rad_recv: Access-Request packet from host 172.17.254.100 port 1645, id=7, length=157 User-Name = "00a0080806bd" User-Password = "00a0080806bd" Service-Type = Call-Check Framed-MTU = 1500 Called-Station-Id = "00-1D-E5-9C-29-04" Calling-Station-Id = "00-A0-08-08-06-BD" Message-Authenticator = 0x924920ee1dcab0807208fc198544ede8 NAS-Port-Type = Ethernet NAS-Port = 50102 NAS-Port-Id = "FastEthernet1/0/2" NAS-IP-Address = 172.17.254.100 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "00a0080806bd", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns notfound ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop ++- entering policy rewrite_calling_station_id {...} +++? if (request:Calling-Station-Id =~ /00-A0-08-([0-9A-F]{2})-([[0-9A-F]{2})-([[0-9A-F]{2})/i) ? Evaluating (request:Calling-Station-Id =~ /00-A0-08-([0-9A-F]{2})-([[0-9A-F]{2})-([[0-9A-F]{2})/i) -> TRUE +++? if (request:Calling-Station-Id =~ /00-A0-08-([0-9A-F]{2})-([[0-9A-F]{2})-([[0-9A-F]{2})/i) -> TRUE +++- entering if (request:Calling-Station-Id =~ /00-A0-08-([0-9A-F]{2})-([[0-9A-F]{2})-([[0-9A-F]{2})/i) {...} expand: 00a008%{1}%{2}%{3} -> 00a0080806BD ++++[request] returns noop +++- if (request:Calling-Station-Id =~ /00-A0-08-([0-9A-F]{2})-([[0-9A-F]{2})-([[0-9A-F]{2})/i) returns noop +++ ... skipping else for request 26: Preceding "if" was taken ++- policy rewrite_calling_station_id returns noop ++? if ((Service-Type == 'Call-Check') && (User-Name =~ /^%{Calling-Station-ID}$/i)) ?? Evaluating (Service-Type == 'Call-Check') -> TRUE expand: ^%{Calling-Station-ID}$ -> ^00a0080806BD$ ?? Evaluating (User-Name =~ /^%{Calling-Station-ID}$/i) -> TRUE ++? if ((Service-Type == 'Call-Check') && (User-Name =~ /^%{Calling-Station-ID}$/i)) -> TRUE ++- entering if ((Service-Type == 'Call-Check') && (User-Name =~ /^%{Calling-Station-ID}$/i)) {...} +++[control] returns noop ++- if ((Service-Type == 'Call-Check') && (User-Name =~ /^%{Calling-Station-ID}$/i)) returns noop Found Auth-Type = Auth-NHSTB +- entering group Auth-NHSTB {...} ++? if (request:User-Name == "%{request:User-Password}") expand: %{request:User-Password} -> 00a0080806bd ? Evaluating (request:User-Name == "%{request:User-Password}") -> TRUE ++? if (request:User-Name == "%{request:User-Password}") -> TRUE ++- entering if (request:User-Name == "%{request:User-Password}") {...} +++[ok] returns ok ++- if (request:User-Name == "%{request:User-Password}") returns ok ++ ... skipping else for request 26: Preceding "if" was taken Login OK: [00a0080806bd/00a0080806bd] (from client switches port 50102 cli 00a0080806BD) +- entering group post-auth {...} ++[exec] returns noop ++? if (control:Auth-Type == 'Auth-NHSTB') ? Evaluating (control:Auth-Type == 'Auth-NHSTB') -> TRUE ++? if (control:Auth-Type == 'Auth-NHSTB') -> TRUE ++- entering if (control:Auth-Type == 'Auth-NHSTB') {...} +++[reply] returns noop ++- if (control:Auth-Type == 'Auth-NHSTB') returns noop Sending Access-Accept of id 7 to 172.17.254.100 port 1645 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "20" Finished request 26. Going to the next request Waking up in 4.9 seconds.