<div>Hello,</div> <div> </div> <div>you have no logs in your radius.log file because you are running in debug mode , you have to run in normal mode to get the logs, so what you have to do is the following:</div> <div>first stop your debug mode by this command: service radiusd stop; then restart the service radius by: service radiusd restart; doing that you are in normal mode and you can do your wlan loging without any problem and you get your log.</div> <div> </div> <div>regards<BR><BR><B><I>anoop_c@sifycorp.com</I></B> a écrit :</div> <BLOCKQUOTE class=replbq style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #1010ff 2px solid"><PRE>> Message: 3 > Date: Mon, 10 Sep 2007 10:23:19 +0200 (CEST) > From: inelec communication <INELEC_COMMUNICATION@YAHOO.FR> > Subject: RE : LOGs of eap-tls authentication > To: FreeRadius users mailing list Hi Please find my result.The authentication is working well.The problem is logs are
not in radius.log file. [root@anoop fr1.1.7]# cat successlog Message-Authenticator = 0x96080298cf8084c0a353d72c9e82a3aa Service-Type = Framed-User User-Name = \"anoop07\" Framed-MTU = 1488 Called-Station-Id = \"00-0F-3D-AF-DD-C1:default\" Calling-Station-Id = \"00-0E-35-F3-A1-67\" NAS-Identifier = \"D-Link Access Point\" NAS-Port-Type = Wireless-802.11 Connect-Info = \"CONNECT 54Mbps 802.11g\" EAP-Message = 0x0200000c01616e6f6f703037 NAS-IP-Address = 192.168.0.50 NAS-Port = 1 NAS-Port-Id = \"STA port # 1\" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module \"preprocess\" returns ok for request 0 rlm_realm: No \'@\' in User-Name = \"anoop07\", looking up realm NULL rlm_realm: No such realm \"NULL\" modcall[authorize]: module \"suffix\" returns noop for request 0
rlm_eap: EAP packet type response id 0 length 12 rlm_eap: No EAP Start, assuming it\'s an on-going EAP conversation modcall[authorize]: module \"eap\" returns updated for request 0 users: Matched entry DEFAULT at line 153 users: Matched entry DEFAULT at line 172 modcall[authorize]: module \"files\" returns ok for request 0 modcall: leaving group authorize (returns updated) for request 0 rad_check_password: Found Auth-Type EAP auth: type \"EAP\" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 rlm_eap: EAP Identity rlm_eap: processing type tls rlm_eap_tls: Requiring client certificate rlm_eap_tls: Initiate rlm_eap_tls: Start returned 1 modcall[authenticate]: module \"eap\" returns handled for request 0 modcall: leaving group authenticate (returns handled) for request 0 Sending Access-Challenge of id 0 to 192.168.0.50 port 1033 Framed-IP-Address = 255.255.255.254
Framed-MTU = 576 Service-Type = Framed-User EAP-Message = 0x010100060d20 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x8ab131c9d151752c61f18ffb09aa2c55 Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.0.50:1033, id=1, length=299 Message-Authenticator = 0xe6d7ba1e4458e637c60740bc57383f9e Service-Type = Framed-User User-Name = \"anoop07\" Framed-MTU = 1488 State = 0x8ab131c9d151752c61f18ffb09aa2c55 Called-Station-Id = \"00-0F-3D-AF-DD-C1:default\" Calling-Station-Id = \"00-0E-35-F3-A1-67\" NAS-Identifier = \"D-Link Access Point\" NAS-Port-Type = Wireless-802.11 Connect-Info = \"CONNECT 54Mbps 802.11g\" EAP-Message = 0x020100600d800000005616030100510100004d030146e4c9b422a11c
6b0c2a9c5e74b8a0de5e3eb0e1d8a15f49cb7cbf83ad04116a105892c006371829ccf94f1dcdc6d8 3e3d001600040005000a000900640062000300060013001200630100 NAS-IP-Address = 192.168.0.50 NAS-Port = 1 NAS-Port-Id = \"STA port # 1\" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 1 modcall[authorize]: module \"preprocess\" returns ok for request 1 rlm_realm: No \'@\' in User-Name = \"anoop07\", looking up realm NULL rlm_realm: No such realm \"NULL\" modcall[authorize]: module \"suffix\" returns noop for request 1 rlm_eap: EAP packet type response id 1 length 96 rlm_eap: No EAP Start, assuming it\'s an on-going EAP conversation modcall[authorize]: module \"eap\" returns updated for request 1 users: Matched entry DEFAULT at line 153 users: Matched entry DEFAULT at line 172 modcall[authorize]: module \"files\" returns ok for request 1 modcall: leaving group authorize (returns
updated) for request 1 rad_check_password: Found Auth-Type EAP auth: type \"EAP\" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 1 rlm_eap: Request found, released from the list rlm_eap: EAP/tls rlm_eap: processing type tls rlm_eap_tls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 (other): before/accept initialization TLS_accept: before/accept initialization rlm_eap_tls: <<< TLS 1.0 Handshake [length 0051], ClientHello TLS_accept: SSLv3 read client hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello TLS_accept: SSLv3 write server hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 04be], Certificate TLS_accept: SSLv3 write certificate A rlm_eap_tls: >>> TLS 1.0 Handshake [length 004c], CertificateRequest TLS_accept: SSLv3 write certificate request
A TLS_accept: SSLv3 flush data TLS_accept: Need to read more data: SSLv3 read client certificate A In SSL Handshake Phase In SSL Accept mode eaptls_process returned 13 modcall[authenticate]: module \"eap\" returns handled for request 1 modcall: leaving group authenticate (returns handled) for request 1 Sending Access-Challenge of id 1 to 192.168.0.50 port 1033 Framed-IP-Address = 255.255.255.254 Framed-MTU = 576 Service-Type = Framed-User EAP-Message = 0x0102040a0dc000000563160301004a02000046030146e4c9b59eb2f0 eb1e4eff23a4604203f5da0d54bd36842f27464dc2af678d07203e33b80dee1b655fafab80ece953 ac778f9d578cced14cc8f23c7e0e2c4335b800040016030104be0b0004ba0004b700022b30820227 30820190a003020102020101300d06092a864886f70d0101040500303b310b300906035504061302 494e310b300906035504081302544e310d300b060355040a1304536966793110300e060355040313 0730377877696669301e170d3037303131333037353834305a170d3038303131333037353834305a
305f310b300906035504061302494e310b3009060355040813 EAP-Message = 0x02544e310d300b060355040a1304536966793110300e060355040313 07303778776966693122302006092a864886f70d01090116136a65796b756d61725f734073696679 2e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100c6f366d39a74d8 b66b561628be123f18f9b0a71f09b98d21b990e9a987d9acf3ceabd01df377e13da987a23f244496 dfc0609e99ee03a9f44e51033cbb84c814d9d3225aacc7c67786fcd193d57c3f5ac16d7d1b835701 52edca9ba9ff99ca4feffcb244551292fad52026afda1f876205e84a26b81cebd89fa03fd97e5f7f db0203010001a317301530130603551d25040c300a06082b06 EAP-Message = 0x010505070301300d06092a864886f70d010104050003818100a4cbb4 e6e8190d840edc9e61637a38ffa423b2a67e8d308c3005b8ec18318e94ddddbac0ccb1a15780c285 de01622608f4caded74bab6f0c9d44dfdeb648e46bdd4de3606e4c7f86e5f86472722db409baffdb 78eb6c7ad267a623e1155af13de26e83f3ce29b4f82baf551b756d2f49e5691cc1d80f6fb253b11e
7a15bf296000028630820282308201eba003020102020100300d06092a864886f70d010104050030 3b310b300906035504061302494e310b300906035504081302544e310d300b060355040a13045369 66793110300e0603550403130730377877696669301e170d30 EAP-Message = 0x37303131333037353830305a170d3038303131333037353830305a30 3b310b300906035504061302494e310b300906035504081302544e310d300b060355040a13045369 66793110300e060355040313073037787769666930819f300d06092a864886f70d01010105000381 8d0030818902818100ec232cf24bd548a586d614994a3f3b9ee699eb64a3bf9a0c90d7bc8afb3984 2c767c3613757b8d38a78ceaa6a499be55dcf997abb9963b3ef406b39f766054d8e37d35859e6bd5 ce686c01eb63a25684afb79cd6796193355bd3ae67eae642701a34d1bc93426ade87434dadfbc8a8 b0cae8137d97d2a267973f2213ebeefcfd0203010001a38195 EAP-Message = 0x308192301d0603551d0e04160414095ab44cec0cb80f Message-Authenticator = 0x00000000000000000000000000000000 State = 0xf4654b6a22307d938c91831ef0396b8e Finished request 1 Going to the next request
Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.0.50:1033, id=2, length=209 Message-Authenticator = 0x5dc14e6f1f5361ad60a06d2bffa9e4a9 Service-Type = Framed-User User-Name = \"anoop07\" Framed-MTU = 1488 State = 0xf4654b6a22307d938c91831ef0396b8e Called-Station-Id = \"00-0F-3D-AF-DD-C1:default\" Calling-Station-Id = \"00-0E-35-F3-A1-67\" NAS-Identifier = \"D-Link Access Point\" NAS-Port-Type = Wireless-802.11 Connect-Info = \"CONNECT 54Mbps 802.11g\" EAP-Message = 0x020200060d00 NAS-IP-Address = 192.168.0.50 NAS-Port = 1 NAS-Port-Id = \"STA port # 1\" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 2 modcall[authorize]: module \"preprocess\" returns ok for request 2 rlm_realm: No \'@\' in User-Name = \"anoop07\", looking up realm NULL rlm_realm: No such
realm \"NULL\" modcall[authorize]: module \"suffix\" returns noop for request 2 rlm_eap: EAP packet type response id 2 length 6 rlm_eap: No EAP Start, assuming it\'s an on-going EAP conversation modcall[authorize]: module \"eap\" returns updated for request 2 users: Matched entry DEFAULT at line 153 users: Matched entry DEFAULT at line 172 modcall[authorize]: module \"files\" returns ok for request 2 modcall: leaving group authorize (returns updated) for request 2 rad_check_password: Found Auth-Type EAP auth: type \"EAP\" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 2 rlm_eap: Request found, released from the list rlm_eap: EAP/tls rlm_eap: processing type tls rlm_eap_tls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: ack handshake fragment handler eaptls_verify returned 1 eaptls_process returned 13
modcall[authenticate]: module \"eap\" returns handled for request 2 modcall: leaving group authenticate (returns handled) for request 2 Sending Access-Challenge of id 2 to 192.168.0.50 port 1033 Framed-IP-Address = 255.255.255.254 Framed-MTU = 576 Service-Type = Framed-User EAP-Message = 0x0103016d0d80000005638c150861ea8bc609ed3cfbc030630603551d 23045c305a8014095ab44cec0cb80f8c150861ea8bc609ed3cfbc0a13fa43d303b310b3009060355 04061302494e310b300906035504081302544e310d300b060355040a1304536966793110300e0603 550403130730377877696669820100300c0603551d13040530030101ff300d06092a864886f70d01 010405000381810019a69104ce7b395ddbb7a05ae632f71c590ba34e71b9a57cbe952eabed153fda cb07eb1c8d6db397f1f47a687103025a91b0431e73beac6e788de0af02e7d49e35808652dc4b2db6 0ccbcef9245239c47c785fb5c78c79ed7dd22d60ab6c19727e EAP-Message = 0xaa68ec38e3fc5b6e7716741e1f56eba981970face974b560ba07450e
cdf817160301004c0d000044020102003f003d303b310b300906035504061302494e310b30090603 5504081302544e310d300b060355040a1304536966793110300e0603550403130730377877696669 0e000000 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x378a0c3727565af6c193024a8be476bc Finished request 2 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.0.50:1033, id=3, length=1100 Message-Authenticator = 0x2261a2046965f5b6c67629831b5ef1f5 Service-Type = Framed-User User-Name = \"anoop07\" Framed-MTU = 1488 State = 0x378a0c3727565af6c193024a8be476bc Called-Station-Id = \"00-0F-3D-AF-DD-C1:default\" Calling-Station-Id = \"00-0E-35-F3-A1-67\" NAS-Identifier = \"D-Link Access Point\" NAS-Port-Type = Wireless-802.11 Connect-Info = \"CONNECT 54Mbps 802.11g\" EAP-Message =
0x0203037b0d800000037116030103410b00023100022e00022b308202 2730820190a003020102020106300d06092a864886f70d0101040500303b310b3009060355040613 02494e310b300906035504081302544e310d300b060355040a1304536966793110300e0603550403 130730377877696669301e170d3037303131373033303230385a170d303830313137303330323038 5a305f310b300906035504061302494e310b300906035504081302544e310d300b060355040a1304 536966793110300e06035504031307616e6f6f7030373122302006092a864886f70d01090116136a 65796b756d61725f7340736966792e636f6d30819f300d0609 EAP-Message = 0x2a864886f70d010101050003818d0030818902818100c530f10ae7bd 0f0fbd6bbafbcd48532c054b9afd474b7cd7ce6aa0291d664476bb1d9d143cfb4c713f5b47b5e636 3f6ceed4c3bc51ef1a35c84a100bb17b262f38923947a12f1e288ffe57fccfa92e6d12da42d9016a 8da5c07c7705c2156da206d76fd569ca589fdca309fd1703fec4b5fa77ee1257b5b9514e39b4d79d 601f0203010001a317301530130603551d25040c300a06082b06010505070302300d06092a864886
f70d01010405000381810089c51110b91d0135f1a99f29ea922ff1a7738195963017d2d9dd32c81d 2782210b1329644559fc746cb77ce6f707f50efe3aa155b3d9 EAP-Message = 0x36f15183865793097ff4207baac2d26153f81f177377493db3d2a52d b063b7668b57bc0e575401a6da093e5abd9a0f147810eaf1ee2967bc2252afe0bf8b7b678914895c c3190f22eb7a1000008200803ea26a8f1b684b4c6f76f7ca07e3b3d0dd71dd459cd90f96868faf38 253fc9970fbc3e19efb321e353e982314b42e8bb66aa5b1ee540a4810d8a48a1615b8af8657a9b38 cc1caf7da1966813de8f59f372c63c4cbac4dd3ad7877bcc8fba80ca799f52efcdee1b541461ef7e 65948840305e0dbcc845d069765955affbf8b41e0f0000820080588771eb658b2403ce711f921da6 27e0b633993385a5dc7d249503ecc0c84f7bdefc5bf34c20a9 EAP-Message = 0x4b18930f40b19d87ea7d1819aa00d2e42ea7fed5f4ad7d327a0a6eee 2b2c5915e86f5c4399e75af08982a3462b8b65478ef1c88592679fd3de147e0b1153e54c4e97c8e5 3119db0b0c62b47ec818386db914820c02f63071781403010001011603010020761ad2fae86d1219 94064ff99a0de5bc0eb15df5bafe1a75fcfa20f285db803a NAS-IP-Address
= 192.168.0.50 NAS-Port = 1 NAS-Port-Id = \"STA port # 1\" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 3 modcall[authorize]: module \"preprocess\" returns ok for request 3 rlm_realm: No \'@\' in User-Name = \"anoop07\", looking up realm NULL rlm_realm: No such realm \"NULL\" modcall[authorize]: module \"suffix\" returns noop for request 3 rlm_eap: EAP packet type response id 3 length 253 rlm_eap: No EAP Start, assuming it\'s an on-going EAP conversation modcall[authorize]: module \"eap\" returns updated for request 3 users: Matched entry DEFAULT at line 153 users: Matched entry DEFAULT at line 172 modcall[authorize]: module \"files\" returns ok for request 3 modcall: leaving group authorize (returns updated) for request 3 rad_check_password: Found Auth-Type EAP auth: type \"EAP\" Processing the authenticate section of radiusd.conf modcall: entering group
authenticate for request 3 rlm_eap: Request found, released from the list rlm_eap: EAP/tls rlm_eap: processing type tls rlm_eap_tls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 rlm_eap_tls: <<< TLS 1.0 Handshake [length 0235], Certificate chain-depth=1, error=0 --> User-Name = anoop07 --> BUF-Name = 07xwifi --> subject = /C=IN/ST=TN/O=Sify/CN=07xwifi --> issuer = /C=IN/ST=TN/O=Sify/CN=07xwifi --> verify return:1 chain-depth=0, error=0 --> User-Name = anoop07 --> BUF-Name = anoop07 --> subject = /C=IN/ST=TN/O=Sify/CN=anoop07/emailAddress=jeykumar_s@sify.com --> issuer = /C=IN/ST=TN/O=Sify/CN=07xwifi --> verify return:1 TLS_accept: SSLv3 read client certificate A rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange TLS_accept: SSLv3 read client key exchange A rlm_eap_tls: <<< TLS 1.0 Handshake
[length 0086], CertificateVerify TLS_accept: SSLv3 read certificate verify A rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001] rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished TLS_accept: SSLv3 read finished A rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001] TLS_accept: SSLv3 write change cipher spec A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished TLS_accept: SSLv3 write finished A TLS_accept: SSLv3 flush data (other): SSL negotiation finished successfully SSL Connection Established eaptls_process returned 13 modcall[authenticate]: module \"eap\" returns handled for request 3 modcall: leaving group authenticate (returns handled) for request 3 Sending Access-Challenge of id 3 to 192.168.0.50 port 1033 Framed-IP-Address = 255.255.255.254 Framed-MTU = 576 Service-Type = Framed-User EAP-Message =
0x010400350d800000002b1403010001011603010020324ac90185d18d e8ead736d798e140ed642aeb31ff52849b3aa5b6f021c5aec0 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x5ffef94eee0c0123922689d2e6c2fe8e Finished request 3 Going to the next request Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 0 with timestamp 46e4c9b5 Cleaning up request 1 ID 1 with timestamp 46e4c9b5 Cleaning up request 2 ID 2 with timestamp 46e4c9b5 Cleaning up request 3 ID 3 with timestamp 46e4c9b5 Nothing to do. Sleeping until we see a request. rad_recv: Access-Request packet from host 192.168.0.50:1033, id=4, length=209 Message-Authenticator = 0x221fc85bf9fb820395d9c8484a3fdabc Service-Type = Framed-User User-Name = \"anoop07\" Framed-MTU = 1488 State = 0x5ffef94eee0c0123922689d2e6c2fe8e Called-Station-Id = \"00-0F-3D-AF-DD-C1:default\" Calling-Station-Id =
\"00-0E-35-F3-A1-67\" NAS-Identifier = \"D-Link Access Point\" NAS-Port-Type = Wireless-802.11 Connect-Info = \"CONNECT 54Mbps 802.11g\" EAP-Message = 0x020400060d00 NAS-IP-Address = 192.168.0.50 NAS-Port = 1 NAS-Port-Id = \"STA port # 1\" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 4 modcall[authorize]: module \"preprocess\" returns ok for request 4 rlm_realm: No \'@\' in User-Name = \"anoop07\", looking up realm NULL rlm_realm: No such realm \"NULL\" modcall[authorize]: module \"suffix\" returns noop for request 4 rlm_eap: EAP packet type response id 4 length 6 rlm_eap: No EAP Start, assuming it\'s an on-going EAP conversation modcall[authorize]: module \"eap\" returns updated for request 4 users: Matched entry DEFAULT at line 153 users: Matched entry DEFAULT at line 172 modcall[authorize]: module \"files\" returns ok
for request 4 modcall: leaving group authorize (returns updated) for request 4 rad_check_password: Found Auth-Type EAP auth: type \"EAP\" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 4 rlm_eap: Request found, released from the list rlm_eap: EAP/tls rlm_eap: processing type tls rlm_eap_tls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: ack handshake is finished eaptls_verify returned 3 eaptls_process returned 3 rlm_eap: Freeing handler modcall[authenticate]: module \"eap\" returns ok for request 4 modcall: leaving group authenticate (returns ok) for request 4 Sending Access-Accept of id 4 to 192.168.0.50 port 1033 Framed-IP-Address = 255.255.255.254 Framed-MTU = 576 Service-Type = Framed-User MS-MPPE-Recv-Key = 0x428d07c24a61cd12f49c7b51f54e36b19dce6fa5e42d393221d 043784abdc995
MS-MPPE-Send-Key = 0x55f256119e8b41171ac594ea1a871d302fff183d06365a3505b 6a6786eee1fc5 EAP-Message = 0x03040004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = \"anoop07\" Finished request 4 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 4 ID 4 with timestamp 46e4c9bc Nothing to do. Sleeping until we see a request. [root@anoop fr1.1.7]# > <FREERADIUS-USERS@LISTS.FREERADIUS.ORG> > Message-ID: <60722.76768.qm@web26011.mail.ukl.yahoo.com> > Content-Type: text/plain; charset=\"iso-8859-1\" > > hello, > running radius in debug mode doesn\'t give any log file ,i meen it > doesn\'t give logs in radiusd.log ; if you give me your result when you > have rubn radiusd -X -A perhaps i can help > > regards > > </PRE><BR><BR>-<BR>List
info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html</BLOCKQUOTE><BR><p>
<hr size="1">
Ne gardez plus qu'une seule adresse mail ! <a href="http://www.trueswitch.com/yahoo-fr/">Copiez vos mails</a> vers Yahoo! Mail