Re: mschapv2 problem
The authentication is still not working
I attached the log I got when running in debug mode; also I attached my
users file;
Maybe you may help
Alan DeKok wrote:
Cristian Novac wrote:
Hello all,
I am trying to authenticate to freeradius using ttls with mschapv2 and i
don't succeed;
Attached is my eap.conf file;
Why? Every piece of documentation says to run the server in debugging
mode. Go do that.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
1232420100000015 Auth-Type := EAP, Autz-Type:=EAP, EAP-Type := SIM
EAP-Sim-Rand1 = 0x30000000000000000000000000000000,
EAP-Sim-SRES1 = 0x30112233,
EAP-Sim-KC1 = 0x445566778899AABB,
EAP-Sim-Rand2 = 0x31000000000000000000000000000000,
EAP-Sim-SRES2 = 0x31112233,
EAP-Sim-KC2 = 0x445566778899AABB,
EAP-Sim-Rand3 = 0x32000000000000000000000000000000,
EAP-Sim-SRES3 = 0x32112233,
EAP-Sim-KC3 = 0x445566778899AABB,
2244070100000001@japsim.foo Auth-Type := EAP, Autz-Type:= EAP, EAP-Type := SIM
EAP-Sim-Rand1 = 0x101112131415161718191a1b1c1d1e1f,
EAP-Sim-SRES1 = 0xd1d2d3d4,
EAP-Sim-Rand2 = 0x202122232425262728292a2b2c2d2e2f,
EAP-Sim-SRES2 = 0xe1e2e3e4,
EAP-Sim-Rand3 = 0x303132333435363738393a3b3c3d3e3f,
EAP-Sim-SRES3 = 0xf1f2f3f4,
EAP-Sim-KC1 = 0xa0a1a2a3a4a5a6a7,
EAP-Sim-KC2 = 0xb0b1b2b3b4b5b6b7,
EAP-Sim-KC3 = 0xc0c1c2c3c4c5c6c7,
#
# Please read the documentation file ../doc/processing_users_file,
# or 'man 5 users' (after installing the server) for more information.
#
# This file contains authentication security and configuration
# information for each user. Accounting requests are NOT processed
# through this file. Instead, see 'acct_users', in this directory.
#
# The first field is the user's name and can be up to
# 253 characters in length. This is followed (on the same line) with
# the list of authentication requirements for that user. This can
# include password, comm server name, comm server port number, protocol
# type (perhaps set by the "hints" file), and huntgroup name (set by
# the "huntgroups" file).
#
# If you are not sure why a particular reply is being sent by the
# server, then run the server in debugging mode (radiusd -X), and
# you will see which entries in this file are matched.
#
# When an authentication request is received from the comm server,
# these values are tested. Only the first match is used unless the
# "Fall-Through" variable is set to "Yes".
#
# A special user named "DEFAULT" matches on all usernames.
# You can have several DEFAULT entries. All entries are processed
# in the order they appear in this file. The first entry that
# matches the login-request will stop processing unless you use
# the Fall-Through variable.
#
# If you use the database support to turn this file into a .db or .dbm
# file, the DEFAULT entries _have_ to be at the end of this file and
# you can't have multiple entries for one username.
#
# You don't need to specify a password if you set Auth-Type += System
# on the list of authentication requirements. The RADIUS server
# will then check the system password file.
#
# Indented (with the tab character) lines following the first
# line indicate the configuration values to be passed back to
# the comm server to allow the initiation of a user session.
# This can include things like the PPP configuration values
# or the host to log the user onto.
#
# You can include another `users' file with `$INCLUDE users.other'
#
#
# For a list of RADIUS attributes, and links to their definitions,
# see:
#
# http://www.freeradius.org/rfc/attributes.html
#
@asb.com Auth-Type := Local, User-Password == "mypass@wd"
Framed-MTU = 3795,
3GPP2-Service-Option-Profile = 0x000000100104a501,
Fall-Through = Yes
myuser Auth-Type := Local, User-Password == "mypass@wd"
Session-Timeout = 3600,
Termination-Action = 1,
3GPP2-Service-Option-Profile = 0x000000100104a501,
Service-Flow-Descriptor = 0x000104008302040083040303050304060301070383080384,
QoS-Descriptor += 0x8001038304030206060001f4000c0302,
QoS-Descriptor += 0x000103840403020606000fa0000c0302,
Fall-Through = Yes
#VSA SF
#myuser Auth-Type := Local, User-Password == "mypass@wd"
# Session-Timeout = 3600,
# Termination-Action = 1,
# Class = 0x1234567890,
# User-Name = "accounting",
# Service-Flow-Descriptor += 0x800104111102041112040303050304060301070311080312,
# Service-Flow-Descriptor += 0x000104002302040003040303050301060301070304,
# QoS-Descriptor += 0x8001031104030206060007d0000c0302,
# QoS-Descriptor += 0x800103120403020606001f40000c0302,
# QoS-Descriptor += 0x0001030404030606060001d4c0070600015f900906000000140a06000000190c03010d040014
BE2048 Auth-Type := Local, User-Password == "mypass@wd"
Session-Timeout = 3600,
Termination-Action = 1,
Service-Flow-Descriptor = 0x000104008302040083040303050304060301070383080384,
QoS-Descriptor += 0x800103830403020606000F40000c0302,
QoS-Descriptor += 0x000103840403020606001F40000c0302
UGS1024 Auth-Type := Local, User-Password == "mypass@wd"
Session-Timeout = 3600,
Termination-Action = 1,
Service-Flow-Descriptor = 0x0001041111040303050304060301070311,
QoS-Descriptor += 0x000103110403060706000fa0000906000000140a06000000140c03010d040014
UGS3073 Auth-Type := Local, User-Password == "mypass@wd"
Session-Timeout = 3600,
Termination-Action = 1,
Service-Flow-Descriptor = 0x0001041111040303050304060301070312,
QoS-Descriptor += 0x000103120403060706002ee3e80906000000140a06000000140c03010d040014
BE_UGS Auth-Type := Local, User-Password == "mypass@wd"
Session-Timeout = 3600,
Termination-Action = 1,
Service-Flow-Descriptor += 0x800104008302040083040303050304060301070383080384,
Service-Flow-Descriptor += 0x0001041111040303050304060301070312,
QoS-Descriptor += 0x800103830403020606000F40000c0302,
QoS-Descriptor += 0x800103840403020606001F40000c0302,
QoS-Descriptor += 0x000103120403060706002ee3e80906000000140a06000000140c03010d040014
ERTVR Auth-Type := Local, User-Password == "mypass@wd"
Session-Timeout = 3600,
Termination-Action = 1,
Service-Flow-Descriptor = 0x0001041112040303050304060301070313080314,
QoS-Descriptor += 0x800103130403050503030606000fa00007060007d00009060000000a0a06000000140c03800d040014,
QoS-Descriptor += 0x000103140403050503030606002ee3e80706000fa00009060000000a0a06000000140c0380
ERTVR_BE Auth-Type := Local, User-Password == "mypass@wd"
Session-Timeout = 3600,
Termination-Action = 1,
Service-Flow-Descriptor += 0x8001041112040303050304060301070313080314,
Service-Flow-Descriptor += 0x000104008302040083040303050304060301070383080384,
QoS-Descriptor += 0x800103130403050503030606000fa00007060007d00009060000000a0a06000000140c03800d040014,
QoS-Descriptor += 0x800103140403050503030606002ee3e80706000fa00009060000000a0a06000000140c0380,
QoS-Descriptor += 0x800103830403020606000F40000c0302,
QoS-Descriptor += 0x000103840403020606001F40000c0302
ERTVR_UGS Auth-Type := Local, User-Password == "mypass@wd"
Session-Timeout = 3600,
Termination-Action = 1,
Service-Flow-Descriptor += 0x8001041112040303050304060301070313080314,
Service-Flow-Descriptor += 0x0001041111040303050304060301070312,
QoS-Descriptor += 0x800103130403050503030606000fa00007060007d00009060000000a0a06000000140c03800d040014,
QoS-Descriptor += 0x800103140403050503030606002ee3e80706000fa00009060000000a0a06000000140c0380,
QoS-Descriptor += 0x000103120403060706002ee3e80906000000140a06000000140c03010d040014
UGS_ERTVR Auth-Type := Local, User-Password == "mypass@wd"
Session-Timeout = 3600,
Termination-Action = 1,
Service-Flow-Descriptor += 0x8001041111040303050304060301070312,
Service-Flow-Descriptor += 0x0001041112040303050304060301070313080314,
QoS-Descriptor += 0x800103120403060706000fa0000906000000140a06000000140c03010d040014,
QoS-Descriptor += 0x800103130403050503030606000fa00007060007d00009060000000a0a06000000140c03800d040014,
QoS-Descriptor += 0x000103140403050503030606002ee3e80706000fa00009060000000a0a06000000140c0380
ERTVR_UGS2 Auth-Type := Local, User-Password == "mypass@wd"
Session-Timeout = 3600,
Termination-Action = 1,
Service-Flow-Descriptor += 0x8001041112040303050304060301070313080314,
Service-Flow-Descriptor += 0x0001041111040303050304060301070312,
QoS-Descriptor += 0x800103130403050503030606000fa00007060007d00009060000000a0a06000000140c03800d040014,
QoS-Descriptor += 0x800103140403050503030606002ee3e80706000fa00009060000000a0a06000000140c0380,
QoS-Descriptor += 0x000103120403060706002ee3e80906000000140a06000000140c03010d040014
ERTVR_UGS1 Auth-Type := Local, User-Password == "mypass@wd"
Session-Timeout = 3600,
Termination-Action = 1,
Service-Flow-Descriptor += 0x8001041112040303050304060301070313080314,
Service-Flow-Descriptor += 0x0001041111040303050304060301070311,
QoS-Descriptor += 0x800103130403050503030606000fa00007060007d00009060000000a0a06000000140c03800d040014,
QoS-Descriptor += 0x800103140403050503030606002ee3e80706000fa00009060000000a0a06000000140c0380,
QoS-Descriptor += 0x000103110403060706000fa0000906000000140a06000000140c03010d040014
NRTVR Auth-Type := Local, User-Password == "mypass@wd"
Session-Timeout = 3600,
Termination-Action = 1,
Service-Flow-Descriptor += 0x0001041112040303050304060301070313080314,
QoS-Descriptor += 0x8001031304030305030107060003e8000c0382,
QoS-Descriptor += 0x0001031404030305030107060007d0000c0382
NRTVR1 Auth-Type := Local, User-Password == "mypass@wd"
Session-Timeout = 3600,
Termination-Action = 1,
Service-Flow-Descriptor = 0x0001041112040303050304060301070313080314,
QoS-Descriptor += 0x8001031304030305030106060007d00007060007d0000c0382,
QoS-Descriptor += 0x000103140403030503010606000fa0000706000fa0000c0382
NRTVR_UGS Auth-Type := Local, User-Password == "mypass@wd"
Session-Timeout = 3600,
Termination-Action = 1,
Service-Flow-Descriptor += 0x8001041112040303050304060301070313080314,
Service-Flow-Descriptor += 0x0001041111040303050304060301070312,
QoS-Descriptor += 0x8001031304030305030106060007d00007060007d0000c0382,
QoS-Descriptor += 0x800103140403030503010606000fa0000706000fa0000c0382,
QoS-Descriptor += 0x000103120403060706002ee3e80906000000140a06000000140c03010d040014
NRTVR_BE Auth-Type := Local, User-Password == "mypass@wd"
Session-Timeout = 3600,
Termination-Action = 1,
Service-Flow-Descriptor += 0x8001041112040303050304060301070313080314,
Service-Flow-Descriptor += 0x000104008302040083040303050304060301070383080384,
QoS-Descriptor += 0x8001031304030305030106060007d00007060007d0000c0382,
QoS-Descriptor += 0x800103140403030503010606000fa0000706000fa0000c0382,
QoS-Descriptor += 0x800103830403020606000F40000c0302,
QoS-Descriptor += 0x000103840403020606001F40000c0302
NRTVR_UGS1 Auth-Type := Local, User-Password == "mypass@wd"
Session-Timeout = 3600,
Termination-Action = 1,
Service-Flow-Descriptor += 0x8001041112040303050304060301070313080314,
Service-Flow-Descriptor += 0x0001041111040303050304060301070311,
QoS-Descriptor += 0x8001031304030305030106060007d00007060007d0000c0382,
QoS-Descriptor += 0x800103140403030503010606000fa0000706000fa0000c0382,
QoS-Descriptor += 0x000103110403060706000fa0000906000000140a06000000140c03010d040014
RTVR Auth-Type := Local, User-Password == "mypass@wd"
Session-Timeout = 3600,
Termination-Action = 1,
Service-Flow-Descriptor = 0x0001041112040303050304060301070313080314,
QoS-Descriptor += 0x800103130403040503020606000FA00007060007d0000a06000000640c03810f040032,
QoS-Descriptor += 0x000103140403040503020606001f40000706000fa0000a06000000640c0381
RTVR_BE Auth-Type := Local, User-Password == "mypass@wd"
Session-Timeout = 3600,
Termination-Action = 1,
Service-Flow-Descriptor += 0x8001041112040303050304060301070313080314,
Service-Flow-Descriptor += 0x000104008302040083040303050304060301070383080384,
QoS-Descriptor += 0x800103130403040503020606000FA00007060007d0000a06000000640c03810f040032,
QoS-Descriptor += 0x800103140403040503020606001f40000706000fa0000a06000000640c0381,
QoS-Descriptor += 0x800103830403020606000F40000c0302,
QoS-Descriptor += 0x000103840403020606001F40000c0302
RTVR_UGS1 Auth-Type := Local, User-Password == "mypass@wd"
Session-Timeout = 3600,
Termination-Action = 1,
Service-Flow-Descriptor += 0x8001041112040303050304060301070313080314,
Service-Flow-Descriptor += 0x0001041111040303050304060301070311,
QoS-Descriptor += 0x800103130403040503020606000FA00007060007d0000a06000000640c03810f040032,
QoS-Descriptor += 0x800103140403040503020606001f40000706000fa0000a06000000640c0381,
QoS-Descriptor += 0x800103140403030503010606000fa0000706000fa0000c0382,
QoS-Descriptor += 0x000103110403060706000fa0000906000000140a06000000140c03010d040014
#
# Deny access for a specific user. Note that this entry MUST
# be before any other 'Auth-Type' attribute which results in the user
# being authenticated.
#
# Note that there is NO 'Fall-Through' attribute, so the user will not
# be given any additional resources.
#
#lameuser Auth-Type := Reject
# Reply-Message = "Your account has been disabled."
#
# Deny access for a group of users.
#
# Note that there is NO 'Fall-Through' attribute, so the user will not
# be given any additional resources.
#
#DEFAULT Group == "disabled", Auth-Type := Reject
# Reply-Message = "Your account has been disabled."
#
#
# This is a complete entry for "steve". Note that there is no Fall-Through
# entry so that no DEFAULT entry will be used, and the user will NOT
# get any attributes in addition to the ones listed here.
#
#steve Auth-Type := Local, User-Password == "testing"
# Service-Type = Framed-User,
# Framed-Protocol = PPP,
# Framed-IP-Address = 172.16.3.33,
# Framed-IP-Netmask = 255.255.255.0,
# Framed-Routing = Broadcast-Listen,
# Framed-Filter-Id = "std.ppp",
# Framed-MTU = 1500,
# Framed-Compression = Van-Jacobsen-TCP-IP
#
# This is an entry for a user with a space in their name.
# Note the double quotes surrounding the name.
#
#"John Doe" Auth-Type := Local, User-Password == "hello"
# Reply-Message = "Hello, %u"
#
# Dial user back and telnet to the default host for that port
#
#Deg Auth-Type := Local, User-Password == "ge55ged"
# Service-Type = Callback-Login-User,
# Login-IP-Host = 0.0.0.0,
# Callback-Number = "9,5551212",
# Login-Service = Telnet,
# Login-TCP-Port = Telnet
#
# Another complete entry. After the user "dialbk" has logged in, the
# connection will be broken and the user will be dialed back after which
# he will get a connection to the host "timeshare1".
#
#dialbk Auth-Type := Local, User-Password == "callme"
# Service-Type = Callback-Login-User,
# Login-IP-Host = timeshare1,
# Login-Service = PortMaster,
# Callback-Number = "9,1-800-555-1212"
#
# user "swilson" will only get a static IP number if he logs in with
# a framed protocol on a terminal server in Alphen (see the huntgroups file).
#
# Note that by setting "Fall-Through", other attributes will be added from
# the following DEFAULT entries
#
#swilson Service-Type == Framed-User, Huntgroup-Name == "alphen"
# Framed-IP-Address = 192.168.1.65,
# Fall-Through = Yes
#
# If the user logs in as 'username.shell', then authenticate them
# against the system database, give them shell access, and stop processing
# the rest of the file.
#
#DEFAULT Suffix == ".shell", Auth-Type := System
# Service-Type = Login-User,
# Login-Service = Telnet,
# Login-IP-Host = your.shell.machine
#
# The rest of this file contains the several DEFAULT entries.
# DEFAULT entries match with all login names.
# Note that DEFAULT entries can also Fall-Through (see first entry).
# A name-value pair from a DEFAULT entry will _NEVER_ override
# an already existing name-value pair.
#
#
# First setup all accounts to be checked against the UNIX /etc/passwd.
# (Unless a password was already given earlier in this file).
#
DEFAULT Auth-Type = Local
# 3GPP2-Service-Option-Profile = 0x000000020104800101048101,
# 3GPP2-Service-Option-Profile = 0x000000100104800101048801010490010104A0010104A8010104B0010104C0010104800101048801010490010104A0010104A8010104B0010104C0010104800101048801,
# Session-Timeout = 3600,
# Termination-Action = 1
# Fall-Through = 1
#
# Set up different IP address pools for the terminal servers.
# Note that the "+" behind the IP address means that this is the "base"
# IP address. The Port-Id (S0, S1 etc) will be added to it.
#
#DEFAULT Service-Type == Framed-User, Huntgroup-Name == "alphen"
# Framed-IP-Address = 192.168.1.32+,
# Fall-Through = Yes
#DEFAULT Service-Type == Framed-User, Huntgroup-Name == "delft"
# Framed-IP-Address = 192.168.2.32+,
# Fall-Through = Yes
#
# Defaults for all framed connections.
#
#DEFAULT Service-Type == Framed-User
# Framed-IP-Address = 255.255.255.254,
# Framed-MTU = 576,
# Service-Type = Framed-User,
# Fall-Through = Yes
#
# Default for PPP: dynamic IP address, PPP mode, VJ-compression.
# NOTE: we do not use Hint = "PPP", since PPP might also be auto-detected
# by the terminal server in which case there may not be a "P" suffix.
# The terminal server sends "Framed-Protocol = PPP" for auto PPP.
#
#DEFAULT Framed-Protocol == PPP
# Framed-Protocol = PPP,
# Framed-Compression = Van-Jacobson-TCP-IP
#
# Default for CSLIP: dynamic IP address, SLIP mode, VJ-compression.
#
#DEFAULT Hint == "CSLIP"
# Framed-Protocol = SLIP,
# Framed-Compression = Van-Jacobson-TCP-IP
#
# Default for SLIP: dynamic IP address, SLIP mode.
#
#DEFAULT Hint == "SLIP"
# Framed-Protocol = SLIP
#
# Last default: rlogin to our main server.
#
#DEFAULT
# Service-Type = Login-User,
# Login-Service = Rlogin,
# Login-IP-Host = shellbox.ispdomain.com
# #
# # Last default: shell on the local terminal server.
# #
# DEFAULT
# Service-Type = Shell-User
# On no match, the user is denied access.
Starting FreeRADIUS:Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/proxy.conf
Config: including file: /udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/clients.conf
Config: including file: /udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/snmp.conf
Config: including file: /udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/eap.conf
Config: including file: /udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/sql.conf
main: prefix = "/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0/"
main: localstatedir = "/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//var"
main: logdir = "/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//var/log/radius"
main: libdir = "/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//lib"
main: radacctdir = "/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//var/log/radius/radacct"
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = "/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//var/log/radius/radius.log"
main: log_auth = yes
main: log_auth_badpass = yes
main: log_auth_goodpass = yes
main: pidfile = "/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//var/run/radiusd/radiusd.pid"
main: user = "(null)"
main: group = "(null)"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: checkrad = "/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//sbin/checkrad"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = no
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0/lib
Module: Loaded exec
exec: wait = yes
exec: program = "(null)"
exec: input_pairs = "request"
exec: output_pairs = "(null)"
exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = "crypt"
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: with_ntdomain_hack = no
mschap: passwd = "(null)"
mschap: authtype = "MS-CHAP"
mschap: ntlm_auth = "(null)"
Module: Instantiated mschap (mschap)
Module: Loaded System
unix: cache = no
unix: passwd = "(null)"
unix: shadow = "(null)"
unix: group = "(null)"
unix: radwtmp = "/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//var/log/radius/radwtmp"
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
eap: default_eap_type = "ttls"
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
tls: rsa_key_exchange = no
tls: dh_key_exchange = yes
tls: rsa_key_length = 512
tls: dh_key_length = 512
tls: verify_depth = 0
tls: CA_path = "(null)"
tls: pem_file_type = yes
tls: private_key_file = "/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/certs/NEW/server-key.pem"
tls: certificate_file = "/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/certs/NEW/server.pem"
tls: CA_file = "/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/certs/NEW/ca-cert.pem"
tls: private_key_password = "asb#1234"
tls: dh_file = "/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/certs/NEW/dh"
tls: random_file = "/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/certs/NEW/random"
tls: fragment_size = 182
tls: include_length = yes
tls: check_crl = yes
tls: check_cert_cn = "(null)"
rlm_eap_tls: Loading the certificate file as a chain
rlm_eap: Loaded and initialized type tls
ttls: default_eap_type = "mschapv2"
ttls: copy_request_to_tunnel = yes
ttls: use_tunneled_reply = yes
rlm_eap: Loaded and initialized type ttls
rlm_eap: Loaded and initialized type sim
mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
preprocess: huntgroups = "/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/huntgroups"
preprocess: hints = "/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
realm: ignore_default = no
realm: ignore_null = no
Module: Instantiated realm (suffix)
Module: Loaded files
files: usersfile = "/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/users"
files: acctusersfile = "/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/acct_users"
files: preproxy_usersfile = "/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/preproxy_users"
files: compat = "no"
[/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/users]:1 WARNING! Check item "EAP-Sim-Rand1" ?found in reply item list for user "1232420100000015". ?This attribute MUST go on the first line with the other check items
[/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/users]:1 WARNING! Check item "EAP-Sim-SRES1" ?found in reply item list for user "1232420100000015". ?This attribute MUST go on the first line with the other check items
[/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/users]:1 WARNING! Check item "EAP-Sim-KC1" ?found in reply item list for user "1232420100000015". ?This attribute MUST go on the first line with the other check items
[/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/users]:1 WARNING! Check item "EAP-Sim-Rand2" ?found in reply item list for user "1232420100000015". ?This attribute MUST go on the first line with the other check items
[/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/users]:1 WARNING! Check item "EAP-Sim-SRES2" ?found in reply item list for user "1232420100000015". ?This attribute MUST go on the first line with the other check items
[/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/users]:1 WARNING! Check item "EAP-Sim-KC2" ?found in reply item list for user "1232420100000015". ?This attribute MUST go on the first line with the other check items
[/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/users]:1 WARNING! Check item "EAP-Sim-Rand3" ?found in reply item list for user "1232420100000015". ?This attribute MUST go on the first line with the other check items
[/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/users]:1 WARNING! Check item "EAP-Sim-SRES3" ?found in reply item list for user "1232420100000015". ?This attribute MUST go on the first line with the other check items
[/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/users]:1 WARNING! Check item "EAP-Sim-KC3" ?found in reply item list for user "1232420100000015". ?This attribute MUST go on the first line with the other check items
[/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/users]:13 WARNING! Check item "EAP-Sim-Rand1" ?found in reply item list for user "2244070100000001@japsim.foo". ?This attribute MUST go on the first line with the other check items
[/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/users]:13 WARNING! Check item "EAP-Sim-SRES1" ?found in reply item list for user "2244070100000001@japsim.foo". ?This attribute MUST go on the first line with the other check items
[/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/users]:13 WARNING! Check item "EAP-Sim-Rand2" ?found in reply item list for user "2244070100000001@japsim.foo". ?This attribute MUST go on the first line with the other check items
[/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/users]:13 WARNING! Check item "EAP-Sim-SRES2" ?found in reply item list for user "2244070100000001@japsim.foo". ?This attribute MUST go on the first line with the other check items
[/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/users]:13 WARNING! Check item "EAP-Sim-Rand3" ?found in reply item list for user "2244070100000001@japsim.foo". ?This attribute MUST go on the first line with the other check items
[/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/users]:13 WARNING! Check item "EAP-Sim-SRES3" ?found in reply item list for user "2244070100000001@japsim.foo". ?This attribute MUST go on the first line with the other check items
[/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/users]:13 WARNING! Check item "EAP-Sim-KC1" ?found in reply item list for user "2244070100000001@japsim.foo". ?This attribute MUST go on the first line with the other check items
[/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/users]:13 WARNING! Check item "EAP-Sim-KC2" ?found in reply item list for user "2244070100000001@japsim.foo". ?This attribute MUST go on the first line with the other check items
[/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//etc/raddb/users]:13 WARNING! Check item "EAP-Sim-KC3" ?found in reply item list for user "2244070100000001@japsim.foo". ?This attribute MUST go on the first line with the other check items
Module: Instantiated files (files)
Module: Loaded Acct-Unique-Session-Id
acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded detail
detail: detailfile = "/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename = "/udir/delivery_a0028/wacsim_trunk/scripts/services/freeradius-1.1.0//var/log/radius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: case_sensitive = yes
radutmp: check_with_nas = yes
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1:32786, id=69, length=166
User-Name = "anonymous@asb.com"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Called-Station-Id = "00-00-00-00-00-00:"
Calling-Station-Id = "00-19-CB-25-41-48"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11"
EAP-Message = 0x0204001601616e6f6e796d6f7573406173622e636f6d
Message-Authenticator = 0x2b24e64f40180ce3a8389adeb7627bcc
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
rlm_realm: Looking up realm "asb.com" for User-Name = "anonymous@asb.com"
rlm_realm: Found realm "asb.com"
rlm_realm: Adding Stripped-User-Name = "anonymous"
rlm_realm: Proxying request from user anonymous to realm asb.com
rlm_realm: Adding Realm = "asb.com"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: EAP packet type response id 4 length 22
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 0
users: Matched entry DEFAULT at line 364
modcall[authorize]: module "files" returns ok for request 0
modcall: leaving group authorize (returns updated) for request 0
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
modcall[authenticate]: module "eap" returns handled for request 0
modcall: leaving group authenticate (returns handled) for request 0
Sending Access-Challenge of id 69 to 127.0.0.1 port 32786
EAP-Message = 0x010500061520
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x4473f165bde2f06e86f39b720461ff83
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 127.0.0.1:32786, id=70, length=270
User-Name = "anonymous@asb.com"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Called-Station-Id = "00-00-00-00-00-00:"
Calling-Station-Id = "00-19-CB-25-41-48"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11"
EAP-Message = 0x0205006c150016030100610100005d0301477e39b8c63cc7e201c69382730c9cba869ecbfdd714d3468eab30dc6f1e781e00003600390038003500160013000a00330032002f0007006600050004006300620061001500120009006500640060001400110008000600030100
State = 0x4473f165bde2f06e86f39b720461ff83
Message-Authenticator = 0xaf5d8199a47ab02fa02988ea05bc2703
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
modcall[authorize]: module "preprocess" returns ok for request 1
modcall[authorize]: module "chap" returns noop for request 1
modcall[authorize]: module "mschap" returns noop for request 1
rlm_realm: Looking up realm "asb.com" for User-Name = "anonymous@asb.com"
rlm_realm: Found realm "asb.com"
rlm_realm: Adding Stripped-User-Name = "anonymous"
rlm_realm: Proxying request from user anonymous to realm asb.com
rlm_realm: Adding Realm = "asb.com"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 1
rlm_eap: EAP packet type response id 5 length 108
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 1
users: Matched entry DEFAULT at line 364
modcall[authorize]: module "files" returns ok for request 1
modcall: leaving group authorize (returns updated) for request 1
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 1
rlm_eap: Request found, released from the list
rlm_eap: EAP/ttls
rlm_eap: processing type ttls
rlm_eap_ttls: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
(other): before/accept initialization
TLS_accept: before/accept initialization
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0061], ClientHello
TLS_accept: SSLv3 read client hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
TLS_accept: SSLv3 write server hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0438], Certificate
TLS_accept: SSLv3 write certificate A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 010d], ServerKeyExchange
TLS_accept: SSLv3 write key exchange A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
TLS_accept: SSLv3 write server done A
TLS_accept: SSLv3 flush data
TLS_accept:error in SSLv3 read client certificate A
In SSL Handshake Phase
In SSL Accept mode
eaptls_process returned 13
modcall[authenticate]: module "eap" returns handled for request 1
modcall: leaving group authenticate (returns handled) for request 1
Sending Access-Challenge of id 70 to 127.0.0.1 port 32786
EAP-Message = 0x010600c015c0000005a7160301004a020000460301477e638dc3d08c54c67bfcfc88d5dbe908fe05d1c4ddcb3992a6a83dc6d827a92094e26210b746f5de41fa77b98e89f7cf3cc70523b97a4f494e666e841ab1a02900390016030104380b000434000431000218308202143082017d020105300d06092a864886f70d01010405003050310b3009060355040613026368310b3009060355040813027368310b3009060355040713027368310c300a060355040a1303617362310c300a060355
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xcb1fd3b40b0e41184c9466863c87d499
Finished request 1
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 127.0.0.1:32786, id=71, length=168
User-Name = "anonymous@asb.com"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Called-Station-Id = "00-00-00-00-00-00:"
Calling-Station-Id = "00-19-CB-25-41-48"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11"
EAP-Message = 0x020600061500
State = 0xcb1fd3b40b0e41184c9466863c87d499
Message-Authenticator = 0xc5458ec254879ab785493f6544689e6d
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
modcall[authorize]: module "preprocess" returns ok for request 2
modcall[authorize]: module "chap" returns noop for request 2
modcall[authorize]: module "mschap" returns noop for request 2
rlm_realm: Looking up realm "asb.com" for User-Name = "anonymous@asb.com"
rlm_realm: Found realm "asb.com"
rlm_realm: Adding Stripped-User-Name = "anonymous"
rlm_realm: Proxying request from user anonymous to realm asb.com
rlm_realm: Adding Realm = "asb.com"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 2
rlm_eap: EAP packet type response id 6 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 2
users: Matched entry DEFAULT at line 364
modcall[authorize]: module "files" returns ok for request 2
modcall: leaving group authorize (returns updated) for request 2
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 2
rlm_eap: Request found, released from the list
rlm_eap: EAP/ttls
rlm_eap: processing type ttls
rlm_eap_ttls: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
modcall[authenticate]: module "eap" returns handled for request 2
modcall: leaving group authenticate (returns handled) for request 2
Sending Access-Challenge of id 71 to 127.0.0.1 port 32786
EAP-Message = 0x010700c015c0000005a7040b1303726472310b3009060355040313026361301e170d3037313131393038303533305a170d3038313131383038303533305a3055310b3009060355040613026368310b3009060355040813027368310b3009060355040713027368310c300a060355040a1303617362310c300a060355040b13037264723110300e060355040313076173622e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100b0634f379d38220d960a6f7c80ab
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x5926273ffc1950526eeead76972c4ad8
Finished request 2
Going to the next request
--- Walking the entire request list ---
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 127.0.0.1:32786, id=72, length=168
User-Name = "anonymous@asb.com"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Called-Station-Id = "00-00-00-00-00-00:"
Calling-Station-Id = "00-19-CB-25-41-48"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11"
EAP-Message = 0x020700061500
State = 0x5926273ffc1950526eeead76972c4ad8
Message-Authenticator = 0xd4f6dc25f52dac87219d979d256bfce7
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 3
modcall[authorize]: module "preprocess" returns ok for request 3
modcall[authorize]: module "chap" returns noop for request 3
modcall[authorize]: module "mschap" returns noop for request 3
rlm_realm: Looking up realm "asb.com" for User-Name = "anonymous@asb.com"
rlm_realm: Found realm "asb.com"
rlm_realm: Adding Stripped-User-Name = "anonymous"
rlm_realm: Proxying request from user anonymous to realm asb.com
rlm_realm: Adding Realm = "asb.com"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 3
rlm_eap: EAP packet type response id 7 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 3
users: Matched entry DEFAULT at line 364
modcall[authorize]: module "files" returns ok for request 3
modcall: leaving group authorize (returns updated) for request 3
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 3
rlm_eap: Request found, released from the list
rlm_eap: EAP/ttls
rlm_eap: processing type ttls
rlm_eap_ttls: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
modcall[authenticate]: module "eap" returns handled for request 3
modcall: leaving group authenticate (returns handled) for request 3
Sending Access-Challenge of id 72 to 127.0.0.1 port 32786
EAP-Message = 0x010800c015c0000005a7d51a2b7a9cac830613ec665fae7c1ca6215b60ea222142e7c6832c6d344dae7bc5cc3385db768824fbc63c93bfe9c79af932248380799e7f7bbb1ad953ac64adf590f2af0d02a5440e7a67769c92fcb74b4e20cb6776513eb13297599961c1be81ec0c6633ef709da026e96feebe5d0ab5e70203010001300d06092a864886f70d01010405000381810069e6b80739a38b06b15a28ace28510b0fc9a26d291c4b9ab9102bc349827197bce7bf4d3bca49e5a5bc61da2
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x25f10409f43b176fc2751aea322149f9
Finished request 3
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 127.0.0.1:32786, id=73, length=168
User-Name = "anonymous@asb.com"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Called-Station-Id = "00-00-00-00-00-00:"
Calling-Station-Id = "00-19-CB-25-41-48"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11"
EAP-Message = 0x020800061500
State = 0x25f10409f43b176fc2751aea322149f9
Message-Authenticator = 0xd29e0dee4b84c8bad15f290de471446c
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 4
modcall[authorize]: module "preprocess" returns ok for request 4
modcall[authorize]: module "chap" returns noop for request 4
modcall[authorize]: module "mschap" returns noop for request 4
rlm_realm: Looking up realm "asb.com" for User-Name = "anonymous@asb.com"
rlm_realm: Found realm "asb.com"
rlm_realm: Adding Stripped-User-Name = "anonymous"
rlm_realm: Proxying request from user anonymous to realm asb.com
rlm_realm: Adding Realm = "asb.com"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 4
rlm_eap: EAP packet type response id 8 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 4
users: Matched entry DEFAULT at line 364
modcall[authorize]: module "files" returns ok for request 4
modcall: leaving group authorize (returns updated) for request 4
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 4
rlm_eap: Request found, released from the list
rlm_eap: EAP/ttls
rlm_eap: processing type ttls
rlm_eap_ttls: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
modcall[authenticate]: module "eap" returns handled for request 4
modcall: leaving group authenticate (returns handled) for request 4
Sending Access-Challenge of id 73 to 127.0.0.1 port 32786
EAP-Message = 0x010900c015c0000005a7b1d9f96e504a469deaf4cf1d915b844f8506ccdd9e995654aafca0e93598b19ab21667ecb40617b4a0e80816a89e3924aeb0c53d93dad0a14e8c678197708ad92f1769673a4499d5ec811a090253bf18df6dd5b50002133082020f30820178020100300d06092a864886f70d01010405003050310b3009060355040613026368310b3009060355040813027368310b3009060355040713027368310c300a060355040a1303617362310c300a060355040b1303726472
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x0e75064e0d6c11d5a0ae6976136159da
Finished request 4
Going to the next request
--- Walking the entire request list ---
Waking up in 4 seconds...
rad_recv: Access-Request packet from host 127.0.0.1:32786, id=74, length=168
User-Name = "anonymous@asb.com"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Called-Station-Id = "00-00-00-00-00-00:"
Calling-Station-Id = "00-19-CB-25-41-48"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11"
EAP-Message = 0x020900061500
State = 0x0e75064e0d6c11d5a0ae6976136159da
Message-Authenticator = 0x2d93a0668c331c02120742cc54a6486d
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 5
modcall[authorize]: module "preprocess" returns ok for request 5
modcall[authorize]: module "chap" returns noop for request 5
modcall[authorize]: module "mschap" returns noop for request 5
rlm_realm: Looking up realm "asb.com" for User-Name = "anonymous@asb.com"
rlm_realm: Found realm "asb.com"
rlm_realm: Adding Stripped-User-Name = "anonymous"
rlm_realm: Proxying request from user anonymous to realm asb.com
rlm_realm: Adding Realm = "asb.com"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 5
rlm_eap: EAP packet type response id 9 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 5
users: Matched entry DEFAULT at line 364
modcall[authorize]: module "files" returns ok for request 5
modcall: leaving group authorize (returns updated) for request 5
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 5
rlm_eap: Request found, released from the list
rlm_eap: EAP/ttls
rlm_eap: processing type ttls
rlm_eap_ttls: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
modcall[authenticate]: module "eap" returns handled for request 5
modcall: leaving group authenticate (returns handled) for request 5
Sending Access-Challenge of id 74 to 127.0.0.1 port 32786
EAP-Message = 0x010a00c015c0000005a7310b3009060355040313026361301e170d3037313131393038303433315a170d3038313131383038303433315a3050310b3009060355040613026368310b3009060355040813027368310b3009060355040713027368310c300a060355040a1303617362310c300a060355040b1303726472310b300906035504031302636130819f300d06092a864886f70d010101050003818d0030818902818100dc70ad4fc5351431abb49e7f58f1d25e90634ea6dcb7f5f440ac
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x85d9bf031ac37af829e4b10b3fab2b4d
Finished request 5
Going to the next request
--- Walking the entire request list ---
Waking up in 3 seconds...
rad_recv: Access-Request packet from host 127.0.0.1:32786, id=75, length=168
User-Name = "anonymous@asb.com"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Called-Station-Id = "00-00-00-00-00-00:"
Calling-Station-Id = "00-19-CB-25-41-48"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11"
EAP-Message = 0x020a00061500
State = 0x85d9bf031ac37af829e4b10b3fab2b4d
Message-Authenticator = 0x1a8ada11fd59991f82e476872e6696a8
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 6
modcall[authorize]: module "preprocess" returns ok for request 6
modcall[authorize]: module "chap" returns noop for request 6
modcall[authorize]: module "mschap" returns noop for request 6
rlm_realm: Looking up realm "asb.com" for User-Name = "anonymous@asb.com"
rlm_realm: Found realm "asb.com"
rlm_realm: Adding Stripped-User-Name = "anonymous"
rlm_realm: Proxying request from user anonymous to realm asb.com
rlm_realm: Adding Realm = "asb.com"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 6
rlm_eap: EAP packet type response id 10 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 6
users: Matched entry DEFAULT at line 364
modcall[authorize]: module "files" returns ok for request 6
modcall: leaving group authorize (returns updated) for request 6
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 6
rlm_eap: Request found, released from the list
rlm_eap: EAP/ttls
rlm_eap: processing type ttls
rlm_eap_ttls: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
modcall[authenticate]: module "eap" returns handled for request 6
modcall: leaving group authenticate (returns handled) for request 6
Sending Access-Challenge of id 75 to 127.0.0.1 port 32786
EAP-Message = 0x010b00c015c0000005a72059ccb4d5b47a0c6c1c62014d96c48cb295344fa36bea1dfeb171dab4aa2238087937ac41e513c49af623af2ab3170628cb1d954fdc4587171caae000e325620f5d35aee55712d8f28af71e1be41bed4970bc00c4320a3208bae1762d816730040ada827c0d0203010001300d06092a864886f70d010104050003818100321f6dace1aa2f6e55d16f64eb6363393119b3da5c41a7127c7b46e0931d115b6ecb9f52a33868ab8e969dc418740767936cb9f9da02837b
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x6474aa5ce39e329c5e505ed597fed28c
Finished request 6
Going to the next request
Waking up in 3 seconds...
rad_recv: Access-Request packet from host 127.0.0.1:32786, id=76, length=168
User-Name = "anonymous@asb.com"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Called-Station-Id = "00-00-00-00-00-00:"
Calling-Station-Id = "00-19-CB-25-41-48"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11"
EAP-Message = 0x020b00061500
State = 0x6474aa5ce39e329c5e505ed597fed28c
Message-Authenticator = 0xcb76b7dc8c4bddc2b6a055f96753df26
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 7
modcall[authorize]: module "preprocess" returns ok for request 7
modcall[authorize]: module "chap" returns noop for request 7
modcall[authorize]: module "mschap" returns noop for request 7
rlm_realm: Looking up realm "asb.com" for User-Name = "anonymous@asb.com"
rlm_realm: Found realm "asb.com"
rlm_realm: Adding Stripped-User-Name = "anonymous"
rlm_realm: Proxying request from user anonymous to realm asb.com
rlm_realm: Adding Realm = "asb.com"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 7
rlm_eap: EAP packet type response id 11 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 7
users: Matched entry DEFAULT at line 364
modcall[authorize]: module "files" returns ok for request 7
modcall: leaving group authorize (returns updated) for request 7
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 7
rlm_eap: Request found, released from the list
rlm_eap: EAP/ttls
rlm_eap: processing type ttls
rlm_eap_ttls: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
modcall[authenticate]: module "eap" returns handled for request 7
modcall: leaving group authenticate (returns handled) for request 7
Sending Access-Challenge of id 76 to 127.0.0.1 port 32786
EAP-Message = 0x010c00c015c0000005a7868ba824fcad2df8fe3a2fe5cff8dac483603ce312e0218bb93681b208d15fe55ac185416d56696c75d5dd0d8981f3b49962b3b23608fd7010e0ccd32501a7240ec82973066c7332160301010d0c0001090040ea491ab5e523f0f500b96463241287517f2ef085934a4977d6d7484bdfd4dadf7eb552b0e7e3154925eea5c6ad362d72e39a694dfaf9a0bc58dc18aa0e638f0b00010200407b77f80987d912518fc8c24f5ac1f2ca4e7ab9942e9165e114d7b6fa6f16
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xc801b913805dda2ee571901e688e5516
Finished request 7
Going to the next request
--- Walking the entire request list ---
Waking up in 2 seconds...
rad_recv: Access-Request packet from host 127.0.0.1:32786, id=77, length=168
User-Name = "anonymous@asb.com"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Called-Station-Id = "00-00-00-00-00-00:"
Calling-Station-Id = "00-19-CB-25-41-48"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11"
EAP-Message = 0x020c00061500
State = 0xc801b913805dda2ee571901e688e5516
Message-Authenticator = 0x5135fa44d09a20dc384811824e8bcb25
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 8
modcall[authorize]: module "preprocess" returns ok for request 8
modcall[authorize]: module "chap" returns noop for request 8
modcall[authorize]: module "mschap" returns noop for request 8
rlm_realm: Looking up realm "asb.com" for User-Name = "anonymous@asb.com"
rlm_realm: Found realm "asb.com"
rlm_realm: Adding Stripped-User-Name = "anonymous"
rlm_realm: Proxying request from user anonymous to realm asb.com
rlm_realm: Adding Realm = "asb.com"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 8
rlm_eap: EAP packet type response id 12 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 8
users: Matched entry DEFAULT at line 364
modcall[authorize]: module "files" returns ok for request 8
modcall: leaving group authorize (returns updated) for request 8
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 8
rlm_eap: Request found, released from the list
rlm_eap: EAP/ttls
rlm_eap: processing type ttls
rlm_eap_ttls: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
modcall[authenticate]: module "eap" returns handled for request 8
modcall: leaving group authenticate (returns handled) for request 8
Sending Access-Challenge of id 77 to 127.0.0.1 port 32786
EAP-Message = 0x010d00b71580000005a789a86b5812ed53268dc13d2f50b02a80589292a0f4cd1f5caa0b364859a3a613d83000806bacb656451357f8df8a0f7a5afa639655cdd237bce55e6f400638bd8b0507f1ea7aef1c5cd62700703af3c574e966ce9a5467089a0fdf9b2db90ac64d971db6a5b133c4a00d0c7a0c086b104abe502f7612c129a96e2d9d108cb26a7110c22c9c47ea5f8bd2b86bea2ca0cf98d6a1f408f8acca2af4ee01e98a8d2521c8482c16030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xe8f9c88c05cd57b58e248bab993fb827
Finished request 8
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
rad_recv: Access-Request packet from host 127.0.0.1:32786, id=78, length=302
User-Name = "anonymous@asb.com"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Called-Station-Id = "00-00-00-00-00-00:"
Calling-Station-Id = "00-19-CB-25-41-48"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11"
EAP-Message = 0x020d008c1500160301004610000042004089e27fb507ada583c0d186a04e94a420ccdfb84540ff462d40926363ae6b844a81e76954153c28dc91aaacd9ac1abba9aed586db89288f9baa9ba4a50b5d8933140301000101160301003060a126ef0653d72e1ce033a159076884a14dc448e72f3d658b7920d869612ecce85ba760db61719dd660a9649a0623e8
State = 0xe8f9c88c05cd57b58e248bab993fb827
Message-Authenticator = 0x4fc5ca515358e01613c0ce1bf12a333a
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 9
modcall[authorize]: module "preprocess" returns ok for request 9
modcall[authorize]: module "chap" returns noop for request 9
modcall[authorize]: module "mschap" returns noop for request 9
rlm_realm: Looking up realm "asb.com" for User-Name = "anonymous@asb.com"
rlm_realm: Found realm "asb.com"
rlm_realm: Adding Stripped-User-Name = "anonymous"
rlm_realm: Proxying request from user anonymous to realm asb.com
rlm_realm: Adding Realm = "asb.com"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 9
rlm_eap: EAP packet type response id 13 length 140
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 9
users: Matched entry DEFAULT at line 364
modcall[authorize]: module "files" returns ok for request 9
modcall: leaving group authorize (returns updated) for request 9
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 9
rlm_eap: Request found, released from the list
rlm_eap: EAP/ttls
rlm_eap: processing type ttls
rlm_eap_ttls: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0046], ClientKeyExchange
TLS_accept: SSLv3 read client key exchange A
rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001]
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 read finished A
rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001]
TLS_accept: SSLv3 write change cipher spec A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 write finished A
TLS_accept: SSLv3 flush data
(other): SSL negotiation finished successfully
SSL Connection Established
eaptls_process returned 13
modcall[authenticate]: module "eap" returns handled for request 9
modcall: leaving group authenticate (returns handled) for request 9
Sending Access-Challenge of id 78 to 127.0.0.1 port 32786
EAP-Message = 0x010e004515800000003b1403010001011603010030eae1cc33bfc4931acbf7ba51c88ec07398ec1751983ebbd5c05477e320c23e1337745d060ba11f5810f3ea2772e4d4f3
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x189bb8bf1ead4605f9bd41eb1af312b0
Finished request 9
Going to the next request
Cleaning up request 0 ID 69 with timestamp 477e638d
Cleaning up request 1 ID 70 with timestamp 477e638d
Waking up in 1 seconds...
rad_recv: Access-Request packet from host 127.0.0.1:32786, id=79, length=354
User-Name = "anonymous@asb.com"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Called-Station-Id = "00-00-00-00-00-00:"
Calling-Station-Id = "00-19-CB-25-41-48"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11"
EAP-Message = 0x020e00c0150017030100208369eed1a9741f44a9c0a8061db0af01d89ccd1a675bf7e388baf7d72c3874311703010090178c084851f2d743a3134bd5dd5e8a4b0440cefd82a8852eafdd37e061a00fde43ca560c26d35710fee353787369e5d32a820e7dbeeb0dbc89ec05124229b41b03fd848c45db77d73f7c341632ebba0864fcd31f0a135aee5cbdd8b85c1d3d0da25c42449a59811d4d6eff8713d7a805c98baae60a3518dc0a83240e671621fd3482cc6e3eac3d6ec124e25ac97e7979
State = 0x189bb8bf1ead4605f9bd41eb1af312b0
Message-Authenticator = 0x1deb66afb3c1bfa1131e6426959df437
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 10
modcall[authorize]: module "preprocess" returns ok for request 10
modcall[authorize]: module "chap" returns noop for request 10
modcall[authorize]: module "mschap" returns noop for request 10
rlm_realm: Looking up realm "asb.com" for User-Name = "anonymous@asb.com"
rlm_realm: Found realm "asb.com"
rlm_realm: Adding Stripped-User-Name = "anonymous"
rlm_realm: Proxying request from user anonymous to realm asb.com
rlm_realm: Adding Realm = "asb.com"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 10
rlm_eap: EAP packet type response id 14 length 192
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 10
users: Matched entry DEFAULT at line 364
modcall[authorize]: module "files" returns ok for request 10
modcall: leaving group authorize (returns updated) for request 10
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 10
rlm_eap: Request found, released from the list
rlm_eap: EAP/ttls
rlm_eap: processing type ttls
rlm_eap_ttls: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_ttls: Session established. Proceeding to decode tunneled attributes.
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 10
modcall[authorize]: module "preprocess" returns ok for request 10
modcall[authorize]: module "chap" returns noop for request 10
rlm_mschap: Found MS-CHAP attributes. Setting 'Auth-Type = MS-CHAP'
modcall[authorize]: module "mschap" returns ok for request 10
rlm_realm: No '@' in User-Name = "BE2048", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 10
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 10
users: Matched entry BE2048 at line 108
modcall[authorize]: module "files" returns ok for request 10
modcall: leaving group authorize (returns ok) for request 10
rad_check_password: Found Auth-Type Local
auth: type Local
auth: No User-Password or CHAP-Password attribute in the request
auth: Failed to validate the user.
Login incorrect: [BE2048/<no User-Password attribute>] (from client localhost port 0 cli 00-19-CB-25-41-48)
TTLS: Got tunneled Access-Reject
rlm_eap: Handler failed in EAP/ttls
rlm_eap: Failed in EAP select
modcall[authenticate]: module "eap" returns invalid for request 10
modcall: leaving group authenticate (returns invalid) for request 10
auth: Failed to validate the user.
Login incorrect: [anonymous@asb.com/<no User-Password attribute>] (from client localhost port 0 cli 00-19-CB-25-41-48)
Delaying request 10 for 1 seconds
Finished request 10
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
rad_recv: Access-Request packet from host 127.0.0.1:32786, id=68, length=166
User-Name = "anonymous@asb.com"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Called-Station-Id = "00-00-00-00-00-00:"
Calling-Station-Id = "00-19-CB-25-41-48"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11"
EAP-Message = 0x0203001601616e6f6e796d6f7573406173622e636f6d
Message-Authenticator = 0x2606d6968bf58d3aa74ccfb41ec40a30
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 11
modcall[authorize]: module "preprocess" returns ok for request 11
modcall[authorize]: module "chap" returns noop for request 11
modcall[authorize]: module "mschap" returns noop for request 11
rlm_realm: Looking up realm "asb.com" for User-Name = "anonymous@asb.com"
rlm_realm: Found realm "asb.com"
rlm_realm: Adding Stripped-User-Name = "anonymous"
rlm_realm: Proxying request from user anonymous to realm asb.com
rlm_realm: Adding Realm = "asb.com"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 11
rlm_eap: EAP packet type response id 3 length 22
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 11
users: Matched entry DEFAULT at line 364
modcall[authorize]: module "files" returns ok for request 11
modcall: leaving group authorize (returns updated) for request 11
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 11
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
modcall[authenticate]: module "eap" returns handled for request 11
modcall: leaving group authenticate (returns handled) for request 11
Sending Access-Challenge of id 68 to 127.0.0.1 port 32786
EAP-Message = 0x010400061520
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x158294e60628493f047b04f7ab3d9120
Finished request 11
Going to the next request
Cleaning up request 2 ID 71 with timestamp 477e638e
Cleaning up request 3 ID 72 with timestamp 477e638e
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 4 ID 73 with timestamp 477e638f
Sending Access-Reject of id 79 to 127.0.0.1 port 32786
EAP-Message = 0x040e0004
Message-Authenticator = 0x00000000000000000000000000000000
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 5 ID 74 with timestamp 477e6390
Cleaning up request 6 ID 75 with timestamp 477e6390
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 7 ID 76 with timestamp 477e6391
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 8 ID 77 with timestamp 477e6392
Cleaning up request 9 ID 78 with timestamp 477e6392
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 11 ID 68 with timestamp 477e6393
Cleaning up request 10 ID 79 with timestamp 477e6393
Nothing to do. Sleeping until we see a request.
rad_recv: Access-Request packet from host 127.0.0.1:32786, id=80, length=166
User-Name = "anonymous@asb.com"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Called-Station-Id = "00-00-00-00-00-00:"
Calling-Station-Id = "00-19-CB-25-41-48"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11"
EAP-Message = 0x0200001601616e6f6e796d6f7573406173622e636f6d
Message-Authenticator = 0x4e397ffe6e70609b532185338b34df99
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 12
modcall[authorize]: module "preprocess" returns ok for request 12
modcall[authorize]: module "chap" returns noop for request 12
modcall[authorize]: module "mschap" returns noop for request 12
rlm_realm: Looking up realm "asb.com" for User-Name = "anonymous@asb.com"
rlm_realm: Found realm "asb.com"
rlm_realm: Adding Stripped-User-Name = "anonymous"
rlm_realm: Proxying request from user anonymous to realm asb.com
rlm_realm: Adding Realm = "asb.com"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 12
rlm_eap: EAP packet type response id 0 length 22
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 12
users: Matched entry DEFAULT at line 364
modcall[authorize]: module "files" returns ok for request 12
modcall: leaving group authorize (returns updated) for request 12
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 12
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
modcall[authenticate]: module "eap" returns handled for request 12
modcall: leaving group authenticate (returns handled) for request 12
Sending Access-Challenge of id 80 to 127.0.0.1 port 32786
EAP-Message = 0x010100061520
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xe60d081f6c3ffab22496977279379e3b
Finished request 12
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 127.0.0.1:32786, id=81, length=270
User-Name = "anonymous@asb.com"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Called-Station-Id = "00-00-00-00-00-00:"
Calling-Station-Id = "00-19-CB-25-41-48"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11"
EAP-Message = 0x0201006c150016030100610100005d0301477e39ce8bafab51b3989a786917d54c5b7a5d4dc3c799f251f45eff9d9d905e00003600390038003500160013000a00330032002f0007006600050004006300620061001500120009006500640060001400110008000600030100
State = 0xe60d081f6c3ffab22496977279379e3b
Message-Authenticator = 0x0b6a2e2d1a512df1ac58ae651bbf20e8
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 13
modcall[authorize]: module "preprocess" returns ok for request 13
modcall[authorize]: module "chap" returns noop for request 13
modcall[authorize]: module "mschap" returns noop for request 13
rlm_realm: Looking up realm "asb.com" for User-Name = "anonymous@asb.com"
rlm_realm: Found realm "asb.com"
rlm_realm: Adding Stripped-User-Name = "anonymous"
rlm_realm: Proxying request from user anonymous to realm asb.com
rlm_realm: Adding Realm = "asb.com"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 13
rlm_eap: EAP packet type response id 1 length 108
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 13
users: Matched entry DEFAULT at line 364
modcall[authorize]: module "files" returns ok for request 13
modcall: leaving group authorize (returns updated) for request 13
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 13
rlm_eap: Request found, released from the list
rlm_eap: EAP/ttls
rlm_eap: processing type ttls
rlm_eap_ttls: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
(other): before/accept initialization
TLS_accept: before/accept initialization
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0061], ClientHello
TLS_accept: SSLv3 read client hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
TLS_accept: SSLv3 write server hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0438], Certificate
TLS_accept: SSLv3 write certificate A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 010d], ServerKeyExchange
TLS_accept: SSLv3 write key exchange A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
TLS_accept: SSLv3 write server done A
TLS_accept: SSLv3 flush data
TLS_accept:error in SSLv3 read client certificate A
In SSL Handshake Phase
In SSL Accept mode
eaptls_process returned 13
modcall[authenticate]: module "eap" returns handled for request 13
modcall: leaving group authenticate (returns handled) for request 13
Sending Access-Challenge of id 81 to 127.0.0.1 port 32786
EAP-Message = 0x010200c015c0000005a7160301004a020000460301477e63a483849f8f1a31a7666d239e4522ad006917cc915b55783357b4ceed6b20fea4c2ad656e074e2e1a27d5c72866def1cc6007eb2dcc17149f50bf0fcd15de00390016030104380b000434000431000218308202143082017d020105300d06092a864886f70d01010405003050310b3009060355040613026368310b3009060355040813027368310b3009060355040713027368310c300a060355040a1303617362310c300a060355
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x5bc67f4201f495906c5c5627593e6801
Finished request 13
Going to the next request
--- Walking the entire request list ---
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 127.0.0.1:32786, id=82, length=168
User-Name = "anonymous@asb.com"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Called-Station-Id = "00-00-00-00-00-00:"
Calling-Station-Id = "00-19-CB-25-41-48"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11"
EAP-Message = 0x020200061500
State = 0x5bc67f4201f495906c5c5627593e6801
Message-Authenticator = 0x51a6bd3d135c65fb9601851b86d3bd77
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 14
modcall[authorize]: module "preprocess" returns ok for request 14
modcall[authorize]: module "chap" returns noop for request 14
modcall[authorize]: module "mschap" returns noop for request 14
rlm_realm: Looking up realm "asb.com" for User-Name = "anonymous@asb.com"
rlm_realm: Found realm "asb.com"
rlm_realm: Adding Stripped-User-Name = "anonymous"
rlm_realm: Proxying request from user anonymous to realm asb.com
rlm_realm: Adding Realm = "asb.com"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 14
rlm_eap: EAP packet type response id 2 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 14
users: Matched entry DEFAULT at line 364
modcall[authorize]: module "files" returns ok for request 14
modcall: leaving group authorize (returns updated) for request 14
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 14
rlm_eap: Request found, released from the list
rlm_eap: EAP/ttls
rlm_eap: processing type ttls
rlm_eap_ttls: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
modcall[authenticate]: module "eap" returns handled for request 14
modcall: leaving group authenticate (returns handled) for request 14
Sending Access-Challenge of id 82 to 127.0.0.1 port 32786
EAP-Message = 0x010300c015c0000005a7040b1303726472310b3009060355040313026361301e170d3037313131393038303533305a170d3038313131383038303533305a3055310b3009060355040613026368310b3009060355040813027368310b3009060355040713027368310c300a060355040a1303617362310c300a060355040b13037264723110300e060355040313076173622e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100b0634f379d38220d960a6f7c80ab
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x17853696d4a799cdc34d86b6466d6c0f
Finished request 14
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 127.0.0.1:32786, id=83, length=168
User-Name = "anonymous@asb.com"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Called-Station-Id = "00-00-00-00-00-00:"
Calling-Station-Id = "00-19-CB-25-41-48"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11"
EAP-Message = 0x020300061500
State = 0x17853696d4a799cdc34d86b6466d6c0f
Message-Authenticator = 0xde440b65fe10deda2b4837a7078313d6
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 15
modcall[authorize]: module "preprocess" returns ok for request 15
modcall[authorize]: module "chap" returns noop for request 15
modcall[authorize]: module "mschap" returns noop for request 15
rlm_realm: Looking up realm "asb.com" for User-Name = "anonymous@asb.com"
rlm_realm: Found realm "asb.com"
rlm_realm: Adding Stripped-User-Name = "anonymous"
rlm_realm: Proxying request from user anonymous to realm asb.com
rlm_realm: Adding Realm = "asb.com"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 15
rlm_eap: EAP packet type response id 3 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 15
users: Matched entry DEFAULT at line 364
modcall[authorize]: module "files" returns ok for request 15
modcall: leaving group authorize (returns updated) for request 15
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 15
rlm_eap: Request found, released from the list
rlm_eap: EAP/ttls
rlm_eap: processing type ttls
rlm_eap_ttls: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
modcall[authenticate]: module "eap" returns handled for request 15
modcall: leaving group authenticate (returns handled) for request 15
Sending Access-Challenge of id 83 to 127.0.0.1 port 32786
EAP-Message = 0x010400c015c0000005a7d51a2b7a9cac830613ec665fae7c1ca6215b60ea222142e7c6832c6d344dae7bc5cc3385db768824fbc63c93bfe9c79af932248380799e7f7bbb1ad953ac64adf590f2af0d02a5440e7a67769c92fcb74b4e20cb6776513eb13297599961c1be81ec0c6633ef709da026e96feebe5d0ab5e70203010001300d06092a864886f70d01010405000381810069e6b80739a38b06b15a28ace28510b0fc9a26d291c4b9ab9102bc349827197bce7bf4d3bca49e5a5bc61da2
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x792bce3fce1aadc9b1e7fb73772bcc5c
Finished request 15
Going to the next request
--- Walking the entire request list ---
Waking up in 4 seconds...
rad_recv: Access-Request packet from host 127.0.0.1:32786, id=84, length=168
User-Name = "anonymous@asb.com"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Called-Station-Id = "00-00-00-00-00-00:"
Calling-Station-Id = "00-19-CB-25-41-48"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11"
EAP-Message = 0x020400061500
State = 0x792bce3fce1aadc9b1e7fb73772bcc5c
Message-Authenticator = 0xd5248ccde0398c1bcfe449d32e73b8e0
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 16
modcall[authorize]: module "preprocess" returns ok for request 16
modcall[authorize]: module "chap" returns noop for request 16
modcall[authorize]: module "mschap" returns noop for request 16
rlm_realm: Looking up realm "asb.com" for User-Name = "anonymous@asb.com"
rlm_realm: Found realm "asb.com"
rlm_realm: Adding Stripped-User-Name = "anonymous"
rlm_realm: Proxying request from user anonymous to realm asb.com
rlm_realm: Adding Realm = "asb.com"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 16
rlm_eap: EAP packet type response id 4 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 16
users: Matched entry DEFAULT at line 364
modcall[authorize]: module "files" returns ok for request 16
modcall: leaving group authorize (returns updated) for request 16
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 16
rlm_eap: Request found, released from the list
rlm_eap: EAP/ttls
rlm_eap: processing type ttls
rlm_eap_ttls: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
modcall[authenticate]: module "eap" returns handled for request 16
modcall: leaving group authenticate (returns handled) for request 16
Sending Access-Challenge of id 84 to 127.0.0.1 port 32786
EAP-Message = 0x010500c015c0000005a7b1d9f96e504a469deaf4cf1d915b844f8506ccdd9e995654aafca0e93598b19ab21667ecb40617b4a0e80816a89e3924aeb0c53d93dad0a14e8c678197708ad92f1769673a4499d5ec811a090253bf18df6dd5b50002133082020f30820178020100300d06092a864886f70d01010405003050310b3009060355040613026368310b3009060355040813027368310b3009060355040713027368310c300a060355040a1303617362310c300a060355040b1303726472
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x246832dae620a99f533b928aa035683c
Finished request 16
Going to the next request
--- Walking the entire request list ---
Waking up in 3 seconds...
rad_recv: Access-Request packet from host 127.0.0.1:32786, id=85, length=168
User-Name = "anonymous@asb.com"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Called-Station-Id = "00-00-00-00-00-00:"
Calling-Station-Id = "00-19-CB-25-41-48"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11"
EAP-Message = 0x020500061500
State = 0x246832dae620a99f533b928aa035683c
Message-Authenticator = 0xeb8dd2b6c997a8df4c72915cfbbf60ba
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 17
modcall[authorize]: module "preprocess" returns ok for request 17
modcall[authorize]: module "chap" returns noop for request 17
modcall[authorize]: module "mschap" returns noop for request 17
rlm_realm: Looking up realm "asb.com" for User-Name = "anonymous@asb.com"
rlm_realm: Found realm "asb.com"
rlm_realm: Adding Stripped-User-Name = "anonymous"
rlm_realm: Proxying request from user anonymous to realm asb.com
rlm_realm: Adding Realm = "asb.com"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 17
rlm_eap: EAP packet type response id 5 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 17
users: Matched entry DEFAULT at line 364
modcall[authorize]: module "files" returns ok for request 17
modcall: leaving group authorize (returns updated) for request 17
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 17
rlm_eap: Request found, released from the list
rlm_eap: EAP/ttls
rlm_eap: processing type ttls
rlm_eap_ttls: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
modcall[authenticate]: module "eap" returns handled for request 17
modcall: leaving group authenticate (returns handled) for request 17
Sending Access-Challenge of id 85 to 127.0.0.1 port 32786
EAP-Message = 0x010600c015c0000005a7310b3009060355040313026361301e170d3037313131393038303433315a170d3038313131383038303433315a3050310b3009060355040613026368310b3009060355040813027368310b3009060355040713027368310c300a060355040a1303617362310c300a060355040b1303726472310b300906035504031302636130819f300d06092a864886f70d010101050003818d0030818902818100dc70ad4fc5351431abb49e7f58f1d25e90634ea6dcb7f5f440ac
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x0f2c629898fc47ec95230a551e8866c8
Finished request 17
Going to the next request
Waking up in 3 seconds...
This archive was generated by a fusion of
Pipermail (Mailman edition) and
MHonArc.