<html><head><style type="text/css"><!-- DIV {margin:0px;} --></style></head><body><div style="font-family:times new roman, new york, times, serif;font-size:12pt"><DIV>
<DIV>Ivan,</DIV>
<DIV> </DIV>
<DIV>Here is the radiusd -X output:</DIV>
<DIV> </DIV>
<DIV>Thanks</DIV><BR></DIV>
<DIV style="FONT-SIZE: 12pt; FONT-FAMILY: times new roman, new york, times, serif"> </DIV>
<DIV style="FONT-SIZE: 12pt; FONT-FAMILY: times new roman, new york, times, serif">main {<BR> prefix = "/usr"<BR> localstatedir = "/var"<BR> logdir = "/usr/local/jboss/server/zzjbossserver/log"<BR> libdir = "/usr/lib"<BR> radacctdir = "/usr/local/jboss/server/zzjbossserver/log/radacct"<BR> hostname_lookups = no<BR> max_request_time = 30<BR> cleanup_delay = 5<BR> max_requests = 1024<BR> allow_core_dumps = no<BR> pidfile = "/var/run/radiusd/radiusd.pid"<BR> checkrad = "/usr/sbin/checkrad"<BR> debug_level = 0<BR> proxy_requests = yes<BR> log {<BR> stripped_names = no<BR> auth = no<BR> auth_badpass = no<BR> auth_goodpass = no<BR> }<BR> security {<BR> max_attributes = 200<BR> reject_delay = 1<BR> status_server = no<BR> }<BR>}<BR> client 10.12.18.4 {<BR> require_message_authenticator = no<BR> secret =
"zz"<BR> shortname = "3750"<BR> }<BR> client 127.0.0.1 {<BR> require_message_authenticator = no<BR> secret = "zz"<BR> shortname = "example"<BR> }<BR>radiusd: #### Loading Realms and Home Servers ####<BR> proxy server {<BR> retry_delay = 5<BR> retry_count = 3<BR> default_fallback = yes<BR> dead_time = 100<BR> wake_all_if_all_dead = no<BR> }<BR> realm example {<BR> authhost = LOCAL<BR> accthost = LOCAL<BR> }<BR> realm tpw5.com {<BR> authhost = LOCAL<BR> accthost = LOCAL<BR> }<BR> realm tpw5 {<BR> authhost = LOCAL<BR> accthost = LOCAL<BR> }<BR>radiusd: #### Instantiating modules ####<BR> instantiate {<BR> Module: Linked to module rlm_exec<BR> Module: Instantiating exec<BR> exec {<BR> wait = yes<BR> input_pairs = "request"<BR> shell_escape = yes<BR> }<BR> Module: Linked to module
rlm_expr<BR> Module: Instantiating expr<BR> }<BR>radiusd: #### Loading Virtual Servers ####<BR> modules {<BR> Module: Checking authenticate {...} for more modules to load<BR> Module: Linked to module rlm_pap<BR> Module: Instantiating pap<BR> pap {<BR> encryption_scheme = "crypt"<BR> auto_header = no<BR> }<BR> Module: Linked to module rlm_chap<BR> Module: Instantiating chap<BR> Module: Linked to module rlm_mschap<BR> Module: Instantiating mschap<BR> mschap {<BR> use_mppe = yes<BR> require_encryption = yes<BR> require_strong = no<BR> with_ntdomain_hack = yes<BR> ntlm_auth = "/usr/bin/sudo /usr/bin/ntlm_auth --request-nt-key --username=%{Stripped-User-Name:-%{User-Name:-%{mschap:User-Name}}} --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}"<BR> }<BR> Module: Linked to module rlm_unix<BR> Module: Instantiating
unix<BR> unix {<BR> radwtmp = "/usr/local/jboss/server/zzjbossserver/log/radwtmp"<BR> }<BR> Module: Linked to module rlm_eap<BR> Module: Instantiating eap<BR> eap {<BR> default_eap_type = "md5"<BR> timer_expire = 60<BR> ignore_unknown_eap_types = no<BR> cisco_accounting_username_bug = no<BR> max_sessions = 2048<BR> }<BR> Module: Linked to sub-module rlm_eap_md5<BR> Module: Instantiating eap-md5<BR> Module: Linked to sub-module rlm_eap_leap<BR> Module: Instantiating eap-leap<BR> Module: Linked to sub-module rlm_eap_gtc<BR> Module: Instantiating eap-gtc<BR> gtc {<BR> challenge = "Password: "<BR> auth_type = "PAP"<BR> }<BR> Module: Linked to sub-module rlm_eap_tls<BR> Module: Instantiating eap-tls<BR> tls {<BR> rsa_key_exchange = no<BR> dh_key_exchange = yes<BR> rsa_key_length =
512<BR> dh_key_length = 512<BR> verify_depth = 0<BR> pem_file_type = yes<BR> private_key_file = "/opt/zz/current/radius/raddb/port_1812/cert_privkey.key"<BR> certificate_file = "/opt/zz/current/radius/raddb/port_1812/cert_certificate.pem"<BR> CA_file = "/opt/zz/current/radius/raddb/port_1812/cert_ca_cert.pem"<BR> private_key_password = "whatever"<BR> dh_file = "/etc/raddb/certs/dh"<BR> random_file = "/etc/raddb/certs/random"<BR> fragment_size = 1024<BR> include_length = yes<BR> check_crl = yes<BR> }<BR> Module: Linked to sub-module rlm_eap_ttls<BR> Module: Instantiating eap-ttls<BR> ttls {<BR> default_eap_type = "md5"<BR> copy_request_to_tunnel = yes<BR> use_tunneled_reply = yes<BR> }<BR> Module: Linked to sub-module rlm_eap_peap<BR> Module: Instantiating eap-peap<BR> peap {<BR> default_eap_type =
"mschapv2"<BR> copy_request_to_tunnel = yes<BR> use_tunneled_reply = yes<BR> proxy_tunneled_request_as_eap = yes<BR> }<BR> Module: Linked to sub-module rlm_eap_mschapv2<BR> Module: Instantiating eap-mschapv2<BR> mschapv2 {<BR> with_ntdomain_hack = no<BR> }<BR> Module: Linked to module rlm_ldap<BR> Module: Instantiating tpw5.com<BR> ldap tpw5.com {<BR> server = "10.12.19.12"<BR> port = 3268<BR> password = "password"<BR> identity = "<A href="mailto:Administrator@tpw5.com">Administrator@tpw5.com</A>"<BR> net_timeout = 10<BR> timeout = 20<BR> timelimit = 20<BR> tls_mode = no<BR> start_tls = no<BR> tls_require_cert = "allow"<BR> basedn = "CN=Users,DC=tpw5,DC=com"<BR> filter = "(sAMAccountName=%{Stripped-User-Name:-%{User-Name}})"<BR> base_filter = "(objectclass=radiusprofile)"<BR> auto_header =
no<BR> access_attr_used_for_allow = yes<BR> groupname_attribute = "cn"<BR> groupmembership_filter = "(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))"<BR> dictionary_mapping = "/opt/zz/current/radius/raddb/port_1812/ldap.attrmap"<BR> ldap_debug = 0<BR> ldap_connections_number = 5<BR> compare_check_items = no<BR> do_xlat = yes<BR> edir_account_policy_check = yes<BR> set_auth_type = yes<BR> }<BR>rlm_ldap: Registering ldap_groupcmp for Ldap-Group<BR>rlm_ldap: Creating new attribute tpw5.com-Ldap-Group<BR>rlm_ldap: Registering ldap_groupcmp for tpw5.com-Ldap-Group<BR>rlm_ldap: Registering ldap_xlat with xlat_name tpw5.com<BR>rlm_ldap: reading ldap<->radius mappings from file /opt/zz/current/radius/raddb/port_1812/ldap.attrmap<BR>rlm_ldap: LDAP radiusCheckItem mapped to RADIUS $GENERIC$<BR>rlm_ldap: LDAP radiusReplyItem
mapped to RADIUS $GENERIC$<BR>rlm_ldap: LDAP radiusAuthType mapped to RADIUS Auth-Type<BR>rlm_ldap: LDAP radiusSimultaneousUse mapped to RADIUS Simultaneous-Use<BR>rlm_ldap: LDAP radiusCalledStationId mapped to RADIUS Called-Station-Id<BR>rlm_ldap: LDAP radiusCallingStationId mapped to RADIUS Calling-Station-Id<BR>rlm_ldap: LDAP lmPassword mapped to RADIUS LM-Password<BR>rlm_ldap: LDAP ntPassword mapped to RADIUS NT-Password<BR>rlm_ldap: LDAP acctFlags mapped to RADIUS SMB-Account-CTRL-TEXT<BR>rlm_ldap: LDAP radiusExpiration mapped to RADIUS Expiration<BR>rlm_ldap: LDAP radiusNASIpAddress mapped to RADIUS NAS-IP-Address<BR>rlm_ldap: LDAP radiusServiceType mapped to RADIUS Service-Type<BR>rlm_ldap: LDAP radiusReplyMessage mapped to RADIUS Reply-Message<BR>conns: 0x9db9aa0<BR> Module: Checking authorize {...} for more modules to load<BR> Module: Linked to module rlm_preprocess<BR> Module: Instantiating preprocess<BR> preprocess
{<BR> huntgroups = "/opt/zz/current/radius/raddb/port_1812/huntgroups"<BR> hints = "/opt/zz/current/radius/raddb/port_1812/hints"<BR> with_ascend_hack = no<BR> ascend_channels_per_line = 23<BR> with_ntdomain_hack = no<BR> with_specialix_jetstream_hack = no<BR> with_cisco_vsa_hack = no<BR> with_alvarion_vsa_hack = no<BR> }<BR> Module: Linked to module rlm_realm<BR> Module: Instantiating realmpercent<BR> realm realmpercent {<BR> format = "suffix"<BR> delimiter = "%"<BR> ignore_default = no<BR> ignore_null = yes<BR> }<BR> Module: Instantiating ntdomain<BR> realm ntdomain {<BR> format = "prefix"<BR> delimiter = "\"<BR> ignore_default = no<BR> ignore_null = yes<BR> }<BR> Module: Instantiating suffix<BR> realm suffix {<BR> format = "suffix"<BR> delimiter = "@"<BR> ignore_default = no<BR> ignore_null =
no<BR> }<BR> Module: Linked to module rlm_files<BR> Module: Instantiating files<BR> files {<BR> usersfile = "/opt/zz/current/radius/raddb/port_1812/users"<BR> acctusersfile = "/opt/zz/current/radius/raddb/port_1812/acct_users"<BR> preproxy_usersfile = "/opt/zz/current/radius/raddb/port_1812/preproxy_users"<BR> compat = "no"<BR> }<BR> Module: Checking preacct {...} for more modules to load<BR> Module: Checking accounting {...} for more modules to load<BR> Module: Linked to module rlm_detail<BR> Module: Instantiating detail<BR> detail {<BR> detailfile = "/usr/local/jboss/server/zzjbossserver/log/radacct/%{Client-IP-Address}/detail-%Y%m%d"<BR> header = "%t"<BR> detailperm = 384<BR> dirperm = 493<BR> locking = no<BR> log_packet_header = no<BR> }<BR> Module: Linked to module rlm_radutmp<BR> Module: Instantiating radutmp<BR> radutmp
{<BR> filename = "/usr/local/jboss/server/zzjbossserver/log/radutmp"<BR> username = "%{User-Name}"<BR> case_sensitive = yes<BR> check_with_nas = yes<BR> perm = 384<BR> callerid = yes<BR> }<BR> Module: Checking session {...} for more modules to load<BR> Module: Checking post-proxy {...} for more modules to load<BR> Module: Checking post-auth {...} for more modules to load<BR> Module: Linked to module rlm_jradius<BR>radiusd: #### Opening IP addresses and Ports ####<BR>listen {<BR> type = "auth"<BR> ipaddr = *<BR> port = 1812<BR>}<BR>Listening on authentication address * port 1812<BR>Listening on proxy address * port 1814<BR>Ready to process requests.<BR>rad_recv: Access-Request packet from host 10.12.18.4 port 1812, id=100, length=126<BR> NAS-IP-Address = 10.12.18.4<BR> NAS-Port-Type = Async<BR> User-Name = "TPW5\\administrator"<BR> Service-Type =
Framed<BR> Framed-MTU = 1500<BR> Calling-Station-Id = "00-0b-db-0a-ed-eb"<BR> EAP-Message = 0x0200001701545057355c61646d696e6973747261746f72<BR> Message-Authenticator = 0x06f820c71907e184080fd19cd6e84fd0<BR>+- entering group authorize {...}<BR>++[preprocess] returns ok<BR>++[chap] returns noop<BR>++[mschap] returns noop<BR>[realmpercent] No '%' in User-Name = "TPW5\administrator", skipping NULL due to config.<BR>++[realmpercent] returns noop<BR>[ntdomain] Looking up realm "TPW5" for User-Name = "TPW5\administrator"<BR>[ntdomain] Found realm "tpw5"<BR>[ntdomain] Adding Stripped-User-Name = "administrator"<BR>[ntdomain] Adding Realm = "tpw5"<BR>[ntdomain] Authentication realm is LOCAL.<BR>++[ntdomain] returns ok<BR>[suffix] Request already proxied. Ignoring.<BR>++[suffix] returns ok<BR>[eap] EAP packet type response id 0 length 23<BR>[eap] No EAP Start, assuming it's an on-going EAP conversation<BR>++[eap] returns
updated<BR>++[files] returns noop<BR>Found Auth-Type = EAP<BR>+- entering group authenticate {...}<BR>[eap] EAP Identity<BR>[eap] processing type md5<BR>rlm_eap_md5: Issuing Challenge<BR>++[eap] returns handled<BR>Sending Access-Challenge of id 100 to 10.12.18.4 port 1812<BR> EAP-Message = 0x0101001604105ad65c5e373632a60f58c8699b2db79e<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> State = 0x6ccc7ea76ccd7ad3e72180cc6356312d<BR>Finished request 0.<BR>Going to the next request<BR>Waking up in 4.9 seconds.<BR>rad_recv: Access-Request packet from host 10.12.18.4 port 1812, id=101, length=127<BR> NAS-IP-Address = 10.12.18.4<BR> NAS-Port-Type = Async<BR> User-Name = "TPW5\\administrator"<BR> Service-Type = Framed<BR> Framed-MTU = 1500<BR> Calling-Station-Id = "00-0b-db-0a-ed-eb"<BR> State = 0x6ccc7ea76ccd7ad3e72180cc6356312d<BR> EAP-Message =
0x020100060319<BR> Message-Authenticator = 0x2c9415792a87d0100d36482b8e227326<BR>+- entering group authorize {...}<BR>++[preprocess] returns ok<BR>++[chap] returns noop<BR>++[mschap] returns noop<BR>[realmpercent] No '%' in User-Name = "TPW5\administrator", skipping NULL due to config.<BR>++[realmpercent] returns noop<BR>[ntdomain] Looking up realm "TPW5" for User-Name = "TPW5\administrator"<BR>[ntdomain] Found realm "tpw5"<BR>[ntdomain] Adding Stripped-User-Name = "administrator"<BR>[ntdomain] Adding Realm = "tpw5"<BR>[ntdomain] Authentication realm is LOCAL.<BR>++[ntdomain] returns ok<BR>[suffix] Request already proxied. Ignoring.<BR>++[suffix] returns ok<BR>[eap] EAP packet type response id 1 length 6<BR>[eap] No EAP Start, assuming it's an on-going EAP conversation<BR>++[eap] returns updated<BR>++[files] returns noop<BR>Found Auth-Type = EAP<BR>+- entering group authenticate {...}<BR>[eap] Request found, released from the list<BR>[eap]
EAP NAK<BR>[eap] EAP-NAK asked for EAP-Type/peap<BR>[eap] processing type tls<BR>[tls] Initiate<BR>[tls] Start returned 1<BR>++[eap] returns handled<BR>Sending Access-Challenge of id 101 to 10.12.18.4 port 1812<BR> EAP-Message = 0x010200061920<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> State = 0x6ccc7ea76dce67d3e72180cc6356312d<BR>Finished request 1.<BR>Going to the next request<BR>Waking up in 4.9 seconds.<BR>rad_recv: Access-Request packet from host 10.12.18.4 port 1812, id=102, length=201<BR> NAS-IP-Address = 10.12.18.4<BR> NAS-Port-Type = Async<BR> User-Name = "TPW5\\administrator"<BR> Service-Type = Framed<BR> Framed-MTU = 1500<BR> Calling-Station-Id = "00-0b-db-0a-ed-eb"<BR> State = 0x6ccc7ea76dce67d3e72180cc6356312d<BR> EAP-Message =
0x0202005019800000004616030100410100003d030149497fc0589d066d3182d4e06110415db7e9cce189ba524ed9da5a2b90466e9400001600040005000a000900640062000300060013001200630100<BR> Message-Authenticator = 0x1b286efae0fc2cac4e562d2c8b06225f<BR>+- entering group authorize {...}<BR>++[preprocess] returns ok<BR>++[chap] returns noop<BR>++[mschap] returns noop<BR>[realmpercent] No '%' in User-Name = "TPW5\administrator", skipping NULL due to config.<BR>++[realmpercent] returns noop<BR>[ntdomain] Looking up realm "TPW5" for User-Name = "TPW5\administrator"<BR>[ntdomain] Found realm "tpw5"<BR>[ntdomain] Adding Stripped-User-Name = "administrator"<BR>[ntdomain] Adding Realm = "tpw5"<BR>[ntdomain] Authentication realm is LOCAL.<BR>++[ntdomain] returns ok<BR>[suffix] Request already proxied. Ignoring.<BR>++[suffix] returns ok<BR>[eap] EAP packet type response id 2 length 80<BR>[eap] Continuing tunnel setup.<BR>++[eap] returns ok<BR>++[files] returns noop<BR>Found
Auth-Type = EAP<BR>+- entering group authenticate {...}<BR>[eap] Request found, released from the list<BR>[eap] EAP/peap<BR>[eap] processing type peap<BR>[peap] processing EAP-TLS<BR> TLS Length 70<BR>[peap] Length Included<BR>[peap] eaptls_verify returned 11 <BR>[peap] (other): before/accept initialization <BR>[peap] TLS_accept: before/accept initialization <BR>[peap] <<< TLS 1.0 Handshake [length 0041], ClientHello <BR>[peap] TLS_accept: SSLv3 read client hello A <BR>[peap] >>> TLS 1.0 Handshake [length 002a], ServerHello <BR>[peap] TLS_accept: SSLv3 write server hello A <BR>[peap] >>> TLS 1.0 Handshake [length 06ef], Certificate <BR>[peap] TLS_accept: SSLv3 write certificate A <BR>[peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
<BR>[peap] TLS_accept: SSLv3 write server done A <BR>[peap] TLS_accept: SSLv3 flush data <BR>[peap] TLS_accept: Need to read more data: SSLv3 read client certificate A<BR>In SSL Handshake Phase <BR>In SSL Accept mode <BR>[peap] eaptls_process returned 13 <BR>[peap] EAPTLS_HANDLED<BR>++[eap] returns handled<BR>Sending Access-Challenge of id 102 to 10.12.18.4 port 1812<BR> EAP-Message = <BR> EAP-Message = <BR> EAP-Message = <BR> EAP-Message = <BR> EAP-Message = <BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> State = 0x6ccc7ea76ecf67d3e72180cc6356312d<BR>Finished request 2.<BR>Going to the next request<BR>Waking up in 4.9 seconds.<BR>rad_recv: Access-Request packet from host 10.12.18.4 port 1812, id=103, length=127<BR> NAS-IP-Address = 10.12.18.4<BR> NAS-Port-Type = Async<BR> User-Name =
"TPW5\\administrator"<BR> Service-Type = Framed<BR> Framed-MTU = 1500<BR> Calling-Station-Id = "00-0b-db-0a-ed-eb"<BR> State = 0x6ccc7ea76ecf67d3e72180cc6356312d<BR> EAP-Message = 0x020300061900<BR> Message-Authenticator = 0xf25c9f0d7a0c9a2a5873708bddf1901f<BR>+- entering group authorize {...}<BR>++[preprocess] returns ok<BR>++[chap] returns noop<BR>++[mschap] returns noop<BR>[realmpercent] No '%' in User-Name = "TPW5\administrator", skipping NULL due to config.<BR>++[realmpercent] returns noop<BR>[ntdomain] Looking up realm "TPW5" for User-Name = "TPW5\administrator"<BR>[ntdomain] Found realm "tpw5"<BR>[ntdomain] Adding Stripped-User-Name = "administrator"<BR>[ntdomain] Adding Realm = "tpw5"<BR>[ntdomain] Authentication realm is LOCAL.<BR>++[ntdomain] returns ok<BR>[suffix] Request already proxied. Ignoring.<BR>++[suffix] returns ok<BR>[eap] EAP packet type response id 3 length 6<BR>[eap] Continuing tunnel
setup.<BR>++[eap] returns ok<BR>++[files] returns noop<BR>Found Auth-Type = EAP<BR>+- entering group authenticate {...}<BR>[eap] Request found, released from the list<BR>[eap] EAP/peap<BR>[eap] processing type peap<BR>[peap] processing EAP-TLS<BR>[peap] Received TLS ACK<BR>[peap] ACK handshake fragment handler<BR>[peap] eaptls_verify returned 1 <BR>[peap] eaptls_process returned 13 <BR>[peap] EAPTLS_HANDLED<BR>++[eap] returns handled<BR>Sending Access-Challenge of id 103 to 10.12.18.4 port 1812<BR> EAP-Message = <BR> EAP-Message =<BR> EAP-Message = <BR> EAP-Message = <BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> State = 0x6ccc7ea76fc867d3e72180cc6356312d<BR>Finished request 3.<BR>Going to the next request<BR>Waking up in 4.9 seconds.<BR>rad_recv: Access-Request packet from host 10.12.18.4 port 1812, id=104, length=313<BR> NAS-IP-Address = 10.12.18.4<BR> NAS-Port-Type =
Async<BR> User-Name = "TPW5\\administrator"<BR> Service-Type = Framed<BR> Framed-MTU = 1500<BR> Calling-Station-Id = "00-0b-db-0a-ed-eb"<BR> State = 0x6ccc7ea76fc867d3e72180cc6356312d<BR> EAP-Message = <BR> Message-Authenticator = <BR>+- entering group authorize {...}<BR>++[preprocess] returns ok<BR>++[chap] returns noop<BR>++[mschap] returns noop<BR>[realmpercent] No '%' in User-Name = "TPW5\administrator", skipping NULL due to config.<BR>++[realmpercent] returns noop<BR>[ntdomain] Looking up realm "TPW5" for User-Name = "TPW5\administrator"<BR>[ntdomain] Found realm "tpw5"<BR>[ntdomain] Adding Stripped-User-Name = "administrator"<BR>[ntdomain] Adding Realm = "tpw5"<BR>[ntdomain] Authentication realm is LOCAL.<BR>++[ntdomain] returns ok<BR>[suffix] Request already proxied. Ignoring.<BR>++[suffix] returns ok<BR>[eap] EAP packet type response id 4 length 192<BR>[eap] Continuing tunnel setup.<BR>++[eap] returns
ok<BR>++[files] returns noop<BR>Found Auth-Type = EAP<BR>+- entering group authenticate {...}<BR>[eap] Request found, released from the list<BR>[eap] EAP/peap<BR>[eap] processing type peap<BR>[peap] processing EAP-TLS<BR> TLS Length 182<BR>[peap] Length Included<BR>[peap] eaptls_verify returned 11 <BR>[peap] <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange <BR>[peap] TLS_accept: SSLv3 read client key exchange A <BR>[peap] <<< TLS 1.0 ChangeCipherSpec [length 0001] <BR>[peap] <<< TLS 1.0 Handshake [length 0010], Finished <BR>[peap] TLS_accept: SSLv3 read finished A <BR>[peap] >>> TLS 1.0 ChangeCipherSpec [length 0001] <BR>[peap] TLS_accept: SSLv3 write change cipher spec A <BR>[peap] >>> TLS 1.0 Handshake [length 0010], Finished <BR>[peap] TLS_accept: SSLv3 write finished A
<BR>[peap] TLS_accept: SSLv3 flush data <BR>[peap] (other): SSL negotiation finished successfully <BR>SSL Connection Established <BR>[peap] eaptls_process returned 13 <BR>[peap] EAPTLS_HANDLED<BR>++[eap] returns handled<BR>Sending Access-Challenge of id 104 to 10.12.18.4 port 1812<BR> EAP-Message = 0x0105003119001403010001011603010020a1ba5949221dd59f2e8453311aec9c6c1d2e60cff4a6b017df386d2fa527f2c7<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> State = 0x6ccc7ea768c967d3e72180cc6356312d<BR>Finished request 4.<BR>Going to the next request<BR>Waking up in 4.9 seconds.<BR>rad_recv: Access-Request packet from host 10.12.18.4 port 1812, id=105, length=127<BR> NAS-IP-Address = 10.12.18.4<BR> NAS-Port-Type = Async<BR> User-Name = "TPW5\\administrator"<BR> Service-Type = Framed<BR> Framed-MTU = 1500<BR> Calling-Station-Id =
"00-0b-db-0a-ed-eb"<BR> State = 0x6ccc7ea768c967d3e72180cc6356312d<BR> EAP-Message = 0x020500061900<BR> Message-Authenticator = 0x1de51ad1c24ebe21f7be45e6177e6693<BR>+- entering group authorize {...}<BR>++[preprocess] returns ok<BR>++[chap] returns noop<BR>++[mschap] returns noop<BR>[realmpercent] No '%' in User-Name = "TPW5\administrator", skipping NULL due to config.<BR>++[realmpercent] returns noop<BR>[ntdomain] Looking up realm "TPW5" for User-Name = "TPW5\administrator"<BR>[ntdomain] Found realm "tpw5"<BR>[ntdomain] Adding Stripped-User-Name = "administrator"<BR>[ntdomain] Adding Realm = "tpw5"<BR>[ntdomain] Authentication realm is LOCAL.<BR>++[ntdomain] returns ok<BR>[suffix] Request already proxied. Ignoring.<BR>++[suffix] returns ok<BR>[eap] EAP packet type response id 5 length 6<BR>[eap] Continuing tunnel setup.<BR>++[eap] returns ok<BR>++[files] returns noop<BR>Found Auth-Type = EAP<BR>+- entering group authenticate
{...}<BR>[eap] Request found, released from the list<BR>[eap] EAP/peap<BR>[eap] processing type peap<BR>[peap] processing EAP-TLS<BR>[peap] Received TLS ACK<BR>[peap] ACK handshake is finished<BR>[peap] eaptls_verify returned 3 <BR>[peap] eaptls_process returned 3 <BR>[peap] EAPTLS_SUCCESS<BR>++[eap] returns handled<BR>Sending Access-Challenge of id 105 to 10.12.18.4 port 1812<BR> EAP-Message = 0x0106002019001703010015772e7cc1d5e3d2757502d491ac6a9ecbcb24c165c4<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> State = 0x6ccc7ea769ca67d3e72180cc6356312d<BR>Finished request 5.<BR>Going to the next request<BR>Waking up in 4.9 seconds.<BR>rad_recv: Access-Request packet from host 10.12.18.4 port 1812, id=106, length=167<BR> NAS-IP-Address = 10.12.18.4<BR> NAS-Port-Type = Async<BR> User-Name = "TPW5\\administrator"<BR> Service-Type = Framed<BR> Framed-MTU = 1500<BR> Calling-Station-Id =
"00-0b-db-0a-ed-eb"<BR> State = 0x6ccc7ea769ca67d3e72180cc6356312d<BR> EAP-Message = 0x0206002e190017030100230e1c053c3bcebe8892859e8bbfac2208ed26c7cf5f2f9c25627c2c0115038d12e7392f<BR> Message-Authenticator = 0xdd0722594d8f86b0139a64ac045cc96a<BR>+- entering group authorize {...}<BR>++[preprocess] returns ok<BR>++[chap] returns noop<BR>++[mschap] returns noop<BR>[realmpercent] No '%' in User-Name = "TPW5\administrator", skipping NULL due to config.<BR>++[realmpercent] returns noop<BR>[ntdomain] Looking up realm "TPW5" for User-Name = "TPW5\administrator"<BR>[ntdomain] Found realm "tpw5"<BR>[ntdomain] Adding Stripped-User-Name = "administrator"<BR>[ntdomain] Adding Realm = "tpw5"<BR>[ntdomain] Authentication realm is LOCAL.<BR>++[ntdomain] returns ok<BR>[suffix] Request already proxied. Ignoring.<BR>++[suffix] returns ok<BR>[eap] EAP packet type response id 6 length 46<BR>[eap] Continuing tunnel setup.<BR>++[eap] returns
ok<BR>++[files] returns noop<BR>Found Auth-Type = EAP<BR>+- entering group authenticate {...}<BR>[eap] Request found, released from the list<BR>[eap] EAP/peap<BR>[eap] processing type peap<BR>[peap] processing EAP-TLS<BR>[peap] eaptls_verify returned 7 <BR>[peap] Done initial handshake<BR>[peap] eaptls_process returned 7 <BR>[peap] EAPTLS_OK<BR>[peap] Session established. Decoding tunneled attributes.<BR>[peap] Identity - TPW5\administrator<BR>[peap] Got tunneled request<BR> EAP-Message = 0x0206001701545057355c61646d696e6973747261746f72<BR>server {<BR> PEAP: Got tunneled identity of TPW5\administrator<BR> PEAP: Setting default EAP type for tunneled EAP session.<BR> PEAP: Setting User-Name to TPW5\administrator<BR>Sending tunneled request<BR> EAP-Message = 0x0206001701545057355c61646d696e6973747261746f72<BR> FreeRADIUS-Proxied-To = 127.0.0.1<BR> User-Name = "TPW5\\administrator"<BR> NAS-IP-Address =
10.12.18.4<BR> NAS-Port-Type = Async<BR> Service-Type = Framed<BR> Framed-MTU = 1500<BR> Calling-Station-Id = "00-0b-db-0a-ed-eb"<BR>server {<BR>+- entering group authorize {...}<BR>++[preprocess] returns ok<BR>++[chap] returns noop<BR>++[mschap] returns noop<BR>[realmpercent] No '%' in User-Name = "TPW5\administrator", skipping NULL due to config.<BR>++[realmpercent] returns noop<BR>[ntdomain] Looking up realm "TPW5" for User-Name = "TPW5\administrator"<BR>[ntdomain] Found realm "tpw5"<BR>[ntdomain] Adding Stripped-User-Name = "administrator"<BR>[ntdomain] Adding Realm = "tpw5"<BR>[ntdomain] Authentication realm is LOCAL.<BR>++[ntdomain] returns ok<BR>[suffix] Request already proxied. Ignoring.<BR>++[suffix] returns ok<BR>[eap] EAP packet type response id 6 length 23<BR>[eap] No EAP Start, assuming it's an on-going EAP conversation<BR>++[eap] returns updated<BR>++[files] returns noop<BR>Found Auth-Type = EAP<BR>+-
entering group authenticate {...}<BR>[eap] EAP Identity<BR>[eap] processing type mschapv2<BR>rlm_eap_mschapv2: Issuing Challenge<BR>++[eap] returns handled<BR>} # server <BR>[peap] Got tunneled reply code 11<BR> EAP-Message = 0x0107002c1a010700271094f96e94ba4375f4d745f33741fac11e545057355c61646d696e6973747261746f72<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> State = 0xbd40b48fbd47ae4a573dddc94033f1de<BR>[peap] Got tunneled reply RADIUS code 11<BR> EAP-Message = 0x0107002c1a010700271094f96e94ba4375f4d745f33741fac11e545057355c61646d696e6973747261746f72<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> State = 0xbd40b48fbd47ae4a573dddc94033f1de<BR>[peap] Got tunneled Access-Challenge<BR>++[eap] returns handled<BR>Sending Access-Challenge of id 106 to 10.12.18.4 port 1812<BR> EAP-Message =
0x01070043190017030100387cd98b9fe8e33bc0bc8dbbf8a2f139fd27cc793f0241af4a18afa6962c75c5183a63822faa5bf18b3d9460cf6a05071729ea6565ea039db5<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> State = 0x6ccc7ea76acb67d3e72180cc6356312d<BR>Finished request 6.<BR>Going to the next request<BR>Waking up in 4.9 seconds.<BR>rad_recv: Access-Request packet from host 10.12.18.4 port 1812, id=107, length=221<BR> NAS-IP-Address = 10.12.18.4<BR> NAS-Port-Type = Async<BR> User-Name = "TPW5\\administrator"<BR> Service-Type = Framed<BR> Framed-MTU = 1500<BR> Calling-Station-Id = "00-0b-db-0a-ed-eb"<BR> State = 0x6ccc7ea76acb67d3e72180cc6356312d<BR> EAP-Message = 0x0207006419001703010059f5d5f237a8b1b6a12ce80c36564ceed7ea4b77a2e021c87ab5c01015f679ab43a21c96092d0eb36c944690044e81504bf30d9a0ff0dcd6c5d5a6c036b298245967f69705f3c87d2ca8481b02cf79f3053546eeb7e09a5467ee<BR> Message-Authenticator =
0x80fc39ba54f43c51ba004c1d30942c56<BR>+- entering group authorize {...}<BR>++[preprocess] returns ok<BR>++[chap] returns noop<BR>++[mschap] returns noop<BR>[realmpercent] No '%' in User-Name = "TPW5\administrator", skipping NULL due to config.<BR>++[realmpercent] returns noop<BR>[ntdomain] Looking up realm "TPW5" for User-Name = "TPW5\administrator"<BR>[ntdomain] Found realm "tpw5"<BR>[ntdomain] Adding Stripped-User-Name = "administrator"<BR>[ntdomain] Adding Realm = "tpw5"<BR>[ntdomain] Authentication realm is LOCAL.<BR>++[ntdomain] returns ok<BR>[suffix] Request already proxied. Ignoring.<BR>++[suffix] returns ok<BR>[eap] EAP packet type response id 7 length 100<BR>[eap] Continuing tunnel setup.<BR>++[eap] returns ok<BR>++[files] returns noop<BR>Found Auth-Type = EAP<BR>+- entering group authenticate {...}<BR>[eap] Request found, released from the list<BR>[eap] EAP/peap<BR>[eap] processing type peap<BR>[peap] processing EAP-TLS<BR>[peap]
eaptls_verify returned 7 <BR>[peap] Done initial handshake<BR>[peap] eaptls_process returned 7 <BR>[peap] EAPTLS_OK<BR>[peap] Session established. Decoding tunneled attributes.<BR>[peap] EAP type mschapv2<BR>[peap] Got tunneled request<BR> EAP-Message = 0x0207004d1a020700483182563e83f60fc3886ae6a29eeaa3353c0000000000000000edfe77fdefdc346cfcb795de77c1bfb7e882075da213a53200545057355c61646d696e6973747261746f72<BR>server {<BR> PEAP: Setting User-Name to TPW5\administrator<BR>Sending tunneled request<BR> EAP-Message = 0x0207004d1a020700483182563e83f60fc3886ae6a29eeaa3353c0000000000000000edfe77fdefdc346cfcb795de77c1bfb7e882075da213a53200545057355c61646d696e6973747261746f72<BR> FreeRADIUS-Proxied-To = 127.0.0.1<BR> User-Name = "TPW5\\administrator"<BR> State = 0xbd40b48fbd47ae4a573dddc94033f1de<BR> NAS-IP-Address = 10.12.18.4<BR> NAS-Port-Type = Async<BR> Service-Type = Framed<BR> Framed-MTU =
1500<BR> Calling-Station-Id = "00-0b-db-0a-ed-eb"<BR>server {<BR>+- entering group authorize {...}<BR>++[preprocess] returns ok<BR>++[chap] returns noop<BR>++[mschap] returns noop<BR>[realmpercent] No '%' in User-Name = "TPW5\administrator", skipping NULL due to config.<BR>++[realmpercent] returns noop<BR>[ntdomain] Looking up realm "TPW5" for User-Name = "TPW5\administrator"<BR>[ntdomain] Found realm "tpw5"<BR>[ntdomain] Adding Stripped-User-Name = "administrator"<BR>[ntdomain] Adding Realm = "tpw5"<BR>[ntdomain] Authentication realm is LOCAL.<BR>++[ntdomain] returns ok<BR>[suffix] Request already proxied. Ignoring.<BR>++[suffix] returns ok<BR>[eap] EAP packet type response id 7 length 77<BR>[eap] No EAP Start, assuming it's an on-going EAP conversation<BR>++[eap] returns updated<BR>++[files] returns noop<BR>Found Auth-Type = EAP<BR>+- entering group authenticate {...}<BR>[eap] Request found, released from the list<BR>[eap]
EAP/mschapv2<BR>[eap] processing type mschapv2<BR>[mschapv2] +- entering group MS-CHAP {...}<BR>[mschap] No Cleartext-Password configured. Cannot create LM-Password.<BR>[mschap] No Cleartext-Password configured. Cannot create NT-Password.<BR>[mschap] Told to do MS-CHAPv2 for administrator with NT-Password<BR>[mschap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details<BR>[mschap] expand: --username=%{Stripped-User-Name:-%{User-Name:-%{mschap:User-Name}}} -> --username=administrator<BR>[mschap] mschap2: 94<BR>[mschap] expand: --challenge=%{mschap:Challenge:-00} -> --challenge=c92aee56ea24cca3<BR>[mschap] expand: --nt-response=%{mschap:NT-Response:-00} -> --nt-response=edfe77fdefdc346cfcb795de77c1bfb7e882075da213a532<BR>Exec-Program output: NT_KEY: 0B31E07CE9C3855E7B73F3A94ED21EB5 <BR>Exec-Program-Wait: plaintext: NT_KEY: 0B31E07CE9C3855E7B73F3A94ED21EB5 <BR>Exec-Program:
returned: 0<BR>[mschap] adding MS-CHAPv2 MPPE keys<BR>++[mschap] returns ok<BR>MSCHAP Success <BR>++[eap] returns handled<BR>} # server <BR>[peap] Got tunneled reply code 11<BR> EAP-Message = 0x010800331a0307002e533d30353238303737363038373744463839323931393436433734384142333131334443383345423534<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> State = 0xbd40b48fbc48ae4a573dddc94033f1de<BR>[peap] Got tunneled reply RADIUS code 11<BR> EAP-Message = 0x010800331a0307002e533d30353238303737363038373744463839323931393436433734384142333131334443383345423534<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> State = 0xbd40b48fbc48ae4a573dddc94033f1de<BR>[peap] Got tunneled Access-Challenge<BR>++[eap] returns handled<BR>Sending Access-Challenge of id 107 to 10.12.18.4 port 1812<BR> EAP-Message =
0x0108004a1900170301003fa21a6406b72762e386f075bc1c01d6b83e271b811a3b126616dff52b1befad49d665e40cf12309fcf4c0675abd66826102e54fdfa02f4f5b9dc78fba4be828<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> State = 0x6ccc7ea76bc467d3e72180cc6356312d<BR>Finished request 7.<BR>Going to the next request<BR>Waking up in 4.9 seconds.<BR>rad_recv: Access-Request packet from host 10.12.18.4 port 1812, id=108, length=150<BR> NAS-IP-Address = 10.12.18.4<BR> NAS-Port-Type = Async<BR> User-Name = "TPW5\\administrator"<BR> Service-Type = Framed<BR> Framed-MTU = 1500<BR> Calling-Station-Id = "00-0b-db-0a-ed-eb"<BR> State = 0x6ccc7ea76bc467d3e72180cc6356312d<BR> EAP-Message = 0x0208001d190017030100123215a25025b2f991889e532eab1acc707509<BR> Message-Authenticator = 0x4ad3f4a678eb190c4ba1f842ab5c4b31<BR>+- entering group authorize {...}<BR>++[preprocess] returns ok<BR>++[chap] returns noop<BR>++[mschap]
returns noop<BR>[realmpercent] No '%' in User-Name = "TPW5\administrator", skipping NULL due to config.<BR>++[realmpercent] returns noop<BR>[ntdomain] Looking up realm "TPW5" for User-Name = "TPW5\administrator"<BR>[ntdomain] Found realm "tpw5"<BR>[ntdomain] Adding Stripped-User-Name = "administrator"<BR>[ntdomain] Adding Realm = "tpw5"<BR>[ntdomain] Authentication realm is LOCAL.<BR>++[ntdomain] returns ok<BR>[suffix] Request already proxied. Ignoring.<BR>++[suffix] returns ok<BR>[eap] EAP packet type response id 8 length 29<BR>[eap] Continuing tunnel setup.<BR>++[eap] returns ok<BR>++[files] returns noop<BR>Found Auth-Type = EAP<BR>+- entering group authenticate {...}<BR>[eap] Request found, released from the list<BR>[eap] EAP/peap<BR>[eap] processing type peap<BR>[peap] processing EAP-TLS<BR>[peap] eaptls_verify returned 7 <BR>[peap] Done initial handshake<BR>[peap] eaptls_process returned 7 <BR>[peap] EAPTLS_OK<BR>[peap] Session
established. Decoding tunneled attributes.<BR>[peap] EAP type mschapv2<BR>[peap] Got tunneled request<BR> EAP-Message = 0x020800061a03<BR>server {<BR> PEAP: Setting User-Name to TPW5\administrator<BR>Sending tunneled request<BR> EAP-Message = 0x020800061a03<BR> FreeRADIUS-Proxied-To = 127.0.0.1<BR> User-Name = "TPW5\\administrator"<BR> State = 0xbd40b48fbc48ae4a573dddc94033f1de<BR> NAS-IP-Address = 10.12.18.4<BR> NAS-Port-Type = Async<BR> Service-Type = Framed<BR> Framed-MTU = 1500<BR> Calling-Station-Id = "00-0b-db-0a-ed-eb"<BR>server {<BR>+- entering group authorize {...}<BR>++[preprocess] returns ok<BR>++[chap] returns noop<BR>++[mschap] returns noop<BR>[realmpercent] No '%' in User-Name = "TPW5\administrator", skipping NULL due to config.<BR>++[realmpercent] returns noop<BR>[ntdomain] Looking up realm "TPW5" for User-Name = "TPW5\administrator"<BR>[ntdomain] Found realm
"tpw5"<BR>[ntdomain] Adding Stripped-User-Name = "administrator"<BR>[ntdomain] Adding Realm = "tpw5"<BR>[ntdomain] Authentication realm is LOCAL.<BR>++[ntdomain] returns ok<BR>[suffix] Request already proxied. Ignoring.<BR>++[suffix] returns ok<BR>[eap] EAP packet type response id 8 length 6<BR>[eap] No EAP Start, assuming it's an on-going EAP conversation<BR>++[eap] returns updated<BR>++[files] returns noop<BR>Found Auth-Type = EAP<BR>+- entering group authenticate {...}<BR>[eap] Request found, released from the list<BR>[eap] EAP/mschapv2<BR>[eap] processing type mschapv2<BR>[eap] Freeing handler<BR>++[eap] returns ok<BR>[peap] Got tunneled reply code 2<BR> EAP-Message = 0x03080004<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> User-Name = "administrator"<BR> Session-Timeout := 900<BR> Tunnel-Type:0 := VLAN<BR> Tunnel-Medium-Type:0 := IEEE-802<BR> Tunnel-Private-Group-Id:0 := "100"<BR>[peap]
Got tunneled reply RADIUS code 2<BR> EAP-Message = 0x03080004<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> User-Name = "administrator"<BR> Session-Timeout := 900<BR> Tunnel-Type:0 := VLAN<BR> Tunnel-Medium-Type:0 := IEEE-802<BR> Tunnel-Private-Group-Id:0 := "100"<BR>[peap] Tunneled authentication was successful.<BR>[peap] SUCCESS<BR>[peap] Saving tunneled attributes for later<BR>++[eap] returns handled<BR>Sending Access-Challenge of id 108 to 10.12.18.4 port 1812<BR> EAP-Message = 0x010900261900170301001b80018f7d29f8c5f428c963bc1a2fb0d9eb4a5635fe3dd9ccecdee9<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> State = 0x6ccc7ea764c567d3e72180cc6356312d<BR>Finished request 8.<BR>Going to the next request<BR>Waking up in 4.6 seconds.<BR>rad_recv: Access-Request packet from host 10.12.18.4 port 1812, id=109, length=159<BR> NAS-IP-Address =
10.12.18.4<BR> NAS-Port-Type = Async<BR> User-Name = "TPW5\\administrator"<BR> Service-Type = Framed<BR> Framed-MTU = 1500<BR> Calling-Station-Id = "00-0b-db-0a-ed-eb"<BR> State = 0x6ccc7ea764c567d3e72180cc6356312d<BR> EAP-Message = 0x020900261900170301001b5c1ed2599bd67049afbec5788577faf4dd886681d22bf37c1188f0<BR> Message-Authenticator = 0x86a410ea19f9df8d6d6b7a4bfd926745<BR>+- entering group authorize {...}<BR>++[preprocess] returns ok<BR>++[chap] returns noop<BR>++[mschap] returns noop<BR>[realmpercent] No '%' in User-Name = "TPW5\administrator", skipping NULL due to config.<BR>++[realmpercent] returns noop<BR>[ntdomain] Looking up realm "TPW5" for User-Name = "TPW5\administrator"<BR>[ntdomain] Found realm "tpw5"<BR>[ntdomain] Adding Stripped-User-Name = "administrator"<BR>[ntdomain] Adding Realm = "tpw5"<BR>[ntdomain] Authentication realm is LOCAL.<BR>++[ntdomain] returns ok<BR>[suffix] Request already
proxied. Ignoring.<BR>++[suffix] returns ok<BR>[eap] EAP packet type response id 9 length 38<BR>[eap] Continuing tunnel setup.<BR>++[eap] returns ok<BR>++[files] returns noop<BR>Found Auth-Type = EAP<BR>+- entering group authenticate {...}<BR>[eap] Request found, released from the list<BR>[eap] EAP/peap<BR>[eap] processing type peap<BR>[peap] processing EAP-TLS<BR>[peap] eaptls_verify returned 7 <BR>[peap] Done initial handshake<BR>[peap] eaptls_process returned 7 <BR>[peap] EAPTLS_OK<BR>[peap] Session established. Decoding tunneled attributes.<BR>[peap] Received EAP-TLV response.<BR>[peap] Success<BR>[peap] Using saved attributes from the original Access-Accept<BR>rlm_eap_tls: add_reply failed to create attribute EAP-MSK: Invalid octet string "" for attribute name "EAP-MSK" <BR>rlm_eap_tls: add_reply failed to create attribute EAP-EMSK: Invalid octet string "" for attribute name "EAP-EMSK" <BR>[eap] Freeing handler<BR>++[eap] returns
ok<BR>Sending Access-Accept of id 109 to 10.12.18.4 port 1812<BR> User-Name = "administrator"<BR> MS-MPPE-Recv-Key = 0x829a5f395e0ba2e486cf04409ee945b8d3b68e65b40b207b9117722222d890e2<BR> MS-MPPE-Send-Key = 0x4680664366c2b27dd92f9b94d0d00a289f409040fcfc3d26d4e8500e8bd41cbc<BR> EAP-Message = 0x03090004<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> Session-Timeout := 900<BR> Tunnel-Type:0 := VLAN<BR> Tunnel-Medium-Type:0 := IEEE-802<BR> Tunnel-Private-Group-Id:0 := "100"<BR>Finished request 9.<BR>Going to the next request</DIV>
<DIV style="FONT-SIZE: 12pt; FONT-FAMILY: times new roman, new york, times, serif"><BR> </DIV>
<DIV style="FONT-SIZE: 13px; FONT-FAMILY: arial, helvetica, sans-serif"><FONT face=Tahoma size=2>
<HR SIZE=1>
<B><SPAN style="FONT-WEIGHT: bold">From:</SPAN></B> "tnt@kalik.net" <tnt@kalik.net><BR><B><SPAN style="FONT-WEIGHT: bold">To:</SPAN></B> FreeRadius users mailing list <freeradius-users@lists.freeradius.org><BR><B><SPAN style="FONT-WEIGHT: bold">Sent:</SPAN></B> Wednesday, December 17, 2008 3:06:27 PM<BR><B><SPAN style="FONT-WEIGHT: bold">Subject:</SPAN></B> Re: PEAP with Windows supplicant, Automatically use my windows credentials<BR></FONT><BR>>I've configured a PEAP with the Windows SP3 supplicant with freeradius 2.1.3, and the authentication succeeds when "Automatically use my windows logon name and password (and domain if any)" is unselected, which forces a manual logon. However, when "Automatically use my ..." is selected with the same user name/domain, the authentication fails.<BR><BR>How same is "the same user name/domain"? Post the debug of the good<BR>attempt. Please use radiusd -X. We don't need to see "Wed Dec
17<BR>09:07:24 2008 : Debug:" in front of every line.<BR><BR>Ivan Kalik<BR>Kalik Informatika ISP<BR><BR>-<BR>List info/subscribe/unsubscribe? See <A href="http://www.freeradius.org/list/users.html" target=_blank>http://www.freeradius.org/list/users.html</A><BR></DIV></div><br>
</body></html>