Ok,<br>here are the logs that should identify the problem ::<br><br>#############################################################################################<br>Listening on authentication address * port 1812<br>Listening on accounting address * port 1813<br>
Listening on command file /var/run/radiusd/radiusd.sock<br>Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel<br>Listening on proxy address * port 1814<br>Ready to process requests.<br>rad_recv: Access-Request packet from host 192.168.1.1 port 2050, id=2, length=135<br>
User-Name = "anonymous"<br> NAS-IP-Address = 192.168.1.1<br> NAS-Identifier = "NasId1"<br> NAS-Port = 0<br> Called-Station-Id = "80-A1-D7-19-BC-CC"<br> Calling-Station-Id = "8C-A9-82-0A-72-C2"<br>
Framed-MTU = 1400<br> NAS-Port-Type = Wireless-802.11<br> EAP-Message = 0x0201000e01616e6f6e796d6f7573<br> Message-Authenticator = 0x75ec2aaf6e4ff4d556074d228a772faa<br># Executing section authorize from file /etc/raddb/sites-enabled/default<br>
+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>++[digest] returns noop<br>[suffix] No '@' in User-Name = "anonymous", looking up realm NULL<br>
[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] EAP packet type response id 1 length 14<br>[eap] No EAP Start, assuming it's an on-going EAP conversation<br>++[eap] returns updated<br>++[files] returns noop<br>
++[expiration] returns noop<br>++[logintime] returns noop<br>[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.<br>++[pap] returns noop<br>Found Auth-Type = EAP<br>
# Executing group from file /etc/raddb/sites-enabled/default<br>+- entering group authenticate {...}<br>[eap] EAP Identity<br>[eap] processing type md5<br>rlm_eap_md5: Issuing Challenge<br>++[eap] returns handled<br>Sending Access-Challenge of id 2 to 192.168.1.1 port 2050<br>
EAP-Message = 0x010200160410d85d9080f8377ffbd43fcd11902d0849<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0xca27a4c8ca25a0d1b0def0b7ea3684b7<br>Finished request 0.<br>Going to the next request<br>
Waking up in 4.9 seconds.<br>Cleaning up request 0 ID 2 with timestamp +2<br>Ready to process requests.<br>rad_recv: Access-Request packet from host 192.168.1.1 port 2050, id=1, length=135<br> User-Name = "anonymous"<br>
NAS-IP-Address = 192.168.1.1<br> NAS-Identifier = "NasId1"<br> NAS-Port = 0<br> Called-Station-Id = "80-A1-D7-19-BC-CC"<br> Calling-Station-Id = "8C-A9-82-0A-72-C2"<br> Framed-MTU = 1400<br>
NAS-Port-Type = Wireless-802.11<br> EAP-Message = 0x0201000e01616e6f6e796d6f7573<br> Message-Authenticator = 0x9bd9b052f78877d9825931a00861c9bb<br># Executing section authorize from file /etc/raddb/sites-enabled/default<br>
+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>++[digest] returns noop<br>[suffix] No '@' in User-Name = "anonymous", looking up realm NULL<br>
[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] EAP packet type response id 1 length 14<br>[eap] No EAP Start, assuming it's an on-going EAP conversation<br>++[eap] returns updated<br>++[files] returns noop<br>
++[expiration] returns noop<br>++[logintime] returns noop<br>[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.<br>++[pap] returns noop<br>Found Auth-Type = EAP<br>
# Executing group from file /etc/raddb/sites-enabled/default<br>+- entering group authenticate {...}<br>[eap] EAP Identity<br>[eap] processing type md5<br>rlm_eap_md5: Issuing Challenge<br>++[eap] returns handled<br>Sending Access-Challenge of id 1 to 192.168.1.1 port 2050<br>
EAP-Message = 0x010200160410c80696960e9200663db1880b98547d70<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0xc4e4c720c4e6c3e7c1639dca0ec5602b<br>Finished request 1.<br>Going to the next request<br>
Waking up in 4.9 seconds.<br>Cleaning up request 1 ID 1 with timestamp +36<br>Ready to process requests.<br>rad_recv: Access-Request packet from host 192.168.1.1 port 2050, id=3, length=135<br> User-Name = "anonymous"<br>
NAS-IP-Address = 192.168.1.1<br> NAS-Identifier = "NasId1"<br> NAS-Port = 0<br> Called-Station-Id = "80-A1-D7-19-BC-CC"<br> Calling-Station-Id = "8C-A9-82-0A-72-C2"<br> Framed-MTU = 1400<br>
NAS-Port-Type = Wireless-802.11<br> EAP-Message = 0x0201000e01616e6f6e796d6f7573<br> Message-Authenticator = 0xda721dc9da1bf772e873ef7dd3c3118e<br># Executing section authorize from file /etc/raddb/sites-enabled/default<br>
+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>++[digest] returns noop<br>[suffix] No '@' in User-Name = "anonymous", looking up realm NULL<br>
[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] EAP packet type response id 1 length 14<br>[eap] No EAP Start, assuming it's an on-going EAP conversation<br>++[eap] returns updated<br>++[files] returns noop<br>
++[expiration] returns noop<br>++[logintime] returns noop<br>[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.<br>++[pap] returns noop<br>Found Auth-Type = EAP<br>
# Executing group from file /etc/raddb/sites-enabled/default<br>+- entering group authenticate {...}<br>[eap] EAP Identity<br>[eap] processing type md5<br>rlm_eap_md5: Issuing Challenge<br>++[eap] returns handled<br>Sending Access-Challenge of id 3 to 192.168.1.1 port 2050<br>
EAP-Message = 0x0102001604103d35620c02dfe385b8e85d29be12cbe6<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0xae0bee3aae09ea25398daf498c4b8a60<br>Finished request 2.<br>Going to the next request<br>
Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 192.168.1.1 port 2050, id=4, length=145<br> User-Name = "anonymous"<br> NAS-IP-Address = 192.168.1.1<br> NAS-Identifier = "NasId1"<br>
NAS-Port = 0<br> Called-Station-Id = "80-A1-D7-19-BC-CC"<br> Calling-Station-Id = "8C-A9-82-0A-72-C2"<br> Framed-MTU = 1400<br> NAS-Port-Type = Wireless-802.11<br> EAP-Message = 0x02020006030d<br>
State = 0xae0bee3aae09ea25398daf498c4b8a60<br> Message-Authenticator = 0x4a12c5fe1710ce5b4cd16e03e20a3dff<br># Executing section authorize from file /etc/raddb/sites-enabled/default<br>+- entering group authorize {...}<br>
++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>++[digest] returns noop<br>[suffix] No '@' in User-Name = "anonymous", looking up realm NULL<br>[suffix] No such realm "NULL"<br>
++[suffix] returns noop<br>[eap] EAP packet type response id 2 length 6<br>[eap] No EAP Start, assuming it's an on-going EAP conversation<br>++[eap] returns updated<br>++[files] returns noop<br>++[expiration] returns noop<br>
++[logintime] returns noop<br>[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.<br>++[pap] returns noop<br>Found Auth-Type = EAP<br># Executing group from file /etc/raddb/sites-enabled/default<br>
+- entering group authenticate {...}<br>[eap] Request found, released from the list<br>[eap] EAP NAK<br>[eap] EAP-NAK asked for EAP-Type/tls<br>[eap] processing type tls<br>[tls] Requiring client certificate<br>[tls] Initiate<br>
[tls] Start returned 1<br>++[eap] returns handled<br>Sending Access-Challenge of id 4 to 192.168.1.1 port 2050<br> EAP-Message = 0x010300060d20<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0xae0bee3aaf08e325398daf498c4b8a60<br>
Finished request 3.<br>Going to the next request<br>Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 192.168.1.1 port 2050, id=5, length=257<br> User-Name = "anonymous"<br> NAS-IP-Address = 192.168.1.1<br>
NAS-Identifier = "NasId1"<br> NAS-Port = 0<br> Called-Station-Id = "80-A1-D7-19-BC-CC"<br> Calling-Station-Id = "8C-A9-82-0A-72-C2"<br> Framed-MTU = 1400<br> NAS-Port-Type = Wireless-802.11<br>
EAP-Message = 0x020300760d00160301006b01000067030150ea6299ec45ad966ebbb9ea9b1bf4543ef4d67c15e63acdd86d348a01f3c5e400003a00390038008800870035008400160013000a00330032009a009900450044002f00960041000500040015001200090014001100080006000300ff0100000400230000<br>
State = 0xae0bee3aaf08e325398daf498c4b8a60<br> Message-Authenticator = 0x9a29080d67d6c2d43cf9902dc5657a5a<br># Executing section authorize from file /etc/raddb/sites-enabled/default<br>+- entering group authorize {...}<br>
++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>++[digest] returns noop<br>[suffix] No '@' in User-Name = "anonymous", looking up realm NULL<br>[suffix] No such realm "NULL"<br>
++[suffix] returns noop<br>[eap] EAP packet type response id 3 length 118<br>[eap] No EAP Start, assuming it's an on-going EAP conversation<br>++[eap] returns updated<br>++[files] returns noop<br>++[expiration] returns noop<br>
++[logintime] returns noop<br>++[pap] returns noop<br>Found Auth-Type = EAP<br># Executing group from file /etc/raddb/sites-enabled/default<br>+- entering group authenticate {...}<br>[eap] Request found, released from the list<br>
[eap] EAP/tls<br>[eap] processing type tls<br>[tls] Authenticate<br>[tls] processing EAP-TLS<br>[tls] eaptls_verify returned 7 <br>[tls] Done initial handshake<br>[tls] (other): before/accept initialization<br>[tls] TLS_accept: before/accept initialization<br>
[tls] <<< TLS 1.0 Handshake [length 006b], ClientHello <br>[tls] TLS_accept: SSLv3 read client hello A<br>[tls] >>> TLS 1.0 Handshake [length 0031], ServerHello <br>[tls] TLS_accept: SSLv3 write server hello A<br>
[tls] >>> TLS 1.0 Handshake [length 085e], Certificate <br>[tls] TLS_accept: SSLv3 write certificate A<br>[tls] >>> TLS 1.0 Handshake [length 020d], ServerKeyExchange <br>[tls] TLS_accept: SSLv3 write key exchange A<br>
[tls] >>> TLS 1.0 Handshake [length 00a7], CertificateRequest <br>[tls] TLS_accept: SSLv3 write certificate request A<br>[tls] TLS_accept: SSLv3 flush data<br>[tls] TLS_accept: Need to read more data: SSLv3 read client certificate A<br>
In SSL Handshake Phase <br>In SSL Accept mode <br>[tls] eaptls_process returned 13 <br>++[eap] returns handled<br>Sending Access-Challenge of id 5 to 192.168.1.1 port 2050<br> EAP-Message = 0x010404000dc000000b5716030100310200002d030150ea62998db3927a94e8e3958d4a0718aba9c8fe83861e325933d52ace7337eb000039000005ff01000100160301085e0b00085a0008570003a6308203a23082028aa003020102020101300d06092a864886f70d0101050500308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c65204365727469666963617465204175<br>
EAP-Message = 0x74686f72697479301e170d3133303130323230343931335a170d3133303330333230343931335a307c310b3009060355040613024652310f300d0603550408130652616469757331153013060355040a130c4578616d706c6520496e632e312330210603550403131a4578616d706c65205365727665722043657274696669636174653120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100a964d88984f11cf2e098e9d5067ed817b2fb753629751159a8fd20593b91b2e13ed90ee1a40af0d5a20c954c361d534de87499ddfc01fb<br>
EAP-Message = 0xdd17e668da7580b889bb76cd99e5a15fe170528fd99c344736d96ef562984a8aaaf3d7fe88c62a5ee4ce361905a185b8c7f4e4f4707e7c33fbaf720bf67c46a9d1b340b82fc9e5f614bdc9b0b72d4fcf3994a37178db025b37cc4e96b27f5d5e1826e5368610faff2a5029d662206d25c0a9490a50293df2569910f46beb4f46f67087b917a3b45a0a5a5ccc7fba5f7c9b9eaf86a07f8b994e8116b5665126c91d25a54c2c48fae0b8e3fce245773f2a4a1aafb97edb4399aa76b31b29752f9794f08176d189399f210203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d010105050003820101009619<br>
EAP-Message = 0x95251b10a7381486cc6ced9dd00aacdc4338a5564cf99ea96e489e35a561cf242342ce6661d35d3d9d87173698e530ecb82484b1ea3b5dd1cd9a4a1b2daefe3e6c1042f85d50692a4e012ac026a25a9bd9cc21d530eba40f8ea6b328518ccfa33a5cfac384e95981f5675bc2c01c5ef9809de95cfbf9aabc0df194efe65160d4b2967857897c1468afcba2718db7c15004847f729e757b26f6ff4a0b2e48b0cbb9eabd3d405497c87d7fc6f0872c5390fd9a791aff329be726d67ae2198e01ea1c8b49719bf3e8245db56f4574bb82ed02ed8eb7cfb7a0ee44b4fb350856e50c641720eb9edeab47a7d5a65ab64505ae4c4bec18d8bacedd3883fd72b9<br>
EAP-Message = 0x5d0004ab308204a73082038f<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0xae0bee3aac0fe325398daf498c4b8a60<br>Finished request 4.<br>Going to the next request<br>Waking up in 4.9 seconds.<br>
rad_recv: Access-Request packet from host 192.168.1.1 port 2050, id=6, length=145<br> User-Name = "anonymous"<br> NAS-IP-Address = 192.168.1.1<br> NAS-Identifier = "NasId1"<br> NAS-Port = 0<br>
Called-Station-Id = "80-A1-D7-19-BC-CC"<br> Calling-Station-Id = "8C-A9-82-0A-72-C2"<br> Framed-MTU = 1400<br> NAS-Port-Type = Wireless-802.11<br> EAP-Message = 0x020400060d00<br> State = 0xae0bee3aac0fe325398daf498c4b8a60<br>
Message-Authenticator = 0x193913d4ff0d73cc840b624497a2f03d<br># Executing section authorize from file /etc/raddb/sites-enabled/default<br>+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>
++[mschap] returns noop<br>++[digest] returns noop<br>[suffix] No '@' in User-Name = "anonymous", looking up realm NULL<br>[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] EAP packet type response id 4 length 6<br>
[eap] No EAP Start, assuming it's an on-going EAP conversation<br>++[eap] returns updated<br>++[files] returns noop<br>++[expiration] returns noop<br>++[logintime] returns noop<br>++[pap] returns noop<br>Found Auth-Type = EAP<br>
# Executing group from file /etc/raddb/sites-enabled/default<br>+- entering group authenticate {...}<br>[eap] Request found, released from the list<br>[eap] EAP/tls<br>[eap] processing type tls<br>[tls] Authenticate<br>[tls] processing EAP-TLS<br>
[tls] Received TLS ACK<br>[tls] ACK handshake fragment handler<br>[tls] eaptls_verify returned 1 <br>[tls] eaptls_process returned 13 <br>++[eap] returns handled<br>Sending Access-Challenge of id 6 to 192.168.1.1 port 2050<br>
EAP-Message = 0x010504000dc000000b57a003020102020900893e0a05a634a356300d06092a864886f70d0101050500308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479301e170d3133303130363133333635375a170d3133303330373133333635375a308193310b3009060355040613024652310f300d06035504081306526164<br>
EAP-Message = 0x6975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f7269747930820122300d06092a864886f70d01010105000382010f003082010a0282010100ebdd02fa2a5b2b43e5806d41656bda51cfa2bca2936fbe168be1781f14ca7d2c608976fcfc45fd63bb44a21fa1a4b4e2a9d00a3603b9504d21d9d9120723846c660602372539c687c2e24ee4cfe4f6b433f3c4c6d4397e1eb079dd08872cb3eef18e35a5<br>
EAP-Message = 0x9a77761396f8666694336040a446e40374b306d1057aeb78b6a6296aee0f8930819b987adf8412bf6f4455b8c67f5c92bbae6bfbed30ecbd38fb7ee015a7d260e8ef80f47d8eba63dca2f2014fdc8fcd4db4d898e56388e3b4963c338ed11d9dfacae18e64573f17b72383d9ae9fa96d76fb9b47ee6e6ce7e2c5be485abada0feb5c4a9aa83297af2623cf931c3b88335fa3e781ab3dadfd3b62a2a10203010001a381fb3081f8301d0603551d0e04160414afc3a72620ddd02d5a37ee2fb8876c1793d4190d3081c80603551d230481c03081bd8014afc3a72620ddd02d5a37ee2fb8876c1793d4190da18199a48196308193310b3009060355040613<br>
EAP-Message = 0x024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479820900893e0a05a634a356300c0603551d13040530030101ff300d06092a864886f70d010105050003820101000bed6913d854c30ff8c5a9ae3f706e8cc97d5ee63ae8857b16297b38ab43b2562000e4f345dca706cf4c54156a134573a4b811751a43985545972e8807b60673979031538e7c5b<br>
EAP-Message = 0xc4643173fc8b9e067abaa332<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0xae0bee3aad0ee325398daf498c4b8a60<br>Finished request 5.<br>Going to the next request<br>Waking up in 4.9 seconds.<br>
rad_recv: Access-Request packet from host 192.168.1.1 port 2050, id=7, length=145<br> User-Name = "anonymous"<br> NAS-IP-Address = 192.168.1.1<br> NAS-Identifier = "NasId1"<br> NAS-Port = 0<br>
Called-Station-Id = "80-A1-D7-19-BC-CC"<br> Calling-Station-Id = "8C-A9-82-0A-72-C2"<br> Framed-MTU = 1400<br> NAS-Port-Type = Wireless-802.11<br> EAP-Message = 0x020500060d00<br> State = 0xae0bee3aad0ee325398daf498c4b8a60<br>
Message-Authenticator = 0xe493fc1cbfbd7a59dbbf0ccc9f8390f2<br># Executing section authorize from file /etc/raddb/sites-enabled/default<br>+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>
++[mschap] returns noop<br>++[digest] returns noop<br>[suffix] No '@' in User-Name = "anonymous", looking up realm NULL<br>[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] EAP packet type response id 5 length 6<br>
[eap] No EAP Start, assuming it's an on-going EAP conversation<br>++[eap] returns updated<br>++[files] returns noop<br>++[expiration] returns noop<br>++[logintime] returns noop<br>++[pap] returns noop<br>Found Auth-Type = EAP<br>
# Executing group from file /etc/raddb/sites-enabled/default<br>+- entering group authenticate {...}<br>[eap] Request found, released from the list<br>[eap] EAP/tls<br>[eap] processing type tls<br>[tls] Authenticate<br>[tls] processing EAP-TLS<br>
[tls] Received TLS ACK<br>[tls] ACK handshake fragment handler<br>[tls] eaptls_verify returned 1 <br>[tls] eaptls_process returned 13 <br>++[eap] returns handled<br>Sending Access-Challenge of id 7 to 192.168.1.1 port 2050<br>
EAP-Message = 0x010603750d8000000b57c5525516ee08169c65c0605ff1cd8cb8875d23e93b6eae5bf6190e00fa5d09244e6d6df1fd4b721fa3e32b197ee2a3c2093c79b83fd8c8390d01480fe5e0f7a933d0d91217a6b989b36c62dadd8f1580d2316cfde9b2db5c8cb8767c614cdd722810fcd7aa086eebb0de60a915eee1c3bf3399aabd4e727e08a333010b0f34fefe6cf58fee5df022c2b1372272987c4c86fd91937e61f881b45d238101eda2d6705291d4ba43ee237f1dfec55a160301020d0c0002090080f1516afb0dd4bfb40ee4121b45f29c3e6e01b2997948fa411b9459c47d5cc1c7c94f69338de1c704610c3ecc7bb948de7838e51cf5c4bd11d9dac2<br>
EAP-Message = 0x657619ad86970871a77831bfe882d146839667309241f4d237e6996317113f458282372ac089f43c84e5f9cbbf5cf5af469ab7b0a7a3cc98363638dbcb57e41338d196f17b0001020080bd8697560cbf77c14813e123c7b7c9ce79f5645fda561240ea65bddb36cf520baa2b174879be8a091bda39af0bb7659d832944672aaffdf76002a21a9ada45e22323803f2a76002f302a8c69ae11a3d78c3d9f5c485a2ca8bf94e8232892a78b0e023df8325cbbf8d0b5b24576ab1e194ecd8a33eb5105e0cd0c9d81909d756a010009d4606d20f3134e39eb37d5947e4b32b7e5bc842cd052623c8a0e69d5cdfd1ff13b405e08a5672fa3e9780078b182967d<br>
EAP-Message = 0x4ae6ca5c02cb2d3f67b49f7cc5b015eb6cd69466e6dbd761792e04f8eb009ffea8c9d833fcc9a790874fe694dce4ef32104f42417a8574f0e4e13580d49ec0664b9325a707ae7ccef2ff8e652b0a4d428a2dc81b1878a9a0b1656cd60d7210a533bfdb6c6c324f0edcdfd73e46fd273275f0450558a36bdc79f6ed879c5d237f3efb8e33d023dae952d2a63acb45fc8415ab961b212a0b03e3de16ba0a13fa2f8082d4a4614d83978a5ada9528ec0e7d638586339a7f1f51c7baefb53a2f8187c67bc40344bfd53dd35ffcf2c13bee16030100a70d00009f040304010200980096308193310b3009060355040613024652310f300d0603550408130652<br>
EAP-Message = 0x61646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f726974790e000000<br>
Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0xae0bee3aaa0de325398daf498c4b8a60<br>Finished request 6.<br>Going to the next request<br>Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 192.168.1.1 port 2050, id=8, length=152<br>
User-Name = "anonymous"<br> NAS-IP-Address = 192.168.1.1<br> NAS-Identifier = "NasId1"<br> NAS-Port = 0<br> Called-Station-Id = "80-A1-D7-19-BC-CC"<br> Calling-Station-Id = "8C-A9-82-0A-72-C2"<br>
Framed-MTU = 1400<br> NAS-Port-Type = Wireless-802.11<br> EAP-Message = 0x0206000d0d0015030100020233<br> State = 0xae0bee3aaa0de325398daf498c4b8a60<br> Message-Authenticator = 0x1bca69d903deee46c3b0e357c59ec8f9<br>
# Executing section authorize from file /etc/raddb/sites-enabled/default<br>+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>++[digest] returns noop<br>
[suffix] No '@' in User-Name = "anonymous", looking up realm NULL<br>[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] EAP packet type response id 6 length 13<br>[eap] No EAP Start, assuming it's an on-going EAP conversation<br>
++[eap] returns updated<br>++[files] returns noop<br>++[expiration] returns noop<br>++[logintime] returns noop<br>++[pap] returns noop<br>Found Auth-Type = EAP<br># Executing group from file /etc/raddb/sites-enabled/default<br>
+- entering group authenticate {...}<br>[eap] Request found, released from the list<br>[eap] EAP/tls<br>[eap] processing type tls<br>[tls] Authenticate<br>[tls] processing EAP-TLS<br>[tls] eaptls_verify returned 7 <br>[tls] Done initial handshake<br>
[tls] <<< TLS 1.0 Alert [length 0002], fatal decrypt_error <br>TLS Alert read:fatal:decrypt error<br> TLS_accept: failed in SSLv3 read client certificate A<br>rlm_eap: SSL error error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1 alert decrypt error<br>
SSL: SSL_read failed inside of TLS (-1), TLS session fails.<br>TLS receive handshake failed during operation<br>[tls] eaptls_process returned 4 <br>[eap] Handler failed in EAP/tls<br>[eap] Failed in EAP select<br>++[eap] returns invalid<br>
Failed to authenticate the user.<br>Using Post-Auth-Type REJECT<br># Executing group from file /etc/raddb/sites-enabled/default<br>+- entering group REJECT {...}<br>[attr_filter.access_reject] expand: %{User-Name} -> anonymous<br>
attr_filter: Matched entry DEFAULT at line 11<br>++[attr_filter.access_reject] returns updated<br>Delaying reject of request 7 for 1 seconds<br>Going to the next request<br>Waking up in 0.9 seconds.<br>Sending delayed reject for request 7<br>
Sending Access-Reject of id 8 to 192.168.1.1 port 2050<br> EAP-Message = 0x04060004<br> Message-Authenticator = 0x00000000000000000000000000000000<br>Waking up in 3.9 seconds.<br>rad_recv: Access-Request packet from host 192.168.1.1 port 2050, id=9, length=135<br>
User-Name = "anonymous"<br> NAS-IP-Address = 192.168.1.1<br> NAS-Identifier = "NasId1"<br> NAS-Port = 0<br> Called-Station-Id = "80-A1-D7-19-BC-CC"<br> Calling-Station-Id = "8C-A9-82-0A-72-C2"<br>
Framed-MTU = 1400<br> NAS-Port-Type = Wireless-802.11<br> EAP-Message = 0x0201000e01616e6f6e796d6f7573<br> Message-Authenticator = 0xecd41729c398e8d7cb3aeffa77620477<br># Executing section authorize from file /etc/raddb/sites-enabled/default<br>
+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>++[digest] returns noop<br>[suffix] No '@' in User-Name = "anonymous", looking up realm NULL<br>
[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] EAP packet type response id 1 length 14<br>[eap] No EAP Start, assuming it's an on-going EAP conversation<br>++[eap] returns updated<br>++[files] returns noop<br>
++[expiration] returns noop<br>++[logintime] returns noop<br>[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.<br>++[pap] returns noop<br>Found Auth-Type = EAP<br>
# Executing group from file /etc/raddb/sites-enabled/default<br>+- entering group authenticate {...}<br>[eap] EAP Identity<br>[eap] processing type md5<br>rlm_eap_md5: Issuing Challenge<br>++[eap] returns handled<br>Sending Access-Challenge of id 9 to 192.168.1.1 port 2050<br>
EAP-Message = 0x010200160410ab1098f6acd219d7dc4d99ea0eb9e76e<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0xabe3eedaabe1ea79298f3c2e2b2155c8<br>Finished request 8.<br>Going to the next request<br>
Waking up in 0.4 seconds.<br>rad_recv: Access-Request packet from host 192.168.1.1 port 2050, id=10, length=145<br> User-Name = "anonymous"<br> NAS-IP-Address = 192.168.1.1<br> NAS-Identifier = "NasId1"<br>
NAS-Port = 0<br> Called-Station-Id = "80-A1-D7-19-BC-CC"<br> Calling-Station-Id = "8C-A9-82-0A-72-C2"<br> Framed-MTU = 1400<br> NAS-Port-Type = Wireless-802.11<br> EAP-Message = 0x02020006030d<br>
State = 0xabe3eedaabe1ea79298f3c2e2b2155c8<br> Message-Authenticator = 0xfcbbdc4bf7bde2c3d05ad53e4245fc28<br># Executing section authorize from file /etc/raddb/sites-enabled/default<br>+- entering group authorize {...}<br>
++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>++[digest] returns noop<br>[suffix] No '@' in User-Name = "anonymous", looking up realm NULL<br>[suffix] No such realm "NULL"<br>
++[suffix] returns noop<br>[eap] EAP packet type response id 2 length 6<br>[eap] No EAP Start, assuming it's an on-going EAP conversation<br>++[eap] returns updated<br>++[files] returns noop<br>++[expiration] returns noop<br>
++[logintime] returns noop<br>[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.<br>++[pap] returns noop<br>Found Auth-Type = EAP<br># Executing group from file /etc/raddb/sites-enabled/default<br>
+- entering group authenticate {...}<br>[eap] Request found, released from the list<br>[eap] EAP NAK<br>[eap] EAP-NAK asked for EAP-Type/tls<br>[eap] processing type tls<br>[tls] Requiring client certificate<br>[tls] Initiate<br>
[tls] Start returned 1<br>++[eap] returns handled<br>Sending Access-Challenge of id 10 to 192.168.1.1 port 2050<br> EAP-Message = 0x010300060d20<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0xabe3eedaaae0e379298f3c2e2b2155c8<br>
Finished request 9.<br>Going to the next request<br>Waking up in 0.4 seconds.<br>rad_recv: Access-Request packet from host 192.168.1.1 port 2050, id=11, length=257<br> User-Name = "anonymous"<br> NAS-IP-Address = 192.168.1.1<br>
NAS-Identifier = "NasId1"<br> NAS-Port = 0<br> Called-Station-Id = "80-A1-D7-19-BC-CC"<br> Calling-Station-Id = "8C-A9-82-0A-72-C2"<br> Framed-MTU = 1400<br> NAS-Port-Type = Wireless-802.11<br>
EAP-Message = 0x020300760d00160301006b01000067030150ea629e121e3f40f9cea283dd9bf6358c1c3b7c81b59d598c2d5963f2d8304e00003a00390038008800870035008400160013000a00330032009a009900450044002f00960041000500040015001200090014001100080006000300ff0100000400230000<br>
State = 0xabe3eedaaae0e379298f3c2e2b2155c8<br> Message-Authenticator = 0x30e1a5af5af01fd1733a414414155c8e<br># Executing section authorize from file /etc/raddb/sites-enabled/default<br>+- entering group authorize {...}<br>
++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>++[digest] returns noop<br>[suffix] No '@' in User-Name = "anonymous", looking up realm NULL<br>[suffix] No such realm "NULL"<br>
++[suffix] returns noop<br>[eap] EAP packet type response id 3 length 118<br>[eap] No EAP Start, assuming it's an on-going EAP conversation<br>++[eap] returns updated<br>++[files] returns noop<br>++[expiration] returns noop<br>
++[logintime] returns noop<br>++[pap] returns noop<br>Found Auth-Type = EAP<br># Executing group from file /etc/raddb/sites-enabled/default<br>+- entering group authenticate {...}<br>[eap] Request found, released from the list<br>
[eap] EAP/tls<br>[eap] processing type tls<br>[tls] Authenticate<br>[tls] processing EAP-TLS<br>[tls] eaptls_verify returned 7 <br>[tls] Done initial handshake<br>[tls] (other): before/accept initialization<br>[tls] TLS_accept: before/accept initialization<br>
[tls] <<< TLS 1.0 Handshake [length 006b], ClientHello <br>[tls] TLS_accept: SSLv3 read client hello A<br>[tls] >>> TLS 1.0 Handshake [length 0031], ServerHello <br>[tls] TLS_accept: SSLv3 write server hello A<br>
[tls] >>> TLS 1.0 Handshake [length 085e], Certificate <br>[tls] TLS_accept: SSLv3 write certificate A<br>[tls] >>> TLS 1.0 Handshake [length 020d], ServerKeyExchange <br>[tls] TLS_accept: SSLv3 write key exchange A<br>
[tls] >>> TLS 1.0 Handshake [length 00a7], CertificateRequest <br>[tls] TLS_accept: SSLv3 write certificate request A<br>[tls] TLS_accept: SSLv3 flush data<br>[tls] TLS_accept: Need to read more data: SSLv3 read client certificate A<br>
In SSL Handshake Phase <br>In SSL Accept mode <br>[tls] eaptls_process returned 13 <br>++[eap] returns handled<br>Sending Access-Challenge of id 11 to 192.168.1.1 port 2050<br> EAP-Message = 0x010404000dc000000b5716030100310200002d030150ea629edade68b29196650a02e89a0bbc7a678f82b96a462b76efd75699c84d000039000005ff01000100160301085e0b00085a0008570003a6308203a23082028aa003020102020101300d06092a864886f70d0101050500308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c65204365727469666963617465204175<br>
EAP-Message = 0x74686f72697479301e170d3133303130323230343931335a170d3133303330333230343931335a307c310b3009060355040613024652310f300d0603550408130652616469757331153013060355040a130c4578616d706c6520496e632e312330210603550403131a4578616d706c65205365727665722043657274696669636174653120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100a964d88984f11cf2e098e9d5067ed817b2fb753629751159a8fd20593b91b2e13ed90ee1a40af0d5a20c954c361d534de87499ddfc01fb<br>
EAP-Message = 0xdd17e668da7580b889bb76cd99e5a15fe170528fd99c344736d96ef562984a8aaaf3d7fe88c62a5ee4ce361905a185b8c7f4e4f4707e7c33fbaf720bf67c46a9d1b340b82fc9e5f614bdc9b0b72d4fcf3994a37178db025b37cc4e96b27f5d5e1826e5368610faff2a5029d662206d25c0a9490a50293df2569910f46beb4f46f67087b917a3b45a0a5a5ccc7fba5f7c9b9eaf86a07f8b994e8116b5665126c91d25a54c2c48fae0b8e3fce245773f2a4a1aafb97edb4399aa76b31b29752f9794f08176d189399f210203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d010105050003820101009619<br>
EAP-Message = 0x95251b10a7381486cc6ced9dd00aacdc4338a5564cf99ea96e489e35a561cf242342ce6661d35d3d9d87173698e530ecb82484b1ea3b5dd1cd9a4a1b2daefe3e6c1042f85d50692a4e012ac026a25a9bd9cc21d530eba40f8ea6b328518ccfa33a5cfac384e95981f5675bc2c01c5ef9809de95cfbf9aabc0df194efe65160d4b2967857897c1468afcba2718db7c15004847f729e757b26f6ff4a0b2e48b0cbb9eabd3d405497c87d7fc6f0872c5390fd9a791aff329be726d67ae2198e01ea1c8b49719bf3e8245db56f4574bb82ed02ed8eb7cfb7a0ee44b4fb350856e50c641720eb9edeab47a7d5a65ab64505ae4c4bec18d8bacedd3883fd72b9<br>
EAP-Message = 0x5d0004ab308204a73082038f<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0xabe3eedaa9e7e379298f3c2e2b2155c8<br>Finished request 10.<br>Going to the next request<br>Waking up in 0.4 seconds.<br>
rad_recv: Access-Request packet from host 192.168.1.1 port 2050, id=12, length=145<br> User-Name = "anonymous"<br> NAS-IP-Address = 192.168.1.1<br> NAS-Identifier = "NasId1"<br> NAS-Port = 0<br>
Called-Station-Id = "80-A1-D7-19-BC-CC"<br> Calling-Station-Id = "8C-A9-82-0A-72-C2"<br> Framed-MTU = 1400<br> NAS-Port-Type = Wireless-802.11<br> EAP-Message = 0x020400060d00<br> State = 0xabe3eedaa9e7e379298f3c2e2b2155c8<br>
Message-Authenticator = 0x149a9c87d709b9bf0e0365f5ac248e7f<br># Executing section authorize from file /etc/raddb/sites-enabled/default<br>+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>
++[mschap] returns noop<br>++[digest] returns noop<br>[suffix] No '@' in User-Name = "anonymous", looking up realm NULL<br>[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] EAP packet type response id 4 length 6<br>
[eap] No EAP Start, assuming it's an on-going EAP conversation<br>++[eap] returns updated<br>++[files] returns noop<br>++[expiration] returns noop<br>++[logintime] returns noop<br>++[pap] returns noop<br>Found Auth-Type = EAP<br>
# Executing group from file /etc/raddb/sites-enabled/default<br>+- entering group authenticate {...}<br>[eap] Request found, released from the list<br>[eap] EAP/tls<br>[eap] processing type tls<br>[tls] Authenticate<br>[tls] processing EAP-TLS<br>
[tls] Received TLS ACK<br>[tls] ACK handshake fragment handler<br>[tls] eaptls_verify returned 1 <br>[tls] eaptls_process returned 13 <br>++[eap] returns handled<br>Sending Access-Challenge of id 12 to 192.168.1.1 port 2050<br>
EAP-Message = 0x010504000dc000000b57a003020102020900893e0a05a634a356300d06092a864886f70d0101050500308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479301e170d3133303130363133333635375a170d3133303330373133333635375a308193310b3009060355040613024652310f300d06035504081306526164<br>
EAP-Message = 0x6975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f7269747930820122300d06092a864886f70d01010105000382010f003082010a0282010100ebdd02fa2a5b2b43e5806d41656bda51cfa2bca2936fbe168be1781f14ca7d2c608976fcfc45fd63bb44a21fa1a4b4e2a9d00a3603b9504d21d9d9120723846c660602372539c687c2e24ee4cfe4f6b433f3c4c6d4397e1eb079dd08872cb3eef18e35a5<br>
EAP-Message = 0x9a77761396f8666694336040a446e40374b306d1057aeb78b6a6296aee0f8930819b987adf8412bf6f4455b8c67f5c92bbae6bfbed30ecbd38fb7ee015a7d260e8ef80f47d8eba63dca2f2014fdc8fcd4db4d898e56388e3b4963c338ed11d9dfacae18e64573f17b72383d9ae9fa96d76fb9b47ee6e6ce7e2c5be485abada0feb5c4a9aa83297af2623cf931c3b88335fa3e781ab3dadfd3b62a2a10203010001a381fb3081f8301d0603551d0e04160414afc3a72620ddd02d5a37ee2fb8876c1793d4190d3081c80603551d230481c03081bd8014afc3a72620ddd02d5a37ee2fb8876c1793d4190da18199a48196308193310b3009060355040613<br>
EAP-Message = 0x024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479820900893e0a05a634a356300c0603551d13040530030101ff300d06092a864886f70d010105050003820101000bed6913d854c30ff8c5a9ae3f706e8cc97d5ee63ae8857b16297b38ab43b2562000e4f345dca706cf4c54156a134573a4b811751a43985545972e8807b60673979031538e7c5b<br>
EAP-Message = 0xc4643173fc8b9e067abaa332<br> Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0xabe3eedaa8e6e379298f3c2e2b2155c8<br>Finished request 11.<br>Going to the next request<br>Waking up in 0.3 seconds.<br>
rad_recv: Access-Request packet from host 192.168.1.1 port 2050, id=13, length=145<br> User-Name = "anonymous"<br> NAS-IP-Address = 192.168.1.1<br> NAS-Identifier = "NasId1"<br> NAS-Port = 0<br>
Called-Station-Id = "80-A1-D7-19-BC-CC"<br> Calling-Station-Id = "8C-A9-82-0A-72-C2"<br> Framed-MTU = 1400<br> NAS-Port-Type = Wireless-802.11<br> EAP-Message = 0x020500060d00<br> State = 0xabe3eedaa8e6e379298f3c2e2b2155c8<br>
Message-Authenticator = 0x9e8a73edbb4a3672f9accd02064288f1<br># Executing section authorize from file /etc/raddb/sites-enabled/default<br>+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>
++[mschap] returns noop<br>++[digest] returns noop<br>[suffix] No '@' in User-Name = "anonymous", looking up realm NULL<br>[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] EAP packet type response id 5 length 6<br>
[eap] No EAP Start, assuming it's an on-going EAP conversation<br>++[eap] returns updated<br>++[files] returns noop<br>++[expiration] returns noop<br>++[logintime] returns noop<br>++[pap] returns noop<br>Found Auth-Type = EAP<br>
# Executing group from file /etc/raddb/sites-enabled/default<br>+- entering group authenticate {...}<br>[eap] Request found, released from the list<br>[eap] EAP/tls<br>[eap] processing type tls<br>[tls] Authenticate<br>[tls] processing EAP-TLS<br>
[tls] Received TLS ACK<br>[tls] ACK handshake fragment handler<br>[tls] eaptls_verify returned 1 <br>[tls] eaptls_process returned 13 <br>++[eap] returns handled<br>Sending Access-Challenge of id 13 to 192.168.1.1 port 2050<br>
EAP-Message = 0x010603750d8000000b57c5525516ee08169c65c0605ff1cd8cb8875d23e93b6eae5bf6190e00fa5d09244e6d6df1fd4b721fa3e32b197ee2a3c2093c79b83fd8c8390d01480fe5e0f7a933d0d91217a6b989b36c62dadd8f1580d2316cfde9b2db5c8cb8767c614cdd722810fcd7aa086eebb0de60a915eee1c3bf3399aabd4e727e08a333010b0f34fefe6cf58fee5df022c2b1372272987c4c86fd91937e61f881b45d238101eda2d6705291d4ba43ee237f1dfec55a160301020d0c0002090080f1516afb0dd4bfb40ee4121b45f29c3e6e01b2997948fa411b9459c47d5cc1c7c94f69338de1c704610c3ecc7bb948de7838e51cf5c4bd11d9dac2<br>
EAP-Message = 0x657619ad86970871a77831bfe882d146839667309241f4d237e6996317113f458282372ac089f43c84e5f9cbbf5cf5af469ab7b0a7a3cc98363638dbcb57e41338d196f17b00010200802bd94c4be6d7bd6f520fe91b8cac697adaa8dc3240308d9f0b3f04f749c302cd5ec39ca8a931db592bf7d778e99e0291b46eb3cebb18db892b4c666f462cfa60b7fe2313902f570d413f3785ab8d9f5fd96ae5cec61d56254d16c5ecac43c81351dc8c3ff4780369d517f47258db7888ad6e7040bdf898e29c040a3cfcd4e394010013c6ca68e4913b46fc45bc2d0b38ab82f836a74e8de968a48a821dc9e93f2675d39fc47d3435ef78cf9ae12b1eef02426a<br>
EAP-Message = 0xa9e4932f46cd64a13d8e939a2e5814c9eb0c2336486ec1e414821fd7c6a1339f417c33ab2bd0fbd6ff4cecf8f97f6fe5c55c3c37af2d240c71988a9a4eedd099f278bd3d696f31581352ca435d450ed5e4a758d9cd74d3f9664d713636e3c23ba7ab21816ac344e5e5bb88e6eafa4fe3719ce5c7eab5f2fdd5a7815725a7e46982177439fca1b3c7dacd5a0a6b1212a72d45ed28b492eaeb19d4fc4656a032577c35e4d2774564a90fc45bff8329778bd3eff4592061287bebf209bc278adf498b695f4bfc0ee251e500be5b62f81a16030100a70d00009f040304010200980096308193310b3009060355040613024652310f300d0603550408130652<br>
EAP-Message = 0x61646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f726974790e000000<br>
Message-Authenticator = 0x00000000000000000000000000000000<br> State = 0xabe3eedaafe5e379298f3c2e2b2155c8<br>Finished request 12.<br>Going to the next request<br>Waking up in 0.3 seconds.<br>rad_recv: Access-Request packet from host 192.168.1.1 port 2050, id=14, length=152<br>
User-Name = "anonymous"<br> NAS-IP-Address = 192.168.1.1<br> NAS-Identifier = "NasId1"<br> NAS-Port = 0<br> Called-Station-Id = "80-A1-D7-19-BC-CC"<br> Calling-Station-Id = "8C-A9-82-0A-72-C2"<br>
Framed-MTU = 1400<br> NAS-Port-Type = Wireless-802.11<br> EAP-Message = 0x0206000d0d0015030100020233<br> State = 0xabe3eedaafe5e379298f3c2e2b2155c8<br> Message-Authenticator = 0xedb4fd5e95ead9066cd40b0e9436166f<br>
# Executing section authorize from file /etc/raddb/sites-enabled/default<br>+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>++[digest] returns noop<br>
[suffix] No '@' in User-Name = "anonymous", looking up realm NULL<br>[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] EAP packet type response id 6 length 13<br>[eap] No EAP Start, assuming it's an on-going EAP conversation<br>
++[eap] returns updated<br>++[files] returns noop<br>++[expiration] returns noop<br>++[logintime] returns noop<br>++[pap] returns noop<br>Found Auth-Type = EAP<br># Executing group from file /etc/raddb/sites-enabled/default<br>
+- entering group authenticate {...}<br>[eap] Request found, released from the list<br>[eap] EAP/tls<br>[eap] processing type tls<br>[tls] Authenticate<br>[tls] processing EAP-TLS<br>[tls] eaptls_verify returned 7 <br>[tls] Done initial handshake<br>
[tls] <<< TLS 1.0 Alert [length 0002], fatal decrypt_error <br>TLS Alert read:fatal:decrypt error<br> TLS_accept: failed in SSLv3 read client certificate A<br>rlm_eap: SSL error error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1 alert decrypt error<br>
SSL: SSL_read failed inside of TLS (-1), TLS session fails.<br>TLS receive handshake failed during operation<br>[tls] eaptls_process returned 4 <br>[eap] Handler failed in EAP/tls<br>[eap] Failed in EAP select<br>++[eap] returns invalid<br>
Failed to authenticate the user.<br>Using Post-Auth-Type REJECT<br># Executing group from file /etc/raddb/sites-enabled/default<br>+- entering group REJECT {...}<br>[attr_filter.access_reject] expand: %{User-Name} -> anonymous<br>
attr_filter: Matched entry DEFAULT at line 11<br>++[attr_filter.access_reject] returns updated<br>Delaying reject of request 13 for 1 seconds<br>Going to the next request<br>Waking up in 0.3 seconds.<br>Cleaning up request 2 ID 3 with timestamp +53<br>
Cleaning up request 3 ID 4 with timestamp +53<br>Cleaning up request 4 ID 5 with timestamp +53<br>Cleaning up request 5 ID 6 with timestamp +53<br>Cleaning up request 6 ID 7 with timestamp +53<br>Waking up in 0.5 seconds.<br>
Sending delayed reject for request 13<br>Sending Access-Reject of id 14 to 192.168.1.1 port 2050<br> EAP-Message = 0x04060004<br> Message-Authenticator = 0x00000000000000000000000000000000<br>Waking up in 0.4 seconds.<br>
#############################################################################################<br><br><div class="gmail_quote">On Mon, Jan 7, 2013 at 7:30 PM, Alan DeKok <span dir="ltr"><<a href="mailto:aland@deployingradius.com" target="_blank">aland@deployingradius.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im">Ajay Garg wrote:<br>
> I tried attaching the debug log-file, but the mail-message was rejected<br>
> by the mailing list for exceeding 100KB<br>
><br>
> How am I supposed to attach the complete logs?<br>
<br>
</div> Shorten it. Much of the conf file output can be deleted.<br>
<br>
Or, READ IT. Odds are that the answers to your questions are in the<br>
debug output.<br>
<div class="HOEnZb"><div class="h5"><br>
Alan DeKok.<br>
-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>Regards,<br>Ajay<br>