<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2900.3059" name=GENERATOR></HEAD>
<BODY style="MARGIN: 4px 4px 1px; FONT: 10pt Tahoma">
<DIV style="COLOR: #000000">Ok, I minted the Certificates/Keys with a CA running on a Windows 2003 server and was able to get them into the PEM format. The EAP.CONF was modified accordingly and RADIUSD is happy. I am still able to authenticate with no problems with 802.1x PEAP (EAP-MSCHAP V2) when using Cisco's ADU configuration tool. Still have problems when using the Windows XP supplicant.</DIV>
<DIV style="COLOR: #000000"> </DIV>
<DIV style="COLOR: #000000">In trying to authenticate with the Windows XP supplicant, I can see from the logs that it's changing the password's 1st character to an "a". If you look at the log data below, you'll see that the user account "UOHI-40615" being used to authenticate is failing because the password sent is "aassword2" instead of "password2".</DIV>
<DIV style="COLOR: #000000"> </DIV>
<DIV style="COLOR: #000000">Does anyone know how to fix this problem?</DIV>
<DIV style="COLOR: #000000">I'm so close, please help me find the needle in the haystack.</DIV>
<DIV style="COLOR: #000000"> </DIV>
<DIV style="COLOR: #000000">Thanks,</DIV>
<DIV style="COLOR: #000000">Marc</DIV>
<DIV style="COLOR: #000000"> </DIV>
<DIV style="COLOR: #000000">—---------------------------------Log data, Win XP authentication still failing—---------------------------------</DIV>
<DIV style="COLOR: #000000">ohisles1:/ # radiusd -X<BR>Starting - reading configuration files ...<BR>reread_config: reading radiusd.conf<BR>Config: including file: /etc/raddb/proxy.conf<BR>Config: including file: /etc/raddb/clients.conf<BR>Config: including file: /etc/raddb/snmp.conf<BR>Config: including file: /etc/raddb/eap.conf<BR>Config: including file: /etc/raddb/sql.conf<BR> main: prefix = "/usr"<BR> main: localstatedir = "/var"<BR> main: logdir = "/var/log/radius"<BR> main: libdir = "/usr/lib/freeradius"<BR> main: radacctdir = "/var/log/radius/radacct"<BR> main: hostname_lookups = no<BR> main: max_request_time = 30<BR> main: cleanup_delay = 5<BR> main: max_requests = 1024<BR> main: delete_blocked_requests = 0<BR> main: port = 0<BR> main: allow_core_dumps = no<BR> main: log_stripped_names = no<BR> main: log_file = "/var/log/radius/radius.log"<BR> main: log_auth = no<BR> main: log_auth_badpass = no<BR> main: log_auth_goodpass = no<BR> main: pidfile = "/var/run/radiusd/radiusd.pid"<BR> main: user = "(null)"<BR> main: group = "(null)"<BR> main: usercollide = no<BR> main: lower_user = "no"<BR> main: lower_pass = "no"<BR> main: nospace_user = "no"<BR> main: nospace_pass = "no"<BR> main: checkrad = "/usr/sbin/checkrad"<BR> main: proxy_requests = yes<BR> proxy: retry_delay = 5<BR> proxy: retry_count = 3<BR> proxy: synchronous = no<BR> proxy: default_fallback = yes<BR> proxy: dead_time = 120<BR> proxy: post_proxy_authorize = yes<BR> proxy: wake_all_if_all_dead = no<BR> security: max_attributes = 200<BR> security: reject_delay = 1<BR> security: status_server = no<BR> main: debug_level = 0<BR>read_config_files: reading dictionary<BR>read_config_files: reading naslist<BR>Using deprecated naslist file. Support for this will go away soon.<BR>read_config_files: reading clients<BR>read_config_files: reading realms<BR>radiusd: entering modules setup<BR>Module: Library search path is /usr/lib/freeradius<BR>Module: Loaded exec<BR> exec: wait = yes<BR> exec: program = "(null)"<BR> exec: input_pairs = "request"<BR> exec: output_pairs = "(null)"<BR> exec: packet_type = "(null)"<BR>rlm_exec: Wait=yes but no output defined. Did you mean output=none?<BR>Module: Instantiated exec (exec)<BR>Module: Loaded expr<BR>Module: Instantiated expr (expr)<BR>Module: Loaded CHAP<BR>Module: Instantiated chap (chap)<BR>Module: Loaded MS-CHAP<BR> mschap: use_mppe = yes<BR> mschap: require_encryption = yes<BR> mschap: require_strong = yes<BR> mschap: with_ntdomain_hack = no<BR> mschap: passwd = "(null)"<BR> mschap: authtype = "MS-CHAP"<BR> mschap: ntlm_auth = "(null)"<BR>Module: Instantiated mschap (mschap)<BR>Module: Loaded LDAP<BR> ldap: server = "ohiapp2.ottawaheart.ca"<BR> ldap: port = 636<BR> ldap: net_timeout = 1<BR> ldap: timeout = 4<BR> ldap: timelimit = 3<BR> ldap: identity = "cn=radiusadmin,o=ohico"<BR> ldap: tls_mode = yes<BR> ldap: start_tls = no<BR> ldap: tls_cacertfile = "/etc/raddb/certs/ohicoca.b64"<BR> ldap: tls_cacertdir = "(null)"<BR> ldap: tls_certfile = "(null)"<BR> ldap: tls_keyfile = "(null)"<BR> ldap: tls_randfile = "(null)"<BR> ldap: tls_require_cert = "demand"<BR> ldap: password = "password1"<BR> ldap: basedn = "o=OHICO"<BR> ldap: filter = "(&(objectClass=inetOrgPerson)(cn=%{Stripped-User-Name:-%{User-Name}}))"<BR> ldap: base_filter = "(objectclass=radiusprofile)"<BR> ldap: default_profile = "(null)"<BR> ldap: profile_attribute = "(null)"<BR> ldap: password_header = "(null)"<BR> ldap: password_attribute = "nspmPassword"<BR> ldap: access_attr = "dialupAccess"<BR> ldap: groupname_attribute = "cn"<BR> ldap: groupmembership_filter = "(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))"<BR> ldap: groupmembership_attribute = "(null)"<BR> ldap: dictionary_mapping = "/etc/raddb/ldap.attrmap"<BR> ldap: ldap_debug = 0<BR> ldap: ldap_connections_number = 10<BR> ldap: compare_check_items = no<BR> ldap: access_attr_used_for_allow = yes<BR> ldap: do_xlat = yes<BR> ldap: edir_account_policy_check = yes<BR>rlm_ldap: Registering ldap_groupcmp for Ldap-Group<BR>rlm_ldap: Registering ldap_xlat with xlat_name ldap<BR>rlm_ldap: reading ldap<->radius mappings from file /etc/raddb/ldap.attrmap<BR>rlm_ldap: LDAP radiusCheckItem mapped to RADIUS $GENERIC$<BR>rlm_ldap: LDAP radiusReplyItem mapped to RADIUS $GENERIC$<BR>rlm_ldap: LDAP radiusAuthType mapped to RADIUS Auth-Type<BR>rlm_ldap: LDAP radiusSimultaneousUse mapped to RADIUS Simultaneous-Use<BR>rlm_ldap: LDAP radiusCalledStationId mapped to RADIUS Called-Station-Id<BR>rlm_ldap: LDAP radiusCallingStationId mapped to RADIUS Calling-Station-Id<BR>rlm_ldap: LDAP lmPassword mapped to RADIUS LM-Password<BR>rlm_ldap: LDAP ntPassword mapped to RADIUS NT-Password<BR>rlm_ldap: LDAP acctFlags mapped to RADIUS SMB-Account-CTRL-TEXT<BR>rlm_ldap: LDAP radiusExpiration mapped to RADIUS Expiration<BR>rlm_ldap: LDAP radiusServiceType mapped to RADIUS Service-Type<BR>rlm_ldap: LDAP radiusFramedProtocol mapped to RADIUS Framed-Protocol<BR>rlm_ldap: LDAP radiusFramedIPAddress mapped to RADIUS Framed-IP-Address<BR>rlm_ldap: LDAP radiusFramedIPNetmask mapped to RADIUS Framed-IP-Netmask<BR>rlm_ldap: LDAP radiusFramedRoute mapped to RADIUS Framed-Route<BR>rlm_ldap: LDAP radiusFramedRouting mapped to RADIUS Framed-Routing<BR>rlm_ldap: LDAP radiusFilterId mapped to RADIUS Filter-Id<BR>rlm_ldap: LDAP radiusFramedMTU mapped to RADIUS Framed-MTU<BR>rlm_ldap: LDAP radiusFramedCompression mapped to RADIUS Framed-Compression<BR>rlm_ldap: LDAP radiusLoginIPHost mapped to RADIUS Login-IP-Host<BR>rlm_ldap: LDAP radiusLoginService mapped to RADIUS Login-Service<BR>rlm_ldap: LDAP radiusLoginTCPPort mapped to RADIUS Login-TCP-Port<BR>rlm_ldap: LDAP radiusCallbackNumber mapped to RADIUS Callback-Number<BR>rlm_ldap: LDAP radiusCallbackId mapped to RADIUS Callback-Id<BR>rlm_ldap: LDAP radiusFramedIPXNetwork mapped to RADIUS Framed-IPX-Network<BR>rlm_ldap: LDAP radiusClass mapped to RADIUS Class<BR>rlm_ldap: LDAP radiusSessionTimeout mapped to RADIUS Session-Timeout<BR>rlm_ldap: LDAP radiusIdleTimeout mapped to RADIUS Idle-Timeout<BR>rlm_ldap: LDAP radiusTerminationAction mapped to RADIUS Termination-Action<BR>rlm_ldap: LDAP radiusLoginLATService mapped to RADIUS Login-LAT-Service<BR>rlm_ldap: LDAP radiusLoginLATNode mapped to RADIUS Login-LAT-Node<BR>rlm_ldap: LDAP radiusLoginLATGroup mapped to RADIUS Login-LAT-Group<BR>rlm_ldap: LDAP radiusFramedAppleTalkLink mapped to RADIUS Framed-AppleTalk-Link<BR>rlm_ldap: LDAP radiusFramedAppleTalkNetwork mapped to RADIUS Framed-AppleTalk-Network<BR>rlm_ldap: LDAP radiusFramedAppleTalkZone mapped to RADIUS Framed-AppleTalk-Zone<BR>rlm_ldap: LDAP radiusPortLimit mapped to RADIUS Port-Limit<BR>rlm_ldap: LDAP radiusLoginLATPort mapped to RADIUS Login-LAT-Port<BR>conns: 0x8151a80<BR>Module: Instantiated ldap (ldap)<BR>Module: Loaded eap<BR> eap: default_eap_type = "peap"<BR> eap: timer_expire = 60<BR> eap: ignore_unknown_eap_types = no<BR> eap: cisco_accounting_username_bug = no<BR> tls: rsa_key_exchange = no<BR> tls: dh_key_exchange = yes<BR> tls: rsa_key_length = 512<BR> tls: dh_key_length = 512<BR> tls: verify_depth = 0<BR> tls: CA_path = "(null)"<BR> tls: pem_file_type = yes<BR> tls: private_key_file = "/etc/raddb/certs/ohisles1-server2.pem"<BR> tls: certificate_file = "/etc/raddb/certs/ohisles1-server2.pem"<BR> tls: CA_file = "/etc/raddb/certs/uohi-ca-root.pem"<BR> tls: private_key_password = "snakepie"<BR> tls: dh_file = "/etc/raddb/certs/dh"<BR> tls: random_file = "/etc/raddb/certs/random"<BR> tls: fragment_size = 1024<BR> tls: include_length = yes<BR> tls: check_crl = no<BR> tls: check_cert_cn = "(null)"<BR>rlm_eap: Loaded and initialized type tls<BR> ttls: default_eap_type = "md5"<BR> ttls: copy_request_to_tunnel = yes<BR> ttls: use_tunneled_reply = yes<BR>rlm_eap: Loaded and initialized type ttls<BR> peap: default_eap_type = "mschapv2"<BR> peap: copy_request_to_tunnel = no<BR> peap: use_tunneled_reply = no<BR> peap: proxy_tunneled_request_as_eap = yes<BR>rlm_eap: Loaded and initialized type peap<BR> mschapv2: with_ntdomain_hack = no<BR>rlm_eap: Loaded and initialized type mschapv2<BR>Module: Instantiated eap (eap)<BR>Module: Loaded preprocess<BR> preprocess: huntgroups = "/etc/raddb/huntgroups"<BR> preprocess: hints = "/etc/raddb/hints"<BR> preprocess: with_ascend_hack = no<BR> preprocess: ascend_channels_per_line = 23<BR> preprocess: with_ntdomain_hack = no<BR> preprocess: with_specialix_jetstream_hack = no<BR> preprocess: with_cisco_vsa_hack = no<BR>Module: Instantiated preprocess (preprocess)<BR>Module: Loaded realm<BR> realm: format = "suffix"<BR> realm: delimiter = "@"<BR> realm: ignore_default = no<BR> realm: ignore_null = no<BR>Module: Instantiated realm (suffix)<BR>Module: Loaded Acct-Unique-Session-Id<BR> acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"<BR>Module: Instantiated acct_unique (acct_unique)<BR>Module: Loaded files<BR> files: usersfile = "/etc/raddb/users"<BR> files: acctusersfile = "/etc/raddb/acct_users"<BR> files: preproxy_usersfile = "/etc/raddb/preproxy_users"<BR> files: compat = "no"<BR>Module: Instantiated files (files)<BR>Module: Loaded detail<BR> detail: detailfile = "/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"<BR> detail: detailperm = 384<BR> detail: dirperm = 493<BR> detail: locking = no<BR>Module: Instantiated detail (detail)<BR>Module: Loaded System<BR> unix: cache = no<BR> unix: passwd = "(null)"<BR> unix: shadow = "(null)"<BR> unix: group = "(null)"<BR> unix: radwtmp = "/var/log/radius/radwtmp"<BR> unix: usegroup = no<BR> unix: cache_reload = 600<BR>Module: Instantiated unix (unix)<BR>Module: Loaded radutmp<BR> radutmp: filename = "/var/log/radius/radutmp"<BR> radutmp: username = "%{User-Name}"<BR> radutmp: case_sensitive = yes<BR> radutmp: check_with_nas = yes<BR> radutmp: perm = 384<BR> radutmp: callerid = yes<BR>Module: Instantiated radutmp (radutmp)<BR>Listening on authentication *:1812<BR>Listening on accounting *:1813<BR>Listening on proxy *:1814<BR>Ready to process requests.<BR>rad_recv: Access-Request packet from host 192.168.242.4:32768, id=101, length=184<BR> User-Name = "uohi-40615"<BR> Calling-Station-Id = "00-40-96-B1-43-19"<BR> Called-Station-Id = "00-15-2C-49-E0-B0:UOHISSID2"<BR> NAS-Port = 1<BR> NAS-IP-Address = 192.168.242.4<BR> NAS-Identifier = "UOHIWLAN2"<BR> Vendor-14179-Attr-1 = 0x00000002<BR> Service-Type = Framed-User<BR> Framed-MTU = 1300<BR> NAS-Port-Type = Wireless-802.11<BR> Tunnel-Type:0 = VLAN<BR> Tunnel-Medium-Type:0 = IEEE-802<BR> Tunnel-Private-Group-Id:0 = "23"<BR> EAP-Message = 0x0208000f01756f68692d3430363135<BR> Message-Authenticator = 0xb6e0c23865931345f4e69bb76e8c26fd<BR> Processing the authorize section of radiusd.conf<BR>modcall: entering group authorize for request 0<BR> modcall[authorize]: module "preprocess" returns ok for request 0<BR> modcall[authorize]: module "chap" returns noop for request 0<BR> modcall[authorize]: module "mschap" returns noop for request 0<BR> rlm_realm: No <A href="mailto:'@'">'@'</A> in User-Name = "uohi-40615", looking up realm NULL<BR> rlm_realm: No such realm "NULL"<BR> modcall[authorize]: module "suffix" returns noop for request 0<BR>rlm_ldap: - authorize<BR>rlm_ldap: performing user authorization for uohi-40615<BR>radius_xlat: '(&(objectClass=inetOrgPerson)(cn=uohi-40615))'<BR>radius_xlat: 'o=OHICO'<BR>rlm_ldap: ldap_get_conn: Checking Id: 0<BR>rlm_ldap: ldap_get_conn: Got Id: 0<BR>rlm_ldap: attempting LDAP reconnection<BR>rlm_ldap: (re)connect to ohiapp2.ottawaheart.ca:636, authentication 0<BR>rlm_ldap: setting TLS mode to 1<BR>rlm_ldap: setting TLS CACert File to /etc/raddb/certs/ohicoca.b64<BR>rlm_ldap: setting TLS Require Cert to demand<BR>rlm_ldap: bind as cn=radiusadmin,o=ohico/password1 to ohiapp2.ottawaheart.ca:636<BR>rlm_ldap: waiting for bind result ...<BR>rlm_ldap: Bind was successful<BR>rlm_ldap: performing search in o=OHICO, with filter (&(objectClass=inetOrgPerson)(cn=uohi-40615))<BR>rlm_ldap: checking if remote access for uohi-40615 is allowed by dialupAccess<BR>rlm_ldap: Added the eDirectory password in check items<BR>rlm_ldap: looking for check items in directory...<BR>rlm_ldap: looking for reply items in directory...<BR>rlm_ldap: user uohi-40615 authorized to use remote access<BR>rlm_ldap: ldap_release_conn: Release Id: 0<BR> modcall[authorize]: module "ldap" returns ok for request 0<BR> rlm_eap: EAP packet type response id 8 length 15<BR> rlm_eap: No EAP Start, assuming it's an on-going EAP conversation<BR> modcall[authorize]: module "eap" returns updated for request 0<BR>modcall: group authorize returns updated for request 0<BR> rad_check_password: Found Auth-Type EAP<BR>auth: type "EAP"<BR> Processing the authenticate section of radiusd.conf<BR>modcall: entering group authenticate for request 0<BR> rlm_eap: EAP Identity<BR> rlm_eap: processing type tls<BR> rlm_eap_tls: Initiate<BR> rlm_eap_tls: Start returned 1<BR> modcall[authenticate]: module "eap" returns handled for request 0<BR>modcall: group authenticate returns handled for request 0<BR>Sending Access-Challenge of id 101 to 192.168.242.4:32768<BR> EAP-Message = 0x010900061920<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> State = 0x37e3d22fde30998bea28f6180cfa1cba<BR>Finished request 0<BR>Going to the next request<BR>--- Walking the entire request list ---<BR>Waking up in 6 seconds...<BR>rad_recv: Access-Request packet from host 192.168.242.4:32768, id=102, length=267<BR> User-Name = "uohi-40615"<BR> Calling-Station-Id = "00-40-96-B1-43-19"<BR> Called-Station-Id = "00-15-2C-49-E0-B0:UOHISSID2"<BR> NAS-Port = 1<BR> NAS-IP-Address = 192.168.242.4<BR> NAS-Identifier = "UOHIWLAN2"<BR> Vendor-14179-Attr-1 = 0x00000002<BR> Service-Type = Framed-User<BR> Framed-MTU = 1300<BR> NAS-Port-Type = Wireless-802.11<BR> Tunnel-Type:0 = VLAN<BR> Tunnel-Medium-Type:0 = IEEE-802<BR> Tunnel-Private-Group-Id:0 = "23"<BR> EAP-Message = 0x0209005019800000004616030100410100003d03014630b80b03e2cb98be0b94df02381297df862f15c0536d9fdc1ac51c1d7e1ce300001600040005000a000900640062000300060013001200630100<BR> State = 0x37e3d22fde30998bea28f6180cfa1cba<BR> Message-Authenticator = 0x7e4294278950604acaba806c812ef18f<BR> Processing the authorize section of radiusd.conf<BR>modcall: entering group authorize for request 1<BR> modcall[authorize]: module "preprocess" returns ok for request 1<BR> modcall[authorize]: module "chap" returns noop for request 1<BR> modcall[authorize]: module "mschap" returns noop for request 1<BR> rlm_realm: No <A href="mailto:'@'">'@'</A> in User-Name = "uohi-40615", looking up realm NULL<BR> rlm_realm: No such realm "NULL"<BR> modcall[authorize]: module "suffix" returns noop for request 1<BR>rlm_ldap: - authorize<BR>rlm_ldap: performing user authorization for uohi-40615<BR>radius_xlat: '(&(objectClass=inetOrgPerson)(cn=uohi-40615))'<BR>radius_xlat: 'o=OHICO'<BR>rlm_ldap: ldap_get_conn: Checking Id: 0<BR>rlm_ldap: ldap_get_conn: Got Id: 0<BR>rlm_ldap: performing search in o=OHICO, with filter (&(objectClass=inetOrgPerson)(cn=uohi-40615))<BR>rlm_ldap: checking if remote access for uohi-40615 is allowed by dialupAccess<BR>rlm_ldap: Added the eDirectory password in check items<BR>rlm_ldap: looking for check items in directory...<BR>rlm_ldap: looking for reply items in directory...<BR>rlm_ldap: user uohi-40615 authorized to use remote access<BR>rlm_ldap: ldap_release_conn: Release Id: 0<BR> modcall[authorize]: module "ldap" returns ok for request 1<BR> rlm_eap: EAP packet type response id 9 length 80<BR> rlm_eap: No EAP Start, assuming it's an on-going EAP conversation<BR> modcall[authorize]: module "eap" returns updated for request 1<BR>modcall: group authorize returns updated for request 1<BR> rad_check_password: Found Auth-Type EAP<BR>auth: type "EAP"<BR> Processing the authenticate section of radiusd.conf<BR>modcall: entering group authenticate for request 1<BR> rlm_eap: Request found, released from the list<BR> rlm_eap: EAP/peap<BR> rlm_eap: processing type peap<BR> rlm_eap_peap: Authenticate<BR> rlm_eap_tls: processing TLS<BR>rlm_eap_tls: Length Included<BR> eaptls_verify returned 11<BR> (other): before/accept initialization<BR> TLS_accept: before/accept initialization<BR> rlm_eap_tls: <<< TLS 1.0 Handshake [length 0041], ClientHello<BR> TLS_accept: SSLv3 read client hello A<BR> rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello<BR> TLS_accept: SSLv3 write server hello A<BR> rlm_eap_tls: >>> TLS 1.0 Handshake [length 0a5e], Certificate<BR> TLS_accept: SSLv3 write certificate A<BR> rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone<BR> TLS_accept: SSLv3 write server done A<BR> TLS_accept: SSLv3 flush data<BR> TLS_accept:error in SSLv3 read client certificate A<BR>In SSL Handshake Phase<BR>In SSL Accept mode<BR> eaptls_process returned 13<BR> rlm_eap_peap: EAPTLS_HANDLED<BR> modcall[authenticate]: module "eap" returns handled for request 1<BR>modcall: group authenticate returns handled for request 1<BR>Sending Access-Challenge of id 102 to 192.168.242.4:32768<BR> EAP-Message = 0x010a040a19c000000abb160301004a02000046030146300f87e306bf349b58586ed302326513983358cca1bda869c45ba355f28741204e798eb591510e8b2da6aea2f3ab2bddb1b8d205fce25e392ecb300bf6adc76a0004001603010a5e0b000a5a000a570005a4308205a030820488a003020102020a17bfc68400000000000d300d06092a864886f70d0101050500305a31153013060a0992268993f22c64011916056c6f63616c31123010060a0992268993f22c64011916026361311b3019060a0992268993f22c640119160b6f747461776168656172743110300e06035504031307756f68692d6361301e170d3037303432363031323435375a<BR> EAP-Message = 0x170d3039303432363031333435375a307f310b30090603550406130243413110300e060355040813074f6e746172696f310f300d060355040713064f7474617761310d300b060355040a1304554f484931193017060355040313106f6869736c6573312d736572766572323123302106092a864886f70d010901161461646d696e406f747461776168656172742e636130819f300d06092a864886f70d010101050003818d0030818902818100e67e413047fdab003b911b759fe8a33bb2f6174693099a6bdc691c62534be23884f611fec8127beac5e11db08ad73ebae7a276412f46dd3024f7b3a55a02e4262018aa20e8de748568c937d36a3d7642<BR> EAP-Message = 0x3edac4ee4faf9798013f9bd15103995f520f5601653763e73bbf8af7f3323167f150c816d26da17d498136f76e4306510203010001a38202c5308202c1300b0603551d0f040403020186301d0603551d0e0416041435b6daa9fcc024edaf8214637106e303f21e98d2301906092b0601040182371402040c1e0a00530075006200430041301f0603551d23041830168014f2e6025e7d0e816e7f54b3c650fd4d7bca8a5ef2308201120603551d1f048201093082010530820101a081fea081fb8681bb6c6461703a2f2f2f434e3d756f68692d63612c434e3d6f686961707033302c434e3d4344502c434e3d5075626c69632532304b65792532305365<BR> EAP-Message = 0x7276696365732c434e3d53657276696365732c434e3d436f6e66696775726174696f6e2c44433d6f747461776168656172742c44433d63612c44433d6c6f63616c3f63657274696669636174655265766f636174696f6e4c6973743f626173653f6f626a656374436c6173733d63524c446973747269627574696f6e506f696e74863b687474703a2f2f6f686961707033302e6f747461776168656172742e63612e6c6f63616c2f43657274456e726f6c6c2f756f68692d63612e63726c3082012e06082b06010505070101048201203082011c3081b206082b060105050730028681a56c6461703a2f2f2f434e3d756f68692d63612c434e3d414941<BR> EAP-Message = 0x2c434e3d5075626c69632532304b6579253230536572<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> State = 0x7cbac86eb7c85c6bf2528a08d5c7f10b<BR>Finished request 1<BR>Going to the next request<BR>Waking up in 6 seconds...<BR>rad_recv: Access-Request packet from host 192.168.242.4:32768, id=103, length=193<BR> User-Name = "uohi-40615"<BR> Calling-Station-Id = "00-40-96-B1-43-19"<BR> Called-Station-Id = "00-15-2C-49-E0-B0:UOHISSID2"<BR> NAS-Port = 1<BR> NAS-IP-Address = 192.168.242.4<BR> NAS-Identifier = "UOHIWLAN2"<BR> Vendor-14179-Attr-1 = 0x00000002<BR> Service-Type = Framed-User<BR> Framed-MTU = 1300<BR> NAS-Port-Type = Wireless-802.11<BR> Tunnel-Type:0 = VLAN<BR> Tunnel-Medium-Type:0 = IEEE-802<BR> Tunnel-Private-Group-Id:0 = "23"<BR> EAP-Message = 0x020a00061900<BR> State = 0x7cbac86eb7c85c6bf2528a08d5c7f10b<BR> Message-Authenticator = 0x53331bf0647a5f9e59c34847a6f2dc85<BR> Processing the authorize section of radiusd.conf<BR>modcall: entering group authorize for request 2<BR> modcall[authorize]: module "preprocess" returns ok for request 2<BR> modcall[authorize]: module "chap" returns noop for request 2<BR> modcall[authorize]: module "mschap" returns noop for request 2<BR> rlm_realm: No <A href="mailto:'@'">'@'</A> in User-Name = "uohi-40615", looking up realm NULL<BR> rlm_realm: No such realm "NULL"<BR> modcall[authorize]: module "suffix" returns noop for request 2<BR>rlm_ldap: - authorize<BR>rlm_ldap: performing user authorization for uohi-40615<BR>radius_xlat: '(&(objectClass=inetOrgPerson)(cn=uohi-40615))'<BR>radius_xlat: 'o=OHICO'<BR>rlm_ldap: ldap_get_conn: Checking Id: 0<BR>rlm_ldap: ldap_get_conn: Got Id: 0<BR>rlm_ldap: performing search in o=OHICO, with filter (&(objectClass=inetOrgPerson)(cn=uohi-40615))<BR>rlm_ldap: checking if remote access for uohi-40615 is allowed by dialupAccess<BR>rlm_ldap: Added the eDirectory password in check items<BR>rlm_ldap: looking for check items in directory...<BR>rlm_ldap: looking for reply items in directory...<BR>rlm_ldap: user uohi-40615 authorized to use remote access<BR>rlm_ldap: ldap_release_conn: Release Id: 0<BR> modcall[authorize]: module "ldap" returns ok for request 2<BR> rlm_eap: EAP packet type response id 10 length 6<BR> rlm_eap: No EAP Start, assuming it's an on-going EAP conversation<BR> modcall[authorize]: module "eap" returns updated for request 2<BR>modcall: group authorize returns updated for request 2<BR> rad_check_password: Found Auth-Type EAP<BR>auth: type "EAP"<BR> Processing the authenticate section of radiusd.conf<BR>modcall: entering group authenticate for request 2<BR> rlm_eap: Request found, released from the list<BR> rlm_eap: EAP/peap<BR> rlm_eap: processing type peap<BR> rlm_eap_peap: Authenticate<BR> rlm_eap_tls: processing TLS<BR>rlm_eap_tls: Received EAP-TLS ACK message<BR> rlm_eap_tls: ack handshake fragment handler<BR> eaptls_verify returned 1<BR> eaptls_process returned 13<BR> rlm_eap_peap: EAPTLS_HANDLED<BR> modcall[authenticate]: module "eap" returns handled for request 2<BR>modcall: group authenticate returns handled for request 2<BR>Sending Access-Challenge of id 103 to 192.168.242.4:32768<BR> EAP-Message = 0x010b0406194076696365732c434e3d53657276696365732c434e3d436f6e66696775726174696f6e2c44433d6f747461776168656172742c44433d63612c44433d6c6f63616c3f634143657274696669636174653f626173653f6f626a656374436c6173733d63657274696669636174696f6e417574686f72697479306506082b060105050730028659687474703a2f2f6f686961707033302e6f747461776168656172742e63612e6c6f63616c2f43657274456e726f6c6c2f6f686961707033302e6f747461776168656172742e63612e6c6f63616c5f756f68692d63612e637274300f0603551d130101ff040530030101ff300d06092a864886f7<BR> EAP-Message = 0x0d010105050003820101006e27e9b908957952b3bb8185d5b67ad46fa97c451ecf8b43b492d9535ce20ae0e166b5730e1bc1821fc4e789245ffc1278333884f989dc483c6667a941491ab55bbfe0cfbd80b503eb7e150c7acaa409835e9c3c02d9b8a718cf7f620911503ebd91da8d437d9feb730fb3bf4ad816ddba07476ad4d08d3441889c1d5d38549a039fd2b8aab0ca62b0c0e6429d916d077a9c752538ab700adb66fa5504b526b5bd77a2fbb6c8223fb4bfae29b4629834cff7840681cf5437e5d918c155fe0810f9bdaaa702de7a835266d7d391cea18242b1fd21e071f68a483a3969306cfccfa0bcf056a76993b4cca02119a15494990b22<BR> EAP-Message = 0x47dd080eb5d480a5c2371161d3540004ad308204a930820391a003020102021015846cfa42f5b2904f917bb3c3381bc4300d06092a864886f70d0101050500305a31153013060a0992268993f22c64011916056c6f63616c31123010060a0992268993f22c64011916026361311b3019060a0992268993f22c640119160b6f747461776168656172743110300e06035504031307756f68692d6361301e170d3036313031383132333134325a170d3131313031383132343033395a305a31153013060a0992268993f22c64011916056c6f63616c31123010060a0992268993f22c64011916026361311b3019060a0992268993f22c640119160b6f7474<BR> EAP-Message = 0x61776168656172743110300e06035504031307756f68692d636130820122300d06092a864886f70d01010105000382010f003082010a02820101009d08ba6ca5266c5161bff2aba9fea2dfc2f20347f7de7f21c9886b4cd7a1a189159fa78815bbd73b43e1bf73f4af9701ecd685f783c48b6db282334729fba65a9bcea13348a832fdd9f743540dbf469fa33ded81e81d9f8c2804615338d1b58e2a08489ae9e2e06701acf2e0a7b2f80e8db33e66909c635a8394d65a38029534e4bf3b354a3c0b0c59b6e632403f60b7550bf8f2ba89ad153b180c1eb4dc7af81353be9bcc46b33081ad7e30c49b1723d49a693a1b7eb0d21067fecbf0d9605a534e<BR> EAP-Message = 0xad434135e560d1893c6fe98870d5e738586b<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> State = 0xe328bf6ca4456897ba0520c82cb2e130<BR>Finished request 2<BR>Going to the next request<BR>Waking up in 6 seconds...<BR>rad_recv: Access-Request packet from host 192.168.242.4:32768, id=104, length=193<BR> User-Name = "uohi-40615"<BR> Calling-Station-Id = "00-40-96-B1-43-19"<BR> Called-Station-Id = "00-15-2C-49-E0-B0:UOHISSID2"<BR> NAS-Port = 1<BR> NAS-IP-Address = 192.168.242.4<BR> NAS-Identifier = "UOHIWLAN2"<BR> Vendor-14179-Attr-1 = 0x00000002<BR> Service-Type = Framed-User<BR> Framed-MTU = 1300<BR> NAS-Port-Type = Wireless-802.11<BR> Tunnel-Type:0 = VLAN<BR> Tunnel-Medium-Type:0 = IEEE-802<BR> Tunnel-Private-Group-Id:0 = "23"<BR> EAP-Message = 0x020b00061900<BR> State = 0xe328bf6ca4456897ba0520c82cb2e130<BR> Message-Authenticator = 0xaf03a722231cbf43dad00f06deb21764<BR> Processing the authorize section of radiusd.conf<BR>modcall: entering group authorize for request 3<BR> modcall[authorize]: module "preprocess" returns ok for request 3<BR> modcall[authorize]: module "chap" returns noop for request 3<BR> modcall[authorize]: module "mschap" returns noop for request 3<BR> rlm_realm: No <A href="mailto:'@'">'@'</A> in User-Name = "uohi-40615", looking up realm NULL<BR> rlm_realm: No such realm "NULL"<BR> modcall[authorize]: module "suffix" returns noop for request 3<BR>rlm_ldap: - authorize<BR>rlm_ldap: performing user authorization for uohi-40615<BR>radius_xlat: '(&(objectClass=inetOrgPerson)(cn=uohi-40615))'<BR>radius_xlat: 'o=OHICO'<BR>rlm_ldap: ldap_get_conn: Checking Id: 0<BR>rlm_ldap: ldap_get_conn: Got Id: 0<BR>rlm_ldap: performing search in o=OHICO, with filter (&(objectClass=inetOrgPerson)(cn=uohi-40615))<BR>rlm_ldap: checking if remote access for uohi-40615 is allowed by dialupAccess<BR>rlm_ldap: Added the eDirectory password in check items<BR>rlm_ldap: looking for check items in directory...<BR>rlm_ldap: looking for reply items in directory...<BR>rlm_ldap: user uohi-40615 authorized to use remote access<BR>rlm_ldap: ldap_release_conn: Release Id: 0<BR> modcall[authorize]: module "ldap" returns ok for request 3<BR> rlm_eap: EAP packet type response id 11 length 6<BR> rlm_eap: No EAP Start, assuming it's an on-going EAP conversation<BR> modcall[authorize]: module "eap" returns updated for request 3<BR>modcall: group authorize returns updated for request 3<BR> rad_check_password: Found Auth-Type EAP<BR>auth: type "EAP"<BR> Processing the authenticate section of radiusd.conf<BR>modcall: entering group authenticate for request 3<BR> rlm_eap: Request found, released from the list<BR> rlm_eap: EAP/peap<BR> rlm_eap: processing type peap<BR> rlm_eap_peap: Authenticate<BR> rlm_eap_tls: processing TLS<BR>rlm_eap_tls: Received EAP-TLS ACK message<BR> rlm_eap_tls: ack handshake fragment handler<BR> eaptls_verify returned 1<BR> eaptls_process returned 13<BR> rlm_eap_peap: EAPTLS_HANDLED<BR> modcall[authenticate]: module "eap" returns handled for request 3<BR>modcall: group authenticate returns handled for request 3<BR>Sending Access-Challenge of id 104 to 192.168.242.4:32768<BR> EAP-Message = 0x010c02c1190014e159b3ed3fb3f26a4fcd43ed310b6f180cf159fb0906753cf0d48b4a76da4de0cdc2e60ed27477e175827f0203010001a382016930820165300b0603551d0f040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414f2e6025e7d0e816e7f54b3c650fd4d7bca8a5ef2308201120603551d1f048201093082010530820101a081fea081fb8681bb6c6461703a2f2f2f434e3d756f68692d63612c434e3d6f686961707033302c434e3d4344502c434e3d5075626c69632532304b657925323053657276696365732c434e3d53657276696365732c434e3d436f6e66696775726174696f6e2c44433d6f74<BR> EAP-Message = 0x7461776168656172742c44433d63612c44433d6c6f63616c3f63657274696669636174655265766f636174696f6e4c6973743f626173653f6f626a656374436c6173733d63524c446973747269627574696f6e506f696e74863b687474703a2f2f6f686961707033302e6f747461776168656172742e63612e6c6f63616c2f43657274456e726f6c6c2f756f68692d63612e63726c301006092b06010401823715010403020100300d06092a864886f70d0101050500038201010023dfb3904e1074c246fbc07768eca45df19cb8ad335cbf200d9c09522d29b1a7789d29f2dc5b679c458b05f80fee7919925e50522b9a13f4f72a088dc9f07531d760<BR> EAP-Message = 0xfb234fe068f89dcc55b1642736af943a02e2a8bd977736b0cb0276351d5050c9f9728e13dd077d95642f4d3a53775a7526c5d52db54bc78745d693d4f6b3ed3fca557814ed7b88cd5246926152ce560d0e1cb6870256a0e9f04f574ac426e1f9b2e4bde527b9be683acaee9aa90766a60226065015dd876f17096ec0c2f0895af9208207742d9760c2195c8044511e279f772f9cda8300facba05aab206f608931126fa901aef3d1e6fbe3658c1dd407b01430e259a178311890491a788016030100040e000000<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> State = 0x3e66b22c771fe106639f5ee4adffa376<BR>Finished request 3<BR>Going to the next request<BR>Waking up in 6 seconds...<BR>rad_recv: Access-Request packet from host 192.168.242.4:32768, id=105, length=379<BR> User-Name = "uohi-40615"<BR> Calling-Station-Id = "00-40-96-B1-43-19"<BR> Called-Station-Id = "00-15-2C-49-E0-B0:UOHISSID2"<BR> NAS-Port = 1<BR> NAS-IP-Address = 192.168.242.4<BR> NAS-Identifier = "UOHIWLAN2"<BR> Vendor-14179-Attr-1 = 0x00000002<BR> Service-Type = Framed-User<BR> Framed-MTU = 1300<BR> NAS-Port-Type = Wireless-802.11<BR> Tunnel-Type:0 = VLAN<BR> Tunnel-Medium-Type:0 = IEEE-802<BR> Tunnel-Private-Group-Id:0 = "23"<BR> EAP-Message = 0x020c00c01980000000b61603010086100000820080a35912c21690119d0c47ec8637c615fd6dd85d88ccf7170cb9e5757bd70cce6391b0d24b46ced984fbe36cd7270f5246a3f4bfafa0b6998479bdd81e9c6d40d1f58031b73596bb78e43382c003eacf1848e26e88ee89dd67411211f4d55046981216f0db5e96697c2dd2927650b1c7d91d7c17fbfe772f76cd6b0dafa1da4fe6140301000101160301002019b6c288a231ecd2cb10237f9569dbaa21b612daaf50526454b1faa2b21ebd08<BR> State = 0x3e66b22c771fe106639f5ee4adffa376<BR> Message-Authenticator = 0x49d70b631f0d0a70ee21563438eb08b8<BR> Processing the authorize section of radiusd.conf<BR>modcall: entering group authorize for request 4<BR> modcall[authorize]: module "preprocess" returns ok for request 4<BR> modcall[authorize]: module "chap" returns noop for request 4<BR> modcall[authorize]: module "mschap" returns noop for request 4<BR> rlm_realm: No <A href="mailto:'@'">'@'</A> in User-Name = "uohi-40615", looking up realm NULL<BR> rlm_realm: No such realm "NULL"<BR> modcall[authorize]: module "suffix" returns noop for request 4<BR>rlm_ldap: - authorize<BR>rlm_ldap: performing user authorization for uohi-40615<BR>radius_xlat: '(&(objectClass=inetOrgPerson)(cn=uohi-40615))'<BR>radius_xlat: 'o=OHICO'<BR>rlm_ldap: ldap_get_conn: Checking Id: 0<BR>rlm_ldap: ldap_get_conn: Got Id: 0<BR>rlm_ldap: performing search in o=OHICO, with filter (&(objectClass=inetOrgPerson)(cn=uohi-40615))<BR>rlm_ldap: checking if remote access for uohi-40615 is allowed by dialupAccess<BR>rlm_ldap: Added the eDirectory password in check items<BR>rlm_ldap: looking for check items in directory...<BR>rlm_ldap: looking for reply items in directory...<BR>rlm_ldap: user uohi-40615 authorized to use remote access<BR>rlm_ldap: ldap_release_conn: Release Id: 0<BR> modcall[authorize]: module "ldap" returns ok for request 4<BR> rlm_eap: EAP packet type response id 12 length 192<BR> rlm_eap: No EAP Start, assuming it's an on-going EAP conversation<BR> modcall[authorize]: module "eap" returns updated for request 4<BR>modcall: group authorize returns updated for request 4<BR> rad_check_password: Found Auth-Type EAP<BR>auth: type "EAP"<BR> Processing the authenticate section of radiusd.conf<BR>modcall: entering group authenticate for request 4<BR> rlm_eap: Request found, released from the list<BR> rlm_eap: EAP/peap<BR> rlm_eap: processing type peap<BR> rlm_eap_peap: Authenticate<BR> rlm_eap_tls: processing TLS<BR>rlm_eap_tls: Length Included<BR> eaptls_verify returned 11<BR> rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange<BR> TLS_accept: SSLv3 read client key exchange A<BR> rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001]<BR> rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished<BR> TLS_accept: SSLv3 read finished A<BR> rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001]<BR> TLS_accept: SSLv3 write change cipher spec A<BR> rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished<BR> TLS_accept: SSLv3 write finished A<BR> TLS_accept: SSLv3 flush data<BR> (other): SSL negotiation finished successfully<BR>SSL Connection Established<BR> eaptls_process returned 13<BR> rlm_eap_peap: EAPTLS_HANDLED<BR> modcall[authenticate]: module "eap" returns handled for request 4<BR>modcall: group authenticate returns handled for request 4<BR>Sending Access-Challenge of id 105 to 192.168.242.4:32768<BR> EAP-Message = 0x010d00311900140301000101160301002052299a655e2d3e68952b7af365e12a37f9a8c5f4bcd4eeef8eb13994bb68480f<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> State = 0xf12339622fe74707097ca72a3b36fd6a<BR>Finished request 4<BR>Going to the next request<BR>Waking up in 6 seconds...<BR>rad_recv: Access-Request packet from host 192.168.242.4:32768, id=106, length=220<BR> User-Name = "uohi-40615"<BR> Calling-Station-Id = "00-40-96-B1-43-19"<BR> Called-Station-Id = "00-15-2C-49-E0-B0:UOHISSID2"<BR> NAS-Port = 1<BR> NAS-IP-Address = 192.168.242.4<BR> NAS-Identifier = "UOHIWLAN2"<BR> Vendor-14179-Attr-1 = 0x00000002<BR> Service-Type = Framed-User<BR> Framed-MTU = 1300<BR> NAS-Port-Type = Wireless-802.11<BR> Tunnel-Type:0 = VLAN<BR> Tunnel-Medium-Type:0 = IEEE-802<BR> Tunnel-Private-Group-Id:0 = "23"<BR> EAP-Message = 0x020d00211980000000171503010012b39e80d3c2a720105b63569561d503400461<BR> State = 0xf12339622fe74707097ca72a3b36fd6a<BR> Message-Authenticator = 0xf86ea187cb783cc4508eb288226b22ee<BR> Processing the authorize section of radiusd.conf<BR>modcall: entering group authorize for request 5<BR> modcall[authorize]: module "preprocess" returns ok for request 5<BR> modcall[authorize]: module "chap" returns noop for request 5<BR> modcall[authorize]: module "mschap" returns noop for request 5<BR> rlm_realm: No <A href="mailto:'@'">'@'</A> in User-Name = "uohi-40615", looking up realm NULL<BR> rlm_realm: No such realm "NULL"<BR> modcall[authorize]: module "suffix" returns noop for request 5<BR>rlm_ldap: - authorize<BR>rlm_ldap: performing user authorization for uohi-40615<BR>radius_xlat: '(&(objectClass=inetOrgPerson)(cn=uohi-40615))'<BR>radius_xlat: 'o=OHICO'<BR>rlm_ldap: ldap_get_conn: Checking Id: 0<BR>rlm_ldap: ldap_get_conn: Got Id: 0<BR>rlm_ldap: performing search in o=OHICO, with filter (&(objectClass=inetOrgPerson)(cn=uohi-40615))<BR>rlm_ldap: checking if remote access for uohi-40615 is allowed by dialupAccess<BR>rlm_ldap: Added the eDirectory password in check items<BR>rlm_ldap: looking for check items in directory...<BR>rlm_ldap: looking for reply items in directory...<BR>rlm_ldap: user uohi-40615 authorized to use remote access<BR>rlm_ldap: ldap_release_conn: Release Id: 0<BR> modcall[authorize]: module "ldap" returns ok for request 5<BR> rlm_eap: EAP packet type response id 13 length 33<BR> rlm_eap: No EAP Start, assuming it's an on-going EAP conversation<BR> modcall[authorize]: module "eap" returns updated for request 5<BR>modcall: group authorize returns updated for request 5<BR> rad_check_password: Found Auth-Type EAP<BR>auth: type "EAP"<BR> Processing the authenticate section of radiusd.conf<BR>modcall: entering group authenticate for request 5<BR> rlm_eap: Request found, released from the list<BR> rlm_eap: EAP/peap<BR> rlm_eap: processing type peap<BR> rlm_eap_peap: Authenticate<BR> rlm_eap_tls: processing TLS<BR>rlm_eap_tls: Length Included<BR> eaptls_verify returned 11<BR> eaptls_process returned 7<BR> rlm_eap_peap: EAPTLS_OK<BR> rlm_eap_peap: Session established. Decoding tunneled attributes.<BR> rlm_eap_tls: <<< TLS 1.0 Alert [length 0002], fatal access_denied<BR>TLS Alert read:fatal:access denied<BR>rlm_eap_peap: No data inside of the tunnel.<BR> rlm_eap: Handler failed in EAP/peap<BR> rlm_eap: Failed in EAP select<BR> modcall[authenticate]: module "eap" returns invalid for request 5<BR>modcall: group authenticate returns invalid for request 5<BR>auth: Failed to validate the user.<BR> Processing the post-auth section of radiusd.conf<BR>modcall: entering group Post-Auth-Type for request 5<BR>rlm_ldap: ldap_get_conn: Checking Id: 0<BR>rlm_ldap: ldap_get_conn: Got Id: 0<BR>rlm_ldap: attempting LDAP reconnection<BR>rlm_ldap: (re)connect to ohiapp2.ottawaheart.ca:636, authentication 0<BR>rlm_ldap: setting TLS mode to 1<BR>rlm_ldap: setting TLS CACert File to /etc/raddb/certs/ohicoca.b64<BR>rlm_ldap: setting TLS Require Cert to demand<BR>rlm_ldap: bind as cn=UOHI-40615,o=OHICO/aassword2 to ohiapp2.ottawaheart.ca:636<BR>rlm_ldap: waiting for bind result ...<BR>rlm_ldap: LDAP login failed: check identity, password settings in ldap section of radiusd.conf<BR>rlm_ldap: eDirectory account policy check failed.<BR>rlm_ldap: NDS error: failed authentication (-669)<BR>rlm_ldap: ldap_release_conn: Release Id: 0<BR> modcall[post-auth]: module "ldap" returns reject for request 5<BR>modcall: group Post-Auth-Type returns reject for request 5<BR>Delaying request 5 for 1 seconds<BR>Finished request 5<BR>Going to the next request<BR>Waking up in 6 seconds...<BR>rad_recv: Access-Request packet from host 192.168.242.4:32768, id=106, length=220<BR>Sending Access-Reject of id 106 to 192.168.242.4:32768<BR> EAP-Message = 0x040d0004<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> Reply-Message = "NDS error: failed authentication (-669)"<BR>--- Walking the entire request list ---<BR>Waking up in 3 seconds...<BR>--- Walking the entire request list ---<BR>Cleaning up request 0 ID 101 with timestamp 46300f87<BR>Cleaning up request 1 ID 102 with timestamp 46300f87<BR>Cleaning up request 2 ID 103 with timestamp 46300f87<BR>Cleaning up request 3 ID 104 with timestamp 46300f87<BR>Cleaning up request 4 ID 105 with timestamp 46300f87<BR>Cleaning up request 5 ID 106 with timestamp 46300f87<BR>Nothing to do. Sleeping until we see a request.<BR></DIV></BODY></HTML>