FreeRadius - Multiple Clients
Casey Daniels
mailinglist at cd.kcfam.net
Sat Apr 12 01:27:26 CEST 2014
On 04/11/2014 07:24 PM, Matthew Newton wrote:
> Hi,
>
> On Fri, Apr 11, 2014 at 06:51:59PM -0400, Casey Daniels wrote:
>> On 04/11/2014 05:05 PM, Alan DeKok wrote:
>>> Run the server in debug mode, as suggested in the FAQ, "man" page, web
>>> pages, and daily on this list. When you don't do that, you waste
>>> everyones time.
>> I always run it in -X, and have the information sent to a file for
>> review so that I don't have to try and watch items scroll past the
>> screen.
> The implication here was that there is no point running it
> in debug mode, and then keeping the output to yourself...
>
> The advice always on this list is to run it with -X, and post the
> full output to the list. That way people can help you much more
> easily.
>
> Cheers,
>
> Matthew
>
>
Sorry didn't want to send a huge message with a bunch of debugging stuff
to clutter things up, but here it is.
Starting FreeRadius Daemon...�[1mradiusd: FreeRADIUS Version 3.0.0,
for host x86_64-unknown-linux-gnu, built on Oct 26 2013 at 18:29:10�[0m
�[1mCopyright (C) 1999-2013 The FreeRADIUS server project and
contributors.�[0m
�[1mThere is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A�[0m
�[1mPARTICULAR PURPOSE.�[0m
�[1mYou may redistribute copies of FreeRADIUS under the terms of the�[0m
�[1mGNU General Public License.�[0m
�[1mFor more information about these matters, see the file named
COPYRIGHT.�[0m
�[1mStarting - reading configuration files ...�[0m
including dictionary file /etc/raddb/dictionary
including configuration file /etc/raddb/radiusd.conf
including configuration file /etc/raddb/clients.conf
including files in directory /etc/raddb/mods-enabled/
including configuration file /etc/raddb/mods-enabled/sradutmp
including configuration file /etc/raddb/mods-enabled/expiration
including configuration file /etc/raddb/mods-enabled/utf8
including configuration file /etc/raddb/mods-enabled/soh
including configuration file /etc/raddb/mods-enabled/eap
including configuration file /etc/raddb/mods-enabled/radutmp
including configuration file /etc/raddb/mods-enabled/cache_eap
including configuration file /etc/raddb/mods-enabled/mschap
including configuration file /etc/raddb/mods-enabled/attr_filter
including configuration file /etc/raddb/mods-enabled/detail
including configuration file /etc/raddb/mods-enabled/always
including configuration file /etc/raddb/mods-enabled/preprocess
including configuration file /etc/raddb/mods-enabled/linelog
including configuration file /etc/raddb/mods-enabled/detail.log
including configuration file /etc/raddb/mods-enabled/files
including configuration file /etc/raddb/mods-enabled/expr
including configuration file /etc/raddb/mods-enabled/logintime
including files in directory /etc/raddb/policy.d/
including configuration file /etc/raddb/policy.d/accounting
including configuration file /etc/raddb/policy.d/filter
including files in directory /etc/raddb/sites-enabled/
including configuration file /etc/raddb/sites-enabled/inner-tunnel
including configuration file /etc/raddb/sites-enabled/default
including configuration file /etc/raddb/sites-enabled/wifi
main {
security {
user = "radius"
group = "radius"
chroot = "/srv/freeradius"
allow_core_dumps = no
}
}
main {
name = "radiusd"
prefix = "/usr/local"
localstatedir = "/usr/local/var"
sbindir = "/usr/local/sbin"
logdir = "/var/log"
run_dir = "/var/run"
libdir = "/lib"
radacctdir = "/var/log/radacct"
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests = 5096
pidfile = "/var/run/radiusd.pid"
checkrad = "/usr/local/sbin/checkrad"
debug_level = 0
proxy_requests = no
log {
stripped_names = no
auth = yes
auth_badpass = yes
auth_goodpass = no
colourise = yes
}
security {
max_attributes = 200
reject_delay = 3
status_server = yes
}
}
radiusd: #### Loading Realms and Home Servers ####
radiusd: #### Loading Clients ####
client localhost {
ipv6addr = ::1 IPv6 address [::1]
netmask = 128
require_message_authenticator = yes
secret = "testing123"
proto = "udp"
limit {
max_connections = 16
lifetime = 0
idle_timeout = 30
}
}
client wlan-west {
ipaddr = 10.50.1.2
netmask = 32
require_message_authenticator = yes
secret = "test123"
proto = "udp"
limit {
max_connections = 16
lifetime = 0
idle_timeout = 30
}
}
radiusd: #### Instantiating modules ####
instantiate {
}
modules {
# Loaded module rlm_radutmp
# Instantiating module "sradutmp" from file
/etc/raddb/mods-enabled/sradutmp
radutmp sradutmp {
filename = "/var/log/sradutmp"
username = "%{User-Name}"
case_sensitive = yes
check_with_nas = yes
permissions = 420
caller_id = no
}
# Loaded module rlm_expiration
# Instantiating module "expiration" from file
/etc/raddb/mods-enabled/expiration
# Loaded module rlm_utf8
# Instantiating module "utf8" from file /etc/raddb/mods-enabled/utf8
# Loaded module rlm_soh
# Instantiating module "soh" from file /etc/raddb/mods-enabled/soh
soh {
dhcp = yes
}
# Loaded module rlm_eap
# Instantiating module "eap" from file /etc/raddb/mods-enabled/eap
eap {
default_eap_type = "peap"
timer_expire = 60
ignore_unknown_eap_types = no
mod_accounting_username_bug = no
max_sessions = 4096
}
# Linked to sub-module rlm_eap_tls
tls {
tls = "tls-common"
}
tls-config tls-common {
rsa_key_exchange = no
dh_key_exchange = yes
rsa_key_length = 512
dh_key_length = 512
verify_depth = 0
ca_path = "/etc/raddb/certs"
pem_file_type = yes
private_key_file = "/etc/raddb/certs/prouter-radius.pem"
certificate_file = "/etc/raddb/certs/prouter-radius_crt.pem"
ca_file = "/etc/raddb/certs/cacert.pem"
private_key_password = "2rU36=L-mdKYVbG"
dh_file = "/etc/raddb/certs/dh_radius"
fragment_size = 1024
include_length = yes
check_crl = no
cipher_list = "DEFAULT"
ecdh_curve = "prime256v1"
cache {
enable = yes
lifetime = 24
max_entries = 255
}
verify {
}
ocsp {
enable = no
override_cert_url = yes
url = "http://127.0.0.1/ocsp/"
use_nonce = yes
timeout = 0
softfail = yes
}
}
# Linked to sub-module rlm_eap_ttls
ttls {
tls = "tls-common"
default_eap_type = "md5"
copy_request_to_tunnel = no
use_tunneled_reply = no
virtual_server = "inner-tunnel"
include_length = yes
require_client_cert = no
}
Using cached TLS configuration from previous invocation
# Linked to sub-module rlm_eap_peap
peap {
tls = "tls-common"
default_method = "mschapv2"
copy_request_to_tunnel = no
use_tunneled_reply = no
proxy_tunneled_request_as_eap = yes
virtual_server = "inner-tunnel"
soh = no
require_client_cert = no
}
Using cached TLS configuration from previous invocation
# Linked to sub-module rlm_eap_mschapv2
mschapv2 {
with_ntdomain_hack = no
send_error = no
}
# Instantiating module "radutmp" from file
/etc/raddb/mods-enabled/radutmp
radutmp {
filename = "/var/log/radutmp"
username = "%{User-Name}"
case_sensitive = yes
check_with_nas = yes
permissions = 384
caller_id = yes
}
# Loaded module rlm_cache
# Instantiating module "cache_eap" from file
/etc/raddb/mods-enabled/cache_eap
cache cache_eap {
key = "%{%{control:State}:-%{%{reply:State}:-%{State}}}"
ttl = 15
max_entries = 16384
epoch = 0
add_stats = no
}
# Loaded module rlm_mschap
# Instantiating module "mschap" from file /etc/raddb/mods-enabled/mschap
mschap {
use_mppe = yes
require_encryption = no
require_strong = no
with_ntdomain_hack = yes
passchange {
}
allow_retry = yes
}
# Loaded module rlm_attr_filter
# Instantiating module "attr_filter.post-proxy" from file
/etc/raddb/mods-enabled/attr_filter
attr_filter attr_filter.post-proxy {
filename = "/etc/raddb/mods-config/attr_filter/post-proxy"
key = "%{Realm}"
relaxed = no
}
reading pairlist file /etc/raddb/mods-config/attr_filter/post-proxy
# Instantiating module "attr_filter.pre-proxy" from file
/etc/raddb/mods-enabled/attr_filter
attr_filter attr_filter.pre-proxy {
filename = "/etc/raddb/mods-config/attr_filter/pre-proxy"
key = "%{Realm}"
relaxed = no
}
reading pairlist file /etc/raddb/mods-config/attr_filter/pre-proxy
# Instantiating module "attr_filter.access_reject" from file
/etc/raddb/mods-enabled/attr_filter
attr_filter attr_filter.access_reject {
filename = "/etc/raddb/mods-config/attr_filter/access_reject"
key = "%{User-Name}"
relaxed = no
}
reading pairlist file /etc/raddb/mods-config/attr_filter/access_reject
# Instantiating module "attr_filter.access_challenge" from file
/etc/raddb/mods-enabled/attr_filter
attr_filter attr_filter.access_challenge {
filename = "/etc/raddb/mods-config/attr_filter/access_challenge"
key = "%{User-Name}"
relaxed = no
}
reading pairlist file /etc/raddb/mods-config/attr_filter/access_challenge
# Instantiating module "attr_filter.accounting_response" from file
/etc/raddb/mods-enabled/attr_filter
attr_filter attr_filter.accounting_response {
filename = "/etc/raddb/mods-config/attr_filter/accounting_response"
key = "%{User-Name}"
relaxed = no
}
reading pairlist file /etc/raddb/mods-config/attr_filter/accounting_response
# Loaded module rlm_detail
# Instantiating module "detail" from file /etc/raddb/mods-enabled/detail
detail {
filename =
"/var/log/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d"
header = "%t"
permissions = 384
dir_permissions = 493
locking = no
log_packet_header = no
}
# Loaded module rlm_always
# Instantiating module "fail" from file /etc/raddb/mods-enabled/always
always fail {
rcode = "fail"
simulcount = 0
mpp = no
}
# Instantiating module "reject" from file /etc/raddb/mods-enabled/always
always reject {
rcode = "reject"
simulcount = 0
mpp = no
}
# Instantiating module "noop" from file /etc/raddb/mods-enabled/always
always noop {
rcode = "noop"
simulcount = 0
mpp = no
}
# Instantiating module "handled" from file /etc/raddb/mods-enabled/always
always handled {
rcode = "handled"
simulcount = 0
mpp = no
}
# Instantiating module "updated" from file /etc/raddb/mods-enabled/always
always updated {
rcode = "updated"
simulcount = 0
mpp = no
}
# Instantiating module "notfound" from file
/etc/raddb/mods-enabled/always
always notfound {
rcode = "notfound"
simulcount = 0
mpp = no
}
# Instantiating module "ok" from file /etc/raddb/mods-enabled/always
always ok {
rcode = "ok"
simulcount = 0
mpp = no
}
# Loaded module rlm_preprocess
# Instantiating module "preprocess" from file
/etc/raddb/mods-enabled/preprocess
preprocess {
with_ascend_hack = no
ascend_channels_per_line = 23
with_ntdomain_hack = no
with_specialix_jetstream_hack = no
with_cisco_vsa_hack = no
with_alvarion_vsa_hack = no
}
# Loaded module rlm_linelog
# Instantiating module "linelog" from file
/etc/raddb/mods-enabled/linelog
linelog {
filename = "/var/log/linelog"
permissions = 384
format = "This is a log message for %{User-Name}"
reference = "%{%{Packet-Type}:-format}"
}
# Instantiating module "auth_log" from file
/etc/raddb/mods-enabled/detail.log
detail auth_log {
filename =
"/var/log/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d"
header = "%t"
permissions = 384
dir_permissions = 493
locking = no
log_packet_header = no
}
# Instantiating module "reply_log" from file
/etc/raddb/mods-enabled/detail.log
detail reply_log {
filename =
"/var/log/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/reply-detail-%Y%m%d"
header = "%t"
permissions = 384
dir_permissions = 493
locking = no
log_packet_header = no
}
# Instantiating module "pre_proxy_log" from file
/etc/raddb/mods-enabled/detail.log
detail pre_proxy_log {
filename =
"/var/log/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/pre-proxy-detail-%Y%m%d"
header = "%t"
permissions = 384
dir_permissions = 493
locking = no
log_packet_header = no
}
# Instantiating module "post_proxy_log" from file
/etc/raddb/mods-enabled/detail.log
detail post_proxy_log {
filename =
"/var/log/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/post-proxy-detail-%Y%m%d"
header = "%t"
permissions = 384
dir_permissions = 493
locking = no
log_packet_header = no
}
# Loaded module rlm_files
# Instantiating module "files" from file /etc/raddb/mods-enabled/files
files {
filename = "/etc/raddb/mods-config/files/authorize"
usersfile = "/etc/raddb/mods-config/files/authorize"
acctusersfile = "/etc/raddb/mods-config/files/accounting"
preproxy_usersfile = "/etc/raddb/mods-config/files/pre-proxy"
compat = "no"
}
reading pairlist file /etc/raddb/mods-config/files/authorize
reading pairlist file /etc/raddb/mods-config/files/authorize
reading pairlist file /etc/raddb/mods-config/files/accounting
reading pairlist file /etc/raddb/mods-config/files/pre-proxy
# Loaded module rlm_expr
# Instantiating module "expr" from file /etc/raddb/mods-enabled/expr
expr {
safe_characters =
"@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
}
# Loaded module rlm_logintime
# Instantiating module "logintime" from file
/etc/raddb/mods-enabled/logintime
logintime {
minimum_timeout = 60
}
} # modules
radiusd: #### Loading Virtual Servers ####
server { # from file /etc/raddb/radiusd.conf
} # server
server inner-tunnel { # from file /etc/raddb/sites-enabled/inner-tunnel
# Loading authenticate {...}
# Loading authorize {...}
# Loading session {...}
# Loading post-auth {...}
} # server
server default { # from file /etc/raddb/sites-enabled/default
# Loading authenticate {...}
# Loading authorize {...}
# Loading virtual module filter_username
# Loading preacct {...}
# Loading virtual module acct_unique
# Loading accounting {...}
# Loading post-auth {...}
# Loading virtual module remove_reply_message_if_eap
# Loading virtual module remove_reply_message_if_eap
} # server
server wifi { # from file /etc/raddb/sites-enabled/wifi
# Loading authenticate {...}
# Loading authorize {...}
# Loading virtual module filter_username
# Loading preacct {...}
# Loading virtual module acct_unique
# Loading accounting {...}
# Loading post-auth {...}
# Loading virtual module remove_reply_message_if_eap
# Loading virtual module remove_reply_message_if_eap
} # server
radiusd: #### Opening IP addresses and Ports ####
listen {
type = "auth"
ipv6addr = ::1 IPv6 address [::1]
port = 18120
}
listen {
type = "auth"
ipaddr = 10.50.1.1
port = 0
}
listen {
type = "acct"
ipaddr = 10.50.1.1
port = 0
}
listen {
type = "auth"
ipv6addr = ::1 IPv6 address [::1]
port = 1812
}
listen {
type = "acct"
ipv6addr = ::1 IPv6 address [::1]
port = 0
limit {
max_connections = 16
lifetime = 0
idle_timeout = 30
}
}
Listening on auth address ::1 port 18120 as server inner-tunnel
Listening on auth interface br0 address 10.50.1.1 port 1812 as server
default
Listening on acct interface br0 address 10.50.1.1 port 1813 as server
default
Listening on auth interface lo address ::1 port 1812 as server wifi
Listening on acct interface lo address ::1 port 1813 as server wifi
�[1mReady to process requests.�[0m
rad_recv: Access-Request packet from host ::1 port 33053, id=230, length=180
User-Name = 'steve'
NAS-IPv6-Address = ::1
Called-Station-Id = '6C-88-14-A8-C3-EC:kcfam'
NAS-Port-Type = Wireless-802.11
NAS-Port = 1
Calling-Station-Id = '30-D6-C9-6C-44-4B'
Connect-Info = 'CONNECT 54Mbps 802.11g'
Acct-Session-Id = '53480235-00000077'
Framed-MTU = 1400
EAP-Message = 0x024b000a017374657665
Message-Authenticator = 0x20f961946495ef0285ebaae426debb71
(0) # Executing section authorize from file /etc/raddb/sites-enabled/wifi
(0) authorize {
(0) filter_username filter_username {
(0) ? if (User-Name != "%{tolower:%{User-Name}}")
(0) expand: "%{tolower:%{User-Name}}" -> 'steve'
(0) ? if (User-Name != "%{tolower:%{User-Name}}") -> FALSE
(0) ? if (User-Name =~ / /)
(0) ? if (User-Name =~ / /) -> FALSE
(0) ? if (User-Name =~ /@.*@/ )
(0) ? if (User-Name =~ /@.*@/ ) -> FALSE
(0) ? if (User-Name =~ /\\.\\./ )
(0) ? if (User-Name =~ /\\.\\./ ) -> FALSE
(0) ? if ((User-Name =~ /@/) && (User-Name !~ /@(.+)\\.(.+)$/))
(0) ? if ((User-Name =~ /@/) && (User-Name !~ /@(.+)\\.(.+)$/)) ->
FALSE
(0) ? if (User-Name =~ /\\.$/)
(0) ? if (User-Name =~ /\\.$/) -> FALSE
(0) ? if (User-Name =~ /@\\./)
(0) ? if (User-Name =~ /@\\./) -> FALSE
(0) } # filter_username filter_username = notfound
(0) [preprocess] = ok
(0) auth_log : expand:
"/var/log/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d"
-> '/var/log/radacct/0:0:0:0:0:0:0:1/auth-detail-20140411'
(0) auth_log :
/var/log/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
expands to /var/log/radacct/0:0:0:0:0:0:0:1/auth-detail-20140411
(0) auth_log : expand: "%t" -> 'Fri Apr 11 22:36:59 2014'
(0) [auth_log] = ok
(0) files : users: Matched entry steve at line 73
(0) [files] = ok
(0) ? if (wifi_key != "true")
(0) expand: "true" -> 'true'
(0) ? if (wifi_key != "true") -> TRUE
(0) if (wifi_key != "true") {
(0) [reject] = reject
(0) } # if (wifi_key != "true") = reject
(0) } # authorize = reject
�[1m(0) Invalid user: [steve/<no User-Password attribute>] (from client
localhost port 1 cli 30-D6-C9-6C-44-4B)�[0m
(0) Using Post-Auth-Type Reject
(0) # Executing group from file /etc/raddb/sites-enabled/wifi
(0) Post-Auth-Type REJECT {
(0) attr_filter.access_reject : expand: "%{User-Name}" -> 'steve'
(0) attr_filter.access_reject : Matched entry DEFAULT at line 11
(0) [attr_filter.access_reject] = updated
(0) eap : Request was previously rejected, inserting EAP-Failure
(0) [eap] = updated
(0) remove_reply_message_if_eap remove_reply_message_if_eap {
(0) ? if (reply:EAP-Message && reply:Reply-Message)
(0) ? if (reply:EAP-Message && reply:Reply-Message) -> FALSE
(0) else else {
(0) [noop] = noop
(0) } # else else = noop
(0) } # remove_reply_message_if_eap remove_reply_message_if_eap = noop
(0) } # Post-Auth-Type REJECT = updated
(0) Finished request 0.
Waking up in 0.3 seconds.
Waking up in 2.6 seconds.
rad_recv: Access-Request packet from host ::1 port 33053, id=230, length=180
�[31m(0) Discarding duplicate request from client localhost port 33053 -
ID: 230 due to delayed reject�[0m
(0) Sending delayed reject
Sending Access-Reject of id 230 from ::1 port 1812 to ::1 port 33053
EAP-Message = 0x044b0004
Message-Authenticator = 0x00000000000000000000000000000000
Waking up in 4.9 seconds.
(0) Cleaning up request packet ID 230 with timestamp +19
�[1mReady to process requests.�[0m
rad_recv: Access-Request packet from host ::1 port 33053, id=231, length=180
User-Name = 'steve'
NAS-IPv6-Address = ::1
Called-Station-Id = '6C-88-14-A8-C3-EC:kcfam'
NAS-Port-Type = Wireless-802.11
NAS-Port = 1
Calling-Station-Id = '30-D6-C9-6C-44-4B'
Connect-Info = 'CONNECT 54Mbps 802.11g'
Acct-Session-Id = '53480235-00000078'
Framed-MTU = 1400
EAP-Message = 0x0261000a017374657665
Message-Authenticator = 0x19c4400d77d1ef651ef9755cae9098b6
(1) # Executing section authorize from file /etc/raddb/sites-enabled/wifi
(1) authorize {
(1) filter_username filter_username {
(1) ? if (User-Name != "%{tolower:%{User-Name}}")
(1) expand: "%{tolower:%{User-Name}}" -> 'steve'
(1) ? if (User-Name != "%{tolower:%{User-Name}}") -> FALSE
(1) ? if (User-Name =~ / /)
(1) ? if (User-Name =~ / /) -> FALSE
(1) ? if (User-Name =~ /@.*@/ )
(1) ? if (User-Name =~ /@.*@/ ) -> FALSE
(1) ? if (User-Name =~ /\\.\\./ )
(1) ? if (User-Name =~ /\\.\\./ ) -> FALSE
(1) ? if ((User-Name =~ /@/) && (User-Name !~ /@(.+)\\.(.+)$/))
(1) ? if ((User-Name =~ /@/) && (User-Name !~ /@(.+)\\.(.+)$/)) ->
FALSE
(1) ? if (User-Name =~ /\\.$/)
(1) ? if (User-Name =~ /\\.$/) -> FALSE
(1) ? if (User-Name =~ /@\\./)
(1) ? if (User-Name =~ /@\\./) -> FALSE
(1) } # filter_username filter_username = notfound
(1) [preprocess] = ok
(1) auth_log : expand:
"/var/log/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d"
-> '/var/log/radacct/0:0:0:0:0:0:0:1/auth-detail-20140411'
(1) auth_log :
/var/log/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
expands to /var/log/radacct/0:0:0:0:0:0:0:1/auth-detail-20140411
(1) auth_log : expand: "%t" -> 'Fri Apr 11 22:37:09 2014'
(1) [auth_log] = ok
(1) files : users: Matched entry steve at line 73
(1) [files] = ok
(1) ? if (wifi_key != "true")
(1) expand: "true" -> 'true'
(1) ? if (wifi_key != "true") -> TRUE
(1) if (wifi_key != "true") {
(1) [reject] = reject
(1) } # if (wifi_key != "true") = reject
(1) } # authorize = reject
�[1m(1) Invalid user: [steve/<no User-Password attribute>] (from client
localhost port 1 cli 30-D6-C9-6C-44-4B)�[0m
(1) Using Post-Auth-Type Reject
(1) # Executing group from file /etc/raddb/sites-enabled/wifi
(1) Post-Auth-Type REJECT {
(1) attr_filter.access_reject : expand: "%{User-Name}" -> 'steve'
(1) attr_filter.access_reject : Matched entry DEFAULT at line 11
(1) [attr_filter.access_reject] = updated
(1) eap : Request was previously rejected, inserting EAP-Failure
(1) [eap] = updated
(1) remove_reply_message_if_eap remove_reply_message_if_eap {
(1) ? if (reply:EAP-Message && reply:Reply-Message)
(1) ? if (reply:EAP-Message && reply:Reply-Message) -> FALSE
(1) else else {
(1) [noop] = noop
(1) } # else else = noop
(1) } # remove_reply_message_if_eap remove_reply_message_if_eap = noop
(1) } # Post-Auth-Type REJECT = updated
(1) Finished request 1.
Waking up in 0.3 seconds.
Waking up in 2.6 seconds.
rad_recv: Access-Request packet from host ::1 port 33053, id=231, length=180
�[31m(1) Discarding duplicate request from client localhost port 33053 -
ID: 231 due to delayed reject�[0m
(1) Sending delayed reject
Sending Access-Reject of id 231 from ::1 port 1812 to ::1 port 33053
EAP-Message = 0x04610004
Message-Authenticator = 0x00000000000000000000000000000000
Waking up in 4.9 seconds.
More information about the Freeradius-Users
mailing list