<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<META NAME="Generator" CONTENT="MS Exchange Server version 6.5.7654.12">
<TITLE>FW: Problem with PEAP MS-ChapV2 against AD</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/rtf format -->
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">I am testing the new version of FreeRadius (v2.1.10) on a CentOS 5 server with Samba 3.4.3 installed. The ultimate goal is to do 802.1x port authentication</FONT></SPAN><SPAN LANG="en-us"><FONT COLOR="#1F497D" FACE="Calibri"></FONT></SPAN><SPAN LANG="en-us"> <FONT COLOR="#000000" FACE="Calibri">(Vista machines)</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri"> for Wired connections</FONT></SPAN><SPAN LANG="en-us"><FONT COLOR="#1F497D" FACE="Calibri"></FONT></SPAN><SPAN LANG="en-us"> <FONT FACE="Calibri"> and authenticate the users against Windows 2008 R2 AD. I configured Samba and join it to the Domain, and configured FreeRadius per the instructions on the Wiki. Testing against AD was successful, so I configured FreeRadius to use EAP-PEAP, generated my own certificates and ran into problems when testing it out.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">When I generated the certificates, I created the server key and server csr with openssl. I signed the csr with a Windows CA (adding the XPextensions) and then converted the DER format to PEM using openssl. I verified that the certificate did have the Extended Key Attributes:</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[root@radius mycerts]# openssl x509 -text -noout -in radius2.pem</FONT></SPAN><SPAN LANG="en-us"><FONT COLOR="#1F497D" FACE="Calibri"></FONT></SPAN><SPAN LANG="en-us"> <FONT COLOR="#000000" FACE="Calibri">shows:</FONT></SPAN><SPAN LANG="en-us"></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> X509v3 Extended Key Usage:</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> TLS Web Server Authentication</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><BR>
<FONT FACE="Calibri">When I try to authenticate, I did not see any errors, but at the end of the debug output shows: </FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">WARNING: !! EAP session for state 0x17d5444b10dc5de2 did not finish!</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">WARNING: !! Please read <A HREF="http://wiki.freeradius.org/Certificate_Compatibility">http://wiki.freeradius.org/Certificate_Compatibility</A></FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Ready to process requests.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">I regenerated the certificates with the same results. Does anyone have a clue on what is happening? </FONT></SPAN><SPAN LANG="en-us"> <FONT COLOR="#000000" FACE="Calibri">Here is the Debug output:</FONT></SPAN><SPAN LANG="en-us"></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">rad_recv: Access-Request packet from host 172.16.1.2 port 1645, id=177, length=112</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> User-Name = "MEM\\test1"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Service-Type = Framed-User</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Framed-MTU = 1500</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> NAS-IP-Address = 172.16.1.2</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> NAS-Port = 2</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Calling-Station-Id = "00-1B-78-4E-00-12"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x02010010014d454d5c7267726168616d</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Message-Authenticator = 0xe1910a3453bca0c7c905bfc2e5cd5aec</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"># Executing section authorize from file /usr//etc/raddb/sites-enabled/default</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">+- entering group authorize {...}</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[preprocess] returns ok</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[chap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[mschap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[digest] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[suffix] No '@' in User-Name = "MEM\test1", looking up realm NULL</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[suffix] No such realm "NULL"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[suffix] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] EAP packet type response id 1 length 16</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] No EAP Start, assuming it's an on-going EAP conversation</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[eap] returns updated</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[files] users: Matched entry DEFAULT at line 53</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[files] returns ok</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[expiration] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[logintime] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[pap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Found Auth-Type = EAP</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"># Executing group from file /usr//etc/raddb/sites-enabled/default</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">+- entering group authenticate {...}</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] EAP Identity</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] processing type tls</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[tls] Initiate</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[tls] Start returned 1</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[eap] returns handled</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Sending Access-Challenge of id 177 to 172.16.1.2 port 1645</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Service-Type = Framed-User</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Framed-Protocol = PPP</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x010200061920</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Message-Authenticator = 0x00000000000000000000000000000000</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> State = 0x17d5444b17d75de2f7dce27aee56b663</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Finished request 0.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Going to the next request</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Waking up in 4.9 seconds.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">rad_recv: Access-Request packet from host 172.16.1.2 port 1645, id=178, length=236</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> User-Name = "MEM\\test1"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Service-Type = Framed-User</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Framed-MTU = 1500</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> NAS-IP-Address = 172.16.1.2</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> NAS-Port = 2</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Calling-Station-Id = "00-1B-78-4E-00-12"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> State = 0x17d5444b17d75de2f7dce27aee56b663</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x0202007a198000000070160301006b0100006703014d2f6a09730b74f908bd8b719705896b0b5eb2fe01f3fa3e0c26d38bcffa7361000018002f00350005000ac009c00ac013c01400320038001300040100002600000010000e00000b6d656d5c7267726168616d000a00080006001700180019000b00020100</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Message-Authenticator = 0x63e3265e98a3bb083f39d950ae2ade9f</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"># Executing section authorize from file /usr//etc/raddb/sites-enabled/default</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">+- entering group authorize {...}</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[preprocess] returns ok</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[chap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[mschap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[digest] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[suffix] No '@' in User-Name = "MEM\test1", looking up realm NULL</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[suffix] No such realm "NULL"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[suffix] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] EAP packet type response id 2 length 122</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] Continuing tunnel setup.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[eap] returns ok</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Found Auth-Type = EAP</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"># Executing group from file /usr//etc/raddb/sites-enabled/default</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">+- entering group authenticate {...}</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] Request found, released from the list</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] EAP/peap</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] processing type peap</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] processing EAP-TLS</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> TLS Length 112</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Length Included</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] eaptls_verify returned 11</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] (other): before/accept initialization</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] TLS_accept: before/accept initialization</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] <<< TLS 1.0 Handshake [length 006b], ClientHello</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] TLS_accept: SSLv3 read client hello A</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] >>> TLS 1.0 Handshake [length 002a], ServerHello</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] TLS_accept: SSLv3 write server hello A</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] >>> TLS 1.0 Handshake [length 084e], Certificate</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] TLS_accept: SSLv3 write certificate A</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] TLS_accept: SSLv3 write server done A</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] TLS_accept: SSLv3 flush data</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] TLS_accept: Need to read more data: SSLv3 read client certificate A</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">In SSL Handshake Phase</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">In SSL Accept mode</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] eaptls_process returned 13</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] EAPTLS_HANDLED</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[eap] returns handled</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Sending Access-Challenge of id 178 to 172.16.1.2 port 1645</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x0103040019c00000088b160301002a0200002603014d2f698b6d3788f388aa9228162c3f76d3fe9a63fe494c39669259b60b9de8ad00002f00160301084e0b00084a0008470004af308204ab30820393a003020102020a23987bed000000000009300d06092a864886f70d0101050500304f31133011060a0992268993f22c6401191603636f6d31173015060a0992268993f22c64011916076d656d2d696e73311f301d060355040313166d656d2d696e732d4d454d2d4c41422d4443332d4341301e170d3131303131333138313134385a170d3132303131333138323134385a308190310b30090603550406130255533111300f060355040813084d</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x6973736f7572693111300f06035504071308436f6c756d626961310c300a060355040a13034d454d310b3009060355040b13024953311b3019060355040313127261646975732e6d656d2d696e732e636f6d3123302106092a864886f70d01090116147365637572697479406d656d2d696e732e636f6d305c300d06092a864886f70d0101010500034b003048024100f36a27a2cafae70e6ba4a457802e352b6cb99976513c47cad6ec7585eedc5a565e736dbbc5377935dc2143414ee3620b1657503df4f5658c6d4549b322db5a090203010001a382020d30820209301d0603551d0e04160414787066c86e7a89d1c0bc0df2d001a9de5a7590a630</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x1f0603551d2304183016801477292debc77ac57e073627dba3229e6faf5b76103081d80603551d1f0481d03081cd3081caa081c7a081c48681c16c6461703a2f2f2f434e3d6d656d2d696e732d4d454d2d4c41422d4443332d43412c434e3d6d656d2d6c61622d6463332c434e3d4344502c434e3d5075626c69632532304b657925323053657276696365732c434e3d53657276696365732c434e3d436f6e66696775726174696f6e2c44433d6d656d2d696e732c44433d636f6d3f63657274696669636174655265766f636174696f6e4c6973743f626173653f6f626a656374436c6173733d63524c446973747269627574696f6e506f696e743081</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0xc806082b060105050701010481bb3081b83081b506082b060105050730028681a86c6461703a2f2f2f434e3d6d656d2d696e732d4d454d2d4c41422d4443332d43412c434e3d4149412c434e3d5075626c69632532304b657925323053657276696365732c434e3d53657276696365732c434e3d436f6e66696775726174696f6e2c44433d6d656d2d696e732c44433d636f6d3f634143657274696669636174653f626173653f6f626a656374436c6173733d63657274696669636174696f6e417574686f72697479300c0603551d130101ff0402300030130603551d25040c300a06082b06010505070301300d06092a864886f70d01010505000382</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x0101003a8b2d68ea968ca3eb</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Message-Authenticator = 0x00000000000000000000000000000000</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> State = 0x17d5444b16d65de2f7dce27aee56b663</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Finished request 1.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Going to the next request</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Waking up in 4.9 seconds.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">rad_recv: Access-Request packet from host 172.16.1.2 port 1645, id=179, length=120</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> User-Name = "MEM\\test1"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Service-Type = Framed-User</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Framed-MTU = 1500</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> NAS-IP-Address = 172.16.1.2</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> NAS-Port = 2</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Calling-Station-Id = "00-1B-78-4E-00-12"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> State = 0x17d5444b16d65de2f7dce27aee56b663</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x020300061900</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Message-Authenticator = 0x1a2ddd0cffc8a6eeb4bd5af56a73316f</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"># Executing section authorize from file /usr//etc/raddb/sites-enabled/default</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">+- entering group authorize {...}</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[preprocess] returns ok</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[chap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[mschap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[digest] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[suffix] No '@' in User-Name = "MEM\test1", looking up realm NULL</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[suffix] No such realm "NULL"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[suffix] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] EAP packet type response id 3 length 6</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] Continuing tunnel setup.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[eap] returns ok</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Found Auth-Type = EAP</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"># Executing group from file /usr//etc/raddb/sites-enabled/default</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">+- entering group authenticate {...}</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] Request found, released from the list</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] EAP/peap</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] processing type peap</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] processing EAP-TLS</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Received TLS ACK</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] ACK handshake fragment handler</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] eaptls_verify returned 1</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] eaptls_process returned 13</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] EAPTLS_HANDLED</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[eap] returns handled</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Sending Access-Challenge of id 179 to 172.16.1.2 port 1645</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x010403fc19407aa413407a16a4e2e344994d020646636e4b03b012a0a7011631e0a917fd491b2ad6795c8e210fbeb759e66ace486020b3c2da8778d05bf6b04431547da91e04bc304cc957f8782b5a6a903608da92903dc7bef79579d77e65b65ab8984156d8a6997219b90bbd75db4b432c48d3c97430916cc47a76bc095daedc0f0749f05f51bce08543a2192b787f15a208d6a2db4009df5079cf20e7986548032df3b55d36428bceae20295f7b7db4b74518a92058f72016204e226e158f3b1150dcfca79b3f831954b7917f3b52f22e831506b0f03d8970e4be34e73ce4edbfe2b52917939b0a1b3026467291a722f3fafa13ec7ad395d76c7ee0</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x0003923082038e30820276a00302010202101d65a3c4272ba9ae4000af16adf133e8300d06092a864886f70d0101050500304f31133011060a0992268993f22c6401191603636f6d31173015060a0992268993f22c64011916076d656d2d696e73311f301d060355040313166d656d2d696e732d4d454d2d4c41422d4443332d4341301e170d3130313031343030353434315a170d3335313031343031303433395a304f31133011060a0992268993f22c6401191603636f6d31173015060a0992268993f22c64011916076d656d2d696e73311f301d060355040313166d656d2d696e732d4d454d2d4c41422d4443332d434130820122300d06092a86</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x4886f70d01010105000382010f003082010a0282010100dec78b70f45103e5f3d835b4d757320e0442c0ce223a37d5148087d0d9cac90f1244fab1b4d6e57bf0f04a9df770d973d1a35379bd1448159880adb6c059d7bc48c19790b784e0cb0519f73605687435a943a99f063e36eb4584535c35a7f3d6f4900c54712280080bb229245b8a7f9ec39047ed0e1a906f632f97d4b75c6369817f85479e6cb009bb5be487ecd7b2186c818efd595b13faafbe03855adf655cdf70f23fbc7ddb63c8ea3466ae027252fccb877bc9adebfc4d637faf3f55366c4fa53cab5dde9edfc1dead59b4b56479ec52fdb91cc8a282ebc2529d41f3088c3858e80b1628</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x708eda94966f51a236d785f13193e252ea7279b5bd6c2ee4553b0203010001a3663064301306092b060104018237140204061e0400430041300b0603551d0f040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041477292debc77ac57e073627dba3229e6faf5b7610301006092b06010401823715010403020100300d06092a864886f70d010105050003820101004ed045d54a6ec8362174cc3b70e9617f31fcec9951c61f8cf8e850fed2b86207295690201a1cbb174870927fa6c847289688da1a0b33ee935c9d2b5783547de88e1b42e1f04aa001fe2af230e35da26b6cfe17ae58b5e4a875c53d724938077782df</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x6c3bec718651f019</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Message-Authenticator = 0x00000000000000000000000000000000</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> State = 0x17d5444b15d15de2f7dce27aee56b663</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Finished request 2.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Going to the next request</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Waking up in 4.9 seconds.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">rad_recv: Access-Request packet from host 172.16.1.2 port 1645, id=180, length=120</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> User-Name = "MEM\\test1"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Service-Type = Framed-User</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Framed-MTU = 1500</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> NAS-IP-Address = 172.16.1.2</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> NAS-Port = 2</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Calling-Station-Id = "00-1B-78-4E-00-12"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> State = 0x17d5444b15d15de2f7dce27aee56b663</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x020400061900</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Message-Authenticator = 0x952d481043dda4da8eca2b39ffd30fcb</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"># Executing section authorize from file /usr//etc/raddb/sites-enabled/default</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">+- entering group authorize {...}</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[preprocess] returns ok</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[chap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[mschap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[digest] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[suffix] No '@' in User-Name = "MEM\test1", looking up realm NULL</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[suffix] No such realm "NULL"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[suffix] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] EAP packet type response id 4 length 6</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] Continuing tunnel setup.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[eap] returns ok</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Found Auth-Type = EAP</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"># Executing group from file /usr//etc/raddb/sites-enabled/default</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">+- entering group authenticate {...}</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] Request found, released from the list</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] EAP/peap</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] processing type peap</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] processing EAP-TLS</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Received TLS ACK</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] ACK handshake fragment handler</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] eaptls_verify returned 1</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] eaptls_process returned 13</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] EAPTLS_HANDLED</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[eap] returns handled</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Sending Access-Challenge of id 180 to 172.16.1.2 port 1645</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x010500a519002b3a66c8e8526d8ca3c9e036f7c21295735cffc7cca62e8d1da2526a65a9f79a69c80e259b2ac75781bf6c6f80ec149a46dd773307ecdfc2346ecd140ae08475e2bbf8d4cc45677d0c0821e9f3b3001899691830b151c99665a689a177a97682fb1a740da6bf92d05b83f293bc3d3ce00dea49df7eb6d39032dc5e4ad50419e189e57751e10cb9939b43a4c39b945fa0fd57f05dc01c16030100040e000000</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Message-Authenticator = 0x00000000000000000000000000000000</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> State = 0x17d5444b14d05de2f7dce27aee56b663</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Finished request 3.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Going to the next request</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Waking up in 4.9 seconds.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">rad_recv: Access-Request packet from host 172.16.1.2 port 1645, id=181, length=258</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> User-Name = "MEM\\test1"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Service-Type = Framed-User</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Framed-MTU = 1500</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> NAS-IP-Address = 172.16.1.2</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> NAS-Port = 2</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Calling-Station-Id = "00-1B-78-4E-00-12"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> State = 0x17d5444b14d05de2f7dce27aee56b663</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x02050090198000000086160301004610000042004019a92f516c2ed12eed5c4b4f4de63dbd4200f5c6293ff30e2565451f3775ffcbb01d71c341ac94d80926258517db6c5e751205e76bdc724f025dc43e441288b51403010001011603010030b7b8c1cc4e21a2c6fd1e52308e75c347510b2336a38c4ace61bde40495ac3bc86b53995adf75e9c428d63028edb0754b</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Message-Authenticator = 0x502b16df4abdeec82fb8a4031b883444</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"># Executing section authorize from file /usr//etc/raddb/sites-enabled/default</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">+- entering group authorize {...}</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[preprocess] returns ok</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[chap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[mschap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[digest] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[suffix] No '@' in User-Name = "MEM\test1", looking up realm NULL</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[suffix] No such realm "NULL"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[suffix] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] EAP packet type response id 5 length 144</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] Continuing tunnel setup.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[eap] returns ok</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Found Auth-Type = EAP</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"># Executing group from file /usr//etc/raddb/sites-enabled/default</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">+- entering group authenticate {...}</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] Request found, released from the list</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] EAP/peap</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] processing type peap</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] processing EAP-TLS</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> TLS Length 134</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Length Included</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] eaptls_verify returned 11</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] <<< TLS 1.0 Handshake [length 0046], ClientKeyExchange</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] TLS_accept: SSLv3 read client key exchange A</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] <<< TLS 1.0 ChangeCipherSpec [length 0001]</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] <<< TLS 1.0 Handshake [length 0010], Finished</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] TLS_accept: SSLv3 read finished A</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] >>> TLS 1.0 ChangeCipherSpec [length 0001]</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] TLS_accept: SSLv3 write change cipher spec A</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] >>> TLS 1.0 Handshake [length 0010], Finished</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] TLS_accept: SSLv3 write finished A</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] TLS_accept: SSLv3 flush data</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] (other): SSL negotiation finished successfully</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">SSL Connection Established</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] eaptls_process returned 13</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] EAPTLS_HANDLED</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[eap] returns handled</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Sending Access-Challenge of id 181 to 172.16.1.2 port 1645</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x0106004119001403010001011603010030740816e4b8e4c191780d546c1443a25171c62261bb4bbd7fa91dd713403f86418f33de753f3af5259f8ad46ed0d64abf</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Message-Authenticator = 0x00000000000000000000000000000000</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> State = 0x17d5444b13d35de2f7dce27aee56b663</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Finished request 4.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Going to the next request</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Waking up in 4.9 seconds.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">rad_recv: Access-Request packet from host 172.16.1.2 port 1645, id=182, length=120</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> User-Name = "MEM\\test1"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Service-Type = Framed-User</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Framed-MTU = 1500</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> NAS-IP-Address = 172.16.1.2</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> NAS-Port = 2</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Calling-Station-Id = "00-1B-78-4E-00-12"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> State = 0x17d5444b13d35de2f7dce27aee56b663</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x020600061900</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Message-Authenticator = 0x01334a4b91706f8128e35f10f6c74e0d</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"># Executing section authorize from file /usr//etc/raddb/sites-enabled/default</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">+- entering group authorize {...}</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[preprocess] returns ok</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[chap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[mschap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[digest] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[suffix] No '@' in User-Name = "MEM\test1", looking up realm NULL</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[suffix] No such realm "NULL"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[suffix] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] EAP packet type response id 6 length 6</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] Continuing tunnel setup.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[eap] returns ok</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Found Auth-Type = EAP</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"># Executing group from file /usr//etc/raddb/sites-enabled/default</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">+- entering group authenticate {...}</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] Request found, released from the list</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] EAP/peap</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] processing type peap</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] processing EAP-TLS</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Received TLS ACK</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] ACK handshake is finished</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] eaptls_verify returned 3</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] eaptls_process returned 3</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] EAPTLS_SUCCESS</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Session established. Decoding tunneled attributes.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Peap state TUNNEL ESTABLISHED</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[eap] returns handled</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Sending Access-Challenge of id 182 to 172.16.1.2 port 1645</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x0107002b190017030100201437bd7da4e0d7dccb3f7880d51fa1881eae5c67aad132294e712cd80416cfbb</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Message-Authenticator = 0x00000000000000000000000000000000</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> State = 0x17d5444b12d25de2f7dce27aee56b663</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Finished request 5.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Going to the next request</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Waking up in 4.9 seconds.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">rad_recv: Access-Request packet from host 172.16.1.2 port 1645, id=183, length=173</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> User-Name = "MEM\\test1"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Service-Type = Framed-User</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Framed-MTU = 1500</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> NAS-IP-Address = 172.16.1.2</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> NAS-Port = 2</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Calling-Station-Id = "00-1B-78-4E-00-12"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> State = 0x17d5444b12d25de2f7dce27aee56b663</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x0207003b1900170301003076edeff553f5cb4d13a2ed7029ba397c77cf9d64c3d4712d1fc345d3d0dfdd1cec8ba1521e7800fab983b4b9c28068bb</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Message-Authenticator = 0xea354eec0fbb47ee4a142b0d6920754e</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"># Executing section authorize from file /usr//etc/raddb/sites-enabled/default</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">+- entering group authorize {...}</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[preprocess] returns ok</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[chap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[mschap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[digest] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[suffix] No '@' in User-Name = "MEM\test1", looking up realm NULL</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[suffix] No such realm "NULL"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[suffix] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] EAP packet type response id 7 length 59</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] Continuing tunnel setup.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[eap] returns ok</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Found Auth-Type = EAP</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"># Executing group from file /usr//etc/raddb/sites-enabled/default</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">+- entering group authenticate {...}</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] Request found, released from the list</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] EAP/peap</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] processing type peap</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] processing EAP-TLS</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] eaptls_verify returned 7</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Done initial handshake</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] eaptls_process returned 7</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] EAPTLS_OK</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Session established. Decoding tunneled attributes.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Peap state WAITING FOR INNER IDENTITY</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Identity - MEM\test1</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Got inner identity 'MEM\test1'</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Setting default EAP type for tunneled EAP session.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Got tunneled request</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x02070010014d454d5c7267726168616d</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">server {</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> PEAP: Setting User-Name to MEM\test1</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Sending tunneled request</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x02070010014d454d5c7267726168616d</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> FreeRADIUS-Proxied-To = 127.0.0.1</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> User-Name = "MEM\\test1"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">server inner-tunnel {</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"># Executing section authorize from file /usr//etc/raddb/sites-enabled/inner-tunnel</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">+- entering group authorize {...}</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[chap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[mschap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[suffix] No '@' in User-Name = "MEM\test1", looking up realm NULL</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[suffix] No such realm "NULL"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[suffix] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[control] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] EAP packet type response id 7 length 16</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] No EAP Start, assuming it's an on-going EAP conversation</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[eap] returns updated</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[files] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[expiration] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[logintime] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[pap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Found Auth-Type = EAP</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"># Executing group from file /usr//etc/raddb/sites-enabled/inner-tunnel</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">+- entering group authenticate {...}</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] EAP Identity</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] processing type mschapv2</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">rlm_eap_mschapv2: Issuing Challenge</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[eap] returns handled</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">} # server inner-tunnel</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Got tunneled reply code 11</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x010800251a0108002010a088cefe33e2d8f8c4b799ed59c5fb0d4d454d5c7267726168616d</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Message-Authenticator = 0x00000000000000000000000000000000</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> State = 0xc0c1c1a1c0c9db106b079f71f54582b1</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Got tunneled reply RADIUS code 11</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x010800251a0108002010a088cefe33e2d8f8c4b799ed59c5fb0d4d454d5c7267726168616d</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Message-Authenticator = 0x00000000000000000000000000000000</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> State = 0xc0c1c1a1c0c9db106b079f71f54582b1</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Got tunneled Access-Challenge</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[eap] returns handled</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Sending Access-Challenge of id 183 to 172.16.1.2 port 1645</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x0108004b190017030100402047ac117f1fb44413571911d8cc5218a52dcd31033604e24e1884e44ef4d3a56b0540d56451fbbcaa3dc0ba6856c560b31b06642fa27235651d88698617735b</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Message-Authenticator = 0x00000000000000000000000000000000</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> State = 0x17d5444b11dd5de2f7dce27aee56b663</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Finished request 6.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Going to the next request</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Waking up in 4.9 seconds.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">rad_recv: Access-Request packet from host 172.16.1.2 port 1645, id=184, length=221</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> User-Name = "MEM\\test1"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Service-Type = Framed-User</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Framed-MTU = 1500</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> NAS-IP-Address = 172.16.1.2</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> NAS-Port = 2</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Calling-Station-Id = "00-1B-78-4E-00-12"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> State = 0x17d5444b11dd5de2f7dce27aee56b663</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x0208006b19001703010060ed7d3f594ba21455ac85cb59be5680cbec08cd20c7e2ac705c3d5289aadb43318fded2bc16e793b1fe21206e81054dece94dc95f6a5402014a10a21c4f09d86a069d624832465c2ed89040cda57f84cb0298184274cec6eeb88a17f0198a0594</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Message-Authenticator = 0x4c97f3f00ebaf2a9bd5a748646064d04</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"># Executing section authorize from file /usr//etc/raddb/sites-enabled/default</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">+- entering group authorize {...}</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[preprocess] returns ok</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[chap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[mschap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[digest] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[suffix] No '@' in User-Name = "MEM\test1", looking up realm NULL</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[suffix] No such realm "NULL"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[suffix] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] EAP packet type response id 8 length 107</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] Continuing tunnel setup.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[eap] returns ok</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Found Auth-Type = EAP</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"># Executing group from file /usr//etc/raddb/sites-enabled/default</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">+- entering group authenticate {...}</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] Request found, released from the list</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] EAP/peap</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] processing type peap</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] processing EAP-TLS</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] eaptls_verify returned 7</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Done initial handshake</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] eaptls_process returned 7</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] EAPTLS_OK</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Session established. Decoding tunneled attributes.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Peap state phase2</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] EAP type mschapv2</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Got tunneled request</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x020800461a020800413139db069aec3a1482eaf5437cc12dc36200000000000000002ff233ba94c6cc0ff8b204e09e8217c1f93dd23f6a175caa004d454d5c7267726168616d</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">server {</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> PEAP: Setting User-Name to MEM\test1</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Sending tunneled request</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x020800461a020800413139db069aec3a1482eaf5437cc12dc36200000000000000002ff233ba94c6cc0ff8b204e09e8217c1f93dd23f6a175caa004d454d5c7267726168616d</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> FreeRADIUS-Proxied-To = 127.0.0.1</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> User-Name = "MEM\\test1"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> State = 0xc0c1c1a1c0c9db106b079f71f54582b1</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">server inner-tunnel {</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"># Executing section authorize from file /usr//etc/raddb/sites-enabled/inner-tunnel</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">+- entering group authorize {...}</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[chap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[mschap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[suffix] No '@' in User-Name = "MEM\test1", looking up realm NULL</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[suffix] No such realm "NULL"</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[suffix] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[control] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] EAP packet type response id 8 length 70</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] No EAP Start, assuming it's an on-going EAP conversation</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[eap] returns updated</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[files] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[expiration] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[logintime] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[pap] returns noop</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Found Auth-Type = EAP</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"># Executing group from file /usr//etc/raddb/sites-enabled/inner-tunnel</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">+- entering group authenticate {...}</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] Request found, released from the list</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] EAP/mschapv2</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[eap] processing type mschapv2</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[mschapv2] # Executing group from file /usr//etc/raddb/sites-enabled/inner-tunnel</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[mschapv2] +- entering group MS-CHAP {...}</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[mschap] Creating challenge hash with username: test1</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[mschap] Told to do MS-CHAPv2 for test1 with NT-Password</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[mschap] expand: --username=%{mschap:User-Name:-None} -> --username=test1</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[mschap] expand: %{mschap:NT-Domain} -> MEM</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[mschap] expand: --domain=%{%{mschap:NT-Domain}:-MEM} -> --domain=MEM</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[mschap] mschap2: a0</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[mschap] Creating challenge hash with username: test1</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[mschap] expand: --challenge=%{mschap:Challenge:-00} -> --challenge=101d5affa80deb2a</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[mschap] expand: --nt-response=%{mschap:NT-Response:-00} -> --nt-response=2ff233ba94c6cc0ff8b204e09e8217c1f93dd23f6a175caa</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Exec-Program output: NT_KEY: D17434B7303CD6FA2ABE17CDB536D69D</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Exec-Program-Wait: plaintext: NT_KEY: D17434B7303CD6FA2ABE17CDB536D69D</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Exec-Program: returned: 0</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[mschap] adding MS-CHAPv2 MPPE keys</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[mschap] returns ok</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">MSCHAP Success</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[eap] returns handled</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">} # server inner-tunnel</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Got tunneled reply code 11</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x010900331a0308002e533d36383632464443433541363636343133304138313535463643454332414535354530433031354133</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Message-Authenticator = 0x00000000000000000000000000000000</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> State = 0xc0c1c1a1c1c8db106b079f71f54582b1</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Got tunneled reply RADIUS code 11</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x010900331a0308002e533d36383632464443433541363636343133304138313535463643454332414535354530433031354133</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Message-Authenticator = 0x00000000000000000000000000000000</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> State = 0xc0c1c1a1c1c8db106b079f71f54582b1</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">[peap] Got tunneled Access-Challenge</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">++[eap] returns handled</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Sending Access-Challenge of id 184 to 172.16.1.2 port 1645</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> EAP-Message = 0x0109005b190017030100503ab95bfb4fc74f8bdbc39c6a332f01e8238c1548c1d905edc81dc513033f398190f455a6a164b10035f08c1b0eef983b1174dc9136c66507a8209a06f26adf1ed27f08e7c1f157ae925b63dc1d3452f0</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> Message-Authenticator = 0x00000000000000000000000000000000</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> State = 0x17d5444b10dc5de2f7dce27aee56b663</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Finished request 7.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Going to the next request</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Waking up in 4.9 seconds.</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Cleaning up request 0 ID 177 with timestamp +72</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Cleaning up request 1 ID 178 with timestamp +72</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Cleaning up request 2 ID 179 with timestamp +72</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Cleaning up request 3 ID 180 with timestamp +72</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Cleaning up request 4 ID 181 with timestamp +72</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Cleaning up request 5 ID 182 with timestamp +72</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Cleaning up request 6 ID 183 with timestamp +72</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Cleaning up request 7 ID 184 with timestamp +72</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">WARNING: !! EAP session for state 0x17d5444b10dc5de2 did not finish!</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">WARNING: !! Please read <A HREF="http://wiki.freeradius.org/Certificate_Compatibility">http://wiki.freeradius.org/Certificate_Compatibility</A></FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!</FONT></SPAN></P>
<BR>
<P DIR=LTR><SPAN LANG="en-us"></SPAN></P>
</BODY>
</HTML>