Here is the debug when I try to connect to the wireless network with freeradius2.<br><br>rad_recv: Access-Request packet from host 10.96.100.205 port 1095, id=0, length=127<br> User-Name = "rrperez"<br> NAS-IP-Address = 10.96.100.205<br>
Called-Station-Id = "0014bf8abbc5"<br> Calling-Station-Id = "0016e3cdc0a3"<br> NAS-Identifier = "0014bf8abbc5"<br> NAS-Port = 46<br> Framed-MTU = 1400<br> NAS-Port-Type = Wireless-802.11<br>
EAP-Message = 0x0201000c017272706572657a<br> Message-Authenticator = 0x4f2ba1b95873a9bf8b13863f1ce6d52f<br>+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>
[suffix] No '@' in User-Name = "rrperez", looking up realm NULL<br>[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] EAP packet type response id 1 length 12<br>[eap] No EAP Start, assuming it's an on-going EAP conversation<br>
++[eap] returns updated<br>++[unix] returns notfound<br>[files] users: Matched entry rrperez at line 93<br>++[files] returns ok<br>[ldap] performing user authorization for rrperez<br>[ldap] expand: %{Stripped-User-Name} -> <br>
[ldap] expand: %{User-Name} -> rrperez<br>[ldap] expand: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) -> (uid=rrperez)<br>[ldap] expand: dc=testldap1,dc=test,dc=corpoff -> dc=testldap1,dc=test,dc=corpoff<br>rlm_ldap: ldap_get_conn: Checking Id: 0<br>
rlm_ldap: ldap_get_conn: Got Id: 0<br>rlm_ldap: performing search in dc=testldap1,dc=test,dc=corpoff, with filter (uid=rrperez)<br>[ldap] looking for check items in directory...<br>rlm_ldap: userpassword -> Cleartext-Password == "p@ssw0rd"<br>
rlm_ldap: userPassword -> User-Password == "p@ssw0rd"<br>[ldap] looking for reply items in directory...<br>[ldap] user rrperez authorized to use remote access<br>rlm_ldap: ldap_release_conn: Release Id: 0<br>
++[ldap] returns ok<br>++[expiration] returns noop<br>++[logintime] returns noop<br>[pap] Found existing Auth-Type, not changing it.<br>++[pap] returns noop<br>Found Auth-Type = EAP<br>+- entering group authenticate {...}<br>
[eap] EAP Identity<br>[eap] processing type md5<br>rlm_eap_md5: Issuing Challenge<br>++[eap] returns handled<br>Sending Access-Challenge of id 0 to 10.96.100.205 port 1095<br> EAP-Message = 0x010200160410b26f8606d20313bfb074702fb88c12dc<br>
Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0x472a339647283709d04328c11ec504b2<br>Finished request 2.<br>Going to the next request<br>Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 10.96.100.205 port 1097, id=0, length=139<br>
User-Name = "rrperez"<br> NAS-IP-Address = 10.96.100.205<br> Called-Station-Id = "0014bf8abbc5"<br> Calling-Station-Id = "0016e3cdc0a3"<br> NAS-Identifier = "0014bf8abbc5"<br>
NAS-Port = 46<br> Framed-MTU = 1400<br> State = 0x472a339647283709d04328c11ec504b2<br> NAS-Port-Type = Wireless-802.11<br> EAP-Message = 0x020200060319<br> Message-Authenticator = 0x2d96e463cb33f53668e660cc806f5396<br>
+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>[suffix] No '@' in User-Name = "rrperez", looking up realm NULL<br>[suffix] No such realm "NULL"<br>
++[suffix] returns noop<br>[eap] EAP packet type response id 2 length 6<br>[eap] No EAP Start, assuming it's an on-going EAP conversation<br>++[eap] returns updated<br>++[unix] returns notfound<br>[files] users: Matched entry rrperez at line 93<br>
++[files] returns ok<br>[ldap] performing user authorization for rrperez<br>[ldap] expand: %{Stripped-User-Name} -> <br>[ldap] expand: %{User-Name} -> rrperez<br>[ldap] expand: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) -> (uid=rrperez)<br>
[ldap] expand: dc=testldap1,dc=test,dc=corpoff -> dc=testldap1,dc=test,dc=corpoff<br>rlm_ldap: ldap_get_conn: Checking Id: 0<br>rlm_ldap: ldap_get_conn: Got Id: 0<br>rlm_ldap: performing search in dc=testldap1,dc=test,dc=corpoff, with filter (uid=rrperez)<br>
[ldap] looking for check items in directory...<br>rlm_ldap: userpassword -> Cleartext-Password == "p@ssw0rd"<br>rlm_ldap: userPassword -> User-Password == "p@ssw0rd"<br>[ldap] looking for reply items in directory...<br>
[ldap] user rrperez authorized to use remote access<br>rlm_ldap: ldap_release_conn: Release Id: 0<br>++[ldap] returns ok<br>++[expiration] returns noop<br>++[logintime] returns noop<br>[pap] Found existing Auth-Type, not changing it.<br>
++[pap] returns noop<br>Found Auth-Type = EAP<br>+- entering group authenticate {...}<br>[eap] Request found, released from the list<br>[eap] EAP NAK<br>[eap] EAP-NAK asked for EAP-Type/peap<br>[eap] processing type tls<br>
[tls] Initiate<br>[tls] Start returned 1<br>++[eap] returns handled<br>Sending Access-Challenge of id 0 to 10.96.100.205 port 1097<br> EAP-Message = 0x010300061920<br> Message-Authenticator = 0x00000000000000000000000000000000<br>
State = 0x472a339646292a09d04328c11ec504b2<br>Finished request 3.<br>Going to the next request<br>Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 10.96.100.205 port 1099, id=0, length=251<br>
User-Name = "rrperez"<br> NAS-IP-Address = 10.96.100.205<br> Called-Station-Id = "0014bf8abbc5"<br> Calling-Station-Id = "0016e3cdc0a3"<br> NAS-Identifier = "0014bf8abbc5"<br>
NAS-Port = 46<br> Framed-MTU = 1400<br> State = 0x472a339646292a09d04328c11ec504b2<br> NAS-Port-Type = Wireless-802.11<br> EAP-Message = 0x0203007619800000006c16030100670100006303014c60485419960635d1ade97d45e42d310da2c1bd2228f6a268e4c8d2725deccc000018002f00350005000ac009c00ac013c0140032003800130004010000220000000c000a0000077272706572657a000a00080006001700180019000b00020100<br>
Message-Authenticator = 0xfb781696d1e2b68de3ca4be44368e6ba<br>+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>[suffix] No '@' in User-Name = "rrperez", looking up realm NULL<br>
[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] EAP packet type response id 3 length 118<br>[eap] Continuing tunnel setup.<br>++[eap] returns ok<br>Found Auth-Type = EAP<br>+- entering group authenticate {...}<br>
[eap] Request found, released from the list<br>[eap] EAP/peap<br>[eap] processing type peap<br>[peap] processing EAP-TLS<br> TLS Length 108<br>[peap] Length Included<br>[peap] eaptls_verify returned 11 <br>[peap] (other): before/accept initialization <br>
[peap] TLS_accept: before/accept initialization <br>[peap] <<< TLS 1.0 Handshake [length 0067], ClientHello <br>[peap] TLS_accept: SSLv3 read client hello A <br>[peap] >>> TLS 1.0 Handshake [length 002a], ServerHello <br>
[peap] TLS_accept: SSLv3 write server hello A <br>[peap] >>> TLS 1.0 Handshake [length 0847], Certificate <br>[peap] TLS_accept: SSLv3 write certificate A <br>[peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone <br>
[peap] TLS_accept: SSLv3 write server done A <br>[peap] TLS_accept: SSLv3 flush data <br>[peap] TLS_accept: Need to read more data: SSLv3 read client certificate A<br>In SSL Handshake Phase <br>In SSL Accept mode <br>
[peap] eaptls_process returned 13 <br>[peap] EAPTLS_HANDLED<br>++[eap] returns handled<br>Sending Access-Challenge of id 0 to 10.96.100.205 port 1099<br> EAP-Message = 0x0104040019c000000884160301002a0200002603014c5ef69f90cc66244e85fa9ea030af56c83a42baaf970ef5afd98d6a5c23a1af00002f0016030108470b00084300084000039e3082039a30820282a003020102020101300d06092a864886f70d010104050030818e310b3009060355040613025048310f300d060355040813064d616e696c61310e300c0603550407130550617361793111300f060355040a1308534d205072696d653123302106092a864886f70d0109011614706572657a2e32726f6e40676d61696c2e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479301e170d31<br>
EAP-Message = 0x30303830353231343433315a170d3131303830353231343433315a3079310b3009060355040613025048310f300d060355040813064d616e696c613111300f060355040a1308534d205072696d65312330210603550403131a4578616d706c65205365727665722043657274696669636174653121301f06092a864886f70d01090116127272706572657a406170632e6564752e706830820122300d06092a864886f70d01010105000382010f003082010a0282010100c6e7ab6d35efefbf0f386233076f46ad36cbbd54ddc07f0488bee8c4db14c0fe37a0ea6818d01ebbd3b409769818e4036bfc962238f8475d6583da6ac2512363845f5fb04d9d<br>
EAP-Message = 0xbd5b53e9c2ef6647a4b8dd02daceb3066d9a9ae26cd11a8300b9d53c043f09b33b53354bdbcf6ce4d0b1a8e4770eb537f583c6ebce6487ffa1dc2b1c4cc541aa04e98fae7a73336ee461bdbdc0909080852e47fc49b64b146ad18cbafaf350647f19758c5e781d6bd8882f6d8e136f87b1f3e013342b79c05deef124b9c800c2461cb265ae547aa5c299facd146c391c91abcd5e0f03aac4cba67d9b5a86ff440e52850806b7c9b7f45ba4f4bcecb86bb5bb5f9dba3453e974fb0203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d010104050003820101004aac0765701c5185080a5fb6e5363b88b5<br>
EAP-Message = 0xc7390b7836e78f8547c84ee349ca8b9d6a71e78cdf38ed81af871098700b1c03aa6970cd9a14107ec7aa9f4a84409a359a2c87c5eb09cca8b35d7c55ac7f2ee3db355438c00c50a5a0c96e5b6b850db681772588de4ca7035e033fa00f2c6091b1fbbdc232bc4374b1e653d08a9bdc91f5bdedc1f21ab134093737c8972f0ddd6c53bb535ba2808f59563caddf2c14f684f1856e78a49f8e6009495f1ec9115fc41f5fe3786444758c65121b714422aef588fa496d876beade61319aa7c4812908f4aeb34a13692a725fd11a5cd9a065daca5c078bf289686c7038c6e77fb9410b320bd5a62d7e3994d4353531cf7b00049c3082049830820380a00302<br>
EAP-Message = 0x0102020900e6d6f0b5c23c70<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0x472a3396452e2a09d04328c11ec504b2<br>Finished request 4.<br>Going to the next request<br>
Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 10.96.100.205 port 1101, id=0, length=139<br> User-Name = "rrperez"<br> NAS-IP-Address = 10.96.100.205<br> Called-Station-Id = "0014bf8abbc5"<br>
Calling-Station-Id = "0016e3cdc0a3"<br> NAS-Identifier = "0014bf8abbc5"<br> NAS-Port = 46<br> Framed-MTU = 1400<br> State = 0x472a3396452e2a09d04328c11ec504b2<br> NAS-Port-Type = Wireless-802.11<br>
EAP-Message = 0x020400061900<br> Message-Authenticator = 0x2e5b1abd57419deda1b17bc06072af82<br>+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>
[suffix] No '@' in User-Name = "rrperez", looking up realm NULL<br>[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] EAP packet type response id 4 length 6<br>[eap] Continuing tunnel setup.<br>
++[eap] returns ok<br>Found Auth-Type = EAP<br>+- entering group authenticate {...}<br>[eap] Request found, released from the list<br>[eap] EAP/peap<br>[eap] processing type peap<br>[peap] processing EAP-TLS<br>[peap] Received TLS ACK<br>
[peap] ACK handshake fragment handler<br>[peap] eaptls_verify returned 1 <br>[peap] eaptls_process returned 13 <br>[peap] EAPTLS_HANDLED<br>++[eap] returns handled<br>Sending Access-Challenge of id 0 to 10.96.100.205 port 1101<br>
EAP-Message = 0x010503fc1940a5300d06092a864886f70d010105050030818e310b3009060355040613025048310f300d060355040813064d616e696c61310e300c0603550407130550617361793111300f060355040a1308534d205072696d653123302106092a864886f70d0109011614706572657a2e32726f6e40676d61696c2e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479301e170d3130303830353231343433315a170d3131303830353231343433315a30818e310b3009060355040613025048310f300d060355040813064d616e696c61310e300c0603550407130550617361793111300f06<br>
EAP-Message = 0x0355040a1308534d205072696d653123302106092a864886f70d0109011614706572657a2e32726f6e40676d61696c2e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f7269747930820122300d06092a864886f70d01010105000382010f003082010a0282010100c377b277cfce89da192b6975f0e2c6f2860fd64da3fd80309a1ea8bb2ef91fa0d004899dfb920f5bd5bba909cc537b86d0ac729985a36c6c7bb562a02aeb6cbbadbd25c73240631e24c7bc66d8bcc423848426c6094bebdca51e781a251f99361eb4885aaa88541eabb41ccf08250ccfa82eb3f18b3ba6025f53e1994f0e9a5f81<br>
EAP-Message = 0x96ab436778d1b5b28ffa1d177836b9584f8228ae3f38eb1b255e5ecc9ffdb5fd5f41ed8f88d07fb1865be3b978d27fd8f5de8a5f66814c415f2f81948713e5475d61ff81076a6c12afd11a2b4efb8114e2dee083866a63775065a83aecaa60f96d32d41db2651e6523d1dda4968768503b77957ed302e70148af04bea6b33d0203010001a381f63081f3301d0603551d0e04160414eb114a719ea71a316c157f42cb959cbe3d7ad1453081c30603551d230481bb3081b88014eb114a719ea71a316c157f42cb959cbe3d7ad145a18194a4819130818e310b3009060355040613025048310f300d060355040813064d616e696c61310e300c0603550407<br>
EAP-Message = 0x130550617361793111300f060355040a1308534d205072696d653123302106092a864886f70d0109011614706572657a2e32726f6e40676d61696c2e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479820900e6d6f0b5c23c70a5300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100560f8590dfda5419fd715a32a3c02c7dfea64b4f7ab3f1d76173a6206a9919d372f97837051eba6b10fa29e2f813863875f2f260ce5e7935ddc4267fb7b6230d9c2b4cdaaf825e25b4910d895ed0355c1860eb0cb62961ee54228efe26aa5315820139132002a30d07<br>
EAP-Message = 0xbd4b27e772945483<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0x472a3396442f2a09d04328c11ec504b2<br>Finished request 5.<br>Going to the next request<br>Waking up in 4.8 seconds.<br>
rad_recv: Access-Request packet from host 10.96.100.205 port 1103, id=0, length=139<br> User-Name = "rrperez"<br> NAS-IP-Address = 10.96.100.205<br> Called-Station-Id = "0014bf8abbc5"<br>
Calling-Station-Id = "0016e3cdc0a3"<br> NAS-Identifier = "0014bf8abbc5"<br> NAS-Port = 46<br> Framed-MTU = 1400<br> State = 0x472a3396442f2a09d04328c11ec504b2<br> NAS-Port-Type = Wireless-802.11<br>
EAP-Message = 0x020500061900<br> Message-Authenticator = 0x748755f79dc28feaac6975d483fb2606<br>+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>
[suffix] No '@' in User-Name = "rrperez", looking up realm NULL<br>[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] EAP packet type response id 5 length 6<br>[eap] Continuing tunnel setup.<br>
++[eap] returns ok<br>Found Auth-Type = EAP<br>+- entering group authenticate {...}<br>[eap] Request found, released from the list<br>[eap] EAP/peap<br>[eap] processing type peap<br>[peap] processing EAP-TLS<br>[peap] Received TLS ACK<br>
[peap] ACK handshake fragment handler<br>[peap] eaptls_verify returned 1 <br>[peap] eaptls_process returned 13 <br>[peap] EAPTLS_HANDLED<br>++[eap] returns handled<br>Sending Access-Challenge of id 0 to 10.96.100.205 port 1103<br>
EAP-Message = 0x0106009e19006f0fd8a5dc5276fa83706f679780f3e60b36f5b3489d5551b7dc0590f2ddf6959d4ba9550b38329c20dce0ab3182205608a19b3d2964953695b467af4cd29ade6a679b18dfa5492a4286fe5b2a13c12d8305450e32b2441a68b97f9701655d60ad7d399f3b693b9562b3353d3bd5d730cab42857c0e5edb72fde0d9b70eeb03dd0afd787e1ceede01810d2c9e83bdc16030100040e000000<br>
Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0x472a3396432c2a09d04328c11ec504b2<br>Finished request 6.<br>Going to the next request<br>Waking up in 4.8 seconds.<br>rad_recv: Access-Request packet from host 10.96.100.205 port 1105, id=0, length=139<br>
User-Name = "rrperez"<br> NAS-IP-Address = 10.96.100.205<br> Called-Station-Id = "0014bf8abbc5"<br> Calling-Station-Id = "0016e3cdc0a3"<br> NAS-Identifier = "0014bf8abbc5"<br>
NAS-Port = 46<br> Framed-MTU = 1400<br> State = 0x472a3396432c2a09d04328c11ec504b2<br> NAS-Port-Type = Wireless-802.11<br> EAP-Message = 0x020600061900<br> Message-Authenticator = 0x31c7e07cdcbfbce9826ce983e511159b<br>
+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>[suffix] No '@' in User-Name = "rrperez", looking up realm NULL<br>[suffix] No such realm "NULL"<br>
++[suffix] returns noop<br>[eap] EAP packet type response id 6 length 6<br>[eap] Continuing tunnel setup.<br>++[eap] returns ok<br>Found Auth-Type = EAP<br>+- entering group authenticate {...}<br>[eap] Request found, released from the list<br>
[eap] EAP/peap<br>[eap] processing type peap<br>[peap] processing EAP-TLS<br>[peap] Received TLS ACK<br>[peap] ACK handshake fragment handler<br>[peap] eaptls_verify returned 1 <br>[peap] eaptls_process returned 13 <br>[peap] EAPTLS_HANDLED<br>
++[eap] returns handled<br>Sending Access-Challenge of id 0 to 10.96.100.205 port 1105<br> EAP-Message = 0x010700061900<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0x472a3396422d2a09d04328c11ec504b2<br>
Finished request 7.<br>Going to the next request<br>Waking up in 4.7 seconds.<br>Cleaning up request 2 ID 0 with timestamp +50<br>Cleaning up request 3 ID 0 with timestamp +50<br>Cleaning up request 4 ID 0 with timestamp +50<br>
Cleaning up request 5 ID 0 with timestamp +50<br>Cleaning up request 6 ID 0 with timestamp +50<br>Cleaning up request 7 ID 0 with timestamp +51<br>Ready to process requests.<br><br><br>I don't know where is the error why I can't connect to the network, need help ASAP...<br>