B3E000 C730 q7 l54
  EAP id 1 req ident 0 "networkid=LEaP,nasid=ajax,portid=0"
Dec  5 23:15:02.205: 2180ACD3 r 1      75/ 13- 0801 130 B3E000 B47E8F B3E000 02B0 l21
   0100 0009 0201 0009 016C 6561 7000 0000 0000 0000 00
Dec  5 23:15:02.205: EAPOL pak dump rx
Dec  5 23:15:02.205: EAPOL Version: 0x1  type: 0x0  length: 0x0009
Dec  5 23:15:02.205: EAP code: 0x2  id: 0x1  length: 0x0009 type: 0x1
01803280: 01000009 02010009 016C6561 70        .........leap
Dec  5 23:15:02.206: dot11_auth_dot1x_run_rfsm: Executing Action(CLIENT_WAIT,CLIENT_REPLY) for 0040.96b4.7e8f
Dec  5 23:15:02.206: dot11_auth_dot1x_send_response_to_server: Sending client 0040.96b4.7e8f data to server
Dec  5 23:15:02.206: dot11_auth_dot1x_send_response_to_server: Started timer server_timeout 60 seconds
Dec  5 23:15:02.207: RADIUS/ENCODE(00000B86):Orig. component type = DOT11
Dec  5 23:15:02.207: RADIUS:  AAA Unsupported Attr: ssid              [265] 4
Dec  5 23:15:02.207: RADIUS:   4C 45                                            [LE]
Dec  5 23:15:02.207: RADIUS:  AAA Unsupported Attr: interface         [157] 4
Dec  5 23:15:02.208: RADIUS:   33 31                                            [31]
Dec  5 23:15:02.208: RADIUS(00000B86): Config NAS IP: 0.0.0.0
Dec  5 23:15:02.208: RADIUS/ENCODE(00000B86): acct_session_id: 2948
Dec  5 23:15:02.208: RADIUS(00000B86): sending
Dec  5 23:15:02.208: RADIUS/ENCODE: Best Local IP-Address 10.0.47.21 for Radius-Server 10.0.47.20
Dec  5 23:15:02.208: RADIUS(00000B86): Send Access-Request to 10.0.47.20:1812 id 1645/10, len 123
Dec  5 23:15:02.209: RADIUS:  authenticator 4B A2 CB 82 2F BD 4A DA - E8 78 72 BA 6B A3 04 16
Dec  5 23:15:02.209: RADIUS:  User-Name           [1]   6   "leap"
Dec  5 23:15:02.209: RADIUS:  Framed-MTU          [12]  6   1400
Dec  5 23:15:02.209: RADIUS:  Called-Station-Id   [30]  16  "0012.44b3.e000"
Dec  5 23:15:02.209: RADIUS:  Calling-Station-Id  [31]  16  "0040.96b4.7e8f"
Dec  5 23:15:02.209: RADIUS:  Service-Type        [6]   6   Login                     [1]
Dec  5 23:15:02.209: RADIUS:  Message-Authenticato[80]  18
Dec  5 23:15:02.209: RADIUS:   C2 F3 BA 46 5D CC A7 56 6F 75 CD D5 CF 71 A1 F2  [???F]??Vou???q??]
Dec  5 23:15:02.210: RADIUS:  EAP-Message         [79]  11
Dec  5 23:15:02.210: RADIUS:   02 01 00 09 01 6C 65 61 70                       [?????leap]
Dec  5 23:15:02.210: RADIUS:  NAS-Port-Type       [61]  6   802.11 wireless           [19]
Dec  5 23:15:02.210: RADIUS:  NAS-Port            [5]   6   3196
Dec  5 23:15:02.210: RADIUS:  NAS-Port-Id         [87]  6   "3196"
Dec  5 23:15:02.210: RADIUS:  NAS-IP-Address      [4]   6   10.0.47.21
Dec  5 23:15:02.215: RADIUS: Received from id 1645/10 10.0.47.20:1812, Access-Challenge, len 116
Dec  5 23:15:02.216: RADIUS:  authenticator 89 E3 9A 73 09 D3 BC C7 - F5 3B 33 C4 1F 0D 71 25
Dec  5 23:15:02.216: RADIUS:  EAP-Message         [79]  22
Dec  5 23:15:02.216: RADIUS:   01 02 00 14 11 01 00 08 C2 F9 E3 AE 90 E0 5E 4D  [??????????????^M]
Dec  5 23:15:02.216: RADIUS:   6C 65 61 70                                      [leap]
Dec  5 23:15:02.216: RADIUS:  Session-Timeout     [27]  6   10
Dec  5 23:15:02.216: RADIUS:  State               [24]  50
Dec  5 23:15:02.217: RADIUS:   C2 F9 E3 AE 90 E0 5E 4D 00 00 00 00 00 00 00 00  [??????^M????????]
Dec  5 23:15:02.217: RADIUS:   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  [????????????????]
Dec  5 23:15:02.217: RADIUS:   24 B7 93 97 FE D4 04 23 78 5C 05 87 75 00 17 6C  [$??????#x\??u??l]
Dec  5 23:15:02.217: RADIUS:  Message-Authenticato[80]  18
Dec  5 23:15:02.217: RADIUS:   B6 9B A4 4B A5 A0 81 5B CC 75 58 42 A9 3F C1 C3  [???K???[?uXB????]
Dec  5 23:15:02.218: RADIUS(00000B86): Received from id 1645/10
Dec  5 23:15:02.218: RADIUS/DECODE: EAP-Message fragments, 20, total 20 bytes
Dec  5 23:15:02.219: dot11_auth_dot1x_run_rfsm: Executing Action(SERVER_WAIT,SERVER_REPLY) for 0040.96b4.7e8f
Dec  5 23:15:02.219: dot11_auth_dot1x_send_response_to_client: Forwarding server message to client 0040.96b4.7e8f
Dec  5 23:15:02.219: EAPOL pak dump tx
Dec  5 23:15:02.219: EAPOL Version: 0x1  type: 0x0  length: 0x0014
Dec  5 23:15:02.219: EAP code: 0x1  id: 0x2  length: 0x0014 type: 0x11
01800CB0:                   01000014 01020014          ........
01800CC0: 11010008 C2F9E3AE 90E05E4D 6C656170  ....Byc..`^Mleap
01800CD0:
Dec  5 23:15:02.220: dot11_auth_dot1x_send_response_to_client: Started timer client_timeout 10 seconds
Dec  5 23:15:02.221: 2180EC54 t 1     0  - 8802 13A B47E8F B3E000 B3E000 C740 q7 l54
  EAP id 2 req leap 0100 08C2 F9E3 AE90 E05E 4D6C 6561 70
Dec  5 23:15:02.224: EAPOL pak dump rx
Dec  5 23:15:02.224: EAPOL Version: 0x1  type: 0x0  length: 0x0024
Dec  5 23:15:02.224: EAP code: 0x2  id: 0x2  length: 0x0024 type: 0x11
01807E10: 01000024 02020024 11010018 75682898  ...$...$....uh(.
01807E20: 897FB670 FA732F1A 09B92150 B21EF0F2  ..6pzs/..9!P2.pr
01807E30: 044CDEE4 6C656170                    .L^dleap
Dec  5 23:15:02.225: dot11_auth_dot1x_run_rfsm: Executing Action(CLIENT_WAIT,CLIENT_REPLY) for 0040.96b4.7e8f
Dec  5 23:15:02.225: dot11_auth_dot1x_send_response_to_server: Sending client 0040.96b4.7e8f data to server
Dec  5 23:15:02.225: dot11_auth_dot1x_send_response_to_server: Started timer server_timeout 60 seconds
Dec  5 23:15:02.226: RADIUS/ENCODE(00000B86):Orig. component type = DOT11
Dec  5 23:15:02.226: RADIUS:  AAA Unsupported Attr: ssid              [265] 4
Dec  5 23:15:02.226: RADIUS:   4C 45                                            [LE]
Dec  5 23:15:02.226: RADIUS:  AAA Unsupported Attr: interface         [157] 4
Dec  5 23:15:02.226: RADIUS:   33 31                                            [31]
Dec  5 23:15:02.226: RADIUS(00000B86): Config NAS IP: 0.0.0.0
Dec  5 23:15:02.227: RADIUS/ENCODE(00000B86): acct_session_id: 2948
Dec  5 23:15:02.227: RADIUS(00000B86): sending
Dec  5 23:15:02.227: RADIUS/ENCODE: Best Local IP-Address 10.0.47.21 for Radius-Server 10.0.47.20
Dec  5 23:15:02.227: RADIUS(00000B86): Send Access-Request to 10.0.47.20:1812 id 1645/11, len 200
Dec  5 23:15:02.227: RADIUS:  authenticator A7 50 BD F4 AA 2D 8A F3 - 92 EF 86 B2 2F 31 89 B4
Dec  5 23:15:02.228: RADIUS:  User-Name           [1]   6   "leap"
Dec  5 23:15:02.228: RADIUS:  Framed-MTU          [12]  6   1400
Dec  5 23:15:02.228: RADIUS:  Called-Station-Id   [30]  16  "0012.44b3.e000"
Dec  5 23:15:02.228: RADIUS:  Calling-Station-Id  [31]  16  "0040.96b4.7e8f"
Dec  5 23:15:02.228: RADIUS:  Service-Type        [6]   6   Login                     [1]
Dec  5 23:15:02.228: RADIUS:  Message-Authenticato[80]  18
Dec  5 23:15:02.228: RADIUS:   BA FE 70 17 A6 67 2B B3 A5 78 35 EB 6D AE 5B 36  [??p??g+??x5?m?[6]
Dec  5 23:15:02.228: RADIUS:  EAP-Message         [79]  38
Dec  5 23:15:02.229: RADIUS:   02 02 00 24 11 01 00 18 75 68 28 98 89 7F B6 70  [???$????uh(????p]
Dec  5 23:15:02.229: RADIUS:   FA 73 2F 1A 09 B9 21 50 B2 1E F0 F2 04 4C DE E4  [?s/???!P?????L??]
Dec  5 23:15:02.229: RADIUS:   6C 65 61 70                                      [leap]
Dec  5 23:15:02.229: RADIUS:  NAS-Port-Type       [61]  6   802.11 wireless           [19]
Dec  5 23:15:02.229: RADIUS:  NAS-Port            [5]   6   3196
Dec  5 23:15:02.230: RADIUS:  NAS-Port-Id         [87]  6   "3196"
Dec  5 23:15:02.230: RADIUS:  State               [24]  50
Dec  5 23:15:02.230: RADIUS:   C2 F9 E3 AE 90 E0 5E 4D 00 00 00 00 00 00 00 00  [??????^M????????]
Dec  5 23:15:02.230: RADIUS:   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  [????????????????]
Dec  5 23:15:02.230: RADIUS:   24 B7 93 97 FE D4 04 23 78 5C 05 87 75 00 17 6C  [$??????#x\??u??l]
Dec  5 23:15:02.230: RADIUS:  NAS-IP-Address      [4]   6   10.0.47.21
Dec  5 23:15:02.231: 2180F622 r 1      76/ 13- 0801 130 B3E000 B47E8F B3E000 02C0 l48
   0100 0024 0202 0024 1101 0018 7568 2898 897F B670 FA73 2F1A 09B9 2150
  B21E F0F2 044C DEE4 6C65 6170 0000 0000 0000 0000
Dec  5 23:15:02.245: RADIUS: Received from id 1645/11 10.0.47.20:1812, Access-Challenge, len 94
Dec  5 23:15:02.245: RADIUS:  authenticator FE 64 BD 35 49 E1 0C C4 - 71 F5 9E B1 DE CB 45 9D
Dec  5 23:15:02.246: RADIUS:  EAP-Message         [79]  6
Dec  5 23:15:02.246: RADIUS:   03 02 00 04                                      [????]
Dec  5 23:15:02.246: RADIUS:  State               [24]  50
Dec  5 23:15:02.246: RADIUS:   C2 F9 E3 AE 90 E0 5E 4D 75 68 28 98 89 7F B6 70  [??????^Muh(????p]
Dec  5 23:15:02.246: RADIUS:   FA 73 2F 1A 09 B9 21 50 B2 1E F0 F2 04 4C DE E4  [?s/???!P?????L??]
Dec  5 23:15:02.247: RADIUS:   D4 2C 1C 1C 49 4D 60 80 BC BC AF FC 91 78 37 92  [?,??IM`??????x7?]
Dec  5 23:15:02.247: RADIUS:  Message-Authenticato[80]  18
Dec  5 23:15:02.247: RADIUS:   6E 86 16 34 26 7B 27 89 53 32 0A 49 DE 4E 65 FC  [n??4&{'?S2?I?Ne?]
Dec  5 23:15:02.247: RADIUS(00000B86): Received from id 1645/11
Dec  5 23:15:02.248: RADIUS/DECODE: EAP-Message fragments, 4, total 4 bytes
Dec  5 23:15:02.248: dot11_auth_dot1x_run_rfsm: Executing Action(SERVER_WAIT,SERVER_REPLY) for 0040.96b4.7e8f
Dec  5 23:15:02.248: dot11_auth_dot1x_send_response_to_client: Forwarding server message to client 0040.96b4.7e8f
Dec  5 23:15:02.248: EAPOL pak dump tx
Dec  5 23:15:02.248: EAPOL Version: 0x1  type: 0x0  length: 0x0004
Dec  5 23:15:02.248: EAP code: 0x3  id: 0x2  length: 0x0004
01808F20: 01000004 03020004                    ........
Dec  5 23:15:02.249: dot11_auth_dot1x_send_response_to_client: Started timer client_timeout 30 seconds
Dec  5 23:15:02.250: 21815D4C t 1     0  - 8802 13A B47E8F B3E000 B3E000 C750 q7 l54
  EAP id 2 success
Dec  5 23:15:02.255: EAPOL pak dump rx
Dec  5 23:15:02.255: EAPOL Version: 0x1  type: 0x0  length: 0x0014
Dec  5 23:15:02.255: EAP code: 0x1  id: 0x2  length: 0x0014 type: 0x11
01804390: 01000014 01020014 11010008 496A7925  ............Ijy%
018043A0: 08614014 6C656170                    .a@.leap
Dec  5 23:15:02.256: dot11_auth_dot1x_run_rfsm: Executing Action(CLIENT_WAIT,CLIENT_REPLY) for 0040.96b4.7e8f
Dec  5 23:15:02.256: dot11_auth_dot1x_send_response_to_server: Sending client 0040.96b4.7e8f data to server
Dec  5 23:15:02.256: dot11_auth_dot1x_send_response_to_server: Started timer server_timeout 60 seconds
Dec  5 23:15:02.257: RADIUS/ENCODE(00000B86):Orig. component type = DOT11
Dec  5 23:15:02.257: RADIUS:  AAA Unsupported Attr: ssid              [265] 4
Dec  5 23:15:02.257: RADIUS:   4C 45                                            [LE]
Dec  5 23:15:02.257: RADIUS:  AAA Unsupported Attr: interface         [157] 4
Dec  5 23:15:02.257: RADIUS:   33 31                                            [31]
Dec  5 23:15:02.258: RADIUS(00000B86): Config NAS IP: 0.0.0.0
Dec  5 23:15:02.258: RADIUS/ENCODE(00000B86): acct_session_id: 2948
Dec  5 23:15:02.258: RADIUS(00000B86): sending
Dec  5 23:15:02.258: RADIUS/ENCODE: Best Local IP-Address 10.0.47.21 for Radius-Server 10.0.47.20
Dec  5 23:15:02.258: RADIUS(00000B86): Send Access-Request to 10.0.47.20:1812 id 1645/12, len 184
Dec  5 23:15:02.258: RADIUS:  authenticator 31 78 B8 F6 26 E4 36 F1 - 88 DB 25 40 53 56 A4 B5
Dec  5 23:15:02.259: RADIUS:  User-Name           [1]   6   "leap"
Dec  5 23:15:02.259: RADIUS:  Framed-MTU          [12]  6   1400
Dec  5 23:15:02.259: RADIUS:  Called-Station-Id   [30]  16  "0012.44b3.e000"
Dec  5 23:15:02.259: RADIUS:  Calling-Station-Id  [31]  16  "0040.96b4.7e8f"
Dec  5 23:15:02.259: RADIUS:  Service-Type        [6]   6   Login                     [1]
Dec  5 23:15:02.259: RADIUS:  Message-Authenticato[80]  18
Dec  5 23:15:02.259: RADIUS:   31 01 9A B3 64 AA 5B DB 6C 76 31 AA A2 CD 3B F6  [1???d?[?lv1???;?]
Dec  5 23:15:02.259: RADIUS:  EAP-Message         [79]  22
Dec  5 23:15:02.260: RADIUS:   01 02 00 14 11 01 00 08 49 6A 79 25 08 61 40 14  [????????Ijy??a@?]
Dec  5 23:15:02.260: RADIUS:   6C 65 61 70                                      [leap]
Dec  5 23:15:02.260: RADIUS:  NAS-Port-Type       [61]  6   802.11 wireless           [19]
Dec  5 23:15:02.260: RADIUS:  NAS-Port            [5]   6   3196
Dec  5 23:15:02.260: RADIUS:  NAS-Port-Id         [87]  6   "3196"
Dec  5 23:15:02.260: RADIUS:  State               [24]  50
Dec  5 23:15:02.261: RADIUS:   C2 F9 E3 AE 90 E0 5E 4D 75 68 28 98 89 7F B6 70  [??????^Muh(????p]
Dec  5 23:15:02.261: RADIUS:   FA 73 2F 1A 09 B9 21 50 B2 1E F0 F2 04 4C DE E4  [?s/???!P?????L??]
Dec  5 23:15:02.261: RADIUS:   D4 2C 1C 1C 49 4D 60 80 BC BC AF FC 91 78 37 92  [?,??IM`??????x7?]
Dec  5 23:15:02.261: RADIUS:  NAS-IP-Address      [4]   6   10.0.47.21
Dec  5 23:15:02.262: 21816FB9 r 1      /75 12- 0801 130 B3E000 B47E8F B3E000 02D0 l32
   0100 0014 0102 0014 1101 0008 496A 7925 0861 4014 6C65 6170 0000 0000
  0000 0000
Dec  5 23:15:02.278: RADIUS: Received from id 1645/12 10.0.47.20:1812, Access-Accept, len 216
Dec  5 23:15:02.278: RADIUS:  authenticator 52 FD 9C 2F 96 3A B9 B1 - F5 C1 59 17 A7 A5 DD FD
Dec  5 23:15:02.278: RADIUS:  EAP-Message         [79]  38
Dec  5 23:15:02.278: RADIUS:   02 02 00 24 11 01 00 18 AC BD 25 1F 89 7B CB 6F  [???$?????????{?o]
Dec  5 23:15:02.279: RADIUS:   42 08 3B 37 62 8D 0D C7 78 9F 11 E3 5C D9 5B F1  [B?;7b???x???\?[?]
Dec  5 23:15:02.279: RADIUS:   6C 65 61 70                                      [leap]
Dec  5 23:15:02.279: RADIUS:  Vendor, Cisco       [26]  59
Dec  5 23:15:02.279: RADIUS:   Cisco AVpair       [1]   53  "leap:session-key=?
p<k2}l;q`o)2AHP2K%GXD>G:"
Dec  5 23:15:02.279: RADIUS:  Vendor, Cisco       [26]  31
Dec  5 23:15:02.279: RADIUS:   Cisco AVpair       [1]   25  "auth-algo-type=eap-leap"
Dec  5 23:15:02.279: RADIUS:  State               [24]  50
Dec  5 23:15:02.280: RADIUS:   C2 F9 E3 AE 90 E0 5E 4D 75 68 28 98 89 7F B6 70  [??????^Muh(????p]
Dec  5 23:15:02.280: RADIUS:   FA 73 2F 1A 09 B9 21 50 B2 1E F0 F2 04 4C DE E4  [?s/???!P?????L??]
Dec  5 23:15:02.280: RADIUS:   D4 2C 1C 1C 49 4D 60 80 BC BC AF FC 91 78 37 92  [?,??IM`??????x7?]
Dec  5 23:15:02.280: RADIUS:  Message-Authenticato[80]  18
Dec  5 23:15:02.280: RADIUS:   A4 B6 3E 73 9D C0 5E 01 EB 1F 6A 57 D7 44 4C DF  [??>s??^???jW?DL?]
Dec  5 23:15:02.281: RADIUS(00000B86): Received from id 1645/12
Dec  5 23:15:02.281: RADIUS/DECODE: EAP-Message fragments, 36, total 36 bytes
Dec  5 23:15:02.281: found leap session key
Dec  5 23:15:02.282: dot11_auth_dot1x_run_rfsm: Executing Action(SERVER_WAIT,SERVER_PASS) for 0040.96b4.7e8f
Dec  5 23:15:02.282: dot11_auth_dot1x_send_response_to_client: Forwarding server message to client 0040.96b4.7e8f
Dec  5 23:15:02.282: EAPOL pak dump tx
Dec  5 23:15:02.282: EAPOL Version: 0x1  type: 0x0  length: 0x0024
Dec  5 23:15:02.282: EAP code: 0x2  id: 0x2  length: 0x0024 type: 0x11
01804AE0: 01000024 02020024 11010018 ACBD251F  ...$...$....,=%.
01804AF0: 897BCB6F 42083B37 628D0DC7 789F11E3  .{KoB.;7b..Gx..c
01804B00: 5CD95BF1 6C656170                    \Y[qleap
Dec  5 23:15:02.283: dot11_auth_dot1x_send_response_to_client: Started timer client_timeout 30 seconds
Dec  5 23:15:02.284: 2181E306 t 1     0  - 8802 13A B47E8F B3E000 B3E000 C760 q7 l54
  EAP id 2 resp leap 0100 18AC BD25 1F89 7BCB 6F42 083B 3762 8D0D C778 9F11
  E35C D95B F16C 6561 70
Dec  5 23:15:02.286: 2181EA22 t 1     0  - 8802 13A B47E8F B3E000 B3E000 C770 q7 l129
  EAPOL2 EAPOL key desc 02  008A 0010 0000 0000 0000 0001 5AD9 47C1 D022
  5AE4 6C06 F77E AFD2 B48A D7CD 4D05 1510 DF8C F732 7D69 E62D A592 0000 0000
Dec  5 23:15:02.298: 21821818 r 1      /76 14- 0801 130 B3E000 B47E8F B3E000 02E0 l161
   0103 0095 0201 0A00 0000 0000 0000 0000 01B1 3B6A A511 28C1 8CD6 A90B
  8797 8C2F F115 1D9A 95C1 9BE1 C07E E9A8 9AA7 86C2 B500 0000 0000 0000 0000
Dec  5 23:15:02.302: 218227E8 t 1     0  - 8802 13A B47E8F B3E000 B3E000 C780 q7 l179
  EAPOL2 EAPOL key desc 02  13CA 0010 0000 0000 0000 0002 5AD9 47C1 D022
  5AE4 6C06 F77E AFD2 B48A D7CD 4D05 1510 DF8C F732 7D69 E62D A592 0000 0000
Dec  5 23:15:02.312: 21824F9A r 1      /76 15- 0801 130 B3E000 B47E8F B3E000 02F0 l107
   0103 005F 0203 0A00 0000 0000 0000 0000 0200 0000 0000 0000 0000 0000
  0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
Dec  5 23:15:02.313: %DOT11-6-ASSOC: Interface Dot11Radio0, Station AARON-GW-XP 0040.96b4.7e8f Associated KEY_MGMT[WPAv2]
Dec  5 23:15:02.314: 218252AE-0 0040.96b4.7e8f- session key type 200 len 16, idx: 0, B0DC14798C4898C6

More info

Quick Start Guide Cisco Aironet 1240AG Series Access Point

Configuration Guide

AP Command Reference

George |

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

Post a New Comment

Enter your information below to add a new comment.

My response is on my own website »

Author:

Author Email (optional):

Author URL (optional):

Post:

↓ | ↑

Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>