<html><head><style type="text/css"><!-- DIV {margin:0px;} --></style></head><body><div style="font-family:times new roman, new york, times, serif;font-size:12pt"><DIV>Hi Everybody. </DIV>
<DIV style="FONT-SIZE: 12pt; FONT-FAMILY: times new roman, new york, times, serif">
<DIV style="FONT-SIZE: 12pt; FONT-FAMILY: times new roman, new york, times, serif">
<DIV style="FONT-SIZE: 12pt; FONT-FAMILY: times new roman, new york, times, serif">
<DIV style="FONT-SIZE: 12pt; FONT-FAMILY: times new roman, new york, times, serif">
<DIV style="FONT-SIZE: 12pt; FONT-FAMILY: times new roman, new york, times, serif">
<DIV style="FONT-SIZE: 12pt; FONT-FAMILY: times new roman, new york, times, serif">
<DIV> </DIV>
<DIV>We are having some issues in setting up freeradius to support EAP-TLS, EAP-TTLS and EAP-PEAP.</DIV>
<DIV>Our goal is to have our authentication server providing those three Auth-Type simultaneously.</DIV>
<DIV>To support EAP-TLS, we generate our CA and certificates via TinyCA.</DIV>
<DIV> </DIV>
<DIV>Here are our configurations files :</DIV>
<DIV> </DIV>
<DIV>######radiusd.conf##########</DIV>
<DIV>prefix = /usr/local<BR>exec_prefix = ${prefix}<BR>sysconfdir = ${prefix}/etc<BR>localstatedir = ${prefix}/var<BR>sbindir = ${exec_prefix}/sbin<BR>logdir = ${localstatedir}/log/radius<BR>raddbdir = ${sysconfdir}/raddb<BR>radacctdir = ${logdir}/radacct<BR>confdir = ${raddbdir}<BR>run_dir = ${localstatedir}/run/radiusd<BR>db_dir = $(raddbdir)<BR>libdir = ${exec_prefix}/lib<BR>pidfile = ${run_dir}/radiusd.pid<BR>max_request_time = 30<BR>cleanup_delay = 5<BR>max_requests = 1024<BR>listen {<BR> type = auth<BR> ipaddr = *<BR> port = 0<BR>}<BR>listen {<BR> ipaddr = *<BR> port = 0<BR> type = acct<BR>}<BR>hostname_lookups = no<BR>allow_core_dumps = no<BR>regular_expressions =
yes<BR>extended_expressions = yes<BR>log {<BR> destination = files<BR> file = ${logdir}/radius.log<BR> syslog_facility = daemon<BR> stripped_names = no<BR> auth = no<BR> auth_badpass = no<BR> auth_goodpass = no<BR>}<BR>checkrad = ${sbindir}/checkrad<BR>security {<BR> max_attributes = 200<BR> reject_delay = 1<BR> status_server = yes<BR>}<BR>proxy_requests = yes<BR>$INCLUDE proxy.conf<BR>$INCLUDE clients.conf<BR>snmp = no<BR>$INCLUDE snmp.conf<BR>thread pool {<BR> start_servers =
5<BR> max_servers = 32<BR> min_spare_servers = 3<BR> max_spare_servers = 10<BR> max_requests_per_server = 0<BR>}<BR>modules {<BR> $INCLUDE ${confdir}/modules/<BR> $INCLUDE eap.conf<BR> $INCLUDE sql.conf</DIV>
<DIV> $INCLUDE sql/mysql/counter.conf<BR>}<BR>instantiate {<BR> exec<BR> expr<BR> expiration<BR> logintime<BR>}<BR>$INCLUDE policy.conf<BR>$INCLUDE sites-enabled/<BR></DIV>
<DIV> </DIV>
<DIV>#######sites-enabled/behanzin.uac.bj###############</DIV>
<DIV>authorize {<BR> preprocess<BR> chap<BR> mschap<BR> digest<BR> suffix<BR> eap {<BR> ok = return<BR> }<BR> unix<BR> expiration<BR> logintime<BR> pap<BR> passwd<BR>}<BR>authenticate {<BR> Auth-Type PAP {<BR>
pap<BR> }<BR> Auth-Type CHAP {<BR> chap<BR> }<BR> Auth-Type MS-CHAP {<BR> mschap<BR> }<BR> digest<BR> unix<BR> eap<BR>}<BR>preacct {<BR> preprocess<BR> acct_unique<BR> suffix<BR> files<BR>}<BR>accounting {<BR>
detail<BR> unix<BR> radutmp<BR> attr_filter.accounting_response<BR>}<BR>session {<BR> radutmp<BR>}<BR>post-auth {<BR> exec<BR> Post-Auth-Type REJECT {<BR> attr_filter.access_reject<BR> }<BR>}<BR>pre-proxy {<BR>}<BR>post-proxy {<BR> eap<BR>}<BR></DIV>
<DIV> </DIV>
<DIV>We also add radius' log after an authentication attempt from windows XP OS</DIV>
<DIV> </DIV>
<DIV>using windows built in supplicant by supplying a username and password stored in </DIV>
<DIV> </DIV>
<DIV>our /etc/passwd file. But the authentication failed with this error message :</DIV>
<DIV><SPAN class=subject><FONT size=3></FONT></SPAN> </DIV>
<DIV><SPAN class=subject><FONT size=3><STRONG>rlm_eap: identity does not match User-Name, setting from EAP identity</STRONG></FONT></SPAN></DIV>
<DIV><SPAN class=subject></SPAN> </DIV>
<DIV>########Radius logs ################</DIV>
<DIV>...............Thu Dec 11 14:59:10 2008 : Debug: main {<BR>Thu Dec 11 14:59:10 2008 : Debug: prefix = "/usr/local"<BR>Thu Dec 11 14:59:10 2008 : Debug: localstatedir = "/usr/local/var"<BR>Thu Dec 11 14:59:10 2008 : Debug: logdir = "/usr/local/var/log/radius"<BR>Thu Dec 11 14:59:10 2008 : Debug: libdir = "/usr/local/lib"<BR>Thu Dec 11 14:59:10 2008 : Debug: radacctdir = "/usr/local/var/log/radius/radacct"<BR>Thu Dec 11 14:59:10 2008 : Debug: hostname_lookups = no<BR>Thu Dec 11 14:59:10 2008 : Debug: max_request_time = 30<BR>Thu Dec 11 14:59:10 2008 : Debug: cleanup_delay = 5<BR>Thu Dec 11 14:59:10 2008 : Debug: max_requests =
1024<BR>Thu Dec 11 14:59:10 2008 : Debug: allow_core_dumps = no<BR>Thu Dec 11 14:59:10 2008 : Debug: pidfile = "/usr/local/var/run/radiusd/radiusd.pid"<BR>Thu Dec 11 14:59:10 2008 : Debug: checkrad = "/usr/local/sbin/checkrad"<BR>Thu Dec 11 14:59:10 2008 : Debug: debug_level = 0<BR>Thu Dec 11 14:59:10 2008 : Debug: proxy_requests = yes<BR>Thu Dec 11 14:59:10 2008 : Debug: log {<BR>Thu Dec 11 14:59:10 2008 : Debug: stripped_names = no<BR>Thu Dec 11 14:59:10 2008 : Debug: auth = no<BR>Thu Dec 11 14:59:10 2008 : Debug: auth_badpass = no<BR>Thu Dec 11 14:59:10 2008 : Debug: auth_goodpass = no<BR>Thu Dec 11 14:59:10 2008 :
Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: client localhost {<BR>Thu Dec 11 14:59:10 2008 : Debug: ipaddr = 127.0.0.1<BR>Thu Dec 11 14:59:10 2008 : Debug: require_message_authenticator = no<BR>Thu Dec 11 14:59:10 2008 : Debug: secret = "testing123"<BR>Thu Dec 11 14:59:10 2008 : Debug: nastype = "other"<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: client 172.21.0.9 {<BR>Thu Dec 11 14:59:10 2008 : Debug: require_message_authenticator = no<BR>Thu Dec 11 14:59:10 2008 : Debug: secret = "testing123"<BR>Thu Dec 11 14:59:10 2008 : Debug: shortname = "Behanzin"<BR>Thu Dec 11 14:59:10 2008 :
Debug: nastype = "other"<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: client 172.21.1.251 {<BR>Thu Dec 11 14:59:10 2008 : Debug: require_message_authenticator = no<BR>Thu Dec 11 14:59:10 2008 : Debug: secret = "testing123"<BR>Thu Dec 11 14:59:10 2008 : Debug: shortname = "TestingAP"<BR>Thu Dec 11 14:59:10 2008 : Debug: nastype = "other"<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: radiusd: #### Loading Realms and Home Servers ####<BR>Thu Dec 11 14:59:10 2008 : Debug: proxy server {<BR>Thu Dec 11 14:59:10 2008 : Debug: retry_delay = 5<BR>Thu Dec 11 14:59:10 2008 : Debug: retry_count = 3<BR>Thu Dec 11 14:59:10 2008 :
Debug: default_fallback = no<BR>Thu Dec 11 14:59:10 2008 : Debug: dead_time = 120<BR>Thu Dec 11 14:59:10 2008 : Debug: wake_all_if_all_dead = no<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: home_server localhost {<BR>Thu Dec 11 14:59:10 2008 : Debug: ipaddr = 127.0.0.1<BR>Thu Dec 11 14:59:10 2008 : Debug: port = 1812<BR>Thu Dec 11 14:59:10 2008 : Debug: type = "auth"<BR>Thu Dec 11 14:59:10 2008 : Debug: secret = "testing123"<BR>Thu Dec 11 14:59:10 2008 : Debug: response_window = 20<BR>Thu Dec 11 14:59:10 2008 : Debug: max_outstanding = 65536<BR>Thu Dec 11 14:59:10 2008 :
Debug: zombie_period = 40<BR>Thu Dec 11 14:59:10 2008 : Debug: status_check = "status-server"<BR>Thu Dec 11 14:59:10 2008 : Debug: ping_check = "none"<BR>Thu Dec 11 14:59:10 2008 : Debug: ping_interval = 30<BR>Thu Dec 11 14:59:10 2008 : Debug: check_interval = 30<BR>Thu Dec 11 14:59:10 2008 : Debug: num_answers_to_alive = 3<BR>Thu Dec 11 14:59:10 2008 : Debug: num_pings_to_alive = 3<BR>Thu Dec 11 14:59:10 2008 : Debug: revive_interval = 120<BR>Thu Dec 11 14:59:10 2008 : Debug: status_check_timeout = 4<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: home_server_pool my_auth_failover {<BR>Thu Dec
11 14:59:10 2008 : Debug: type = fail-over<BR>Thu Dec 11 14:59:10 2008 : Debug: home_server = localhost<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: realm uac.bj {<BR>Thu Dec 11 14:59:10 2008 : Debug: auth_pool = my_auth_failover<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: realm LOCAL {<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: radiusd: #### Instantiating modules ####<BR>Thu Dec 11 14:59:10 2008 : Debug: instantiate {<BR>Thu Dec 11 14:59:10 2008 : Debug: (Loaded rlm_exec, checking if it's valid)<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to module rlm_exec<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating exec<BR>Thu Dec 11 14:59:10 2008 : Debug: exec
{<BR>Thu Dec 11 14:59:10 2008 : Debug: wait = no<BR>Thu Dec 11 14:59:10 2008 : Debug: input_pairs = "request"<BR>Thu Dec 11 14:59:10 2008 : Debug: shell_escape = yes<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: (Loaded rlm_expr, checking if it's valid)<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to module rlm_expr<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating expr<BR>Thu Dec 11 14:59:10 2008 : Debug: (Loaded rlm_expiration, checking if it's valid)<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to module rlm_expiration<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating expiration<BR>Thu Dec 11 14:59:10 2008 : Debug: expiration {<BR>Thu Dec 11 14:59:10 2008 :
Debug: reply-message = "Password Has Expired "<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: (Loaded rlm_logintime, checking if it's valid)<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to module rlm_logintime<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating logintime<BR>Thu Dec 11 14:59:10 2008 : Debug: logintime {<BR>Thu Dec 11 14:59:10 2008 : Debug: reply-message = "You are calling outside your allowed timespan "<BR>Thu Dec 11 14:59:10 2008 : Debug: minimum-timeout = 60<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: radiusd: #### Loading Virtual Servers ####<BR>Thu Dec 11 14:59:10 2008 : Debug: server {<BR>Thu Dec 11 14:59:10 2008 :
Debug: modules {<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Checking authenticate {...} for more modules to load<BR>Thu Dec 11 14:59:10 2008 : Debug: (Loaded rlm_pap, checking if it's valid)<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to module rlm_pap<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating pap<BR>Thu Dec 11 14:59:10 2008 : Debug: pap {<BR>Thu Dec 11 14:59:10 2008 : Debug: encryption_scheme = "auto"<BR>Thu Dec 11 14:59:10 2008 : Debug: auto_header = no<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: (Loaded rlm_chap, checking if it's valid)<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to module rlm_chap<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating chap<BR>Thu Dec 11 14:59:10 2008 :
Debug: (Loaded rlm_mschap, checking if it's valid)<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to module rlm_mschap<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating mschap<BR>Thu Dec 11 14:59:10 2008 : Debug: mschap {<BR>Thu Dec 11 14:59:10 2008 : Debug: use_mppe = yes<BR>Thu Dec 11 14:59:10 2008 : Debug: require_encryption = no<BR>Thu Dec 11 14:59:10 2008 : Debug: require_strong = no<BR>Thu Dec 11 14:59:10 2008 : Debug: with_ntdomain_hack = no<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: (Loaded rlm_digest, checking if it's valid)<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to module rlm_digest<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating
digest<BR>Thu Dec 11 14:59:10 2008 : Debug: (Loaded rlm_unix, checking if it's valid)<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to module rlm_unix<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating unix<BR>Thu Dec 11 14:59:10 2008 : Debug: unix {<BR>Thu Dec 11 14:59:10 2008 : Debug: radwtmp = "/usr/local/var/log/radius/radwtmp"<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: (Loaded rlm_eap, checking if it's valid)<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to module rlm_eap<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating eap<BR>Thu Dec 11 14:59:10 2008 : Debug: eap {<BR>Thu Dec 11 14:59:10 2008 : Debug: default_eap_type = "md5"<BR>Thu Dec 11 14:59:10 2008 : Debug:
timer_expire = 60<BR>Thu Dec 11 14:59:10 2008 : Debug: ignore_unknown_eap_types = yes<BR>Thu Dec 11 14:59:10 2008 : Debug: cisco_accounting_username_bug = no<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to sub-module rlm_eap_md5<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating eap-md5<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to sub-module rlm_eap_leap<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating eap-leap<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to sub-module rlm_eap_gtc<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating eap-gtc<BR>Thu Dec 11 14:59:10 2008 : Debug: gtc {<BR>Thu Dec 11 14:59:10 2008 : Debug: challenge = "Password: "<BR>Thu Dec 11 14:59:10 2008 :
Debug: auth_type = "PAP"<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to sub-module rlm_eap_tls<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating eap-tls<BR>Thu Dec 11 14:59:10 2008 : Debug: tls {<BR>Thu Dec 11 14:59:10 2008 : Debug: rsa_key_exchange = no<BR>Thu Dec 11 14:59:10 2008 : Debug: dh_key_exchange = yes<BR>Thu Dec 11 14:59:10 2008 : Debug: rsa_key_length = 512<BR>Thu Dec 11 14:59:10 2008 : Debug: dh_key_length = 512<BR>Thu Dec 11 14:59:10 2008 : Debug: verify_depth = 0<BR>Thu Dec 11 14:59:10 2008 : Debug: pem_file_type = yes<BR>Thu Dec 11 14:59:10 2008 :
Debug: private_key_file = "<A rel=nofollow>/usr/local/etc/raddb/certs/behanzin@uac.bj-cert.pem</A>"<BR>Thu Dec 11 14:59:10 2008 : Debug: certificate_file = "<A rel=nofollow>/usr/local/etc/raddb/certs/behanzin@uac.bj-cert.pem</A>"<BR>Thu Dec 11 14:59:10 2008 : Debug: CA_file = "/usr/local/etc/raddb/certs/UAC_CA-cacert.pem"<BR>Thu Dec 11 14:59:10 2008 : Debug: private_key_password = "UacCertificate07"<BR>Thu Dec 11 14:59:10 2008 : Debug: dh_file = "/usr/local/etc/raddb/certs/dh"<BR>Thu Dec 11 14:59:10 2008 : Debug: random_file = "/usr/local/etc/raddb/certs/random"<BR>Thu Dec 11 14:59:10 2008 : Debug: fragment_size = 1024<BR>Thu Dec 11 14:59:10 2008 : Debug: include_length
= yes<BR>Thu Dec 11 14:59:10 2008 : Debug: check_crl = no<BR>Thu Dec 11 14:59:10 2008 : Debug: cipher_list = "DEFAULT"<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to sub-module rlm_eap_ttls<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating eap-ttls<BR>Thu Dec 11 14:59:10 2008 : Debug: ttls {<BR>Thu Dec 11 14:59:10 2008 : Debug: default_eap_type = "md5"<BR>Thu Dec 11 14:59:10 2008 : Debug: copy_request_to_tunnel = no<BR>Thu Dec 11 14:59:10 2008 : Debug: use_tunneled_reply = no<BR>Thu Dec 11 14:59:10 2008 : Debug: virtual_server = "inner-tunnel"<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 :
Debug: Module: Linked to sub-module rlm_eap_peap<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating eap-peap<BR>Thu Dec 11 14:59:10 2008 : Debug: peap {<BR>Thu Dec 11 14:59:10 2008 : Debug: default_eap_type = "mschapv2"<BR>Thu Dec 11 14:59:10 2008 : Debug: copy_request_to_tunnel = no<BR>Thu Dec 11 14:59:10 2008 : Debug: use_tunneled_reply = no<BR>Thu Dec 11 14:59:10 2008 : Debug: proxy_tunneled_request_as_eap = yes<BR>Thu Dec 11 14:59:10 2008 : Debug: virtual_server = "inner-tunnel"<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to sub-module rlm_eap_mschapv2<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating eap-mschapv2<BR>Thu DThu Dec 11 14:59:10 2008 :
Debug: with_ntdomain_hack = no<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Checking authorize {...} for more modules to load<BR>Thu Dec 11 14:59:10 2008 : Debug: (Loaded rlm_preprocess, checking if it's valid)<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to module rlm_preprocess<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating preprocess<BR>Thu Dec 11 14:59:10 2008 : Debug: preprocess {<BR>Thu Dec 11 14:59:10 2008 : Debug: huntgroups = "/usr/local/etc/raddb/huntgroups"<BR>Thu Dec 11 14:59:10 2008 : Debug: hints = "/usr/local/etc/raddb/hints"<BR>Thu Dec 11 14:59:10 2008 : Debug: with_ascend_hack = no<BR>Thu Dec 11 14:59:10 2008 : Debug:
ascend_channels_per_line = 23<BR>Thu Dec 11 14:59:10 2008 : Debug: with_ntdomain_hack = no<BR>Thu Dec 11 14:59:10 2008 : Debug: with_specialix_jetstream_hack = no<BR>Thu Dec 11 14:59:10 2008 : Debug: with_cisco_vsa_hack = no<BR>Thu Dec 11 14:59:10 2008 : Debug: with_alvarion_vsa_hack = no<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: (Loaded rlm_realm, checking if it's valid)<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to module rlm_realm<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating suffix<BR>Thu Dec 11 14:59:10 2008 : Debug: realm suffix {<BR>Thu Dec 11 14:59:10 2008 : Debug: format = "suffix"<BR>Thu Dec 11 14:59:10 2008 : Debug:
delimiter = "@"<BR>Thu Dec 11 14:59:10 2008 : Debug: ignore_default = no<BR>Thu Dec 11 14:59:10 2008 : Debug: ignore_null = no<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: (Loaded rlm_passwd, checking if it's valid)<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to module rlm_passwd<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating passwd<BR>Thu Dec 11 14:59:10 2008 : Debug: passwd passwd {<BR>Thu Dec 11 14:59:10 2008 : Debug: filename = "/etc/shadow"<BR>Thu Dec 11 14:59:10 2008 : Debug: format = "*=User-Name:MD5-Password"<BR>Thu Dec 11 14:59:10 2008 : Debug: delimiter = ":"<BR>Thu Dec 11 14:59:10 2008 : Debug: ignorenislike = yes<BR>Thu
Dec 11 14:59:10 2008 : Debug: ignoreempty = yes<BR>Thu Dec 11 14:59:10 2008 : Debug: allowmultiplekeys = yes<BR>Thu Dec 11 14:59:10 2008 : Debug: hashsize = 50<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: rlm_passwd: nfields: 2 keyfield 0(User-Name) listable: no<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Checking preacct {...} for more modules to load<BR>Thu Dec 11 14:59:10 2008 : Debug: (Loaded rlm_acct_unique, checking if it's valid)<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to module rlm_acct_unique<BR>Thu Dec 11 14:59:10 2008 : Debug: mschapv2 {</DIV>
<DIV>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating acct_unique<BR>Thu Dec 11 14:59:10 2008 : Debug: acct_unique {<BR>Thu Dec 11 14:59:10 2008 : Debug: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: (Loaded rlm_files, checking if it's valid)<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to module rlm_files<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating files<BR>Thu Dec 11 14:59:10 2008 : Debug: files {<BR>Thu Dec 11 14:59:10 2008 : Debug: usersfile = "/usr/local/etc/raddb/users"<BR>Thu Dec 11 14:59:10 2008 : Debug: acctusersfile = "/usr/local/etc/raddb/acct_users"<BR>Thu Dec 11 14:59:10 2008 : Debug:
preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"<BR>Thu Dec 11 14:59:10 2008 : Debug: compat = "no"<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Checking accounting {...} for more modules to load<BR>Thu Dec 11 14:59:10 2008 : Debug: (Loaded rlm_detail, checking if it's valid)<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to module rlm_detail<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating detail<BR>Thu Dec 11 14:59:10 2008 : Debug: detail {<BR>Thu Dec 11 14:59:10 2008 : Debug: detailfile = "/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"<BR>Thu Dec 11 14:59:10 2008 : Debug: header = "%t"<BR>Thu Dec 11 14:59:10 2008 : Debug: detailperm = 384<BR>Thu Dec 11
14:59:10 2008 : Debug: dirperm = 493<BR>Thu Dec 11 14:59:10 2008 : Debug: locking = no<BR>Thu Dec 11 14:59:10 2008 : Debug: log_packet_header = no<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: (Loaded rlm_radutmp, checking if it's valid)<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to module rlm_radutmp<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating radutmp<BR>Thu Dec 11 14:59:10 2008 : Debug: radutmp {<BR>Thu Dec 11 14:59:10 2008 : Debug: filename = "/usr/local/var/log/radius/radutmp"<BR>Thu Dec 11 14:59:10 2008 : Debug: username = "%{User-Name}"<BR>Thu Dec 11 14:59:10 2008 : Debug: case_sensitive = yes<BR>Thu Dec 11 14:59:10 2008 :
Debug: check_with_nas = yes<BR>Thu Dec 11 14:59:10 2008 : Debug: perm = 384<BR>Thu Dec 11 14:59:10 2008 : Debug: callerid = yes<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: (Loaded rlm_attr_filter, checking if it's valid)<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Linked to module rlm_attr_filter<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating attr_filter.accounting_response<BR>Thu Dec 11 14:59:10 2008 : Debug: attr_filter attr_filter.accounting_response {<BR>Thu Dec 11 14:59:10 2008 : Debug: attrsfile = "/usr/local/etc/raddb/attrs.accounting_response"<BR>Thu Dec 11 14:59:10 2008 : Debug: key = "%{User-Name}"<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11
14:59:10 2008 : Debug: Module: Checking session {...} for more modules to load<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Checking post-proxy {...} for more modules to load<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Checking post-auth {...} for more modules to load<BR>Thu Dec 11 14:59:10 2008 : Debug: Module: Instantiating attr_filter.access_reject<BR>Thu Dec 11 14:59:10 2008 : Debug: attr_filter attr_filter.access_reject {<BR>Thu Dec 11 14:59:10 2008 : Debug: attrsfile = "/usr/local/etc/raddb/attrs.access_reject"<BR>Thu Dec 11 14:59:10 2008 : Debug: key = "%{User-Name}"<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: radiusd: #### Opening IP addresses and Ports ####<BR>Thu Dec 11 14:59:10 2008 : Debug: listen {<BR>Thu
Dec 11 14:59:10 2008 : Debug: type = "auth"<BR>Thu Dec 11 14:59:10 2008 : Debug: ipaddr = *<BR>Thu Dec 11 14:59:10 2008 : Debug: port = 0<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: listen {<BR>Thu Dec 11 14:59:10 2008 : Debug: type = "acct"<BR>Thu Dec 11 14:59:10 2008 : Debug: ipaddr = *<BR>Thu Dec 11 14:59:10 2008 : Debug: port = 0<BR>Thu Dec 11 14:59:10 2008 : Debug: }<BR>Thu Dec 11 14:59:10 2008 : Debug: Listening on authentication address * port 1812<BR>Thu Dec 11 14:59:10 2008 : Debug: Listening on accounting address * port 1813<BR>Thu Dec 11 14:59:10 2008 : Debug: Listening on proxy address * port 1814<BR>Thu Dec 11 14:59:10 2008 : Debug: Ready to process requests.<BR>rad_recv: Access-Request packet
from host 172.21.1.251 port 1035, id=233, length=145<BR> User-Name = "<A href="mailto:toto@uac.bj" target=_blank rel=nofollow ymailto="mailto:toto@uac.bj">toto@uac.bj</A>"<BR> NAS-IP-Address = 172.21.1.251<BR> Connect-Info = "CONNECT 802.11"<BR> Called-Station-Id = "0060b33573b4"<BR> Calling-Station-Id = "000e35dfc4c9"<BR> NAS-Identifier = "ap"<BR> NAS-Port-Type = Wireless-802.11<BR> NAS-Port = 40<BR> NAS-Port-Id = "40"<BR> Framed-MTU = 1400<BR> EAP-Message =
0x0269001001746f746f407561632e626a<BR> Message-Authenticator = 0x4047d95682a4670d24da3c2fa434814e<BR>Thu Dec 11 15:00:37 2008 : Debug: +- entering group authorize<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: calling preprocess (rlm_preprocess) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[preprocess] returns ok<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: calling chap (rlm_chap) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: returned from chap (rlm_chap) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[chap] returns noop<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: calling mschap (rlm_mschap) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug:
modsingle[authorize]: returned from mschap (rlm_mschap) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[mschap] returns noop<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: calling digest (rlm_digest) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: returned from digest (rlm_digest) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[digest] returns noop<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: calling suffix (rlm_realm) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: rlm_realm: Looking up realm "uac.bj" for User-Name = "<A href="mailto:toto@uac.bj" target=_blank rel=nofollow ymailto="mailto:toto@uac.bj">toto@uac.bj</A>"<BR>Thu Dec 11 15:00:37 2008 : Debug: rlm_realm: Found realm "uac.bj"<BR>Thu Dec 11 15:00:37 2008 : Debug: rlm_realm: Adding Stripped-User-Name = "toto"<BR>Thu Dec 11
15:00:37 2008 : Debug: rlm_realm: Adding Realm = "uac.bj"<BR>Thu Dec 11 15:00:37 2008 : Debug: rlm_realm: Proxying request from user toto to realm uac.bj<BR>Thu Dec 11 15:00:37 2008 : Debug: rlm_realm: Preparing to proxy authentication request to realm "uac.bj"<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: returned from suffix (rlm_realm) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[suffix] returns updated<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: calling eap (rlm_eap) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: rlm_eap: Request is supposed to be proxied to Realm uac.bj. Not doing EAP.<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: returned from eap (rlm_eap) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[eap] returns noop<BR>Thu Dec 11 15:00:37 2008 :
Debug: modsingle[authorize]: calling unix (rlm_unix) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: returned from unix (rlm_unix) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[unix] returns updated<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: calling expiration (rlm_expiration) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: returned from expiration (rlm_expiration) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[expiration] returns noop<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: calling logintime (rlm_logintime) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: returned from logintime (rlm_logintime) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[logintime] returns noop<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: calling pap
(rlm_pap) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: returned from pap (rlm_pap) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[pap] returns noop<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: calling passwd (rlm_passwd) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: returned from passwd (rlm_passwd) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[passwd] returns notfound<BR>Thu Dec 11 15:00:37 2008 : Debug: proxy: allocating destination 127.0.0.1 port 1812 - Id 200<BR>Sending Access-Request of id 200 to 127.0.0.1 port 1812<BR> User-Name = "toto"<BR> NAS-IP-Address = 172.21.1.251<BR> Connect-Info = "CONNECT 802.11"<BR> Called-Station-Id =
"0060b33573b4"<BR> Calling-Station-Id = "000e35dfc4c9"<BR> NAS-Identifier = "ap"<BR> NAS-Port-Type = Wireless-802.11<BR> NAS-Port = 40<BR> NAS-Port-Id = "40"<BR> Framed-MTU = 1400<BR> EAP-Message = 0x0269001001746f746f407561632e626a<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> Proxy-State = 0x323333<BR>Thu Dec 11 15:00:37 2008 : Debug: Proxying request 0 to home server 127.0.0.1 port 1812<BR>Sending Access-Request of id 200 to 127.0.0.1 port 1812<BR> User-Name = "toto"<BR>
NAS-IP-Address = 172.21.1.251<BR> Connect-Info = "CONNECT 802.11"<BR> Called-Station-Id = "0060b33573b4"<BR> Calling-Station-Id = "000e35dfc4c9"<BR> NAS-Identifier = "ap"<BR> NAS-Port-Type = Wireless-802.11<BR> NAS-Port = 40<BR> NAS-Port-Id = "40"<BR> Framed-MTU = 1400<BR> EAP-Message = 0x0269001001746f746f407561632e626a<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> Proxy-State = 0x323333<BR>Thu Dec 11 15:00:37 2008 : Debug: Going to the next request<BR>Thu Dec 11 15:00:37 2008 :
Debug: Waking up in 0.9 seconds.<BR>rad_recv: Access-Request packet from host 127.0.0.1 port 1814, id=200, length=143<BR> User-Name = "toto"<BR> NAS-IP-Address = 172.21.1.251<BR> Connect-Info = "CONNECT 802.11"<BR> Called-Station-Id = "0060b33573b4"<BR> Calling-Station-Id = "000e35dfc4c9"<BR> NAS-Identifier = "ap"<BR> NAS-Port-Type = Wireless-802.11<BR> NAS-Port = 40<BR> NAS-Port-Id = "40"<BR> Framed-MTU = 1400<BR> EAP-Message = 0x0269001001746f746f407561632e626a<BR> Message-Authenticator =
0x37c8e239d08fc96baa9a8711c785a234<BR> Proxy-State = 0x323333<BR>Thu Dec 11 15:00:37 2008 : Debug: +- entering group authorize<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: calling preprocess (rlm_preprocess) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[preprocess] returns ok<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: calling chap (rlm_chap) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: returned from chap (rlm_chap) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[chap] returns noop<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: calling mschap (rlm_mschap) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: returned from mschap
(rlm_mschap) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[mschap] returns noop<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: calling digest (rlm_digest) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: returned from digest (rlm_digest) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[digest] returns noop<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: calling suffix (rlm_realm) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug: rlm_realm: No <A href="mailto:'@'" target=_blank rel=nofollow ymailto="mailto:'@'">'@'</A> in User-Name = "toto", looking up realm NULL<BR>Thu Dec 11 15:00:37 2008 : Debug: rlm_realm: No such realm "NULL"<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: returned from suffix (rlm_realm) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[suffix] returns
noop<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: calling eap (rlm_eap) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug: rlm_eap: EAP packet type response id 105 length 16<BR>Thu Dec 11 15:00:37 2008 : Debug: rlm_eap: No EAP Start, assuming it's an on-going EAP conversation<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: returned from eap (rlm_eap) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[eap] returns updated<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: calling unix (rlm_unix) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: returned from unix (rlm_unix) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[unix] returns updated<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: calling expiration (rlm_expiration) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug:
modsingle[authorize]: returned from expiration (rlm_expiration) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[expiration] returns noop<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: calling logintime (rlm_logintime) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: returned from logintime (rlm_logintime) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[logintime] returns noop<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: calling pap (rlm_pap) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug: rlm_pap: Found existing Auth-Type, not changing it.<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: returned from pap (rlm_pap) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[pap] returns noop<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: calling passwd (rlm_passwd) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug:
rlm_passwd: Added MD5-Password: 'HsrtQesmWHodM:14211::::::' to config_items<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authorize]: returned from passwd (rlm_passwd) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[passwd] returns ok<BR>Thu Dec 11 15:00:37 2008 : Debug: rad_check_password: Found Auth-Type EAP<BR>Thu Dec 11 15:00:37 2008 : Debug: auth: type "EAP"<BR>Thu Dec 11 15:00:37 2008 : Debug: +- entering group authenticate<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authenticate]: calling eap (rlm_eap) for request 1<BR>Thu Dec 11 15:00:37 2008 : Error: rlm_eap: Identity does not match User-Name, setting from EAP Identity.<BR>Thu Dec 11 15:00:37 2008 : Debug: rlm_eap: Failed in handler<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[authenticate]: returned from eap (rlm_eap) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[eap] returns invalid<BR>Thu Dec 11 15:00:37
2008 : Debug: auth: Failed to validate the user.<BR>Thu Dec 11 15:00:37 2008 : Debug: Found Post-Auth-Type Reject<BR>Thu Dec 11 15:00:37 2008 : Debug: +- entering group REJECT<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[post-auth]: calling attr_filter.access_reject (rlm_attr_filter) for request 1<BR>Thu Dec 11 15:00:37 2008 : Debug: expand: %{User-Name} -> toto<BR>Thu Dec 11 15:00:37 2008 : Debug: attr_filter: Matched entry DEFAULT at line 11<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[post-auth]: returned from attr_filter.access_reject (rlm_attr_filter) for reque<BR>st 1<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[attr_filter.access_reject] returns updated<BR>Sending Access-Reject of id 200 to 127.0.0.1 port 1814<BR> Proxy-State = 0x323333<BR>Thu Dec 11 15:00:37 2008 : Debug: Finished request 1.<BR>Thu Dec 11 15:00:37 2008 :
Debug: Going to the next request<BR>Thu Dec 11 15:00:37 2008 : Debug: Waking up in 0.9 seconds.<BR>rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=200, length=25<BR> Proxy-State = 0x323333<BR>Thu Dec 11 15:00:37 2008 : Debug: +- entering group post-proxy<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[post-proxy]: calling eap (rlm_eap) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: rlm_eap: No pre-existing handler found<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[post-proxy]: returned from eap (rlm_eap) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[eap] returns noop<BR>Thu Dec 11 15:00:37 2008 : Debug: Found Post-Auth-Type Reject<BR>Thu Dec 11 15:00:37 2008 : Debug: +- entering group REJECT<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[post-auth]: calling attr_filter.access_reject (rlm_attr_filter) for request 0<BR>Thu
Dec 11 15:00:37 2008 : Debug: expand: %{User-Name} -> <A href="mailto:toto@uac.bj" target=_blank rel=nofollow ymailto="mailto:toto@uac.bj">toto@uac.bj</A><BR>Thu Dec 11 15:00:37 2008 : Debug: attr_filter: Matched entry DEFAULT at line 11<BR>Thu Dec 11 15:00:37 2008 : Debug: modsingle[post-auth]: returned from attr_filter.access_reject (rlm_attr_filter) for request 0<BR>Thu Dec 11 15:00:37 2008 : Debug: ++[attr_filter.access_reject] returns updated<BR>Sending Access-Reject of id 233 to 172.21.1.251 port 1035<BR>Thu Dec 11 15:00:37 2008 : Debug: Finished request 0.<BR>Thu Dec 11 15:00:37 2008 : Debug: Going to the next request<BR>Thu Dec 11 15:00:37 2008 : Debug: Waking up in 4.9 seconds.<BR>Thu Dec 11 15:00:42 2008 : Debug: Cleaning up request 1 ID 200 with timestamp +87<BR>Thu Dec 11 15:00:42 2008 : Debug: Cleaning up request 0 ID 233 with timestamp +87<BR>Thu Dec 11 15:00:42 2008 : Debug: Ready
to process requests.</DIV>
<DIV> </DIV>
<DIV>Is there something wrong in our configurations?</DIV>
<DIV>Is tit normal that there is no User-Password attribute in Access-Request packet?</DIV>
<DIV>Thanks very much to help us solve these problems.</DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV> </DIV></DIV><BR></DIV></DIV></DIV><BR></DIV></DIV></div><br>
</body></html>