<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Tahoma
}
--></style></head>
<body class='hmmessage'><div dir='ltr'>
I have a working RADIUS server for localhost lookup, but when I try and authenticate with my HP Procurve 420 Wireless Access Point using these wireless connection methods with Ubuntu 10.04LTS:<br><br>Wireless Security: WPA & WPA2 Enterprise
<br>
Authentication: Tunneled TLS | Protected EAP (PEAP)
<br>
Anonymous Identity: (Blank)
<br>
CA Certificate: (None)
<br>
Inner Authentication: PAP, MSCHAP, MSCHAPv2, CHAP | MSCHAPv2, MD5, GTC
<br>
Username: guest
<br>
Password: userpasswd<br><br>I get the following result:<br><br>FreeRADIUS Version 2.1.12, for host x86_64-redhat-linux-gnu, built on Feb 22 2012 at 14:59:35
<br>Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
<br>There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
<br>PARTICULAR PURPOSE.
<br>You may redistribute copies of FreeRADIUS under the terms of the
<br>GNU General Public License v2.
<br>Starting - reading configuration files ...
<br>including configuration file /etc/raddb/radiusd.conf
<br>including configuration file /etc/raddb/proxy.conf
<br>including configuration file /etc/raddb/clients.conf
<br>including files in directory /etc/raddb/modules/
<br>including configuration file /etc/raddb/modules/perl
<br>including configuration file /etc/raddb/modules/inner-eap
<br>including configuration file /etc/raddb/modules/checkval
<br>including configuration file /etc/raddb/modules/expr
<br>including configuration file /etc/raddb/modules/ldap.rpmnew
<br>including configuration file /etc/raddb/modules/wimax
<br>including configuration file /etc/raddb/modules/rediswho
<br>including configuration file /etc/raddb/modules/unix
<br>including configuration file /etc/raddb/modules/files
<br>including configuration file /etc/raddb/modules/sql_log
<br>including configuration file /etc/raddb/modules/ldap
<br>including configuration file /etc/raddb/modules/otp
<br>including configuration file /etc/raddb/modules/echo
<br>including configuration file /etc/raddb/modules/acct_unique
<br>including configuration file /etc/raddb/modules/ntlm_auth
<br>including configuration file /etc/raddb/modules/linelog
<br>including configuration file /etc/raddb/modules/etc_group
<br>including configuration file /etc/raddb/modules/mac2ip
<br>including configuration file /etc/raddb/modules/digest
<br>including configuration file /etc/raddb/modules/counter
<br>including configuration file /etc/raddb/modules/attr_rewrite
<br>including configuration file /etc/raddb/modules/logintime
<br>including configuration file /etc/raddb/modules/redis
<br>including configuration file /etc/raddb/modules/sradutmp
<br>including configuration file /etc/raddb/modules/chap
<br>including configuration file /etc/raddb/modules/preprocess
<br>including configuration file /etc/raddb/modules/always
<br>including configuration file /etc/raddb/modules/policy
<br>including configuration file /etc/raddb/modules/cui
<br>including configuration file /etc/raddb/modules/mschap.bak
<br>including configuration file /etc/raddb/modules/ippool
<br>including configuration file /etc/raddb/modules/attr_filter
<br>including configuration file /etc/raddb/modules/exec
<br>including configuration file /etc/raddb/modules/mschap
<br>including configuration file /etc/raddb/modules/pap.rpmnew
<br>including configuration file /etc/raddb/modules/radutmp
<br>including configuration file /etc/raddb/modules/pam
<br>including configuration file /etc/raddb/modules/passwd
<br>including configuration file /etc/raddb/modules/smsotp
<br>including configuration file /etc/raddb/modules/detail
<br>including configuration file /etc/raddb/modules/soh
<br>including configuration file /etc/raddb/modules/detail.log
<br>including configuration file /etc/raddb/modules/mac2vlan
<br>including configuration file /etc/raddb/modules/dynamic_clients
<br>including configuration file /etc/raddb/modules/opendirectory
<br>including configuration file /etc/raddb/modules/sqlcounter_expire_on_login
<br>including configuration file /etc/raddb/modules/ldap.rpmnew.original
<br>including configuration file /etc/raddb/modules/detail.example.com
<br>including configuration file /etc/raddb/modules/expiration
<br>including configuration file /etc/raddb/modules/replicate
<br>including configuration file /etc/raddb/modules/realm
<br>including configuration file /etc/raddb/modules/pap
<br>including configuration file /etc/raddb/modules/smbpasswd
<br>including configuration file /etc/raddb/eap.conf
<br>including configuration file /etc/raddb/policy.conf
<br>including files in directory /etc/raddb/sites-enabled/
<br>including configuration file /etc/raddb/sites-enabled/default
<br>including configuration file /etc/raddb/sites-enabled/control-socket
<br>including configuration file /etc/raddb/sites-enabled/default.original
<br>including configuration file /etc/raddb/sites-enabled/inner-tunnel
<br>main {
<br> user = "radiusd"
<br> group = "radiusd"
<br> allow_core_dumps = no
<br>}
<br>including dictionary file /etc/raddb/dictionary
<br>main {
<br> name = "radiusd"
<br> prefix = "/usr"
<br> localstatedir = "/var"
<br> sbindir = "/usr/sbin"
<br> logdir = "/var/log/radius"
<br> run_dir = "/var/run/radiusd"
<br> libdir = "/usr/lib64/freeradius"
<br> radacctdir = "/var/log/radius/radacct"
<br> hostname_lookups = no
<br> max_request_time = 30
<br> cleanup_delay = 5
<br> max_requests = 1024
<br> pidfile = "/var/run/radiusd/radiusd.pid"
<br> checkrad = "/usr/sbin/checkrad"
<br> debug_level = 0
<br> proxy_requests = yes
<br> log {
<br> stripped_names = no
<br> auth = no
<br> auth_badpass = no
<br> auth_goodpass = no
<br> }
<br> security {
<br> max_attributes = 200
<br> reject_delay = 1
<br> status_server = yes
<br> }
<br>}
<br>radiusd: #### Loading Realms and Home Servers ####
<br> proxy server {
<br> retry_delay = 5
<br> retry_count = 3
<br> default_fallback = no
<br> dead_time = 120
<br> wake_all_if_all_dead = no
<br> }
<br> home_server localhost {
<br> ipaddr = 127.0.0.1
<br> port = 1812
<br> type = "auth"
<br> secret = "testing123"
<br> response_window = 20
<br> max_outstanding = 65536
<br> require_message_authenticator = yes
<br> zombie_period = 40
<br> status_check = "status-server"
<br> ping_interval = 30
<br> check_interval = 30
<br> num_answers_to_alive = 3
<br> num_pings_to_alive = 3
<br> revive_interval = 120
<br> status_check_timeout = 4
<br> coa {
<br> irt = 2
<br> mrt = 16
<br> mrc = 5
<br> mrd = 30
<br> }
<br> }
<br> home_server_pool my_auth_failover {
<br> type = fail-over
<br> home_server = localhost
<br> }
<br> realm example.com {
<br> auth_pool = my_auth_failover
<br> }
<br> realm LOCAL {
<br> }
<br>radiusd: #### Loading Clients ####
<br> client localhost {
<br> ipaddr = 127.0.0.1
<br> require_message_authenticator = no
<br> secret = "Password"
<br> shortname = "localhost"
<br> nastype = "other"
<br> }
<br> client 10.135.55.0/24 {
<br> require_message_authenticator = no
<br> secret = "Password"
<br> shortname = "PrivateNet"
<br> nastype = "other"
<br> }
<br>radiusd: #### Instantiating modules ####
<br> instantiate {
<br> Module: Linked to module rlm_exec
<br> Module: Instantiating module "exec" from file /etc/raddb/modules/exec
<br> exec {
<br> wait = no
<br> input_pairs = "request"
<br> shell_escape = yes
<br> }
<br> Module: Linked to module rlm_expr
<br> Module: Instantiating module "expr" from file /etc/raddb/modules/expr
<br> Module: Linked to module rlm_expiration
<br> Module: Instantiating module "expiration" from file /etc/raddb/modules/expiration
<br> expiration {
<br> reply-message = "Password Has Expired "
<br> }
<br> Module: Linked to module rlm_logintime
<br> Module: Instantiating module "logintime" from file /etc/raddb/modules/logintime
<br> logintime {
<br> reply-message = "You are calling outside your allowed timespan "
<br> minimum-timeout = 60
<br> }
<br> }
<br>radiusd: #### Loading Virtual Servers ####
<br>server { # from file /etc/raddb/radiusd.conf
<br> modules {
<br> Module: Creating Post-Auth-Type = REJECT
<br> Module: Checking authenticate {...} for more modules to load
<br> Module: Linked to module rlm_pap
<br> Module: Instantiating module "pap" from file /etc/raddb/modules/pap.rpmnew
<br> pap {
<br> encryption_scheme = "auto"
<br> auto_header = no
<br> }
<br> Module: Checking authorize {...} for more modules to load
<br> Module: Linked to module rlm_preprocess
<br> Module: Instantiating module "preprocess" from file /etc/raddb/modules/preprocess
<br> preprocess {
<br> huntgroups = "/etc/raddb/huntgroups"
<br> hints = "/etc/raddb/hints"
<br> with_ascend_hack = no
<br> ascend_channels_per_line = 23
<br> with_ntdomain_hack = no
<br> with_specialix_jetstream_hack = no
<br> with_cisco_vsa_hack = no
<br> with_alvarion_vsa_hack = no
<br> }
<br> Module: Linked to module rlm_chap
<br> Module: Instantiating module "chap" from file /etc/raddb/modules/chap
<br> Module: Linked to module rlm_mschap
<br> Module: Instantiating module "mschap" from file /etc/raddb/modules/mschap.bak
<br> mschap {
<br> use_mppe = yes
<br> require_encryption = no
<br> require_strong = no
<br> with_ntdomain_hack = no
<br> allow_retry = yes
<br> }
<br> Module: Linked to module rlm_realm
<br> Module: Instantiating module "suffix" from file /etc/raddb/modules/realm
<br> realm suffix {
<br> format = "suffix"
<br> delimiter = "@"
<br> ignore_default = no
<br> ignore_null = no
<br> }
<br> Module: Linked to module rlm_eap
<br> Module: Instantiating module "eap" from file /etc/raddb/eap.conf
<br> eap {
<br> default_eap_type = "md5"
<br> timer_expire = 60
<br> ignore_unknown_eap_types = yes
<br> cisco_accounting_username_bug = no
<br> max_sessions = 2048
<br> }
<br> Module: Linked to sub-module rlm_eap_md5
<br> Module: Instantiating eap-md5
<br> Module: Linked to sub-module rlm_eap_leap
<br> Module: Instantiating eap-leap
<br> Module: Linked to sub-module rlm_eap_gtc
<br> Module: Instantiating eap-gtc
<br> gtc {
<br> challenge = "Password: "
<br> auth_type = "Local"
<br> }
<br> Module: Linked to sub-module rlm_eap_tls
<br> Module: Instantiating eap-tls
<br> tls {
<br> rsa_key_exchange = no
<br> dh_key_exchange = yes
<br> rsa_key_length = 512
<br> dh_key_length = 512
<br> verify_depth = 0
<br> pem_file_type = yes
<br> private_key_file = "/etc/raddb/certs/server.pem"
<br> certificate_file = "/etc/raddb/certs/server.pem"
<br> CA_file = "/etc/raddb/certs/ca.pem"
<br> private_key_password = "whatever"
<br> dh_file = "/etc/raddb/certs/dh"
<br> random_file = "/etc/raddb/certs/random"
<br> fragment_size = 1024
<br> include_length = yes
<br> check_crl = no
<br> cipher_list = "DEFAULT"
<br> make_cert_command = "/etc/raddb/certs/bootstrap"
<br> cache {
<br> enable = no
<br> lifetime = 24
<br> max_entries = 255
<br> }
<br> }
<br> Module: Linked to sub-module rlm_eap_ttls
<br> Module: Instantiating eap-ttls
<br> ttls {
<br> default_eap_type = "md5"
<br> copy_request_to_tunnel = no
<br> use_tunneled_reply = no
<br> virtual_server = "inner-tunnel"
<br> include_length = yes
<br> }
<br> Module: Linked to sub-module rlm_eap_peap
<br> Module: Instantiating eap-peap
<br> peap {
<br> default_eap_type = "mschapv2"
<br> copy_request_to_tunnel = no
<br> use_tunneled_reply = no
<br> proxy_tunneled_request_as_eap = yes
<br> virtual_server = "inner-tunnel"
<br> soh = no
<br> }
<br> Module: Linked to sub-module rlm_eap_mschapv2
<br> Module: Instantiating eap-mschapv2
<br> mschapv2 {
<br> with_ntdomain_hack = no
<br> send_error = no
<br> }
<br> Module: Linked to module rlm_files
<br> Module: Instantiating module "files" from file /etc/raddb/modules/files
<br> files {
<br> usersfile = "/etc/raddb/users"
<br> acctusersfile = "/etc/raddb/acct_users"
<br> preproxy_usersfile = "/etc/raddb/preproxy_users"
<br> compat = "no"
<br> }
<br> Module: Linked to module rlm_ldap
<br> Module: Instantiating module "ldap" from file /etc/raddb/modules/ldap.rpmnew
<br> ldap {
<br> server = "localhost"
<br> port = 389
<br> password = "ldapsecret"
<br> identity = "cn=Admin,dc=My Org,dc=UA"
<br> net_timeout = 1
<br> timeout = 4
<br> timelimit = 3
<br> tls_mode = no
<br> start_tls = no
<br> tls_require_cert = "allow"
<br> tls {
<br> start_tls = no
<br> require_cert = "allow"
<br> }
<br> basedn = "dc=My Org,dc=UA"
<br> filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})"
<br> base_filter = "(objectclass=radiusprofile)"
<br> auto_header = no
<br> access_attr_used_for_allow = yes
<br> groupname_attribute = "cn"
<br> groupmembership_filter = "(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))"
<br> dictionary_mapping = "/etc/raddb/ldap.attrmap"
<br> ldap_debug = 0
<br> ldap_connections_number = 5
<br> compare_check_items = no
<br> do_xlat = yes
<br> set_auth_type = yes
<br> }
<br>rlm_ldap: Registering ldap_groupcmp for Ldap-Group
<br>rlm_ldap: Registering ldap_xlat with xlat_name ldap
<br>rlm_ldap: Over-riding set_auth_type, as there is no module ldap listed in the "authenticate" section.
<br>rlm_ldap: reading ldap<->radius mappings from file /etc/raddb/ldap.attrmap
<br>rlm_ldap: LDAP radiusCheckItem mapped to RADIUS $GENERIC$
<br>rlm_ldap: LDAP radiusReplyItem mapped to RADIUS $GENERIC$
<br>rlm_ldap: LDAP radiusAuthType mapped to RADIUS Auth-Type
<br>rlm_ldap: LDAP radiusSimultaneousUse mapped to RADIUS Simultaneous-Use
<br>rlm_ldap: LDAP radiusCalledStationId mapped to RADIUS Called-Station-Id
<br>rlm_ldap: LDAP radiusCallingStationId mapped to RADIUS Calling-Station-Id
<br>rlm_ldap: LDAP lmPassword mapped to RADIUS LM-Password
<br>rlm_ldap: LDAP ntPassword mapped to RADIUS NT-Password
<br>rlm_ldap: LDAP sambaLmPassword mapped to RADIUS LM-Password
<br>rlm_ldap: LDAP sambaNtPassword mapped to RADIUS NT-Password
<br>rlm_ldap: LDAP dBCSPwd mapped to RADIUS LM-Password
<br>rlm_ldap: LDAP userPassword mapped to RADIUS Password-With-Header
<br>rlm_ldap: LDAP acctFlags mapped to RADIUS SMB-Account-CTRL-TEXT
<br>rlm_ldap: LDAP radiusExpiration mapped to RADIUS Expiration
<br>rlm_ldap: LDAP radiusNASIpAddress mapped to RADIUS NAS-IP-Address
<br>rlm_ldap: LDAP radiusServiceType mapped to RADIUS Service-Type
<br>rlm_ldap: LDAP radiusFramedProtocol mapped to RADIUS Framed-Protocol
<br>rlm_ldap: LDAP radiusFramedIPAddress mapped to RADIUS Framed-IP-Address
<br>rlm_ldap: LDAP radiusFramedIPNetmask mapped to RADIUS Framed-IP-Netmask
<br>rlm_ldap: LDAP radiusFramedRoute mapped to RADIUS Framed-Route
<br>rlm_ldap: LDAP radiusFramedRouting mapped to RADIUS Framed-Routing
<br>rlm_ldap: LDAP radiusFilterId mapped to RADIUS Filter-Id
<br>rlm_ldap: LDAP radiusFramedMTU mapped to RADIUS Framed-MTU
<br>rlm_ldap: LDAP radiusFramedCompression mapped to RADIUS Framed-Compression
<br>rlm_ldap: LDAP radiusLoginIPHost mapped to RADIUS Login-IP-Host
<br>rlm_ldap: LDAP radiusLoginService mapped to RADIUS Login-Service
<br>rlm_ldap: LDAP radiusLoginTCPPort mapped to RADIUS Login-TCP-Port
<br>rlm_ldap: LDAP radiusCallbackNumber mapped to RADIUS Callback-Number
<br>rlm_ldap: LDAP radiusCallbackId mapped to RADIUS Callback-Id
<br>rlm_ldap: LDAP radiusFramedIPXNetwork mapped to RADIUS Framed-IPX-Network
<br>rlm_ldap: LDAP radiusClass mapped to RADIUS Class
<br>rlm_ldap: LDAP radiusSessionTimeout mapped to RADIUS Session-Timeout
<br>rlm_ldap: LDAP radiusIdleTimeout mapped to RADIUS Idle-Timeout
<br>rlm_ldap: LDAP radiusTerminationAction mapped to RADIUS Termination-Action
<br>rlm_ldap: LDAP radiusLoginLATService mapped to RADIUS Login-LAT-Service
<br>rlm_ldap: LDAP radiusLoginLATNode mapped to RADIUS Login-LAT-Node
<br>rlm_ldap: LDAP radiusLoginLATGroup mapped to RADIUS Login-LAT-Group
<br>rlm_ldap: LDAP radiusFramedAppleTalkLink mapped to RADIUS Framed-AppleTalk-Link
<br>rlm_ldap: LDAP radiusFramedAppleTalkNetwork mapped to RADIUS Framed-AppleTalk-Network
<br>rlm_ldap: LDAP radiusFramedAppleTalkZone mapped to RADIUS Framed-AppleTalk-Zone
<br>rlm_ldap: LDAP radiusPortLimit mapped to RADIUS Port-Limit
<br>rlm_ldap: LDAP radiusLoginLATPort mapped to RADIUS Login-LAT-Port
<br>rlm_ldap: LDAP radiusReplyMessage mapped to RADIUS Reply-Message
<br>rlm_ldap: LDAP radiusTunnelType mapped to RADIUS Tunnel-Type
<br>rlm_ldap: LDAP radiusTunnelMediumType mapped to RADIUS Tunnel-Medium-Type
<br>rlm_ldap: LDAP radiusTunnelPrivateGroupId mapped to RADIUS Tunnel-Private-Group-Id
<br>conns: 0x20aacb0
<br> Module: Checking preacct {...} for more modules to load
<br> Module: Linked to module rlm_acct_unique
<br> Module: Instantiating module "acct_unique" from file /etc/raddb/modules/acct_unique
<br> acct_unique {
<br> key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
<br> }
<br> Module: Checking accounting {...} for more modules to load
<br> Module: Linked to module rlm_detail
<br> Module: Instantiating module "detail" from file /etc/raddb/modules/detail
<br> detail {
<br> detailfile = "/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d"
<br> header = "%t"
<br> detailperm = 384
<br> dirperm = 493
<br> locking = no
<br> log_packet_header = no
<br> }
<br> Module: Linked to module rlm_radutmp
<br> Module: Instantiating module "radutmp" from file /etc/raddb/modules/radutmp
<br> radutmp {
<br> filename = "/var/log/radius/radutmp"
<br> username = "%{User-Name}"
<br> case_sensitive = yes
<br> check_with_nas = yes
<br> perm = 384
<br> callerid = yes
<br> }
<br> Module: Linked to module rlm_attr_filter
<br> Module: Instantiating module "attr_filter.accounting_response" from file /etc/raddb/modules/attr_filter
<br> attr_filter attr_filter.accounting_response {
<br> attrsfile = "/etc/raddb/attrs.accounting_response"
<br> key = "%{User-Name}"
<br> relaxed = no
<br> }
<br> Module: Checking session {...} for more modules to load
<br> Module: Checking post-proxy {...} for more modules to load
<br> Module: Checking post-auth {...} for more modules to load
<br> Module: Instantiating module "attr_filter.access_reject" from file /etc/raddb/modules/attr_filter
<br> attr_filter attr_filter.access_reject {
<br> attrsfile = "/etc/raddb/attrs.access_reject"
<br> key = "%{User-Name}"
<br> relaxed = no
<br> }
<br> } # modules
<br>} # server
<br>server inner-tunnel { # from file /etc/raddb/sites-enabled/inner-tunnel
<br> modules {
<br> Module: Checking authenticate {...} for more modules to load
<br> Module: Linked to module rlm_unix
<br> Module: Instantiating module "unix" from file /etc/raddb/modules/unix
<br> unix {
<br> radwtmp = "/var/log/radius/radwtmp"
<br> }
<br> Module: Checking authorize {...} for more modules to load
<br> Module: Checking session {...} for more modules to load
<br> Module: Checking post-proxy {...} for more modules to load
<br> Module: Checking post-auth {...} for more modules to load
<br> } # modules
<br>} # server
<br>radiusd: #### Opening IP addresses and Ports ####
<br>listen {
<br> type = "auth"
<br> ipaddr = *
<br> port = 0
<br>}
<br>listen {
<br> type = "acct"
<br> ipaddr = *
<br> port = 0
<br>}
<br>listen {
<br> type = "control"
<br> listen {
<br> socket = "/var/run/radiusd/radiusd.sock"
<br> }
<br>}
<br>listen {
<br> type = "auth"
<br> ipaddr = 127.0.0.1
<br> port = 18120
<br>}
<br> ... adding new socket proxy address * port 47684
<br>Listening on authentication address * port 1812
<br>Listening on accounting address * port 1813
<br>Listening on command file /var/run/radiusd/radiusd.sock
<br>Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel
<br>Listening on proxy address * port 1814
<br>Ready to process requests.
<br>rad_recv: Access-Request packet from host 10.0.0.6 port 1026, id=39, length=135
<br> NAS-IP-Address = 10.0.0.6
<br> NAS-Port-Type = Wireless-802.11
<br> NAS-Port = 0
<br> Framed-MTU = 1400
<br> User-Name = "guest"
<br> Calling-Station-Id = "00-1B-77-21-39-6C"
<br> Called-Station-Id = "00-1F-28-C4-9E-83"
<br> NAS-Identifier = "MDFA-2-H09"
<br> EAP-Message = 0x0201000c016a6c75646c6f77
<br> Message-Authenticator = 0x25f3e3f83ec5654d9427870ef7304330
<br># Executing section authorize from file /etc/raddb/sites-enabled/default
<br>+- entering group authorize {...}
<br>++[preprocess] returns ok
<br>++[chap] returns noop
<br>++[mschap] returns noop
<br>[suffix] No '@' in User-Name = "guest", looking up realm NULL
<br>[suffix] No such realm "NULL"
<br>++[suffix] returns noop
<br>[eap] EAP packet type response id 1 length 12
<br>[eap] No EAP Start, assuming it's an on-going EAP conversation
<br>++[eap] returns updated
<br>++[files] returns noop
<br>[ldap] performing user authorization for guest
<br>[ldap] expand: %{Stripped-User-Name} ->
<br>[ldap] ... expanding second conditional
<br>[ldap] expand: %{User-Name} -> guest
<br>[ldap] expand: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) -> (uid=guest)
<br>[ldap] expand: dc=My Org,dc=UA -> dc=My Org,dc=UA
<br> [ldap] ldap_get_conn: Checking Id: 0
<br> [ldap] ldap_get_conn: Got Id: 0
<br> [ldap] attempting LDAP reconnection
<br> [ldap] (re)connect to localhost:389, authentication 0
<br> [ldap] bind as cn=Admin,dc=My Org,dc=UA/ldapsecret to localhost:389
<br> [ldap] waiting for bind result ...
<br> [ldap] Bind was successful
<br> [ldap] performing search in dc=My Org,dc=UA, with filter (uid=guest)
<br>[ldap] looking for check items in directory...
<br> [ldap] userPassword -> Password-With-Header == "{SSHA}kXYV0NQ5Cqb2c8nYkUOkomUY4aNkV1Bm"
<br> [ldap] sambaNtPassword -> NT-Password == 0x3730313339324543313134384238354441354243443132394536413143384335
<br> [ldap] sambaLmPassword -> LM-Password == 0x3130323441364441393830383345394644423232393432363146353938423443
<br>[ldap] looking for reply items in directory...
<br>[ldap] user guest authorized to use remote access
<br> [ldap] ldap_release_conn: Release Id: 0
<br>++[ldap] returns ok
<br>++[expiration] returns noop
<br>++[logintime] returns noop
<br>[pap] Normalizing NT-Password from hex encoding
<br>[pap] Normalizing LM-Password from hex encoding
<br>[pap] Normalizing SSHA1-Password from base64 encoding
<br>[pap] WARNING: Auth-Type already set. Not setting to PAP
<br>++[pap] returns noop
<br>Found Auth-Type = EAP
<br> WARNING: Unknown value specified for Auth-Type. Cannot perform requested action.
<br># Executing group from file /etc/raddb/sites-enabled/default
<br>Failed to authenticate the user.
<br>Using Post-Auth-Type Reject
<br># Executing group from file /etc/raddb/sites-enabled/default
<br>+- entering group REJECT {...}
<br>[attr_filter.access_reject] expand: %{User-Name} -> guest
<br>attr_filter: Matched entry DEFAULT at line 11
<br>++[attr_filter.access_reject] returns updated
<br>Delaying reject of request 0 for 1 seconds
<br>Going to the next request
<br>Waking up in 0.9 seconds.
<br>Sending delayed reject for request 0
<br>Sending Access-Reject of id 39 to 10.0.0.6 port 1026
<br>Waking up in 4.9 seconds.
<br> </div></body>
</html>