About eap-peap/switch/FR/openldap

Hangjun He elmerhe at yahoo.com.cn
Wed Jul 18 13:54:48 CEST 2007


hi,
       I am use freeradius1.1.6 . And It can work.
   
    But  there is a question: why freeradius recieve username=anonymous many time? and than receive real username hwang??
   
  
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
rad_recv: Access-Request packet from host 10.155.20.84:1030, id=27, length=162
 User-Name = "anonymous"  // My username is hwang???
 NAS-IP-Address = 10.155.20.84
 NAS-Identifier = "hello"
 NAS-Port = 0
 Called-Station-Id = "00-19-77-00-00-34:hhe"
 Calling-Station-Id = "00-19-E0-80-A5-5A"
 Framed-MTU = 1500
 NAS-Port-Type = Wireless-802.11
 Connect-Info = "CONNECT 11Mbps 802.11b"
 EAP-Message = 0x0200000e01616e6f6e796d6f7573
 Message-Authenticator = 0x892d753593e189cd36612f7fa07e459f
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
    rlm_realm: No '@' in User-Name = "anonymous", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 0
  rlm_eap: EAP packet type response id 0 length 14
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 0
rlm_ldap: - authorize
rlm_ldap: performing user authorization for anonymous
radius_xlat:  '(cn=anonymous)'
radius_xlat:  'dc=company,dc=com'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to 127.0.0.1:389, authentication 0
rlm_ldap: setting TLS CACert File to /usr/local/etc/openldap/ssl/cacert.pem
rlm_ldap: setting TLS Require Cert to never
rlm_ldap: bind as / to 127.0.0.1:389
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: performing search in dc=company,dc=com, with filter (cn=anonymous)
rlm_ldap: object not found or got ambiguous search result
rlm_ldap: search failed
rlm_ldap: ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ldap" returns notfound for request 0
modcall: leaving group authorize (returns updated) for request 0
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
  rlm_eap: EAP Identity
  rlm_eap: processing type md5
rlm_eap_md5: Issuing Challenge
  modcall[authenticate]: module "eap" returns handled for request 0
modcall: leaving group authenticate (returns handled) for request 0
Sending Access-Challenge of id 27 to 10.155.20.84 port 1030
 EAP-Message = 0x01010016041061094fc60ca2cd662178a3d6eea822cc
 Message-Authenticator = 0x00000000000000000000000000000000
 State = 0x3a5eacc7a46269daed6e2e83bf27092c
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 10.155.20.84:1030, id=28, length=172
 User-Name = "anonymous"
 NAS-IP-Address = 10.155.20.84
 NAS-Identifier = "hello"
 NAS-Port = 0
 Called-Station-Id = "00-19-77-00-00-34:hhe"
 Calling-Station-Id = "00-19-E0-80-A5-5A"
 Framed-MTU = 1500
 NAS-Port-Type = Wireless-802.11
 Connect-Info = "CONNECT 11Mbps 802.11b"
 EAP-Message = 0x020100060319
 State = 0x3a5eacc7a46269daed6e2e83bf27092c
 Message-Authenticator = 0x3429d0e18b932a327161388ce7e0bdc4
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
  modcall[authorize]: module "mschap" returns noop for request 1
    rlm_realm: No '@' in User-Name = "anonymous", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 1
  rlm_eap: EAP packet type response id 1 length 6
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 1
rlm_ldap: - authorize
rlm_ldap: performing user authorization for anonymous
radius_xlat:  '(cn=anonymous)'
radius_xlat:  'dc=company,dc=com'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=company,dc=com, with filter (cn=anonymous)
rlm_ldap: object not found or got ambiguous search result
rlm_ldap: search failed
rlm_ldap: ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ldap" returns notfound for request 1
modcall: leaving group authorize (returns updated) for request 1
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 1
  rlm_eap: Request found, released from the list
  rlm_eap: EAP NAK
 rlm_eap: EAP-NAK asked for EAP-Type/peap
  rlm_eap: processing type tls
  rlm_eap_tls: Initiate
  rlm_eap_tls: Start returned 1
  modcall[authenticate]: module "eap" returns handled for request 1
modcall: leaving group authenticate (returns handled) for request 1
Sending Access-Challenge of id 28 to 10.155.20.84 port 1030
 EAP-Message = 0x010200061920
 Message-Authenticator = 0x00000000000000000000000000000000
 State = 0x78c6b1e762ecc5c348c57839451373fc
Finished request 1
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 10.155.20.84:1030, id=29, length=308
 User-Name = "anonymous"
 NAS-IP-Address = 10.155.20.84
 NAS-Identifier = "hello"
 NAS-Port = 0
 Called-Station-Id = "00-19-77-00-00-34:hhe"
 Calling-Station-Id = "00-19-E0-80-A5-5A"
 Framed-MTU = 1500
 NAS-Port-Type = Wireless-802.11
 Connect-Info = "CONNECT 11Mbps 802.11b"
 EAP-Message = 0x0202008e198000000084160301007f0100007b0301469dfab4e8c534467a7efea117a737c912db65b70fd69087e66db970d315915320ccd869a4c60335849db3ab1a6ac62e61453a4b96028a90f4d7003b9354af598f003400390038003300320016001300660035002f00150012000a000500040009006300650060006200610064001400110003000600080100
 State = 0x78c6b1e762ecc5c348c57839451373fc
 Message-Authenticator = 0xd219e2d5ad47c0fac48409f97e811c06
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
  modcall[authorize]: module "mschap" returns noop for request 2
    rlm_realm: No '@' in User-Name = "anonymous", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 2
  rlm_eap: EAP packet type response id 2 length 142
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 2
rlm_ldap: - authorize
rlm_ldap: performing user authorization for anonymous
radius_xlat:  '(cn=anonymous)'
radius_xlat:  'dc=company,dc=com'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=company,dc=com, with filter (cn=anonymous)
rlm_ldap: object not found or got ambiguous search result
rlm_ldap: search failed
rlm_ldap: ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ldap" returns notfound for request 2
modcall: leaving group authorize (returns updated) for request 2
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 2
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls:  Length Included
  eaptls_verify returned 11 
    (other): before/accept initialization 
    TLS_accept: before/accept initialization 
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 007f], ClientHello  
    TLS_accept: SSLv3 read client hello A 
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello  
    TLS_accept: SSLv3 write server hello A 
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 05f5], Certificate  
    TLS_accept: SSLv3 write certificate A 
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 010d], ServerKeyExchange  
    TLS_accept: SSLv3 write key exchange A 
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone  
    TLS_accept: SSLv3 write server done A 
    TLS_accept: SSLv3 flush data 
    TLS_accept: Need to read more data: SSLv3 read client certificate A
In SSL Handshake Phase 
In SSL Accept mode  
  eaptls_process returned 13 
  rlm_eap_peap: EAPTLS_HANDLED
  modcall[authenticate]: module "eap" returns handled for request 2
modcall: leaving group authenticate (returns handled) for request 2
Sending Access-Challenge of id 29 to 10.155.20.84 port 1030
 EAP-Message = 0x0103040a19c000000764160301004a020000460301469dfab309c80c31b99e98c0a34aca8264f8f297de2c96c8d749bc2f8643ed65203b46728ba323185caf08c85e3a2c79d9f28fd7c95c65f4f1c94f9a20d9abaf1e00390016030105f50b0005f10005ee00028b30820287308201f0a003020102020101300d06092a864886f70d0101040500307c310b300906035504061302434e310b3009060355040813026161310b3009060355040713026161310b3009060355040a13026161310b3009060355040b1302616131193017060355040313107777772e6165726f686976652e636f6d311e301c06092a864886f70d010901160f6161406165726f
 EAP-Message = 0x686976652e636f6d301e170d3037303632363037323031385a170d3038303632353037323031385a307e310b300906035504061302434e310b3009060355040813026164310c300a06035504071303736466310b3009060355040a13027366310c300a060355040b130361736431193017060355040313107777772e6165726f686976652e636f6d311e301c06092a864886f70d010901160f6464406165726f686976652e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100b634f0dd4ca2b2710ceb06a0d511a77b99bfffd41c3287bda963b1fd868b978dccbf7be1e4986cf08af63cbc811a7147b865c3dbdd529749
 EAP-Message = 0xe54ebd3528f0bc1e070bef3576e374cda904f61c7fb19c861d52361206b659e74221081cb674521e21172342968b83c2e56606310d4cdb30f5670f53234c2006c89544dca8afa7690203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d0101040500038181004285d778012c69d462728a5cf6c7187151c83b5ec1509ad697bd4e2c55cd886be9097a289c13bdefe578674ce5ce0481c9840bb5dc878a9445465fc61f53205f875f79107dfdb55e15a5a38bbc8f8387f0abec3917629363ef6b0f1a15910dbb516fa80cd63c3d4f99508882c04935170a0750997e724a88284627d5a33390a400035d30
 EAP-Message = 0x820359308202c2a0030201020209009f961f4fc34f74f5300d06092a864886f70d0101040500307c310b300906035504061302434e310b3009060355040813026161310b3009060355040713026161310b3009060355040a13026161310b3009060355040b1302616131193017060355040313107777772e6165726f686976652e636f6d311e301c06092a864886f70d010901160f6161406165726f686976652e636f6d301e170d3037303632363037313235365a170d3038303632353037313235365a307c310b300906035504061302434e310b3009060355040813026161310b3009060355040713026161310b3009060355040a13026161310b30
 EAP-Message = 0x09060355040b13026161311930170603550403131077
 Message-Authenticator = 0x00000000000000000000000000000000
 State = 0x64f0f8b513f75e5eda3b855da24e0e94
Finished request 2
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 10.155.20.84:1030, id=30, length=172
 User-Name = "anonymous"
 NAS-IP-Address = 10.155.20.84
 NAS-Identifier = "hello"
 NAS-Port = 0
 Called-Station-Id = "00-19-77-00-00-34:hhe"
 Calling-Station-Id = "00-19-E0-80-A5-5A"
 Framed-MTU = 1500
 NAS-Port-Type = Wireless-802.11
 Connect-Info = "CONNECT 11Mbps 802.11b"
 EAP-Message = 0x020300061900
 State = 0x64f0f8b513f75e5eda3b855da24e0e94
 Message-Authenticator = 0xeccfd2a31efa5926c1da829b98e7c190
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 3
  modcall[authorize]: module "mschap" returns noop for request 3
    rlm_realm: No '@' in User-Name = "anonymous", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 3
  rlm_eap: EAP packet type response id 3 length 6
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 3
rlm_ldap: - authorize
rlm_ldap: performing user authorization for anonymous
radius_xlat:  '(cn=anonymous)'
radius_xlat:  'dc=company,dc=com'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=company,dc=com, with filter (cn=anonymous)
rlm_ldap: object not found or got ambiguous search result
rlm_ldap: search failed
rlm_ldap: ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ldap" returns notfound for request 3
modcall: leaving group authorize (returns updated) for request 3
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 3
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
  rlm_eap_tls: ack handshake fragment handler
  eaptls_verify returned 1 
  eaptls_process returned 13 
  rlm_eap_peap: EAPTLS_HANDLED
  modcall[authenticate]: module "eap" returns handled for request 3
modcall: leaving group authenticate (returns handled) for request 3
Sending Access-Challenge of id 30 to 10.155.20.84 port 1030
 EAP-Message = 0x0104036a190077772e6165726f686976652e636f6d311e301c06092a864886f70d010901160f6161406165726f686976652e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100c474b27e94d9079f425dc26ae672f7422f90c0dc3acb64f6fe338cafd8c76abe6168006a0924e69387dafc4fe657a15ca04281abbc2f4e3012c0ec02fc49e4ea7d713ef14b49fec2339e9f4be422b21d468c3ad6f7cb5b111d586ffd642e7d0e030835b364d908b72b4c310a3c0740d3a6501f3f0ff54ad5f90fd8b7c5ff02b70203010001a381e23081df301d0603551d0e04160414050729ac4b9f02efbd89d61f801226f7b19871e730
 EAP-Message = 0x81af0603551d230481a73081a48014050729ac4b9f02efbd89d61f801226f7b19871e7a18180a47e307c310b300906035504061302434e310b3009060355040813026161310b3009060355040713026161310b3009060355040a13026161310b3009060355040b1302616131193017060355040313107777772e6165726f686976652e636f6d311e301c06092a864886f70d010901160f6161406165726f686976652e636f6d8209009f961f4fc34f74f5300c0603551d13040530030101ff300d06092a864886f70d0101040500038181002617bba7fbd8d318ba237e03c59763285f5b3d552fb04f8295d6fb972e54a80e1ae55182b1b93fad56eccc
 EAP-Message = 0x008144c830ca22f22b37d28b7ec437ab988a5346105ad15a76f84ea9d1d746b6482241d95f106e8b83dcff277ffb4cfdb4b2c46e5030943c310d01e9e755e2a11bf21d3cf5eb1e50fb4e08e45d20f21cb01d75ef46160301010d0c00010900409fb2566c6daf40fa7213de35550402bb2c30650b0b690c926edfdc870939677dee5bef17f04c611d99c259a9f3c3564ff1b617cc682c42f2551d6061bee4ea6b00010500407c848e1deed61f74a1eae953c93aef3f11592a7ebca3039464d5caf560b157d1b36b1d2fe96779040e50b5b1203d45620b82d97b95128a3802d1c654301e4d35008007b33a97ac3ff6e4524749d01480f93aa974bbdca17c
 EAP-Message = 0x23edf88fd6106f647719683f43bedbd574348b023b18d55b950dc11e32e407bbf94d751f75df8b950263ddc4d50397b0e40f16fde6ea57d8a537ce16f38ddb4962e5b2546a48e4c9b25f94e8894cc44eba7f55133397855092202ead7e82ccfc59a0309620f73e75496e16030100040e000000
 Message-Authenticator = 0x00000000000000000000000000000000
 State = 0x6aca38b181b8d8f126f6f9d75a95cea1
Finished request 3
Going to the next request
--- Walking the entire request list ---
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 10.155.20.84:1030, id=31, length=310
 User-Name = "anonymous"
 NAS-IP-Address = 10.155.20.84
 NAS-Identifier = "hello"
 NAS-Port = 0
 Called-Station-Id = "00-19-77-00-00-34:hhe"
 Calling-Station-Id = "00-19-E0-80-A5-5A"
 Framed-MTU = 1500
 NAS-Port-Type = Wireless-802.11
 Connect-Info = "CONNECT 11Mbps 802.11b"
 EAP-Message = 0x02040090198000000086160301004610000042004023b55a35ee451dc35ed4700cccf7378a2207e0602fc6d015659ebbc130312ca4b42ab2e6bc10b7ea3038f5057c5d2e42b75b074ef2b61cc07da33dad7fdef00314030100010116030100302259954c3a5d5001b973d8db65bfbc80b209196649f453710f17ee22aa0a8b24c37251c79d2617bdfc0db164c5d1f06f
 State = 0x6aca38b181b8d8f126f6f9d75a95cea1
 Message-Authenticator = 0xf0b976660c9afb2bebbd92af021e7f39
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 4
  modcall[authorize]: module "mschap" returns noop for request 4
    rlm_realm: No '@' in User-Name = "anonymous", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 4
  rlm_eap: EAP packet type response id 4 length 144
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 4
rlm_ldap: - authorize
rlm_ldap: performing user authorization for anonymous
radius_xlat:  '(cn=anonymous)'
radius_xlat:  'dc=company,dc=com'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=company,dc=com, with filter (cn=anonymous)
rlm_ldap: object not found or got ambiguous search result
rlm_ldap: search failed
rlm_ldap: ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ldap" returns notfound for request 4
modcall: leaving group authorize (returns updated) for request 4
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 4
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls:  Length Included
  eaptls_verify returned 11 
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 0046], ClientKeyExchange  
    TLS_accept: SSLv3 read client key exchange A 
  rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001]  
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished  
    TLS_accept: SSLv3 read finished A 
  rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001]  
    TLS_accept: SSLv3 write change cipher spec A 
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished  
    TLS_accept: SSLv3 write finished A 
    TLS_accept: SSLv3 flush data 
    (other): SSL negotiation finished successfully 
SSL Connection Established 
  eaptls_process returned 13 
  rlm_eap_peap: EAPTLS_HANDLED
  modcall[authenticate]: module "eap" returns handled for request 4
modcall: leaving group authenticate (returns handled) for request 4
Sending Access-Challenge of id 31 to 10.155.20.84 port 1030
 EAP-Message = 0x010500411900140301000101160301003058e4fa4949dbfc44b6eb52a41e2a278ae305a5e729bc575f83623c66afd6560be127d8c5f212e2925261c4a1334393d3
 Message-Authenticator = 0x00000000000000000000000000000000
 State = 0x24be7ab489df058566683a9ebe9c117e
Finished request 4
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 10.155.20.84:1030, id=32, length=172
 User-Name = "anonymous"
 NAS-IP-Address = 10.155.20.84
 NAS-Identifier = "hello"
 NAS-Port = 0
 Called-Station-Id = "00-19-77-00-00-34:hhe"
 Calling-Station-Id = "00-19-E0-80-A5-5A"
 Framed-MTU = 1500
 NAS-Port-Type = Wireless-802.11
 Connect-Info = "CONNECT 11Mbps 802.11b"
 EAP-Message = 0x020500061900
 State = 0x24be7ab489df058566683a9ebe9c117e
 Message-Authenticator = 0xee16952d86d913a0de63ea9ac30686b5
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 5
  modcall[authorize]: module "mschap" returns noop for request 5
    rlm_realm: No '@' in User-Name = "anonymous", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 5
  rlm_eap: EAP packet type response id 5 length 6
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 5
rlm_ldap: - authorize
rlm_ldap: performing user authorization for anonymous
radius_xlat:  '(cn=anonymous)'
radius_xlat:  'dc=company,dc=com'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=company,dc=com, with filter (cn=anonymous)
rlm_ldap: object not found or got ambiguous search result
rlm_ldap: search failed
rlm_ldap: ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ldap" returns notfound for request 5
modcall: leaving group authorize (returns updated) for request 5
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 5
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
  rlm_eap_tls: ack handshake is finished
  eaptls_verify returned 3 
  eaptls_process returned 3 
  rlm_eap_peap: EAPTLS_SUCCESS
  modcall[authenticate]: module "eap" returns handled for request 5
modcall: leaving group authenticate (returns handled) for request 5
Sending Access-Challenge of id 32 to 10.155.20.84 port 1030
 EAP-Message = 0x0106002b190017030100200d55461e9cdb964514a669c9dfe5c13871fdd2169a2e4baaa0c9dfe12e76e04e
 Message-Authenticator = 0x00000000000000000000000000000000
 State = 0x0f2025da9f0e12d75d1b92245369cae4
Finished request 5
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 10.155.20.84:1030, id=33, length=209
 User-Name = "anonymous"
 NAS-IP-Address = 10.155.20.84
 NAS-Identifier = "hello"
 NAS-Port = 0
 Called-Station-Id = "00-19-77-00-00-34:hhe"
 Calling-Station-Id = "00-19-E0-80-A5-5A"
 Framed-MTU = 1500
 NAS-Port-Type = Wireless-802.11
 Connect-Info = "CONNECT 11Mbps 802.11b"
 EAP-Message = 0x0206002b19001703010020cdfc4e1259368e75a31d741ace309219962619f1d83af282f29c39016fdcf570
 State = 0x0f2025da9f0e12d75d1b92245369cae4
 Message-Authenticator = 0xc3aa3be0f439676efe53acf688e853df
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 6
  modcall[authorize]: module "mschap" returns noop for request 6
    rlm_realm: No '@' in User-Name = "anonymous", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 6
  rlm_eap: EAP packet type response id 6 length 43
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 6
rlm_ldap: - authorize
rlm_ldap: performing user authorization for anonymous
radius_xlat:  '(cn=anonymous)'
radius_xlat:  'dc=company,dc=com'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=company,dc=com, with filter (cn=anonymous)
rlm_ldap: object not found or got ambiguous search result
rlm_ldap: search failed
rlm_ldap: ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ldap" returns notfound for request 6
modcall: leaving group authorize (returns updated) for request 6
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 6
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
  eaptls_verify returned 7 
  rlm_eap_tls: Done initial handshake
  eaptls_process returned 7 
  rlm_eap_peap: EAPTLS_OK
  rlm_eap_peap: Session established.  Decoding tunneled attributes.
  rlm_eap_peap: Identity - hwang
  rlm_eap_peap: Tunneled data is valid.
  PEAP: Got tunneled EAP-Message
 EAP-Message = 0x0206000a016877616e67
  PEAP: Got tunneled identity of hwang
  PEAP: Setting default EAP type for tunneled EAP session.
  PEAP: Setting User-Name to hwang
  PEAP: Sending tunneled request
 EAP-Message = 0x0206000a016877616e67
 FreeRADIUS-Proxied-To = 127.0.0.1
 User-Name = "hwang"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 6
  modcall[authorize]: module "mschap" returns noop for request 6
    rlm_realm: No '@' in User-Name = "hwang", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 6
  rlm_eap: EAP packet type response id 6 length 10
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 6
rlm_ldap: - authorize
rlm_ldap: performing user authorization for hwang
radius_xlat:  '(cn=hwang)'
radius_xlat:  'dc=company,dc=com'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=company,dc=com, with filter (cn=hwang)
rlm_ldap: checking if remote access for hwang is allowed by uid
rlm_ldap: Added password hwang123 in check items
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user hwang authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ldap" returns ok for request 6
modcall: leaving group authorize (returns updated) for request 6
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 6
  rlm_eap: EAP Identity
  rlm_eap: processing type mschapv2
rlm_eap_mschapv2: Issuing Challenge
  modcall[authenticate]: module "eap" returns handled for request 6
modcall: leaving group authenticate (returns handled) for request 6
  PEAP: Got tunneled reply RADIUS code 11
 EAP-Message = 0x0107001f1a0107001a10a2750f27e0c8b270b5791e5e4bd204a06877616e67
 Message-Authenticator = 0x00000000000000000000000000000000
 State = 0xfc422a3c47ff3cec088d7cffbe0a09d3
  PEAP: Processing from tunneled session code 0x81504d0 11
 EAP-Message = 0x0107001f1a0107001a10a2750f27e0c8b270b5791e5e4bd204a06877616e67
 Message-Authenticator = 0x00000000000000000000000000000000
 State = 0xfc422a3c47ff3cec088d7cffbe0a09d3
  PEAP: Got tunneled Access-Challenge
  modcall[authenticate]: module "eap" returns handled for request 6
modcall: leaving group authenticate (returns handled) for request 6
Sending Access-Challenge of id 33 to 10.155.20.84 port 1030
 EAP-Message = 0x0107003b19001703010030e585bc4c07bbbcb1bd451d8aed4f816f199eae6bc7aa0387afe552a14f10124aace813bcd79348bf52e26944fbe0aef8
 Message-Authenticator = 0x00000000000000000000000000000000
 State = 0x67537faf447ee16778062badc8ed4ea2
Finished request 6
Going to the next request
--- Walking the entire request list ---
Waking up in 4 seconds...
rad_recv: Access-Request packet from host 10.155.20.84:1030, id=34, length=273
      

 	      
---------------------------------
抢注雅虎免费邮箱3.5G容量,20M附件! 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070718/9d6d88de/attachment.html>


More information about the Freeradius-Users mailing list