FreeRADIUS Version 2.1.10, for host i486-pc-linux-gnu, built on Nov 14 2010 at 20:41:03 Copyright (C) 1999-2009 The FreeRADIUS server project and contributors. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You may redistribute copies of FreeRADIUS under the terms of the GNU General Public License v2. Starting - reading configuration files ... including configuration file /etc/freeradius/radiusd.conf including configuration file /etc/freeradius/proxy.conf including configuration file /etc/freeradius/clients.conf including files in directory /etc/freeradius/sites-enabled/ including configuration file /etc/freeradius/sites-enabled/eduroam including configuration file /etc/freeradius/sites-enabled/eduroam-inner-tunnel including configuration file /etc/freeradius/eap.conf main { user = "freerad" group = "freerad" allow_core_dumps = no } including dictionary file /etc/freeradius/dictionary main { prefix = "/usr" localstatedir = "/var" logdir = "/var/log/freeradius" libdir = "/usr/lib/freeradius" radacctdir = "/var/log/freeradius/radacct" hostname_lookups = no max_request_time = 30 cleanup_delay = 5 max_requests = 1024 pidfile = "/var/run/freeradius/freeradius.pid" checkrad = "/usr/sbin/checkrad" debug_level = 0 proxy_requests = yes log { stripped_names = no auth = yes auth_badpass = no auth_goodpass = no } security { max_attributes = 200 reject_delay = 1 status_server = yes } } radiusd: #### Loading Realms and Home Servers #### proxy server { retry_delay = 5 retry_count = 3 default_fallback = no dead_time = 120 wake_all_if_all_dead = no } realm NULL { nostrip authhost = LOCAL accthost = LOCAL } realm LOCAL { authhost = LOCAL accthost = LOCAL } realm hs-furtwangen.de { authhost = LOCAL accthost = LOCAL } realm DEFAULT { nostrip authhost = accthost = secret = } radiusd: #### Loading Clients #### client WLC-Tuttlingen { ipaddr = 141.28.214.180 netmask = 24 require_message_authenticator = no secret = shortname = "WLC-TUT" nastype = "other" virtual_server = "eduroam" } client eduroam { ipaddr = netmask = 24 require_message_authenticator = no secret = shortname = "eduroam" nastype = "other" virtual_server = "eduroam" } radiusd: #### Instantiating modules #### radiusd: #### Loading Virtual Servers #### server eduroam { # from file /etc/freeradius/sites-enabled/eduroam modules { Module: Checking authenticate {...} for more modules to load Module: Linked to module rlm_mschap Module: Instantiating module "mschap" from file /etc/freeradius/radiusd.conf mschap { use_mppe = yes require_encryption = no require_strong = no with_ntdomain_hack = no } Module: Linked to module rlm_eap Module: Instantiating module "eap" from file /etc/freeradius/eap.conf eap { default_eap_type = "peap" timer_expire = 60 ignore_unknown_eap_types = no cisco_accounting_username_bug = no max_sessions = 2048 } Module: Linked to sub-module rlm_eap_md5 Module: Instantiating eap-md5 Module: Linked to sub-module rlm_eap_tls Module: Instantiating eap-tls tls { rsa_key_exchange = no dh_key_exchange = yes rsa_key_length = 512 dh_key_length = 512 verify_depth = 0 pem_file_type = yes private_key_file = "/etc/hostcertkey/radius-tut-key.pem" certificate_file = "/etc/hostcertkey/radius-tut.cert.pem" CA_file = "/etc/cacert/chain.txt" dh_file = "/etc/hostcertkey/dh" random_file = "/dev/urandom" fragment_size = 1024 include_length = yes check_crl = no cipher_list = "DEFAULT" } Module: Linked to sub-module rlm_eap_ttls Module: Instantiating eap-ttls ttls { default_eap_type = "mschapv2" copy_request_to_tunnel = yes use_tunneled_reply = no virtual_server = "eduroam-inner-tunnel" include_length = yes } Module: Linked to sub-module rlm_eap_peap Module: Instantiating eap-peap peap { default_eap_type = "mschapv2" copy_request_to_tunnel = yes use_tunneled_reply = no proxy_tunneled_request_as_eap = yes virtual_server = "eduroam-inner-tunnel" } Module: Linked to sub-module rlm_eap_mschapv2 Module: Instantiating eap-mschapv2 mschapv2 { with_ntdomain_hack = no } Module: Checking authorize {...} for more modules to load Module: Linked to module rlm_detail Module: Instantiating module "auth_log" from file /etc/freeradius/radiusd.conf detail auth_log { detailfile = "/var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d" header = "%t" detailperm = 384 dirperm = 493 locking = no log_packet_header = no } Module: Linked to module rlm_realm Module: Instantiating module "suffix" from file /etc/freeradius/radiusd.conf realm suffix { format = "suffix" delimiter = "@" ignore_default = no ignore_null = no } Module: Checking preacct {...} for more modules to load Module: Checking accounting {...} for more modules to load Module: Instantiating module "detail" from file /etc/freeradius/radiusd.conf detail { detailfile = "/var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d" header = "%t" detailperm = 384 dirperm = 493 locking = no log_packet_header = no } Module: Checking post-auth {...} for more modules to load Module: Instantiating module "reply_log" from file /etc/freeradius/radiusd.conf detail reply_log { detailfile = "/var/log/freeradius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d" header = "%t" detailperm = 384 dirperm = 493 locking = no log_packet_header = no } } # modules } # server server eduroam-inner-tunnel { # from file /etc/freeradius/sites-enabled/eduroam-inner-tunnel modules { Module: Checking authenticate {...} for more modules to load Module: Linked to module rlm_pap Module: Instantiating module "pap" from file /etc/freeradius/radiusd.conf pap { encryption_scheme = "auto" auto_header = no } Module: Linked to module rlm_chap Module: Instantiating module "chap" from file /etc/freeradius/radiusd.conf Module: Linked to module rlm_ldap Module: Instantiating module "ldap" from file /etc/freeradius/radiusd.conf ldap { server = "ldap.hs-furtwangen.de" port = 636 password = identity = "cn=radius,cn=services,ou=RZ,dc=hs-furtwangen,dc=de" net_timeout = 1 timeout = 5 timelimit = 3 tls_mode = no start_tls = no tls_require_cert = "allow" tls { start_tls = no cacertfile = "/etc/cacert/chain.txt" require_cert = "never" } basedn = "dc=hs-furtwangen,dc=de" filter = "(uid=%{Stripped-User-Name:-%{User-Name}})" base_filter = "(objectclass=radiusprofile)" auto_header = no access_attr_used_for_allow = yes groupname_attribute = "cn" groupmembership_filter = "(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))" dictionary_mapping = "/etc/freeradius/ldap.tut.attrmap" ldap_debug = 0 ldap_connections_number = 5 compare_check_items = no do_xlat = yes edir_account_policy_check = yes set_auth_type = yes } rlm_ldap: Registering ldap_groupcmp for Ldap-Group rlm_ldap: Registering ldap_xlat with xlat_name ldap rlm_ldap: reading ldap<->radius mappings from file /etc/freeradius/ldap.tut.attrmap rlm_ldap: LDAP userPassword mapped to RADIUS User-Password rlm_ldap: LDAP sambaNTPassword mapped to RADIUS NT-Password rlm_ldap: LDAP sambaLMPassword mapped to RADIUS LM-Password conns: 0x95bbd40 Module: Checking authorize {...} for more modules to load Module: Checking accounting {...} for more modules to load Module: Checking post-auth {...} for more modules to load } # modules } # server server { # from file /etc/freeradius/radiusd.conf modules { } # modules } # server radiusd: #### Opening IP addresses and Ports #### listen { type = "auth" ipaddr = * port = 1812 } listen { type = "acct" ipaddr = * port = 1813 } Listening on authentication address * port 1812 Listening on accounting address * port 1813 Listening on proxy address * port 1814 Ready to process requests. rad_recv: Access-Request packet from host 141.28.214.180 port 32769, id=170, length=161 User-Name = "radtest" Calling-Station-Id = "00-21-6a-5d-a3-08" Called-Station-Id = "00-23-eb-2d-c9-90:HFU Test" NAS-Port = 1 NAS-IP-Address = 141.28.214.180 NAS-Identifier = "T:WLC2125" Airespace-Wlan-Id = 3 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0202000c0172616474657374 Message-Authenticator = 0xfac7e4d3d4c8a84b5ed62a4eae346cb4 server eduroam { # Executing section authorize from file /etc/freeradius/sites-enabled/eduroam +- entering group authorize {...} [auth_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/freeradius/radacct/141.28.214.180/auth-detail-20110405 [auth_log] /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/141.28.214.180/auth-detail-20110405 [auth_log] expand: %t -> Tue Apr 5 11:33:54 2011 ++[auth_log] returns ok [suffix] No '@' in User-Name = "radtest", looking up realm NULL [suffix] Found realm "NULL" [suffix] Adding Realm = "NULL" [suffix] Authentication realm is LOCAL. ++[suffix] returns ok ++[mschap] returns noop [eap] EAP packet type response id 2 length 12 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated Found Auth-Type = EAP # Executing group from file /etc/freeradius/sites-enabled/eduroam +- entering group authenticate {...} [eap] EAP Identity [eap] processing type tls [tls] Initiate [tls] Start returned 1 ++[eap] returns handled } # server eduroam Sending Access-Challenge of id 170 to 141.28.214.180 port 32769 EAP-Message = 0x010300061920 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xadf81f68adfb06abf81863a39e8442ef Finished request 0. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 141.28.214.180 port 32769, id=170, length=161 Sending duplicate reply to client WLC-TUT port 32769 - ID: 170 Sending Access-Challenge of id 170 to 141.28.214.180 port 32769 Waking up in 2.0 seconds. Cleaning up request 0 ID 170 with timestamp +10 WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING: !! EAP session for state 0xadf81f68adfb06ab did not finish! WARNING: !! Please read http://wiki.freeradius.org/Certificate_Compatibility WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Ready to process requests. rad_recv: Access-Request packet from host 141.28.214.180 port 32769, id=170, length=161 User-Name = "radtest" Calling-Station-Id = "00-21-6a-5d-a3-08" Called-Station-Id = "00-23-eb-2d-c9-90:HFU Test" NAS-Port = 1 NAS-IP-Address = 141.28.214.180 NAS-Identifier = "T:WLC2125" Airespace-Wlan-Id = 3 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0202000c0172616474657374 Message-Authenticator = 0xfac7e4d3d4c8a84b5ed62a4eae346cb4 server eduroam { # Executing section authorize from file /etc/freeradius/sites-enabled/eduroam +- entering group authorize {...} [auth_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/freeradius/radacct/141.28.214.180/auth-detail-20110405 [auth_log] /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/141.28.214.180/auth-detail-20110405 [auth_log] expand: %t -> Tue Apr 5 11:34:00 2011 ++[auth_log] returns ok [suffix] No '@' in User-Name = "radtest", looking up realm NULL [suffix] Found realm "NULL" [suffix] Adding Realm = "NULL" [suffix] Authentication realm is LOCAL. ++[suffix] returns ok ++[mschap] returns noop [eap] EAP packet type response id 2 length 12 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated Found Auth-Type = EAP # Executing group from file /etc/freeradius/sites-enabled/eduroam +- entering group authenticate {...} [eap] EAP Identity [eap] processing type tls [tls] Initiate [tls] Start returned 1 ++[eap] returns handled } # server eduroam Sending Access-Challenge of id 170 to 141.28.214.180 port 32769 EAP-Message = 0x010300061920 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xa33613dea3350a134ad32bcd9d0ee4c8 Finished request 1. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 141.28.214.180 port 32769, id=170, length=161 Sending duplicate reply to client WLC-TUT port 32769 - ID: 170 Sending Access-Challenge of id 170 to 141.28.214.180 port 32769 Waking up in 1.9 seconds. Cleaning up request 1 ID 170 with timestamp +16 WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING: !! EAP session for state 0xa33613dea3350a13 did not finish! WARNING: !! Please read http://wiki.freeradius.org/Certificate_Compatibility WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Ready to process requests. rad_recv: Access-Request packet from host 141.28.214.180 port 32769, id=170, length=161 User-Name = "radtest" Calling-Station-Id = "00-21-6a-5d-a3-08" Called-Station-Id = "00-23-eb-2d-c9-90:HFU Test" NAS-Port = 1 NAS-IP-Address = 141.28.214.180 NAS-Identifier = "T:WLC2125" Airespace-Wlan-Id = 3 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0202000c0172616474657374 Message-Authenticator = 0xfac7e4d3d4c8a84b5ed62a4eae346cb4 server eduroam { # Executing section authorize from file /etc/freeradius/sites-enabled/eduroam +- entering group authorize {...} [auth_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/freeradius/radacct/141.28.214.180/auth-detail-20110405 [auth_log] /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/141.28.214.180/auth-detail-20110405 [auth_log] expand: %t -> Tue Apr 5 11:34:06 2011 ++[auth_log] returns ok [suffix] No '@' in User-Name = "radtest", looking up realm NULL [suffix] Found realm "NULL" [suffix] Adding Realm = "NULL" [suffix] Authentication realm is LOCAL. ++[suffix] returns ok ++[mschap] returns noop [eap] EAP packet type response id 2 length 12 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated Found Auth-Type = EAP # Executing group from file /etc/freeradius/sites-enabled/eduroam +- entering group authenticate {...} [eap] EAP Identity [eap] processing type tls [tls] Initiate [tls] Start returned 1 ++[eap] returns handled } # server eduroam Sending Access-Challenge of id 170 to 141.28.214.180 port 32769 EAP-Message = 0x010300061920 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x0ae48c550ae79578084d9dc8a205ac61 Finished request 2. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 141.28.214.180 port 32769, id=170, length=161 Sending duplicate reply to client WLC-TUT port 32769 - ID: 170 Sending Access-Challenge of id 170 to 141.28.214.180 port 32769 Waking up in 2.0 seconds. Cleaning up request 2 ID 170 with timestamp +22 WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING: !! EAP session for state 0x0ae48c550ae79578 did not finish! WARNING: !! Please read http://wiki.freeradius.org/Certificate_Compatibility WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Ready to process requests. rad_recv: Access-Request packet from host 141.28.214.180 port 32769, id=171, length=161 User-Name = "radtest" Calling-Station-Id = "00-21-6a-5d-a3-08" Called-Station-Id = "00-23-eb-2d-c9-90:HFU Test" NAS-Port = 1 NAS-IP-Address = 141.28.214.180 NAS-Identifier = "T:WLC2125" Airespace-Wlan-Id = 3 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0202000c0172616474657374 Message-Authenticator = 0xcd4f44e3511470e98ef94aa25d40b55a server eduroam { # Executing section authorize from file /etc/freeradius/sites-enabled/eduroam +- entering group authorize {...} [auth_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/freeradius/radacct/141.28.214.180/auth-detail-20110405 [auth_log] /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/141.28.214.180/auth-detail-20110405 [auth_log] expand: %t -> Tue Apr 5 11:34:12 2011 ++[auth_log] returns ok [suffix] No '@' in User-Name = "radtest", looking up realm NULL [suffix] Found realm "NULL" [suffix] Adding Realm = "NULL" [suffix] Authentication realm is LOCAL. ++[suffix] returns ok ++[mschap] returns noop [eap] EAP packet type response id 2 length 12 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated Found Auth-Type = EAP # Executing group from file /etc/freeradius/sites-enabled/eduroam +- entering group authenticate {...} [eap] EAP Identity [eap] processing type tls [tls] Initiate [tls] Start returned 1 ++[eap] returns handled } # server eduroam Sending Access-Challenge of id 171 to 141.28.214.180 port 32769 EAP-Message = 0x010300061920 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xa17d9a12a17e83a894380a36bcd1cecb Finished request 3. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 141.28.214.180 port 32769, id=171, length=161 Sending duplicate reply to client WLC-TUT port 32769 - ID: 171 Sending Access-Challenge of id 171 to 141.28.214.180 port 32769 Waking up in 1.9 seconds. Cleaning up request 3 ID 171 with timestamp +28 WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING: !! EAP session for state 0xa17d9a12a17e83a8 did not finish! WARNING: !! Please read http://wiki.freeradius.org/Certificate_Compatibility WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Ready to process requests. rad_recv: Access-Request packet from host 141.28.214.180 port 32769, id=171, length=161 User-Name = "radtest" Calling-Station-Id = "00-21-6a-5d-a3-08" Called-Station-Id = "00-23-eb-2d-c9-90:HFU Test" NAS-Port = 1 NAS-IP-Address = 141.28.214.180 NAS-Identifier = "T:WLC2125" Airespace-Wlan-Id = 3 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0202000c0172616474657374 Message-Authenticator = 0xcd4f44e3511470e98ef94aa25d40b55a server eduroam { # Executing section authorize from file /etc/freeradius/sites-enabled/eduroam +- entering group authorize {...} [auth_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/freeradius/radacct/141.28.214.180/auth-detail-20110405 [auth_log] /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/141.28.214.180/auth-detail-20110405 [auth_log] expand: %t -> Tue Apr 5 11:34:18 2011 ++[auth_log] returns ok [suffix] No '@' in User-Name = "radtest", looking up realm NULL [suffix] Found realm "NULL" [suffix] Adding Realm = "NULL" [suffix] Authentication realm is LOCAL. ++[suffix] returns ok ++[mschap] returns noop [eap] EAP packet type response id 2 length 12 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated Found Auth-Type = EAP # Executing group from file /etc/freeradius/sites-enabled/eduroam +- entering group authenticate {...} [eap] EAP Identity [eap] processing type tls [tls] Initiate [tls] Start returned 1 ++[eap] returns handled } # server eduroam Sending Access-Challenge of id 171 to 141.28.214.180 port 32769 EAP-Message = 0x010300061920 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x4d4d82d94d4e9be109ae630f09313cf2 Finished request 4. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 141.28.214.180 port 32769, id=171, length=161 Sending duplicate reply to client WLC-TUT port 32769 - ID: 171 Sending Access-Challenge of id 171 to 141.28.214.180 port 32769 Waking up in 1.9 seconds. Cleaning up request 4 ID 171 with timestamp +34 WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING: !! EAP session for state 0x4d4d82d94d4e9be1 did not finish! WARNING: !! Please read http://wiki.freeradius.org/Certificate_Compatibility WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Ready to process requests. rad_recv: Access-Request packet from host 141.28.214.180 port 32769, id=171, length=161 User-Name = "radtest" Calling-Station-Id = "00-21-6a-5d-a3-08" Called-Station-Id = "00-23-eb-2d-c9-90:HFU Test" NAS-Port = 1 NAS-IP-Address = 141.28.214.180 NAS-Identifier = "T:WLC2125" Airespace-Wlan-Id = 3 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0202000c0172616474657374 Message-Authenticator = 0xcd4f44e3511470e98ef94aa25d40b55a server eduroam { # Executing section authorize from file /etc/freeradius/sites-enabled/eduroam +- entering group authorize {...} [auth_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/freeradius/radacct/141.28.214.180/auth-detail-20110405 [auth_log] /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/141.28.214.180/auth-detail-20110405 [auth_log] expand: %t -> Tue Apr 5 11:34:24 2011 ++[auth_log] returns ok [suffix] No '@' in User-Name = "radtest", looking up realm NULL [suffix] Found realm "NULL" [suffix] Adding Realm = "NULL" [suffix] Authentication realm is LOCAL. ++[suffix] returns ok ++[mschap] returns noop [eap] EAP packet type response id 2 length 12 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated Found Auth-Type = EAP # Executing group from file /etc/freeradius/sites-enabled/eduroam +- entering group authenticate {...} [eap] EAP Identity [eap] processing type tls [tls] Initiate [tls] Start returned 1 ++[eap] returns handled } # server eduroam Sending Access-Challenge of id 171 to 141.28.214.180 port 32769 EAP-Message = 0x010300061920 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xfce108cafce211a38d9ce61c79e278d1 Finished request 5. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 141.28.214.180 port 32769, id=171, length=161 Sending duplicate reply to client WLC-TUT port 32769 - ID: 171 Sending Access-Challenge of id 171 to 141.28.214.180 port 32769 Waking up in 1.9 seconds. Cleaning up request 5 ID 171 with timestamp +40 WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING: !! EAP session for state 0xfce108cafce211a3 did not finish! WARNING: !! Please read http://wiki.freeradius.org/Certificate_Compatibility WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Ready to process requests. rad_recv: Access-Request packet from host 141.28.214.180 port 32769, id=172, length=161 User-Name = "radtest" Calling-Station-Id = "00-21-6a-5d-a3-08" Called-Station-Id = "00-23-eb-2d-c9-90:HFU Test" NAS-Port = 1 NAS-IP-Address = 141.28.214.180 NAS-Identifier = "T:WLC2125" Airespace-Wlan-Id = 3 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0202000c0172616474657374 Message-Authenticator = 0x3e1e370136cb884a883f98e57ea907b9 server eduroam { # Executing section authorize from file /etc/freeradius/sites-enabled/eduroam +- entering group authorize {...} [auth_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/freeradius/radacct/141.28.214.180/auth-detail-20110405 [auth_log] /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/141.28.214.180/auth-detail-20110405 [auth_log] expand: %t -> Tue Apr 5 11:34:30 2011 ++[auth_log] returns ok [suffix] No '@' in User-Name = "radtest", looking up realm NULL [suffix] Found realm "NULL" [suffix] Adding Realm = "NULL" [suffix] Authentication realm is LOCAL. ++[suffix] returns ok ++[mschap] returns noop [eap] EAP packet type response id 2 length 12 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated Found Auth-Type = EAP # Executing group from file /etc/freeradius/sites-enabled/eduroam +- entering group authenticate {...} [eap] EAP Identity [eap] processing type tls [tls] Initiate [tls] Start returned 1 ++[eap] returns handled } # server eduroam Sending Access-Challenge of id 172 to 141.28.214.180 port 32769 EAP-Message = 0x010300061920 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x6021f5096022ec9c0ade56e7f8504151 Finished request 6. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 141.28.214.180 port 32769, id=172, length=161 Sending duplicate reply to client WLC-TUT port 32769 - ID: 172 Sending Access-Challenge of id 172 to 141.28.214.180 port 32769 Waking up in 2.0 seconds.