Shulou(Shulou.com)06/01 Report--

Environment introduction:

Authentication server

192.168.13.253

AC

192.168.13.252

The process of grasping the package:

1. Install wireshark. There is a wireshark installation package in the ${DKEY AM} / Utilities directory under the default installation path of Ningdun wifi. You can install it directly. The specific installation process is brief. 2. Add the Portal protocol analysis plug-in. For more information, please see the attached portal protocol analysis plug-in .zip (114.59 KB, download times: 894)

3. Run wireshark to select the network card, for example, the network card used by my authentication server is a local link, as shown in the figure:

4. Filter portal | | radius message:

Portal authentication process

Report a text field description

Ver

The Ver field is the version number of the protocol, which is 1 byte long, and the currently defined value is 0x01.

Type

The Type field defines the type of message, which is 1 byte long, and its value is currently defined as shown in Table 6-1.

Message type

Type

Value

Direction

Meaning

REQ_CHALLENGE

0x01

Client- > Server

Request Challenge message sent by Portal Server to AC device

ACK_CHALLENGE

0x02

ClientServer

Request authentication message sent by Portal Server to AC device

ACK_AUTH

0x04

ClientServer

If the ErrCode field value is 0x00, it means that the message is the request user offline message sent by Portal Server to the AC device; if the ErrCode field value is 0x01, it means that the message is the timeout message sent by Portal Server, because various requests sent by Portal Server have not received the response message within the specified time.

ACK_LOGOUT

0x06

ClientServer

The confirmation message of Portal Server to the received authentication success response message

NTF_LOGOUT

0x08

Server-- > Client

The user is forced to go offline notification message.

REQ_INFO

0x09

Client-- > Server

Information inquiry message

ACK_INFO

0x0a

Server-- > Client

Reply message for information inquiry

Pap/Chap

The Pap/Chap field defines the authentication method of this user, which is 1 byte in length and is only meaningful for authentication request messages with a type value of 0x03:

Chap authentication-value is 0x00

Pap authentication-value is 0x01

Rsv

Rsv is currently a reserved field with a length of 1 byte and a value of 0 in all messages

SerialNo

(1) the SerialNo field is the sequence number of the message with a length of 2 bytes, which is randomly generated by Portal Server. Portal Server must try its best to ensure that the SerialNo of different authentication processes is not duplicated within a certain period of time, and that the SerialNo of all messages in the same authentication process is the same.

(2) messages sent by Portal Server to AC equipment

A. The SerialNo of request messages with type values of 1 and 3 sent by Portal Server are all randomly generated.

B. The SerialNot value of the (REQ_LOGOUT) message sent by Portal Server to the AC device is divided into two cases: when the ErrCode is 0 (requesting the user to log off), the SerialNovalue is a randomly generated number; when the ErrCode is 1, the SerialNovalue may be the same as the message with a type value of 1 or 3 (request challenge timeout, or request authentication timeout), depending on whether the request Challenge timeout or the request authentication timeout

C. The authentication success confirmation message sent by Portal Server to the AC device (the message with a type value of 7) SerialNo is the same as the SerialNo of the corresponding request message; for example, for a message with a type value of 7, the SerialNot value is the same as the request authentication message with a type value of 3

(3) the SerialNo of each response message sent by the AC device to PortalServer must be the same as the SerialNo of the corresponding request message sent by PortalServer, otherwise PortalServer will lose the response message sent from the AC device; for example, the SerialNot value of a message with a type value of 2 must be the same as that of a message with a type value of 1, a message with a type value of 4 must have the same SerialNovalue as a message with a type value of 3, and a message with a type value of 6 must have the same SerialNovalue as a message with a type value of 5.

ReqID

(1) the length of the ReqID field is 2 bytes, which is randomly generated by the AC device to ensure that the ReqID is not repeated within a certain period of time.

(2) in Chap authentication:

A. The AC device tells Portal Server the value of the ReqID in the request Challenge response message with a Type of 2 (ACK-CHALLENGE).

B. The value of the ReqID field in a message with a type value of 3,4,7 (REQ-AUTH, ACK-AUTH, AFF-ACK-AUTH) is the same as that in a message with a type value of 2.

C. In a message with a type value of 5 (REQ-LOGOUT), if the message indicates that the request Challenge timed out, the value of this field is 0; if the message indicates that the request for authentication timed out, the value of this field is the same as that in the message with a type value of 2 (ACK-CHALLENGE).

(3) in Pap authentication mode, this field is meaningless and its value is 0.

(4) in a message with a type value of 5 (REQ-LOGOUT), this field value is 0 if the message indicates a request to be offline.

(5) this field is meaningless in messages with type values of 1 and 6 (REQ-CHALLENGE, ACK-LOGOUT), and the values are all 0.

UserIP

The UserIP field is the IP address of the Portal user, which is 4 bytes long. The value is filled in by Portal Server according to the IP address obtained by Portal Server. This field must have a specific value in all messages.

UserPort

The UserPort field is not currently used. It is 2 bytes long and has a value of 0 in all messages.

ErrCode

The ErrCode field and the Type field represent a certain meaning together, and the length is 1 byte, as shown below:

(1) for messages with type values of 1, 3 and 7, the ErrCode field has no meaning and its value is 0

(2) when the type value is 2:

ErrCode=0, which indicates that the AC device tells PortalServer that the request for Challenge was successful

ErrCode=1, indicating that the AC device tells the PortalServer that the request Challenge is rejected

ErrCode=2, indicating that the AC device tells PortalServer that this link has been established

ErrCode=3, indicating that the AC device tells PortalServer that a user is in the process of authentication. Please try again later.

ErrCode=4, indicates that the AC device told PortalServer that the user's request for Challenge failed (error occurred)

(3) when the type value is 4:

ErrCode=0, indicating that the AC device told PortalServer that the user was authenticated successfully

ErrCode=1, indicating that the AC device told PortalServer that the user authentication request was denied

ErrCode=2, indicating that the AC device tells PortalServer that this link has been established

ErrCode=3, indicating that the AC device tells PortalServer that a user is in the process of authentication. Please try again later.

ErrCode=4, indicating that the AC device tells PortalServer that the user authentication failed (error occurs)

(4) when the type value is 5:

ErrCode=0, indicating that this message is a request offline message sent by Portal Server to AC device

ErrCode=1, indicating that the message is sent by PortalServer to the AC device when the PortalServer does not receive the response message from the AC device to various requests, but when the timer time expires (i.e. timeout).

(5) when the type value is 6:

ErrCode=0, which means that the AC device tells PortalServer that this user has been logged off successfully

ErrCode=1, indicating that the AC device told PortalServer that the user's offline was rejected.

ErrCode=2, indicating that the AC device told Portal Server that this user failed to go offline (error occurred)

(6) when Type is REQ_INFO, ErrCode is meaningless, its value is 0

(7) when Type is NTF_LOGOUT, ErrCode means as follows:

ErrCode

Meaning

0

Offline

(8) when Type is ACK_INFO, ErrCode means as follows:

ErrCode

Meaning

0

The processing is successful, but it does not mean that all the messages have been obtained. How much information is obtained should be judged by attributes, as detailed below.

one

The feature is not supported, indicating that the device does not support this feature

two

Message processing failed, for some unknown reason, such as query message format error and so on.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.