Freeradius-Users
Threads by month
- ----- 2026 -----
- July
- June
- May
- April
- March
- February
- January
- ----- 2025 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
June 2006
- 189 participants
- 309 discussions
Hi All
I work for an isp, and we need to track the users data transfer by calendar
month. I have FreeRadius/MySQL running on FreeBSD, the final task for me to
do is work out how to force radius to start a new accounting record in the
MySQL database which will allow us to do a query by month on the database to
calculate data transfer. Is there an obvious solution which I am missing?
Thanks in advance
Dan
2
1
Hi,
We are trying to configure freeradius (v1.1.2) server hierarchy where
authentication request
are sent from wireless supplicants (802.1x) through the proxy radius
server (host 'radius')
to the authentication server (host 'pdc'). We use EAP-PEAP and EAP-TTLS
and 'ntlm_auth'
feature on the 'pdc' for authentication. The same hierarchy is used for
VPN box authentication
(using LDAP).
Authentication when access-points use 'pdc' directly works fine for
EAP-PEAP/TTLS.
Authentication for the topology
access-point <-> proxy <-> pdc
fails. Probably supplicant/access-point ignores "access-challenge (EAP)"
response.
VPN (LDAP) authentication works fine with proxy (and directly with pdc).
Attached log files for the 'pdc' (pdc_log.txt) and the proxy 'radius'
(radius_log.txt) - for
failed EAP-PEAP authentication and successful authentication
directly against the 'pdc' (pdc_ok_log.txt).
Any suggestions what goes wrong with EAP through the proxy and how to
correct the problem?
Regards,
--
W. A. Pietraszek email: wap(a)cs.aau.dk
Computer Science Dept. phone: (+45) 96 35 89 07
Aalborg University fax: (+45) 98 15 98 89
Fredrik Bajers Vej 7E , DK-9220 Aalborg, Denmark
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/priv/1x/freeradius-1.1.2/etc/raddb/proxy.conf
Config: including file: /usr/priv/1x/freeradius-1.1.2/etc/raddb/clients.conf
Config: including file: /usr/priv/1x/freeradius-1.1.2/etc/raddb/snmp.conf
Config: including file: /usr/priv/1x/freeradius-1.1.2/etc/raddb/eap.conf
Config: including file: /usr/priv/1x/freeradius-1.1.2/etc/raddb/sql.conf
main: prefix = "/usr/priv/1x/freeradius-1.1.2"
main: localstatedir = "/usr/priv/1x/freeradius-1.1.2/var"
main: logdir = "/usr/priv/1x/freeradius-1.1.2/var/log/radius"
main: libdir = "/usr/priv/1x/freeradius-1.1.2/lib"
main: radacctdir = "/usr/priv/1x/freeradius-1.1.2/var/log/radius/radacct"
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 1782
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = "/usr/priv/1x/freeradius-1.1.2/var/log/radius/radius.log"
main: log_auth = yes
main: log_auth_badpass = yes
main: log_auth_goodpass = no
main: pidfile = "/usr/priv/1x/freeradius-1.1.2/var/run/radiusd/radiusd.pid"
main: bind_address = pdc.cs.aau.dk IP address [130.225.194.5]
main: user = "pack"
main: group = "pack"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: checkrad = "/usr/priv/1x/freeradius-1.1.2/sbin/checkrad"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = no
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /usr/priv/1x/freeradius-1.1.2/lib
Module: Loaded exec
exec: wait = yes
exec: program = "(null)"
exec: input_pairs = "request"
exec: output_pairs = "(null)"
exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = "crypt"
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = yes
mschap: require_strong = no
mschap: with_ntdomain_hack = no
mschap: passwd = "(null)"
mschap: ntlm_auth = "/q/disk_0/samba/bin/ntlm_auth --request-nt-key --username=%{Stripped-User-Name:-%{User-Name:-None}} --challenge=%{mschap:Challenge} --nt-response=%{mschap:NT-Response}"
Module: Instantiated mschap (mschap)
Module: Loaded LDAP
ldap: server = "pdc.cs.aau.dk"
ldap: port = 636
ldap: net_timeout = 1
ldap: timeout = 4
ldap: timelimit = 3
ldap: identity = "cn=admin,ou=DSA,dc=cs,dc=aau,dc=dk"
ldap: tls_mode = no
ldap: start_tls = no
ldap: tls_cacertfile = "(null)"
ldap: tls_cacertdir = "(null)"
ldap: tls_certfile = "(null)"
ldap: tls_keyfile = "(null)"
ldap: tls_randfile = "(null)"
ldap: tls_require_cert = "allow"
ldap: password = "xxxxxx"
ldap: basedn = "ou=Accounts,dc=cs,dc=aau,dc=dk"
ldap: filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
ldap: base_filter = "(objectclass=radiusprofile)"
ldap: default_profile = "(null)"
ldap: profile_attribute = "(null)"
ldap: password_header = "(null)"
ldap: password_attribute = "userPassword"
ldap: access_attr = "uid"
ldap: groupname_attribute = "cn"
ldap: groupmembership_filter = "(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))"
ldap: groupmembership_attribute = "(null)"
ldap: dictionary_mapping = "/usr/priv/1x/freeradius-1.1.2/etc/raddb/ldap.attrmap"
ldap: ldap_debug = 0
ldap: ldap_connections_number = 5
ldap: compare_check_items = no
ldap: access_attr_used_for_allow = yes
ldap: do_xlat = yes
ldap: set_auth_type = yes
rlm_ldap: Registering ldap_groupcmp for Ldap-Group
rlm_ldap: Registering ldap_xlat with xlat_name ldap
rlm_ldap: reading ldap<->radius mappings from file /usr/priv/1x/freeradius-1.1.2/etc/raddb/ldap.attrmap
rlm_ldap: LDAP radiusCheckItem mapped to RADIUS $GENERIC$
rlm_ldap: LDAP radiusReplyItem mapped to RADIUS $GENERIC$
rlm_ldap: LDAP radiusAuthType mapped to RADIUS Auth-Type
rlm_ldap: LDAP radiusSimultaneousUse mapped to RADIUS Simultaneous-Use
rlm_ldap: LDAP radiusCalledStationId mapped to RADIUS Called-Station-Id
rlm_ldap: LDAP radiusCallingStationId mapped to RADIUS Calling-Station-Id
rlm_ldap: LDAP lmPassword mapped to RADIUS LM-Password
rlm_ldap: LDAP ntPassword mapped to RADIUS NT-Password
rlm_ldap: LDAP acctFlags mapped to RADIUS SMB-Account-CTRL-TEXT
rlm_ldap: LDAP radiusExpiration mapped to RADIUS Expiration
rlm_ldap: LDAP radiusNASIpAddress mapped to RADIUS NAS-IP-Address
rlm_ldap: LDAP radiusServiceType mapped to RADIUS Service-Type
rlm_ldap: LDAP radiusFramedProtocol mapped to RADIUS Framed-Protocol
rlm_ldap: LDAP radiusFramedIPAddress mapped to RADIUS Framed-IP-Address
rlm_ldap: LDAP radiusFramedIPNetmask mapped to RADIUS Framed-IP-Netmask
rlm_ldap: LDAP radiusFramedRoute mapped to RADIUS Framed-Route
rlm_ldap: LDAP radiusFramedRouting mapped to RADIUS Framed-Routing
rlm_ldap: LDAP radiusFilterId mapped to RADIUS Filter-Id
rlm_ldap: LDAP radiusFramedMTU mapped to RADIUS Framed-MTU
rlm_ldap: LDAP radiusFramedCompression mapped to RADIUS Framed-Compression
rlm_ldap: LDAP radiusLoginIPHost mapped to RADIUS Login-IP-Host
rlm_ldap: LDAP radiusLoginService mapped to RADIUS Login-Service
rlm_ldap: LDAP radiusLoginTCPPort mapped to RADIUS Login-TCP-Port
rlm_ldap: LDAP radiusCallbackNumber mapped to RADIUS Callback-Number
rlm_ldap: LDAP radiusCallbackId mapped to RADIUS Callback-Id
rlm_ldap: LDAP radiusFramedIPXNetwork mapped to RADIUS Framed-IPX-Network
rlm_ldap: LDAP radiusClass mapped to RADIUS Class
rlm_ldap: LDAP radiusSessionTimeout mapped to RADIUS Session-Timeout
rlm_ldap: LDAP radiusIdleTimeout mapped to RADIUS Idle-Timeout
rlm_ldap: LDAP radiusTerminationAction mapped to RADIUS Termination-Action
rlm_ldap: LDAP radiusLoginLATService mapped to RADIUS Login-LAT-Service
rlm_ldap: LDAP radiusLoginLATNode mapped to RADIUS Login-LAT-Node
rlm_ldap: LDAP radiusLoginLATGroup mapped to RADIUS Login-LAT-Group
rlm_ldap: LDAP radiusFramedAppleTalkLink mapped to RADIUS Framed-AppleTalk-Link
rlm_ldap: LDAP radiusFramedAppleTalkNetwork mapped to RADIUS Framed-AppleTalk-Network
rlm_ldap: LDAP radiusFramedAppleTalkZone mapped to RADIUS Framed-AppleTalk-Zone
rlm_ldap: LDAP radiusPortLimit mapped to RADIUS Port-Limit
rlm_ldap: LDAP radiusLoginLATPort mapped to RADIUS Login-LAT-Port
rlm_ldap: LDAP radiusReplyMessage mapped to RADIUS Reply-Message
conns: 0x828f8f8
Module: Instantiated ldap (ldap)
Module: Loaded eap
eap: default_eap_type = "peap"
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
tls: rsa_key_exchange = no
tls: dh_key_exchange = yes
tls: rsa_key_length = 512
tls: dh_key_length = 512
tls: verify_depth = 0
tls: CA_path = "(null)"
tls: pem_file_type = yes
tls: private_key_file = "/usr/priv/1x/freeradius-1.1.2/etc/raddb/certs/pdc.key"
tls: certificate_file = "/usr/priv/1x/freeradius-1.1.2/etc/raddb/certs/pdc.pem"
tls: CA_file = "/usr/priv/1x/freeradius-1.1.2/etc/raddb/certs/cacert.pem"
tls: private_key_password = "(null)"
tls: dh_file = "/usr/priv/1x/freeradius-1.1.2/etc/raddb/certs/dh"
tls: random_file = "/usr/priv/1x/freeradius-1.1.2/etc/raddb/certs/random"
tls: fragment_size = 1024
tls: include_length = yes
tls: check_crl = no
tls: check_cert_cn = "(null)"
tls: cipher_list = "(null)"
tls: check_cert_issuer = "(null)"
rlm_eap_tls: Loading the certificate file as a chain
rlm_eap: Loaded and initialized type tls
ttls: default_eap_type = "md5"
ttls: copy_request_to_tunnel = no
ttls: use_tunneled_reply = no
rlm_eap: Loaded and initialized type ttls
peap: default_eap_type = "mschapv2"
peap: copy_request_to_tunnel = no
peap: use_tunneled_reply = no
peap: proxy_tunneled_request_as_eap = yes
rlm_eap: Loaded and initialized type peap
mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
preprocess: huntgroups = "/usr/priv/1x/freeradius-1.1.2/etc/raddb/huntgroups"
preprocess: hints = "/usr/priv/1x/freeradius-1.1.2/etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
realm: ignore_default = no
realm: ignore_null = no
Module: Instantiated realm (suffix)
Module: Loaded Acct-Unique-Session-Id
acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded files
files: usersfile = "/usr/priv/1x/freeradius-1.1.2/etc/raddb/users"
files: acctusersfile = "/usr/priv/1x/freeradius-1.1.2/etc/raddb/acct_users"
files: preproxy_usersfile = "/usr/priv/1x/freeradius-1.1.2/etc/raddb/preproxy_users"
files: compat = "no"
Module: Instantiated files (files)
Module: Loaded detail
detail: detailfile = "/usr/priv/1x/freeradius-1.1.2/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded System
unix: cache = no
unix: passwd = "(null)"
unix: shadow = "(null)"
unix: group = "(null)"
unix: radwtmp = "/usr/priv/1x/freeradius-1.1.2/var/log/radius/radwtmp"
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded radutmp
radutmp: filename = "/usr/priv/1x/freeradius-1.1.2/var/log/radius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: case_sensitive = yes
radutmp: check_with_nas = yes
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on authentication 130.225.194.5:1782
Listening on accounting 130.225.194.5:1783
Ready to process requests.
rad_recv: Access-Request packet from host 130.225.52.58:1814, id=0, length=152
User-Name = "guest10(a)cs.aau.dk"
Framed-MTU = 1400
Called-Station-Id = "0015.c729.9180"
Calling-Station-Id = "000f.2093.9f60"
Service-Type = Login-User
Message-Authenticator = 0xfc75c11029fcdc986608144b9ebe982a
EAP-Message = 0x0202001601677565737431304063732e6161752e646b
NAS-Port-Type = Wireless-802.11
NAS-Port = 353
NAS-IP-Address = 192.168.122.32
NAS-Identifier = "ap2"
Proxy-State = 0x3830
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
rlm_realm: Looking up realm "cs.aau.dk" for User-Name = "guest10(a)cs.aau.dk"
rlm_realm: Found realm "cs.aau.dk"
rlm_realm: Adding Stripped-User-Name = "guest10"
rlm_realm: Proxying request from user guest10 to realm cs.aau.dk
rlm_realm: Adding Realm = "cs.aau.dk"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: EAP packet type response id 2 length 22
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 0
rlm_ldap: - authorize
rlm_ldap: performing user authorization for guest10
radius_xlat: '(uid=guest10)'
radius_xlat: 'ou=Accounts,dc=cs,dc=aau,dc=dk'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to pdc.cs.aau.dk:636, authentication 0
rlm_ldap: setting TLS mode to 1
rlm_ldap: bind as cn=admin,ou=DSA,dc=cs,dc=aau,dc=dk/xxxxxx to pdc.cs.aau.dk:636
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: performing search in ou=Accounts,dc=cs,dc=aau,dc=dk, with filter (uid=guest10)
rlm_ldap: checking if remote access for guest10 is allowed by uid
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user guest10 authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 0
modcall: leaving group authorize (returns updated) for request 0
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
modcall[authenticate]: module "eap" returns handled for request 0
modcall: leaving group authenticate (returns handled) for request 0
Sending Access-Challenge of id 0 to 130.225.52.58 port 1814
EAP-Message = 0x010300061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xff2aa2e2b3383c8094b601e9c2db657c
Proxy-State = 0x3830
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 0 with timestamp 4498eb96
Nothing to do. Sleeping until we see a request.
rad_recv: Access-Request packet from host 130.225.52.58:1814, id=1, length=152
User-Name = "guest10(a)cs.aau.dk"
Framed-MTU = 1400
Called-Station-Id = "0015.c729.9180"
Calling-Station-Id = "000f.2093.9f60"
Service-Type = Login-User
Message-Authenticator = 0x2653ef6d35d034c43598a6daccc37a88
EAP-Message = 0x0202001601677565737431304063732e6161752e646b
NAS-Port-Type = Wireless-802.11
NAS-Port = 353
NAS-IP-Address = 192.168.122.32
NAS-Identifier = "ap2"
Proxy-State = 0x3830
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
modcall[authorize]: module "preprocess" returns ok for request 1
modcall[authorize]: module "chap" returns noop for request 1
modcall[authorize]: module "mschap" returns noop for request 1
rlm_realm: Looking up realm "cs.aau.dk" for User-Name = "guest10(a)cs.aau.dk"
rlm_realm: Found realm "cs.aau.dk"
rlm_realm: Adding Stripped-User-Name = "guest10"
rlm_realm: Proxying request from user guest10 to realm cs.aau.dk
rlm_realm: Adding Realm = "cs.aau.dk"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 1
rlm_eap: EAP packet type response id 2 length 22
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 1
rlm_ldap: - authorize
rlm_ldap: performing user authorization for guest10
radius_xlat: '(uid=guest10)'
radius_xlat: 'ou=Accounts,dc=cs,dc=aau,dc=dk'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=Accounts,dc=cs,dc=aau,dc=dk, with filter (uid=guest10)
rlm_ldap: checking if remote access for guest10 is allowed by uid
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user guest10 authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 1
modcall: leaving group authorize (returns updated) for request 1
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 1
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
modcall[authenticate]: module "eap" returns handled for request 1
modcall: leaving group authenticate (returns handled) for request 1
Sending Access-Challenge of id 1 to 130.225.52.58 port 1814
EAP-Message = 0x010300061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x636421d236e97c2c6fbb4ee39070fb77
Proxy-State = 0x3830
Finished request 1
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 1 ID 1 with timestamp 4498eba1
Nothing to do. Sleeping until we see a request.
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/priv/1x/freeradius-1.1.2/etc/raddb/proxy.conf
Config: including file: /usr/priv/1x/freeradius-1.1.2/etc/raddb/clients.conf
Config: including file: /usr/priv/1x/freeradius-1.1.2/etc/raddb/snmp.conf
Config: including file: /usr/priv/1x/freeradius-1.1.2/etc/raddb/eap.conf
Config: including file: /usr/priv/1x/freeradius-1.1.2/etc/raddb/sql.conf
main: prefix = "/usr/priv/1x/freeradius-1.1.2"
main: localstatedir = "/usr/priv/1x/freeradius-1.1.2/var"
main: logdir = "/usr/priv/1x/freeradius-1.1.2/var/log/radius"
main: libdir = "/usr/priv/1x/freeradius-1.1.2/lib"
main: radacctdir = "/usr/priv/1x/freeradius-1.1.2/var/log/radius/radacct"
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 1782
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = "/usr/priv/1x/freeradius-1.1.2/var/log/radius/radius.log"
main: log_auth = yes
main: log_auth_badpass = yes
main: log_auth_goodpass = no
main: pidfile = "/usr/priv/1x/freeradius-1.1.2/var/run/radiusd/radiusd.pid"
main: bind_address = pdc.cs.aau.dk IP address [130.225.194.5]
main: user = "pack"
main: group = "pack"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: checkrad = "/usr/priv/1x/freeradius-1.1.2/sbin/checkrad"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = no
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /usr/priv/1x/freeradius-1.1.2/lib
Module: Loaded exec
exec: wait = yes
exec: program = "(null)"
exec: input_pairs = "request"
exec: output_pairs = "(null)"
exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = "crypt"
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = yes
mschap: require_strong = no
mschap: with_ntdomain_hack = no
mschap: passwd = "(null)"
mschap: ntlm_auth = "/q/disk_0/samba/bin/ntlm_auth --request-nt-key --username=%{Stripped-User-Name:-%{User-Name:-None}} --challenge=%{mschap:Challenge} --nt-response=%{mschap:NT-Response}"
Module: Instantiated mschap (mschap)
Module: Loaded LDAP
ldap: server = "pdc.cs.aau.dk"
ldap: port = 636
ldap: net_timeout = 1
ldap: timeout = 4
ldap: timelimit = 3
ldap: identity = "cn=admin,ou=DSA,dc=cs,dc=aau,dc=dk"
ldap: tls_mode = no
ldap: start_tls = no
ldap: tls_cacertfile = "(null)"
ldap: tls_cacertdir = "(null)"
ldap: tls_certfile = "(null)"
ldap: tls_keyfile = "(null)"
ldap: tls_randfile = "(null)"
ldap: tls_require_cert = "allow"
ldap: password = "xxxxx"
ldap: basedn = "ou=Accounts,dc=cs,dc=aau,dc=dk"
ldap: filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
ldap: base_filter = "(objectclass=radiusprofile)"
ldap: default_profile = "(null)"
ldap: profile_attribute = "(null)"
ldap: password_header = "(null)"
ldap: password_attribute = "userPassword"
ldap: access_attr = "uid"
ldap: groupname_attribute = "cn"
ldap: groupmembership_filter = "(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))"
ldap: groupmembership_attribute = "(null)"
ldap: dictionary_mapping = "/usr/priv/1x/freeradius-1.1.2/etc/raddb/ldap.attrmap"
ldap: ldap_debug = 0
ldap: ldap_connections_number = 5
ldap: compare_check_items = no
ldap: access_attr_used_for_allow = yes
ldap: do_xlat = yes
ldap: set_auth_type = yes
rlm_ldap: Registering ldap_groupcmp for Ldap-Group
rlm_ldap: Registering ldap_xlat with xlat_name ldap
rlm_ldap: reading ldap<->radius mappings from file /usr/priv/1x/freeradius-1.1.2/etc/raddb/ldap.attrmap
rlm_ldap: LDAP radiusCheckItem mapped to RADIUS $GENERIC$
rlm_ldap: LDAP radiusReplyItem mapped to RADIUS $GENERIC$
rlm_ldap: LDAP radiusAuthType mapped to RADIUS Auth-Type
rlm_ldap: LDAP radiusSimultaneousUse mapped to RADIUS Simultaneous-Use
rlm_ldap: LDAP radiusCalledStationId mapped to RADIUS Called-Station-Id
rlm_ldap: LDAP radiusCallingStationId mapped to RADIUS Calling-Station-Id
rlm_ldap: LDAP lmPassword mapped to RADIUS LM-Password
rlm_ldap: LDAP ntPassword mapped to RADIUS NT-Password
rlm_ldap: LDAP acctFlags mapped to RADIUS SMB-Account-CTRL-TEXT
rlm_ldap: LDAP radiusExpiration mapped to RADIUS Expiration
rlm_ldap: LDAP radiusNASIpAddress mapped to RADIUS NAS-IP-Address
rlm_ldap: LDAP radiusServiceType mapped to RADIUS Service-Type
rlm_ldap: LDAP radiusFramedProtocol mapped to RADIUS Framed-Protocol
rlm_ldap: LDAP radiusFramedIPAddress mapped to RADIUS Framed-IP-Address
rlm_ldap: LDAP radiusFramedIPNetmask mapped to RADIUS Framed-IP-Netmask
rlm_ldap: LDAP radiusFramedRoute mapped to RADIUS Framed-Route
rlm_ldap: LDAP radiusFramedRouting mapped to RADIUS Framed-Routing
rlm_ldap: LDAP radiusFilterId mapped to RADIUS Filter-Id
rlm_ldap: LDAP radiusFramedMTU mapped to RADIUS Framed-MTU
rlm_ldap: LDAP radiusFramedCompression mapped to RADIUS Framed-Compression
rlm_ldap: LDAP radiusLoginIPHost mapped to RADIUS Login-IP-Host
rlm_ldap: LDAP radiusLoginService mapped to RADIUS Login-Service
rlm_ldap: LDAP radiusLoginTCPPort mapped to RADIUS Login-TCP-Port
rlm_ldap: LDAP radiusCallbackNumber mapped to RADIUS Callback-Number
rlm_ldap: LDAP radiusCallbackId mapped to RADIUS Callback-Id
rlm_ldap: LDAP radiusFramedIPXNetwork mapped to RADIUS Framed-IPX-Network
rlm_ldap: LDAP radiusClass mapped to RADIUS Class
rlm_ldap: LDAP radiusSessionTimeout mapped to RADIUS Session-Timeout
rlm_ldap: LDAP radiusIdleTimeout mapped to RADIUS Idle-Timeout
rlm_ldap: LDAP radiusTerminationAction mapped to RADIUS Termination-Action
rlm_ldap: LDAP radiusLoginLATService mapped to RADIUS Login-LAT-Service
rlm_ldap: LDAP radiusLoginLATNode mapped to RADIUS Login-LAT-Node
rlm_ldap: LDAP radiusLoginLATGroup mapped to RADIUS Login-LAT-Group
rlm_ldap: LDAP radiusFramedAppleTalkLink mapped to RADIUS Framed-AppleTalk-Link
rlm_ldap: LDAP radiusFramedAppleTalkNetwork mapped to RADIUS Framed-AppleTalk-Network
rlm_ldap: LDAP radiusFramedAppleTalkZone mapped to RADIUS Framed-AppleTalk-Zone
rlm_ldap: LDAP radiusPortLimit mapped to RADIUS Port-Limit
rlm_ldap: LDAP radiusLoginLATPort mapped to RADIUS Login-LAT-Port
rlm_ldap: LDAP radiusReplyMessage mapped to RADIUS Reply-Message
conns: 0x991b948
Module: Instantiated ldap (ldap)
Module: Loaded eap
eap: default_eap_type = "peap"
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
tls: rsa_key_exchange = no
tls: dh_key_exchange = yes
tls: rsa_key_length = 512
tls: dh_key_length = 512
tls: verify_depth = 0
tls: CA_path = "(null)"
tls: pem_file_type = yes
tls: private_key_file = "/usr/priv/1x/freeradius-1.1.2/etc/raddb/certs/pdc.key"
tls: certificate_file = "/usr/priv/1x/freeradius-1.1.2/etc/raddb/certs/pdc.pem"
tls: CA_file = "/usr/priv/1x/freeradius-1.1.2/etc/raddb/certs/cacert.pem"
tls: private_key_password = "(null)"
tls: dh_file = "/usr/priv/1x/freeradius-1.1.2/etc/raddb/certs/dh"
tls: random_file = "/usr/priv/1x/freeradius-1.1.2/etc/raddb/certs/random"
tls: fragment_size = 1024
tls: include_length = yes
tls: check_crl = no
tls: check_cert_cn = "(null)"
tls: cipher_list = "(null)"
tls: check_cert_issuer = "(null)"
rlm_eap_tls: Loading the certificate file as a chain
rlm_eap: Loaded and initialized type tls
ttls: default_eap_type = "md5"
ttls: copy_request_to_tunnel = no
ttls: use_tunneled_reply = no
rlm_eap: Loaded and initialized type ttls
peap: default_eap_type = "mschapv2"
peap: copy_request_to_tunnel = no
peap: use_tunneled_reply = no
peap: proxy_tunneled_request_as_eap = yes
rlm_eap: Loaded and initialized type peap
mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
preprocess: huntgroups = "/usr/priv/1x/freeradius-1.1.2/etc/raddb/huntgroups"
preprocess: hints = "/usr/priv/1x/freeradius-1.1.2/etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
realm: ignore_default = no
realm: ignore_null = no
Module: Instantiated realm (suffix)
Module: Loaded Acct-Unique-Session-Id
acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded files
files: usersfile = "/usr/priv/1x/freeradius-1.1.2/etc/raddb/users"
files: acctusersfile = "/usr/priv/1x/freeradius-1.1.2/etc/raddb/acct_users"
files: preproxy_usersfile = "/usr/priv/1x/freeradius-1.1.2/etc/raddb/preproxy_users"
files: compat = "no"
Module: Instantiated files (files)
Module: Loaded detail
detail: detailfile = "/usr/priv/1x/freeradius-1.1.2/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded System
unix: cache = no
unix: passwd = "(null)"
unix: shadow = "(null)"
unix: group = "(null)"
unix: radwtmp = "/usr/priv/1x/freeradius-1.1.2/var/log/radius/radwtmp"
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded radutmp
radutmp: filename = "/usr/priv/1x/freeradius-1.1.2/var/log/radius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: case_sensitive = yes
radutmp: check_with_nas = yes
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on authentication 130.225.194.5:1782
Listening on accounting 130.225.194.5:1783
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.122.32:1645, id=61, length=148
User-Name = "guest10(a)cs.aau.dk"
Framed-MTU = 1400
Called-Station-Id = "0015.c729.9181"
Calling-Station-Id = "000f.2093.9f60"
Service-Type = Login-User
Message-Authenticator = 0x6d9f1ff8be15ec0f2b76175a47a684dd
EAP-Message = 0x0202001601677565737431304063732e6161752e646b
NAS-Port-Type = Wireless-802.11
NAS-Port = 348
NAS-IP-Address = 192.168.122.32
NAS-Identifier = "ap2"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
rlm_realm: Looking up realm "cs.aau.dk" for User-Name = "guest10(a)cs.aau.dk"
rlm_realm: Found realm "cs.aau.dk"
rlm_realm: Adding Stripped-User-Name = "guest10"
rlm_realm: Proxying request from user guest10 to realm cs.aau.dk
rlm_realm: Adding Realm = "cs.aau.dk"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: EAP packet type response id 2 length 22
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 0
rlm_ldap: - authorize
rlm_ldap: performing user authorization for guest10
radius_xlat: '(uid=guest10)'
radius_xlat: 'ou=Accounts,dc=cs,dc=aau,dc=dk'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to pdc.cs.aau.dk:636, authentication 0
rlm_ldap: setting TLS mode to 1
rlm_ldap: bind as cn=admin,ou=DSA,dc=cs,dc=aau,dc=dk/xxxxx to pdc.cs.aau.dk:636
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: performing search in ou=Accounts,dc=cs,dc=aau,dc=dk, with filter (uid=guest10)
rlm_ldap: checking if remote access for guest10 is allowed by uid
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user guest10 authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 0
modcall: leaving group authorize (returns updated) for request 0
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
modcall[authenticate]: module "eap" returns handled for request 0
modcall: leaving group authenticate (returns handled) for request 0
Sending Access-Challenge of id 61 to 192.168.122.32 port 1645
EAP-Message = 0x010300061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xc62ae1795c8aa7d4290ff3c0b7b1a00a
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.122.32:1645, id=62, length=256
User-Name = "guest10(a)cs.aau.dk"
Framed-MTU = 1400
Called-Station-Id = "0015.c729.9181"
Calling-Station-Id = "000f.2093.9f60"
Service-Type = Login-User
Message-Authenticator = 0x68cf38540bdeaeac88136e31b831b8c0
EAP-Message = 0x0203007019800000006616030100610100005d03014498e854c7ba58e9926f91433b8def48bcd3bb83b97ae144638bfb9571cd9c622088283e0b8e48b5a129de3e844bc957997f464a8b195929e29d3d00e41ec05e8c001600040005000a000900640062000300060013001200630100
NAS-Port-Type = Wireless-802.11
NAS-Port = 348
State = 0xc62ae1795c8aa7d4290ff3c0b7b1a00a
NAS-IP-Address = 192.168.122.32
NAS-Identifier = "ap2"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
modcall[authorize]: module "preprocess" returns ok for request 1
modcall[authorize]: module "chap" returns noop for request 1
modcall[authorize]: module "mschap" returns noop for request 1
rlm_realm: Looking up realm "cs.aau.dk" for User-Name = "guest10(a)cs.aau.dk"
rlm_realm: Found realm "cs.aau.dk"
rlm_realm: Adding Stripped-User-Name = "guest10"
rlm_realm: Proxying request from user guest10 to realm cs.aau.dk
rlm_realm: Adding Realm = "cs.aau.dk"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 1
rlm_eap: EAP packet type response id 3 length 112
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 1
rlm_ldap: - authorize
rlm_ldap: performing user authorization for guest10
radius_xlat: '(uid=guest10)'
radius_xlat: 'ou=Accounts,dc=cs,dc=aau,dc=dk'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=Accounts,dc=cs,dc=aau,dc=dk, with filter (uid=guest10)
rlm_ldap: checking if remote access for guest10 is allowed by uid
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user guest10 authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 1
modcall: leaving group authorize (returns updated) for request 1
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 1
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
(other): before/accept initialization
TLS_accept: before/accept initialization
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0061], ClientHello
TLS_accept: SSLv3 read client hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
TLS_accept: SSLv3 write server hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 05e0], Certificate
TLS_accept: SSLv3 write certificate A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
TLS_accept: SSLv3 write server done A
TLS_accept: SSLv3 flush data
TLS_accept:error in SSLv3 read client certificate A
rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0)
In SSL Handshake Phase
In SSL Accept mode
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 1
modcall: leaving group authenticate (returns handled) for request 1
Sending Access-Challenge of id 62 to 192.168.122.32 port 1645
EAP-Message = 0x0104040a19c00000063d160301004a0200004603014498e81749069dfc3d073f2fdef59db688ed50c8c0ae1394e8ed9af942d7de6f203b584811302e79d658c9549631d5d39cffec9723b9e5711853017fe57d7305dd00040016030105e00b0005dc0005d900028f3082028b308201f4a003020102020103300d06092a864886f70d01010505003074310b300906035504061302444b3110300e060355040813074a75746c616e643110300e0603550407130741616c626f7267311b3019060355040a131241616c626f726720556e697665727369747931243022060355040b131b436f6d707574657220536369656e6365204465706172746d656e74
EAP-Message = 0x301e170d3036303530393135353833305a170d3131303530383135353833305a308189310b300906035504061302444b3110300e060355040813074a75746c616e643110300e0603550407130741616c626f7267311b3019060355040a131241616c626f726720556e697665727369747931243022060355040b131b436f6d707574657220536369656e6365204465706172746d656e74311330110603550403130a6672656572616469757330819f300d06092a864886f70d010101050003818d0030818902818100b30924832ea6411d9a0834623d82bd03e9e714a273d4bbfa0a2b0bf076a0db66ab4b5a0074216dce8ec9e2b55e984f4cf901e632
EAP-Message = 0x2080638f435e29d16745e648f597f782eae00bb6f626dbc39a27aa3a8ebed8e501354e3484f3c0f07d94936ecde564a1a5e1d52102b5751f79c5b0abce9fd4cc5fc2a796f79c58c30405f7b30203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d0101050500038181004bfa2bab77567736b2f940125034ffbebad2fa4fdd1c5f832cc1dbca0f09fdb026038bd1ea635c96ea43b203be67406b60950a19f80bfb2e7cdbcc4e4d0e5fbcf7a9d77c1edfa8f847d187e3277ed34550dbcf1abcfceb97fad8c18acd14ddce48f77334162425959a8b3cd855e1d53a660ea43d7b11d69534fb731fad1dda21
EAP-Message = 0x00034430820340308202a9a003020102020900e9aa7ab489db156e300d06092a864886f70d01010505003074310b300906035504061302444b3110300e060355040813074a75746c616e643110300e0603550407130741616c626f7267311b3019060355040a131241616c626f726720556e697665727369747931243022060355040b131b436f6d707574657220536369656e6365204465706172746d656e74301e170d3036303530393134343331355a170d3136303530363134343331355a3074310b300906035504061302444b3110300e060355040813074a75746c616e643110300e0603550407130741616c626f7267311b3019060355040a13
EAP-Message = 0x1241616c626f726720556e6976657273697479312430
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xf0400f71d8f464e4673d628ae94e7397
Finished request 1
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.122.32:1645, id=63, length=150
User-Name = "guest10(a)cs.aau.dk"
Framed-MTU = 1400
Called-Station-Id = "0015.c729.9181"
Calling-Station-Id = "000f.2093.9f60"
Service-Type = Login-User
Message-Authenticator = 0xe2781fc2f07a9ec3d2d4566d4d729137
EAP-Message = 0x020400061900
NAS-Port-Type = Wireless-802.11
NAS-Port = 348
State = 0xf0400f71d8f464e4673d628ae94e7397
NAS-IP-Address = 192.168.122.32
NAS-Identifier = "ap2"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
modcall[authorize]: module "preprocess" returns ok for request 2
modcall[authorize]: module "chap" returns noop for request 2
modcall[authorize]: module "mschap" returns noop for request 2
rlm_realm: Looking up realm "cs.aau.dk" for User-Name = "guest10(a)cs.aau.dk"
rlm_realm: Found realm "cs.aau.dk"
rlm_realm: Adding Stripped-User-Name = "guest10"
rlm_realm: Proxying request from user guest10 to realm cs.aau.dk
rlm_realm: Adding Realm = "cs.aau.dk"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 2
rlm_eap: EAP packet type response id 4 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 2
rlm_ldap: - authorize
rlm_ldap: performing user authorization for guest10
radius_xlat: '(uid=guest10)'
radius_xlat: 'ou=Accounts,dc=cs,dc=aau,dc=dk'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=Accounts,dc=cs,dc=aau,dc=dk, with filter (uid=guest10)
rlm_ldap: checking if remote access for guest10 is allowed by uid
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user guest10 authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 2
modcall: leaving group authorize (returns updated) for request 2
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 2
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 2
modcall: leaving group authenticate (returns handled) for request 2
Sending Access-Challenge of id 63 to 192.168.122.32 port 1645
EAP-Message = 0x01050243190022060355040b131b436f6d707574657220536369656e6365204465706172746d656e7430819f300d06092a864886f70d010101050003818d0030818902818100cc9760212c6da3fb3ceb2cb47009b1ea2b04d711687965823d06f5a0e8d14675c4c4bc8403cbde33b5e60fc76b8a0dd626405c460b19594563d7a045defb07414913839889d4681a0bc0e956628fed52da7ea9127e809c464733e7fbd464b80f5685a60fdbec2d86f181813e70a7ab56bae7acf9d3d250b93dacb2f644f3f4ad0203010001a381d93081d6301d0603551d0e04160414f077e14958ba3b3a6fa2f0d531e70b9d473a96e93081a60603551d2304819e3081
EAP-Message = 0x9b8014f077e14958ba3b3a6fa2f0d531e70b9d473a96e9a178a4763074310b300906035504061302444b3110300e060355040813074a75746c616e643110300e0603550407130741616c626f7267311b3019060355040a131241616c626f726720556e697665727369747931243022060355040b131b436f6d707574657220536369656e6365204465706172746d656e74820900e9aa7ab489db156e300c0603551d13040530030101ff300d06092a864886f70d01010505000381810050c867731b3b237f56561764f84d5a0c8433c8076585841ebf11c3aafad5faa0e0ff198c9b6d98c583d5284d93dda282f0949c69461fd4e5666fefd9a1619411
EAP-Message = 0x364fecb7f81ab08bd9be02084f7c0abbe9be3b90499588e29d15708513815fb1571e34621aceac7d702b8bf0d07e332b5c8e524a964109613be254583ef286cd16030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xdf5257eba7c2f430d490fb96ba1055de
Finished request 2
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.122.32:1645, id=64, length=336
User-Name = "guest10(a)cs.aau.dk"
Framed-MTU = 1400
Called-Station-Id = "0015.c729.9181"
Calling-Station-Id = "000f.2093.9f60"
Service-Type = Login-User
Message-Authenticator = 0xc5ab87b22101604f8ba002315c80b951
EAP-Message = 0x020500c01980000000b6160301008610000082008071b69d4bda80b0a37f7c0ab9a8fa830f4debe662413e95321ca6dbb83173ededed45d69777928ee1aad3b6de3c8e41212c04cd49af5dedf29951f015a6ca4f6c9a00bbef06475dff5ac86b4255a5fb5db3368667c7a371b9b08d26de777746c42e7e9c25f7dc7229a0d58f1b6229b83590bb3ec325dee94a86e232307cf991be140301000101160301002011479ea5cf95c5342cc3ffae6a9357392bf16062e595591e2fecdc090f6bf3f2
NAS-Port-Type = Wireless-802.11
NAS-Port = 348
State = 0xdf5257eba7c2f430d490fb96ba1055de
NAS-IP-Address = 192.168.122.32
NAS-Identifier = "ap2"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 3
modcall[authorize]: module "preprocess" returns ok for request 3
modcall[authorize]: module "chap" returns noop for request 3
modcall[authorize]: module "mschap" returns noop for request 3
rlm_realm: Looking up realm "cs.aau.dk" for User-Name = "guest10(a)cs.aau.dk"
rlm_realm: Found realm "cs.aau.dk"
rlm_realm: Adding Stripped-User-Name = "guest10"
rlm_realm: Proxying request from user guest10 to realm cs.aau.dk
rlm_realm: Adding Realm = "cs.aau.dk"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 3
rlm_eap: EAP packet type response id 5 length 192
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 3
rlm_ldap: - authorize
rlm_ldap: performing user authorization for guest10
radius_xlat: '(uid=guest10)'
radius_xlat: 'ou=Accounts,dc=cs,dc=aau,dc=dk'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=Accounts,dc=cs,dc=aau,dc=dk, with filter (uid=guest10)
rlm_ldap: checking if remote access for guest10 is allowed by uid
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user guest10 authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 3
modcall: leaving group authorize (returns updated) for request 3
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 3
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
TLS_accept: SSLv3 read client key exchange A
rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001]
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 read finished A
rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001]
TLS_accept: SSLv3 write change cipher spec A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 write finished A
TLS_accept: SSLv3 flush data
(other): SSL negotiation finished successfully
rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0)
SSL Connection Established
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 3
modcall: leaving group authenticate (returns handled) for request 3
Sending Access-Challenge of id 64 to 192.168.122.32 port 1645
EAP-Message = 0x0106003119001403010001011603010020ffc3017da415f531022d9a0a5b5a802ba23a164e76fdd03987fcc5592ba0a46e
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x5b43cd3d8064fc01c2f2fa4e18891710
Finished request 3
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.122.32:1645, id=65, length=150
User-Name = "guest10(a)cs.aau.dk"
Framed-MTU = 1400
Called-Station-Id = "0015.c729.9181"
Calling-Station-Id = "000f.2093.9f60"
Service-Type = Login-User
Message-Authenticator = 0x4e1e320a71ad631b17a9ec5a5d12c1ce
EAP-Message = 0x020600061900
NAS-Port-Type = Wireless-802.11
NAS-Port = 348
State = 0x5b43cd3d8064fc01c2f2fa4e18891710
NAS-IP-Address = 192.168.122.32
NAS-Identifier = "ap2"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 4
modcall[authorize]: module "preprocess" returns ok for request 4
modcall[authorize]: module "chap" returns noop for request 4
modcall[authorize]: module "mschap" returns noop for request 4
rlm_realm: Looking up realm "cs.aau.dk" for User-Name = "guest10(a)cs.aau.dk"
rlm_realm: Found realm "cs.aau.dk"
rlm_realm: Adding Stripped-User-Name = "guest10"
rlm_realm: Proxying request from user guest10 to realm cs.aau.dk
rlm_realm: Adding Realm = "cs.aau.dk"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 4
rlm_eap: EAP packet type response id 6 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 4
rlm_ldap: - authorize
rlm_ldap: performing user authorization for guest10
radius_xlat: '(uid=guest10)'
radius_xlat: 'ou=Accounts,dc=cs,dc=aau,dc=dk'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=Accounts,dc=cs,dc=aau,dc=dk, with filter (uid=guest10)
rlm_ldap: checking if remote access for guest10 is allowed by uid
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user guest10 authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 4
modcall: leaving group authorize (returns updated) for request 4
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 4
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake is finished
eaptls_verify returned 3
eaptls_process returned 3
rlm_eap_peap: EAPTLS_SUCCESS
modcall[authenticate]: module "eap" returns handled for request 4
modcall: leaving group authenticate (returns handled) for request 4
Sending Access-Challenge of id 65 to 192.168.122.32 port 1645
EAP-Message = 0x010700201900170301001564ab7676ece7efb7b2cb88708cf0b7e17651cb23d8
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x5c294841288a361fade916d6dee8fc09
Finished request 4
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.122.32:1645, id=66, length=189
User-Name = "guest10(a)cs.aau.dk"
Framed-MTU = 1400
Called-Station-Id = "0015.c729.9181"
Calling-Station-Id = "000f.2093.9f60"
Service-Type = Login-User
Message-Authenticator = 0xf4fe2a81fd842c6a362f158d30d84b24
EAP-Message = 0x0207002d19001703010022aae375b4b000aebb976c90a6058c91a776bfced8f2985de2586273d66fb58225f772
NAS-Port-Type = Wireless-802.11
NAS-Port = 348
State = 0x5c294841288a361fade916d6dee8fc09
NAS-IP-Address = 192.168.122.32
NAS-Identifier = "ap2"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 5
modcall[authorize]: module "preprocess" returns ok for request 5
modcall[authorize]: module "chap" returns noop for request 5
modcall[authorize]: module "mschap" returns noop for request 5
rlm_realm: Looking up realm "cs.aau.dk" for User-Name = "guest10(a)cs.aau.dk"
rlm_realm: Found realm "cs.aau.dk"
rlm_realm: Adding Stripped-User-Name = "guest10"
rlm_realm: Proxying request from user guest10 to realm cs.aau.dk
rlm_realm: Adding Realm = "cs.aau.dk"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 5
rlm_eap: EAP packet type response id 7 length 45
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 5
rlm_ldap: - authorize
rlm_ldap: performing user authorization for guest10
radius_xlat: '(uid=guest10)'
radius_xlat: 'ou=Accounts,dc=cs,dc=aau,dc=dk'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=Accounts,dc=cs,dc=aau,dc=dk, with filter (uid=guest10)
rlm_ldap: checking if remote access for guest10 is allowed by uid
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user guest10 authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 5
modcall: leaving group authorize (returns updated) for request 5
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 5
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: Identity - guest10(a)cs.aau.dk
rlm_eap_peap: Tunneled data is valid.
PEAP: Got tunneled identity of guest10(a)cs.aau.dk
PEAP: Setting default EAP type for tunneled EAP session.
PEAP: Setting User-Name to guest10(a)cs.aau.dk
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 5
modcall[authorize]: module "preprocess" returns ok for request 5
modcall[authorize]: module "chap" returns noop for request 5
modcall[authorize]: module "mschap" returns noop for request 5
rlm_realm: Looking up realm "cs.aau.dk" for User-Name = "guest10(a)cs.aau.dk"
rlm_realm: Found realm "cs.aau.dk"
rlm_realm: Adding Stripped-User-Name = "guest10"
rlm_realm: Proxying request from user guest10 to realm cs.aau.dk
rlm_realm: Adding Realm = "cs.aau.dk"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 5
rlm_eap: EAP packet type response id 7 length 22
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 5
rlm_ldap: - authorize
rlm_ldap: performing user authorization for guest10
radius_xlat: '(uid=guest10)'
radius_xlat: 'ou=Accounts,dc=cs,dc=aau,dc=dk'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=Accounts,dc=cs,dc=aau,dc=dk, with filter (uid=guest10)
rlm_ldap: checking if remote access for guest10 is allowed by uid
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user guest10 authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 5
modcall: leaving group authorize (returns updated) for request 5
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 5
rlm_eap: EAP Identity
rlm_eap: processing type mschapv2
rlm_eap_mschapv2: Issuing Challenge
modcall[authenticate]: module "eap" returns handled for request 5
modcall: leaving group authenticate (returns handled) for request 5
PEAP: Got tunneled Access-Challenge
modcall[authenticate]: module "eap" returns handled for request 5
modcall: leaving group authenticate (returns handled) for request 5
Sending Access-Challenge of id 66 to 192.168.122.32 port 1645
EAP-Message = 0x0108004219001703010037ee66f237337386ba24a8dc0421f217181ed1f28332b96e9c267fce5437a43a5617b66ae51dd1adeda0b39dd6386296e86525d62ff19025
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x4ae826703a54f4de0b4115b6c34aa9f3
Finished request 5
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.122.32:1645, id=67, length=243
User-Name = "guest10(a)cs.aau.dk"
Framed-MTU = 1400
Called-Station-Id = "0015.c729.9181"
Calling-Station-Id = "000f.2093.9f60"
Service-Type = Login-User
Message-Authenticator = 0x4bcd3b5231a96c088823ad3c798abe51
EAP-Message = 0x0208006319001703010058d6a83493b54b2afd6bd139f8c0a3c56eecce1cf2de36f241d94811f51c4b960f52a5a3024a36314431d2a615088912a075353845599d18c8c4bde76f08b09d69738372aa6100cf5cf2093801b270075612a9ececa3ab7b5d
NAS-Port-Type = Wireless-802.11
NAS-Port = 348
State = 0x4ae826703a54f4de0b4115b6c34aa9f3
NAS-IP-Address = 192.168.122.32
NAS-Identifier = "ap2"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 6
modcall[authorize]: module "preprocess" returns ok for request 6
modcall[authorize]: module "chap" returns noop for request 6
modcall[authorize]: module "mschap" returns noop for request 6
rlm_realm: Looking up realm "cs.aau.dk" for User-Name = "guest10(a)cs.aau.dk"
rlm_realm: Found realm "cs.aau.dk"
rlm_realm: Adding Stripped-User-Name = "guest10"
rlm_realm: Proxying request from user guest10 to realm cs.aau.dk
rlm_realm: Adding Realm = "cs.aau.dk"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 6
rlm_eap: EAP packet type response id 8 length 99
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 6
rlm_ldap: - authorize
rlm_ldap: performing user authorization for guest10
radius_xlat: '(uid=guest10)'
radius_xlat: 'ou=Accounts,dc=cs,dc=aau,dc=dk'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=Accounts,dc=cs,dc=aau,dc=dk, with filter (uid=guest10)
rlm_ldap: checking if remote access for guest10 is allowed by uid
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user guest10 authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 6
modcall: leaving group authorize (returns updated) for request 6
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 6
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: EAP type mschapv2
rlm_eap_peap: Tunneled data is valid.
PEAP: Setting User-Name to guest10(a)cs.aau.dk
PEAP: Adding old state with 6d e3
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 6
modcall[authorize]: module "preprocess" returns ok for request 6
modcall[authorize]: module "chap" returns noop for request 6
modcall[authorize]: module "mschap" returns noop for request 6
rlm_realm: Looking up realm "cs.aau.dk" for User-Name = "guest10(a)cs.aau.dk"
rlm_realm: Found realm "cs.aau.dk"
rlm_realm: Adding Stripped-User-Name = "guest10"
rlm_realm: Proxying request from user guest10 to realm cs.aau.dk
rlm_realm: Adding Realm = "cs.aau.dk"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 6
rlm_eap: EAP packet type response id 8 length 76
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 6
rlm_ldap: - authorize
rlm_ldap: performing user authorization for guest10
radius_xlat: '(uid=guest10)'
radius_xlat: 'ou=Accounts,dc=cs,dc=aau,dc=dk'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=Accounts,dc=cs,dc=aau,dc=dk, with filter (uid=guest10)
rlm_ldap: checking if remote access for guest10 is allowed by uid
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user guest10 authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 6
modcall: leaving group authorize (returns updated) for request 6
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 6
rlm_eap: Request found, released from the list
rlm_eap: EAP/mschapv2
rlm_eap: processing type mschapv2
Processing the authenticate section of radiusd.conf
modcall: entering group MS-CHAP for request 6
rlm_mschap: No User-Password configured. Cannot create LM-Password.
rlm_mschap: No User-Password configured. Cannot create NT-Password.
rlm_mschap: Told to do MS-CHAPv2 for guest10(a)cs.aau.dk with NT-Password
radius_xlat: Running registered xlat function of module mschap for string 'Challenge'
mschap2: 4b
radius_xlat: Running registered xlat function of module mschap for string 'NT-Response'
radius_xlat: '/q/disk_0/samba/bin/ntlm_auth --request-nt-key --username=guest10 --challenge=92f8502315992439 --nt-response=1322cac37f44c9c94ba2927766cf7a47084dc758fc0badc4'
Exec-Program: /q/disk_0/samba/bin/ntlm_auth --request-nt-key --username=guest10 --challenge=92f8502315992439 --nt-response=1322cac37f44c9c94ba2927766cf7a47084dc758fc0badc4
Exec-Program output: NT_KEY: C940054D24058EB8F249BBD458AD700E
Exec-Program-Wait: plaintext: NT_KEY: C940054D24058EB8F249BBD458AD700E
Exec-Program: returned: 0
rlm_mschap: adding MS-CHAPv2 MPPE keys
modcall[authenticate]: module "mschap" returns ok for request 6
modcall: leaving group MS-CHAP (returns ok) for request 6
MSCHAP Success
modcall[authenticate]: module "eap" returns handled for request 6
modcall: leaving group authenticate (returns handled) for request 6
PEAP: Got tunneled Access-Challenge
modcall[authenticate]: module "eap" returns handled for request 6
modcall: leaving group authenticate (returns handled) for request 6
Sending Access-Challenge of id 67 to 192.168.122.32 port 1645
EAP-Message = 0x0109004a1900170301003f4edab2ab6535cd05b5e6d0e37cf80440eb5418c86fc760b3e0bc7fd04dc7e96ceed7bedc6f39154b668c399019185b0e5d65c26fb3fb15525d864f96ed77d5
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x91db25be408a393a4c9a032a3c2e2d10
Finished request 6
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.122.32:1645, id=68, length=173
User-Name = "guest10(a)cs.aau.dk"
Framed-MTU = 1400
Called-Station-Id = "0015.c729.9181"
Calling-Station-Id = "000f.2093.9f60"
Service-Type = Login-User
Message-Authenticator = 0x8bb1fe1cf45835c57876ccb557b29053
EAP-Message = 0x0209001d19001703010012d3e80445602235c1be37caa9839ec80dfb21
NAS-Port-Type = Wireless-802.11
NAS-Port = 348
State = 0x91db25be408a393a4c9a032a3c2e2d10
NAS-IP-Address = 192.168.122.32
NAS-Identifier = "ap2"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 7
modcall[authorize]: module "preprocess" returns ok for request 7
modcall[authorize]: module "chap" returns noop for request 7
modcall[authorize]: module "mschap" returns noop for request 7
rlm_realm: Looking up realm "cs.aau.dk" for User-Name = "guest10(a)cs.aau.dk"
rlm_realm: Found realm "cs.aau.dk"
rlm_realm: Adding Stripped-User-Name = "guest10"
rlm_realm: Proxying request from user guest10 to realm cs.aau.dk
rlm_realm: Adding Realm = "cs.aau.dk"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 7
rlm_eap: EAP packet type response id 9 length 29
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 7
rlm_ldap: - authorize
rlm_ldap: performing user authorization for guest10
radius_xlat: '(uid=guest10)'
radius_xlat: 'ou=Accounts,dc=cs,dc=aau,dc=dk'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=Accounts,dc=cs,dc=aau,dc=dk, with filter (uid=guest10)
rlm_ldap: checking if remote access for guest10 is allowed by uid
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user guest10 authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 7
modcall: leaving group authorize (returns updated) for request 7
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 7
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: EAP type mschapv2
rlm_eap_peap: Tunneled data is valid.
PEAP: Setting User-Name to guest10(a)cs.aau.dk
PEAP: Adding old state with c3 03
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 7
modcall[authorize]: module "preprocess" returns ok for request 7
modcall[authorize]: module "chap" returns noop for request 7
modcall[authorize]: module "mschap" returns noop for request 7
rlm_realm: Looking up realm "cs.aau.dk" for User-Name = "guest10(a)cs.aau.dk"
rlm_realm: Found realm "cs.aau.dk"
rlm_realm: Adding Stripped-User-Name = "guest10"
rlm_realm: Proxying request from user guest10 to realm cs.aau.dk
rlm_realm: Adding Realm = "cs.aau.dk"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 7
rlm_eap: EAP packet type response id 9 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 7
rlm_ldap: - authorize
rlm_ldap: performing user authorization for guest10
radius_xlat: '(uid=guest10)'
radius_xlat: 'ou=Accounts,dc=cs,dc=aau,dc=dk'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=Accounts,dc=cs,dc=aau,dc=dk, with filter (uid=guest10)
rlm_ldap: checking if remote access for guest10 is allowed by uid
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user guest10 authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 7
modcall: leaving group authorize (returns updated) for request 7
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 7
rlm_eap: Request found, released from the list
rlm_eap: EAP/mschapv2
rlm_eap: processing type mschapv2
rlm_eap: Freeing handler
modcall[authenticate]: module "eap" returns ok for request 7
modcall: leaving group authenticate (returns ok) for request 7
Login OK: [guest10(a)cs.aau.dk] (from client localhost port 0)
PEAP: Tunneled authentication was successful.
rlm_eap_peap: SUCCESS
modcall[authenticate]: module "eap" returns handled for request 7
modcall: leaving group authenticate (returns handled) for request 7
Sending Access-Challenge of id 68 to 192.168.122.32 port 1645
EAP-Message = 0x010a00261900170301001b23f5fd8c34da57125bca62097763a709e6f242b22f404dc707a437
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xaa16f80f99772db86aa1c9b9d12951b1
Finished request 7
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.122.32:1645, id=69, length=182
User-Name = "guest10(a)cs.aau.dk"
Framed-MTU = 1400
Called-Station-Id = "0015.c729.9181"
Calling-Station-Id = "000f.2093.9f60"
Service-Type = Login-User
Message-Authenticator = 0xceec87fbe7850d0515dab5a31215c281
EAP-Message = 0x020a00261900170301001b33f9521d112cd79adeeaa3fe4018589e325b1ed0fb27f3f52052a3
NAS-Port-Type = Wireless-802.11
NAS-Port = 348
State = 0xaa16f80f99772db86aa1c9b9d12951b1
NAS-IP-Address = 192.168.122.32
NAS-Identifier = "ap2"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 8
modcall[authorize]: module "preprocess" returns ok for request 8
modcall[authorize]: module "chap" returns noop for request 8
modcall[authorize]: module "mschap" returns noop for request 8
rlm_realm: Looking up realm "cs.aau.dk" for User-Name = "guest10(a)cs.aau.dk"
rlm_realm: Found realm "cs.aau.dk"
rlm_realm: Adding Stripped-User-Name = "guest10"
rlm_realm: Proxying request from user guest10 to realm cs.aau.dk
rlm_realm: Adding Realm = "cs.aau.dk"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 8
rlm_eap: EAP packet type response id 10 length 38
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 8
rlm_ldap: - authorize
rlm_ldap: performing user authorization for guest10
radius_xlat: '(uid=guest10)'
radius_xlat: 'ou=Accounts,dc=cs,dc=aau,dc=dk'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=Accounts,dc=cs,dc=aau,dc=dk, with filter (uid=guest10)
rlm_ldap: checking if remote access for guest10 is allowed by uid
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user guest10 authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 8
modcall: leaving group authorize (returns updated) for request 8
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 8
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: Received EAP-TLV response.
rlm_eap_peap: Tunneled data is valid.
rlm_eap_peap: Success
rlm_eap: Freeing handler
modcall[authenticate]: module "eap" returns ok for request 8
modcall: leaving group authenticate (returns ok) for request 8
Login OK: [guest10(a)cs.aau.dk] (from client ap2 port 348 cli 000f.2093.9f60)
Sending Access-Accept of id 69 to 192.168.122.32 port 1645
MS-MPPE-Recv-Key = 0x3b11f0200048eacb63576c939989267c503e8d7854209192690645d6bbd05061
MS-MPPE-Send-Key = 0xfd4248e5981e86309b3f86bd87730462eb70bb84989cd8ea74b2ec2861368a79
EAP-Message = 0x030a0004
Message-Authenticator = 0x00000000000000000000000000000000
User-Name = "guest10"
Finished request 8
Going to the next request
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 61 with timestamp 4498e817
Cleaning up request 1 ID 62 with timestamp 4498e817
Cleaning up request 2 ID 63 with timestamp 4498e817
Cleaning up request 3 ID 64 with timestamp 4498e817
Cleaning up request 4 ID 65 with timestamp 4498e817
Cleaning up request 5 ID 66 with timestamp 4498e817
Cleaning up request 6 ID 67 with timestamp 4498e817
Cleaning up request 7 ID 68 with timestamp 4498e817
Cleaning up request 8 ID 69 with timestamp 4498e817
Nothing to do. Sleeping until we see a request.
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/priv/freeradius-1.1.2/etc/raddb/proxy.conf
Config: including file: /usr/priv/freeradius-1.1.2/etc/raddb/clients.conf
Config: including file: /usr/priv/freeradius-1.1.2/etc/raddb/snmp.conf
Config: including file: /usr/priv/freeradius-1.1.2/etc/raddb/eap.conf
Config: including file: /usr/priv/freeradius-1.1.2/etc/raddb/sql.conf
main: prefix = "/usr/priv/freeradius-1.1.2"
main: localstatedir = "/usr/priv/freeradius-1.1.2/var"
main: logdir = "/usr/priv/freeradius-1.1.2/var/log/radius"
main: libdir = "/usr/priv/freeradius-1.1.2/lib"
main: radacctdir = "/usr/priv/freeradius-1.1.2/var/log/radius/radacct"
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 1812
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = "/usr/priv/freeradius-1.1.2/var/log/radius/radius.log"
main: log_auth = no
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile = "/usr/priv/freeradius-1.1.2/var/run/radiusd/radiusd.pid"
main: bind_address = 130.225.52.58 IP address [130.225.52.58]
main: user = "pack"
main: group = "pack"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: checkrad = "/usr/priv/freeradius-1.1.2/sbin/checkrad"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = no
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /usr/priv/freeradius-1.1.2/lib
Module: Loaded exec
exec: wait = yes
exec: program = "(null)"
exec: input_pairs = "request"
exec: output_pairs = "(null)"
exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = "crypt"
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: with_ntdomain_hack = no
mschap: passwd = "(null)"
mschap: ntlm_auth = "(null)"
Module: Instantiated mschap (mschap)
Module: Loaded System
unix: cache = no
unix: passwd = "(null)"
unix: shadow = "(null)"
unix: group = "(null)"
unix: radwtmp = "/usr/priv/freeradius-1.1.2/var/log/radius/radwtmp"
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded preprocess
preprocess: huntgroups = "/usr/priv/freeradius-1.1.2/etc/raddb/huntgroups"
preprocess: hints = "/usr/priv/freeradius-1.1.2/etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
realm: ignore_default = no
realm: ignore_null = no
Module: Instantiated realm (suffix)
Module: Loaded files
files: usersfile = "/usr/priv/freeradius-1.1.2/etc/raddb/users"
files: acctusersfile = "/usr/priv/freeradius-1.1.2/etc/raddb/acct_users"
files: preproxy_usersfile = "/usr/priv/freeradius-1.1.2/etc/raddb/preproxy_users"
files: compat = "no"
Module: Instantiated files (files)
Module: Loaded Acct-Unique-Session-Id
acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded detail
detail: detailfile = "/usr/priv/freeradius-1.1.2/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename = "/usr/priv/freeradius-1.1.2/var/log/radius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: case_sensitive = yes
radutmp: check_with_nas = yes
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Module: Loaded eap
eap: default_eap_type = "tls"
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
tls: rsa_key_exchange = no
tls: dh_key_exchange = yes
tls: rsa_key_length = 512
tls: dh_key_length = 512
tls: verify_depth = 0
tls: CA_path = "(null)"
tls: pem_file_type = yes
tls: private_key_file = "/usr/priv/freeradius-1.1.2/etc/raddb/certs/radius.key"
tls: certificate_file = "/usr/priv/freeradius-1.1.2/etc/raddb/certs/radius.pem"
tls: CA_file = "/usr/priv/freeradius-1.1.2/etc/raddb/certs/cacert.pem"
tls: private_key_password = "(null)"
tls: dh_file = "/usr/priv/freeradius-1.1.2/etc/raddb/certs/dh"
tls: random_file = "/usr/priv/freeradius-1.1.2/etc/raddb/certs/random"
tls: fragment_size = 1024
tls: include_length = yes
tls: check_crl = no
tls: check_cert_cn = "(null)"
tls: cipher_list = "(null)"
tls: check_cert_issuer = "(null)"
rlm_eap_tls: Loading the certificate file as a chain
rlm_eap: Loaded and initialized type tls
ttls: default_eap_type = "md5"
ttls: copy_request_to_tunnel = no
ttls: use_tunneled_reply = no
rlm_eap: Loaded and initialized type ttls
peap: default_eap_type = "mschapv2"
peap: copy_request_to_tunnel = no
peap: use_tunneled_reply = no
peap: proxy_tunneled_request_as_eap = yes
rlm_eap: Loaded and initialized type peap
mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Listening on authentication 130.225.52.58:1812
Listening on accounting 130.225.52.58:1813
Listening on proxy 130.225.52.58:1814
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.122.32:1645, id=80, length=148
User-Name = "guest10(a)cs.aau.dk"
Framed-MTU = 1400
Called-Station-Id = "0015.c729.9180"
Calling-Station-Id = "000f.2093.9f60"
Service-Type = Login-User
Message-Authenticator = 0xa2d5b0c1608a1d2d89a66fa41a7f03c9
EAP-Message = 0x0202001601677565737431304063732e6161752e646b
NAS-Port-Type = Wireless-802.11
NAS-Port = 353
NAS-IP-Address = 192.168.122.32
NAS-Identifier = "ap2"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
rlm_realm: Looking up realm "cs.aau.dk" for User-Name = "guest10(a)cs.aau.dk"
rlm_realm: Found realm "cs.aau.dk"
rlm_realm: Proxying request from user guest10 to realm cs.aau.dk
rlm_realm: Adding Realm = "cs.aau.dk"
rlm_realm: Preparing to proxy authentication request to realm "cs.aau.dk"
modcall[authorize]: module "suffix" returns updated for request 0
users: Matched entry DEFAULT at line 153
users: Matched entry DEFAULT at line 155
modcall[authorize]: module "files" returns ok for request 0
modcall: leaving group authorize (returns updated) for request 0
Sending Access-Request of id 0 to 130.225.194.5 port 1782
User-Name = "guest10(a)cs.aau.dk"
Framed-MTU = 1400
Called-Station-Id = "0015.c729.9180"
Calling-Station-Id = "000f.2093.9f60"
Service-Type = Login-User
Message-Authenticator = 0x00000000000000000000000000000000
EAP-Message = 0x0202001601677565737431304063732e6161752e646b
NAS-Port-Type = Wireless-802.11
NAS-Port = 353
NAS-IP-Address = 192.168.122.32
NAS-Identifier = "ap2"
Proxy-State = 0x3830
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Challenge packet from host 130.225.194.5:1782, id=0, length=68
EAP-Message = 0x010300061920
Message-Authenticator = 0x5dd2782ec2e80055cc9226ee5fc548d6
State = 0xff2aa2e2b3383c8094b601e9c2db657c
Proxy-State = 0x3830
Processing the post-proxy section of radiusd.conf
modcall: entering group post-proxy for request 0
modcall[post-proxy]: module "eap" returns noop for request 0
modcall: leaving group post-proxy (returns noop) for request 0
Sending Access-Challenge of id 80 to 192.168.122.32 port 1645
EAP-Message = 0x010300061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xff2aa2e2b3383c8094b601e9c2db657c
Finished request 0
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.122.32:1645, id=80, length=148
Sending duplicate reply to client ap2:1645 - ID: 80
Re-sending Access-Challenge of id 80 to 192.168.122.32 port 1645
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 80 with timestamp 4498eb96
Nothing to do. Sleeping until we see a request.
rad_recv: Access-Request packet from host 192.168.122.32:1645, id=80, length=148
User-Name = "guest10(a)cs.aau.dk"
Framed-MTU = 1400
Called-Station-Id = "0015.c729.9180"
Calling-Station-Id = "000f.2093.9f60"
Service-Type = Login-User
Message-Authenticator = 0xa2d5b0c1608a1d2d89a66fa41a7f03c9
EAP-Message = 0x0202001601677565737431304063732e6161752e646b
NAS-Port-Type = Wireless-802.11
NAS-Port = 353
NAS-IP-Address = 192.168.122.32
NAS-Identifier = "ap2"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
modcall[authorize]: module "preprocess" returns ok for request 1
rlm_realm: Looking up realm "cs.aau.dk" for User-Name = "guest10(a)cs.aau.dk"
rlm_realm: Found realm "cs.aau.dk"
rlm_realm: Proxying request from user guest10 to realm cs.aau.dk
rlm_realm: Adding Realm = "cs.aau.dk"
rlm_realm: Preparing to proxy authentication request to realm "cs.aau.dk"
modcall[authorize]: module "suffix" returns updated for request 1
users: Matched entry DEFAULT at line 153
users: Matched entry DEFAULT at line 155
modcall[authorize]: module "files" returns ok for request 1
modcall: leaving group authorize (returns updated) for request 1
Sending Access-Request of id 1 to 130.225.194.5 port 1782
User-Name = "guest10(a)cs.aau.dk"
Framed-MTU = 1400
Called-Station-Id = "0015.c729.9180"
Calling-Station-Id = "000f.2093.9f60"
Service-Type = Login-User
Message-Authenticator = 0x00000000000000000000000000000000
EAP-Message = 0x0202001601677565737431304063732e6161752e646b
NAS-Port-Type = Wireless-802.11
NAS-Port = 353
NAS-IP-Address = 192.168.122.32
NAS-Identifier = "ap2"
Proxy-State = 0x3830
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Challenge packet from host 130.225.194.5:1782, id=1, length=68
EAP-Message = 0x010300061920
Message-Authenticator = 0x033ff05c9d7efe2efe613a985a0b6fb9
State = 0x636421d236e97c2c6fbb4ee39070fb77
Proxy-State = 0x3830
Processing the post-proxy section of radiusd.conf
modcall: entering group post-proxy for request 1
modcall[post-proxy]: module "eap" returns noop for request 1
modcall: leaving group post-proxy (returns noop) for request 1
Sending Access-Challenge of id 80 to 192.168.122.32 port 1645
EAP-Message = 0x010300061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x636421d236e97c2c6fbb4ee39070fb77
Finished request 1
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.122.32:1645, id=80, length=148
Sending duplicate reply to client ap2:1645 - ID: 80
Re-sending Access-Challenge of id 80 to 192.168.122.32 port 1645
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 1 ID 80 with timestamp 4498eba1
Nothing to do. Sleeping until we see a request.
3
4
Hi,
I have a possible bug in Nomadix devices but I am not sure and it is a
RADIUS problem. These hotspots normally works fairly, however some of them
sometimes have a strange behavior. Nomadix sends more then one
authentication requests to RADIUS server for disconnecting. It write the
same entry several times in my DB, this fact corrupts my stadistics.
I send you several accounts in the attachment with this case in a same
hotspot Nomadix.
_________________________________________________________________
¿Estás pensando en cambiar de coche? Todas los modelos de serie y extras en
MSN Motor. http://motor.msn.es/researchcentre/
1
0
hi,
I configure freeradius with Sql and ldap.
The base ldap contains the login and the password of 15000 users and any
other parameter.
And I will wish to aply parameters with these users (but not in the base
ldap, for example in the file users, or the base postgresql) The
base postgresql contains specific users with particular rights.
Thus I will wish to test the authenticate in the base ldap, if it is not
in this base one looks in the base postgresql.
Is what it is realizable with only one waiter radius? And so yes how to
make. Thank you
1
0
Hi,
> Freeradius. I still get the same error message on startup regarding no
> file for TLS.
>
> I have searched the Debian site, the Freeradius site, and the web in
> general and cannot seem to find out how to fix this.
>
> Does anyone know?
How should we? You don't even tell us what the error is. "OMG, an error!" is
not enough to effectively help you.
Please stick to the common, well-documented process of posting your log files.
Greetings,
Stefan Winter
--
Stefan WINTER
Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de
la Recherche
Ingenieur Forschung & Entwicklung
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg
E-Mail: stefan.winter(a)restena.lu Tel.: +352 424409-1
http://www.restena.lu Fax: +352 422473
1
0
Hi,
Any one know does freeradius-1.1.1 support ldap credential caching? If so,
how do i configure it ?
Please reply me.
Thanks,
Andulo Patel
1
0
I am writing to see if anyone on the list is using Alvarion breezeAcess
radios with free radius for accounting? If can you give me a helping hand, I
am trying to get freeradius to understand what the radios is sending and
have it mapped the attributes to the right sql fields.
I can send some debug data if needed . We are in Russia working on a project
for schools kids and the orphanges and we need ot account trafice with our
network of Alvarion radios !!!!
--
Robert Dukes
1
0
Hello,
I am attempting to use the latest Debian build with Freeradius and
cannot seem to get PEAP/TLS/TTLS to work. I have even gone as far as
reloading the box fresh and installing the sources of OpenSSL and then
Freeradius. I still get the same error message on startup regarding no
file for TLS.
I have searched the Debian site, the Freeradius site, and the web in
general and cannot seem to find out how to fix this.
Does anyone know?
Thanks.
1
0
Hi,
What i would like to do is send an attribute in the radius answer but
only for proxied request. When the reply comes back from a distant
radius server, I would like to add something like :
Filter-ID = "Enterasys:version=1:policy=test".
But i want to add this only for proxied users which means i cannot
use (I suppose) the users file.
is there a way to do it?
Thank you.
1
0
Hi,
i had a problem with auth in my freeradius, i used a pci wireless
airlink 802.11 b/g, authing with wpa/tkip/tls, but not work.
The error "no user/password atribute" appear to me.
I try to change my pci wireless to Dlink Dwl-Ag530 authing with
wpa/tkip/ttls and WORK.
But i need to TLS working because this pci Dlink it's too expensive, and
airlink not support TTLS.
Anyone Can help-me or give-me another solution.......
Thank's A Lot........
Emerson
2
1