<a href="mailto:freeradius-users@lists.freeradius.org">freeradius-users@lists.freeradius.org</a><br><br><br><br>Hi,<br><br>I've read a lot the past few days trying to figure out why this is failing, and all of the solutions I find don't seem to work.<br>
<br>I have a test account setup within a test domain.<br>The username is "dadmin". If I authenticate with just "dadmin" it works fine, I get an access accept response and I am up and running.<br><br>However, if I try "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>" authentication is rejected. My main concern is the fact that during the process, it says "<a href="http://testlab.net">testlab.net</a>" was not found, using NULL for the Realm. Any help would be greatly appreciate, and if needed I can get another log with Fallthrough prevented after the MSCHAP module.<br>
<br>A condensed debug log is here, it is the transaction only, without the config:<br><br>rad_recv: Access-Request packet from host 10.10.10.33 port 1812, id=48, length=151<br> NAS-IP-Address = 10.10.10.33<br> NAS-Port = 50001<br>
NAS-Port-Type = Ethernet<br> User-Name = "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>"<br> Called-Station-Id = "00-08-20-FE-F6-81"<br> Calling-Station-Id = "00-11-43-9C-01-97"<br>
Service-Type = Framed-User<br> Framed-MTU = 1500<br> EAP-Message = 0x02000017016461646d696e40746573746c61622e6e6574<br> Message-Authenticator = 0x44cd0ce3a9cd21f99f2aa81790828195<br>Thu Oct 14 15:10:55 2010 : Info: +- entering group authorize {...}<br>
Thu Oct 14 15:10:55 2010 : Info: ++[preprocess] returns ok<br>Thu Oct 14 15:10:55 2010 : Info: ++[chap] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: ++[mschap] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: [suffix] Looking up realm "<a href="http://testlab.net">testlab.net</a>" for User-Name = "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>"<br>
Thu Oct 14 15:10:55 2010 : Info: [suffix] No such realm "<a href="http://testlab.net">testlab.net</a>"<br>Thu Oct 14 15:10:55 2010 : Info: ++[suffix] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: [eap] EAP packet type response id 0 length 23<br>
Thu Oct 14 15:10:55 2010 : Info: [eap] No EAP Start, assuming it's an on-going EAP conversation<br>Thu Oct 14 15:10:55 2010 : Info: ++[eap] returns updated<br>Thu Oct 14 15:10:55 2010 : Info: ++[unix] returns notfound<br>
Thu Oct 14 15:10:55 2010 : Info: ++[files] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: ++[expiration] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: ++[logintime] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.<br>
Thu Oct 14 15:10:55 2010 : Info: ++[pap] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: Found Auth-Type = EAP<br>Thu Oct 14 15:10:55 2010 : Info: +- entering group authenticate {...}<br>Thu Oct 14 15:10:55 2010 : Info: [eap] EAP Identity<br>
Thu Oct 14 15:10:55 2010 : Info: [eap] processing type tls<br>Thu Oct 14 15:10:55 2010 : Info: [tls] Initiate<br>Thu Oct 14 15:10:55 2010 : Info: [tls] Start returned 1<br>Thu Oct 14 15:10:55 2010 : Info: ++[eap] returns handled<br>
Sending Access-Challenge of id 48 to 10.10.10.33 port 1812<br> EAP-Message = 0x010100061920<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0x06aeb03006afa983ae3f9911df8bd844<br>Thu Oct 14 15:10:55 2010 : Info: Finished request 0.<br>
Thu Oct 14 15:10:55 2010 : Debug: Going to the next request<br>Thu Oct 14 15:10:55 2010 : Debug: Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 10.10.10.33 port 1812, id=49, length=268<br> NAS-IP-Address = 10.10.10.33<br>
NAS-Port = 50001<br> NAS-Port-Type = Ethernet<br> User-Name = "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>"<br> Called-Station-Id = "00-08-20-FE-F6-81"<br> Calling-Station-Id = "00-11-43-9C-01-97"<br>
Service-Type = Framed-User<br> Framed-MTU = 1500<br> State = 0x06aeb03006afa983ae3f9911df8bd844<br> EAP-Message = 0x0201007a198000000070160301006b0100006703014cb746e874a5b79f870f64af3b396b705ce9c3705ba420507e4ed5a7ee5aadfa00003a00390038008800870035008400160013000a00330032009a009900450044002f00960041000500040015001200090014001100080006000300ff0100000400230000<br>
Message-Authenticator = 0x0181c350f91e4324ee6bd7a580902517<br>Thu Oct 14 15:10:55 2010 : Info: +- entering group authorize {...}<br>Thu Oct 14 15:10:55 2010 : Info: ++[preprocess] returns ok<br>Thu Oct 14 15:10:55 2010 : Info: ++[chap] returns noop<br>
Thu Oct 14 15:10:55 2010 : Info: ++[mschap] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: [suffix] Looking up realm "<a href="http://testlab.net">testlab.net</a>" for User-Name = "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>"<br>
Thu Oct 14 15:10:55 2010 : Info: [suffix] No such realm "<a href="http://testlab.net">testlab.net</a>"<br>Thu Oct 14 15:10:55 2010 : Info: ++[suffix] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: [eap] EAP packet type response id 1 length 122<br>
Thu Oct 14 15:10:55 2010 : Info: [eap] Continuing tunnel setup.<br>Thu Oct 14 15:10:55 2010 : Info: ++[eap] returns ok<br>Thu Oct 14 15:10:55 2010 : Info: Found Auth-Type = EAP<br>Thu Oct 14 15:10:55 2010 : Info: +- entering group authenticate {...}<br>
Thu Oct 14 15:10:55 2010 : Info: [eap] Request found, released from the list<br>Thu Oct 14 15:10:55 2010 : Info: [eap] EAP/peap<br>Thu Oct 14 15:10:55 2010 : Info: [eap] processing type peap<br>Thu Oct 14 15:10:55 2010 : Info: [peap] processing EAP-TLS<br>
Thu Oct 14 15:10:55 2010 : Debug: TLS Length 112<br>Thu Oct 14 15:10:55 2010 : Info: [peap] Length Included<br>Thu Oct 14 15:10:55 2010 : Info: [peap] eaptls_verify returned 11<br>Thu Oct 14 15:10:55 2010 : Info: [peap] (other): before/accept initialization<br>
Thu Oct 14 15:10:55 2010 : Info: [peap] TLS_accept: before/accept initialization<br>Thu Oct 14 15:10:55 2010 : Info: [peap] <<< TLS 1.0 Handshake [length 006b], ClientHello <br>Thu Oct 14 15:10:55 2010 : Info: [peap] TLS_accept: SSLv3 read client hello A<br>
Thu Oct 14 15:10:55 2010 : Info: [peap] >>> TLS 1.0 Handshake [length 0031], ServerHello <br>Thu Oct 14 15:10:55 2010 : Info: [peap] TLS_accept: SSLv3 write server hello A<br>Thu Oct 14 15:10:55 2010 : Info: [peap] >>> TLS 1.0 Handshake [length 085e], Certificate <br>
Thu Oct 14 15:10:55 2010 : Info: [peap] TLS_accept: SSLv3 write certificate A<br>Thu Oct 14 15:10:55 2010 : Info: [peap] >>> TLS 1.0 Handshake [length 020d], ServerKeyExchange <br>Thu Oct 14 15:10:55 2010 : Info: [peap] TLS_accept: SSLv3 write key exchange A<br>
Thu Oct 14 15:10:55 2010 : Info: [peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone <br>Thu Oct 14 15:10:55 2010 : Info: [peap] TLS_accept: SSLv3 write server done A<br>Thu Oct 14 15:10:55 2010 : Info: [peap] TLS_accept: SSLv3 flush data<br>
Thu Oct 14 15:10:55 2010 : Info: [peap] TLS_accept: Need to read more data: SSLv3 read client certificate A<br>Thu Oct 14 15:10:55 2010 : Debug: In SSL Handshake Phase<br>Thu Oct 14 15:10:55 2010 : Debug: In SSL Accept mode <br>
Thu Oct 14 15:10:55 2010 : Info: [peap] eaptls_process returned 13<br>Thu Oct 14 15:10:55 2010 : Info: [peap] EAPTLS_HANDLED<br>Thu Oct 14 15:10:55 2010 : Info: ++[eap] returns handled<br>Sending Access-Challenge of id 49 to 10.10.10.33 port 1812<br>
EAP-Message = 0x0102040019c000000ab416030100310200002d03014cb763cfa064453757d0c5be1dc586ac1b1858eb7c0a76c7e416b1ec7ab40b72000039000005ff01000100160301085e0b00085a0008570003a6308203a23082028aa003020102020101300d06092a864886f70d0101040500308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c65204365727469666963617465204175<br>
EAP-Message = 0x74686f72697479301e170d3130313031323136323332345a170d3131313031323136323332345a307c310b3009060355040613024652310f300d0603550408130652616469757331153013060355040a130c4578616d706c6520496e632e312330210603550403131a4578616d706c65205365727665722043657274696669636174653120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100ba9088fd0d00ca0dda3515e6a0c2c74fb00cf68c2df91db508b8fccd049fe8acd620fd2f77351357832ee3e202dbd5eff0b71b78d8c271<br>
EAP-Message = 0x0343e4f5376421f172a54444bde1775eedf1558e49262d28729d83998cd3f582d6ccf964efc755f7ec6d68457358246b578bbae24caf6744580ae063cbef9eef84d28bb6e245a0c55358f8b1d642acd6bfd36e046610b58641f5c3afdcb5faa5e7e2be75cc0d005b8d7bceda1d6d3e3541a8c895f788e91bd707af74b949a75675f9f3dacfcd69fecb1aaac3400394c7c6e8231b3856140b016e5608224733732fffdbf3e84fbd85097045a44e46fc64cbf14c434b387c0e088e564bae85cdd534e9b4ffdc38fa8e070203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d010104050003820101006070<br>
EAP-Message = 0x7fb95980faec94e4af1c14f2e05a13e76fbcf988d73afb09f3e67139a476550680bf79d342cc39a9d2cc109da4d0803c7a1cbdfc689edd88a0508929f72b7c6c7a39a4e5d608546a30df35de80eefc2e93ce460f8290408bda43de75c4e52d81bd9d83dadfcba81aacee7c841f878aaf0c26c048087d067ac706d0e18ed01eb64a690c790cf633df898718812ab599bce194dc6badda360f367d9164e78025bb778b010df2bb3bcf70e440d73dddec4c1298b9282bf516fef843f2587b0645440c55af35ed52eac6a0cc432373fa83ec889a3e2ea950ec8e08f4d1e1b03f08f8a1ba25044ccadc2ff2934a30db2ca10d6e8edd103b7f4010ddf3a949c6<br>
EAP-Message = 0x660004ab308204a73082038f<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0x06aeb03007aca983ae3f9911df8bd844<br>Thu Oct 14 15:10:55 2010 : Info: Finished request 1.<br>Thu Oct 14 15:10:55 2010 : Debug: Going to the next request<br>
Thu Oct 14 15:10:55 2010 : Debug: Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 10.10.10.33 port 1812, id=50, length=152<br> NAS-IP-Address = 10.10.10.33<br> NAS-Port = 50001<br> NAS-Port-Type = Ethernet<br>
User-Name = "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>"<br> Called-Station-Id = "00-08-20-FE-F6-81"<br> Calling-Station-Id = "00-11-43-9C-01-97"<br> Service-Type = Framed-User<br>
Framed-MTU = 1500<br> State = 0x06aeb03007aca983ae3f9911df8bd844<br> EAP-Message = 0x020200061900<br> Message-Authenticator = 0x4227505e9a315072b0915cfe8ca62d36<br>Thu Oct 14 15:10:55 2010 : Info: +- entering group authorize {...}<br>
Thu Oct 14 15:10:55 2010 : Info: ++[preprocess] returns ok<br>Thu Oct 14 15:10:55 2010 : Info: ++[chap] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: ++[mschap] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: [suffix] Looking up realm "<a href="http://testlab.net">testlab.net</a>" for User-Name = "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>"<br>
Thu Oct 14 15:10:55 2010 : Info: [suffix] No such realm "<a href="http://testlab.net">testlab.net</a>"<br>Thu Oct 14 15:10:55 2010 : Info: ++[suffix] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: [eap] EAP packet type response id 2 length 6<br>
Thu Oct 14 15:10:55 2010 : Info: [eap] Continuing tunnel setup.<br>Thu Oct 14 15:10:55 2010 : Info: ++[eap] returns ok<br>Thu Oct 14 15:10:55 2010 : Info: Found Auth-Type = EAP<br>Thu Oct 14 15:10:55 2010 : Info: +- entering group authenticate {...}<br>
Thu Oct 14 15:10:55 2010 : Info: [eap] Request found, released from the list<br>Thu Oct 14 15:10:55 2010 : Info: [eap] EAP/peap<br>Thu Oct 14 15:10:55 2010 : Info: [eap] processing type peap<br>Thu Oct 14 15:10:55 2010 : Info: [peap] processing EAP-TLS<br>
Thu Oct 14 15:10:55 2010 : Info: [peap] Received TLS ACK<br>Thu Oct 14 15:10:55 2010 : Info: [peap] ACK handshake fragment handler<br>Thu Oct 14 15:10:55 2010 : Info: [peap] eaptls_verify returned 1<br>Thu Oct 14 15:10:55 2010 : Info: [peap] eaptls_process returned 13<br>
Thu Oct 14 15:10:55 2010 : Info: [peap] EAPTLS_HANDLED<br>Thu Oct 14 15:10:55 2010 : Info: ++[eap] returns handled<br>Sending Access-Challenge of id 50 to 10.10.10.33 port 1812<br> EAP-Message = 0x010303fc1940a003020102020900afb897aa159b806f300d06092a864886f70d0101050500308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479301e170d3130313031323136323332345a170d3131313031323136323332345a308193310b3009060355040613024652310f300d0603550408130652616469757331<br>
EAP-Message = 0x12301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f7269747930820122300d06092a864886f70d01010105000382010f003082010a0282010100e149ca60167db7ece7aecfa377f9651e54839449936b92b8057229dd8cef84462c7b9c34f54ac1289175efd2bc0a87b32aaee1f6f1b3e55bd0239602332542332d2fddcd95ebbd6f700cdda24d5afbf4eddb2d7e5bd70ae7a89fbfd5dbeed0c0e862e850d355e352<br>
EAP-Message = 0x6b2a2440b4fa8115aeac9ec642cdd9a1778c8b0568394c4dc02fbc50bc175af15fac4c6c62641c026e122568aeddf6f910217a07daf389be40f4121bbeeb8eabea4bea1504aeb986424753d3122c005db7291d234da903d050037a285ffb1c3327fb5f9f3fc996ef62f7af136291fa79dd4e1fdb6bf1927f2368111360d0e212f0eddec26d331add19704eb6c480ebbc8021318dea0573d30203010001a381fb3081f8301d0603551d0e04160414bb6e4f7b559c26023a5f971ce852f3a7ab6f7bf73081c80603551d230481c03081bd8014bb6e4f7b559c26023a5f971ce852f3a7ab6f7bf7a18199a48196308193310b300906035504061302465231<br>
EAP-Message = 0x0f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479820900afb897aa159b806f300c0603551d13040530030101ff300d06092a864886f70d010105050003820101004eabf4cda96e3bdbcf51ffe9dd73bda03bdcb1c72a43602e8ac4a685714ce598e03decf7fd608b40c42b454e7872c316d2bd10f98c7e2c24bfb05f1e31712625e7ae1d01fbf9279f16c8ec<br>
EAP-Message = 0x72273ae1706c1072<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0x06aeb03004ada983ae3f9911df8bd844<br>Thu Oct 14 15:10:55 2010 : Info: Finished request 2.<br>Thu Oct 14 15:10:55 2010 : Debug: Going to the next request<br>
Thu Oct 14 15:10:55 2010 : Debug: Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 10.10.10.33 port 1812, id=51, length=152<br> NAS-IP-Address = 10.10.10.33<br> NAS-Port = 50001<br> NAS-Port-Type = Ethernet<br>
User-Name = "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>"<br> Called-Station-Id = "00-08-20-FE-F6-81"<br> Calling-Station-Id = "00-11-43-9C-01-97"<br> Service-Type = Framed-User<br>
Framed-MTU = 1500<br> State = 0x06aeb03004ada983ae3f9911df8bd844<br> EAP-Message = 0x020300061900<br> Message-Authenticator = 0x0ef06ec7be7508f66227787866ff8524<br>Thu Oct 14 15:10:55 2010 : Info: +- entering group authorize {...}<br>
Thu Oct 14 15:10:55 2010 : Info: ++[preprocess] returns ok<br>Thu Oct 14 15:10:55 2010 : Info: ++[chap] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: ++[mschap] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: [suffix] Looking up realm "<a href="http://testlab.net">testlab.net</a>" for User-Name = "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>"<br>
Thu Oct 14 15:10:55 2010 : Info: [suffix] No such realm "<a href="http://testlab.net">testlab.net</a>"<br>Thu Oct 14 15:10:55 2010 : Info: ++[suffix] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: [eap] EAP packet type response id 3 length 6<br>
Thu Oct 14 15:10:55 2010 : Info: [eap] Continuing tunnel setup.<br>Thu Oct 14 15:10:55 2010 : Info: ++[eap] returns ok<br>Thu Oct 14 15:10:55 2010 : Info: Found Auth-Type = EAP<br>Thu Oct 14 15:10:55 2010 : Info: +- entering group authenticate {...}<br>
Thu Oct 14 15:10:55 2010 : Info: [eap] Request found, released from the list<br>Thu Oct 14 15:10:55 2010 : Info: [eap] EAP/peap<br>Thu Oct 14 15:10:55 2010 : Info: [eap] processing type peap<br>Thu Oct 14 15:10:55 2010 : Info: [peap] processing EAP-TLS<br>
Thu Oct 14 15:10:55 2010 : Info: [peap] Received TLS ACK<br>Thu Oct 14 15:10:55 2010 : Info: [peap] ACK handshake fragment handler<br>Thu Oct 14 15:10:55 2010 : Info: [peap] eaptls_verify returned 1<br>Thu Oct 14 15:10:55 2010 : Info: [peap] eaptls_process returned 13<br>
Thu Oct 14 15:10:55 2010 : Info: [peap] EAPTLS_HANDLED<br>Thu Oct 14 15:10:55 2010 : Info: ++[eap] returns handled<br>Sending Access-Challenge of id 51 to 10.10.10.33 port 1812<br> EAP-Message = 0x010402ce1900b7f17a9246391154d8df1d5e5befea9bb7b855a10e08b6163f9a93ed8093e90487af811d2e68b4beaefce1bc0b1831087dd5e8d273751d426ac32db2072dd5542895d9b31069b51fd4a72531a37ee6fc81d0538968425364563b033b3b2251abb0e31efb350470af37b2c7f7685b1b81a0f7fb37f45bf8d77b4097fe670e2fb94dd925d86cbec7b582ec9151b5b2e961fd1543b1d7a814c07b170e249080cd979431e742c079444128b948791e160301020d0c0002090080f7ec626d0f236a54260ad55c3e9ac7460ea9a11d512ccc96b2374913412e776186a895a392f2f7600d523e9499e4bf092469d003a3a09d98b02c4220e0b51f<br>
EAP-Message = 0x18284932c402e8e46a43c3e440f08a819257b03843f90121f9a4147fdd635e0bf5028fa1a3c139eea779b369cf00dd1b867db9d3838b969c6259efe21798e2b74b0001020080b5b42c81f09bebe3105f7285d32aeb963af323e3d723ba72f21259f4c0404c20a9d574d904504da1d66f7297bddcdc5f42e651c63e1c478daf9050a10d29034e6dcb1208d753a361e911974090a010957a36693314a07d023adb267d52348d4d9a5f66e6cc608faa5f0c3505d5ff3ffa491c9f7b8333a10123d9f64f1c1e868001008b3dd77cbd7dac702985d59d70b8342f3ee4ab85536bf916fad701eb58f381fee786e27e938506df61ceca4386aa6354f564066967<br>
EAP-Message = 0x50915b9f0f7b3db3b1d8924f1eeb00eed83d9e563d20dbdd0aafb9f46fe1e13afe224cdcb04d8dfb58ab86e2ac72a087d9cc8645bf6c91d2521a8bf0459e8f50514a589641bdfd4f514ee6786a32506376cd16edfc565df833e085f7768c20083a0014e365a440bf9ce752ff3ecd521f9a48ff2d172a9d0b02e6f96fbe9238534bad5d9a640a48617518fe5e9d300b19f26005f852b91e0021485bbd5a511d9ecea0fbf8bedf7415dcd945a9a1e7d775216d8856cc9be9065235784aa38c69a5fe7deedb9464b2cac5104c16030100040e000000<br>
Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0x06aeb03005aaa983ae3f9911df8bd844<br>Thu Oct 14 15:10:55 2010 : Info: Finished request 3.<br>Thu Oct 14 15:10:55 2010 : Debug: Going to the next request<br>
Thu Oct 14 15:10:55 2010 : Debug: Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 10.10.10.33 port 1812, id=52, length=354<br> NAS-IP-Address = 10.10.10.33<br> NAS-Port = 50001<br> NAS-Port-Type = Ethernet<br>
User-Name = "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>"<br> Called-Station-Id = "00-08-20-FE-F6-81"<br> Calling-Station-Id = "00-11-43-9C-01-97"<br> Service-Type = Framed-User<br>
Framed-MTU = 1500<br> State = 0x06aeb03005aaa983ae3f9911df8bd844<br> EAP-Message = 0x020400d01980000000c6160301008610000082008004a011641119957c7d3a2ad11731a72071077439b92752f8f6a4264dea8f9eef4f180b25a2707a6ca7032ab06542cc040c9221d7a0267d2c63480ac8af8a84a47afcdcf7e53a81cbdd437ab92cdbdba69db3fd06b3784c0dd6b100c8575e41e0f97fdd6d66861349959e7d70fdb83a3dbf85956b41f956df85ae7f88c8b665a314030100010116030100304d5d0b546892c84cbf453606dbb793a9812248f8ed4dcd7791c08c25ef6d067a1219f97a826227c9f562c0a1cffb8945<br>
Message-Authenticator = 0x29f278d7fe9364e01d44b83ee3aa05bb<br>Thu Oct 14 15:10:55 2010 : Info: +- entering group authorize {...}<br>Thu Oct 14 15:10:55 2010 : Info: ++[preprocess] returns ok<br>Thu Oct 14 15:10:55 2010 : Info: ++[chap] returns noop<br>
Thu Oct 14 15:10:55 2010 : Info: ++[mschap] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: [suffix] Looking up realm "<a href="http://testlab.net">testlab.net</a>" for User-Name = "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>"<br>
Thu Oct 14 15:10:55 2010 : Info: [suffix] No such realm "<a href="http://testlab.net">testlab.net</a>"<br>Thu Oct 14 15:10:55 2010 : Info: ++[suffix] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: [eap] EAP packet type response id 4 length 208<br>
Thu Oct 14 15:10:55 2010 : Info: [eap] Continuing tunnel setup.<br>Thu Oct 14 15:10:55 2010 : Info: ++[eap] returns ok<br>Thu Oct 14 15:10:55 2010 : Info: Found Auth-Type = EAP<br>Thu Oct 14 15:10:55 2010 : Info: +- entering group authenticate {...}<br>
Thu Oct 14 15:10:55 2010 : Info: [eap] Request found, released from the list<br>Thu Oct 14 15:10:55 2010 : Info: [eap] EAP/peap<br>Thu Oct 14 15:10:55 2010 : Info: [eap] processing type peap<br>Thu Oct 14 15:10:55 2010 : Info: [peap] processing EAP-TLS<br>
Thu Oct 14 15:10:55 2010 : Debug: TLS Length 198<br>Thu Oct 14 15:10:55 2010 : Info: [peap] Length Included<br>Thu Oct 14 15:10:55 2010 : Info: [peap] eaptls_verify returned 11<br>Thu Oct 14 15:10:55 2010 : Info: [peap] <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange <br>
Thu Oct 14 15:10:55 2010 : Info: [peap] TLS_accept: SSLv3 read client key exchange A<br>Thu Oct 14 15:10:55 2010 : Info: [peap] <<< TLS 1.0 ChangeCipherSpec [length 0001] <br>Thu Oct 14 15:10:55 2010 : Info: [peap] <<< TLS 1.0 Handshake [length 0010], Finished <br>
Thu Oct 14 15:10:55 2010 : Info: [peap] TLS_accept: SSLv3 read finished A<br>Thu Oct 14 15:10:55 2010 : Info: [peap] >>> TLS 1.0 ChangeCipherSpec [length 0001] <br>Thu Oct 14 15:10:55 2010 : Info: [peap] TLS_accept: SSLv3 write change cipher spec A<br>
Thu Oct 14 15:10:55 2010 : Info: [peap] >>> TLS 1.0 Handshake [length 0010], Finished <br>Thu Oct 14 15:10:55 2010 : Info: [peap] TLS_accept: SSLv3 write finished A<br>Thu Oct 14 15:10:55 2010 : Info: [peap] TLS_accept: SSLv3 flush data<br>
Thu Oct 14 15:10:55 2010 : Info: [peap] (other): SSL negotiation finished successfully<br>Thu Oct 14 15:10:55 2010 : Debug: SSL Connection Established<br>Thu Oct 14 15:10:55 2010 : Info: [peap] eaptls_process returned 13<br>
Thu Oct 14 15:10:55 2010 : Info: [peap] EAPTLS_HANDLED<br>Thu Oct 14 15:10:55 2010 : Info: ++[eap] returns handled<br>Sending Access-Challenge of id 52 to 10.10.10.33 port 1812<br> EAP-Message = 0x0105004119001403010001011603010030d33e2fd48b5787a88ab2985f891c38f97c03f4f07f398e00c60d36682496368566f4e2fd24ba4749353eaa1751bf8770<br>
Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0x06aeb03002aba983ae3f9911df8bd844<br>Thu Oct 14 15:10:55 2010 : Info: Finished request 4.<br>Thu Oct 14 15:10:55 2010 : Debug: Going to the next request<br>
Thu Oct 14 15:10:55 2010 : Debug: Waking up in 4.8 seconds.<br>rad_recv: Access-Request packet from host 10.10.10.33 port 1812, id=53, length=152<br> NAS-IP-Address = 10.10.10.33<br> NAS-Port = 50001<br> NAS-Port-Type = Ethernet<br>
User-Name = "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>"<br> Called-Station-Id = "00-08-20-FE-F6-81"<br> Calling-Station-Id = "00-11-43-9C-01-97"<br> Service-Type = Framed-User<br>
Framed-MTU = 1500<br> State = 0x06aeb03002aba983ae3f9911df8bd844<br> EAP-Message = 0x020500061900<br> Message-Authenticator = 0x0bad3604fc8ae67ac3e52c0475676c03<br>Thu Oct 14 15:10:55 2010 : Info: +- entering group authorize {...}<br>
Thu Oct 14 15:10:55 2010 : Info: ++[preprocess] returns ok<br>Thu Oct 14 15:10:55 2010 : Info: ++[chap] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: ++[mschap] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: [suffix] Looking up realm "<a href="http://testlab.net">testlab.net</a>" for User-Name = "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>"<br>
Thu Oct 14 15:10:55 2010 : Info: [suffix] No such realm "<a href="http://testlab.net">testlab.net</a>"<br>Thu Oct 14 15:10:55 2010 : Info: ++[suffix] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: [eap] EAP packet type response id 5 length 6<br>
Thu Oct 14 15:10:55 2010 : Info: [eap] Continuing tunnel setup.<br>Thu Oct 14 15:10:55 2010 : Info: ++[eap] returns ok<br>Thu Oct 14 15:10:55 2010 : Info: Found Auth-Type = EAP<br>Thu Oct 14 15:10:55 2010 : Info: +- entering group authenticate {...}<br>
Thu Oct 14 15:10:55 2010 : Info: [eap] Request found, released from the list<br>Thu Oct 14 15:10:55 2010 : Info: [eap] EAP/peap<br>Thu Oct 14 15:10:55 2010 : Info: [eap] processing type peap<br>Thu Oct 14 15:10:55 2010 : Info: [peap] processing EAP-TLS<br>
Thu Oct 14 15:10:55 2010 : Info: [peap] Received TLS ACK<br>Thu Oct 14 15:10:55 2010 : Info: [peap] ACK handshake is finished<br>Thu Oct 14 15:10:55 2010 : Info: [peap] eaptls_verify returned 3<br>Thu Oct 14 15:10:55 2010 : Info: [peap] eaptls_process returned 3<br>
Thu Oct 14 15:10:55 2010 : Info: [peap] EAPTLS_SUCCESS<br>Thu Oct 14 15:10:55 2010 : Info: ++[eap] returns handled<br>Sending Access-Challenge of id 53 to 10.10.10.33 port 1812<br> EAP-Message = 0x0106002b19001703010020f90caf7acffb8eaee4706dcb171f0d8804e5b59d1ebd264d1dd84bab90389d10<br>
Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0x06aeb03003a8a983ae3f9911df8bd844<br>Thu Oct 14 15:10:55 2010 : Info: Finished request 5.<br>Thu Oct 14 15:10:55 2010 : Debug: Going to the next request<br>
Thu Oct 14 15:10:55 2010 : Debug: Waking up in 4.8 seconds.<br>rad_recv: Access-Request packet from host 10.10.10.33 port 1812, id=54, length=242<br> NAS-IP-Address = 10.10.10.33<br> NAS-Port = 50001<br> NAS-Port-Type = Ethernet<br>
User-Name = "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>"<br> Called-Station-Id = "00-08-20-FE-F6-81"<br> Calling-Station-Id = "00-11-43-9C-01-97"<br> Service-Type = Framed-User<br>
Framed-MTU = 1500<br> State = 0x06aeb03003a8a983ae3f9911df8bd844<br> EAP-Message = 0x0206006019001703010020894cf05a26c94c44b8746e3037cd1f8e57af4a91e02dcdcaa63f809288f554f01703010030f402b5d3ad2ad83497fd775555a21f4f5282d2d8ac49de0b8bb3226b791475b31bb484be6d7edf68a1b35d57eb9815f0<br>
Message-Authenticator = 0x7c403ad9b6637e92232f33f76a61fadc<br>Thu Oct 14 15:10:55 2010 : Info: +- entering group authorize {...}<br>Thu Oct 14 15:10:55 2010 : Info: ++[preprocess] returns ok<br>Thu Oct 14 15:10:55 2010 : Info: ++[chap] returns noop<br>
Thu Oct 14 15:10:55 2010 : Info: ++[mschap] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: [suffix] Looking up realm "<a href="http://testlab.net">testlab.net</a>" for User-Name = "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>"<br>
Thu Oct 14 15:10:55 2010 : Info: [suffix] No such realm "<a href="http://testlab.net">testlab.net</a>"<br>Thu Oct 14 15:10:55 2010 : Info: ++[suffix] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: [eap] EAP packet type response id 6 length 96<br>
Thu Oct 14 15:10:55 2010 : Info: [eap] Continuing tunnel setup.<br>Thu Oct 14 15:10:55 2010 : Info: ++[eap] returns ok<br>Thu Oct 14 15:10:55 2010 : Info: Found Auth-Type = EAP<br>Thu Oct 14 15:10:55 2010 : Info: +- entering group authenticate {...}<br>
Thu Oct 14 15:10:55 2010 : Info: [eap] Request found, released from the list<br>Thu Oct 14 15:10:55 2010 : Info: [eap] EAP/peap<br>Thu Oct 14 15:10:55 2010 : Info: [eap] processing type peap<br>Thu Oct 14 15:10:55 2010 : Info: [peap] processing EAP-TLS<br>
Thu Oct 14 15:10:55 2010 : Info: [peap] eaptls_verify returned 7<br>Thu Oct 14 15:10:55 2010 : Info: [peap] Done initial handshake<br>Thu Oct 14 15:10:55 2010 : Info: [peap] eaptls_process returned 7<br>Thu Oct 14 15:10:55 2010 : Info: [peap] EAPTLS_OK<br>
Thu Oct 14 15:10:55 2010 : Info: [peap] Session established. Decoding tunneled attributes.<br>Thu Oct 14 15:10:55 2010 : Info: [peap] Identity - <a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a><br>Thu Oct 14 15:10:55 2010 : Info: [peap] Got tunneled request<br>
EAP-Message = 0x02060017016461646d696e40746573746c61622e6e6574<br>server {<br>Thu Oct 14 15:10:55 2010 : Debug: PEAP: Got tunneled identity of <a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a><br>Thu Oct 14 15:10:55 2010 : Debug: PEAP: Setting default EAP type for tunneled EAP session.<br>
Thu Oct 14 15:10:55 2010 : Debug: PEAP: Setting User-Name to <a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a><br>Sending tunneled request<br> EAP-Message = 0x02060017016461646d696e40746573746c61622e6e6574<br>
FreeRADIUS-Proxied-To = 127.0.0.1<br> User-Name = "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>"<br>server inner-tunnel {<br>Thu Oct 14 15:10:55 2010 : Info: +- entering group authorize {...}<br>
Thu Oct 14 15:10:55 2010 : Info: ++[chap] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: ++[mschap] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: ++[unix] returns notfound<br>Thu Oct 14 15:10:55 2010 : Info: [suffix] Looking up realm "<a href="http://testlab.net">testlab.net</a>" for User-Name = "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>"<br>
Thu Oct 14 15:10:55 2010 : Info: [suffix] No such realm "<a href="http://testlab.net">testlab.net</a>"<br>Thu Oct 14 15:10:55 2010 : Info: ++[suffix] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: ++[control] returns noop<br>
Thu Oct 14 15:10:55 2010 : Info: [eap] EAP packet type response id 6 length 23<br>Thu Oct 14 15:10:55 2010 : Info: [eap] No EAP Start, assuming it's an on-going EAP conversation<br>Thu Oct 14 15:10:55 2010 : Info: ++[eap] returns updated<br>
Thu Oct 14 15:10:55 2010 : Info: ++[files] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: ++[expiration] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: ++[logintime] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: ++[pap] returns noop<br>
Thu Oct 14 15:10:55 2010 : Info: Found Auth-Type = EAP<br>Thu Oct 14 15:10:55 2010 : Info: +- entering group authenticate {...}<br>Thu Oct 14 15:10:55 2010 : Info: [eap] EAP Identity<br>Thu Oct 14 15:10:55 2010 : Info: [eap] processing type mschapv2<br>
Thu Oct 14 15:10:55 2010 : Debug: rlm_eap_mschapv2: Issuing Challenge<br>Thu Oct 14 15:10:55 2010 : Info: ++[eap] returns handled<br>} # server inner-tunnel<br>Thu Oct 14 15:10:55 2010 : Info: [peap] Got tunneled reply code 11<br>
EAP-Message = 0x0107002c1a0107002710124f49e92bdac6201443bdfb4fc50cf16461646d696e40746573746c61622e6e6574<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0xe54962e3e54e788f34681171ec09adc4<br>
Thu Oct 14 15:10:55 2010 : Info: [peap] Got tunneled reply RADIUS code 11<br> EAP-Message = 0x0107002c1a0107002710124f49e92bdac6201443bdfb4fc50cf16461646d696e40746573746c61622e6e6574<br> Message-Authenticator = 0x00000000000000000000000000000000<br>
State = 0xe54962e3e54e788f34681171ec09adc4<br>Thu Oct 14 15:10:55 2010 : Info: [peap] Got tunneled Access-Challenge<br>Thu Oct 14 15:10:55 2010 : Info: ++[eap] returns handled<br>Sending Access-Challenge of id 54 to 10.10.10.33 port 1812<br>
EAP-Message = 0x0107004b19001703010040e0e0cb61ee45ef5e301540a163cc543fb45229a6b65f36ed2b92eb05850865aec4374fcc0f5ea9e6891b9859c0b6dd76c020e61502f43af85f5b788e4a937065<br> Message-Authenticator = 0x00000000000000000000000000000000<br>
State = 0x06aeb03000a9a983ae3f9911df8bd844<br>Thu Oct 14 15:10:55 2010 : Info: Finished request 6.<br>Thu Oct 14 15:10:55 2010 : Debug: Going to the next request<br>Thu Oct 14 15:10:55 2010 : Debug: Waking up in 4.8 seconds.<br>
rad_recv: Access-Request packet from host 10.10.10.33 port 1812, id=55, length=290<br> NAS-IP-Address = 10.10.10.33<br> NAS-Port = 50001<br> NAS-Port-Type = Ethernet<br> User-Name = "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>"<br>
Called-Station-Id = "00-08-20-FE-F6-81"<br> Calling-Station-Id = "00-11-43-9C-01-97"<br> Service-Type = Framed-User<br> Framed-MTU = 1500<br> State = 0x06aeb03000a9a983ae3f9911df8bd844<br>
EAP-Message = 0x0207009019001703010020d7e4957202a4993b6a7365571d10cc68c1c0f5000a523711682f8b0caf4b17f51703010060a13c82fb21ce6e0b65fb1cb17b23fb81b3753111b39aeba49bc56f048b4112cf29d2c1c62edc32d8f518cc243b2d29f5c201c9f3969be8fbd919c047283a40b0f584d98dbb866ad316f78fdaa33aaae68bea17ab8a65358757845ffa94d6be9c<br>
Message-Authenticator = 0xe94cb62805092bf334e7f12b9808f652<br>Thu Oct 14 15:10:55 2010 : Info: +- entering group authorize {...}<br>Thu Oct 14 15:10:55 2010 : Info: ++[preprocess] returns ok<br>Thu Oct 14 15:10:55 2010 : Info: ++[chap] returns noop<br>
Thu Oct 14 15:10:55 2010 : Info: ++[mschap] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: [suffix] Looking up realm "<a href="http://testlab.net">testlab.net</a>" for User-Name = "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>"<br>
Thu Oct 14 15:10:55 2010 : Info: [suffix] No such realm "<a href="http://testlab.net">testlab.net</a>"<br>Thu Oct 14 15:10:55 2010 : Info: ++[suffix] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: [eap] EAP packet type response id 7 length 144<br>
Thu Oct 14 15:10:55 2010 : Info: [eap] Continuing tunnel setup.<br>Thu Oct 14 15:10:55 2010 : Info: ++[eap] returns ok<br>Thu Oct 14 15:10:55 2010 : Info: Found Auth-Type = EAP<br>Thu Oct 14 15:10:55 2010 : Info: +- entering group authenticate {...}<br>
Thu Oct 14 15:10:55 2010 : Info: [eap] Request found, released from the list<br>Thu Oct 14 15:10:55 2010 : Info: [eap] EAP/peap<br>Thu Oct 14 15:10:55 2010 : Info: [eap] processing type peap<br>Thu Oct 14 15:10:55 2010 : Info: [peap] processing EAP-TLS<br>
Thu Oct 14 15:10:55 2010 : Info: [peap] eaptls_verify returned 7<br>Thu Oct 14 15:10:55 2010 : Info: [peap] Done initial handshake<br>Thu Oct 14 15:10:55 2010 : Info: [peap] eaptls_process returned 7<br>Thu Oct 14 15:10:55 2010 : Info: [peap] EAPTLS_OK<br>
Thu Oct 14 15:10:55 2010 : Info: [peap] Session established. Decoding tunneled attributes.<br>Thu Oct 14 15:10:55 2010 : Info: [peap] EAP type mschapv2<br>Thu Oct 14 15:10:55 2010 : Info: [peap] Got tunneled request<br> EAP-Message = 0x0207004d1a02070048319bfa28d8361e67306d7b5b4ff7077d85000000000000000091eb33b42e07518e52bc05bf8b6b2bf33b271c6654edf3b3006461646d696e40746573746c61622e6e6574<br>
server {<br>Thu Oct 14 15:10:55 2010 : Debug: PEAP: Setting User-Name to <a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a><br>Sending tunneled request<br> EAP-Message = 0x0207004d1a02070048319bfa28d8361e67306d7b5b4ff7077d85000000000000000091eb33b42e07518e52bc05bf8b6b2bf33b271c6654edf3b3006461646d696e40746573746c61622e6e6574<br>
FreeRADIUS-Proxied-To = 127.0.0.1<br> User-Name = "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>"<br> State = 0xe54962e3e54e788f34681171ec09adc4<br>server inner-tunnel {<br>Thu Oct 14 15:10:55 2010 : Info: +- entering group authorize {...}<br>
Thu Oct 14 15:10:55 2010 : Info: ++[chap] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: ++[mschap] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: ++[unix] returns notfound<br>Thu Oct 14 15:10:55 2010 : Info: [suffix] Looking up realm "<a href="http://testlab.net">testlab.net</a>" for User-Name = "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>"<br>
Thu Oct 14 15:10:55 2010 : Info: [suffix] No such realm "<a href="http://testlab.net">testlab.net</a>"<br>Thu Oct 14 15:10:55 2010 : Info: ++[suffix] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: ++[control] returns noop<br>
Thu Oct 14 15:10:55 2010 : Info: [eap] EAP packet type response id 7 length 77<br>Thu Oct 14 15:10:55 2010 : Info: [eap] No EAP Start, assuming it's an on-going EAP conversation<br>Thu Oct 14 15:10:55 2010 : Info: ++[eap] returns updated<br>
Thu Oct 14 15:10:55 2010 : Info: ++[files] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: ++[expiration] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: ++[logintime] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: ++[pap] returns noop<br>
Thu Oct 14 15:10:55 2010 : Info: Found Auth-Type = EAP<br>Thu Oct 14 15:10:55 2010 : Info: +- entering group authenticate {...}<br>Thu Oct 14 15:10:55 2010 : Info: [eap] Request found, released from the list<br>Thu Oct 14 15:10:55 2010 : Info: [eap] EAP/mschapv2<br>
Thu Oct 14 15:10:55 2010 : Info: [eap] processing type mschapv2<br>Thu Oct 14 15:10:55 2010 : Info: [mschapv2] +- entering group MS-CHAP {...}<br>Thu Oct 14 15:10:55 2010 : Info: [mschap] Told to do MS-CHAPv2 for <a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a> with NT-Password<br>
Thu Oct 14 15:10:55 2010 : Info: [mschap] expand: --username=%{mschap:User-Name} -> --username=<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a><br>Thu Oct 14 15:10:55 2010 : Info: [mschap] No NT-Domain was found in the User-Name.<br>
Thu Oct 14 15:10:55 2010 : Info: [mschap] expand: --domain=%{mschap:NT-Domain:-TESTLAB} -> --domain=TESTLAB<br>Thu Oct 14 15:10:55 2010 : Info: [mschap] mschap2: 12<br>Thu Oct 14 15:10:55 2010 : Info: [mschap] expand: --challenge=%{mschap:Challenge:-00} -> --challenge=863bbef1e761f451<br>
Thu Oct 14 15:10:55 2010 : Info: [mschap] expand: --nt-response=%{mschap:NT-Response:-00} -> --nt-response=91eb33b42e07518e52bc05bf8b6b2bf33b271c6654edf3b3<br>Thu Oct 14 15:10:55 2010 : Debug: Exec-Program output: Logon failure (0xc000006d)<br>
Thu Oct 14 15:10:55 2010 : Debug: Exec-Program-Wait: plaintext: Logon failure (0xc000006d)<br>Thu Oct 14 15:10:55 2010 : Debug: Exec-Program: returned: 1<br>Thu Oct 14 15:10:55 2010 : Info: [mschap] External script failed.<br>
Thu Oct 14 15:10:55 2010 : Info: [mschap] FAILED: MS-CHAP2-Response is incorrect<br>Thu Oct 14 15:10:55 2010 : Info: ++[mschap] returns reject<br>Thu Oct 14 15:10:55 2010 : Info: [eap] Freeing handler<br>Thu Oct 14 15:10:55 2010 : Info: ++[eap] returns reject<br>
Thu Oct 14 15:10:55 2010 : Info: Failed to authenticate the user.<br>} # server inner-tunnel<br>Thu Oct 14 15:10:55 2010 : Info: [peap] Got tunneled reply code 3<br> MS-CHAP-Error = "\007E=691 R=1"<br> EAP-Message = 0x04070004<br>
Message-Authenticator = 0x00000000000000000000000000000000<br>Thu Oct 14 15:10:55 2010 : Info: [peap] Got tunneled reply RADIUS code 3<br> MS-CHAP-Error = "\007E=691 R=1"<br> EAP-Message = 0x04070004<br>
Message-Authenticator = 0x00000000000000000000000000000000<br>Thu Oct 14 15:10:55 2010 : Info: [peap] Tunneled authentication was rejected.<br>Thu Oct 14 15:10:55 2010 : Info: [peap] FAILURE<br>Thu Oct 14 15:10:55 2010 : Info: ++[eap] returns handled<br>
Sending Access-Challenge of id 55 to 10.10.10.33 port 1812<br> EAP-Message = 0x0108002b19001703010020498aa0405fb3369ddf5fd951847b1e5a4708ceda5b79cf85bf00d99b9571afcf<br> Message-Authenticator = 0x00000000000000000000000000000000<br>
State = 0x06aeb03001a6a983ae3f9911df8bd844<br>Thu Oct 14 15:10:55 2010 : Info: Finished request 7.<br>Thu Oct 14 15:10:55 2010 : Debug: Going to the next request<br>Thu Oct 14 15:10:55 2010 : Debug: Waking up in 4.7 seconds.<br>
rad_recv: Access-Request packet from host 10.10.10.33 port 1812, id=56, length=226<br> NAS-IP-Address = 10.10.10.33<br> NAS-Port = 50001<br> NAS-Port-Type = Ethernet<br> User-Name = "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>"<br>
Called-Station-Id = "00-08-20-FE-F6-81"<br> Calling-Station-Id = "00-11-43-9C-01-97"<br> Service-Type = Framed-User<br> Framed-MTU = 1500<br> State = 0x06aeb03001a6a983ae3f9911df8bd844<br>
EAP-Message = 0x02080050190017030100205411269d41c6a25aeac21543c6b38ec3f5859913aaf177060237311a8074882417030100203ca6e5472ca61249f52ea2f387570ca90092efcdc37594a61be5e810cb7f0673<br> Message-Authenticator = 0x7bb0d939e5cd49c378681bb927a5309c<br>
Thu Oct 14 15:10:55 2010 : Info: +- entering group authorize {...}<br>Thu Oct 14 15:10:55 2010 : Info: ++[preprocess] returns ok<br>Thu Oct 14 15:10:55 2010 : Info: ++[chap] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: ++[mschap] returns noop<br>
Thu Oct 14 15:10:55 2010 : Info: [suffix] Looking up realm "<a href="http://testlab.net">testlab.net</a>" for User-Name = "<a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a>"<br>Thu Oct 14 15:10:55 2010 : Info: [suffix] No such realm "<a href="http://testlab.net">testlab.net</a>"<br>
Thu Oct 14 15:10:55 2010 : Info: ++[suffix] returns noop<br>Thu Oct 14 15:10:55 2010 : Info: [eap] EAP packet type response id 8 length 80<br>Thu Oct 14 15:10:55 2010 : Info: [eap] Continuing tunnel setup.<br>Thu Oct 14 15:10:55 2010 : Info: ++[eap] returns ok<br>
Thu Oct 14 15:10:55 2010 : Info: Found Auth-Type = EAP<br>Thu Oct 14 15:10:55 2010 : Info: +- entering group authenticate {...}<br>Thu Oct 14 15:10:55 2010 : Info: [eap] Request found, released from the list<br>Thu Oct 14 15:10:55 2010 : Info: [eap] EAP/peap<br>
Thu Oct 14 15:10:55 2010 : Info: [eap] processing type peap<br>Thu Oct 14 15:10:55 2010 : Info: [peap] processing EAP-TLS<br>Thu Oct 14 15:10:55 2010 : Info: [peap] eaptls_verify returned 7<br>Thu Oct 14 15:10:55 2010 : Info: [peap] Done initial handshake<br>
Thu Oct 14 15:10:55 2010 : Info: [peap] eaptls_process returned 7<br>Thu Oct 14 15:10:55 2010 : Info: [peap] EAPTLS_OK<br>Thu Oct 14 15:10:55 2010 : Info: [peap] Session established. Decoding tunneled attributes.<br>Thu Oct 14 15:10:55 2010 : Info: [peap] Received EAP-TLV response.<br>
Thu Oct 14 15:10:55 2010 : Info: [peap] Had sent TLV failure. User was rejected earlier in this session.<br>Thu Oct 14 15:10:55 2010 : Info: [eap] Handler failed in EAP/peap<br>Thu Oct 14 15:10:55 2010 : Info: [eap] Failed in EAP select<br>
Thu Oct 14 15:10:55 2010 : Info: ++[eap] returns invalid<br>Thu Oct 14 15:10:55 2010 : Info: Failed to authenticate the user.<br>Thu Oct 14 15:10:55 2010 : Info: Using Post-Auth-Type Reject<br>Thu Oct 14 15:10:55 2010 : Info: +- entering group REJECT {...}<br>
Thu Oct 14 15:10:55 2010 : Info: [attr_filter.access_reject] expand: %{User-Name} -> <a href="mailto:dadmin@testlab.net">dadmin@testlab.net</a><br>Thu Oct 14 15:10:55 2010 : Debug: attr_filter: Matched entry DEFAULT at line 11<br>
Thu Oct 14 15:10:55 2010 : Info: ++[attr_filter.access_reject] returns updated<br>Thu Oct 14 15:10:55 2010 : Info: Delaying reject of request 8 for 1 seconds<br>Thu Oct 14 15:10:55 2010 : Debug: Going to the next request<br>
Thu Oct 14 15:10:55 2010 : Debug: Waking up in 0.9 seconds.<br>Thu Oct 14 15:10:56 2010 : Info: Sending delayed reject for request 8<br>Sending Access-Reject of id 56 to 10.10.10.33 port 1812<br> EAP-Message = 0x04080004<br>
Message-Authenticator = 0x00000000000000000000000000000000<br>Thu Oct 14 15:10:56 2010 : Debug: Waking up in 3.7 seconds.<br>Thu Oct 14 15:11:00 2010 : Info: Cleaning up request 0 ID 48 with timestamp +12<br>Thu Oct 14 15:11:00 2010 : Info: Cleaning up request 1 ID 49 with timestamp +12<br>
Thu Oct 14 15:11:00 2010 : Info: Cleaning up request 2 ID 50 with timestamp +12<br>Thu Oct 14 15:11:00 2010 : Info: Cleaning up request 3 ID 51 with timestamp +12<br>Thu Oct 14 15:11:00 2010 : Info: Cleaning up request 4 ID 52 with timestamp +12<br>
Thu Oct 14 15:11:00 2010 : Info: Cleaning up request 5 ID 53 with timestamp +12<br>Thu Oct 14 15:11:00 2010 : Info: Cleaning up request 6 ID 54 with timestamp +12<br>Thu Oct 14 15:11:00 2010 : Info: Cleaning up request 7 ID 55 with timestamp +12<br>
Thu Oct 14 15:11:00 2010 : Debug: Waking up in 1.0 seconds.<br>Thu Oct 14 15:11:01 2010 : Info: Cleaning up request 8 ID 56 with timestamp +12<br>Thu Oct 14 15:11:01 2010 : Debug: Ready to process requests.<br><br><br>