STARTING RADIUS DEAMON IN DEBUG ------------------------------- [root@poste2 ~]# radiusd -X Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /etc/raddb/proxy.conf Config: including file: /etc/raddb/clients.conf Config: including file: /etc/raddb/snmp.conf Config: including file: /etc/raddb/eap.conf Config: including file: /etc/raddb/sql.conf main: prefix = "/usr/local" main: localstatedir = "/usr/local/var" main: logdir = "/usr/local/var/log/radius" main: libdir = "/usr/local/lib" main: radacctdir = "/usr/local/var/log/radius/radacct" main: hostname_lookups = yes main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = yes main: log_file = "/usr/local/var/log/radius/radius.log" main: log_auth = yes main: log_auth_badpass = yes main: log_auth_goodpass = yes main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid" main: user = "root" main: group = "root" main: usercollide = no main: lower_user = "no" main: lower_pass = "no" main: nospace_user = "no" main: nospace_pass = "no" main: checkrad = "/usr/local/sbin/checkrad" main: proxy_requests = no proxy: retry_delay = 5 proxy: retry_count = 3 proxy: synchronous = no proxy: default_fallback = yes proxy: dead_time = 120 proxy: post_proxy_authorize = yes proxy: wake_all_if_all_dead = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon. read_config_files: reading clients read_config_files: reading realms radiusd: entering modules setup Module: Library search path is /usr/local/lib Module: Loaded exec exec: wait = yes exec: program = "(null)" exec: input_pairs = "request" exec: output_pairs = "(null)" exec: packet_type = "(null)" rlm_exec: Wait=yes but no output defined. Did you mean output=none? Module: Instantiated exec (exec) Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP pap: encryption_scheme = "crypt" Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP mschap: use_mppe = no mschap: require_encryption = no mschap: require_strong = no mschap: with_ntdomain_hack = no mschap: passwd = "(null)" mschap: authtype = "MS-CHAP" mschap: ntlm_auth = "(null)" Module: Instantiated mschap (mschap) Module: Loaded System unix: cache = no unix: passwd = "(null)" unix: shadow = "(null)" unix: group = "(null)" unix: radwtmp = "/usr/local/var/log/radius/radwtmp" unix: usegroup = no unix: cache_reload = 600 Module: Instantiated unix (unix) Module: Loaded eap eap: default_eap_type = "tls" eap: timer_expire = 60 eap: ignore_unknown_eap_types = yes eap: cisco_accounting_username_bug = no tls: rsa_key_exchange = no tls: dh_key_exchange = yes tls: rsa_key_length = 512 tls: dh_key_length = 512 tls: verify_depth = 0 tls: CA_path = "(null)" tls: pem_file_type = yes tls: private_key_file = "/etc/raddb/certs/radius.pem" tls: certificate_file = "/etc/raddb/certs/radius.pem" tls: CA_file = "/etc/raddb/certs/root.pem" tls: private_key_password = "whatever" tls: dh_file = "/etc/raddb/certs/dh" tls: random_file = "/etc/raddb/certs/random" tls: fragment_size = 1024 tls: include_length = yes tls: check_crl = no tls: check_cert_cn = "(null)" rlm_eap: Loaded and initialized type tls peap: default_eap_type = "mschapv2" peap: copy_request_to_tunnel = no peap: use_tunneled_reply = no peap: proxy_tunneled_request_as_eap = yes rlm_eap: Loaded and initialized type peap mschapv2: with_ntdomain_hack = no rlm_eap: Loaded and initialized type mschapv2 Module: Instantiated eap (eap) Module: Loaded preprocess preprocess: huntgroups = "/etc/raddb/huntgroups" preprocess: hints = "/etc/raddb/hints" preprocess: with_ascend_hack = no preprocess: ascend_channels_per_line = 23 preprocess: with_ntdomain_hack = no preprocess: with_specialix_jetstream_hack = no preprocess: with_cisco_vsa_hack = no Module: Instantiated preprocess (preprocess) Module: Loaded detail detail: detailfile = "/usr/local/var/log/radius/radacct/%{Client-IP-Address}/au th-detail-%Y%m%d" detail: detailperm = 384 detail: dirperm = 493 detail: locking = no Module: Instantiated detail (auth_log) Module: Loaded realm realm: format = "suffix" realm: delimiter = "@" realm: ignore_default = no realm: ignore_null = no Module: Instantiated realm (suffix) Module: Loaded files files: usersfile = "/etc/raddb/users" files: acctusersfile = "/etc/raddb/acct_users" files: preproxy_usersfile = "/etc/raddb/preproxy_users" files: compat = "no" Module: Instantiated files (files) Module: Loaded Acct-Unique-Session-Id acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Addre ss, NAS-Port" Module: Instantiated acct_unique (acct_unique) detail: detailfile = "/usr/local/var/log/radius/radacct/%{Client-IP-Address}/de tail-%Y%m%d" detail: detailperm = 384 detail: dirperm = 493 detail: locking = no Module: Instantiated detail (detail) Module: Loaded radutmp radutmp: filename = "/usr/local/var/log/radius/radutmp" radutmp: username = "%{User-Name}" radutmp: case_sensitive = yes radutmp: check_with_nas = yes radutmp: perm = 384 radutmp: callerid = yes Module: Instantiated radutmp (radutmp) detail: detailfile = "/usr/local/var/log/radius/radacct/%{Client-IP-Address}/re ply-detail-%Y%m%d" detail: detailperm = 384 detail: dirperm = 493 detail: locking = no Module: Instantiated detail (reply_log) Listening on authentication *:1812 Listening on accounting *:1813 Ready to process requests. ------------------------------------------ END OF START UP, ACCEPTING FIRST "CONNECT" ------------------------------------------ rad_recv: Access-Request packet from host 192.168.1.131:25417, id=149, length=14 7 User-Name = "client" NAS-IP-Address = 192.168.1.131 NAS-Port = 1 Framed-MTU = 1496 Called-Station-Id = "00-80-C6-E5-53-73:robtelradius" Calling-Station-Id = "00-0C-E5-46-8A-49" NAS-Identifier = "Radius-test" NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0201000b01636c69656e74 Message-Authenticator = 0x0c288864ce0f6ee670746f7cf495fd3b Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 radius_xlat: '/usr/local/var/log/radius/radacct/192.168.1.131/auth-detail-20050 602' rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-% Y%m%d expands to /usr/local/var/log/radius/radacct/192.168.1.131/auth-detail-200 50602 modcall[authorize]: module "auth_log" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "client", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: EAP packet type response id 1 length 11 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 0 users: Matched entry client at line 97 modcall[authorize]: module "files" returns ok for request 0 modcall: group authorize returns updated for request 0 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 rlm_eap: EAP Identity rlm_eap: processing type tls rlm_eap_tls: Requiring client certificate rlm_eap_tls: Initiate rlm_eap_tls: Start returned 1 modcall[authenticate]: module "eap" returns handled for request 0 modcall: group authenticate returns handled for request 0 Sending Access-Challenge of id 149 to 192.168.1.131:25417 EAP-Message = 0x010200060d20 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xf3fb1057bc6f6632cd23c6724be53ff5 Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.1.131:25417, id=37, length=234 User-Name = "client" NAS-IP-Address = 192.168.1.131 NAS-Port = 1 Framed-MTU = 1496 Called-Station-Id = "00-80-C6-E5-53-73:robtelradius" Calling-Station-Id = "00-0C-E5-46-8A-49" NAS-Identifier = "Radius-test" NAS-Port-Type = Wireless-802.11 State = 0xf3fb1057bc6f6632cd23c6724be53ff5 EAP-Message = 0x020200500d800000004616030100410100003d0301429f423e5d1356 d53940f4a8284f8b601f1bdf00f08490a4d6b53a854e6e1e7f00001600040005000a000900640062 000300060013001200630100 Message-Authenticator = 0x782e6c3d44481060dce76b629730598b Processing the authorize section of radiusd.conf modcall: entering group authorize for request 1 modcall[authorize]: module "preprocess" returns ok for request 1 radius_xlat: '/usr/local/var/log/radius/radacct/192.168.1.131/auth-detail-20050 602' rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-% Y%m%d expands to /usr/local/var/log/radius/radacct/192.168.1.131/auth-detail-200 50602 modcall[authorize]: module "auth_log" returns ok for request 1 modcall[authorize]: module "chap" returns noop for request 1 modcall[authorize]: module "mschap" returns noop for request 1 rlm_realm: No '@' in User-Name = "client", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 1 rlm_eap: EAP packet type response id 2 length 80 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 1 users: Matched entry client at line 97 modcall[authorize]: module "files" returns ok for request 1 modcall: group authorize returns updated for request 1 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 1 rlm_eap: Request found, released from the list rlm_eap: EAP/tls rlm_eap: processing type tls rlm_eap_tls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 (other): before/accept initialization TLS_accept: before/accept initialization rlm_eap_tls: <<< TLS 1.0 Handshake [length 0041], ClientHello TLS_accept: SSLv3 read client hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello TLS_accept: SSLv3 write server hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0740], Certificate TLS_accept: SSLv3 write certificate A rlm_eap_tls: >>> TLS 1.0 Handshake [length 00d0], CertificateRequest TLS_accept: SSLv3 write certificate request A TLS_accept: SSLv3 flush data TLS_accept:error in SSLv3 read client certificate A In SSL Handshake Phase In SSL Accept mode eaptls_process returned 13 modcall[authenticate]: module "eap" returns handled for request 1 modcall: group authenticate returns handled for request 1 Sending Access-Challenge of id 37 to 192.168.1.131:25417 EAP-Message = 0x0103040a0dc000000869160301004a020000460301429f423c67d382 e5ad39e7c4b8fb300a86c6322883caab0c456f8ca269184ec420bbeb4909ba979b205a089297e70a 0c69fcfb8e646ffce24a081f4ccb4da1777700040016030107400b00073c00073900030a30820306 3082026fa003020102020900d2dd675b4090993a300d06092a864886f70d01010405003081be310b 3009060355040613024341310f300d060355040813065175656265633110300e0603550407130753 74652d466f79311d301b060355040a1314526f62657274732d54656c65636f6d20696e632e312230 20060355040b1319496e7465726e6574205365727669636520 EAP-Message = 0x50726f7669646572311c301a060355040313135068696c6970706520 426f756c696e6775657a312b302906092a864886f70d010901161c70626f756c696e6740726f6265 7274732d74656c65636f6d2e636f6d301e170d3035303630323135333531355a170d303730363032 3135333531355a3081b1310b3009060355040613024341310f300d06035504081306517565626563 3110300e060355040713075374652d466f79311d301b060355040a1314526f62657274732d54656c 65636f6d20696e632e31223020060355040b1319496e7465726e657420536572766963652050726f 7669646572310f300d06035504031306726164697573312b30 EAP-Message = 0x2906092a864886f70d010901161c70626f756c696e6740726f626572 74732d74656c65636f6d2e636f6d30819f300d06092a864886f70d010101050003818d0030818902 818100e10b9f3ec2a8317b6c9ff63f3de5e59f7c27c8f27db0cc0c14c8fe7c1dc92d67f376290cf0 8459a872801c3de051defe53da8e2d07da583ad19dbea978c8b14ff96bb17d1b2de9c25aaf97b894 b12090d180f87b9b582247ba1a42567c3086b9b321540ce91a445587787e03da51969cdc616eca6e 421bb780b5be30b4c408310203010001a317301530130603551d25040c300a06082b060105050703 01300d06092a864886f70d010104050003818100a38745ec4b EAP-Message = 0x0938c7e19376a58700463c1aded97b906da80b5ef9dac8bee8e18ffa c49fdb3d7765c1c8923c7af1b549c0c9b3cb6221daf84852d2cd8ca5d86ded8cec0211b0704a859d 2b3d1addd098d7ebd0c1f8a49ea69c0e470e7d89bd187cd62b9270260d1efabd70e08a1f2c5b3e31 8297743626ea8027c821e027b5c136000429308204253082038ea003020102020900d2dd675b4090 9939300d06092a864886f70d01010405003081be310b3009060355040613024341310f300d060355 040813065175656265633110300e060355040713075374652d466f79311d301b060355040a131452 6f62657274732d54656c65636f6d20696e632e312230200603 EAP-Message = 0x55040b1319496e7465726e6574205365727669636520 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x0968a84be85d6ca0a7b1a710a0e8b3e9 Finished request 1 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.1.131:25417, id=41, length=160 User-Name = "client" NAS-IP-Address = 192.168.1.131 NAS-Port = 1 Framed-MTU = 1496 Called-Station-Id = "00-80-C6-E5-53-73:robtelradius" Calling-Station-Id = "00-0C-E5-46-8A-49" NAS-Identifier = "Radius-test" NAS-Port-Type = Wireless-802.11 State = 0x0968a84be85d6ca0a7b1a710a0e8b3e9 EAP-Message = 0x020300060d00 Message-Authenticator = 0x6cc188c318afe95487b050a13a075b95 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 2 modcall[authorize]: module "preprocess" returns ok for request 2 radius_xlat: '/usr/local/var/log/radius/radacct/192.168.1.131/auth-detail-20050 602' rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-% Y%m%d expands to /usr/local/var/log/radius/radacct/192.168.1.131/auth-detail-200 50602 modcall[authorize]: module "auth_log" returns ok for request 2 modcall[authorize]: module "chap" returns noop for request 2 modcall[authorize]: module "mschap" returns noop for request 2 rlm_realm: No '@' in User-Name = "client", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 2 rlm_eap: EAP packet type response id 3 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 2 users: Matched entry client at line 97 modcall[authorize]: module "files" returns ok for request 2 modcall: group authorize returns updated for request 2 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 2 rlm_eap: Request found, released from the list rlm_eap: EAP/tls rlm_eap: processing type tls rlm_eap_tls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: ack handshake fragment handler eaptls_verify returned 1 eaptls_process returned 13 modcall[authenticate]: module "eap" returns handled for request 2 modcall: group authenticate returns handled for request 2 Sending Access-Challenge of id 41 to 192.168.1.131:25417 EAP-Message = 0x0104040a0dc00000086950726f7669646572311c301a060355040313 135068696c6970706520426f756c696e6775657a312b302906092a864886f70d010901161c70626f 756c696e6740726f62657274732d74656c65636f6d2e636f6d301e170d3035303630323135333435 385a170d3035303730323135333435385a3081be310b3009060355040613024341310f300d060355 040813065175656265633110300e060355040713075374652d466f79311d301b060355040a131452 6f62657274732d54656c65636f6d20696e632e31223020060355040b1319496e7465726e65742053 6572766963652050726f7669646572311c301a060355040313 EAP-Message = 0x135068696c6970706520426f756c696e6775657a312b302906092a86 4886f70d010901161c70626f756c696e6740726f62657274732d74656c65636f6d2e636f6d30819f 300d06092a864886f70d010101050003818d0030818902818100a5bedb846f8d1321dfdf2a418a08 c0636ac87cddcdb25624d2ffee377ac663faa6f4beb3656171d6f0c6c23c1dfe42c84af4aaa5d1f3 47deee60d34b841c5e5f07c722a8095d33c9bc4c33e9556db2b19fe6b035182caf38d50078cf5cc6 bb1b3ce6c0de0a744ddc3e1638ad6e16b588b6790acb016bc32f1b8abf16cee8fd370203010001a3 82012730820123301d0603551d0e041604143080d2c753c79d EAP-Message = 0xe41734edc466dab4bb229a7afb3081f30603551d230481eb3081e880 143080d2c753c79de41734edc466dab4bb229a7afba181c4a481c13081be310b3009060355040613 024341310f300d060355040813065175656265633110300e060355040713075374652d466f79311d 301b060355040a1314526f62657274732d54656c65636f6d20696e632e31223020060355040b1319 496e7465726e657420536572766963652050726f7669646572311c301a060355040313135068696c 6970706520426f756c696e6775657a312b302906092a864886f70d010901161c70626f756c696e67 40726f62657274732d74656c65636f6d2e636f6d820900d2dd EAP-Message = 0x675b40909939300c0603551d13040530030101ff300d06092a864886 f70d0101040500038181006accb6643421329e5e35fbdafd9aeb7751dc02e24859672e140aca2503 0be737f96a742bf405b62c5c09da24e2e889beb31516f356ef7de266ab530db4fcbacf422361a9c4 394a50e49d821237e39d154f1bb8adf3c0c79cf2cbd0e62c934b6d6e393c672c0cf6f6d302c2d819 f324e56008901c2284e7c74c61e4a5f18e82f616030100d00d0000c802010200c300c13081be310b 3009060355040613024341310f300d060355040813065175656265633110300e0603550407130753 74652d466f79311d301b060355040a1314526f62657274732d EAP-Message = 0x54656c65636f6d20696e632e31223020060355040b13 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xa667c66d3f0619428cedecfe95f5255e Finished request 2 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.1.131:25417, id=146, length=16 0 User-Name = "client" NAS-IP-Address = 192.168.1.131 NAS-Port = 1 Framed-MTU = 1496 Called-Station-Id = "00-80-C6-E5-53-73:robtelradius" Calling-Station-Id = "00-0C-E5-46-8A-49" NAS-Identifier = "Radius-test" NAS-Port-Type = Wireless-802.11 State = 0xa667c66d3f0619428cedecfe95f5255e EAP-Message = 0x020400060d00 Message-Authenticator = 0x15c2a1a9cdbb30b2c553c29f8e0a15d1 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 3 modcall[authorize]: module "preprocess" returns ok for request 3 radius_xlat: '/usr/local/var/log/radius/radacct/192.168.1.131/auth-detail-20050 602' rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-% Y%m%d expands to /usr/local/var/log/radius/radacct/192.168.1.131/auth-detail-200 50602 modcall[authorize]: module "auth_log" returns ok for request 3 modcall[authorize]: module "chap" returns noop for request 3 modcall[authorize]: module "mschap" returns noop for request 3 rlm_realm: No '@' in User-Name = "client", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 3 rlm_eap: EAP packet type response id 4 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 3 users: Matched entry client at line 97 modcall[authorize]: module "files" returns ok for request 3 modcall: group authorize returns updated for request 3 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 3 rlm_eap: Request found, released from the list rlm_eap: EAP/tls rlm_eap: processing type tls rlm_eap_tls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: ack handshake fragment handler eaptls_verify returned 1 eaptls_process returned 13 modcall[authenticate]: module "eap" returns handled for request 3 modcall: group authenticate returns handled for request 3 Sending Access-Challenge of id 146 to 192.168.1.131:25417 EAP-Message = 0x010500730d800000086919496e7465726e6574205365727669636520 50726f7669646572311c301a060355040313135068696c6970706520426f756c696e6775657a312b 302906092a864886f70d010901161c70626f756c696e6740726f62657274732d74656c65636f6d2e 636f6d0e000000 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x08910e18b4e108594ac5accf257623b1 Finished request 3 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.1.131:25417, id=63, length=127 6 User-Name = "client" NAS-IP-Address = 192.168.1.131 NAS-Port = 1 Framed-MTU = 1496 Called-Station-Id = "00-80-C6-E5-53-73:robtelradius" Calling-Station-Id = "00-0C-E5-46-8A-49" NAS-Identifier = "Radius-test" NAS-Port-Type = Wireless-802.11 State = 0x08910e18b4e108594ac5accf257623b1 EAP-Message = 0x0205045a0d800000045016030104200b00031000030d00030a308203 063082026fa003020102020900d2dd675b4090993b300d06092a864886f70d01010405003081be31 0b3009060355040613024341310f300d060355040813065175656265633110300e06035504071307 5374652d466f79311d301b060355040a1314526f62657274732d54656c65636f6d20696e632e3122 3020060355040b1319496e7465726e657420536572766963652050726f7669646572311c301a0603 55040313135068696c6970706520426f756c696e6775657a312b302906092a864886f70d01090116 1c70626f756c696e6740726f62657274732d74656c65636f6d EAP-Message = 0x2e636f6d301e170d3035303630323135333533385a170d3037303630 323135333533385a3081b1310b3009060355040613024341310f300d060355040813065175656265 633110300e060355040713075374652d466f79311d301b060355040a1314526f62657274732d5465 6c65636f6d20696e632e31223020060355040b1319496e7465726e65742053657276696365205072 6f7669646572310f300d06035504031306636c69656e74312b302906092a864886f70d010901161c 70626f756c696e6740726f62657274732d74656c65636f6d2e636f6d30819f300d06092a864886f7 0d010101050003818d0030818902818100a4f5c5f424787132 EAP-Message = 0x8bb283be7ad5574d47970d732356ad6c28c506201b1a97baf7a41ff7 4b1b9fd93ee701be52190a647adcf8b43eda7067b19c759e8b419ab79205f6d276bb1c3d8367d540 cac8ef1c45a6ecac2d1344df92cce11f33172c4276869debd91c2e09f4dc7edf7de02733902f8cc1 d9f5947f61fd5810649f06150203010001a317301530130603551d25040c300a06082b0601050507 0302300d06092a864886f70d010104050003818100a19798a84f5d60b39047c1d86135fd27de54d2 59228f06c64056f235151ba4910ea7a47f58ec2f7708d0ae8ccacfb86bf45b3859e64605623cd625 89385c797a0b4775baa206468dc54f5f128ac355eee44d7c31 EAP-Message = 0x74d8b57c1486e26d0118a411357fc8e400ceaf1cd37d3c38873cdefa 30fe7df0e3f31fa5c211387d6298c92a100000820080d0a77671292057d893de56fa33447ed0d047 72fb13c6c7db5108eb419d654cd27ab6b8da6b3c58e62f821c788e134ca49eaa7016be14120f685f 5a3d904f4573218a889cec34a30b0d6b5d16bd39c6b6e9e01c33a233c69f70089d354741372f3e0d ec6a476e9bde95dea175fcf498145fd3d0c8355ab22e0f3f4799db5004700f000082008074733df8 324d49ad44ccbe7fe4ea171fa49e4afca9b442649208ca13bfe7d1e46a3c02c3c036c7860f16dc56 674dba29d1b8b06ac607d95e720f54202937c97aa7588eacfe EAP-Message = 0xc1ce7a446651f897e3da3968ec7e579a52c9db7b23b1d2b93248eb2f b8b29314e44860c77250ffb0095635aaf9983a08d8e40fa6886781302d39e5140301000101160301 0020d3acc5f6138591066ade3e4761f5e2c3c8701ebb32938e7a8f1c43a56fcd43d2 Message-Authenticator = 0xefd6e09dd7cf0cac694f22b0991aa64e Processing the authorize section of radiusd.conf modcall: entering group authorize for request 4 modcall[authorize]: module "preprocess" returns ok for request 4 radius_xlat: '/usr/local/var/log/radius/radacct/192.168.1.131/auth-detail-20050 602' rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-% Y%m%d expands to /usr/local/var/log/radius/radacct/192.168.1.131/auth-detail-200 50602 modcall[authorize]: module "auth_log" returns ok for request 4 modcall[authorize]: module "chap" returns noop for request 4 modcall[authorize]: module "mschap" returns noop for request 4 rlm_realm: No '@' in User-Name = "client", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 4 rlm_eap: EAP packet type response id 5 length 253 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 4 users: Matched entry client at line 97 modcall[authorize]: module "files" returns ok for request 4 modcall: group authorize returns updated for request 4 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 4 rlm_eap: Request found, released from the list rlm_eap: EAP/tls rlm_eap: processing type tls rlm_eap_tls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 rlm_eap_tls: <<< TLS 1.0 Handshake [length 0314], Certificate chain-depth=1, error=0 --> User-Name = client --> BUF-Name = Philippe Boulinguez --> subject = /C=CA/ST=Quebec/L=Ste-Foy/O=Roberts-Telecom inc./OU=Internet Servi ce Provider/CN=Philippe Boulinguez/emailAddress=pbouling@roberts-telecom.com --> issuer = /C=CA/ST=Quebec/L=Ste-Foy/O=Roberts-Telecom inc./OU=Internet Servi ce Provider/CN=Philippe Boulinguez/emailAddress=pbouling@roberts-telecom.com --> verify return:1 chain-depth=0, error=0 --> User-Name = client --> BUF-Name = client --> subject = /C=CA/ST=Quebec/L=Ste-Foy/O=Roberts-Telecom inc./OU=Internet Servi ce Provider/CN=client/emailAddress=pbouling@roberts-telecom.com --> issuer = /C=CA/ST=Quebec/L=Ste-Foy/O=Roberts-Telecom inc./OU=Internet Servi ce Provider/CN=Philippe Boulinguez/emailAddress=pbouling@roberts-telecom.com --> verify return:1 TLS_accept: SSLv3 read client certificate A rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange TLS_accept: SSLv3 read client key exchange A rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], CertificateVerify TLS_accept: SSLv3 read certificate verify A rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001] rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished TLS_accept: SSLv3 read finished A rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001] TLS_accept: SSLv3 write change cipher spec A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished TLS_accept: SSLv3 write finished A TLS_accept: SSLv3 flush data (other): SSL negotiation finished successfully SSL Connection Established eaptls_process returned 13 modcall[authenticate]: module "eap" returns handled for request 4 modcall: group authenticate returns handled for request 4 Sending Access-Challenge of id 63 to 192.168.1.131:25417 EAP-Message = 0x010600350d800000002b14030100010116030100203ce24a5966c6e5 4a332087d7d40a0b64e3b8b8025e1c069f84a3775901585faa Message-Authenticator = 0x00000000000000000000000000000000 State = 0xa95a9f2fe9e9d0e85e6f65bbccef92ab Finished request 4 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.1.131:25417, id=56, length=160 User-Name = "client" NAS-IP-Address = 192.168.1.131 NAS-Port = 1 Framed-MTU = 1496 Called-Station-Id = "00-80-C6-E5-53-73:robtelradius" Calling-Station-Id = "00-0C-E5-46-8A-49" NAS-Identifier = "Radius-test" NAS-Port-Type = Wireless-802.11 State = 0xa95a9f2fe9e9d0e85e6f65bbccef92ab EAP-Message = 0x020600060d00 Message-Authenticator = 0x447c26483e53c07bcec6d66e5b612420 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 5 modcall[authorize]: module "preprocess" returns ok for request 5 radius_xlat: '/usr/local/var/log/radius/radacct/192.168.1.131/auth-detail-20050 602' rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-% Y%m%d expands to /usr/local/var/log/radius/radacct/192.168.1.131/auth-detail-200 50602 modcall[authorize]: module "auth_log" returns ok for request 5 modcall[authorize]: module "chap" returns noop for request 5 modcall[authorize]: module "mschap" returns noop for request 5 rlm_realm: No '@' in User-Name = "client", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 5 rlm_eap: EAP packet type response id 6 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 5 users: Matched entry client at line 97 modcall[authorize]: module "files" returns ok for request 5 modcall: group authorize returns updated for request 5 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 5 rlm_eap: Request found, released from the list rlm_eap: EAP/tls rlm_eap: processing type tls rlm_eap_tls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: ack handshake is finished eaptls_verify returned 3 eaptls_process returned 3 rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns ok for request 5 modcall: group authenticate returns ok for request 5 Login OK: [client/] (from client radius-network port 1 cli 00-0C-E5-46-8A-49) Processing the post-auth section of radiusd.conf modcall: entering group post-auth for request 5 radius_xlat: '/usr/local/var/log/radius/radacct/192.168.1.131/reply-detail-2005 0602' rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/reply-detail- %Y%m%d expands to /usr/local/var/log/radius/radacct/192.168.1.131/reply-detail-2 0050602 modcall[post-auth]: module "reply_log" returns ok for request 5 modcall: group post-auth returns ok for request 5 Sending Access-Accept of id 56 to 192.168.1.131:25417 MS-MPPE-Recv-Key = 0x1dcd6454b38de3785f1eff58bd086191406ea8a798938a6c7af d52c5c3d81676 MS-MPPE-Send-Key = 0x6a0263635b5ef1bd23b5aee1877205f60550908f0dd3a0c594a 47c40bbf82192 EAP-Message = 0x03060004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = "client" Finished request 5 Going to the next request Waking up in 6 seconds... rad_recv: Accounting-Request packet from host 192.168.1.131:32843, id=206, lengt h=156 User-Name = "client" NAS-IP-Address = 192.168.1.131 NAS-Port = 1 Called-Station-Id = "00-80-C6-E5-53-73:robtelradius" Calling-Station-Id = "00-0C-E5-46-8A-49" NAS-Identifier = "Radius-test" NAS-Port-Type = Wireless-802.11 Acct-Status-Type = Start Acct-Authentic = RADIUS Acct-Session-Id = "0080C6E55373000CE5468A4980470100" Processing the preacct section of radiusd.conf modcall: entering group preacct for request 6 modcall[preacct]: module "preprocess" returns noop for request 6 rlm_acct_unique: Hashing 'NAS-Port = 1,Client-IP-Address = 192.168.1.131,NAS-IP- Address = 192.168.1.131,Acct-Session-Id = "0080C6E55373000CE5468A4980470100",Use r-Name = "client"' rlm_acct_unique: Acct-Unique-Session-ID = "a7dcec7b6e39ab31". modcall[preacct]: module "acct_unique" returns ok for request 6 rlm_realm: No '@' in User-Name = "client", looking up realm NULL rlm_realm: No such realm "NULL" modcall[preacct]: module "suffix" returns noop for request 6 modcall[preacct]: module "files" returns noop for request 6 modcall: group preacct returns ok for request 6 Processing the accounting section of radiusd.conf modcall: entering group accounting for request 6 radius_xlat: '/usr/local/var/log/radius/radacct/192.168.1.131/detail-20050602' rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/192.168.1.131/detail-20050602 modcall[accounting]: module "detail" returns ok for request 6 modcall[accounting]: module "unix" returns ok for request 6 radius_xlat: '/usr/local/var/log/radius/radutmp' radius_xlat: 'client' modcall[accounting]: module "radutmp" returns ok for request 6 modcall: group accounting returns ok for request 6 Sending Accounting-Response of id 206 to 192.168.1.131:32843 Finished request 6 Going to the next request Cleaning up request 6 ID 206 with timestamp 429f423c Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 1 ID 37 with timestamp 429f423c Cleaning up request 2 ID 41 with timestamp 429f423c Cleaning up request 5 ID 56 with timestamp 429f423c Cleaning up request 4 ID 63 with timestamp 429f423c Cleaning up request 3 ID 146 with timestamp 429f423c Cleaning up request 0 ID 149 with timestamp 429f423c Nothing to do. Sleeping until we see a request. ---------------------------------------------------------- ANOTHER "CONNECT"... ---------------------------------------------------------- rad_recv: Access-Request packet from host 192.168.1.131:7505, id=245, length=147 User-Name = "client" NAS-IP-Address = 192.168.1.131 NAS-Port = 1 Framed-MTU = 1496 Called-Station-Id = "00-80-C6-E5-53-73:robtelradius" Calling-Station-Id = "00-0C-E5-46-8A-49" NAS-Identifier = "Radius-test" NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0207000b01636c69656e74 Message-Authenticator = 0x776d8ae1d0b6b29c6e80ae2aa9d83326 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 7 modcall[authorize]: module "preprocess" returns ok for request 7 radius_xlat: '/usr/local/var/log/radius/radacct/192.168.1.131/auth-detail-20050 602' rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-% Y%m%d expands to /usr/local/var/log/radius/radacct/192.168.1.131/auth-detail-200 50602 modcall[authorize]: module "auth_log" returns ok for request 7 modcall[authorize]: module "chap" returns noop for request 7 modcall[authorize]: module "mschap" returns noop for request 7 rlm_realm: No '@' in User-Name = "client", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 7 rlm_eap: EAP packet type response id 7 length 11 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 7 users: Matched entry client at line 97 modcall[authorize]: module "files" returns ok for request 7 modcall: group authorize returns updated for request 7 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 7 rlm_eap: EAP Identity rlm_eap: processing type tls rlm_eap_tls: Requiring client certificate rlm_eap_tls: Initiate rlm_eap_tls: Start returned 1 modcall[authenticate]: module "eap" returns handled for request 7 modcall: group authenticate returns handled for request 7 Sending Access-Challenge of id 245 to 192.168.1.131:7505 EAP-Message = 0x010800060d20 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x36077a2e12a1d3c0a98d979244f8920d Finished request 7 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.1.131:7505, id=19, length=266 User-Name = "client" NAS-IP-Address = 192.168.1.131 NAS-Port = 1 Framed-MTU = 1496 Called-Station-Id = "00-80-C6-E5-53-73:robtelradius" Calling-Station-Id = "00-0C-E5-46-8A-49" NAS-Identifier = "Radius-test" NAS-Port-Type = Wireless-802.11 State = 0x36077a2e12a1d3c0a98d979244f8920d EAP-Message = 0x020800700d800000006616030100610100005d0301429f424540666d 175a8799f703229f5e08092326258c730997f6421f02a731cc20bbeb4909ba979b205a089297e70a 0c69fcfb8e646ffce24a081f4ccb4da17777001600040005000a0009006400620003000600130012 00630100 Message-Authenticator = 0x74ddee1e23f82bb28afeaa274885b290 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 8 modcall[authorize]: module "preprocess" returns ok for request 8 radius_xlat: '/usr/local/var/log/radius/radacct/192.168.1.131/auth-detail-20050 602' rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-% Y%m%d expands to /usr/local/var/log/radius/radacct/192.168.1.131/auth-detail-200 50602 modcall[authorize]: module "auth_log" returns ok for request 8 modcall[authorize]: module "chap" returns noop for request 8 modcall[authorize]: module "mschap" returns noop for request 8 rlm_realm: No '@' in User-Name = "client", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 8 rlm_eap: EAP packet type response id 8 length 112 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 8 users: Matched entry client at line 97 modcall[authorize]: module "files" returns ok for request 8 modcall: group authorize returns updated for request 8 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 8 rlm_eap: Request found, released from the list rlm_eap: EAP/tls rlm_eap: processing type tls rlm_eap_tls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 (other): before/accept initialization TLS_accept: before/accept initialization rlm_eap_tls: <<< TLS 1.0 Handshake [length 0061], ClientHello TLS_accept: SSLv3 read client hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello TLS_accept: SSLv3 write server hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0740], Certificate TLS_accept: SSLv3 write certificate A rlm_eap_tls: >>> TLS 1.0 Handshake [length 00d0], CertificateRequest TLS_accept: SSLv3 write certificate request A TLS_accept: SSLv3 flush data TLS_accept:error in SSLv3 read client certificate A In SSL Handshake Phase In SSL Accept mode eaptls_process returned 13 modcall[authenticate]: module "eap" returns handled for request 8 modcall: group authenticate returns handled for request 8 Sending Access-Challenge of id 19 to 192.168.1.131:7505 EAP-Message = 0x0109040a0dc000000869160301004a020000460301429f4244955196 7ade7a300ec66c6276a117357bad8c6dd5d6058323074a3853208b0cac2332b579657f6a25bbdd4e 716e18fa456c96b7d0b48ada68589051a50f00040016030107400b00073c00073900030a30820306 3082026fa003020102020900d2dd675b4090993a300d06092a864886f70d01010405003081be310b 3009060355040613024341310f300d060355040813065175656265633110300e0603550407130753 74652d466f79311d301b060355040a1314526f62657274732d54656c65636f6d20696e632e312230 20060355040b1319496e7465726e6574205365727669636520 EAP-Message = 0x50726f7669646572311c301a060355040313135068696c6970706520 426f756c696e6775657a312b302906092a864886f70d010901161c70626f756c696e6740726f6265 7274732d74656c65636f6d2e636f6d301e170d3035303630323135333531355a170d303730363032 3135333531355a3081b1310b3009060355040613024341310f300d06035504081306517565626563 3110300e060355040713075374652d466f79311d301b060355040a1314526f62657274732d54656c 65636f6d20696e632e31223020060355040b1319496e7465726e657420536572766963652050726f 7669646572310f300d06035504031306726164697573312b30 EAP-Message = 0x2906092a864886f70d010901161c70626f756c696e6740726f626572 74732d74656c65636f6d2e636f6d30819f300d06092a864886f70d010101050003818d0030818902 818100e10b9f3ec2a8317b6c9ff63f3de5e59f7c27c8f27db0cc0c14c8fe7c1dc92d67f376290cf0 8459a872801c3de051defe53da8e2d07da583ad19dbea978c8b14ff96bb17d1b2de9c25aaf97b894 b12090d180f87b9b582247ba1a42567c3086b9b321540ce91a445587787e03da51969cdc616eca6e 421bb780b5be30b4c408310203010001a317301530130603551d25040c300a06082b060105050703 01300d06092a864886f70d010104050003818100a38745ec4b EAP-Message = 0x0938c7e19376a58700463c1aded97b906da80b5ef9dac8bee8e18ffa c49fdb3d7765c1c8923c7af1b549c0c9b3cb6221daf84852d2cd8ca5d86ded8cec0211b0704a859d 2b3d1addd098d7ebd0c1f8a49ea69c0e470e7d89bd187cd62b9270260d1efabd70e08a1f2c5b3e31 8297743626ea8027c821e027b5c136000429308204253082038ea003020102020900d2dd675b4090 9939300d06092a864886f70d01010405003081be310b3009060355040613024341310f300d060355 040813065175656265633110300e060355040713075374652d466f79311d301b060355040a131452 6f62657274732d54656c65636f6d20696e632e312230200603 EAP-Message = 0x55040b1319496e7465726e6574205365727669636520 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xffc2fddb517fdfe4efd63658773d92d4 Finished request 8 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.1.131:7505, id=32, length=160 User-Name = "client" NAS-IP-Address = 192.168.1.131 NAS-Port = 1 Framed-MTU = 1496 Called-Station-Id = "00-80-C6-E5-53-73:robtelradius" Calling-Station-Id = "00-0C-E5-46-8A-49" NAS-Identifier = "Radius-test" NAS-Port-Type = Wireless-802.11 State = 0xffc2fddb517fdfe4efd63658773d92d4 EAP-Message = 0x020900060d00 Message-Authenticator = 0xad8381d58356a2f8b2a5879ed4cfefaa Processing the authorize section of radiusd.conf modcall: entering group authorize for request 9 modcall[authorize]: module "preprocess" returns ok for request 9 radius_xlat: '/usr/local/var/log/radius/radacct/192.168.1.131/auth-detail-20050 602' rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-% Y%m%d expands to /usr/local/var/log/radius/radacct/192.168.1.131/auth-detail-200 50602 modcall[authorize]: module "auth_log" returns ok for request 9 modcall[authorize]: module "chap" returns noop for request 9 modcall[authorize]: module "mschap" returns noop for request 9 rlm_realm: No '@' in User-Name = "client", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 9 rlm_eap: EAP packet type response id 9 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 9 users: Matched entry client at line 97 modcall[authorize]: module "files" returns ok for request 9 modcall: group authorize returns updated for request 9 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 9 rlm_eap: Request found, released from the list rlm_eap: EAP/tls rlm_eap: processing type tls rlm_eap_tls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: ack handshake fragment handler eaptls_verify returned 1 eaptls_process returned 13 modcall[authenticate]: module "eap" returns handled for request 9 modcall: group authenticate returns handled for request 9 Sending Access-Challenge of id 32 to 192.168.1.131:7505 EAP-Message = 0x010a040a0dc00000086950726f7669646572311c301a060355040313 135068696c6970706520426f756c696e6775657a312b302906092a864886f70d010901161c70626f 756c696e6740726f62657274732d74656c65636f6d2e636f6d301e170d3035303630323135333435 385a170d3035303730323135333435385a3081be310b3009060355040613024341310f300d060355 040813065175656265633110300e060355040713075374652d466f79311d301b060355040a131452 6f62657274732d54656c65636f6d20696e632e31223020060355040b1319496e7465726e65742053 6572766963652050726f7669646572311c301a060355040313 EAP-Message = 0x135068696c6970706520426f756c696e6775657a312b302906092a86 4886f70d010901161c70626f756c696e6740726f62657274732d74656c65636f6d2e636f6d30819f 300d06092a864886f70d010101050003818d0030818902818100a5bedb846f8d1321dfdf2a418a08 c0636ac87cddcdb25624d2ffee377ac663faa6f4beb3656171d6f0c6c23c1dfe42c84af4aaa5d1f3 47deee60d34b841c5e5f07c722a8095d33c9bc4c33e9556db2b19fe6b035182caf38d50078cf5cc6 bb1b3ce6c0de0a744ddc3e1638ad6e16b588b6790acb016bc32f1b8abf16cee8fd370203010001a3 82012730820123301d0603551d0e041604143080d2c753c79d EAP-Message = 0xe41734edc466dab4bb229a7afb3081f30603551d230481eb3081e880 143080d2c753c79de41734edc466dab4bb229a7afba181c4a481c13081be310b3009060355040613 024341310f300d060355040813065175656265633110300e060355040713075374652d466f79311d 301b060355040a1314526f62657274732d54656c65636f6d20696e632e31223020060355040b1319 496e7465726e657420536572766963652050726f7669646572311c301a060355040313135068696c 6970706520426f756c696e6775657a312b302906092a864886f70d010901161c70626f756c696e67 40726f62657274732d74656c65636f6d2e636f6d820900d2dd EAP-Message = 0x675b40909939300c0603551d13040530030101ff300d06092a864886 f70d0101040500038181006accb6643421329e5e35fbdafd9aeb7751dc02e24859672e140aca2503 0be737f96a742bf405b62c5c09da24e2e889beb31516f356ef7de266ab530db4fcbacf422361a9c4 394a50e49d821237e39d154f1bb8adf3c0c79cf2cbd0e62c934b6d6e393c672c0cf6f6d302c2d819 f324e56008901c2284e7c74c61e4a5f18e82f616030100d00d0000c802010200c300c13081be310b 3009060355040613024341310f300d060355040813065175656265633110300e0603550407130753 74652d466f79311d301b060355040a1314526f62657274732d EAP-Message = 0x54656c65636f6d20696e632e31223020060355040b13 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x1caf45596007a69f235ff00b7a4e8375 Finished request 9 Going to the next request --- Walking the entire request list --- Waking up in 5 seconds... rad_recv: Access-Request packet from host 192.168.1.131:7505, id=181, length=160 User-Name = "client" NAS-IP-Address = 192.168.1.131 NAS-Port = 1 Framed-MTU = 1496 Called-Station-Id = "00-80-C6-E5-53-73:robtelradius" Calling-Station-Id = "00-0C-E5-46-8A-49" NAS-Identifier = "Radius-test" NAS-Port-Type = Wireless-802.11 State = 0x1caf45596007a69f235ff00b7a4e8375 EAP-Message = 0x020a00060d00 Message-Authenticator = 0x0f5ee922371cc912b2ebd0fb65aa08aa Processing the authorize section of radiusd.conf modcall: entering group authorize for request 10 modcall[authorize]: module "preprocess" returns ok for request 10 radius_xlat: '/usr/local/var/log/radius/radacct/192.168.1.131/auth-detail-20050 602' rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-% Y%m%d expands to /usr/local/var/log/radius/radacct/192.168.1.131/auth-detail-200 50602 modcall[authorize]: module "auth_log" returns ok for request 10 modcall[authorize]: module "chap" returns noop for request 10 modcall[authorize]: module "mschap" returns noop for request 10 rlm_realm: No '@' in User-Name = "client", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 10 rlm_eap: EAP packet type response id 10 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 10 users: Matched entry client at line 97 modcall[authorize]: module "files" returns ok for request 10 modcall: group authorize returns updated for request 10 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 10 rlm_eap: Request found, released from the list rlm_eap: EAP/tls rlm_eap: processing type tls rlm_eap_tls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: ack handshake fragment handler eaptls_verify returned 1 eaptls_process returned 13 modcall[authenticate]: module "eap" returns handled for request 10 modcall: group authenticate returns handled for request 10 Sending Access-Challenge of id 181 to 192.168.1.131:7505 EAP-Message = 0x010b00730d800000086919496e7465726e6574205365727669636520 50726f7669646572311c301a060355040313135068696c6970706520426f756c696e6775657a312b 302906092a864886f70d010901161c70626f756c696e6740726f62657274732d74656c65636f6d2e 636f6d0e000000 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x4da5bc91b0c764de76260c19a3b7b76e Finished request 10 Going to the next request Waking up in 5 seconds... --- Walking the entire request list --- Cleaning up request 8 ID 19 with timestamp 429f4243 Cleaning up request 7 ID 245 with timestamp 429f4243 Waking up in 1 seconds... --- Walking the entire request list --- Cleaning up request 9 ID 32 with timestamp 429f4244 Cleaning up request 10 ID 181 with timestamp 429f4244 Nothing to do. Sleeping until we see a request. [root@poste2 ~]#