This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Two Android clients trying to authenticate to a RADIUS server (Windows 2008 R2). WORKING = Android version 4.4, NON-WORKING = > Android version 5.1. TLS version seems to be negotiated fine. The only difference I can see between WORKING and NON-WORKING is the number of CIPHER SUITES presented by the clients (both clients are samsung android devices).

Here are the packet captures: Working EAP Success: https://drive.google.com/file/d/0B5ttjkGSReNeRnd6dUdNb0JiNkU/view?usp=sharing

NOT WORKING eap failure: https://drive.google.com/file/d/0B5ttjkGSReNeb0dDdllsd19INkE/view?usp=sharing

asked 06 Jan '16, 11:03

deckhopper's gravatar image

deckhopper
6113
accept rate: 0%

edited 06 Jan '16, 11:05

I looked at both file captures. I was able to see up to the UDP layer, but after that the Data portion was still encoded. Were you able to "see" EAP decoded information in the Packet Details section of Wireshark?

(08 Jan '16, 05:24) Amato_C

@deckhopper: Can you please add instructions how you successfully decoded these pcap files as TLS traffic in Wireshark (including the Wireshark version)?

(09 Jan '16, 12:05) Kurt Knochner ♦
Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×75
×37
×4
×3

question asked: 06 Jan '16, 11:03

question was seen: 1,616 times

last updated: 09 Jan '16, 12:05

p​o​w​e​r​e​d by O​S​Q​A