rad_recv: Access-Request packet from host 172.17.254.100 port 1645, id=29, length=142 User-Name = "test" Service-Type = Framed-User Framed-MTU = 1500 Called-Station-Id = "00-1D-E5-9C-29-03" Calling-Station-Id = "00-11-43-FE-80-19" EAP-Message = 0x020300090174657374 Message-Authenticator = 0x6d38d40f32addc1239116c0991a6b40e NAS-Port-Type = Ethernet NAS-Port = 50101 NAS-Port-Id = "FastEthernet1/0/1" NAS-IP-Address = 172.17.254.100 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "test", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] EAP packet type response id 3 length 9 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated ++[unix] returns notfound [files] users: Matched entry test at line 6 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop [pap] Found existing Auth-Type, not changing it. ++[pap] returns noop Found Auth-Type = EAP +- entering group authenticate {...} [eap] EAP Identity [eap] processing type tls [tls] Initiate [tls] Start returned 1 ++[eap] returns handled Sending Access-Challenge of id 29 to 172.17.254.100 port 1645 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "3" EAP-Message = 0x010400061920 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x69e057e469e44e030a80833e8c6dc6a4 Finished request 0. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 172.17.254.100 port 1645, id=30, length=231 User-Name = "test" Service-Type = Framed-User Framed-MTU = 1500 Called-Station-Id = "00-1D-E5-9C-29-03" Calling-Station-Id = "00-11-43-FE-80-19" EAP-Message = 0x0204005019800000004616030100410100003d03014b2acaf806cbd57534f856da742d43e084ad52703924d31ec69aff4a8b11f0b700001600040005000a000900640062000300060013001200630100 Message-Authenticator = 0x75db52571a40011d55954debaf83354a NAS-Port-Type = Ethernet NAS-Port = 50101 NAS-Port-Id = "FastEthernet1/0/1" State = 0x69e057e469e44e030a80833e8c6dc6a4 NAS-IP-Address = 172.17.254.100 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "test", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] EAP packet type response id 4 length 80 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS TLS Length 70 [peap] Length Included [peap] eaptls_verify returned 11 [peap] (other): before/accept initialization [peap] TLS_accept: before/accept initialization [peap] <<< TLS 1.0 Handshake [length 0041], ClientHello [peap] TLS_accept: SSLv3 read client hello A [peap] >>> TLS 1.0 Handshake [length 002a], ServerHello [peap] TLS_accept: SSLv3 write server hello A [peap] >>> TLS 1.0 Handshake [length 0570], Certificate [peap] TLS_accept: SSLv3 write certificate A [peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone [peap] TLS_accept: SSLv3 write server done A [peap] TLS_accept: SSLv3 flush data [peap] TLS_accept: Need to read more data: SSLv3 read client certificate A In SSL Handshake Phase In SSL Accept mode [peap] eaptls_process returned 13 [peap] EAPTLS_HANDLED ++[eap] returns handled Sending Access-Challenge of id 30 to 172.17.254.100 port 1645 EAP-Message = 0x0105040019c0000005ad160301002a0200002603014b2acbdf71cc39dd71aa70808363ed33ab4a1d6ca365cd94aec8f2b7b0a637a90000040016030105700b00056c00056900027630820272308201dba003020102020102300d06092a864886f70d0101040500305d310b30090603550406130243413110300e06035504081307416c62657274613110300e0603550407130743616c67617279310c300a060355040a130347544b311c301a060355040b13134e6574776f726b20456e67696e656572696e67301e170d3039313231363231343830375a170d3130313231363231343830375a308187310b3009060355040613025553310b3009060355 EAP-Message = 0x040813024e593110300e060355040a13074d617272696f74310e300c060355040b1305486f74656c3121301f060355040313184d617272696f7420576174657266726f6e7420686f74656c3126302406092a864886f70d01090116176e6f5f656d61696c4074657374646f6d61696e2e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100ebade0c361c4de76e7379805d5f0def78a63b90f450063113e87af7cebd53dbfab9eda47be2bf0ccea8a794b1f4ecf7a108a732d8cd4b497b705df4c91c87c0c50314fb37ed98934e3ca0ec5c0f1e55e260665486b453f5ecbb9522a767e4bbdb165caac535a29c95c21b1c9e1 EAP-Message = 0x16f1ec5694635d5aadca7896192141224094d50203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d010104050003818100cc0a61cd0ac682e8724d9b957ad5b59e9b8bffc9e22596c8b7149c73b3091d5eadde2c30472adccedd21ec3c6573b1ff6ba91dfd25d4f22888a7d4441b563071921454154787887b35141f5681bc9864973ebb84a04b2dcaafc2647bfe704d00a6f535259285eff1e4763d16d6b6e80d4ca40401dc2551c971c679eb0315d8ce0002ed308202e930820252a003020102020100300d06092a864886f70d0101040500305d310b30090603550406130243413110300e06035504 EAP-Message = 0x081307416c62657274613110300e0603550407130743616c67617279310c300a060355040a130347544b311c301a060355040b13134e6574776f726b20456e67696e656572696e67301e170d3039313231353138303730385a170d3130313231353138303730385a305d310b30090603550406130243413110300e06035504081307416c62657274613110300e0603550407130743616c67617279310c300a060355040a130347544b311c301a060355040b13134e6574776f726b20456e67696e656572696e6730819f300d06092a864886f70d010101050003818d0030818902818100f1c0706701bf4b6fda38d20709e3c1ade9e688ff04654a61b6 EAP-Message = 0x5f7c59c68725c7b7acbbf015 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x69e057e468e54e030a80833e8c6dc6a4 Finished request 1. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 172.17.254.100 port 1645, id=31, length=157 User-Name = "test" Service-Type = Framed-User Framed-MTU = 1500 Called-Station-Id = "00-1D-E5-9C-29-03" Calling-Station-Id = "00-11-43-FE-80-19" EAP-Message = 0x020500061900 Message-Authenticator = 0xbe0a0c71ee7fd0188bd2a5cd0cb78a41 NAS-Port-Type = Ethernet NAS-Port = 50101 NAS-Port-Id = "FastEthernet1/0/1" State = 0x69e057e468e54e030a80833e8c6dc6a4 NAS-IP-Address = 172.17.254.100 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "test", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] EAP packet type response id 5 length 6 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] Received TLS ACK [peap] ACK handshake fragment handler [peap] eaptls_verify returned 1 [peap] eaptls_process returned 13 [peap] EAPTLS_HANDLED ++[eap] returns handled Sending Access-Challenge of id 31 to 172.17.254.100 port 1645 EAP-Message = 0x010601bd1900a9436986382fbc2402b6a2da0e277bd9320827c29963a21fe04c6aece34cd1392cf9c8f908a7284affb4a78c33cace009effea1c5d3ce2d1ff2ef2564ac8d351ef6ab89a762296a01bb37cacdeb67660138ef664a6abc3d7cef8770203010001a381b83081b5301d0603551d0e041604143e2c207773c8e329da07d1ffba19e56486bfd0a53081850603551d23047e307c80143e2c207773c8e329da07d1ffba19e56486bfd0a5a161a45f305d310b30090603550406130243413110300e06035504081307416c62657274613110300e0603550407130743616c67617279310c300a060355040a130347544b311c301a060355040b1313 EAP-Message = 0x4e6574776f726b20456e67696e656572696e67820100300c0603551d13040530030101ff300d06092a864886f70d0101040500038181008136eb3fa3dd3091a1a2294f5cc7f507947de5a8c08cfa439fe6d7360dc342dd44b0c64f9d39806559435c6fd1d803fe9f4bd7b411323cccdd6347659286dee89bb8e3c31fc8d4b0c61a17289036680d06977ffa54468d53153054572cdefd98ff10d4497cebd88423fbd1a93f8b8e2eadbbedf57000e2618c11c115724d746c16030100040e000000 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x69e057e46be64e030a80833e8c6dc6a4 Finished request 2. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 172.17.254.100 port 1645, id=32, length=343 User-Name = "test" Service-Type = Framed-User Framed-MTU = 1500 Called-Station-Id = "00-1D-E5-9C-29-03" Calling-Station-Id = "00-11-43-FE-80-19" EAP-Message = 0x020600c01980000000b61603010086100000820080e8d0821f4c9ada6b71194b1f5139e7483afd34da2046cf639781f08d3f8d4e39dd3130e21c2c3eff0d1a42162d23f1cc5386a783a6577b57838eeff20a83f4a4683942f234a90924d90dfae849b12f4d95331ca0701ee29e4dd47ffb787d1730263ee0e6bad637d32ed3edad4294894398464656cd287bffc3d533dc18220ea1140301000101160301002076e1a9451e5d9c28eb322580836932c4418d65616a9b616fa6556f6dcea289d6 Message-Authenticator = 0x3e7a69b66576540097661ec8c7633c75 NAS-Port-Type = Ethernet NAS-Port = 50101 NAS-Port-Id = "FastEthernet1/0/1" State = 0x69e057e46be64e030a80833e8c6dc6a4 NAS-IP-Address = 172.17.254.100 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "test", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] EAP packet type response id 6 length 192 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS TLS Length 182 [peap] Length Included [peap] eaptls_verify returned 11 [peap] <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange [peap] TLS_accept: SSLv3 read client key exchange A [peap] <<< TLS 1.0 ChangeCipherSpec [length 0001] [peap] <<< TLS 1.0 Handshake [length 0010], Finished [peap] TLS_accept: SSLv3 read finished A [peap] >>> TLS 1.0 ChangeCipherSpec [length 0001] [peap] TLS_accept: SSLv3 write change cipher spec A [peap] >>> TLS 1.0 Handshake [length 0010], Finished [peap] TLS_accept: SSLv3 write finished A [peap] TLS_accept: SSLv3 flush data [peap] (other): SSL negotiation finished successfully SSL Connection Established [peap] eaptls_process returned 13 [peap] EAPTLS_HANDLED ++[eap] returns handled Sending Access-Challenge of id 32 to 172.17.254.100 port 1645 EAP-Message = 0x01070031190014030100010116030100208f0916cbeb0f864c8b7c79ec483555a663a622eb0e7ba345473ca2bfe3d3df8d Message-Authenticator = 0x00000000000000000000000000000000 State = 0x69e057e46ae74e030a80833e8c6dc6a4 Finished request 3. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 172.17.254.100 port 1645, id=33, length=157 User-Name = "test" Service-Type = Framed-User Framed-MTU = 1500 Called-Station-Id = "00-1D-E5-9C-29-03" Calling-Station-Id = "00-11-43-FE-80-19" EAP-Message = 0x020700061900 Message-Authenticator = 0x4231e4ec874c73f5be84c2c2edc3e089 NAS-Port-Type = Ethernet NAS-Port = 50101 NAS-Port-Id = "FastEthernet1/0/1" State = 0x69e057e46ae74e030a80833e8c6dc6a4 NAS-IP-Address = 172.17.254.100 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "test", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] EAP packet type response id 7 length 6 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] Received TLS ACK [peap] ACK handshake is finished [peap] eaptls_verify returned 3 [peap] eaptls_process returned 3 [peap] EAPTLS_SUCCESS ++[eap] returns handled Sending Access-Challenge of id 33 to 172.17.254.100 port 1645 EAP-Message = 0x01080020190017030100158b623ac8797d6ed33cd4a46bddda53dda572d1e759 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x69e057e46de84e030a80833e8c6dc6a4 Finished request 4. Going to the next request Waking up in 4.8 seconds. rad_recv: Access-Request packet from host 172.17.254.100 port 1645, id=34, length=183 User-Name = "test" Service-Type = Framed-User Framed-MTU = 1500 Called-Station-Id = "00-1D-E5-9C-29-03" Calling-Station-Id = "00-11-43-FE-80-19" EAP-Message = 0x02080020190017030100157e901830997f56d619e00730d8234e3e798bc8bf77 Message-Authenticator = 0x39337dd3673708f8fafa970a1414e065 NAS-Port-Type = Ethernet NAS-Port = 50101 NAS-Port-Id = "FastEthernet1/0/1" State = 0x69e057e46de84e030a80833e8c6dc6a4 NAS-IP-Address = 172.17.254.100 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "test", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] EAP packet type response id 8 length 32 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] eaptls_verify returned 7 [peap] Done initial handshake [peap] eaptls_process returned 7 [peap] EAPTLS_OK [peap] Session established. Decoding tunneled attributes. [peap] Identity - test [peap] Got tunneled request EAP-Message = 0x020800090174657374 server { PEAP: Got tunneled identity of test PEAP: Setting default EAP type for tunneled EAP session. PEAP: Setting User-Name to test Sending tunneled request EAP-Message = 0x020800090174657374 FreeRADIUS-Proxied-To = 127.0.0.1 User-Name = "test" server inner-tunnel { +- entering group authorize {...} ++[chap] returns noop ++[mschap] returns noop ++[unix] returns notfound [suffix] No '@' in User-Name = "test", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop ++[control] returns noop [eap] EAP packet type response id 8 length 9 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated [files] users: Matched entry test at line 6 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop [pap] Found existing Auth-Type, not changing it. ++[pap] returns noop Found Auth-Type = EAP +- entering group authenticate {...} [eap] EAP Identity [eap] processing type mschapv2 rlm_eap_mschapv2: Issuing Challenge ++[eap] returns handled } # server inner-tunnel [peap] Got tunneled reply code 11 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "3" EAP-Message = 0x0109001e1a0109001910222045ba2b0389adae0946a257b8e29274657374 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xae7cf630ae75eced59feb9bbe70ff171 [peap] Got tunneled reply RADIUS code 11 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "3" EAP-Message = 0x0109001e1a0109001910222045ba2b0389adae0946a257b8e29274657374 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xae7cf630ae75eced59feb9bbe70ff171 [peap] Got tunneled Access-Challenge ++[eap] returns handled Sending Access-Challenge of id 34 to 172.17.254.100 port 1645 EAP-Message = 0x010900351900170301002a350d15b8ad571aaa5e57e3f28699f18d9589094daaeaa7da2e360bf4dce9bc5bba8ec617715e53a379ab Message-Authenticator = 0x00000000000000000000000000000000 State = 0x69e057e46ce94e030a80833e8c6dc6a4 Finished request 5. Going to the next request Waking up in 4.8 seconds. rad_recv: Access-Request packet from host 172.17.254.100 port 1645, id=35, length=237 User-Name = "test" Service-Type = Framed-User Framed-MTU = 1500 Called-Station-Id = "00-1D-E5-9C-29-03" Calling-Station-Id = "00-11-43-FE-80-19" EAP-Message = 0x020900561900170301004b01854621ce21136b6c696f8c24e198a42ec6bcb114d0f976c7e6193846360f1da9e4f7854531ce4e815fd114e3d7e64e4ee3755ee927545711e115c926015ddf7bbfa69298fda352715cfb Message-Authenticator = 0xf919f5f576d82505039488e5ad77b052 NAS-Port-Type = Ethernet NAS-Port = 50101 NAS-Port-Id = "FastEthernet1/0/1" State = 0x69e057e46ce94e030a80833e8c6dc6a4 NAS-IP-Address = 172.17.254.100 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "test", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] EAP packet type response id 9 length 86 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] eaptls_verify returned 7 [peap] Done initial handshake [peap] eaptls_process returned 7 [peap] EAPTLS_OK [peap] Session established. Decoding tunneled attributes. [peap] EAP type mschapv2 [peap] Got tunneled request EAP-Message = 0x0209003f1a0209003a316afdaed1265381b3ced0bd71c0cb7aa800000000000000007d5996cb23cc201680a72c8bd6ebb40e600272d2a30b40cb0074657374 server { PEAP: Setting User-Name to test Sending tunneled request EAP-Message = 0x0209003f1a0209003a316afdaed1265381b3ced0bd71c0cb7aa800000000000000007d5996cb23cc201680a72c8bd6ebb40e600272d2a30b40cb0074657374 FreeRADIUS-Proxied-To = 127.0.0.1 User-Name = "test" State = 0xae7cf630ae75eced59feb9bbe70ff171 server inner-tunnel { +- entering group authorize {...} ++[chap] returns noop ++[mschap] returns noop ++[unix] returns notfound [suffix] No '@' in User-Name = "test", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop ++[control] returns noop [eap] EAP packet type response id 9 length 63 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated [files] users: Matched entry test at line 6 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop [pap] Found existing Auth-Type, not changing it. ++[pap] returns noop Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/mschapv2 [eap] processing type mschapv2 [mschapv2] +- entering group MS-CHAP {...} [mschap] Told to do MS-CHAPv2 for test with NT-Password [mschap] adding MS-CHAPv2 MPPE keys ++[mschap] returns ok MSCHAP Success ++[eap] returns handled } # server inner-tunnel [peap] Got tunneled reply code 11 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "3" EAP-Message = 0x010a00331a0309002e533d37363638313441424338353037444143384142414437383345333642463945413235423142464143 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xae7cf630af76eced59feb9bbe70ff171 [peap] Got tunneled reply RADIUS code 11 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "3" EAP-Message = 0x010a00331a0309002e533d37363638313441424338353037444143384142414437383345333642463945413235423142464143 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xae7cf630af76eced59feb9bbe70ff171 [peap] Got tunneled Access-Challenge ++[eap] returns handled Sending Access-Challenge of id 35 to 172.17.254.100 port 1645 EAP-Message = 0x010a004a1900170301003f954a4e1332716f91e823bb0a47d975dece57060c15ae260ddd96121724b630cf42cc7010137f319625ee0268136a453f6f8403c7ba3b593d814f27074df1d1 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x69e057e46fea4e030a80833e8c6dc6a4 Finished request 6. Going to the next request Waking up in 4.8 seconds. rad_recv: Access-Request packet from host 172.17.254.100 port 1645, id=36, length=180 User-Name = "test" Service-Type = Framed-User Framed-MTU = 1500 Called-Station-Id = "00-1D-E5-9C-29-03" Calling-Station-Id = "00-11-43-FE-80-19" EAP-Message = 0x020a001d19001703010012cc18d66619dbaf6cba9710d7b5898b7abfb5 Message-Authenticator = 0x0e8d96e871dfe35aeebf714ee3bf3043 NAS-Port-Type = Ethernet NAS-Port = 50101 NAS-Port-Id = "FastEthernet1/0/1" State = 0x69e057e46fea4e030a80833e8c6dc6a4 NAS-IP-Address = 172.17.254.100 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "test", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] EAP packet type response id 10 length 29 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] eaptls_verify returned 7 [peap] Done initial handshake [peap] eaptls_process returned 7 [peap] EAPTLS_OK [peap] Session established. Decoding tunneled attributes. [peap] EAP type mschapv2 [peap] Got tunneled request EAP-Message = 0x020a00061a03 server { PEAP: Setting User-Name to test Sending tunneled request EAP-Message = 0x020a00061a03 FreeRADIUS-Proxied-To = 127.0.0.1 User-Name = "test" State = 0xae7cf630af76eced59feb9bbe70ff171 server inner-tunnel { +- entering group authorize {...} ++[chap] returns noop ++[mschap] returns noop ++[unix] returns notfound [suffix] No '@' in User-Name = "test", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop ++[control] returns noop [eap] EAP packet type response id 10 length 6 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated [files] users: Matched entry test at line 6 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop [pap] Found existing Auth-Type, not changing it. ++[pap] returns noop Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/mschapv2 [eap] processing type mschapv2 [eap] Freeing handler ++[eap] returns ok Login OK: [test/] (from client switches port 0 via TLS tunnel) } # server inner-tunnel [peap] Got tunneled reply code 2 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "3" EAP-Message = 0x030a0004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = "test" [peap] Got tunneled reply RADIUS code 2 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "3" EAP-Message = 0x030a0004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = "test" [peap] Tunneled authentication was successful. [peap] SUCCESS ++[eap] returns handled Sending Access-Challenge of id 36 to 172.17.254.100 port 1645 EAP-Message = 0x010b00261900170301001b16e3903fc42e9ce3cee16bebef8849ac8eb75dc419b1c22aedd9d0 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x69e057e46eeb4e030a80833e8c6dc6a4 Finished request 7. Going to the next request Waking up in 4.8 seconds. rad_recv: Access-Request packet from host 172.17.254.100 port 1645, id=37, length=189 User-Name = "test" Service-Type = Framed-User Framed-MTU = 1500 Called-Station-Id = "00-1D-E5-9C-29-03" Calling-Station-Id = "00-11-43-FE-80-19" EAP-Message = 0x020b00261900170301001bf14f4a5c74fd955b47953d4b544b14f07981ca63f66b1619b3367e Message-Authenticator = 0x3b6e19a5a0d8f41b70840287196b052d NAS-Port-Type = Ethernet NAS-Port = 50101 NAS-Port-Id = "FastEthernet1/0/1" State = 0x69e057e46eeb4e030a80833e8c6dc6a4 NAS-IP-Address = 172.17.254.100 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "test", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] EAP packet type response id 11 length 38 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] eaptls_verify returned 7 [peap] Done initial handshake [peap] eaptls_process returned 7 [peap] EAPTLS_OK [peap] Session established. Decoding tunneled attributes. [peap] Received EAP-TLV response. [peap] Success [eap] Freeing handler ++[eap] returns ok Login OK: [test/] (from client switches port 50101 cli 00-11-43-FE-80-19) +- entering group post-auth {...} ++[exec] returns noop Sending Access-Accept of id 37 to 172.17.254.100 port 1645 MS-MPPE-Recv-Key = 0xe7622635b65a4e733b9e7525c9153a0283facbb9f0a8bcdd74e009e4a37e331c MS-MPPE-Send-Key = 0x969a55d536f4129b72d6c051dcd511c2fe1b09353bb7e342cc800cda088a5409 EAP-Message = 0x030b0004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = "test" Finished request 8. Going to the next request Waking up in 4.8 seconds. rad_recv: Accounting-Request packet from host 172.17.254.100 port 1646, id=153, length=135 Acct-Session-Id = "0000009F" User-Name = "test" Acct-Authentic = RADIUS Acct-Status-Type = Start NAS-Port-Type = Ethernet NAS-Port = 50101 NAS-Port-Id = "FastEthernet1/0/1" Called-Station-Id = "00-1D-E5-9C-29-03" Calling-Station-Id = "00-11-43-FE-80-19" Service-Type = Framed-User NAS-IP-Address = 172.17.254.100 Acct-Delay-Time = 0 +- entering group preacct {...} ++[preprocess] returns ok [acct_unique] Hashing 'NAS-Port = 50101,Client-IP-Address = 172.17.254.100,NAS-IP-Address = 172.17.254.100,Acct-Session-Id = "0000009F",User-Name = "test"' [acct_unique] Acct-Unique-Session-ID = "018c8e2090ec7b2f". ++[acct_unique] returns ok [suffix] No '@' in User-Name = "test", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop ++[files] returns noop +- entering group accounting {...} [detail] expand: /var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d -> /var/log/radius/radacct/172.17.254.100/detail-20091217 [detail] /var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands to /var/log/radius/radacct/172.17.254.100/detail-20091217 [detail] expand: %t -> Thu Dec 17 17:25:04 2009 ++[detail] returns ok ++[unix] returns ok [radutmp] expand: /var/log/radius/radutmp -> /var/log/radius/radutmp [radutmp] expand: %{User-Name} -> test ++[radutmp] returns ok [attr_filter.accounting_response] expand: %{User-Name} -> test attr_filter: Matched entry DEFAULT at line 12 ++[attr_filter.accounting_response] returns updated Sending Accounting-Response of id 153 to 172.17.254.100 port 1646 Finished request 9. Cleaning up request 9 ID 153 with timestamp +173 Going to the next request Waking up in 3.7 seconds. Cleaning up request 0 ID 29 with timestamp +172 Cleaning up request 1 ID 30 with timestamp +172 Cleaning up request 2 ID 31 with timestamp +172 Cleaning up request 3 ID 32 with timestamp +172 Cleaning up request 4 ID 33 with timestamp +172 Cleaning up request 5 ID 34 with timestamp +172 Cleaning up request 6 ID 35 with timestamp +172 Cleaning up request 7 ID 36 with timestamp +172 Cleaning up request 8 ID 37 with timestamp +172 Ready to process requests.