i want to implement peap for my wifi connection. I have set up the access point(D-Link DWL 2100 AP) for using FreeRADIUS 2.1 For authentication.Whenever i send a request from the client to the server,the server fails to authenticate the client. What happens can be seen in the debug code attached below.The problem may be due to the fact that the server certificate used requires to be signed by special XP extensions but i am not sure about it.I am currently using the default certificates created when FreeRADIUS 2.1 is first installed.Can anyone please tell me why the error is occuring and what the remedy for this is??<br>
I am using Fedora 8 as server.<br><br>Debug output for FreeRADIUS is as follows:<br><br>[eap] Request found, released from the list<br>[eap] EAP NAK<br>[eap] EAP-NAK asked for EAP-Type/peap<br>[eap] processing type tls<br>
[tls] Initiate<br>[tls] Start returned 1<br>++[eap] returns handled<br>Sending Access-Challenge of id 1 to 192.168.1.250 port 1034<br> EAP-Message = 0x010200061920<br> Message-Authenticator = 0x00000000000000000000000000000000<br>
State = 0x9927156798250cebdde85f1a77c9228b<br>Finished request 9.<br>Going to the next request<br>Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 192.168.1.250 port 1034, id=2, length=290<br>
Message-Authenticator = 0xf65b54a824859ff5858d51b34bb2ea0a<br> Service-Type = Framed-User<br> User-Name = "<a href="http://ITDEPT.COM">ITDEPT.COM</a>\\scoe\000"<br> Framed-MTU = 1488<br>
State = 0x9927156798250cebdde85f1a77c9228b<br> Called-Station-Id = "00-17-9A-09-C4-DD:scoeit"<br> Calling-Station-Id = "00-13-02-12-16-6E"<br> NAS-Identifier = "D-Link Access Point"<br>
NAS-Port-Type = Wireless-802.11<br> Connect-Info = "CONNECT 54Mbps 802.11g"<br> EAP-Message = 0x0202005019800000004616030100410100003d030149b8c76c86fa22fb3b65c1a3da9d93f69b65a4f9489aaffaa42657f64516c2f600001600040005000a000900640062000300060013001200630100<br>
NAS-IP-Address = 192.168.1.250<br> NAS-Port = 1<br> NAS-Port-Id = "STA port # 1"<br>+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>
[suffix] No '@' in User-Name = "<a href="http://ITDEPT.COM">ITDEPT.COM</a>\scoe", looking up realm NULL<br>[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] EAP packet type response id 2 length 80<br>
[eap] Continuing tunnel setup.<br>++[eap] returns ok<br>Found Auth-Type = EAP<br>+- entering group authenticate {...}<br>[eap] Request found, released from the list<br>[eap] EAP/peap<br>[eap] processing type peap<br>[peap] processing EAP-TLS<br>
TLS Length 70<br>[peap] Length Included<br>[peap] eaptls_verify returned 11 <br>[peap] (other): before/accept initialization <br>[peap] TLS_accept: before/accept initialization <br>[peap] <<< TLS 1.0 Handshake [length 0041], ClientHello <br>
[peap] TLS_accept: SSLv3 read client hello A <br>[peap] >>> TLS 1.0 Handshake [length 002a], ServerHello <br>[peap] TLS_accept: SSLv3 write server hello A <br>[peap] >>> TLS 1.0 Handshake [length 03b0], Certificate <br>
[peap] TLS_accept: SSLv3 write certificate A <br>[peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone <br>[peap] TLS_accept: SSLv3 write server done A <br>[peap] TLS_accept: SSLv3 flush data <br>
[peap] TLS_accept: Need to read more data: SSLv3 read client certificate A<br>In SSL Handshake Phase <br>In SSL Accept mode <br>[peap] eaptls_process returned 13 <br>[peap] EAPTLS_HANDLED<br>++[eap] returns handled<br>
Sending Access-Challenge of id 2 to 192.168.1.250 port 1034<br> EAP-Message = 0x010303f31900160301002a02000026030149b8c79ad72fa31c2fc8459b30bd15126d3e5d6c74b1cb5228c06435c81fa6440000040016030103b00b0003ac0003a90003a6308203a23082028aa003020102020102300d06092a864886f70d0101040500308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479301e170d<br>
EAP-Message = 0x3039303232373139323130325a170d3130303232373139323130325a307c310b3009060355040613024652310f300d0603550408130652616469757331153013060355040a130c4578616d706c6520496e632e312330210603550403131a4578616d706c65205365727665722043657274696669636174653120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100ac916a34fdc11effd3bf47f5e73c79237047fe7f11563c666003ddfc4d734778cf075ee5998c76f03bf71fa77f53e08588af1dcb33f926a1404901e5d8008e613952<br>
EAP-Message = 0x979ae3c175d60f86c9c0ae82c554378f11f0cf9302931b3888dc716df066a15c655817bd3cc6617cb6feb8e2f41ad9531b68cddece4f8ebe50581111d673463cd9a00198eb4d43adefaa1322618e20d7fe3c5408d3a2329be135a664bf99f281b2b8c1810be4fb1b0cee61b7f943e9eac630a69865faeba4a4206f4bb89c8b27ecbd8e9545615a030151559b539a8c533f5b9779d1c4eb22279c0b5409eb2e242878bff8ac400c10f0fd81e15e246f85d940182be0a60a4a4399cc0bd0a70203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d010104050003820101001b2311c96ac3ee97d6ecfd99e8<br>
EAP-Message = 0x0adfa8b3b89b7481c139127c0a69572763e40b467f29150c33c33ac9a582fe1c591bd4150d769c0e35195182835bc301441bbb8235a3cdcabf877b8652ce74782d0045114312dd6c214e67adc2ebc59b7330e5fdba13a5e28be5cfdaa4d2e5eaa84e5c500df001989d673ec3ee37cd4b2404722233d2f5ab442e691ff244653402d1b22260370262bee269a518e02bb0b47452aeb51465d047fc83f9075914ba86efbc202b60d5e9ce652ce28561edb25ec4e49cae1a3762672a85ad2bc11efc117481b7de96613d83438a712c589b5f6aef84c695f516c87a6b1f17bfe69446e4e9e7b03fe9f5553486e8dd1aa28d6b36a47216030100040e000000<br>
Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0x992715679b240cebdde85f1a77c9228b<br>Finished request 10.<br>Going to the next request<br>Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 192.168.1.250 port 1034, id=3, length=532<br>
Message-Authenticator = 0xc54164092ed8dc2f09a7418d5560f076<br> Service-Type = Framed-User<br> User-Name = "<a href="http://ITDEPT.COM">ITDEPT.COM</a>\\scoe\000"<br> Framed-MTU = 1488<br>
State = 0x992715679b240cebdde85f1a77c9228b<br> Called-Station-Id = "00-17-9A-09-C4-DD:scoeit"<br> Calling-Station-Id = "00-13-02-12-16-6E"<br> NAS-Identifier = "D-Link Access Point"<br>
NAS-Port-Type = Wireless-802.11<br> Connect-Info = "CONNECT 54Mbps 802.11g"<br> EAP-Message = 0x0203014019800000013616030101061000010201000c969749c74343d53a00c5cd79f5301ddf1fdc7283cd04a8f1083c17e1944c5c7cbed10b12ee27e4b5d4eb1430e87e9f739302bc725d88acd7f03e5db8b5cd7d9d89cd283ade84801b26aa4e337d4b31589f1bf73c906348443555a170e26ba0ec25df48d057c543282027d39982bfd922e3efc5fea974147b2a1439ef3be601084102ab0c4974ef2dde486b00c9b5110a812bf2a4913ed711ae9b749c45779344535984212c852b5bc1056d1389d51ae647fe6341fcc24109f379da2762aa8def42675dc0472220927b6b0b3f93082ab8ab06df5dfb76e4645dda6ddd2c588229ad183ca921501b<br>
EAP-Message = 0xa3bbac963e046ef6c7c96392af28b267d494957e189efda814030100010116030100201f15bf9882f5f81840a2f0b88eacf2b32487bec7a66273e6bae9f5899090f568<br> NAS-IP-Address = 192.168.1.250<br> NAS-Port = 1<br>
NAS-Port-Id = "STA port # 1"<br>+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>[suffix] No '@' in User-Name = "<a href="http://ITDEPT.COM">ITDEPT.COM</a>\scoe", looking up realm NULL<br>
[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] EAP packet type response id 3 length 253<br>[eap] Continuing tunnel setup.<br>++[eap] returns ok<br>Found Auth-Type = EAP<br>+- entering group authenticate {...}<br>
[eap] Request found, released from the list<br>[eap] EAP/peap<br>[eap] processing type peap<br>[peap] processing EAP-TLS<br> TLS Length 310<br>[peap] Length Included<br>[peap] eaptls_verify returned 11 <br>[peap] <<< TLS 1.0 Handshake [length 0106], ClientKeyExchange <br>
[peap] TLS_accept: SSLv3 read client key exchange A <br>[peap] <<< TLS 1.0 ChangeCipherSpec [length 0001] <br>[peap] <<< TLS 1.0 Handshake [length 0010], Finished <br>[peap] TLS_accept: SSLv3 read finished A <br>
[peap] >>> TLS 1.0 ChangeCipherSpec [length 0001] <br>[peap] TLS_accept: SSLv3 write change cipher spec A <br>[peap] >>> TLS 1.0 Handshake [length 0010], Finished <br>[peap] TLS_accept: SSLv3 write finished A <br>
[peap] TLS_accept: SSLv3 flush data <br>[peap] (other): SSL negotiation finished successfully <br>SSL Connection Established <br>[peap] eaptls_process returned 13 <br>[peap] EAPTLS_HANDLED<br>++[eap] returns handled<br>
Sending Access-Challenge of id 3 to 192.168.1.250 port 1034<br> EAP-Message = 0x01040031190014030100010116030100204c2d5ce111b4cf1d8484d0a7b0bc663743b67f0dfcf3bc69dfa62631fd9d3e30<br> Message-Authenticator = 0x00000000000000000000000000000000<br>
State = 0x992715679a230cebdde85f1a77c9228b<br>Finished request 11.<br>Going to the next request<br>Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 192.168.1.250 port 1034, id=4, length=216<br>
Message-Authenticator = 0xfb5cafdd0840b6ccedd584509afb6159<br> Service-Type = Framed-User<br> User-Name = "<a href="http://ITDEPT.COM">ITDEPT.COM</a>\\scoe\000"<br> Framed-MTU = 1488<br>
State = 0x992715679a230cebdde85f1a77c9228b<br> Called-Station-Id = "00-17-9A-09-C4-DD:scoeit"<br> Calling-Station-Id = "00-13-02-12-16-6E"<br> NAS-Identifier = "D-Link Access Point"<br>
NAS-Port-Type = Wireless-802.11<br> Connect-Info = "CONNECT 54Mbps 802.11g"<br> EAP-Message = 0x020400061900<br> NAS-IP-Address = 192.168.1.250<br> NAS-Port = 1<br> NAS-Port-Id = "STA port # 1"<br>
+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>[suffix] No '@' in User-Name = "<a href="http://ITDEPT.COM">ITDEPT.COM</a>\scoe", looking up realm NULL<br>
[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] EAP packet type response id 4 length 6<br>[eap] Continuing tunnel setup.<br>++[eap] returns ok<br>Found Auth-Type = EAP<br>+- entering group authenticate {...}<br>
[eap] Request found, released from the list<br>[eap] EAP/peap<br>[eap] processing type peap<br>[peap] processing EAP-TLS<br>[peap] Received TLS ACK<br>[peap] ACK handshake is finished<br>[peap] eaptls_verify returned 3 <br>
[peap] eaptls_process returned 3 <br>[peap] EAPTLS_SUCCESS<br>++[eap] returns handled<br>Sending Access-Challenge of id 4 to 192.168.1.250 port 1034<br> EAP-Message = 0x0105002019001703010015b1bb8da1accb8c051e43c474f0b25b6888371dafd2<br>
Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0x992715679d220cebdde85f1a77c9228b<br>Finished request 12.<br>Going to the next request<br>Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 192.168.1.250 port 1034, id=5, length=253<br>
Message-Authenticator = 0x559b57aca5bffa7b01a186f5ae288fc8<br> Service-Type = Framed-User<br> User-Name = "<a href="http://ITDEPT.COM">ITDEPT.COM</a>\\scoe\000"<br> Framed-MTU = 1488<br>
State = 0x992715679d220cebdde85f1a77c9228b<br> Called-Station-Id = "00-17-9A-09-C4-DD:scoeit"<br> Calling-Station-Id = "00-13-02-12-16-6E"<br> NAS-Identifier = "D-Link Access Point"<br>
NAS-Port-Type = Wireless-802.11<br> Connect-Info = "CONNECT 54Mbps 802.11g"<br> EAP-Message = 0x0205002b19001703010020a690881c896db8f3366ba3ee32944a59d4b9fea829756099f89ed10931342409<br> NAS-IP-Address = 192.168.1.250<br>
NAS-Port = 1<br> NAS-Port-Id = "STA port # 1"<br>+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>[suffix] No '@' in User-Name = "<a href="http://ITDEPT.COM">ITDEPT.COM</a>\scoe", looking up realm NULL<br>
[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] EAP packet type response id 5 length 43<br>[eap] Continuing tunnel setup.<br>++[eap] returns ok<br>Found Auth-Type = EAP<br>+- entering group authenticate {...}<br>
[eap] Request found, released from the list<br>[eap] EAP/peap<br>[eap] processing type peap<br>[peap] processing EAP-TLS<br>[peap] eaptls_verify returned 7 <br>[peap] Done initial handshake<br>[peap] eaptls_process returned 7 <br>
[peap] EAPTLS_OK<br>[peap] Session established. Decoding tunneled attributes.<br>[peap] Identity - <a href="http://ITDEPT.COM">ITDEPT.COM</a>\scoe<br>[peap] Got tunnled request<br> EAP-Message = 0x02050014014954444550542e434f4d5c73636f65<br>
server (null) {<br> PEAP: Got tunneled identity of <a href="http://ITDEPT.COM">ITDEPT.COM</a>\scoe<br> PEAP: Setting default EAP type for tunneled EAP session.<br> PEAP: Setting User-Name to <a href="http://ITDEPT.COM">ITDEPT.COM</a>\scoe<br>
Sending tunneled request<br> EAP-Message = 0x02050014014954444550542e434f4d5c73636f65<br> FreeRADIUS-Proxied-To = 127.0.0.1<br> User-Name = "<a href="http://ITDEPT.COM">ITDEPT.COM</a>\\scoe"<br>
Service-Type = Framed-User<br> Framed-MTU = 1488<br> Called-Station-Id = "00-17-9A-09-C4-DD:scoeit"<br> Calling-Station-Id = "00-13-02-12-16-6E"<br> NAS-Identifier = "D-Link Access Point"<br>
NAS-Port-Type = Wireless-802.11<br> Connect-Info = "CONNECT 54Mbps 802.11g"<br> NAS-IP-Address = 192.168.1.250<br> NAS-Port = 1<br> NAS-Port-Id = "STA port # 1"<br>server inner-tunnel {<br>
+- entering group authorize {...}<br>++[chap] returns noop<br>++[mschap] returns noop<br>++[unix] returns notfound<br>[suffix] No '@' in User-Name = "<a href="http://ITDEPT.COM">ITDEPT.COM</a>\scoe", looking up realm NULL<br>
[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>++[control] returns noop<br>[eap] EAP packet type response id 5 length 20<br>[eap] No EAP Start, assuming it's an on-going EAP conversation<br>++[eap] returns updated<br>
++[files] returns noop<br>++[expiration] returns noop<br>++[logintime] returns noop<br>++[pap] returns noop<br>Found Auth-Type = EAP<br>+- entering group authenticate {...}<br>[eap] EAP Identity<br>[eap] processing type mschapv2<br>
rlm_eap_mschapv2: Issuing Challenge<br>++[eap] returns handled<br>} # server inner-tunnel<br>[peap] Got tunneled reply code 11<br> EAP-Message = 0x010600291a01060024100063da3b7cc3f43eabec58facf4e1a544954444550542e434f4d5c73636f65<br>
Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0x5dac34625daa2ecf48629eb40108d58e<br>[peap] Got tunneled reply RADIUS code 11<br> EAP-Message = 0x010600291a01060024100063da3b7cc3f43eabec58facf4e1a544954444550542e434f4d5c73636f65<br>
Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0x5dac34625daa2ecf48629eb40108d58e<br>[peap] Got tunneled Access-Challenge<br>++[eap] returns handled<br>Sending Access-Challenge of id 5 to 192.168.1.250 port 1034<br>
EAP-Message = 0x01060040190017030100352c6462427fabed095dd20eb0a27126d825f307f85f0ecd4fd26ae52617d9731aa14fcadeb19fac8fc0d0137ed2f8014bf4ef79384e<br> Message-Authenticator = 0x00000000000000000000000000000000<br>
State = 0x992715679c210cebdde85f1a77c9228b<br>Finished request 13.<br>Going to the next request<br>Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 192.168.1.250 port 1034, id=6, length=307<br>
Message-Authenticator = 0xa39a6fe70736fcc5f6106730554498e1<br> Service-Type = Framed-User<br> User-Name = "<a href="http://ITDEPT.COM">ITDEPT.COM</a>\\scoe\000"<br> Framed-MTU = 1488<br>
State = 0x992715679c210cebdde85f1a77c9228b<br> Called-Station-Id = "00-17-9A-09-C4-DD:scoeit"<br> Calling-Station-Id = "00-13-02-12-16-6E"<br> NAS-Identifier = "D-Link Access Point"<br>
NAS-Port-Type = Wireless-802.11<br> Connect-Info = "CONNECT 54Mbps 802.11g"<br> EAP-Message = 0x0206006119001703010056ef7f7df93da28d67e1bb560078a1f55a38558fc7fe965a4d12729fedfd5978ea7678f294285464c7a58049a65ac6bfed51f72f89937a6275d512063adefe77cd4a4866c11af7b1d49e60f77003a2581559e005a77732<br>
NAS-IP-Address = 192.168.1.250<br> NAS-Port = 1<br> NAS-Port-Id = "STA port # 1"<br>+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>
[suffix] No '@' in User-Name = "<a href="http://ITDEPT.COM">ITDEPT.COM</a>\scoe", looking up realm NULL<br>[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] EAP packet type response id 6 length 97<br>
[eap] Continuing tunnel setup.<br>++[eap] returns ok<br>Found Auth-Type = EAP<br>+- entering group authenticate {...}<br>[eap] Request found, released from the list<br>[eap] EAP/peap<br>[eap] processing type peap<br>[peap] processing EAP-TLS<br>
[peap] eaptls_verify returned 7 <br>[peap] Done initial handshake<br>[peap] eaptls_process returned 7 <br>[peap] EAPTLS_OK<br>[peap] Session established. Decoding tunneled attributes.<br>[peap] EAP type mschapv2<br>[peap] Got tunnled request<br>
EAP-Message = 0x0206004a1a02060045315c0291fe1459500e2ea66e03781a141b0000000000000000a1f11ae4843edcb38707bda4af4252c47ea544de54571725004954444550542e434f4d5c73636f65<br>server (null) {<br> PEAP: Setting User-Name to <a href="http://ITDEPT.COM">ITDEPT.COM</a>\scoe<br>
Sending tunneled request<br> EAP-Message = 0x0206004a1a02060045315c0291fe1459500e2ea66e03781a141b0000000000000000a1f11ae4843edcb38707bda4af4252c47ea544de54571725004954444550542e434f4d5c73636f65<br> FreeRADIUS-Proxied-To = 127.0.0.1<br>
User-Name = "<a href="http://ITDEPT.COM">ITDEPT.COM</a>\\scoe"<br> State = 0x5dac34625daa2ecf48629eb40108d58e<br> Service-Type = Framed-User<br> Framed-MTU = 1488<br> Called-Station-Id = "00-17-9A-09-C4-DD:scoeit"<br>
Calling-Station-Id = "00-13-02-12-16-6E"<br> NAS-Identifier = "D-Link Access Point"<br> NAS-Port-Type = Wireless-802.11<br> Connect-Info = "CONNECT 54Mbps 802.11g"<br>
NAS-IP-Address = 192.168.1.250<br> NAS-Port = 1<br> NAS-Port-Id = "STA port # 1"<br>server inner-tunnel {<br>+- entering group authorize {...}<br>++[chap] returns noop<br>++[mschap] returns noop<br>
++[unix] returns notfound<br>[suffix] No '@' in User-Name = "<a href="http://ITDEPT.COM">ITDEPT.COM</a>\scoe", looking up realm NULL<br>[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>
++[control] returns noop<br>[eap] EAP packet type response id 6 length 74<br>[eap] No EAP Start, assuming it's an on-going EAP conversation<br>++[eap] returns updated<br>++[files] returns noop<br>++[expiration] returns noop<br>
++[logintime] returns noop<br>++[pap] returns noop<br>Found Auth-Type = EAP<br>+- entering group authenticate {...}<br>[eap] Request found, released from the list<br>[eap] EAP/mschapv2<br>[eap] processing type mschapv2<br>
[mschapv2] +- entering group MS-CHAP {...}<br>[mschap] No Cleartext-Password configured. Cannot create LM-Password.<br>[mschap] No Cleartext-Password configured. Cannot create NT-Password.<br>[mschap] NT Domain delimeter found, should we have enabled with_ntdomain_hack?<br>
[mschap] Told to do MS-CHAPv2 for <a href="http://ITDEPT.COM">ITDEPT.COM</a>\scoe with NT-Password<br>[mschap] FAILED: No NT/LM-Password. Cannot perform authentication.<br>[mschap] FAILED: MS-CHAP2-Response is incorrect<br>
++[mschap] returns reject<br>[eap] Freeing handler<br>++[eap] returns reject<br>Failed to authenticate the user.<br>} # server inner-tunnel<br>[peap] Got tunneled reply code 3<br> MS-CHAP-Error = "\006E=691 R=1"<br>
EAP-Message = 0x04060004<br> Message-Authenticator = 0x00000000000000000000000000000000<br>[peap] Got tunneled reply RADIUS code 3<br> MS-CHAP-Error = "\006E=691 R=1"<br> EAP-Message = 0x04060004<br>
Message-Authenticator = 0x00000000000000000000000000000000<br>[peap] Tunneled authentication was rejected.<br>[peap] FAILURE<br>++[eap] returns handled<br>Sending Access-Challenge of id 6 to 192.168.1.250 port 1034<br>
EAP-Message = 0x010700261900170301001b0b161d0dbb31d7d3cd65286f7aa084ee8708935bed2bc963e60797<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0x992715679f200cebdde85f1a77c9228b<br>
Finished request 14.<br>Going to the next request<br>Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 192.168.1.250 port 1034, id=7, length=248<br> Message-Authenticator = 0x5b1ec30419fb1addf07d5979c76176e0<br>
Service-Type = Framed-User<br> User-Name = "<a href="http://ITDEPT.COM">ITDEPT.COM</a>\\scoe\000"<br> Framed-MTU = 1488<br> State = 0x992715679f200cebdde85f1a77c9228b<br> Called-Station-Id = "00-17-9A-09-C4-DD:scoeit"<br>
Calling-Station-Id = "00-13-02-12-16-6E"<br> NAS-Identifier = "D-Link Access Point"<br> NAS-Port-Type = Wireless-802.11<br> Connect-Info = "CONNECT 54Mbps 802.11g"<br>
EAP-Message = 0x020700261900170301001b01aef267bca260c0c202dbaad96a2914551d213d9a74266916a21a<br> NAS-IP-Address = 192.168.1.250<br> NAS-Port = 1<br> NAS-Port-Id = "STA port # 1"<br>+- entering group authorize {...}<br>
++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>[suffix] No '@' in User-Name = "<a href="http://ITDEPT.COM">ITDEPT.COM</a>\scoe", looking up realm NULL<br>[suffix] No such realm "NULL"<br>
++[suffix] returns noop<br>[eap] EAP packet type response id 7 length 38<br>[eap] Continuing tunnel setup.<br>++[eap] returns ok<br>Found Auth-Type = EAP<br>+- entering group authenticate {...}<br>[eap] Request found, released from the list<br>
[eap] EAP/peap<br>[eap] processing type peap<br>[peap] processing EAP-TLS<br>[peap] eaptls_verify returned 7 <br>[peap] Done initial handshake<br>[peap] eaptls_process returned 7 <br>[peap] EAPTLS_OK<br>[peap] Session established. Decoding tunneled attributes.<br>
[peap] Received EAP-TLV response.<br>[peap] Had sent TLV failure. User was rejected earlier in this session.<br>[eap] Handler failed in EAP/peap<br>[eap] Failed in EAP select<br>++[eap] returns invalid<br>Failed to authenticate the user.<br>
Using Post-Auth-Type Reject<br>+- entering group REJECT {...}<br>[attr_filter.access_reject] expand: %{User-Name} -> <a href="http://ITDEPT.COM">ITDEPT.COM</a>\scoe<br> attr_filter: Matched entry DEFAULT at line 11<br>
++[attr_filter.access_reject] returns updated<br>Delaying reject of request 15 for 1 seconds<br>Going to the next request<br>Waking up in 0.9 seconds.<br>Sending delayed reject for request 15<br>Sending Access-Reject of id 7 to 192.168.1.250 port 1034<br>
EAP-Message = 0x04070004<br> Message-Authenticator = 0x00000000000000000000000000000000<br>Waking up in 3.9 seconds.<br>Cleaning up request 8 ID 0 with timestamp +558<br>Cleaning up request 9 ID 1 with timestamp +558<br>
Cleaning up request 10 ID 2 with timestamp +559<br>Cleaning up request 11 ID 3 with timestamp +559<br>Cleaning up request 12 ID 4 with timestamp +559<br>Cleaning up request 13 ID 5 with timestamp +559<br>Cleaning up request 14 ID 6 with timestamp +559<br>
Waking up in 1.0 seconds.<br>Cleaning up request 15 ID 7 with timestamp +559<br>Ready to process requests.<br><br><br><br><div class="gmail_quote">2009/3/13 aland <span dir="ltr"><<a href="mailto:aland@deployingradius.com">aland@deployingradius.com</a>></span><br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">commit 31b122089aec06530a00a16e3665b14d97f58e44<br>
Author: Alan T. DeKok <<a href="mailto:aland@freeradius.org">aland@freeradius.org</a>><br>
Date: Wed Mar 11 11:25:40 2009 +0100<br>
<br>
Include more RFC dictionaries<br>
<br>
Files changed:<br>
share/dictionary | 2 --<br>
1 files changed, 0 insertions(+), 2 deletions(-)<br>
<br>
======================================================================<br>
commit fbaba7d9a6e735c23f41a23ad21d4e207e240d79<br>
Author: Alan T. DeKok <<a href="mailto:aland@freeradius.org">aland@freeradius.org</a>><br>
Date: Wed Mar 11 04:09:48 2009 +0100<br>
<br>
More VQP wrappers<br>
<br>
Files changed:<br>
src/main/listen.c | 2 --<br>
1 files changed, 0 insertions(+), 2 deletions(-)<br>
<br>
======================================================================<br>
commit cf0a584ca3fa8bfffff7eee9bb7bfe322043876e<br>
Author: Alan T. DeKok <<a href="mailto:aland@freeradius.org">aland@freeradius.org</a>><br>
Date: Wed Mar 11 03:41:30 2009 +0100<br>
<br>
Don't use -1 for size_t<br>
<br>
Noted by John Center<br>
<br>
Files changed:<br>
src/main/mainconfig.c | 12 ++++++------<br>
1 files changed, 6 insertions(+), 6 deletions(-)<br>
<br>
======================================================================<br>
-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/devel.html" target="_blank">http://www.freeradius.org/list/devel.html</a><br>
</blockquote></div><br><br clear="all"><br>-- <br>Tough times dont last,Tough People Do.<br>