<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Tahoma
}
--></style>
</head>
<body class='hmmessage'>
FreeRADIUS Version 2.1.9, for host x86_64-redhat-linux-gnu<br>Active Directory - Windows Server 2008 <br>Windows Vista (WPA-TKIP / Protected EAP (PEAP))<br>Wireless Access Point - CISCO WAP4410N<br> <br><br><i>File /etc/raddb/eap.conf</i><br><br> eap {<br> ....<br> default_eap_type = peap<br>... <br>peap {<br> <br> default_eap_type = mschapv2<br> copy_request_to_tunnel = no<br> use_tunneled_reply = no<br> virtual_server = "inner-tunnel"<br> }<br>}<br><br><br><br><i>File /etc/raddb/users</i><br><br>DEFAULT Auth-Type = ntlm_auth <br>....<br><br><br><br><i>File /etc/raddb/modules/mschap</i><br><br>mschap {<br>...<br> with_ntdomain_hack = yes<br> ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{%{Stripped-User-Name}:-%{User-Name:-None}} --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}"<br>...<br>}<br><br><br><i>File /etc/raddb/modules/ntlm_auth</i><br><br>exec ntlm_auth {<br> wait = yes<br> program = "/usr/bin/ntlm_auth --request-nt-key --domain=MYDOMAINTEST --username=%{mschap:User-Name} --password=%{User-Password}"<br>}<br><br><br><i>Files /etc/raddb/sites-enable/inner-tunnel and /etc/raddb/sites-enable/default</i><br><br>authenticate {<br>....<br>ntlm_auth<br>...<br>}<br><br><br><br><font style="font-size: 10pt;" size="2">[root@radiusserver etc]# ntlm_auth --request-nt-key
--domain=MYDOMAINTEST --username=testuser01 --password=test<br>
NT_STATUS_OK: Success (0x0)</font><font style="font-size: 10pt;" size="2"><br></font>
<font style="font-size: 10pt;" size="2"><br></font>
<font style="font-size: 10pt;" size="2">[root@radiusserver etc]# net join -U Administrator<br>
Enter Administrator's password:<br>
Using short domain name -- MYDOMAINTEST<br>
Joined 'RADIUSSERVER' to realm 'mydomaintest.com'</font><br><br>[root@radiusserver /]# radtest testuser01 test localhost 0 teste123 <br>
Sending Access-Request of id 51 to 127.0.0.1 port 1812<br>
User-Name = "testuser01"<br>
User-Password = "test"<br>
NAS-IP-Address = 127.0.0.1<br>
NAS-Port = 0<br>
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812,
id=51, length=20<br><br><br><br>Have any idea ? Where can i find the solution ?<br>When i trying connect (windows vista) freeradius server <b>with wireless over<br>access point</b> i get this error:<br><br><br><br>rad_recv: Access-Request packet from host 192.168.155.194 port 2050, id=189, length=189<br> User-Name = "MYDOMAINTEST\\testuser01"<br> NAS-IP-Address = 192.168.155.194<br> NAS-Port = 0<br> Called-Station-Id = "00-15-62-FF-AD-2D:ciscosb"<br> Calling-Station-Id = "00-1E-65-DB-9D-86"<br> Framed-MTU = 1400<br> NAS-Port-Type = Wireless-802.11<br> Connect-Info = "CONNECT 11Mbps 802.11b"<br> EAP-Message = 0x0201001401414e47454c4f4e495c63626f6c616e<br> State = 0x6506f8af6507e17f97933c212e541ba3<br> Message-Authenticator = 0xbd99142be48ec558c3cbe5102cebc556<br>Mon Sep 13 10:34:21 2010 : Info: +- entering group authorize {...}<br>Mon Sep 13 10:34:21 2010 : Info: ++[preprocess] returns ok<br>Mon Sep 13 10:34:21 2010 : Info: ++[chap] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: ++[mschap] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: [suffix] No '@' in User-Name = "MYDOMAINTEST\testuser01", looking up realm NULL<br>Mon Sep 13 10:34:21 2010 : Info: [suffix] No such realm "NULL"<br>Mon Sep 13 10:34:21 2010 : Info: ++[suffix] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: [ntdomain] Looking up realm "MYDOMAINTEST" for User-Name = "MYDOMAINTEST\testuser01"<br>Mon Sep 13 10:34:21 2010 : Info: [ntdomain] No such realm "MYDOMAINTEST"<br>Mon Sep 13 10:34:21 2010 : Info: ++[ntdomain] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: [eap] EAP packet type response id 1 length 20<br>Mon Sep 13 10:34:21 2010 : Info: [eap] No EAP Start, assuming it's an on-going EAP conversation<br>Mon Sep 13 10:34:21 2010 : Info: ++[eap] returns updated<br>Mon Sep 13 10:34:21 2010 : Info: ++[unix] returns notfound<br>Mon Sep 13 10:34:21 2010 : Info: ++[files] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: ++[expiration] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: ++[logintime] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.<br>Mon Sep 13 10:34:21 2010 : Info: ++[pap] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: Found Auth-Type = EAP<br>Mon Sep 13 10:34:21 2010 : Info: +- entering group authenticate {...}<br>Mon Sep 13 10:34:21 2010 : Info: [eap] EAP Identity<br>Mon Sep 13 10:34:21 2010 : Info: [eap] processing type tls<br>Mon Sep 13 10:34:21 2010 : Info: [tls] Initiate<br>Mon Sep 13 10:34:21 2010 : Info: [tls] Start returned 1<br>Mon Sep 13 10:34:21 2010 : Info: ++[eap] returns handled<br>Sending Access-Challenge of id 189 to 192.168.155.194 port 2050<br> EAP-Message = 0x010200061920<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0xd76dd84ed76fc17a0790fefec05add19<br>Mon Sep 13 10:34:21 2010 : Info: Finished request 1.<br>Mon Sep 13 10:34:21 2010 : Debug: Going to the next request<br>Mon Sep 13 10:34:21 2010 : Debug: Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 192.168.155.194 port 2050, id=190, length=300<br> User-Name = "MYDOMAINTEST\\testuser01"<br> NAS-IP-Address = 192.168.155.194<br> NAS-Port = 0<br> Called-Station-Id = "00-15-62-FF-AD-2D:ciscosb"<br> Calling-Station-Id = "00-1E-65-DB-9D-86"<br> Framed-MTU = 1400<br> NAS-Port-Type = Wireless-802.11<br> Connect-Info = "CONNECT 11Mbps 802.11b"<br> EAP-Message = 0x0202008319800000007916030100740100007003014c8e2884af2dbe79e59a780b7c801b6a6f024ab05ed1164311f8e2c438576298000018002f00350005000ac009c00ac013c01400320038001300040100002f00000014001200000f616e67656c6f6e695c63626f6c616e000a00080006001700180019000b00020100ff01000100<br> State = 0xd76dd84ed76fc17a0790fefec05add19<br> Message-Authenticator = 0x93bc32a345dce54fc50f7bbb50ca7e3f<br>Mon Sep 13 10:34:21 2010 : Info: +- entering group authorize {...}<br>Mon Sep 13 10:34:21 2010 : Info: ++[preprocess] returns ok<br>Mon Sep 13 10:34:21 2010 : Info: ++[chap] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: ++[mschap] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: [suffix] No '@' in User-Name = "MYDOMAINTEST\testuser01", looking up realm NULL<br>Mon Sep 13 10:34:21 2010 : Info: [suffix] No such realm "NULL"<br>Mon Sep 13 10:34:21 2010 : Info: ++[suffix] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: [ntdomain] Looking up realm "MYDOMAINTEST" for User-Name = "MYDOMAINTEST\testuser01"<br>Mon Sep 13 10:34:21 2010 : Info: [ntdomain] No such realm "MYDOMAINTEST"<br>Mon Sep 13 10:34:21 2010 : Info: ++[ntdomain] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: [eap] EAP packet type response id 2 length 131<br>Mon Sep 13 10:34:21 2010 : Info: [eap] Continuing tunnel setup.<br>Mon Sep 13 10:34:21 2010 : Info: ++[eap] returns ok<br>Mon Sep 13 10:34:21 2010 : Info: Found Auth-Type = EAP<br>Mon Sep 13 10:34:21 2010 : Info: +- entering group authenticate {...}<br>Mon Sep 13 10:34:21 2010 : Info: [eap] Request found, released from the list<br>Mon Sep 13 10:34:21 2010 : Info: [eap] EAP/peap<br>Mon Sep 13 10:34:21 2010 : Info: [eap] processing type peap<br>Mon Sep 13 10:34:21 2010 : Info: [peap] processing EAP-TLS<br>Mon Sep 13 10:34:21 2010 : Debug: TLS Length 121<br>Mon Sep 13 10:34:21 2010 : Info: [peap] Length Included<br>Mon Sep 13 10:34:21 2010 : Info: [peap] eaptls_verify returned 11 <br>Mon Sep 13 10:34:21 2010 : Info: [peap] (other): before/accept initialization <br>Mon Sep 13 10:34:21 2010 : Info: [peap] TLS_accept: before/accept initialization <br>Mon Sep 13 10:34:21 2010 : Info: [peap] <<< TLS 1.0 Handshake [length 0074], ClientHello <br>Mon Sep 13 10:34:21 2010 : Info: [peap] TLS_accept: SSLv3 read client hello A <br>Mon Sep 13 10:34:21 2010 : Info: [peap] >>> TLS 1.0 Handshake [length 0031], ServerHello <br>Mon Sep 13 10:34:21 2010 : Info: [peap] TLS_accept: SSLv3 write server hello A <br>Mon Sep 13 10:34:21 2010 : Info: [peap] >>> TLS 1.0 Handshake [length 085e], Certificate <br>Mon Sep 13 10:34:21 2010 : Info: [peap] TLS_accept: SSLv3 write certificate A <br>Mon Sep 13 10:34:21 2010 : Info: [peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone <br>Mon Sep 13 10:34:21 2010 : Info: [peap] TLS_accept: SSLv3 write server done A <br>Mon Sep 13 10:34:21 2010 : Info: [peap] TLS_accept: SSLv3 flush data <br>Mon Sep 13 10:34:21 2010 : Info: [peap] TLS_accept: Need to read more data: SSLv3 read client certificate A<br>Mon Sep 13 10:34:21 2010 : Debug: In SSL Handshake Phase <br>Mon Sep 13 10:34:21 2010 : Debug: In SSL Accept mode <br>Mon Sep 13 10:34:21 2010 : Info: [peap] eaptls_process returned 13 <br>Mon Sep 13 10:34:21 2010 : Info: [peap] EAPTLS_HANDLED<br>Mon Sep 13 10:34:21 2010 : Info: ++[eap] returns handled<br>Sending Access-Challenge of id 190 to 192.168.155.194 port 2050<br> EAP-Message = 0x0103040019c0000008a216030100310200002d03014c8e285d2beeb4138d9eee394a996f4f9eca58f023b887efdda363a09db4bff300002f000005ff01000100160301085e0b00085a0008570003a6308203a23082028aa003020102020101300d06092a864886f70d0101050500308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c65204365727469666963617465204175<br> EAP-Message = 0x74686f72697479301e170d3130303931333132343233355a170d3130313131323132343233355a307c310b3009060355040613024652310f300d0603550408130652616469757331153013060355040a130c4578616d706c6520496e632e312330210603550403131a4578616d706c65205365727665722043657274696669636174653120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100ee3a32108e4f3cbfaa7a92d4bd978ca40fc64b2a47661645c8b68d65044435a66076682fd05fa16778a5af94206ffc638de3ca5a2a99a7<br> EAP-Message = 0xc92a2cf32a0ee4b8318b2f6b48eed7145b30afb76af66a5ceb89811ae04a70d71efd284ddfacd426825d71a59a319b37da2bba0e088bb66183f25f6522af18a4fbd7104c308440dfd10444b93c8548363aa973a8a926a5dd2cdee98ab4334e76941732723504db3bc0d7f7ecbac57fe09389ef3472ad7b952baf531120d84c6e661360774007a6661c46e00344cec67a5626e1cb85d0a20d037aabb885560b01e2fbef6447971424dafda7b2b47a19a8ea30fa59cb5dfce23c3f2a52f1060bcb84f596fc54f37d8f970203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d0101050500038201010011f6<br> EAP-Message = 0x5fe6dfff7362f46ed7015696230b784919f57eb0598b8cc5bc5aaafc91fb345324f2d8c409d3f4e89d7e16da467c611f98599c7e33ac6e6bea988f9dc1daad9102b4a4054f0cc9c6b1621088b3e2cc9d31f14adaea05d494919259f69778be393aab6efb9ddbb8d6a5949ae4c0231ff28820d4984cf5b319c9262a1fffc897ed56371008a993b0353d108a68b022384eb79b6b594d27f55fabc4215d96dde86b0e609bef9c04a2306c7c6b396ae07e9039815f0caec47148b6c5a8d5a353449e9d2b61a7f9c88dc86b90b94cfb3e98b1634da1923ba30d55e652d40c11c93eb5f6f1ee7827e134acbd4cc0f07d0b4d206e8df2fa9ecd78881348c1b157<br> EAP-Message = 0x2b0004ab308204a73082038f<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0xd76dd84ed66ec17a0790fefec05add19<br>Mon Sep 13 10:34:21 2010 : Info: Finished request 2.<br>Mon Sep 13 10:34:21 2010 : Debug: Going to the next request<br>Mon Sep 13 10:34:21 2010 : Debug: Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 192.168.155.194 port 2050, id=191, length=175<br> User-Name = "MYDOMAINTEST\\testuser01"<br> NAS-IP-Address = 192.168.155.194<br> NAS-Port = 0<br> Called-Station-Id = "00-15-62-FF-AD-2D:ciscosb"<br> Calling-Station-Id = "00-1E-65-DB-9D-86"<br> Framed-MTU = 1400<br> NAS-Port-Type = Wireless-802.11<br> Connect-Info = "CONNECT 11Mbps 802.11b"<br> EAP-Message = 0x020300061900<br> State = 0xd76dd84ed66ec17a0790fefec05add19<br> Message-Authenticator = 0x149802ee2e900a377b4953192fd43319<br>Mon Sep 13 10:34:21 2010 : Info: +- entering group authorize {...}<br>Mon Sep 13 10:34:21 2010 : Info: ++[preprocess] returns ok<br>Mon Sep 13 10:34:21 2010 : Info: ++[chap] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: ++[mschap] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: [suffix] No '@' in User-Name = "MYDOMAINTEST\testuser01", looking up realm NULL<br>Mon Sep 13 10:34:21 2010 : Info: [suffix] No such realm "NULL"<br>Mon Sep 13 10:34:21 2010 : Info: ++[suffix] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: [ntdomain] Looking up realm "MYDOMAINTEST" for User-Name = "MYDOMAINTEST\testuser01"<br>Mon Sep 13 10:34:21 2010 : Info: [ntdomain] No such realm "MYDOMAINTEST"<br>Mon Sep 13 10:34:21 2010 : Info: ++[ntdomain] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: [eap] EAP packet type response id 3 length 6<br>Mon Sep 13 10:34:21 2010 : Info: [eap] Continuing tunnel setup.<br>Mon Sep 13 10:34:21 2010 : Info: ++[eap] returns ok<br>Mon Sep 13 10:34:21 2010 : Info: Found Auth-Type = EAP<br>Mon Sep 13 10:34:21 2010 : Info: +- entering group authenticate {...}<br>Mon Sep 13 10:34:21 2010 : Info: [eap] Request found, released from the list<br>Mon Sep 13 10:34:21 2010 : Info: [eap] EAP/peap<br>Mon Sep 13 10:34:21 2010 : Info: [eap] processing type peap<br>Mon Sep 13 10:34:21 2010 : Info: [peap] processing EAP-TLS<br>Mon Sep 13 10:34:21 2010 : Info: [peap] Received TLS ACK<br>Mon Sep 13 10:34:21 2010 : Info: [peap] ACK handshake fragment handler<br>Mon Sep 13 10:34:21 2010 : Info: [peap] eaptls_verify returned 1 <br>Mon Sep 13 10:34:21 2010 : Info: [peap] eaptls_process returned 13 <br>Mon Sep 13 10:34:21 2010 : Info: [peap] EAPTLS_HANDLED<br>Mon Sep 13 10:34:21 2010 : Info: ++[eap] returns handled<br>Sending Access-Challenge of id 191 to 192.168.155.194 port 2050<br> EAP-Message = 0x010403fc1940a003020102020900fd77376b6dad365e300d06092a864886f70d0101050500308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479301e170d3130303931333132343233355a170d3130313131323132343233355a308193310b3009060355040613024652310f300d0603550408130652616469757331<br> EAP-Message = 0x12301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f7269747930820122300d06092a864886f70d01010105000382010f003082010a0282010100d154c97876aafffd6e2c38d8d030b168f8dce7c480ee5e1f2e70f69b644f539598e82c35141f1fc6df2202d717a8d212224f57bd0a0e5e4f6ad9f86ba16f00651842cbf6a8ab15fd2e788309304f5dc5abd95811697d400a611cb69d60e8957024bd0a4fc7ff1267<br> EAP-Message = 0xb00fc2f26e74c5858497e66019676175f2cf11049781681ba950f2f9e0fc51045f12655aab1cfc4001e7de1bf7ad11cd4ce5a56cfc64f479d1c3fa84ef41275203b542cf17a0c7ea5d00ebdee20c53a432e0568669d036073870a155f3fac928212cdd0e071c5ae65784c83b6ac840dc198d51c6a59c6b1f6273a8c6c8906e0011842b96391df406225ca95c01649e518e235865d44d4d4d0203010001a381fb3081f8301d0603551d0e04160414e3bc4886052780b7f5e868e9f8c2e8188ee3f8b23081c80603551d230481c03081bd8014e3bc4886052780b7f5e868e9f8c2e8188ee3f8b2a18199a48196308193310b300906035504061302465231<br> EAP-Message = 0x0f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479820900fd77376b6dad365e300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100886a41b64009cfdda5cbf1a1acc3b762ae831896a64568f23615de741e3911de3e1539a9cb018be1f0907182306a6296b2ab29391b905e3376391ab24c830be031aefa5e3ebf9f2bbc4862<br> EAP-Message = 0xec4672b63eb34dbe<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0xd76dd84ed569c17a0790fefec05add19<br>Mon Sep 13 10:34:21 2010 : Info: Finished request 3.<br>Mon Sep 13 10:34:21 2010 : Debug: Going to the next request<br>Mon Sep 13 10:34:21 2010 : Debug: Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 192.168.155.194 port 2050, id=192, length=175<br> User-Name = "MYDOMAINTEST\\testuser01"<br> NAS-IP-Address = 192.168.155.194<br> NAS-Port = 0<br> Called-Station-Id = "00-15-62-FF-AD-2D:ciscosb"<br> Calling-Station-Id = "00-1E-65-DB-9D-86"<br> Framed-MTU = 1400<br> NAS-Port-Type = Wireless-802.11<br> Connect-Info = "CONNECT 11Mbps 802.11b"<br> EAP-Message = 0x020400061900<br> State = 0xd76dd84ed569c17a0790fefec05add19<br> Message-Authenticator = 0xd66c19cfcb0a9d15888c2f80c474a5de<br>Mon Sep 13 10:34:21 2010 : Info: +- entering group authorize {...}<br>Mon Sep 13 10:34:21 2010 : Info: ++[preprocess] returns ok<br>Mon Sep 13 10:34:21 2010 : Info: ++[chap] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: ++[mschap] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: [suffix] No '@' in User-Name = "MYDOMAINTEST\testuser01", looking up realm NULL<br>Mon Sep 13 10:34:21 2010 : Info: [suffix] No such realm "NULL"<br>Mon Sep 13 10:34:21 2010 : Info: ++[suffix] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: [ntdomain] Looking up realm "MYDOMAINTEST" for User-Name = "MYDOMAINTEST\testuser01"<br>Mon Sep 13 10:34:21 2010 : Info: [ntdomain] No such realm "MYDOMAINTEST"<br>Mon Sep 13 10:34:21 2010 : Info: ++[ntdomain] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: [eap] EAP packet type response id 4 length 6<br>Mon Sep 13 10:34:21 2010 : Info: [eap] Continuing tunnel setup.<br>Mon Sep 13 10:34:21 2010 : Info: ++[eap] returns ok<br>Mon Sep 13 10:34:21 2010 : Info: Found Auth-Type = EAP<br>Mon Sep 13 10:34:21 2010 : Info: +- entering group authenticate {...}<br>Mon Sep 13 10:34:21 2010 : Info: [eap] Request found, released from the list<br>Mon Sep 13 10:34:21 2010 : Info: [eap] EAP/peap<br>Mon Sep 13 10:34:21 2010 : Info: [eap] processing type peap<br>Mon Sep 13 10:34:21 2010 : Info: [peap] processing EAP-TLS<br>Mon Sep 13 10:34:21 2010 : Info: [peap] Received TLS ACK<br>Mon Sep 13 10:34:21 2010 : Info: [peap] ACK handshake fragment handler<br>Mon Sep 13 10:34:21 2010 : Info: [peap] eaptls_verify returned 1 <br>Mon Sep 13 10:34:21 2010 : Info: [peap] eaptls_process returned 13 <br>Mon Sep 13 10:34:21 2010 : Info: [peap] EAPTLS_HANDLED<br>Mon Sep 13 10:34:21 2010 : Info: ++[eap] returns handled<br>Sending Access-Challenge of id 192 to 192.168.155.194 port 2050<br> EAP-Message = 0x010500bc1900a8c1e930adad128d2a178d8d7a4c345b4f7ddd981d87e3a364ef65216c0e6485d99f22a335b4c31daf8ff28bac0d0375c0c0d6695cbda1d70898a7e2dfb8ddb5a9df14270422a6820bf42284b766a88d819b3a1f33f4962446a852c8a88469e39707436d52148d4c1277c1dbc2c97b1377dc77dca0cfc3374eb968b54acd07df27089f3c611bfddb24c32dd17da21321da1ff5856723398f2d948e896a051e1cf7ebfd5f5989198f265898af4e16030100040e000000<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0xd76dd84ed468c17a0790fefec05add19<br>Mon Sep 13 10:34:21 2010 : Info: Finished request 4.<br>Mon Sep 13 10:34:21 2010 : Debug: Going to the next request<br>Mon Sep 13 10:34:21 2010 : Debug: Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 192.168.155.194 port 2050, id=193, length=175<br> User-Name = "MYDOMAINTEST\\testuser01"<br> NAS-IP-Address = 192.168.155.194<br> NAS-Port = 0<br> Called-Station-Id = "00-15-62-FF-AD-2D:ciscosb"<br> Calling-Station-Id = "00-1E-65-DB-9D-86"<br> Framed-MTU = 1400<br> NAS-Port-Type = Wireless-802.11<br> Connect-Info = "CONNECT 11Mbps 802.11b"<br> EAP-Message = 0x020500061900<br> State = 0xd76dd84ed468c17a0790fefec05add19<br> Message-Authenticator = 0x25610017540304c1a783aa7777ba392b<br>Mon Sep 13 10:34:21 2010 : Info: +- entering group authorize {...}<br>Mon Sep 13 10:34:21 2010 : Info: ++[preprocess] returns ok<br>Mon Sep 13 10:34:21 2010 : Info: ++[chap] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: ++[mschap] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: [suffix] No '@' in User-Name = "MYDOMAINTEST\testuser01", looking up realm NULL<br>Mon Sep 13 10:34:21 2010 : Info: [suffix] No such realm "NULL"<br>Mon Sep 13 10:34:21 2010 : Info: ++[suffix] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: [ntdomain] Looking up realm "MYDOMAINTEST" for User-Name = "MYDOMAINTEST\testuser01"<br>Mon Sep 13 10:34:21 2010 : Info: [ntdomain] No such realm "MYDOMAINTEST"<br>Mon Sep 13 10:34:21 2010 : Info: ++[ntdomain] returns noop<br>Mon Sep 13 10:34:21 2010 : Info: [eap] EAP packet type response id 5 length 6<br>Mon Sep 13 10:34:21 2010 : Info: [eap] Continuing tunnel setup.<br>Mon Sep 13 10:34:21 2010 : Info: ++[eap] returns ok<br>Mon Sep 13 10:34:21 2010 : Info: Found Auth-Type = EAP<br>Mon Sep 13 10:34:21 2010 : Info: +- entering group authenticate {...}<br>Mon Sep 13 10:34:21 2010 : Info: [eap] Request found, released from the list<br>Mon Sep 13 10:34:21 2010 : Info: [eap] EAP/peap<br>Mon Sep 13 10:34:21 2010 : Info: [eap] processing type peap<br>Mon Sep 13 10:34:21 2010 : Info: [peap] processing EAP-TLS<br>Mon Sep 13 10:34:21 2010 : Info: [peap] Received TLS ACK<br>Mon Sep 13 10:34:21 2010 : Info: [peap] ACK handshake fragment handler<br>Mon Sep 13 10:34:21 2010 : Info: [peap] eaptls_verify returned 1 <br>Mon Sep 13 10:34:21 2010 : Info: [peap] eaptls_process returned 13 <br>Mon Sep 13 10:34:21 2010 : Info: [peap] EAPTLS_HANDLED<br>Mon Sep 13 10:34:21 2010 : Info: ++[eap] returns handled<br>Sending Access-Challenge of id 193 to 192.168.155.194 port 2050<br> EAP-Message = 0x010600061900<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0xd76dd84ed36bc17a0790fefec05add19<br>Mon Sep 13 10:34:21 2010 : Info: Finished request 5.<br>Mon Sep 13 10:34:21 2010 : Debug: Going to the next request<br>Mon Sep 13 10:34:21 2010 : Debug: Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 192.168.155.194 port 2050, id=194, length=171<br> User-Name = "MYDOMAINTEST\\testuser01"<br> NAS-IP-Address = 192.168.155.194<br> NAS-Port = 0<br> Called-Station-Id = "00-15-62-FF-AD-2D:ciscosb"<br> Calling-Station-Id = "00-1E-65-DB-9D-86"<br> Framed-MTU = 1400<br> NAS-Port-Type = Wireless-802.11<br> Connect-Info = "CONNECT 11Mbps 802.11b"<br> EAP-Message = 0x0200001401414e47454c4f4e495c63626f6c616e<br> Message-Authenticator = 0x7fb8c0c166efca06b16e7f0b2c11acc4<br>Mon Sep 13 10:34:23 2010 : Info: +- entering group authorize {...}<br>Mon Sep 13 10:34:23 2010 : Info: ++[preprocess] returns ok<br>Mon Sep 13 10:34:23 2010 : Info: ++[chap] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: ++[mschap] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: [suffix] No '@' in User-Name = "MYDOMAINTEST\testuser01", looking up realm NULL<br>Mon Sep 13 10:34:23 2010 : Info: [suffix] No such realm "NULL"<br>Mon Sep 13 10:34:23 2010 : Info: ++[suffix] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: [ntdomain] Looking up realm "MYDOMAINTEST" for User-Name = "MYDOMAINTEST\testuser01"<br>Mon Sep 13 10:34:23 2010 : Info: [ntdomain] No such realm "MYDOMAINTEST"<br>Mon Sep 13 10:34:23 2010 : Info: ++[ntdomain] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: [eap] EAP packet type response id 0 length 20<br>Mon Sep 13 10:34:23 2010 : Info: [eap] No EAP Start, assuming it's an on-going EAP conversation<br>Mon Sep 13 10:34:23 2010 : Info: ++[eap] returns updated<br>Mon Sep 13 10:34:23 2010 : Info: ++[unix] returns notfound<br>Mon Sep 13 10:34:23 2010 : Info: ++[files] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: ++[expiration] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: ++[logintime] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.<br>Mon Sep 13 10:34:23 2010 : Info: ++[pap] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: Found Auth-Type = EAP<br>Mon Sep 13 10:34:23 2010 : Info: +- entering group authenticate {...}<br>Mon Sep 13 10:34:23 2010 : Info: [eap] EAP Identity<br>Mon Sep 13 10:34:23 2010 : Info: [eap] processing type tls<br>Mon Sep 13 10:34:23 2010 : Info: [tls] Initiate<br>Mon Sep 13 10:34:23 2010 : Info: [tls] Start returned 1<br>Mon Sep 13 10:34:23 2010 : Info: ++[eap] returns handled<br>Sending Access-Challenge of id 194 to 192.168.155.194 port 2050<br> EAP-Message = 0x010100061920<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0x08a4aa3d08a5b341b6a6388fbdc863a8<br>Mon Sep 13 10:34:23 2010 : Info: Finished request 6.<br>Mon Sep 13 10:34:23 2010 : Debug: Going to the next request<br>Mon Sep 13 10:34:23 2010 : Debug: Waking up in 3.3 seconds.<br>rad_recv: Access-Request packet from host 192.168.155.194 port 2050, id=195, length=189<br> User-Name = "MYDOMAINTEST\\testuser01"<br> NAS-IP-Address = 192.168.155.194<br> NAS-Port = 0<br> Called-Station-Id = "00-15-62-FF-AD-2D:ciscosb"<br> Calling-Station-Id = "00-1E-65-DB-9D-86"<br> Framed-MTU = 1400<br> NAS-Port-Type = Wireless-802.11<br> Connect-Info = "CONNECT 11Mbps 802.11b"<br> EAP-Message = 0x0201001401414e47454c4f4e495c63626f6c616e<br> State = 0x08a4aa3d08a5b341b6a6388fbdc863a8<br> Message-Authenticator = 0xdf84203e0b11202af2cae40b8121d33f<br>Mon Sep 13 10:34:23 2010 : Info: +- entering group authorize {...}<br>Mon Sep 13 10:34:23 2010 : Info: ++[preprocess] returns ok<br>Mon Sep 13 10:34:23 2010 : Info: ++[chap] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: ++[mschap] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: [suffix] No '@' in User-Name = "MYDOMAINTEST\testuser01", looking up realm NULL<br>Mon Sep 13 10:34:23 2010 : Info: [suffix] No such realm "NULL"<br>Mon Sep 13 10:34:23 2010 : Info: ++[suffix] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: [ntdomain] Looking up realm "MYDOMAINTEST" for User-Name = "MYDOMAINTEST\testuser01"<br>Mon Sep 13 10:34:23 2010 : Info: [ntdomain] No such realm "MYDOMAINTEST"<br>Mon Sep 13 10:34:23 2010 : Info: ++[ntdomain] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: [eap] EAP packet type response id 1 length 20<br>Mon Sep 13 10:34:23 2010 : Info: [eap] No EAP Start, assuming it's an on-going EAP conversation<br>Mon Sep 13 10:34:23 2010 : Info: ++[eap] returns updated<br>Mon Sep 13 10:34:23 2010 : Info: ++[unix] returns notfound<br>Mon Sep 13 10:34:23 2010 : Info: ++[files] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: ++[expiration] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: ++[logintime] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.<br>Mon Sep 13 10:34:23 2010 : Info: ++[pap] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: Found Auth-Type = EAP<br>Mon Sep 13 10:34:23 2010 : Info: +- entering group authenticate {...}<br>Mon Sep 13 10:34:23 2010 : Info: [eap] EAP Identity<br>Mon Sep 13 10:34:23 2010 : Info: [eap] processing type tls<br>Mon Sep 13 10:34:23 2010 : Info: [tls] Initiate<br>Mon Sep 13 10:34:23 2010 : Info: [tls] Start returned 1<br>Mon Sep 13 10:34:23 2010 : Info: ++[eap] returns handled<br>Sending Access-Challenge of id 195 to 192.168.155.194 port 2050<br> EAP-Message = 0x010200061920<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0xa14ba8cfa149b12d443c6d1514b556f1<br>Mon Sep 13 10:34:23 2010 : Info: Finished request 7.<br>Mon Sep 13 10:34:23 2010 : Debug: Going to the next request<br>Mon Sep 13 10:34:23 2010 : Debug: Waking up in 3.2 seconds.<br>rad_recv: Access-Request packet from host 192.168.155.194 port 2050, id=196, length=175<br> User-Name = "MYDOMAINTEST\\testuser01"<br> NAS-IP-Address = 192.168.155.194<br> NAS-Port = 0<br> Called-Station-Id = "00-15-62-FF-AD-2D:ciscosb"<br> Calling-Station-Id = "00-1E-65-DB-9D-86"<br> Framed-MTU = 1400<br> NAS-Port-Type = Wireless-802.11<br> Connect-Info = "CONNECT 11Mbps 802.11b"<br> EAP-Message = 0x020200060311<br> State = 0xa14ba8cfa149b12d443c6d1514b556f1<br> Message-Authenticator = 0x59b31ae92c6fc003dd396d83f1ae2595<br>Mon Sep 13 10:34:23 2010 : Info: +- entering group authorize {...}<br>Mon Sep 13 10:34:23 2010 : Info: ++[preprocess] returns ok<br>Mon Sep 13 10:34:23 2010 : Info: ++[chap] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: ++[mschap] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: [suffix] No '@' in User-Name = "MYDOMAINTEST\testuser01", looking up realm NULL<br>Mon Sep 13 10:34:23 2010 : Info: [suffix] No such realm "NULL"<br>Mon Sep 13 10:34:23 2010 : Info: ++[suffix] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: [ntdomain] Looking up realm "MYDOMAINTEST" for User-Name = "MYDOMAINTEST\testuser01"<br>Mon Sep 13 10:34:23 2010 : Info: [ntdomain] No such realm "MYDOMAINTEST"<br>Mon Sep 13 10:34:23 2010 : Info: ++[ntdomain] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: [eap] EAP packet type response id 2 length 6<br>Mon Sep 13 10:34:23 2010 : Info: [eap] No EAP Start, assuming it's an on-going EAP conversation<br>Mon Sep 13 10:34:23 2010 : Info: ++[eap] returns updated<br>Mon Sep 13 10:34:23 2010 : Info: ++[unix] returns notfound<br>Mon Sep 13 10:34:23 2010 : Info: ++[files] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: ++[expiration] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: ++[logintime] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.<br>Mon Sep 13 10:34:23 2010 : Info: ++[pap] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: Found Auth-Type = EAP<br>Mon Sep 13 10:34:23 2010 : Info: +- entering group authenticate {...}<br>Mon Sep 13 10:34:23 2010 : Info: [eap] Request found, released from the list<br>Mon Sep 13 10:34:23 2010 : Info: [eap] EAP NAK<br>Mon Sep 13 10:34:23 2010 : Info: [eap] EAP-NAK asked for EAP-Type/leap<br>Mon Sep 13 10:34:23 2010 : Info: [eap] processing type leap<br>Mon Sep 13 10:34:23 2010 : Debug: rlm_eap_leap: Stage 2<br>Mon Sep 13 10:34:23 2010 : Debug: rlm_eap_leap: Issuing AP Challenge<br>Mon Sep 13 10:34:23 2010 : Debug: rlm_eap_leap: Successfully initiated<br>Mon Sep 13 10:34:23 2010 : Info: ++[eap] returns handled<br>Sending Access-Challenge of id 196 to 192.168.155.194 port 2050<br> EAP-Message = 0x0103001f11010008ee1c3a6722d72f04414e47454c4f4e495c63626f6c616e<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0xa14ba8cfa048b92d443c6d1514b556f1<br>Mon Sep 13 10:34:23 2010 : Info: Finished request 8.<br>Mon Sep 13 10:34:23 2010 : Debug: Going to the next request<br>Mon Sep 13 10:34:23 2010 : Debug: Waking up in 3.2 seconds.<br>rad_recv: Access-Request packet from host 192.168.155.194 port 2050, id=197, length=216<br> User-Name = "MYDOMAINTEST\\testuser01"<br> NAS-IP-Address = 192.168.155.194<br> NAS-Port = 0<br> Called-Station-Id = "00-15-62-FF-AD-2D:ciscosb"<br> Calling-Station-Id = "00-1E-65-DB-9D-86"<br> Framed-MTU = 1400<br> NAS-Port-Type = Wireless-802.11<br> Connect-Info = "CONNECT 11Mbps 802.11b"<br> EAP-Message = 0x0203002f11010018e3ecbf5161bbb5bd4cac88fff440256581950b19d079df4c414e47454c4f4e495c63626f6c616e<br> State = 0xa14ba8cfa048b92d443c6d1514b556f1<br> Message-Authenticator = 0xdff169f98e2fa8a9a0b0b17b022b9733<br>Mon Sep 13 10:34:23 2010 : Info: +- entering group authorize {...}<br>Mon Sep 13 10:34:23 2010 : Info: ++[preprocess] returns ok<br>Mon Sep 13 10:34:23 2010 : Info: ++[chap] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: ++[mschap] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: [suffix] No '@' in User-Name = "MYDOMAINTEST\testuser01", looking up realm NULL<br>Mon Sep 13 10:34:23 2010 : Info: [suffix] No such realm "NULL"<br>Mon Sep 13 10:34:23 2010 : Info: ++[suffix] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: [ntdomain] Looking up realm "MYDOMAINTEST" for User-Name = "MYDOMAINTEST\testuser01"<br>Mon Sep 13 10:34:23 2010 : Info: [ntdomain] No such realm "MYDOMAINTEST"<br>Mon Sep 13 10:34:23 2010 : Info: ++[ntdomain] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: [eap] EAP packet type response id 3 length 47<br>Mon Sep 13 10:34:23 2010 : Info: [eap] No EAP Start, assuming it's an on-going EAP conversation<br>Mon Sep 13 10:34:23 2010 : Info: ++[eap] returns updated<br>Mon Sep 13 10:34:23 2010 : Info: ++[unix] returns notfound<br>Mon Sep 13 10:34:23 2010 : Info: ++[files] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: ++[expiration] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: ++[logintime] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.<br>Mon Sep 13 10:34:23 2010 : Info: ++[pap] returns noop<br>Mon Sep 13 10:34:23 2010 : Info: Found Auth-Type = EAP<br>Mon Sep 13 10:34:23 2010 : Info: +- entering group authenticate {...}<br>Mon Sep 13 10:34:23 2010 : Info: [eap] Request found, released from the list<br>Mon Sep 13 10:34:23 2010 : Info: [eap] EAP/leap<br>Mon Sep 13 10:34:23 2010 : Info: [eap] processing type leap<br>Mon Sep 13 10:34:23 2010 : Debug: rlm_eap_leap: No Cleartext-Password or NT-Password configured for this user<br>Mon Sep 13 10:34:23 2010 : Info: [eap] Handler failed in EAP/leap<br>Mon Sep 13 10:34:23 2010 : Info: [eap] Failed in EAP select<br>Mon Sep 13 10:34:23 2010 : Info: ++[eap] returns invalid<br>Mon Sep 13 10:34:23 2010 : Info: Failed to authenticate the user.<br>Mon Sep 13 10:34:23 2010 : Info: Using Post-Auth-Type Reject<br>Mon Sep 13 10:34:23 2010 : Info: +- entering group REJECT {...}<br>Mon Sep 13 10:34:23 2010 : Info: [attr_filter.access_reject] expand: %{User-Name} -> MYDOMAINTEST\testuser01<br>Mon Sep 13 10:34:23 2010 : Debug: attr_filter: Matched entry DEFAULT at line 11<br>Mon Sep 13 10:34:23 2010 : Info: ++[attr_filter.access_reject] returns updated<br>Mon Sep 13 10:34:23 2010 : Info: Delaying reject of request 9 for 1 seconds<br>Mon Sep 13 10:34:23 2010 : Debug: Going to the next request<br>Mon Sep 13 10:34:23 2010 : Debug: Waking up in 0.9 seconds.<br>Mon Sep 13 10:34:24 2010 : Info: Sending delayed reject for request 9<br>Sending Access-Reject of id 197 to 192.168.155.194 port 2050<br> EAP-Message = 0x04030004<br> Message-Authenticator = 0x00000000000000000000000000000000<br><br> </body>
</html>