<html><body><div style="color:#000; background-color:#fff; font-family:times new roman, new york, times, serif;font-size:12pt"><div><div><font face="times new roman, new york, times, serif">Hi Freeradius users,</font></div><div><font face="times new roman, new york, times, serif">i have FR freeradius-2.2.0-0.fc17.i686 set up on fedora 17 machine. the wimax clients are supplying EAPttls Mschapv2 for authentication. a few weeks ago, the configuration was working and authenticating, but it suddenly stopped. the users are created in the users file and below is the radiusd -X output. any more info required will be promptly provided. could someone help me out on this? the wimax system is 4M alvarion and the CPe are well configured.</font></div><div><font face="times new roman, new york, times, serif"> ignore_null = no</font></div><div><font face="times new roman, new york, times, serif"> }</font></div><div><font face="times new
roman, new york, times, serif"> Module: Checking accounting {...} for more modules to load</font></div><div><font face="times new roman, new york, times, serif"> Module: Instantiating module "detail" from file /etc/raddb/modules/detail</font></div><div><font face="times new roman, new york, times, serif"> detail {</font></div><div><font face="times new roman, new york, times, serif"> detailfile = "/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"</font></div><div><font face="times new roman, new york, times, serif"> header = "%t"</font></div><div><font face="times new roman, new york, times, serif"> detailperm = 384</font></div><div><font face="times new roman, new york, times, serif"> dirperm = 493</font></div><div><font face="times new roman, new york, times, serif"> locking =
no</font></div><div><font face="times new roman, new york, times, serif"> log_packet_header = no</font></div><div><font face="times new roman, new york, times, serif"> }</font></div><div><font face="times new roman, new york, times, serif"> Module: Linked to module rlm_radutmp</font></div><div><font face="times new roman, new york, times, serif"> Module: Instantiating module "radutmp" from file /etc/raddb/modules/radutmp</font></div><div><font face="times new roman, new york, times, serif"> radutmp {</font></div><div><font face="times new roman, new york, times, serif"> filename = "/var/log/radius/radutmp"</font></div><div><font face="times new roman, new york, times, serif"> username = "%{User-Name}"</font></div><div><font face="times new roman, new york, times, serif"> case_sensitive = yes</font></div><div><font face="times
new roman, new york, times, serif"> check_with_nas = yes</font></div><div><font face="times new roman, new york, times, serif"> perm = 384</font></div><div><font face="times new roman, new york, times, serif"> callerid = yes</font></div><div><font face="times new roman, new york, times, serif"> }</font></div><div><font face="times new roman, new york, times, serif"> Module: Linked to module rlm_attr_filter</font></div><div><font face="times new roman, new york, times, serif"> Module: Instantiating module "attr_filter.accounting_response" from file /etc/raddb/modules/attr_filter</font></div><div><font face="times new roman, new york, times, serif"> attr_filter attr_filter.accounting_response {</font></div><div><font face="times new roman, new york, times, serif"> attrsfile =
"/etc/raddb/attrs.accounting_response"</font></div><div><font face="times new roman, new york, times, serif"> key = "%{User-Name}"</font></div><div><font face="times new roman, new york, times, serif"> relaxed = no</font></div><div><font face="times new roman, new york, times, serif"> }</font></div><div><font face="times new roman, new york, times, serif">reading pairlist file /etc/raddb/attrs.accounting_response</font></div><div><font face="times new roman, new york, times, serif"> Module: Checking session {...} for more modules to load</font></div><div><font face="times new roman, new york, times, serif"> Module: Checking post-proxy {...} for more modules to load</font></div><div><font face="times new roman, new york, times, serif"> Module: Checking post-auth {...} for more modules to load</font></div><div><font face="times new roman, new york, times, serif"> Module:
Instantiating module "attr_filter.access_reject" from file /etc/raddb/modules/attr_filter</font></div><div><font face="times new roman, new york, times, serif"> attr_filter attr_filter.access_reject {</font></div><div><font face="times new roman, new york, times, serif"> attrsfile = "/etc/raddb/attrs.access_reject"</font></div><div><font face="times new roman, new york, times, serif"> key = "%{User-Name}"</font></div><div><font face="times new roman, new york, times, serif"> relaxed = no</font></div><div><font face="times new roman, new york, times, serif"> }</font></div><div><font face="times new roman, new york, times, serif">reading pairlist file /etc/raddb/attrs.access_reject</font></div><div><font face="times new roman, new york, times, serif"> } # modules</font></div><div><font face="times new roman, new york, times, serif">} #
server</font></div><div><font face="times new roman, new york, times, serif">server inner-tunnel { # from file /etc/raddb/sites-enabled/inner-tunnel</font></div><div><font face="times new roman, new york, times, serif"> modules {</font></div><div><font face="times new roman, new york, times, serif"> Module: Checking authenticate {...} for more modules to load</font></div><div><font face="times new roman, new york, times, serif"> Module: Checking authorize {...} for more modules to load</font></div><div><font face="times new roman, new york, times, serif"> Module: Checking session {...} for more modules to load</font></div><div><font face="times new roman, new york, times, serif"> Module: Checking post-proxy {...} for more modules to load</font></div><div><font face="times new roman, new york, times, serif"> Module: Checking post-auth {...} for more modules to load</font></div><div><font face="times new roman, new york,
times, serif"> } # modules</font></div><div><font face="times new roman, new york, times, serif">} # server</font></div><div><font face="times new roman, new york, times, serif">radiusd: #### Opening IP addresses and Ports ####</font></div><div><font face="times new roman, new york, times, serif">listen {</font></div><div><font face="times new roman, new york, times, serif"> type = "auth"</font></div><div><font face="times new roman, new york, times, serif"> ipaddr = *</font></div><div><font face="times new roman, new york, times, serif"> port = 0</font></div><div><font face="times new roman, new york, times, serif">}</font></div><div><font face="times new roman, new york, times, serif">listen {</font></div><div><font face="times new roman, new york, times, serif"> type = "acct"</font></div><div><font face="times new roman, new york, times,
serif"> ipaddr = *</font></div><div><font face="times new roman, new york, times, serif"> port = 0</font></div><div><font face="times new roman, new york, times, serif">}</font></div><div><font face="times new roman, new york, times, serif">listen {</font></div><div><font face="times new roman, new york, times, serif"> type = "control"</font></div><div><font face="times new roman, new york, times, serif"> listen {</font></div><div><font face="times new roman, new york, times, serif"> socket = "/var/run/radiusd/radiusd.sock"</font></div><div><font face="times new roman, new york, times, serif"> }</font></div><div><font face="times new roman, new york, times, serif">}</font></div><div><font face="times new roman, new york, times, serif">listen {</font></div><div><font face="times new roman, new york, times, serif">
type = "auth"</font></div><div><font face="times new roman, new york, times, serif"> ipaddr = 127.0.0.1</font></div><div><font face="times new roman, new york, times, serif"> port = 18120</font></div><div><font face="times new roman, new york, times, serif">}</font></div><div><font face="times new roman, new york, times, serif"> ... adding new socket proxy address * port 46422</font></div><div><font face="times new roman, new york, times, serif">Listening on authentication address * port 1812</font></div><div><font face="times new roman, new york, times, serif">Listening on accounting address * port 1813</font></div><div><font face="times new roman, new york, times, serif">Listening on command file /var/run/radiusd/radiusd.sock</font></div><div><font face="times new roman, new york, times, serif">Listening on authentication address 127.0.0.1 port 18120 as server
inner-tunnel</font></div><div><font face="times new roman, new york, times, serif">Listening on proxy address * port 1814</font></div><div><font face="times new roman, new york, times, serif">Ready to process requests.</font></div><div><font face="times new roman, new york, times, serif">rad_recv: Access-Request packet from host 11.0.0.205 port 1812, id=153, length=196</font></div><div><font face="times new roman, new york, times, serif"> User-Name = "{sm=1}rawlacurone@adn.com"</font></div><div><font face="times new roman, new york, times, serif"> EAP-Message = 0x0201001e017b736d3d317d7261776c616375726f6e654061646e2e636f6d</font></div><div><font face="times new roman, new york, times, serif"> Message-Authenticator = 0x39a7eb8d6128461e0fa6caf5dd5c26c3</font></div><div><font face="times new roman, new york, times, serif"> NAS-Identifier =
"201"</font></div><div><font face="times new roman, new york, times, serif"> NAS-IP-Address = 11.0.0.205</font></div><div><font face="times new roman, new york, times, serif"> Calling-Station-Id = "AC-81-12-78-CA-6E"</font></div><div><font face="times new roman, new york, times, serif"> WiMAX-BS-Id = 0xfff329010102</font></div><div><font face="times new roman, new york, times, serif"> NAS-Port-Type = Wireless-802.16</font></div><div><font face="times new roman, new york, times, serif"> Framed-MTU = 2000</font></div><div><font face="times new roman, new york, times, serif"> Service-Type = Framed-User</font></div><div><font face="times new roman, new york, times, serif"> WiMAX-GMT-Timezone-offset = 256</font></div><div><font face="times new roman, new york, times,
serif"> WiMAX-Release = "1.0"</font></div><div><font face="times new roman, new york, times, serif"> WiMAX-Accounting-Capabilities = IP-Session-Based</font></div><div><font face="times new roman, new york, times, serif"> WiMAX-Attr-1793 = 0x0000028a</font></div><div><font face="times new roman, new york, times, serif"># Executing section authorize from file /etc/raddb/sites-enabled/default</font></div><div><font face="times new roman, new york, times, serif">+- entering group authorize {...}</font></div><div><font face="times new roman, new york, times, serif">++[preprocess] returns ok</font></div><div><font face="times new roman, new york, times, serif">[auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/radius/radacct/11.0.0.205/auth-detail-20130501</font></div><div><font face="times new roman, new york,
times, serif">[auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/11.0.0.205/auth-detail-20130501</font></div><div><font face="times new roman, new york, times, serif">[auth_log] expand: %t -> Wed May 1 17:46:27 2013</font></div><div><font face="times new roman, new york, times, serif">++[auth_log] returns fail</font></div><div><font face="times new roman, new york, times, serif">Using Post-Auth-Type REJECT</font></div><div><font face="times new roman, new york, times, serif"># Executing group from file /etc/raddb/sites-enabled/default</font></div><div><font face="times new roman, new york, times, serif">+- entering group REJECT {...}</font></div><div><font face="times new roman, new york, times, serif">[attr_filter.access_reject] expand: %{User-Name} -> {sm=1}rawlacurone@adn.com</font></div><div><font face="times new roman, new york, times,
serif">attr_filter: Matched entry DEFAULT at line 11</font></div><div><font face="times new roman, new york, times, serif">++[attr_filter.access_reject] returns updated</font></div><div><font face="times new roman, new york, times, serif">Delaying reject of request 0 for 1 seconds</font></div><div><font face="times new roman, new york, times, serif">Going to the next request</font></div><div><font face="times new roman, new york, times, serif">Waking up in 0.9 seconds.</font></div><div><font face="times new roman, new york, times, serif">Sending delayed reject for request 0</font></div><div><font face="times new roman, new york, times, serif">Sending Access-Reject of id 153 to 11.0.0.205 port 1812</font></div><div><font face="times new roman, new york, times, serif">Waking up in 4.9 seconds.</font></div><div><font face="times new roman, new york, times, serif">Cleaning up request 0 ID 153 with timestamp +1</font></div><div><font face="times new roman,
new york, times, serif">Ready to process requests.</font></div><div><font face="times new roman, new york, times, serif">rad_recv: Access-Request packet from host 11.0.0.205 port 1812, id=154, length=196</font></div><div><font face="times new roman, new york, times, serif"> User-Name = "{sm=1}rawlacurone@adn.com"</font></div><div><font face="times new roman, new york, times, serif"> EAP-Message = 0x0201001e017b736d3d317d7261776c616375726f6e654061646e2e636f6d</font></div><div><font face="times new roman, new york, times, serif"> Message-Authenticator = 0x0ddedece670902a6348d2b16c392c015</font></div><div><font face="times new roman, new york, times, serif"> NAS-Identifier = "201"</font></div><div><font face="times new roman, new york, times, serif"> NAS-IP-Address = 11.0.0.205</font></div><div><font face="times new roman,
new york, times, serif"> Calling-Station-Id = "AC-81-12-78-CA-6E"</font></div><div><font face="times new roman, new york, times, serif"> WiMAX-BS-Id = 0xfff329010102</font></div><div><font face="times new roman, new york, times, serif"> NAS-Port-Type = Wireless-802.16</font></div><div><font face="times new roman, new york, times, serif"> Framed-MTU = 2000</font></div><div><font face="times new roman, new york, times, serif"> Service-Type = Framed-User</font></div><div><font face="times new roman, new york, times, serif"> WiMAX-GMT-Timezone-offset = 256</font></div><div><font face="times new roman, new york, times, serif"> WiMAX-Release = "1.0"</font></div><div><font face="times new roman, new york, times, serif">
WiMAX-Accounting-Capabilities = IP-Session-Based</font></div><div><font face="times new roman, new york, times, serif"> WiMAX-Attr-1793 = 0x0000028a</font></div><div><font face="times new roman, new york, times, serif"># Executing section authorize from file /etc/raddb/sites-enabled/default</font></div><div><font face="times new roman, new york, times, serif">+- entering group authorize {...}</font></div><div><font face="times new roman, new york, times, serif">++[preprocess] returns ok</font></div><div><font face="times new roman, new york, times, serif">[auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/radius/radacct/11.0.0.205/auth-detail-20130501</font></div><div><font face="times new roman, new york, times, serif">[auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to
/var/log/radius/radacct/11.0.0.205/auth-detail-20130501</font></div><div><font face="times new roman, new york, times, serif">[auth_log] expand: %t -> Wed May 1 17:46:35 2013</font></div><div><font face="times new roman, new york, times, serif">++[auth_log] returns fail</font></div><div><font face="times new roman, new york, times, serif">Using Post-Auth-Type REJECT</font></div><div><font face="times new roman, new york, times, serif"># Executing group from file /etc/raddb/sites-enabled/default</font></div><div><font face="times new roman, new york, times, serif">+- entering group REJECT {...}</font></div><div><font face="times new roman, new york, times, serif">[attr_filter.access_reject] expand: %{User-Name} -> {sm=1}rawlacurone@adn.com</font></div><div><font face="times new roman, new york, times, serif">attr_filter: Matched entry DEFAULT at line 11</font></div><div><font face="times new roman, new york,
times, serif">++[attr_filter.access_reject] returns updated</font></div><div><font face="times new roman, new york, times, serif">Delaying reject of request 1 for 1 seconds</font></div><div><font face="times new roman, new york, times, serif">Going to the next request</font></div><div><font face="times new roman, new york, times, serif">Waking up in 0.9 seconds.</font></div><div><font face="times new roman, new york, times, serif">Sending delayed reject for request 1</font></div><div><font face="times new roman, new york, times, serif">Sending Access-Reject of id 154 to 11.0.0.205 port 1812</font></div><div><font face="times new roman, new york, times, serif">Waking up in 4.9 seconds.</font></div><div><font face="times new roman, new york, times, serif">Cleaning up request 1 ID 154 with timestamp +9</font></div><div><font face="times new roman, new york, times, serif">Ready to process requests.</font></div><div><font face="times new roman, new york,
times, serif">rad_recv: Access-Request packet from host 11.0.0.205 port 1812, id=155, length=196</font></div><div><font face="times new roman, new york, times, serif"> User-Name = "{sm=1}rawlacurone@adn.com"</font></div><div><font face="times new roman, new york, times, serif"> EAP-Message = 0x0201001e017b736d3d317d7261776c616375726f6e654061646e2e636f6d</font></div><div><font face="times new roman, new york, times, serif"> Message-Authenticator = 0x8cbc1a4105e88c044aaa7a95df6dc98a</font></div><div><font face="times new roman, new york, times, serif"> NAS-Identifier = "201"</font></div><div><font face="times new roman, new york, times, serif"> NAS-IP-Address = 11.0.0.205</font></div><div><font face="times new roman, new york, times, serif"> Calling-Station-Id =
"AC-81-12-78-CA-6E"</font></div><div><font face="times new roman, new york, times, serif"> WiMAX-BS-Id = 0xfff329010102</font></div><div><font face="times new roman, new york, times, serif"> NAS-Port-Type = Wireless-802.16</font></div><div><font face="times new roman, new york, times, serif"> Framed-MTU = 2000</font></div><div><font face="times new roman, new york, times, serif"> Service-Type = Framed-User</font></div><div><font face="times new roman, new york, times, serif"> WiMAX-GMT-Timezone-offset = 256</font></div><div><font face="times new roman, new york, times, serif"> WiMAX-Release = "1.0"</font></div><div><font face="times new roman, new york, times, serif"> WiMAX-Accounting-Capabilities = IP-Session-Based</font></div><div><font face="times new roman, new
york, times, serif"> WiMAX-Attr-1793 = 0x0000028a</font></div><div><font face="times new roman, new york, times, serif"># Executing section authorize from file /etc/raddb/sites-enabled/default</font></div><div><font face="times new roman, new york, times, serif">+- entering group authorize {...}</font></div><div><font face="times new roman, new york, times, serif">++[preprocess] returns ok</font></div><div><font face="times new roman, new york, times, serif">[auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/radius/radacct/11.0.0.205/auth-detail-20130501</font></div><div><font face="times new roman, new york, times, serif">[auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/11.0.0.205/auth-detail-20130501</font></div><div><font face="times new roman, new york, times, serif">[auth_log]
expand: %t -> Wed May 1 17:46:43 2013</font></div><div><font face="times new roman, new york, times, serif">++[auth_log] returns fail</font></div><div><font face="times new roman, new york, times, serif">Using Post-Auth-Type REJECT</font></div><div><font face="times new roman, new york, times, serif"># Executing group from file /etc/raddb/sites-enabled/default</font></div><div><font face="times new roman, new york, times, serif">+- entering group REJECT {...}</font></div><div><font face="times new roman, new york, times, serif">[attr_filter.access_reject] expand: %{User-Name} -> {sm=1}rawlacurone@adn.com</font></div><div><font face="times new roman, new york, times, serif">attr_filter: Matched entry DEFAULT at line 11</font></div><div><font face="times new roman, new york, times, serif">++[attr_filter.access_reject] returns updated</font></div><div><font face="times new roman, new york, times, serif">Delaying reject of
request 2 for 1 seconds</font></div><div><font face="times new roman, new york, times, serif">Going to the next request</font></div><div><font face="times new roman, new york, times, serif">Waking up in 0.9 seconds.</font></div><div><font face="times new roman, new york, times, serif">Sending delayed reject for request 2</font></div><div><font face="times new roman, new york, times, serif">Sending Access-Reject of id 155 to 11.0.0.205 port 1812</font></div><div><font face="times new roman, new york, times, serif">Waking up in 4.9 seconds.</font></div><div><font face="times new roman, new york, times, serif">Cleaning up request 2 ID 155 with timestamp +17</font></div><div><font face="times new roman, new york, times, serif">Ready to process requests.</font></div><div><font face="times new roman, new york, times, serif">rad_recv: Access-Request packet from host 11.0.0.205 port 1812, id=157, length=196</font></div><div><font face="times new roman, new
york, times, serif"> User-Name = "{sm=1}rawlacurone@adn.com"</font></div><div><font face="times new roman, new york, times, serif"> EAP-Message = 0x0201001e017b736d3d317d7261776c616375726f6e654061646e2e636f6d</font></div><div><font face="times new roman, new york, times, serif"> Message-Authenticator = 0xd84871a21825f994c68593b4d78ca653</font></div><div><font face="times new roman, new york, times, serif"> NAS-Identifier = "201"</font></div><div><font face="times new roman, new york, times, serif"> NAS-IP-Address = 11.0.0.205</font></div><div><font face="times new roman, new york, times, serif"> Calling-Station-Id = "AC-81-12-78-CA-6E"</font></div><div><font face="times new roman, new york, times, serif"> WiMAX-BS-Id = 0xfff329010102</font></div><div><font face="times
new roman, new york, times, serif"> NAS-Port-Type = Wireless-802.16</font></div><div><font face="times new roman, new york, times, serif"> Framed-MTU = 2000</font></div><div><font face="times new roman, new york, times, serif"> Service-Type = Framed-User</font></div><div><font face="times new roman, new york, times, serif"> WiMAX-GMT-Timezone-offset = 256</font></div><div><font face="times new roman, new york, times, serif"> WiMAX-Release = "1.0"</font></div><div><font face="times new roman, new york, times, serif"> WiMAX-Accounting-Capabilities = IP-Session-Based</font></div><div><font face="times new roman, new york, times, serif"> WiMAX-Attr-1793 = 0x0000028a</font></div><div><font face="times new roman, new york, times, serif"># Executing section authorize from
file /etc/raddb/sites-enabled/default</font></div><div><font face="times new roman, new york, times, serif">+- entering group authorize {...}</font></div><div><font face="times new roman, new york, times, serif">++[preprocess] returns ok</font></div><div><font face="times new roman, new york, times, serif">[auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail</font></div><div><font face="times new roman, new york, times, serif">[auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expan</font></div><div><font face="times new roman, new york, times, serif">[auth_log] expand: %t -> Wed May 1 17:46:50 2013</font></div><div><font face="times new roman, new york, times, serif">++[auth_log] returns fail</font></div><div><font face="times new roman, new york, times, serif">Using Post-Auth-Type REJECT</font></div><div><font face="times new roman, new york, times,
serif"># Executing group from file /etc/raddb/sites-enabled/default</font></div><div><font face="times new roman, new york, times, serif">+- entering group REJECT {...}</font></div><div><font face="times new roman, new york, times, serif">[attr_filter.access_reject] expand: %{User-Name} -> {sm=1}rawlacurone@adn.co</font></div><div><font face="times new roman, new york, times, serif">attr_filter: Matched entry DEFAULT at line 11</font></div><div><font face="times new roman, new york, times, serif">++[attr_filter.access_reject] returns updated</font></div><div><font face="times new roman, new york, times, serif">Delaying reject of request 3 for 1 seconds</font></div><div><font face="times new roman, new york, times, serif">Going to the next request</font></div><div><font face="times new roman, new york, times, serif">Waking up in 0.9 seconds.</font></div><div><font face="times new roman, new york, times, serif">Sending delayed reject for
request 3</font></div><div><font face="times new roman, new york, times, serif">Sending Access-Reject of id 157 to 11.0.0.205 port 1812</font></div><div><font face="times new roman, new york, times, serif">Waking up in 4.9 seconds.</font></div><div><font face="times new roman, new york, times, serif">^C</font></div><div><font face="times new roman, new york, times, serif">[root@adn larry]#</font></div><div style="font-family: 'times new roman', 'new york', times, serif; font-size: 12pt;"><br></div></div></div></body></html>