<div dir="ltr">hi everybody,<div>I am trying to configure eap with some customized certificates, I have configured eap.config correctly. </div><div>But I am getting the error of "certificate expired". Although i have the latest certificates.</div>
<div>here is the log</div><div><div>Listening on authentication address * port 1812</div><div>Listening on accounting address * port 1813</div><div>Listening on command file /usr/local/var/run/radiusd/radiusd.sock</div><div>
Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel</div><div>Listening on proxy address * port 1814</div><div>Ready to process requests.</div><div>rad_recv: Access-Request packet from host 2.2.2.2 port 10010, id=241, length=216</div>
<div><span class="" style="white-space:pre"> </span>User-Name = "<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>"</div><div><span class="" style="white-space:pre"> </span>NAS-IP-Address = 2.2.2.2</div>
<div><span class="" style="white-space:pre"> </span>Calling-Station-Id = "0026826172c4"</div><div><span class="" style="white-space:pre"> </span>NAS-Identifier = "WASN"</div><div><span class="" style="white-space:pre"> </span>Event-Timestamp = "Jul 18 2013 16:53:41 PKT"</div>
<div><span class="" style="white-space:pre"> </span>EAP-Message = 0x02f2001e0130303236383236313732433440746573745f6370652e636f6d</div><div><span class="" style="white-space:pre"> </span>WiMAX-Release = "1.1"</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-Accounting-Capabilities = Flow-Based</div><div><span class="" style="white-space:pre"> </span>WiMAX-Hotlining-Capabilities = Hotline-Profile-Id</div><div><span class="" style="white-space:pre"> </span>WiMAX-Idle-Mode-Notification-Cap = Supported</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-Attr-1281 = 0x01</div><div><span class="" style="white-space:pre"> </span>WiMAX-BS-Id = 0x303030303066303030663130</div><div><span class="" style="white-space:pre"> </span>WiMAX-GMT-Timezone-offset = 18000</div>
<div><span class="" style="white-space:pre"> </span>NAS-Port-Type = Wireless-802.16</div><div><span class="" style="white-space:pre"> </span>WiMAX-Available-In-Client = 99</div><div><span class="" style="white-space:pre"> </span>Service-Type = Framed-User</div>
<div><span class="" style="white-space:pre"> </span>Message-Authenticator = 0xf6c08b2315b3ca00a2121a64e669594a</div><div># Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default</div><div>+- entering group authorize {...}</div>
<div>++[preprocess] returns ok</div><div>[eap] EAP packet type response id 242 length 30</div><div>[eap] No EAP Start, assuming it's an on-going EAP conversation</div><div>++[eap] returns updated</div><div>[eap] EAP packet type response id 242 length 30</div>
<div>[eap] No EAP Start, assuming it's an on-going EAP conversation</div><div>++[eap] returns updated</div><div>[sql] <span class="" style="white-space:pre"> </span>expand: %{User-Name} -> <a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a></div>
<div>[sql] sql_set_user escaped user --> '<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>'</div><div>rlm_sql (sql): Reserving sql socket id: 4</div><div>[sql] <span class="" style="white-space:pre"> </span>expand: select RC_ID,USERNAME,Attribute,Value,op from (SELECT rownum AS RC_ID,'%{SQL-USER-NAME}' AS USERNAME,'Auth-Type' AS Attribute, AAA_GETVALUETOCHECKWITRIBE('%{SQL-USER-NAME}') AS Value,':=' AS op FROM dual) union (SELECT rownum+1 AS RC_ID,'%{SQL-USER-NAME}' AS USERNAME,'Login-Time' AS Attribute, (select decode(STC_WEEKDAY,'Any','Any',substr(STC_WEEKDAY,1,2))||decode(STC_FROMHH,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_FROMHH)||decode(STC_FROMMM,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_FROMMM)||'-'||decode(STC_TOHH,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_TOHH)||decode(STC_TOMM,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_TOMM) from SER_TBLSUBSSERVICESBUCKETS where SS_SUBSRVID in ((AAA_GETVALUESERVICEID('%{SQL-USER-NAME}'))) ) AS Value,':=' AS op FROM dual) order by RC_ID -> select RC_ID,USERNAME,Attribute,Value,op from (SELECT rownum AS RC_ID,'<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>'</div>
<div>[sql] User found in radcheck table</div><div>[sql] <span class="" style="white-space:pre"> </span>expand: select rownum, '%{SQL-USER-NAME}', RR_ATTRIBUTE, RR_VALUE, RR_OP FROM AAA_TBLRADREPLY where PR_ID in (select PR_ID from SER_TBLSUBSSERVICESBUCKETS where SS_SUBSRVID in ( (AAA_GETVALUESERVICEID('%{SQL-USER-NAME}') )) and (THR_THROTTLEID=0 or THR_THROTTLEID is null) and RE_RESOURSEID=0 and to_date(to_char(sysdate,'hh24:mm'),'hh24:mm')>=to_date((STC_FROMHH||':'||STC_FROMMM),'hh24:mi') and to_date(to_char(sysdate,'hh24:mm'),'hh24:mm')<=to_date((STC_TOHH||':'||STC_TOMM),'hh24:mi') and (STC_WEEKDAY='Any' or STC_WEEKDAY=to_char(sysdate,'Day') )) AND NE_ELEMENTID in (SELECT NE_ELEMENTID FROM NC_TBLNEACESSCONF WHERE NEAC_IPADDRESS = '%{NAS-IP-Address}') -> select rownum, '<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>', RR_ATTRIBUTE, RR_VALUE, RR_OP FROM AAA_TBLRADREPLY where PR_ID in (select PR_ID from SER_TBLSUBSSERVICESBUCKETS where SS_SUBSRVID in ( (AAA_GETVALUESERVICEID('<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>') )) and (THR_THROTTLEID=0 or THR_THROTTLEID is null) and RE_RESOURSEID=0 and to_date(to_char(sysdate,'hh24:mm'),'hh24:</div>
<div>rlm_sql (sql): Released sql socket id: 4</div><div>++[sql] returns ok</div><div>Found Auth-Type = Accept</div><div>Found Auth-Type = EAP</div><div>Warning: Found 2 auth-types on request for user '<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>'</div>
<div># Executing group from file /usr/local/etc/raddb/sites-enabled/default</div><div>+- entering group eap {...}</div><div>[eap] EAP Identity</div><div>[eap] processing type tls</div><div>[tls] Requiring client certificate</div>
<div>[tls] Initiate</div><div>[tls] Start returned 1</div><div>++[eap] returns handled</div><div>Sending Access-Challenge of id 241 to 2.2.2.2 port 10010</div><div><span class="" style="white-space:pre"> </span>hw-application-type := Simple-Mobile</div>
<div><span class="" style="white-space:pre"> </span>hw-flow-info := "FI=0,QD=2;55;0;49;1024000;100000;4096;50;25,FD=0;;;;;;;;;;;0"</div><div><span class="" style="white-space:pre"> </span>hw-application-scene := 1</div>
<div><span class="" style="white-space:pre"> </span>hw-flow-info += "FI=0,QU=2;55;0;49;256000;100000;4096;50;25,FU=0;;;;;;;;;;"</div><div><span class="" style="white-space:pre"> </span>WiMAX-Release := "1.1"</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-Accounting-Capabilities := Flow-Based</div><div><span class="" style="white-space:pre"> </span>WiMAX-Hotlining-Capabilities := Hotline-Profile-Id</div><div><span class="" style="white-space:pre"> </span>WiMAX-Idle-Mode-Notification-Cap := Supported</div>
<div><span class="" style="white-space:pre"> </span>hw-flow-info += "FI=0,QU=3;52;0;;131072;0;4096;;"</div><div><span class="" style="white-space:pre"> </span>hw-flow-info += "FI=0,QD=3;52;0;;524288;0;4096;;"</div>
<div><span class="" style="white-space:pre"> </span>EAP-Message = 0x01f300060d20</div><div><span class="" style="white-space:pre"> </span>Message-Authenticator = 0x00000000000000000000000000000000</div><div><span class="" style="white-space:pre"> </span>State = 0x0718f89107ebf525d78d83a17abaa53c</div>
<div>Finished request 0.</div><div>Going to the next request</div><div>Waking up in 4.9 seconds.</div><div>rad_recv: Access-Request packet from host 2.2.2.2 port 10010, id=242, length=298</div><div><span class="" style="white-space:pre"> </span>User-Name = "<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>"</div>
<div><span class="" style="white-space:pre"> </span>NAS-IP-Address = 2.2.2.2</div><div><span class="" style="white-space:pre"> </span>State = 0x0718f89107ebf525d78d83a17abaa53c</div><div><span class="" style="white-space:pre"> </span>Calling-Station-Id = "0026826172c4"</div>
<div><span class="" style="white-space:pre"> </span>NAS-Identifier = "WASN"</div><div><span class="" style="white-space:pre"> </span>Event-Timestamp = "Jul 18 2013 16:53:41 PKT"</div><div><span class="" style="white-space:pre"> </span>EAP-Message = 0x02f3005e0d0016030100530100004f03013dc8d3a7680f76fa87876469bd0b8eb5eb633c9db9d79a985f8d60a72479101c00002800390038003500160013000a00330032002f000700050004001500120009001400110008000600030100</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-Release = "1.1"</div><div><span class="" style="white-space:pre"> </span>WiMAX-Accounting-Capabilities = Flow-Based</div><div><span class="" style="white-space:pre"> </span>WiMAX-Hotlining-Capabilities = Hotline-Profile-Id</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-Idle-Mode-Notification-Cap = Supported</div><div><span class="" style="white-space:pre"> </span>WiMAX-Attr-1281 = 0x01</div><div><span class="" style="white-space:pre"> </span>WiMAX-BS-Id = 0x303030303066303030663130</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-GMT-Timezone-offset = 18000</div><div><span class="" style="white-space:pre"> </span>NAS-Port-Type = Wireless-802.16</div><div><span class="" style="white-space:pre"> </span>WiMAX-Available-In-Client = 99</div>
<div><span class="" style="white-space:pre"> </span>Service-Type = Framed-User</div><div><span class="" style="white-space:pre"> </span>Message-Authenticator = 0x9469972114207760975db1717a3a34d5</div><div># Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default</div>
<div>+- entering group authorize {...}</div><div>++[preprocess] returns ok</div><div>[eap] EAP packet type response id 243 length 94</div><div>[eap] No EAP Start, assuming it's an on-going EAP conversation</div><div>++[eap] returns updated</div>
<div>[eap] EAP packet type response id 243 length 94</div><div>[eap] No EAP Start, assuming it's an on-going EAP conversation</div><div>++[eap] returns updated</div><div>[sql] <span class="" style="white-space:pre"> </span>expand: %{User-Name} -> <a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a></div>
<div>[sql] sql_set_user escaped user --> '<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>'</div><div>rlm_sql (sql): Reserving sql socket id: 3</div><div>[sql] <span class="" style="white-space:pre"> </span>expand: select RC_ID,USERNAME,Attribute,Value,op from (SELECT rownum AS RC_ID,'%{SQL-USER-NAME}' AS USERNAME,'Auth-Type' AS Attribute, AAA_GETVALUETOCHECKWITRIBE('%{SQL-USER-NAME}') AS Value,':=' AS op FROM dual) union (SELECT rownum+1 AS RC_ID,'%{SQL-USER-NAME}' AS USERNAME,'Login-Time' AS Attribute, (select decode(STC_WEEKDAY,'Any','Any',substr(STC_WEEKDAY,1,2))||decode(STC_FROMHH,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_FROMHH)||decode(STC_FROMMM,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_FROMMM)||'-'||decode(STC_TOHH,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_TOHH)||decode(STC_TOMM,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_TOMM) from SER_TBLSUBSSERVICESBUCKETS where SS_SUBSRVID in ((AAA_GETVALUESERVICEID('%{SQL-USER-NAME}'))) ) AS Value,':=' AS op FROM dual) order by RC_ID -> select RC_ID,USERNAME,Attribute,Value,op from (SELECT rownum AS RC_ID,'<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>'</div>
<div>[sql] User found in radcheck table</div><div>[sql] <span class="" style="white-space:pre"> </span>expand: select rownum, '%{SQL-USER-NAME}', RR_ATTRIBUTE, RR_VALUE, RR_OP FROM AAA_TBLRADREPLY where PR_ID in (select PR_ID from SER_TBLSUBSSERVICESBUCKETS where SS_SUBSRVID in ( (AAA_GETVALUESERVICEID('%{SQL-USER-NAME}') )) and (THR_THROTTLEID=0 or THR_THROTTLEID is null) and RE_RESOURSEID=0 and to_date(to_char(sysdate,'hh24:mm'),'hh24:mm')>=to_date((STC_FROMHH||':'||STC_FROMMM),'hh24:mi') and to_date(to_char(sysdate,'hh24:mm'),'hh24:mm')<=to_date((STC_TOHH||':'||STC_TOMM),'hh24:mi') and (STC_WEEKDAY='Any' or STC_WEEKDAY=to_char(sysdate,'Day') )) AND NE_ELEMENTID in (SELECT NE_ELEMENTID FROM NC_TBLNEACESSCONF WHERE NEAC_IPADDRESS = '%{NAS-IP-Address}') -> select rownum, '<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>', RR_ATTRIBUTE, RR_VALUE, RR_OP FROM AAA_TBLRADREPLY where PR_ID in (select PR_ID from SER_TBLSUBSSERVICESBUCKETS where SS_SUBSRVID in ( (AAA_GETVALUESERVICEID('<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>') )) and (THR_THROTTLEID=0 or THR_THROTTLEID is null) and RE_RESOURSEID=0 and to_date(to_char(sysdate,'hh24:mm'),'hh24:</div>
<div>rlm_sql (sql): Released sql socket id: 3</div><div>++[sql] returns ok</div><div>Found Auth-Type = Accept</div><div>Found Auth-Type = EAP</div><div>Warning: Found 2 auth-types on request for user '<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>'</div>
<div># Executing group from file /usr/local/etc/raddb/sites-enabled/default</div><div>+- entering group eap {...}</div><div>[eap] Request found, released from the list</div><div>[eap] EAP/tls</div><div>[eap] processing type tls</div>
<div>[tls] Authenticate</div><div>[tls] processing EAP-TLS</div><div>[tls] eaptls_verify returned 7 </div><div>[tls] Done initial handshake</div><div>[tls] (other): before/accept initialization</div><div>[tls] TLS_accept: before/accept initialization</div>
<div>[tls] <<< TLS 1.0 Handshake [length 0053], ClientHello </div><div>[tls] TLS_accept: SSLv3 read client hello A</div><div>[tls] >>> TLS 1.0 Handshake [length 002a], ServerHello </div><div>[tls] TLS_accept: SSLv3 write server hello A</div>
<div>[tls] >>> TLS 1.0 Handshake [length 041d], Certificate </div><div>[tls] TLS_accept: SSLv3 write certificate A</div><div>[tls] >>> TLS 1.0 Handshake [length 020d], ServerKeyExchange </div><div>
[tls] TLS_accept: SSLv3 write key exchange A</div><div>[tls] >>> TLS 1.0 Handshake [length 02c6], CertificateRequest </div><div>[tls] TLS_accept: SSLv3 write certificate request A</div><div>[tls] TLS_accept: SSLv3 flush data</div>
<div>[tls] TLS_accept: Need to read more data: SSLv3 read client certificate A</div><div>In SSL Handshake Phase </div><div>In SSL Accept mode </div><div>[tls] eaptls_process returned 13 </div><div>++[eap] returns handled</div>
<div>Sending Access-Challenge of id 242 to 2.2.2.2 port 10010</div><div><span class="" style="white-space:pre"> </span>hw-application-type := Simple-Mobile</div><div><span class="" style="white-space:pre"> </span>hw-flow-info := "FI=0,QD=2;55;0;49;1024000;100000;4096;50;25,FD=0;;;;;;;;;;;0"</div>
<div><span class="" style="white-space:pre"> </span>hw-application-scene := 1</div><div><span class="" style="white-space:pre"> </span>hw-flow-info += "FI=0,QU=2;55;0;49;256000;100000;4096;50;25,FU=0;;;;;;;;;;"</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-Release := "1.1"</div><div><span class="" style="white-space:pre"> </span>WiMAX-Accounting-Capabilities := Flow-Based</div><div><span class="" style="white-space:pre"> </span>WiMAX-Hotlining-Capabilities := Hotline-Profile-Id</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-Idle-Mode-Notification-Cap := Supported</div><div><span class="" style="white-space:pre"> </span>hw-flow-info += "FI=0,QU=3;52;0;;131072;0;4096;;"</div><div>
<span class="" style="white-space:pre"> </span>hw-flow-info += "FI=0,QD=3;52;0;;524288;0;4096;;"</div><div><span class="" style="white-space:pre"> </span>EAP-Message = 0x01f404000dc00000092e160301002a02000026030151e7d364c55e3e763c5d8c8dbdaf4710f12b4d01814f68ea37a38ea02698410f00003900160301041d0b0004190004160004133082040f30820378a00302010202100a8daa0eb4b4dc5173a3e0b28f8a6f54300d06092a864886f70d01010505003081ce310b3009060355040613025a41311530130603550408130c5765737465726e204361706531123010060355040713094361706520546f776e311d301b060355040a131454686177746520436f6e73756c74696e6720636331283026060355040b131f43657274696669636174696f6e205365727669636573204469766973696f6e312130</div>
<div><span class="" style="white-space:pre"> </span>EAP-Message = 0x1f06035504031318546861777465205072656d69756d205365727665722043413128302606092a864886f70d01090116197072656d69756d2d736572766572407468617774652e636f6d301e170d3039303331363030303030305a170d3134303331353233353935395a30818f310b300906035504061302504b3110300e060355040813074361706974616c311230100603550407130949736c616d6162616431223020060355040a131957492d54524942452050414b495354414e204c494d49544544310e300c060355040b130557694d4158312630240603550403131d6973622d64636e2d6e706d2d312e77692d74726962652e6e65742e706b30</div>
<div><span class="" style="white-space:pre"> </span>EAP-Message = 0x820122300d06092a864886f70d01010105000382010f003082010a0282010100e28863d9e8d12cd729c23ee0d04f706c1021a62e380df58f4d05ce8127cc86ba076db893764f48f1fab9c9d167da1c8b98f6d43e9c0d5b4fff25e4e77b58b9648634505d96d5eaa9390b9fdb388fb7d1376884086f5f35cb3c93804b6d15941f520aa960172c9abfbc6e8ab749444ccdc8e8d7a694f653535bd4299a0ce89cff1ff5c02d4b709947dab10d19fb26f1eb805dc3978998fb425099dbed5509dce7c585df45f1919314fefaadff501ca6f22b535b4066b6a10b99c80fc41b1140f308e798e2a586781c9452cb906797eea317500b2b3d52f0c9a6be20c758</div>
<div><span class="" style="white-space:pre"> </span>EAP-Message = 0x22d6a21edf30d99140bb973e95a8d990dc48271319ad889db9954d3f1b9440851c08190203010001a381a63081a3300c0603551d130101ff0402300030400603551d1f043930373035a033a031862f687474703a2f2f63726c2e7468617774652e636f6d2f5468617774655365727665725072656d69756d43412e63726c301d0603551d250416301406082b0601050507030106082b06010505070302303206082b0601050507010104263024302206082b060105050730018616687474703a2f2f6f6373702e7468617774652e636f6d300d06092a864886f70d0101050500038181009042258eddf33fd439caed0bafd47843de7912872f8dff187f</div>
<div><span class="" style="white-space:pre"> </span>EAP-Message = 0x47830d0d7cc25b2a6ccf51eb</div><div><span class="" style="white-space:pre"> </span>Message-Authenticator = 0x00000000000000000000000000000000</div><div><span class="" style="white-space:pre"> </span>State = 0x0718f89106ecf525d78d83a17abaa53c</div>
<div>Finished request 1.</div><div>Going to the next request</div><div>Waking up in 4.8 seconds.</div><div>rad_recv: Access-Request packet from host 2.2.2.2 port 10010, id=243, length=210</div><div><span class="" style="white-space:pre"> </span>User-Name = "<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>"</div>
<div><span class="" style="white-space:pre"> </span>NAS-IP-Address = 2.2.2.2</div><div><span class="" style="white-space:pre"> </span>State = 0x0718f89106ecf525d78d83a17abaa53c</div><div><span class="" style="white-space:pre"> </span>Calling-Station-Id = "0026826172c4"</div>
<div><span class="" style="white-space:pre"> </span>NAS-Identifier = "WASN"</div><div><span class="" style="white-space:pre"> </span>Event-Timestamp = "Jul 18 2013 16:53:41 PKT"</div><div><span class="" style="white-space:pre"> </span>EAP-Message = 0x02f400060d00</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-Release = "1.1"</div><div><span class="" style="white-space:pre"> </span>WiMAX-Accounting-Capabilities = Flow-Based</div><div><span class="" style="white-space:pre"> </span>WiMAX-Hotlining-Capabilities = Hotline-Profile-Id</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-Idle-Mode-Notification-Cap = Supported</div><div><span class="" style="white-space:pre"> </span>WiMAX-Attr-1281 = 0x01</div><div><span class="" style="white-space:pre"> </span>WiMAX-BS-Id = 0x303030303066303030663130</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-GMT-Timezone-offset = 18000</div><div><span class="" style="white-space:pre"> </span>NAS-Port-Type = Wireless-802.16</div><div><span class="" style="white-space:pre"> </span>WiMAX-Available-In-Client = 99</div>
<div><span class="" style="white-space:pre"> </span>Service-Type = Framed-User</div><div><span class="" style="white-space:pre"> </span>Message-Authenticator = 0x70c92466c047fac172063f65e7c3a753</div><div># Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default</div>
<div>+- entering group authorize {...}</div><div>++[preprocess] returns ok</div><div>[eap] EAP packet type response id 244 length 6</div><div>[eap] No EAP Start, assuming it's an on-going EAP conversation</div><div>++[eap] returns updated</div>
<div>[eap] EAP packet type response id 244 length 6</div><div>[eap] No EAP Start, assuming it's an on-going EAP conversation</div><div>++[eap] returns updated</div><div>[sql] <span class="" style="white-space:pre"> </span>expand: %{User-Name} -> <a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a></div>
<div>[sql] sql_set_user escaped user --> '<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>'</div><div>rlm_sql (sql): Reserving sql socket id: 2</div><div>[sql] <span class="" style="white-space:pre"> </span>expand: select RC_ID,USERNAME,Attribute,Value,op from (SELECT rownum AS RC_ID,'%{SQL-USER-NAME}' AS USERNAME,'Auth-Type' AS Attribute, AAA_GETVALUETOCHECKWITRIBE('%{SQL-USER-NAME}') AS Value,':=' AS op FROM dual) union (SELECT rownum+1 AS RC_ID,'%{SQL-USER-NAME}' AS USERNAME,'Login-Time' AS Attribute, (select decode(STC_WEEKDAY,'Any','Any',substr(STC_WEEKDAY,1,2))||decode(STC_FROMHH,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_FROMHH)||decode(STC_FROMMM,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_FROMMM)||'-'||decode(STC_TOHH,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_TOHH)||decode(STC_TOMM,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_TOMM) from SER_TBLSUBSSERVICESBUCKETS where SS_SUBSRVID in ((AAA_GETVALUESERVICEID('%{SQL-USER-NAME}'))) ) AS Value,':=' AS op FROM dual) order by RC_ID -> select RC_ID,USERNAME,Attribute,Value,op from (SELECT rownum AS RC_ID,'<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>'</div>
<div>[sql] User found in radcheck table</div><div>[sql] <span class="" style="white-space:pre"> </span>expand: select rownum, '%{SQL-USER-NAME}', RR_ATTRIBUTE, RR_VALUE, RR_OP FROM AAA_TBLRADREPLY where PR_ID in (select PR_ID from SER_TBLSUBSSERVICESBUCKETS where SS_SUBSRVID in ( (AAA_GETVALUESERVICEID('%{SQL-USER-NAME}') )) and (THR_THROTTLEID=0 or THR_THROTTLEID is null) and RE_RESOURSEID=0 and to_date(to_char(sysdate,'hh24:mm'),'hh24:mm')>=to_date((STC_FROMHH||':'||STC_FROMMM),'hh24:mi') and to_date(to_char(sysdate,'hh24:mm'),'hh24:mm')<=to_date((STC_TOHH||':'||STC_TOMM),'hh24:mi') and (STC_WEEKDAY='Any' or STC_WEEKDAY=to_char(sysdate,'Day') )) AND NE_ELEMENTID in (SELECT NE_ELEMENTID FROM NC_TBLNEACESSCONF WHERE NEAC_IPADDRESS = '%{NAS-IP-Address}') -> select rownum, '<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>', RR_ATTRIBUTE, RR_VALUE, RR_OP FROM AAA_TBLRADREPLY where PR_ID in (select PR_ID from SER_TBLSUBSSERVICESBUCKETS where SS_SUBSRVID in ( (AAA_GETVALUESERVICEID('<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>') )) and (THR_THROTTLEID=0 or THR_THROTTLEID is null) and RE_RESOURSEID=0 and to_date(to_char(sysdate,'hh24:mm'),'hh24:</div>
<div>rlm_sql (sql): Released sql socket id: 2</div><div>++[sql] returns ok</div><div>Found Auth-Type = Accept</div><div>Found Auth-Type = EAP</div><div>Warning: Found 2 auth-types on request for user '<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>'</div>
<div># Executing group from file /usr/local/etc/raddb/sites-enabled/default</div><div>+- entering group eap {...}</div><div>[eap] Request found, released from the list</div><div>[eap] EAP/tls</div><div>[eap] processing type tls</div>
<div>[tls] Authenticate</div><div>[tls] processing EAP-TLS</div><div>[tls] Received TLS ACK</div><div>[tls] ACK handshake fragment handler</div><div>[tls] eaptls_verify returned 1 </div><div>[tls] eaptls_process returned 13 </div>
<div>++[eap] returns handled</div><div>Sending Access-Challenge of id 243 to 2.2.2.2 port 10010</div><div><span class="" style="white-space:pre"> </span>hw-application-type := Simple-Mobile</div><div><span class="" style="white-space:pre"> </span>hw-flow-info := "FI=0,QD=2;55;0;49;1024000;100000;4096;50;25,FD=0;;;;;;;;;;;0"</div>
<div><span class="" style="white-space:pre"> </span>hw-application-scene := 1</div><div><span class="" style="white-space:pre"> </span>hw-flow-info += "FI=0,QU=2;55;0;49;256000;100000;4096;50;25,FU=0;;;;;;;;;;"</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-Release := "1.1"</div><div><span class="" style="white-space:pre"> </span>WiMAX-Accounting-Capabilities := Flow-Based</div><div><span class="" style="white-space:pre"> </span>WiMAX-Hotlining-Capabilities := Hotline-Profile-Id</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-Idle-Mode-Notification-Cap := Supported</div><div><span class="" style="white-space:pre"> </span>hw-flow-info += "FI=0,QU=3;52;0;;131072;0;4096;;"</div><div>
<span class="" style="white-space:pre"> </span>hw-flow-info += "FI=0,QD=3;52;0;;524288;0;4096;;"</div><div><span class="" style="white-space:pre"> </span>EAP-Message = 0x01f504000dc00000092e93db592b25815b520e9fe747d858cb6ba761f0458eddb04948e5c07661c532c96c7e8f7a64cd46c0d2e746b12c5851d8fd6d436dd661550f97966aeb5b778472b8360bfbd8b75fa00a6db6d94bcf3b5cc0b5cff3d32b4068ccb2b0160301020d0c0002090080e3470782e846dfd041ca453987dd39ab4742f3c047fa8df2cb93bcd8680c6b7a46b314684dd3f52a14f4e128c74eeb9a02d3ffab4464ad2ddd7a324c472ca08bd20dc9f0db4d6fe03edefa767d7be8df945418016fc53d838d15769e564def8df5c59070767b1ce0f96a1cb32944fbb953abbc4d4e0ae29be6c0fc7b2a2a7383000102008093dc6f8acd615b6d</div>
<div><span class="" style="white-space:pre"> </span>EAP-Message = 0xd9902f90f91fee7ea8af12e17b071fdb1faaf45990957f58a07e7075297ca5e5c59857a4f80745cdbc475c0f2c3103a1a96618aa40a07e9f6637851c6b0b1edcea104e5d7f47b7602e3539d0957aa269968249ec0c9e60568965c7d74377a231042eb4acdb3c49c0c2b0b1e99bfcc3bbce6990a7654042cc0100c415917624a16673453f3d1379ab47b9dd6c975c39cabc44a938f2edc68a998016344960ec0522759f22e7551b4192478988c8c22c69b5883fee8560f3304fdea7cf39a605ee8e5b839c5d1bd151d97b6ce9c2034f31fe0463d27b27731b5407162fbd107a77a8b51bb8b5231e67a185042339257410eb061a839d2b850d4459c0846e</div>
<div><span class="" style="white-space:pre"> </span>EAP-Message = 0xa25b3618b348e1390c4d3afc907b97f9643c37ebc1194a2fb0f7100583c573e26cd36a05f771a029c0abeca96b26534c7c3013e6d05d058552ffd0a839f5f9ce60faafbf2d99038ebdbbfbee5ab67c8d504cc157ac5ef3ebf0d2c5134a205e55b1ff2b0713ef38559f572b1b487c6e306a9ea49ed3865931457486424216030102c60d0002be040304010202b7007d307b310b300906035504061302555331173015060355040a130e4d6f746f726f6c612c20496e632e312b3029060355040b132257694d41582044657669636520436572746966696361746520417574686f72697479312630240603550403131d4d6f746f726f6c612057694d4158</div>
<div><span class="" style="white-space:pre"> </span>EAP-Message = 0x2044657669636520526f6f7420434100743072310b300906035504061302504b3111300f060355040a13084d6f746f726f6c61310e300c060355040b130557694d4158311b30190603550403131277696d61782e6d6f746f726f6c612e636f6d3123302106092a864886f70d010901161477313033303663406d6f746f726f6c612e636f6d00e43081e1310b300906035504061302504b311730150603550408130e46656472616c204361706974616c311230100603550407130949736c616d6162616431223020060355040a131977692d74726962652050616b697374616e206c696d6974656431183016060355040b130f436f7265204f70657261</div>
<div><span class="" style="white-space:pre"> </span>EAP-Message = 0x74696f6e73313a3038060355</div><div><span class="" style="white-space:pre"> </span>Message-Authenticator = 0x00000000000000000000000000000000</div><div><span class="" style="white-space:pre"> </span>State = 0x0718f89105edf525d78d83a17abaa53c</div>
<div>Finished request 2.</div><div>Going to the next request</div><div>Waking up in 4.7 seconds.</div><div>rad_recv: Access-Request packet from host 2.2.2.2 port 10010, id=244, length=210</div><div><span class="" style="white-space:pre"> </span>User-Name = "<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>"</div>
<div><span class="" style="white-space:pre"> </span>NAS-IP-Address = 2.2.2.2</div><div><span class="" style="white-space:pre"> </span>State = 0x0718f89105edf525d78d83a17abaa53c</div><div><span class="" style="white-space:pre"> </span>Calling-Station-Id = "0026826172c4"</div>
<div><span class="" style="white-space:pre"> </span>NAS-Identifier = "WASN"</div><div><span class="" style="white-space:pre"> </span>Event-Timestamp = "Jul 18 2013 16:53:41 PKT"</div><div><span class="" style="white-space:pre"> </span>EAP-Message = 0x02f500060d00</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-Release = "1.1"</div><div><span class="" style="white-space:pre"> </span>WiMAX-Accounting-Capabilities = Flow-Based</div><div><span class="" style="white-space:pre"> </span>WiMAX-Hotlining-Capabilities = Hotline-Profile-Id</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-Idle-Mode-Notification-Cap = Supported</div><div><span class="" style="white-space:pre"> </span>WiMAX-Attr-1281 = 0x01</div><div><span class="" style="white-space:pre"> </span>WiMAX-BS-Id = 0x303030303066303030663130</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-GMT-Timezone-offset = 18000</div><div><span class="" style="white-space:pre"> </span>NAS-Port-Type = Wireless-802.16</div><div><span class="" style="white-space:pre"> </span>WiMAX-Available-In-Client = 99</div>
<div><span class="" style="white-space:pre"> </span>Service-Type = Framed-User</div><div><span class="" style="white-space:pre"> </span>Message-Authenticator = 0x49efe4b0ef62ab693b67fb1ce69f166e</div><div># Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default</div>
<div>+- entering group authorize {...}</div><div>++[preprocess] returns ok</div><div>[eap] EAP packet type response id 245 length 6</div><div>[eap] No EAP Start, assuming it's an on-going EAP conversation</div><div>++[eap] returns updated</div>
<div>[eap] EAP packet type response id 245 length 6</div><div>[eap] No EAP Start, assuming it's an on-going EAP conversation</div><div>++[eap] returns updated</div><div>[sql] <span class="" style="white-space:pre"> </span>expand: %{User-Name} -> <a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a></div>
<div>[sql] sql_set_user escaped user --> '<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>'</div><div>rlm_sql (sql): Reserving sql socket id: 1</div><div>[sql] <span class="" style="white-space:pre"> </span>expand: select RC_ID,USERNAME,Attribute,Value,op from (SELECT rownum AS RC_ID,'%{SQL-USER-NAME}' AS USERNAME,'Auth-Type' AS Attribute, AAA_GETVALUETOCHECKWITRIBE('%{SQL-USER-NAME}') AS Value,':=' AS op FROM dual) union (SELECT rownum+1 AS RC_ID,'%{SQL-USER-NAME}' AS USERNAME,'Login-Time' AS Attribute, (select decode(STC_WEEKDAY,'Any','Any',substr(STC_WEEKDAY,1,2))||decode(STC_FROMHH,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_FROMHH)||decode(STC_FROMMM,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_FROMMM)||'-'||decode(STC_TOHH,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_TOHH)||decode(STC_TOMM,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_TOMM) from SER_TBLSUBSSERVICESBUCKETS where SS_SUBSRVID in ((AAA_GETVALUESERVICEID('%{SQL-USER-NAME}'))) ) AS Value,':=' AS op FROM dual) order by RC_ID -> select RC_ID,USERNAME,Attribute,Value,op from (SELECT rownum AS RC_ID,'<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>'</div>
<div>[sql] User found in radcheck table</div><div>[sql] <span class="" style="white-space:pre"> </span>expand: select rownum, '%{SQL-USER-NAME}', RR_ATTRIBUTE, RR_VALUE, RR_OP FROM AAA_TBLRADREPLY where PR_ID in (select PR_ID from SER_TBLSUBSSERVICESBUCKETS where SS_SUBSRVID in ( (AAA_GETVALUESERVICEID('%{SQL-USER-NAME}') )) and (THR_THROTTLEID=0 or THR_THROTTLEID is null) and RE_RESOURSEID=0 and to_date(to_char(sysdate,'hh24:mm'),'hh24:mm')>=to_date((STC_FROMHH||':'||STC_FROMMM),'hh24:mi') and to_date(to_char(sysdate,'hh24:mm'),'hh24:mm')<=to_date((STC_TOHH||':'||STC_TOMM),'hh24:mi') and (STC_WEEKDAY='Any' or STC_WEEKDAY=to_char(sysdate,'Day') )) AND NE_ELEMENTID in (SELECT NE_ELEMENTID FROM NC_TBLNEACESSCONF WHERE NEAC_IPADDRESS = '%{NAS-IP-Address}') -> select rownum, '<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>', RR_ATTRIBUTE, RR_VALUE, RR_OP FROM AAA_TBLRADREPLY where PR_ID in (select PR_ID from SER_TBLSUBSSERVICESBUCKETS where SS_SUBSRVID in ( (AAA_GETVALUESERVICEID('<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>') )) and (THR_THROTTLEID=0 or THR_THROTTLEID is null) and RE_RESOURSEID=0 and to_date(to_char(sysdate,'hh24:mm'),'hh24:</div>
<div>rlm_sql (sql): Released sql socket id: 1</div><div>++[sql] returns ok</div><div>Found Auth-Type = Accept</div><div>Found Auth-Type = EAP</div><div>Warning: Found 2 auth-types on request for user '<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>'</div>
<div># Executing group from file /usr/local/etc/raddb/sites-enabled/default</div><div>+- entering group eap {...}</div><div>[eap] Request found, released from the list</div><div>[eap] EAP/tls</div><div>[eap] processing type tls</div>
<div>[tls] Authenticate</div><div>[tls] processing EAP-TLS</div><div>[tls] Received TLS ACK</div><div>[tls] ACK handshake fragment handler</div><div>[tls] eaptls_verify returned 1 </div><div>[tls] eaptls_process returned 13 </div>
<div>++[eap] returns handled</div><div>Sending Access-Challenge of id 244 to 2.2.2.2 port 10010</div><div><span class="" style="white-space:pre"> </span>hw-application-type := Simple-Mobile</div><div><span class="" style="white-space:pre"> </span>hw-flow-info := "FI=0,QD=2;55;0;49;1024000;100000;4096;50;25,FD=0;;;;;;;;;;;0"</div>
<div><span class="" style="white-space:pre"> </span>hw-application-scene := 1</div><div><span class="" style="white-space:pre"> </span>hw-flow-info += "FI=0,QU=2;55;0;49;256000;100000;4096;50;25,FU=0;;;;;;;;;;"</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-Release := "1.1"</div><div><span class="" style="white-space:pre"> </span>WiMAX-Accounting-Capabilities := Flow-Based</div><div><span class="" style="white-space:pre"> </span>WiMAX-Hotlining-Capabilities := Hotline-Profile-Id</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-Idle-Mode-Notification-Cap := Supported</div><div><span class="" style="white-space:pre"> </span>hw-flow-info += "FI=0,QU=3;52;0;;131072;0;4096;;"</div><div>
<span class="" style="white-space:pre"> </span>hw-flow-info += "FI=0,QD=3;52;0;;524288;0;4096;;"</div><div><span class="" style="white-space:pre"> </span>EAP-Message = 0x01f6014c0d800000092e0403133177692d74726962652050616b697374616e206c696d697465642043657274696669636174696f6e20417574686f72697479312b302906092a864886f70d010901161c68696c616c2e61667269646940706b2e77692d74726962652e636f6d00da3081d7310b300906035504061302504b311730150603550408130e46656472616c204361706974616c311230100603550407130949736c616d6162616431223020060355040a131977692d74726962652050616b697374616e206c696d69746564311b3019060355040b13124e6574776f726b204f7065726174696f6e73313230300603550403132977692d747269</div>
<div><span class="" style="white-space:pre"> </span>EAP-Message = 0x62652050616b697374616e2043657274696669636174696f6e20417574686f726974793126302406092a864886f70d0109011617706b77696e6f6340706b2e77692d74726962652e636f6d0e000000</div>
<div><span class="" style="white-space:pre"> </span>Message-Authenticator = 0x00000000000000000000000000000000</div><div><span class="" style="white-space:pre"> </span>State = 0x0718f89104eef525d78d83a17abaa53c</div><div>
Finished request 3.</div><div>Going to the next request</div><div>Waking up in 4.5 seconds.</div><div>rad_recv: Access-Request packet from host 2.2.2.2 port 10010, id=245, length=1579</div><div><span class="" style="white-space:pre"> </span>User-Name = "<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>"</div>
<div><span class="" style="white-space:pre"> </span>NAS-IP-Address = 2.2.2.2</div><div><span class="" style="white-space:pre"> </span>State = 0x0718f89104eef525d78d83a17abaa53c</div><div><span class="" style="white-space:pre"> </span>Calling-Station-Id = "0026826172c4"</div>
<div><span class="" style="white-space:pre"> </span>NAS-Identifier = "WASN"</div><div><span class="" style="white-space:pre"> </span>Event-Timestamp = "Jul 18 2013 16:53:42 PKT"</div><div><span class="" style="white-space:pre"> </span>EAP-Message = 0x02f605550dc000000563160301040d0b000409000406000403308203ff308203a9a003020102020120300d06092a864886f70d01010505003081d7310b300906035504061302504b311730150603550408130e46656472616c204361706974616c311230100603550407130949736c616d6162616431223020060355040a131977692d74726962652050616b697374616e206c696d69746564311b3019060355040b13124e6574776f726b204f7065726174696f6e73313230300603550403132977692d74726962652050616b697374616e2043657274696669636174696f6e20417574686f726974793126302406092a864886f70d0109011617706b</div>
<div><span class="" style="white-space:pre"> </span>EAP-Message = 0x77696e6f6340706b2e77692d74726962652e636f6d301e170d3130303432313131313032335a170d3133303430353131313032335a30818b310b300906035504061302504b3111300f0603550408130850616b697374616e311230100603550407130949736c616d616261643111300f060355040a130877692d74726962653111300f060355040b130877692d7472696265310c300a060355040313034141413121301f06092a864886f70d0109011612636340706b2e77692d74726962652e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100b2de6451f7ca49f79ff2ba2054fe782dd316cc7208e3eb5d653f38f952</div>
<div><span class="" style="white-space:pre"> </span>EAP-Message = 0xd6598e4b286ec0f9847a83298c590cd6a44456c0cd05f3cde7c278aa765d54dd498678059e1833e748127a79b15718a74b5691693e0523e36de680aaa6d5ff2c6c8ce8425cc3120b8524a97a3abb8940b19ce721dd97499dac7f7893ab8f65689e14fb0203010001a38201643082016030090603551d1304023000302c06096086480186f842010d041f161d4f70656e53534c2047656e657261746564204365727469666963617465301d0603551d0e041604146823bd5dbe9e1202f84126d580f11c9fb5c52115308201040603551d230481fc3081f980145fb53176239da60a979b69a60e6dd41773cb9177a181dda481da3081d7310b3009060355</div>
<div><span class="" style="white-space:pre"> </span>EAP-Message = 0x04061302504b311730150603550408130e46656472616c204361706974616c311230100603550407130949736c616d6162616431223020060355040a131977692d74726962652050616b697374616e206c696d69746564311b3019060355040b13124e6574776f726b204f7065726174696f6e73313230300603550403132977692d74726962652050616b697374616e2043657274696669636174696f6e20417574686f726974793126302406092a864886f70d0109011617706b77696e6f6340706b2e77692d74726962652e636f6d820100300d06092a864886f70d01010505000341008936a560f672d39b89c3b1977b5468f34bf0a4bb7a2d9a1c</div>
<div><span class="" style="white-space:pre"> </span>EAP-Message = 0xd1880587b38ba3500162c22a3394d96ba3580e6f0da7c9bb06d74dc91c749b33a58985bcfd7c066916030100861000008200802e22a7c459dc49690d746d88aff274948e4e40c06976ea279eec07853956f85b4d00d9e2a83352e93d7cebf6dbe15c739d36fddf011d278e0531caaecf96ff50a4c04cf57dd7a5116715a80f659aad8611d11032c6e866c7b8b581e9c68b28c2e2bcb8674ffc38114facd04ff2879b47b3cab5d9d47f02824992e8f0b1a7886416030100860f0000820080a114a4114bef2651133e15c3fa97a3eeca554d852d57336c4afbf25785379b7263682b2ca624a1e89f09c6d1787f1bca02af5d2f4f9cc589a56c7bd5c9c849</div>
<div><span class="" style="white-space:pre"> </span>EAP-Message = 0xe0272678ec93bfbb85fdcccc3595c7b05fd85ddac76ea1fd05b3c7bed9e84a7fbf9f31f01b66576ba66a7a7383bc077f6036573eb09097726b468cf376e14b0b4a1403010001011603010030a9c4652b13fb45f4deadd45f9342149adea890aa78e886fb</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-Release = "1.1"</div><div><span class="" style="white-space:pre"> </span>WiMAX-Accounting-Capabilities = Flow-Based</div><div><span class="" style="white-space:pre"> </span>WiMAX-Hotlining-Capabilities = Hotline-Profile-Id</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-Idle-Mode-Notification-Cap = Supported</div><div><span class="" style="white-space:pre"> </span>WiMAX-Attr-1281 = 0x01</div><div><span class="" style="white-space:pre"> </span>WiMAX-BS-Id = 0x303030303066303030663130</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-GMT-Timezone-offset = 18000</div><div><span class="" style="white-space:pre"> </span>NAS-Port-Type = Wireless-802.16</div><div><span class="" style="white-space:pre"> </span>WiMAX-Available-In-Client = 99</div>
<div><span class="" style="white-space:pre"> </span>Service-Type = Framed-User</div><div><span class="" style="white-space:pre"> </span>Message-Authenticator = 0x7c48268950c2bd896a0be89d4241a330</div><div># Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default</div>
<div>+- entering group authorize {...}</div><div>++[preprocess] returns ok</div><div>[eap] EAP packet type response id 246 length 253</div><div>[eap] No EAP Start, assuming it's an on-going EAP conversation</div><div>
++[eap] returns updated</div><div>[eap] EAP packet type response id 246 length 253</div><div>[eap] No EAP Start, assuming it's an on-going EAP conversation</div><div>++[eap] returns updated</div><div>[sql] <span class="" style="white-space:pre"> </span>expand: %{User-Name} -> <a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a></div>
<div>[sql] sql_set_user escaped user --> '<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>'</div><div>rlm_sql (sql): Reserving sql socket id: 0</div><div>[sql] <span class="" style="white-space:pre"> </span>expand: select RC_ID,USERNAME,Attribute,Value,op from (SELECT rownum AS RC_ID,'%{SQL-USER-NAME}' AS USERNAME,'Auth-Type' AS Attribute, AAA_GETVALUETOCHECKWITRIBE('%{SQL-USER-NAME}') AS Value,':=' AS op FROM dual) union (SELECT rownum+1 AS RC_ID,'%{SQL-USER-NAME}' AS USERNAME,'Login-Time' AS Attribute, (select decode(STC_WEEKDAY,'Any','Any',substr(STC_WEEKDAY,1,2))||decode(STC_FROMHH,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_FROMHH)||decode(STC_FROMMM,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_FROMMM)||'-'||decode(STC_TOHH,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_TOHH)||decode(STC_TOMM,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_TOMM) from SER_TBLSUBSSERVICESBUCKETS where SS_SUBSRVID in ((AAA_GETVALUESERVICEID('%{SQL-USER-NAME}'))) ) AS Value,':=' AS op FROM dual) order by RC_ID -> select RC_ID,USERNAME,Attribute,Value,op from (SELECT rownum AS RC_ID,'<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>'</div>
<div>[sql] User found in radcheck table</div><div>[sql] <span class="" style="white-space:pre"> </span>expand: select rownum, '%{SQL-USER-NAME}', RR_ATTRIBUTE, RR_VALUE, RR_OP FROM AAA_TBLRADREPLY where PR_ID in (select PR_ID from SER_TBLSUBSSERVICESBUCKETS where SS_SUBSRVID in ( (AAA_GETVALUESERVICEID('%{SQL-USER-NAME}') )) and (THR_THROTTLEID=0 or THR_THROTTLEID is null) and RE_RESOURSEID=0 and to_date(to_char(sysdate,'hh24:mm'),'hh24:mm')>=to_date((STC_FROMHH||':'||STC_FROMMM),'hh24:mi') and to_date(to_char(sysdate,'hh24:mm'),'hh24:mm')<=to_date((STC_TOHH||':'||STC_TOMM),'hh24:mi') and (STC_WEEKDAY='Any' or STC_WEEKDAY=to_char(sysdate,'Day') )) AND NE_ELEMENTID in (SELECT NE_ELEMENTID FROM NC_TBLNEACESSCONF WHERE NEAC_IPADDRESS = '%{NAS-IP-Address}') -> select rownum, '<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>', RR_ATTRIBUTE, RR_VALUE, RR_OP FROM AAA_TBLRADREPLY where PR_ID in (select PR_ID from SER_TBLSUBSSERVICESBUCKETS where SS_SUBSRVID in ( (AAA_GETVALUESERVICEID('<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>') )) and (THR_THROTTLEID=0 or THR_THROTTLEID is null) and RE_RESOURSEID=0 and to_date(to_char(sysdate,'hh24:mm'),'hh24:</div>
<div>rlm_sql (sql): Released sql socket id: 0</div><div>++[sql] returns ok</div><div>Found Auth-Type = Accept</div><div>Found Auth-Type = EAP</div><div>Warning: Found 2 auth-types on request for user '<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>'</div>
<div># Executing group from file /usr/local/etc/raddb/sites-enabled/default</div><div>+- entering group eap {...}</div><div>[eap] Request found, released from the list</div><div>[eap] EAP/tls</div><div>[eap] processing type tls</div>
<div>[tls] Authenticate</div><div>[tls] processing EAP-TLS</div><div> TLS Length 1379</div><div>[tls] Received EAP-TLS First Fragment of the message</div><div>[tls] eaptls_verify returned 9 </div><div>[tls] eaptls_process returned 13 </div>
<div>++[eap] returns handled</div><div>Sending Access-Challenge of id 245 to 2.2.2.2 port 10010</div><div><span class="" style="white-space:pre"> </span>hw-application-type := Simple-Mobile</div><div><span class="" style="white-space:pre"> </span>hw-flow-info := "FI=0,QD=2;55;0;49;1024000;100000;4096;50;25,FD=0;;;;;;;;;;;0"</div>
<div><span class="" style="white-space:pre"> </span>hw-application-scene := 1</div><div><span class="" style="white-space:pre"> </span>hw-flow-info += "FI=0,QU=2;55;0;49;256000;100000;4096;50;25,FU=0;;;;;;;;;;"</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-Release := "1.1"</div><div><span class="" style="white-space:pre"> </span>WiMAX-Accounting-Capabilities := Flow-Based</div><div><span class="" style="white-space:pre"> </span>WiMAX-Hotlining-Capabilities := Hotline-Profile-Id</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-Idle-Mode-Notification-Cap := Supported</div><div><span class="" style="white-space:pre"> </span>hw-flow-info += "FI=0,QU=3;52;0;;131072;0;4096;;"</div><div>
<span class="" style="white-space:pre"> </span>hw-flow-info += "FI=0,QD=3;52;0;;524288;0;4096;;"</div><div><span class="" style="white-space:pre"> </span>EAP-Message = 0x01f700060d00</div><div><span class="" style="white-space:pre"> </span>Message-Authenticator = 0x00000000000000000000000000000000</div>
<div><span class="" style="white-space:pre"> </span>State = 0x0718f89103eff525d78d83a17abaa53c</div><div>Finished request 4.</div><div>Going to the next request</div><div>Waking up in 3.5 seconds.</div><div>rad_recv: Access-Request packet from host 2.2.2.2 port 10010, id=246, length=234</div>
<div><span class="" style="white-space:pre"> </span>User-Name = "<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>"</div><div><span class="" style="white-space:pre"> </span>NAS-IP-Address = 2.2.2.2</div>
<div><span class="" style="white-space:pre"> </span>State = 0x0718f89103eff525d78d83a17abaa53c</div><div><span class="" style="white-space:pre"> </span>Calling-Station-Id = "0026826172c4"</div><div><span class="" style="white-space:pre"> </span>NAS-Identifier = "WASN"</div>
<div><span class="" style="white-space:pre"> </span>Event-Timestamp = "Jul 18 2013 16:53:42 PKT"</div><div><span class="" style="white-space:pre"> </span>EAP-Message = 0x02f7001e0d0084ce90a57cbd6f12a92e87a4b000e428b53ef2cd15648e1a</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-Release = "1.1"</div><div><span class="" style="white-space:pre"> </span>WiMAX-Accounting-Capabilities = Flow-Based</div><div><span class="" style="white-space:pre"> </span>WiMAX-Hotlining-Capabilities = Hotline-Profile-Id</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-Idle-Mode-Notification-Cap = Supported</div><div><span class="" style="white-space:pre"> </span>WiMAX-Attr-1281 = 0x01</div><div><span class="" style="white-space:pre"> </span>WiMAX-BS-Id = 0x303030303066303030663130</div>
<div><span class="" style="white-space:pre"> </span>WiMAX-GMT-Timezone-offset = 18000</div><div><span class="" style="white-space:pre"> </span>NAS-Port-Type = Wireless-802.16</div><div><span class="" style="white-space:pre"> </span>WiMAX-Available-In-Client = 99</div>
<div><span class="" style="white-space:pre"> </span>Service-Type = Framed-User</div><div><span class="" style="white-space:pre"> </span>Message-Authenticator = 0x51e2d8fb6008099bef5788232a49f523</div><div># Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default</div>
<div>+- entering group authorize {...}</div><div>++[preprocess] returns ok</div><div>[eap] EAP packet type response id 247 length 30</div><div>[eap] No EAP Start, assuming it's an on-going EAP conversation</div><div>++[eap] returns updated</div>
<div>[eap] EAP packet type response id 247 length 30</div><div>[eap] No EAP Start, assuming it's an on-going EAP conversation</div><div>++[eap] returns updated</div><div>[sql] <span class="" style="white-space:pre"> </span>expand: %{User-Name} -> <a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a></div>
<div>[sql] sql_set_user escaped user --> '<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>'</div><div>rlm_sql (sql): Reserving sql socket id: 4</div><div>[sql] <span class="" style="white-space:pre"> </span>expand: select RC_ID,USERNAME,Attribute,Value,op from (SELECT rownum AS RC_ID,'%{SQL-USER-NAME}' AS USERNAME,'Auth-Type' AS Attribute, AAA_GETVALUETOCHECKWITRIBE('%{SQL-USER-NAME}') AS Value,':=' AS op FROM dual) union (SELECT rownum+1 AS RC_ID,'%{SQL-USER-NAME}' AS USERNAME,'Login-Time' AS Attribute, (select decode(STC_WEEKDAY,'Any','Any',substr(STC_WEEKDAY,1,2))||decode(STC_FROMHH,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_FROMHH)||decode(STC_FROMMM,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_FROMMM)||'-'||decode(STC_TOHH,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_TOHH)||decode(STC_TOMM,0,'00',1,'01',2,'02',3,'03',4,'04',5,'05',6,'06',7,'07',8,'08',9,'09',STC_TOMM) from SER_TBLSUBSSERVICESBUCKETS where SS_SUBSRVID in ((AAA_GETVALUESERVICEID('%{SQL-USER-NAME}'))) ) AS Value,':=' AS op FROM dual) order by RC_ID -> select RC_ID,USERNAME,Attribute,Value,op from (SELECT rownum AS RC_ID,'<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>'</div>
<div>[sql] User found in radcheck table</div><div>[sql] <span class="" style="white-space:pre"> </span>expand: select rownum, '%{SQL-USER-NAME}', RR_ATTRIBUTE, RR_VALUE, RR_OP FROM AAA_TBLRADREPLY where PR_ID in (select PR_ID from SER_TBLSUBSSERVICESBUCKETS where SS_SUBSRVID in ( (AAA_GETVALUESERVICEID('%{SQL-USER-NAME}') )) and (THR_THROTTLEID=0 or THR_THROTTLEID is null) and RE_RESOURSEID=0 and to_date(to_char(sysdate,'hh24:mm'),'hh24:mm')>=to_date((STC_FROMHH||':'||STC_FROMMM),'hh24:mi') and to_date(to_char(sysdate,'hh24:mm'),'hh24:mm')<=to_date((STC_TOHH||':'||STC_TOMM),'hh24:mi') and (STC_WEEKDAY='Any' or STC_WEEKDAY=to_char(sysdate,'Day') )) AND NE_ELEMENTID in (SELECT NE_ELEMENTID FROM NC_TBLNEACESSCONF WHERE NEAC_IPADDRESS = '%{NAS-IP-Address}') -> select rownum, '<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>', RR_ATTRIBUTE, RR_VALUE, RR_OP FROM AAA_TBLRADREPLY where PR_ID in (select PR_ID from SER_TBLSUBSSERVICESBUCKETS where SS_SUBSRVID in ( (AAA_GETVALUESERVICEID('<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>') )) and (THR_THROTTLEID=0 or THR_THROTTLEID is null) and RE_RESOURSEID=0 and to_date(to_char(sysdate,'hh24:mm'),'hh24:</div>
<div>rlm_sql (sql): Released sql socket id: 4</div><div>++[sql] returns ok</div><div>Found Auth-Type = Accept</div><div>Found Auth-Type = EAP</div><div>Warning: Found 2 auth-types on request for user '<a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a>'</div>
<div># Executing group from file /usr/local/etc/raddb/sites-enabled/default</div><div>+- entering group eap {...}</div><div>[eap] Request found, released from the list</div><div>[eap] EAP/tls</div><div>[eap] processing type tls</div>
<div>[tls] Authenticate</div><div>[tls] processing EAP-TLS</div><div>[tls] eaptls_verify returned 7 </div><div>[tls] Done initial handshake</div><div>[tls] <<< TLS 1.0 Handshake [length 040d], Certificate </div>
<div>[tls] chain-depth=1, </div><div>[tls] error=0</div><div>[tls] --> User-Name = <a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a></div><div>[tls] --> BUF-Name = wi-tribe Pakistan Certification Authority</div>
<div>[tls] --> subject = /C=PK/ST=Fedral Capital/L=Islamabad/O=wi-tribe Pakistan limited/OU=Network Operations/CN=wi-tribe Pakistan Certification Authority/emailAddress=<a href="mailto:pkwinoc@pk.wi-tribe.com">pkwinoc@pk.wi-tribe.com</a></div>
<div>[tls] --> issuer = /C=PK/ST=Fedral Capital/L=Islamabad/O=wi-tribe Pakistan limited/OU=Network Operations/CN=wi-tribe Pakistan Certification Authority/emailAddress=<a href="mailto:pkwinoc@pk.wi-tribe.com">pkwinoc@pk.wi-tribe.com</a></div>
<div><b><font color="#000000" style="background-color:rgb(255,255,0)">[tls] --> verify return:1</font></b></div><div><b><font color="#000000" style="background-color:rgb(255,255,0)">--> verify error:num=10:certificate has expired </font></b></div>
<div><b><font color="#000000" style="background-color:rgb(255,255,0)">[tls] >>> TLS 1.0 Alert [length 0002], fatal certificate_expired </font></b></div><div><b><font color="#000000" style="background-color:rgb(255,255,0)">TLS Alert write:fatal:certificate expired</font></b></div>
<div><b><font color="#000000" style="background-color:rgb(255,255,0)"> TLS_accept: error in SSLv3 read client certificate B</font></b></div><div><b><font color="#000000" style="background-color:rgb(255,255,0)">rlm_eap: SSL error error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned</font></b></div>
<div>SSL: SSL_read failed in a system call (-1), TLS session fails.</div><div>TLS receive handshake failed during operation</div><div>[tls] eaptls_process returned 4 </div><div>[eap] Handler failed in EAP/tls</div><div>[eap] Failed in EAP select</div>
<div>++[eap] returns invalid</div><div>Failed to authenticate the user.</div><div>Using Post-Auth-Type REJECT</div><div># Executing group from file /usr/local/etc/raddb/sites-enabled/default</div><div>+- entering group REJECT {...}</div>
<div>[attr_filter.access_reject] <span class="" style="white-space:pre"> </span>expand: %{User-Name} -> <a href="mailto:0026826172C4@test_cpe.com">0026826172C4@test_cpe.com</a></div><div>attr_filter: Matched entry DEFAULT at line 11</div>
<div>++[attr_filter.access_reject] returns updated</div><div>Delaying reject of request 5 for 1 seconds</div><div>Going to the next request</div><div>Waking up in 0.9 seconds.</div><div>Sending delayed reject for request 5</div>
<div>Sending Access-Reject of id 246 to 2.2.2.2 port 10010</div><div><span class="" style="white-space:pre"> </span>EAP-Message = 0x04f70004</div><div><span class="" style="white-space:pre"> </span>Message-Authenticator = 0x00000000000000000000000000000000</div>
<div>Waking up in 2.4 seconds.</div><div><br></div><div>--- can any body tell me what is the issue..</div>-- <br>Best Regards<br>Muhammad Nadeem<br></div></div>