Repeated EAPoL-start packet sending after 802.1X authentication success

[Guest]

I had try to use XP SP2 to do 802.1X authentication with third party AP and AAA Server(Not IAS) which claimt to be complied with 802.1X standard (2001, not the recent 802.1aa draft)

I am using EAP-SIM as my authentication method which provided in the form of plugin to the XP EAP framework

The observation through Ethereal packets capture was that after first EAP-Success packet was sent to XP supplicant and the user is able to have internet access, we saw some repeated EAPoL-Start was sending out in 1 minute interval from XP supplicant to the AP authenticator, which is ignored by the AP. After around 5 to 6 such EAPoL frame, the supplicant then sent out 802.11 disassociate frame to AP and this cause the undesired disconnection problem

My questions are
1. Under which circumstances will XP SP2 EAP supplicant send out repeated EAPoL-Start, after successful EAP authentication success
2. Is this problem related to the network that using the AP and backend AAA server that does not support key rotation?(therefore "The Key is provided to me automatically" in XP configuration window is unchecked and only static WEP is used
3. To troubleshoot the problem, we try to use the backend infrastructure (AAA server and AP) which support the dynamic WEP, and change the XP setting to check on the "The Key is provided to me automatically" andwe see periodic EAPoL-Key exchange between the AP and XP client instead, which is normal and no further EAPoL-Start packets was observed. The user was not experienced disconnection problem also

Thanks.

 

[Carey Frisch [MVP]]

WARNING!
The SP2 RC1 beta technical preview is unsupported and is intended for testing purposes only.
Do not use in production environments!!!

There is a new newsgroup dedicated to SP2 RC1 beta you should post to.
Please visit the following website for information:

Welcome to Windows XP SP2 Technical Preview Newsgroups
http://communities.microsoft.com/newsgroups/default.asp?icp=xpsp2&slcid=us

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User

Be Smart! Protect your PC!
http://www.microsoft.com/security/protect/

-----------------------------------------------------------------------------------------------------------


|I had try to use XP SP2 to do 802.1X authentication with third party AP and AAA Server(Not IAS) which claimt
to be complied with 802.1X standard (2001, not the recent 802.1aa draft).
|
| I am using EAP-SIM as my authentication method which provided in the form of plugin to the XP EAP framework.
|
| The observation through Ethereal packets capture was that after first EAP-Success packet was sent to XP
supplicant and the user is able to have internet access, we saw some repeated EAPoL-Start was sending out in 1
minute interval from XP supplicant to the AP authenticator, which is ignored by the AP. After around 5 to 6
such EAPoL frame, the supplicant then sent out 802.11 disassociate frame to AP and this cause the undesired
disconnection problem.
|
| My questions are:
| 1. Under which circumstances will XP SP2 EAP supplicant send out repeated EAPoL-Start, after successful EAP
authentication success?
| 2. Is this problem related to the network that using the AP and backend AAA server that does not support key
rotation?(therefore "The Key is provided to me automatically" in XP configuration window is unchecked and only
static WEP is used)
| 3. To troubleshoot the problem, we try to use the backend infrastructure (AAA server and AP) which support
the dynamic WEP, and change the XP setting to check on the "The Key is provided to me automatically" andwe
see periodic EAPoL-Key exchange between the AP and XP client instead, which is normal and no further
EAPoL-Start packets was observed. The user was not experienced disconnection problem also.
|
| Thanks.