FreeRADIUS Version 2.2.0, for host i686-pc-linux-gnu, built on Sep 20 2012 at 09:52:41 Copyright (C) 1999-2012 The FreeRADIUS server project and contributors. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You may redistribute copies of FreeRADIUS under the terms of the GNU General Public License v2. Starting - reading configuration files ... including configuration file /etc/freeradius/radiusd.conf including configuration file /etc/freeradius/proxy.conf including configuration file /etc/freeradius/clients.conf including configuration file /etc/freeradius/eap.conf including configuration file /etc/freeradius/policy.conf including files in directory /etc/freeradius/sites-enabled/ including configuration file /etc/freeradius/sites-enabled/default including configuration file /etc/freeradius/sites-enabled/inner-tunnel main { user = "freerad" group = "freerad" allow_core_dumps = no } including dictionary file /etc/freeradius/dictionary main { name = "radiusd" prefix = "/usr" localstatedir = "/var" sbindir = "/usr/sbin" logdir = "/var/log/freeradius" run_dir = "/var/run/freeradius" libdir = "/usr/lib/freeradius" radacctdir = "/var/log/freeradius/radacct" hostname_lookups = no max_request_time = 30 cleanup_delay = 5 max_requests = 1024 pidfile = "/var/run/freeradius/freeradius.pid" checkrad = "/usr/sbin/checkrad" debug_level = 0 proxy_requests = yes log { stripped_names = no auth = yes auth_badpass = no auth_goodpass = no } security { max_attributes = 200 reject_delay = 1 status_server = yes } } radiusd: #### Loading Realms and Home Servers #### proxy server { retry_delay = 5 retry_count = 3 default_fallback = no dead_time = 120 wake_all_if_all_dead = no } home_server localhost { ipaddr = 127.0.0.1 port = 1812 type = "auth" secret = "testing123" response_window = 20 max_outstanding = 65536 require_message_authenticator = no zombie_period = 40 status_check = "status-server" ping_interval = 30 check_interval = 30 num_answers_to_alive = 3 num_pings_to_alive = 3 revive_interval = 120 status_check_timeout = 4 coa { irt = 2 mrt = 16 mrc = 5 mrd = 30 } } home_server_pool my_auth_failover { type = fail-over home_server = localhost } realm example.com { auth_pool = my_auth_failover } realm LOCAL { } realm worc.ac.uk { authhost = LOCAL accthost = LOCAL } realm worcester.ac.uk { authhost = LOCAL accthost = LOCAL } realm uni.worc.ac.uk { authhost = LOCAL accthost = LOCAL } realm NULL { authhost = LOCAL accthost = LOCAL } radiusd: #### Loading Clients #### client localhost { ipaddr = 127.0.0.1 require_message_authenticator = no secret = "testing123" nastype = "other" } client 131.1.129.0/24 { require_message_authenticator = no secret = "3dur04m" } client 193.62.48.37 { require_message_authenticator = no secret = "H1sN604s9Z99o" } client 193.62.48.38 { require_message_authenticator = no secret = "H1sN604s9Z99o" } radiusd: #### Instantiating modules #### instantiate { Module: Linked to module rlm_exec Module: Instantiating module "exec" from file /etc/freeradius/radiusd.conf exec { wait = yes input_pairs = "request" shell_escape = yes } Module: Linked to module rlm_expr Module: Instantiating module "expr" from file /etc/freeradius/radiusd.conf Module: Linked to module rlm_expiration Module: Instantiating module "expiration" from file /etc/freeradius/radiusd.conf expiration { reply-message = "Password Has Expired " } Module: Linked to module rlm_logintime Module: Instantiating module "logintime" from file /etc/freeradius/radiusd.conf logintime { reply-message = "You are calling outside your allowed timespan " minimum-timeout = 60 } } radiusd: #### Loading Virtual Servers #### server { # from file /etc/freeradius/radiusd.conf modules { Module: Creating Post-Auth-Type = REJECT Module: Checking authenticate {...} for more modules to load Module: Linked to module rlm_pap Module: Instantiating module "pap" from file /etc/freeradius/radiusd.conf pap { encryption_scheme = "auto" auto_header = no } Module: Linked to module rlm_mschap Module: Instantiating module "mschap_ad" from file /etc/freeradius/radiusd.conf mschap mschap_ad { use_mppe = yes require_encryption = yes require_strong = yes with_ntdomain_hack = yes ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{Stripped-User-Name:-%{User-Name:-None}} --domain=%{%{mschap_ad:NT-Domain}:-%{Domain-Name}} --challenge=%{mschap_ad:Challenge:-00} --nt-response=%{mschap_ad:NT-Response:-00}" allow_retry = yes } Module: Linked to module rlm_eap Module: Instantiating module "eap" from file /etc/freeradius/eap.conf eap { default_eap_type = "peap" timer_expire = 60 ignore_unknown_eap_types = no cisco_accounting_username_bug = no max_sessions = 2048 } Module: Linked to sub-module rlm_eap_md5 Module: Instantiating eap-md5 Module: Linked to sub-module rlm_eap_leap Module: Instantiating eap-leap Module: Linked to sub-module rlm_eap_gtc Module: Instantiating eap-gtc gtc { challenge = "Password: " auth_type = "PAP" } Module: Linked to sub-module rlm_eap_tls Module: Instantiating eap-tls tls { rsa_key_exchange = no dh_key_exchange = yes rsa_key_length = 512 dh_key_length = 512 verify_depth = 0 CA_path = "/etc/freeradius/certs" pem_file_type = yes private_key_file = "/etc/freeradius/certs/eduroam61.key" certificate_file = "/etc/freeradius/certs/eduroam61.pem" private_key_password = "xxxxxxxxxxx" dh_file = "/etc/freeradius/certs/dh" random_file = "/etc/freeradius/certs/random" fragment_size = 1024 include_length = yes check_crl = no cipher_list = "DEFAULT" ecdh_curve = "prime256v1" cache { enable = no lifetime = 24 max_entries = 0 } } Module: Linked to sub-module rlm_eap_ttls Module: Instantiating eap-ttls ttls { default_eap_type = "md5" copy_request_to_tunnel = yes use_tunneled_reply = yes virtual_server = "inner-tunnel" include_length = yes } Module: Linked to sub-module rlm_eap_peap Module: Instantiating eap-peap peap { default_eap_type = "mschapv2" copy_request_to_tunnel = yes use_tunneled_reply = yes proxy_tunneled_request_as_eap = yes virtual_server = "inner-tunnel" soh = no } Module: Linked to sub-module rlm_eap_mschapv2 Module: Instantiating eap-mschapv2 mschapv2 { with_ntdomain_hack = no send_error = no } Module: Checking authorize {...} for more modules to load Module: Linked to module rlm_preprocess Module: Instantiating module "preprocess" from file /etc/freeradius/radiusd.conf preprocess { huntgroups = "/etc/freeradius/huntgroups" hints = "/etc/freeradius/hints" with_ascend_hack = no ascend_channels_per_line = 23 with_ntdomain_hack = no with_specialix_jetstream_hack = no with_cisco_vsa_hack = no with_alvarion_vsa_hack = no } reading pairlist file /etc/freeradius/huntgroups reading pairlist file /etc/freeradius/hints Module: Linked to module rlm_realm Module: Instantiating module "ntdomain" from file /etc/freeradius/radiusd.conf realm ntdomain { format = "prefix" delimiter = "\" ignore_default = no ignore_null = yes } Module: Instantiating module "suffix" from file /etc/freeradius/radiusd.conf realm suffix { format = "suffix" delimiter = "@" ignore_default = no ignore_null = no } Module: Linked to module rlm_files Module: Instantiating module "files" from file /etc/freeradius/radiusd.conf files { usersfile = "/etc/freeradius/users" acctusersfile = "/etc/freeradius/acct_users" preproxy_usersfile = "/etc/freeradius/preproxy_users" compat = "no" } reading pairlist file /etc/freeradius/users reading pairlist file /etc/freeradius/acct_users reading pairlist file /etc/freeradius/preproxy_users Module: Checking preacct {...} for more modules to load Module: Linked to module rlm_acct_unique Module: Instantiating module "acct_unique" from file /etc/freeradius/radiusd.conf acct_unique { key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port" } Module: Checking accounting {...} for more modules to load Module: Linked to module rlm_unix Module: Instantiating module "unix" from file /etc/freeradius/radiusd.conf unix { radwtmp = "/var/log/freeradius/radwtmp" } Module: Linked to module rlm_radutmp Module: Instantiating module "radutmp" from file /etc/freeradius/radiusd.conf radutmp { filename = "/var/log/freeradius/radutmp" username = "%{User-Name}" case_sensitive = yes check_with_nas = yes perm = 384 callerid = yes } Module: Linked to module rlm_attr_filter Module: Instantiating module "attr_filter.accounting_response" from file /etc/freeradius/radiusd.conf attr_filter attr_filter.accounting_response { attrsfile = "/etc/freeradius/attrs.accounting_response" key = "%{User-Name}" relaxed = no } reading pairlist file /etc/freeradius/attrs.accounting_response Module: Checking session {...} for more modules to load Module: Checking post-proxy {...} for more modules to load Module: Checking post-auth {...} for more modules to load Module: Instantiating module "attr_filter.access_reject" from file /etc/freeradius/radiusd.conf attr_filter attr_filter.access_reject { attrsfile = "/etc/freeradius/attrs.access_reject" key = "%{User-Name}" relaxed = no } reading pairlist file /etc/freeradius/attrs.access_reject } # modules } # server server inner-tunnel { # from file /etc/freeradius/sites-enabled/inner-tunnel modules { Module: Creating Auth-Type = home Module: Checking authenticate {...} for more modules to load Module: Linked to module rlm_ldap Module: Instantiating module "home" from file /etc/freeradius/radiusd.conf ldap home { server = "131.1.2.14" port = 3268 password = "Blu3Ld4ps3rv1v32011" identity = "BlueLDAP" net_timeout = 5 timeout = 30 timelimit = 30 max_uses = 0 tls_mode = no start_tls = no tls_require_cert = "allow" tls { start_tls = no cacertfile = "/etc/freeradius/certs/eduroam60.pem" cacertdir = "/etc/freeradius/certs" keyfile = "/etc/freeradius/certs/eduroam60.key" randfile = "/etc/freeradius/certs/random" require_cert = "demand" } basedn = "DC=worc,DC=ac,DC=uk" filter = "(sAMAccountName=%{Stripped-User-Name:-%{User-Name}})" base_filter = "(objectclass=radiusprofile)" password_attribute = "eapUserPassword" auto_header = no access_attr = "sAMAccountName" access_attr_used_for_allow = yes chase_referrals = yes rebind = yes groupname_attribute = "cn" groupmembership_filter = "(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))" dictionary_mapping = "/etc/freeradius/ldap.attrmap" ldap_debug = 0 ldap_connections_number = 30 compare_check_items = no do_xlat = yes set_auth_type = yes } rlm_ldap: Registering ldap_groupcmp for Ldap-Group rlm_ldap: Creating new attribute home-Ldap-Group rlm_ldap: Registering ldap_groupcmp for home-Ldap-Group rlm_ldap: Registering ldap_xlat with xlat_name home rlm_ldap: reading ldap<->radius mappings from file /etc/freeradius/ldap.attrmap rlm_ldap: LDAP radiusCheckItem mapped to RADIUS $GENERIC$ rlm_ldap: LDAP radiusReplyItem mapped to RADIUS $GENERIC$ rlm_ldap: LDAP radiusAuthType mapped to RADIUS Auth-Type rlm_ldap: LDAP radiusSimultaneousUse mapped to RADIUS Simultaneous-Use rlm_ldap: LDAP radiusCalledStationId mapped to RADIUS Called-Station-Id rlm_ldap: LDAP radiusCallingStationId mapped to RADIUS Calling-Station-Id rlm_ldap: LDAP sambaLmPassword mapped to RADIUS LM-Password rlm_ldap: LDAP sambaNtPassword mapped to RADIUS NT-Password rlm_ldap: LDAP acctFlags mapped to RADIUS SMB-Account-CTRL-TEXT rlm_ldap: LDAP radiusExpiration mapped to RADIUS Expiration rlm_ldap: LDAP radiusNASIpAddress mapped to RADIUS NAS-IP-Address rlm_ldap: LDAP radiusServiceType mapped to RADIUS Service-Type rlm_ldap: LDAP radiusFramedProtocol mapped to RADIUS Framed-Protocol rlm_ldap: LDAP radiusFramedIPAddress mapped to RADIUS Framed-IP-Address rlm_ldap: LDAP radiusFramedIPNetmask mapped to RADIUS Framed-IP-Netmask rlm_ldap: LDAP radiusFramedRoute mapped to RADIUS Framed-Route rlm_ldap: LDAP radiusFramedRouting mapped to RADIUS Framed-Routing rlm_ldap: LDAP radiusFilterId mapped to RADIUS Filter-Id rlm_ldap: LDAP radiusFramedMTU mapped to RADIUS Framed-MTU rlm_ldap: LDAP radiusFramedCompression mapped to RADIUS Framed-Compression rlm_ldap: LDAP radiusLoginIPHost mapped to RADIUS Login-IP-Host rlm_ldap: LDAP radiusLoginService mapped to RADIUS Login-Service rlm_ldap: LDAP radiusLoginTCPPort mapped to RADIUS Login-TCP-Port rlm_ldap: LDAP radiusCallbackNumber mapped to RADIUS Callback-Number rlm_ldap: LDAP radiusCallbackId mapped to RADIUS Callback-Id rlm_ldap: LDAP radiusFramedIPXNetwork mapped to RADIUS Framed-IPX-Network rlm_ldap: LDAP radiusClass mapped to RADIUS Class rlm_ldap: LDAP radiusSessionTimeout mapped to RADIUS Session-Timeout rlm_ldap: LDAP radiusIdleTimeout mapped to RADIUS Idle-Timeout rlm_ldap: LDAP radiusTerminationAction mapped to RADIUS Termination-Action rlm_ldap: LDAP radiusLoginLATService mapped to RADIUS Login-LAT-Service rlm_ldap: LDAP radiusLoginLATNode mapped to RADIUS Login-LAT-Node rlm_ldap: LDAP radiusLoginLATGroup mapped to RADIUS Login-LAT-Group rlm_ldap: LDAP radiusFramedAppleTalkLink mapped to RADIUS Framed-AppleTalk-Link rlm_ldap: LDAP radiusFramedAppleTalkNetwork mapped to RADIUS Framed-AppleTalk-Network rlm_ldap: LDAP radiusFramedAppleTalkZone mapped to RADIUS Framed-AppleTalk-Zone rlm_ldap: LDAP radiusPortLimit mapped to RADIUS Port-Limit rlm_ldap: LDAP radiusLoginLATPort mapped to RADIUS Login-LAT-Port rlm_ldap: LDAP radiusReplyMessage mapped to RADIUS Reply-Message rlm_ldap: LDAP radiusTunnelType mapped to RADIUS Tunnel-Type rlm_ldap: LDAP radiusTunnelMediumType mapped to RADIUS Tunnel-Medium-Type rlm_ldap: LDAP radiusTunnelPrivateGroupId mapped to RADIUS Tunnel-Private-Group-Id rlm_ldap: LDAP userPassword mapped to RADIUS User-Password conns: 0x919c6d0 Module: Linked to module rlm_chap Module: Instantiating module "chap" from file /etc/freeradius/radiusd.conf Module: Checking authorize {...} for more modules to load Module: Checking session {...} for more modules to load Module: Checking post-proxy {...} for more modules to load Module: Checking post-auth {...} for more modules to load } # modules } # server radiusd: #### Opening IP addresses and Ports #### listen { type = "auth" ipaddr = * port = 0 } listen { type = "acct" ipaddr = * port = 0 } ... adding new socket proxy address * port 58336 Listening on authentication address * port 1812 Listening on accounting address * port 1813 Listening on proxy address * port 1814 Ready to process requests. rad_recv: Access-Request packet from host 193.62.48.38 port 1814, id=141, length=241 User-Name = "ogec1" Calling-Station-Id = "90-a4-de-49-e0-60" Called-Station-Id = "54-75-d0-e7-1f-80:EduroamTest" NAS-Port = 29 Cisco-AVPair = "audit-session-id=0afffcf0002078fd54eb3ec5" NAS-IP-Address = 10.255.252.240 NAS-Identifier = "UOW_WLC1" Airespace-Wlan-Id = 8 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "220" EAP-Message = 0x0202000a016f67656331 Message-Authenticator = 0xb855580825ef3485edfd07de9d10b513 Domain-Name = "WORC.AC.UK" Proxy-State = 0x3531 # Executing section authorize from file /etc/freeradius/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok ++[mschap_ad] returns noop [ntdomain] No '\' in User-Name = "ogec1", skipping NULL due to config. ++[ntdomain] returns noop [suffix] No '@' in User-Name = "ogec1", looking up realm NULL [suffix] Found realm "NULL" [suffix] Adding Stripped-User-Name = "ogec1" [suffix] Adding Realm = "NULL" [suffix] Authentication realm is LOCAL. ++[suffix] returns ok [eap] EAP packet type response id 2 length 10 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop Found Auth-Type = EAP # Executing group from file /etc/freeradius/sites-enabled/default +- entering group EAP {...} [eap] EAP Identity [eap] processing type tls [tls] Initiate [tls] Start returned 1 ++[eap] returns handled Sending Access-Challenge of id 141 to 193.62.48.38 port 1814 EAP-Message = 0x010300061920 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x82abff3182a8e699ec98d69f27a1924f Proxy-State = 0x3531 Finished request 0. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 193.62.48.38 port 1814, id=19, length=388 User-Name = "ogec1" Calling-Station-Id = "90-a4-de-49-e0-60" Called-Station-Id = "54-75-d0-e7-1f-80:EduroamTest" NAS-Port = 29 Cisco-AVPair = "audit-session-id=0afffcf0002078fd54eb3ec5" NAS-IP-Address = 10.255.252.240 NAS-Identifier = "UOW_WLC1" Airespace-Wlan-Id = 8 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "220" EAP-Message = 0x0203008b198000000081160301007c01000078030154eb3f576479184590b0d35561864a10d3c899aa007d90a460a62ecf3047d297207d8717b0068210e7b0a477edb0fba66eba51860a2343fccd8f016683729f0b760018c014c0130035002fc00ac00900380032000a00130005000401000017000a00080006001700180019000b00020100ff01000100 State = 0x82abff3182a8e699ec98d69f27a1924f Message-Authenticator = 0x9e24fdae68119241a0267fcf1746aa2e Domain-Name = "WORC.AC.UK" Proxy-State = 0x3532 # Executing section authorize from file /etc/freeradius/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok ++[mschap_ad] returns noop [ntdomain] No '\' in User-Name = "ogec1", skipping NULL due to config. ++[ntdomain] returns noop [suffix] No '@' in User-Name = "ogec1", looking up realm NULL [suffix] Found realm "NULL" [suffix] Adding Stripped-User-Name = "ogec1" [suffix] Adding Realm = "NULL" [suffix] Authentication realm is LOCAL. ++[suffix] returns ok [eap] EAP packet type response id 3 length 139 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP # Executing group from file /etc/freeradius/sites-enabled/default +- entering group EAP {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS TLS Length 129 [peap] Length Included [peap] eaptls_verify returned 11 [peap] (other): before/accept initialization [peap] TLS_accept: before/accept initialization [peap] <<< TLS 1.0 Handshake [length 007c], ClientHello [peap] TLS_accept: SSLv3 read client hello A [peap] >>> TLS 1.0 Handshake [length 0031], ServerHello [peap] TLS_accept: SSLv3 write server hello A [peap] >>> TLS 1.0 Handshake [length 143f], Certificate [peap] TLS_accept: SSLv3 write certificate A [peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone [peap] TLS_accept: SSLv3 write server done A [peap] TLS_accept: SSLv3 flush data [peap] TLS_accept: Need to read more data: SSLv3 read client certificate A In SSL Handshake Phase In SSL Accept mode [peap] eaptls_process returned 13 [peap] EAPTLS_HANDLED ++[eap] returns handled Sending Access-Challenge of id 19 to 193.62.48.38 port 1814 EAP-Message = 0x0104040019c00000148316030100310200002d030154eb3f5704ad748ff40a442842ebf4f213ad044feebf9108a5e03ded8070e3df000035000005ff01000100160301143f0b00143b00143800047a308204763082035ea003020102021100f4ed39d224faf0e5f2df0eeb3cf594cd300d06092a864886f70d01010505003036310b3009060355040613024e4c310f300d060355040a1306544552454e41311630140603550403130d544552454e412053534c204341301e170d3133313030383030303030305a170d3136313030373233353935395a30423121301f060355040b1318446f6d61696e20436f6e74726f6c2056616c696461746564311d EAP-Message = 0x301b060355040313147577656475726f616d2e776f72632e61632e756b30820122300d06092a864886f70d01010105000382010f003082010a0282010100bf255b99fad09b4b6ba8c3989866c33e118007a24b48e78f678671322165f7ed852902ee48b6f7e1b2e06bb8cdf575ef765d2fe89891f6d9471ef9e8527bed9850f0b66a211e569a21dfa710eef286a47810b432bbd1327d69fca31024cf1c775af067302087ede27a556d69ed1c98820b9e7cfa7fea7e161e1a3436589fa656cef13abef02700403004c37ca6aba866875b801c4450e73a63890c7765a1fd3ef34ce113d8dec5faa34bb61e1800c937d65b8667eff94a4e665d28a7062e80 EAP-Message = 0x4706156f95f9beb031cee37c6cdcd46c5b37040fe1c9a5e5a7a352433e641d5d5fc54c4a01a8e5cd664f5b60fd3d146f221d21d7016df0d3e2d71e621e50ab2c750203010001a38201713082016d301f0603551d230418301680140cbd93680cf3deaba3496b2b375747ea90e3b9ed301d0603551d0e041604147628d2253cc8a17bce0622764dc14af275694989300e0603551d0f0101ff0404030205a0300c0603551d130101ff04023000301d0603551d250416301406082b0601050507030106082b0601050507030230220603551d20041b3019300d060b2b06010401b2310102021d3008060667810c010201303a0603551d1f04333031302fa0 EAP-Message = 0x2da02b8629687474703a2f2f63726c2e7463732e746572656e612e6f72672f544552454e4153534c43412e63726c306d06082b060105050701010461305f303506082b060105050730028629687474703a2f2f6372742e7463732e746572656e612e6f72672f544552454e4153534c43412e637274302606082b06010505073001861a687474703a2f2f6f6373702e7463732e746572656e612e6f7267301f0603551d110418301682147577656475726f616d2e776f72632e61632e756b300d06092a864886f70d010105050003820101003fb05ffb23193cc81798abb8079c82fde71eb5bb172c8e229f91ebbeb03048c743dc5f85e83185d21e6d65 EAP-Message = 0x6b9b655fb03a47612cfc9c70 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x82abff3183afe699ec98d69f27a1924f Proxy-State = 0x3532 Finished request 1. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 193.62.48.38 port 1814, id=3, length=255 User-Name = "ogec1" Calling-Station-Id = "90-a4-de-49-e0-60" Called-Station-Id = "54-75-d0-e7-1f-80:EduroamTest" NAS-Port = 29 Cisco-AVPair = "audit-session-id=0afffcf0002078fd54eb3ec5" NAS-IP-Address = 10.255.252.240 NAS-Identifier = "UOW_WLC1" Airespace-Wlan-Id = 8 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "220" EAP-Message = 0x020400061900 State = 0x82abff3183afe699ec98d69f27a1924f Message-Authenticator = 0x728b80e4e34918bc76c77f9952d6d939 Domain-Name = "WORC.AC.UK" Proxy-State = 0x3533 # Executing section authorize from file /etc/freeradius/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok ++[mschap_ad] returns noop [ntdomain] No '\' in User-Name = "ogec1", skipping NULL due to config. ++[ntdomain] returns noop [suffix] No '@' in User-Name = "ogec1", looking up realm NULL [suffix] Found realm "NULL" [suffix] Adding Stripped-User-Name = "ogec1" [suffix] Adding Realm = "NULL" [suffix] Authentication realm is LOCAL. ++[suffix] returns ok [eap] EAP packet type response id 4 length 6 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP # Executing group from file /etc/freeradius/sites-enabled/default +- entering group EAP {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] Received TLS ACK [peap] ACK handshake fragment handler [peap] eaptls_verify returned 1 [peap] eaptls_process returned 13 [peap] EAPTLS_HANDLED ++[eap] returns handled Sending Access-Challenge of id 3 to 193.62.48.38 port 1814 EAP-Message = 0x010503fc1940dcd1c2b2c822995d11e228ddb08d505d48826cf9e576b8a8bf2602d42c03bed50ac0cf72e5125d4fb930456f6b5ecc34e08a26a3579d1a70b88d257af22efc19916c168b6e9e095895d27f8e3a66fc864fbfa3d654b22b4cd118fbb7b25069928e2eb2b116dc8393fc4a237d229fc476ac758371280c722a8bb165d64c61f26574599dd093be9bc4f8694846fcb08e87a54391f58ee65a10ad3c1fcc556ff62d8b275695693861b909cbc5c8ae8b08e507fdb2b48ca9a4bdff235c0b02a9d22484251a03c82b4535ee0005fd308205f9308203e1a003020102021100b0ffcf3a1d82449815629d64886a4165300d06092a864886f70d01 EAP-Message = 0x010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3134313030393030303030305a170d3234313030383233353935395a3064310b3009060355040613024e4c311630140603550408130d4e6f6f72642d486f6c6c616e643112301006035504071309416d7374657264616d310f300d060355040a1306544552454e413118 EAP-Message = 0x30160603550403130f544552454e412053534c204341203230820122300d06092a864886f70d01010105000382010f003082010a0282010100b03a6d7fa9b8009ef3853a08642cf9440c20b4b3154d062da6f093c948bef764ada48e15b331811417fc6ee28b19758b3612cf076d7678265e27bf2c16ba42fbdd1e508f64af759b0a3a82a93125518e7fc442dd1f5c9391bb94fa7057fae7fdb8b868ca9b6a19245437fe326189f722c18f63d5d1697e494dbcd7d0db4cd6f60fbdc1884293d691f99f969911ea6e72e780216cf14e8eec63b83daf6539d085922a793a0ed6e8ad9b2589a2d42e726b73a1d2e2dfce5870ffc05401775df9769d2f43da EAP-Message = 0xa226dd1d429a4d38b156fe3ab4cb6b6cf26a9f3fb3ae3ba7d0153eac277f1bf4596050567e9d75259e3fc676bfff99ccd8f1a96a895fdee707cd8d8b0203010001a382017f3082017b301f0603551d230418301680145379bf5aaa2b4acf5480e1d89bc09df2b20366cb301d0603551d0e041604145bd08a1c9a325be0b5dd96541be18628b0fdb6bd300e0603551d0f0101ff04040302018630120603551d130101ff040830060101ff020100301d0603551d250416301406082b0601050507030106082b06010505070302302c0603551d2004253023300d060b2b06010401b2310102021d3008060667810c0102013008060667810c010202305006 EAP-Message = 0x03551d1f04493047 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x82abff3180aee699ec98d69f27a1924f Proxy-State = 0x3533 Finished request 2. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 193.62.48.38 port 1814, id=178, length=255 User-Name = "ogec1" Calling-Station-Id = "90-a4-de-49-e0-60" Called-Station-Id = "54-75-d0-e7-1f-80:EduroamTest" NAS-Port = 29 Cisco-AVPair = "audit-session-id=0afffcf0002078fd54eb3ec5" NAS-IP-Address = 10.255.252.240 NAS-Identifier = "UOW_WLC1" Airespace-Wlan-Id = 8 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "220" EAP-Message = 0x020500061900 State = 0x82abff3180aee699ec98d69f27a1924f Message-Authenticator = 0xbc4a1cfdc8a35afb5adcd3681a92b9ef Domain-Name = "WORC.AC.UK" Proxy-State = 0x3534 # Executing section authorize from file /etc/freeradius/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok ++[mschap_ad] returns noop [ntdomain] No '\' in User-Name = "ogec1", skipping NULL due to config. ++[ntdomain] returns noop [suffix] No '@' in User-Name = "ogec1", looking up realm NULL [suffix] Found realm "NULL" [suffix] Adding Stripped-User-Name = "ogec1" [suffix] Adding Realm = "NULL" [suffix] Authentication realm is LOCAL. ++[suffix] returns ok [eap] EAP packet type response id 5 length 6 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP # Executing group from file /etc/freeradius/sites-enabled/default +- entering group EAP {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] Received TLS ACK [peap] ACK handshake fragment handler [peap] eaptls_verify returned 1 [peap] eaptls_process returned 13 [peap] EAPTLS_HANDLED ++[eap] returns handled Sending Access-Challenge of id 178 to 193.62.48.38 port 1814 EAP-Message = 0x010603fc19403045a043a041863f687474703a2f2f63726c2e7573657274727573742e636f6d2f55534552547275737452534143657274696669636174696f6e417574686f726974792e63726c307606082b06010505070101046a3068303f06082b060105050730028633687474703a2f2f6372742e7573657274727573742e636f6d2f555345525472757374525341416464547275737443412e637274302506082b060105050730018619687474703a2f2f6f6373702e7573657274727573742e636f6d300d06092a864886f70d01010c050003820201007d90696656541c6b3cae7f250813e9bb646cf567882fbdc1510aaed363f62ddb70310900 EAP-Message = 0x7e1d8bdae4332198e02193dbc08e258e5506cc2a65e303e8597227ae379a987cc2f4135a12712d6dabdf326981a706a28b201da890d228aa61d4f6ffa5bf86808e67912a227e1d942d1a61bb20219089e8d50a110af608ba5e1bcb6c28853ec5160f65fdb7d1b161c1a625d886bf0efa9bfad1f522a767b8152ef908adb7750239f42961f9bfc0aa17eb42de268f9d65643207de6c3d32d303ec47d57469203a7eb870efa9a22a9c5542b6e33e8bd8ff265afb7c266c888586d7933e50f84487d450d11d433032bad2ba8d2108caf7eec66ece9259081c5373748f9cf8d7ad1abe4d46eeacc4b981eba750cc1d66fc0e0d7e061db80ed37ebb9a87ae0b EAP-Message = 0xb69b8404cec1a07b16df02b21843adabb92609abaa041d5037ee2abd22418a00b5dc9fc305d4e6824c67da2b02f565ac5929bb7a0c4e54b7d23b7d033b2064c6c5e8502a92b05fa0479772585fc10a6f9ff53d09d5e708687592e2d5b89e8fbe8d1b3b438cf34ed554ab76edcc507f2e99edb4b549fae3757d8b11680dd53afa5d50b02b8103782cb4db8fbf4c405b92a3a21a0a415dac57fa6e574ef40755eb6308329300244a5d9dc2c1522893c1c8241aa693fbcd7d3fa673bccf689d79632ee7252b423836b10b56c28a5ff7ae4a31d9df6a06cd2fa39809bc058013c700057b308205773082045fa003020102021013ea28705bf4eced0c366309 EAP-Message = 0x80614336300d06092a864886f70d01010c0500306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74301e170d3030303533303130343833385a170d3230303533303130343833385a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f EAP-Message = 0x726b312e302c0603 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x82abff3181ade699ec98d69f27a1924f Proxy-State = 0x3534 Finished request 3. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 193.62.48.38 port 1814, id=252, length=255 User-Name = "ogec1" Calling-Station-Id = "90-a4-de-49-e0-60" Called-Station-Id = "54-75-d0-e7-1f-80:EduroamTest" NAS-Port = 29 Cisco-AVPair = "audit-session-id=0afffcf0002078fd54eb3ec5" NAS-IP-Address = 10.255.252.240 NAS-Identifier = "UOW_WLC1" Airespace-Wlan-Id = 8 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "220" EAP-Message = 0x020600061900 State = 0x82abff3181ade699ec98d69f27a1924f Message-Authenticator = 0xe93051db1ef6b200ec58af099fa02683 Domain-Name = "WORC.AC.UK" Proxy-State = 0x3535 # Executing section authorize from file /etc/freeradius/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok ++[mschap_ad] returns noop [ntdomain] No '\' in User-Name = "ogec1", skipping NULL due to config. ++[ntdomain] returns noop [suffix] No '@' in User-Name = "ogec1", looking up realm NULL [suffix] Found realm "NULL" [suffix] Adding Stripped-User-Name = "ogec1" [suffix] Adding Realm = "NULL" [suffix] Authentication realm is LOCAL. ++[suffix] returns ok [eap] EAP packet type response id 6 length 6 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP # Executing group from file /etc/freeradius/sites-enabled/default +- entering group EAP {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] Received TLS ACK [peap] ACK handshake fragment handler [peap] eaptls_verify returned 1 [peap] eaptls_process returned 13 [peap] EAPTLS_HANDLED ++[eap] returns handled Sending Access-Challenge of id 252 to 193.62.48.38 port 1814 EAP-Message = 0x010703fc19405504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf EAP-Message = 0x0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757 EAP-Message = 0x879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a381f43081f1301f0603551d23041830168014adbd987a34b426f7fac42654ef03bde024cb541a301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff30110603551d20040a300830060604551d200030440603551d1f043d303b3039a037a0358633687474703a2f2f63726c2e757365727472757374 EAP-Message = 0x2e636f6d2f416464547275737445787465726e616c4341526f6f742e63726c303506082b0601050507010104293027302506082b060105050730018619687474703a2f2f6f6373702e7573657274727573742e636f6d300d06092a864886f70d01010c050003820101009365f63783950f5ec3821c1fd677e73c8ac0aa09f0e90b26f1e0c26a75a1c779c9b95260c829120ef0ad03d609c476dfe5a68195a746da8257a99592c5b68f03226c3377c17b32176e07ce5a14413a05241bf614063ba825240ebbcc2a75ddb970413f7cd0633621071f46ff60a491e167bcde1f7e1914c9636791ea67076bb48f8bc06e437dc3a1806cb21ebc53857ddc90a1 EAP-Message = 0xa4bc2def46725735 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x82abff3186ace699ec98d69f27a1924f Proxy-State = 0x3535 Finished request 4. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 193.62.48.38 port 1814, id=169, length=255 User-Name = "ogec1" Calling-Station-Id = "90-a4-de-49-e0-60" Called-Station-Id = "54-75-d0-e7-1f-80:EduroamTest" NAS-Port = 29 Cisco-AVPair = "audit-session-id=0afffcf0002078fd54eb3ec5" NAS-IP-Address = 10.255.252.240 NAS-Identifier = "UOW_WLC1" Airespace-Wlan-Id = 8 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "220" EAP-Message = 0x020700061900 State = 0x82abff3186ace699ec98d69f27a1924f Message-Authenticator = 0xbeedf4557819ab9a46fe2bfe15cf3388 Domain-Name = "WORC.AC.UK" Proxy-State = 0x3536 # Executing section authorize from file /etc/freeradius/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok ++[mschap_ad] returns noop [ntdomain] No '\' in User-Name = "ogec1", skipping NULL due to config. ++[ntdomain] returns noop [suffix] No '@' in User-Name = "ogec1", looking up realm NULL [suffix] Found realm "NULL" [suffix] Adding Stripped-User-Name = "ogec1" [suffix] Adding Realm = "NULL" [suffix] Authentication realm is LOCAL. ++[suffix] returns ok [eap] EAP packet type response id 7 length 6 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP # Executing group from file /etc/freeradius/sites-enabled/default +- entering group EAP {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] Received TLS ACK [peap] ACK handshake fragment handler [peap] eaptls_verify returned 1 [peap] eaptls_process returned 13 [peap] EAPTLS_HANDLED ++[eap] returns handled Sending Access-Challenge of id 169 to 193.62.48.38 port 1814 EAP-Message = 0x010803fc194005bfbb46bb6e6d3799b6ff239291c66e40f88f2956ea5fd55f1453acf04f61eaf722cca7560be2b8341f26d97b1905683fba3cd43806a2d3e68f0ee3b4716d4042c584b440952bf465a04879f61d8163969d4f75e0f87ce48ea9d1f2ad8ab38cc721cdc2ef00043a308204363082031ea003020102020101300d06092a864886f70d0101050500306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f EAP-Message = 0x74301e170d3030303533303130343833385a170d3230303533303130343833385a306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100b7f71a33e6f200042d39e04e5bed1fbc6c0fcdb5fa23b6cede9b113397a4294c7d939fbd4abc93ed031ae38fcfe56d505ad69729945a80b0497adb2e95fdb8cabf37382d1e3e9141ad70 EAP-Message = 0x56c7f04f3fe8329e74cac89054e9c65f0f789d9a403c0eac61aa5e148f9e87a16a50dcd79a4eaf05b3a671949c71b350600ac7139d38078602a8e9a869261890ab4cb04f23ab3a4f84d8dfce9fe1696fbbd742d76b44e4c7adee6d415f725a710837b37965a459a09437f7002f0dc29272dad03872db14a845c45d2a7db7b4d6c4eeaccd1344b7c92bdd430025fa61b9696a582311b7a7338f567559f5cd29d746b70a2b65b6d3426f15b2b87bfbefe95d53d5345a270203010001a381dc3081d9301d0603551d0e04160414adbd987a34b426f7fac42654ef03bde024cb541a300b0603551d0f040403020106300f0603551d130101ff040530030101 EAP-Message = 0xff3081990603551d2304819130818e8014adbd987a34b426f7fac42654ef03bde024cb541aa173a471306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74820101300d06092a864886f70d01010505000382010100b09be08525c2d623e20f9606929d41989cd9847981d91e5b14072336658fb0d877bbac416c47608351b0f9323de7fcf62613c78016a5bf5afc87cf787989219ae24c070a8635bcf2de51c4d2 EAP-Message = 0x96b7dc7e4eee70fd Message-Authenticator = 0x00000000000000000000000000000000 State = 0x82abff3187a3e699ec98d69f27a1924f Proxy-State = 0x3536 Finished request 5. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 193.62.48.38 port 1814, id=74, length=255 User-Name = "ogec1" Calling-Station-Id = "90-a4-de-49-e0-60" Called-Station-Id = "54-75-d0-e7-1f-80:EduroamTest" NAS-Port = 29 Cisco-AVPair = "audit-session-id=0afffcf0002078fd54eb3ec5" NAS-IP-Address = 10.255.252.240 NAS-Identifier = "UOW_WLC1" Airespace-Wlan-Id = 8 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "220" EAP-Message = 0x020800061900 State = 0x82abff3187a3e699ec98d69f27a1924f Message-Authenticator = 0xc1eca1730cd2f49a7f50b17d913e193f Domain-Name = "WORC.AC.UK" Proxy-State = 0x3537 # Executing section authorize from file /etc/freeradius/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok ++[mschap_ad] returns noop [ntdomain] No '\' in User-Name = "ogec1", skipping NULL due to config. ++[ntdomain] returns noop [suffix] No '@' in User-Name = "ogec1", looking up realm NULL [suffix] Found realm "NULL" [suffix] Adding Stripped-User-Name = "ogec1" [suffix] Adding Realm = "NULL" [suffix] Authentication realm is LOCAL. ++[suffix] returns ok [eap] EAP packet type response id 8 length 6 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP # Executing group from file /etc/freeradius/sites-enabled/default +- entering group EAP {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] Received TLS ACK [peap] ACK handshake fragment handler [peap] eaptls_verify returned 1 [peap] eaptls_process returned 13 [peap] EAPTLS_HANDLED ++[eap] returns handled Sending Access-Challenge of id 74 to 193.62.48.38 port 1814 EAP-Message = 0x010900bb19001c39eb0c0251142d8ebd16e0c1df4675e724adecf442b48593701067ba9d06354a18d32b7acc5142a17a63d1e6bba1c52bc236be130de6bd637e797ba7090d40ab6add8f8ac3f6f68c1a420551d445f59fa76221681520433c99e77cbd24d8a9911773883f561b313818b4710f9acdc80e9e8e2e1be18c9883cb1f31f1444cc604734976600fc7f8bd17806b2ee9cc4c0e5a9a790f200a2ed59e63261e559294d882175a7bd0bcc78f4e860416030100040e000000 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x82abff3184a2e699ec98d69f27a1924f Proxy-State = 0x3537 Finished request 6. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 193.62.48.38 port 1814, id=36, length=255 User-Name = "ogec1" Calling-Station-Id = "90-a4-de-49-e0-60" Called-Station-Id = "54-75-d0-e7-1f-80:EduroamTest" NAS-Port = 29 Cisco-AVPair = "audit-session-id=0afffcf0002078fd54eb3ec5" NAS-IP-Address = 10.255.252.240 NAS-Identifier = "UOW_WLC1" Airespace-Wlan-Id = 8 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "220" EAP-Message = 0x020900061900 State = 0x82abff3184a2e699ec98d69f27a1924f Message-Authenticator = 0xe2b6560727edef65a7cf0f6a60f40c02 Domain-Name = "WORC.AC.UK" Proxy-State = 0x3538 # Executing section authorize from file /etc/freeradius/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok ++[mschap_ad] returns noop [ntdomain] No '\' in User-Name = "ogec1", skipping NULL due to config. ++[ntdomain] returns noop [suffix] No '@' in User-Name = "ogec1", looking up realm NULL [suffix] Found realm "NULL" [suffix] Adding Stripped-User-Name = "ogec1" [suffix] Adding Realm = "NULL" [suffix] Authentication realm is LOCAL. ++[suffix] returns ok [eap] EAP packet type response id 9 length 6 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP # Executing group from file /etc/freeradius/sites-enabled/default +- entering group EAP {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] Received TLS ACK [peap] ACK handshake fragment handler [peap] eaptls_verify returned 1 [peap] eaptls_process returned 13 [peap] EAPTLS_HANDLED ++[eap] returns handled Sending Access-Challenge of id 36 to 193.62.48.38 port 1814 EAP-Message = 0x010a00061900 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x82abff3185a1e699ec98d69f27a1924f Proxy-State = 0x3538 Finished request 7. Going to the next request Waking up in 4.9 seconds. Cleaning up request 0 ID 141 with timestamp +116 Cleaning up request 1 ID 19 with timestamp +116 Cleaning up request 2 ID 3 with timestamp +116 Cleaning up request 3 ID 178 with timestamp +116 Cleaning up request 4 ID 252 with timestamp +116 Cleaning up request 5 ID 169 with timestamp +116 Cleaning up request 6 ID 74 with timestamp +116 Cleaning up request 7 ID 36 with timestamp +116 WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING: !! EAP session for state 0x82abff3185a1e699 did not finish! WARNING: !! Please read http://wiki.freeradius.org/Certificate_Compatibility WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Ready to process requests.