<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EstiloCorreioElectrnico17
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.EstiloCorreioElectrnico18
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.apple-style-span
{mso-style-name:apple-style-span;}
span.EstiloCorreioElectrnico20
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page Section1
{size:612.0pt 792.0pt;
margin:70.85pt 3.0cm 70.85pt 3.0cm;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=PT link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Hello,<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US><o:p> </o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>I can
authenticate ldap users using the NTRadPing tool without a problem. But I
can’t do it through an Access Point. Can you help me?<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>I have the
AP(D-Link 2100 AP+) configure to WPA-EAP, </span><span class=apple-style-span><span
lang=EN-US style='font-size:10.0pt;font-family:"Arial","sans-serif";color:black'>Cipher
Type=Auto.</span></span><span lang=EN-US><o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>I list the
radius config and debug.<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US><o:p> </o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>…<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>radiusd: ####
Loading Clients ####<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> client
localhost {<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
ipaddr = 127.0.0.1<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
require_message_authenticator = no<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
secret = "testing123"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
nastype = "other"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> }<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> client
172.22.0.21 {<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
ipaddr = 172.22.0.21<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
require_message_authenticator = no<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
secret = "si"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
shortname = "xxxxx"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
nastype = "other"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> }<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> client
AP1-E1 {<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
ipaddr = 192.168.70.70<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
require_message_authenticator = no<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
secret = "si"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
shortname = "AP1-E1"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
nastype = "other"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> }<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>…<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>radiusd: ####
Loading Virtual Servers ####<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>server
inner-tunnel {<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> modules {<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Checking authenticate {...} for more modules to load<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Linked to module rlm_pap<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Instantiating pap<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> pap {<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
encryption_scheme = "auto"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
auto_header = no<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> }<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Linked to module rlm_chap<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Instantiating chap<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Linked to module rlm_mschap<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Instantiating mschap<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> mschap {<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
use_mppe = yes<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
require_encryption = no<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
require_strong = no<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
with_ntdomain_hack = no<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> }<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> …<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Linked to module rlm_eap<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Instantiating eap<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> eap {<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
default_eap_type = "peap"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
timer_expire = 60<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
ignore_unknown_eap_types = no<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
cisco_accounting_username_bug = no<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
max_sessions = 2048<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> }<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Linked to sub-module rlm_eap_md5<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Instantiating eap-md5<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Linked to sub-module rlm_eap_leap<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Instantiating eap-leap<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Linked to sub-module rlm_eap_gtc<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Instantiating eap-gtc<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> gtc
{<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
challenge = "Password: "<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
auth_type = "PAP"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> }<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Linked to sub-module rlm_eap_tls<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Instantiating eap-tls<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> tls
{<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
rsa_key_exchange = no<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
dh_key_exchange = yes<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
rsa_key_length = 512<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
dh_key_length = 512<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
verify_depth = 0<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
pem_file_type = yes<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
private_key_file = "/etc/raddb/certs/server.pem"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
</span>certificate_file = "/etc/raddb/certs/server.pem"<o:p></o:p></p>
<p class=MsoNormal style='text-indent:35.4pt'>
CA_file = "/etc/raddb/certs/ca.pem"<o:p></o:p></p>
<p class=MsoNormal style='text-indent:35.4pt'>
<span lang=EN-US>private_key_password = "whatever"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
dh_file = "/etc/raddb/certs/dh"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
random_file = "/etc/raddb/certs/random"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
fragment_size = 1024<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
include_length = yes<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
check_crl = no<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
cipher_list = "DEFAULT"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
make_cert_command = "/etc/raddb/certs/bootstrap"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
cache {<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
enable = no<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
lifetime = 24<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
max_entries = 255<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
}<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> }<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Linked to sub-module rlm_eap_ttls<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Instantiating eap-ttls<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
ttls {<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
default_eap_type = "md5"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
copy_request_to_tunnel = no<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
use_tunneled_reply = no<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
virtual_server = "inner-tunnel"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
include_length = yes<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> }<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Linked to sub-module rlm_eap_peap<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Instantiating eap-peap<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
peap {<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
default_eap_type = "mschapv2"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
copy_request_to_tunnel = no<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
use_tunneled_reply = no<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
proxy_tunneled_request_as_eap = yes<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
virtual_server = "inner-tunnel"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> }<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Linked to sub-module rlm_eap_mschapv2<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Instantiating eap-mschapv2<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
mschapv2 {<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
with_ntdomain_hack = no<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> }<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> …<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Checking preacct {...} for more modules to load<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Linked to module rlm_acct_unique<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Instantiating acct_unique<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
acct_unique {<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address,
NAS-Port"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> }<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Checking accounting {...} for more modules to load<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Linked to module rlm_detail<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Instantiating detail<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> detail {<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
detailfile =
"/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
header = "%t"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
detailperm = 384<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
dirperm = 493<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
locking = no<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
log_packet_header = no<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> }<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Instantiating attr_filter.accounting_response<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
attr_filter attr_filter.accounting_response {<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
attrsfile = "/etc/raddb/attrs.accounting_response"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
key = "%{User-Name}"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> }<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Checking session {...} for more modules to load<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Checking post-proxy {...} for more modules to load<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> Module:
Checking post-auth {...} for more modules to load<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> } #
modules<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>} # server<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>radiusd: ####
Opening IP addresses and Ports ####<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>listen {<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
type = "auth"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
ipaddr = *<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
port = 0<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>}<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>listen {<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
type = "acct"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
ipaddr = *<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
port = 0<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>}<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>listen {<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
type = "control"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> listen {<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
socket = "/var/run/radiusd/radiusd.sock"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> }<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>}<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Listening on
authentication address * port 1812<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Listening on
accounting address * port 1813<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Listening on
command file /var/run/radiusd/radiusd.sock<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Listening on
proxy address * port 1814<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Ready to process
requests.<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>…<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US><o:p> </o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>rad_recv:
Access-Request packet from host 192.168.70.70 port 1038, id=0, length=201<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
Message-Authenticator = 0x0bad8dc9bc9d09a88d777055e87bc06f<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
Service-Type = Framed-User<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
User-Name = "ldapuser"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
Framed-MTU = 1488<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
Called-Station-Id = "00-22-B0-69-74-74:RadiusServer"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
Calling-Station-Id = "00-1C-BF-63-43-7F"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
NAS-Identifier = "D-Link Access Point"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
NAS-Port-Type = Wireless-802.11<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
Connect-Info = "CONNECT 54Mbps 802.11g"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
EAP-Message = 0x0200000c0139303230313535<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
NAS-IP-Address = 192.168.70.70<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
</span>NAS-Port = 1<o:p></o:p></p>
<p class=MsoNormal style='text-indent:35.4pt'>
NAS-Port-Id = "STA port # 1"<o:p></o:p></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>+- entering
group authorize {...}<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[preprocess]
returns ok<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[chap] returns
noop<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[mschap]
returns noop<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[suffix] No '@'
in User-Name = "ldapuser", looking up realm NULL<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[suffix] No such
realm "NULL"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[suffix]
returns noop<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[eap] EAP packet
type response id 0 length 12<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[eap] No EAP
Start, assuming it's an on-going EAP conversation<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[eap] returns
updated<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[unix] returns
notfound<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[files]
returns noop<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[ldap] performing
user authorization for ldapuser<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[ldap]
expand: %{Stripped-User-Name} -> <o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[ldap]
expand: %{User-Name} -> ldapuser<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[ldap]
expand: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) -> (uid=ldapuser)<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[ldap]
expand: dc=test,dc=test,dc=pt -> dc=test,dc=test,dc=pt<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>rlm_ldap:
ldap_get_conn: Checking Id: 0<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>rlm_ldap:
ldap_get_conn: Got Id: 0<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>rlm_ldap:
attempting LDAP reconnection<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>rlm_ldap:
(re)connect to xxx.xxx.xxx.xxx:389, authentication 0<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>rlm_ldap: bind
as uid=borat,dc=test,dc=test,dc=pt/ldappassword to xxx.xxx.xxx.xxx:389<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>rlm_ldap:
waiting for bind result ...<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>rlm_ldap: Bind
was successful<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>rlm_ldap:
performing search in dc=test,dc=test,dc=pt, with filter (uid=ldapuser)<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[ldap] looking
for check items in directory...<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[ldap] looking
for reply items in directory...<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>WARNING: No
"known good" password was found in LDAP. Are you sure that the
user is configured correctly?<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[ldap] user
ldapuser authorized to use remote access<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>rlm_ldap:
ldap_release_conn: Release Id: 0<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[ldap] returns
ok<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[expiration]
returns noop<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[logintime]
returns noop<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[pap] WARNING!
No "known good" password found for the user. Authentication may
fail because of this.<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[pap] returns
noop<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Found Auth-Type
= EAP<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>+- entering
group authenticate {...}<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[eap] EAP
Identity<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[eap] processing
type tls<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[tls] Initiate<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[tls] Start
returned 1<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[eap] returns
handled<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Sending
Access-Challenge of id 0 to 192.168.70.70 port 1038<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
EAP-Message = 0x010100061920<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
Message-Authenticator = 0x00000000000000000000000000000000<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
State = 0x1f5a0c851f5b15f67ae48d03f8beffe6<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Finished request
0.<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Going to the
next request<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Waking up in 4.9
seconds.<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>rad_recv:
Access-Request packet from host 192.168.70.70 port 1038, id=1, length=490<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
Message-Authenticator = 0xba2e0b898f91a1e37da464dd4a07b311<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
Service-Type = Framed-User<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
User-Name = "ldapuser"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
Framed-MTU = 1488<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
State = 0x1f5a0c851f5b15f67ae48d03f8beffe6<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
Called-Station-Id = "00-22-B0-69-74-74:RadiusServer"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
Calling-Station-Id = "00-1C-BF-63-43-7F"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
NAS-Identifier = "D-Link Access Point"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
NAS-Port-Type = Wireless-802.11<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
Connect-Info = "CONNECT 54Mbps 802.11g"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
</span>EAP-Message =
0x0201011919800000010f160301010a0100010603014b69b17864a990f749baa2f53df13aca45cbccacb1f5bc685e3635514f1e42cb00003800390038003500880087008400160013000a00330032002f009a00990096004500440041000500040015001200090014001100080006000302010000a4002300a0d01907820de47ddfa68661ec44d31e5dd8dacaafdad2c82305e227265d28f850f8a524da4fe4c3b7c860c7de1c52e36def98c4cfb43292159ec293311df317029fc16077541d9238068a112f6e77a2935fa16efacb85cf609cbfff1577c0d2c9e859cee24b718b747fc925802b1e680e86d03e864c6b551b3108afeab659710248cb35aa<o:p></o:p></p>
<p class=MsoNormal style='text-indent:35.4pt'>
EAP-Message = 0x8575d2b42e895e1ec907d7e69d9e7386b69232cfa63df6d12d7da003<o:p></o:p></p>
<p class=MsoNormal style='text-indent:35.4pt'>
NAS-IP-Address = 192.168.70.70<o:p></o:p></p>
<p class=MsoNormal style='text-indent:35.4pt'>
NAS-Port = 1<o:p></o:p></p>
<p class=MsoNormal style='text-indent:35.4pt'>
<span lang=EN-US>NAS-Port-Id = "STA port # 1"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>+- entering
group authorize {...}<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[preprocess]
returns ok<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[chap] returns
noop<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[mschap]
returns noop<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[suffix] No '@'
in User-Name = "ldapuser", looking up realm NULL<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[suffix] No such
realm "NULL"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[suffix]
returns noop<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[eap] EAP packet
type response id 1 length 253<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[eap] Continuing
tunnel setup.<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[eap] returns
ok<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Found Auth-Type
= EAP<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>+- entering
group authenticate {...}<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[eap] Request
found, released from the list<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[eap] EAP/peap<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[eap] processing
type peap<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap]
processing EAP-TLS<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> TLS
Length 271<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap] Length
Included<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap]
eaptls_verify returned 11 <o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap]
(other): before/accept initialization <o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap]
TLS_accept: before/accept initialization <o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap]
<<< TLS 1.0 Handshake [length 010a], ClientHello <o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap]
TLS_accept: SSLv3 read client hello A <o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap]
>>> TLS 1.0 Handshake [length 0030], ServerHello <o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap]
TLS_accept: SSLv3 write server hello A <o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap]
>>> TLS 1.0 Handshake [length 085e], Certificate <o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap]
TLS_accept: SSLv3 write certificate A <o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap]
>>> TLS 1.0 Handshake [length 020d], ServerKeyExchange <o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap]
TLS_accept: SSLv3 write key exchange A <o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap]
>>> TLS 1.0 Handshake [length 0004], ServerHelloDone <o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap]
TLS_accept: SSLv3 write server done A <o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap]
TLS_accept: SSLv3 flush data <o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap]
TLS_accept: Need to read more data: SSLv3 read client certificate A<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>In SSL Handshake
Phase <o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>In SSL Accept
mode <o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap]
eaptls_process returned 13 <o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap]
EAPTLS_HANDLED<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[eap] returns
handled<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Sending
Access-Challenge of id 1 to 192.168.70.70 port 1038<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
</span>EAP-Message =
0x0102040019c000000ab316030100300200002c03014b69affea71157c286b09b1dcb48c1f8c7c3c073d302d7cc8d002c5b4f42e2be00003901000400230000160301085e0b00085a0008570003a6308203a23082028aa003020102020101300d06092a864886f70d0101040500308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574<o:p></o:p></p>
<p class=MsoNormal style='text-indent:35.4pt'>
EAP-Message =
0x686f72697479301e170d3130303230333134343231395a170d3131303230333134343231395a307c310b3009060355040613024652310f300d0603550408130652616469757331153013060355040a130c4578616d706c6520496e632e312330210603550403131a4578616d706c65205365727665722043657274696669636174653120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100b86c5396cfd7e7e922dbb26df4f4b69f25d3714a819fd36762ad32dc140e303d5ba97e0db2e28046c54d3019a5e2759ad37694fbc08b03d2<o:p></o:p></p>
<p class=MsoNormal style='text-indent:35.4pt'>
EAP-Message =
0xed836feeac8a599b268410d77e15160bd5cab44dc763c97898b8bffeba36ae5c14913bf44ced0427f5ee12f2232958d3f2b70a3041c794dd24091ffe85e8f8d4bbb7a787a301a8c1dc902cc95b1dc810e7539a391366deca63ce30c51a889717b865961d1aef3dd308b12431bc8b401d247c8a97e7c968ee6a9652809bcc95cbdab84d1a3fe9968916f7a0115448827b960af7203527b17990519d26ec1cd7a3fa35dee8ddb488a917d27790afc11347f393a272f8a456106a08a3b28f7007e69fafa5a61a693ac30203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d0101040500038201010094945d<o:p></o:p></p>
<p class=MsoNormal style='text-indent:35.4pt'>
EAP-Message =
0x22948e117c5f66d8b5d23a05004dc7141b85059576c06616919c5357136e434b2b1ff34e6ebcc5960d22fff1cfe0456c531603e238de97f9160d792ef10b748ce0b49c01625e24a712ce5f0a2fb284117bbd355bd598b566d07cfe45d21670d5344de9fde5e581862121fa80c957cb6000fa418d958d3b09bda9e05bfa5b0806ea0decb18a2d566906224f3cd04e4fcdacbbeaa8772cba4b3fb165c64a66e3886d006700cd65d0d943f386be08582a020d1f070a9e625e6824500a2810cda4f3ef919f2495b158a67c76a71196c404b794ee6d3cfc9d6c878259d3e6afc5daa28a0e4d6e8ab1ff8a6cebb2397215952dfd4253ea689454bd4294fd2633<o:p></o:p></p>
<p class=MsoNormal style='text-indent:35.4pt'>
<span lang=EN-US>EAP-Message = 0x0004ab308204a73082038fa0<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
Message-Authenticator = 0x00000000000000000000000000000000<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
State = 0x1f5a0c851e5815f67ae48d03f8beffe6<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Finished request
1.<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Going to the
next request<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Waking up in 4.9
seconds.<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US><o:p> </o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>…<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US><o:p> </o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>rad_recv:
Access-Request packet from host 192.168.70.70 port 1038, id=9, length=303<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
Message-Authenticator = 0x40181150ae53bc834616acde8bded5ce<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
Service-Type = Framed-User<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
User-Name = "ldapuser"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
Framed-MTU = 1488<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
State = 0x1f5a0c85175315f67ae48d03f8beffe6<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
Called-Station-Id = "00-22-B0-69-74-74:RadiusServer"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
Calling-Station-Id = "00-1C-BF-63-43-7F"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
NAS-Identifier = "D-Link Access Point"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
NAS-Port-Type = Wireless-802.11<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
Connect-Info = "CONNECT 54Mbps 802.11g"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
</span>EAP-Message = 0x02090060190017030100203740cd6052be3de4a2dae33ed1e4699866af641dee6261f14e9493e21b49db0217030100305406714a1fee8d73edfa87c60a0046641329975a279ecbc1b2ee7dec5e9d60b9bc61efd8b9e8e5304a341f7eee16e533<o:p></o:p></p>
<p class=MsoNormal style='text-indent:35.4pt'>
NAS-IP-Address = 192.168.70.70<o:p></o:p></p>
<p class=MsoNormal style='text-indent:35.4pt'>
NAS-Port = 1<o:p></o:p></p>
<p class=MsoNormal style='text-indent:35.4pt'>
NAS-Port-Id = "STA port # 1"<o:p></o:p></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>+- entering
group authorize {...}<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[preprocess]
returns ok<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[chap] returns
noop<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[mschap]
returns noop<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[suffix] No '@'
in User-Name = "ldapuser", looking up realm NULL<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[suffix] No such
realm "NULL"<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[suffix]
returns noop<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[eap] EAP packet
type response id 9 length 96<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[eap] Continuing
tunnel setup.<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[eap] returns
ok<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Found Auth-Type
= EAP<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>+- entering
group authenticate {...}<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[eap] Request
found, released from the list<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[eap] EAP/peap<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[eap] processing
type peap<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap]
processing EAP-TLS<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap]
eaptls_verify returned 7 <o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap] Done
initial handshake<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap]
eaptls_process returned 7 <o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap] EAPTLS_OK<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap] Session
established. Decoding tunneled attributes.<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap] Received
EAP-TLV response.<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[peap] Had
sent TLV failure. User was rejected earlier in this session.<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[eap] Handler
failed in EAP/peap<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[eap] Failed in
EAP select<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[eap] returns
invalid<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Failed to
authenticate the user.<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Using
Post-Auth-Type Reject<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>+- entering
group REJECT {...}<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>[attr_filter.access_reject]
expand: %{User-Name} -> ldapuser<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US> attr_filter:
Matched entry DEFAULT at line 11<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>++[attr_filter.access_reject]
returns updated<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Delaying reject
of request 9 for 1 seconds<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Going to the
next request<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Waking up in 0.9
seconds.<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Sending delayed
reject for request 9<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Sending
Access-Reject of id 9 to 192.168.70.70 port 1038<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
EAP-Message = 0x04090004<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>
Message-Authenticator = 0x00000000000000000000000000000000<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>Waking up in 3.4
seconds.<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US>
I did cut some debug info, in order to not exceed the max message limit of 100K.<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US>
I think the problem is here:<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US>[eap] processing type md5<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US>rlm_eap_md5: Cleartext-Password is required
for EAP-MD5 authentication<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US>
but in eap.conf is:<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US>eap{<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US>
default_eap_type = peap<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US>
…<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US>
Peap{<o:p></o:p></span></p>
<p class=MsoNormal style='text-indent:35.4pt'><span lang=EN-US>default_eap_type
= mschapv2<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US>}<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US>}<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US>Sorry I’m not familiar enough with
wifi to understand what wrong.<o:p></o:p></span></p>
</div>
</body>
</html>