Freeradius-Users
Threads by month
- ----- 2026 -----
- July
- June
- May
- April
- March
- February
- January
- ----- 2025 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
September 2009
- 147 participants
- 224 discussions
What are the value constraints on Total Data throughput values. Ie, is it 500000 for 500mb or is everything assumed as a MB value so 500 = 500mb ?
Also how to implement the plans onto users. Seems that when I try to add them it wont allow it.
Regards,
[cid:image001.jpg@01CA35E6.652193D0]<http://www.novaitgroup.com.au/>
iT WHOLESALE . iT CONSULTING . iT RECYCLING
your trusted iT partner
Scott Bryant
Support Engineer
Hume Business Centre
1473 Sydney Road
Suite 102, Level 1
Campbellfield, VIC 3061
tel:
+61 3 9357 4655
ScottB(a)novaitgroup.com.au<mailto:ScottB@novaitgroup.com.au>
fax:
+61 3 9357 4699
www.novaitgroup.com.au<http://www.novaitgroup.com.au>
Mobile:
+61 (0) 406 94 30 30
[cid:image002.jpg@01CA35E6.652193D0]
[cid:image003.jpg@01CA35E6.652193D0]
Top 10 Finalist for the
Best Young Gun in Business
[cid:image004.jpg@01CA35E6.652193D0]
---------- Internet E-mail Confidentiality Disclaimer -------------------------------------------------------------
Privileged and confidential information may be contained in this message. If you are not the addressee indicated in this message or the employee or agent responsible for delivering it to the addressee, you are hereby on notice that you are in possession of confidential and privileged information. Any dissemination, distribution, or copying of this e-mail is strictly prohibited. In such case, you should destroy this message and kindly notify the sender by reply e-mail. Please advise immediately if you or your employer do not consent to Internet email for messages of this kind. Opinions, conclusions, and other information in this message that do not relate to the official business of this firm shall be understood as neither given nor endorsed by it.
-----------------------------------------------------------------------------------------------------------------------------------
2
1
Can someone help? I am able to authenticate with low-level PAP and CHAP
protocols.
--
mB.
4
5
Hi guys,
Having just come from a meeting, I've not actually had a chance to do any
research myself, and hoped to lean on the community a little.
A concern was put forward regarding password policies for policies stored in
a radius server. Now, policies like "Must be 8 characters" and "must have 2
numbers" can be handled easily enough in form processing on some sort of
front end, however, is it possible have a radius password expire after a set
period of time, and then send back a specific message saying that the
password has expired? (ie one month?)
Many Thanks,
Justin Steward
4
4
Hello,
Is there a way to know how many sql sockets needs to be open at startup
for a particular accounting db?
I want to have sufficent number of such sockets but don't want to loose
time and ressources opening too much of them.
thx
4
8
14 Sep '09
Sorry Alan !
My Freeradius version is 2.0.4 from Debian Lenny.
Here is in attach files debug log with HP Laptop and Linux (same results
with Windows XP SP3 on this PC).
Bernard.
=================== Begin Debug log, no connexion from HP laptop Linux
Client =========
Fri Sep 4 17:53:36 2009 : Info: FreeRADIUS Version 2.0.4, for host
i486-pc-linux-gnu, built on Sep 3 2009 at 21:54:46
Fri Sep 4 17:53:36 2009 : Info: Copyright (C) 1999-2008 The FreeRADIUS
server project and contributors.
Fri Sep 4 17:53:36 2009 : Info: There is NO warranty; not even for
MERCHANTABILITY or FITNESS FOR A
Fri Sep 4 17:53:36 2009 : Info: PARTICULAR PURPOSE.
Fri Sep 4 17:53:36 2009 : Info: You may redistribute copies of
FreeRADIUS under the terms of the
Fri Sep 4 17:53:36 2009 : Info: GNU General Public License.
Fri Sep 4 17:53:36 2009 : Info: Starting - reading configuration files
...
Fri Sep 4 17:53:36 2009 : Debug: including configuration file
/etc/freeradius/radiusd.conf
Fri Sep 4 17:53:36 2009 : Debug: including configuration file
/etc/freeradius/proxy.conf
Fri Sep 4 17:53:36 2009 : Debug: including configuration file
/etc/freeradius/clients.conf
Fri Sep 4 17:53:36 2009 : Debug: including configuration file
/etc/freeradius/snmp.conf
Fri Sep 4 17:53:36 2009 : Debug: including configuration file
/etc/freeradius/eap.conf
Fri Sep 4 17:53:36 2009 : Debug: including configuration file
/etc/freeradius/policy.conf
Fri Sep 4 17:53:36 2009 : Debug: including files in directory
/etc/freeradius/sites-enabled/
Fri Sep 4 17:53:36 2009 : Debug: including configuration file
/etc/freeradius/sites-enabled/default
Fri Sep 4 17:53:36 2009 : Debug: including configuration file
/etc/freeradius/sites-enabled/inner-tunnel
Fri Sep 4 17:53:36 2009 : Debug: including dictionary file
/etc/freeradius/dictionary
Fri Sep 4 17:53:36 2009 : Debug: main {
Fri Sep 4 17:53:36 2009 : Debug: prefix = "/usr"
Fri Sep 4 17:53:36 2009 : Debug: localstatedir = "/var"
Fri Sep 4 17:53:36 2009 : Debug: logdir = "/var/log/freeradius"
Fri Sep 4 17:53:36 2009 : Debug: libdir = "/usr/lib/freeradius"
Fri Sep 4 17:53:36 2009 : Debug: radacctdir =
"/var/log/freeradius/radacct"
Fri Sep 4 17:53:36 2009 : Debug: hostname_lookups = no
Fri Sep 4 17:53:36 2009 : Debug: max_request_time = 30
Fri Sep 4 17:53:36 2009 : Debug: cleanup_delay = 5
Fri Sep 4 17:53:36 2009 : Debug: max_requests = 1024
Fri Sep 4 17:53:36 2009 : Debug: allow_core_dumps = no
Fri Sep 4 17:53:36 2009 : Debug: pidfile =
"/var/run/freeradius/freeradius.pid"
Fri Sep 4 17:53:36 2009 : Debug: user = "freerad"
Fri Sep 4 17:53:36 2009 : Debug: group = "freerad"
Fri Sep 4 17:53:36 2009 : Debug: checkrad = "/usr/sbin/checkrad"
Fri Sep 4 17:53:36 2009 : Debug: debug_level = 0
Fri Sep 4 17:53:36 2009 : Debug: proxy_requests = yes
Fri Sep 4 17:53:36 2009 : Debug: security {
Fri Sep 4 17:53:36 2009 : Debug: max_attributes = 200
Fri Sep 4 17:53:36 2009 : Debug: reject_delay = 1
Fri Sep 4 17:53:36 2009 : Debug: status_server = yes
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: client localhost {
Fri Sep 4 17:53:36 2009 : Debug: ipaddr = 127.0.0.1
Fri Sep 4 17:53:36 2009 : Debug: require_message_authenticator =
no
Fri Sep 4 17:53:36 2009 : Debug: secret = "testing123"
Fri Sep 4 17:53:36 2009 : Debug: nastype = "other"
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: client 10.98.243.0/24 {
Fri Sep 4 17:53:36 2009 : Debug: require_message_authenticator =
no
Fri Sep 4 17:53:36 2009 : Debug: secret = "password"
Fri Sep 4 17:53:36 2009 : Debug: shortname = "LANDomainADNeydens"
Fri Sep 4 17:53:36 2009 : Debug: nastype = "cisco"
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: client 10.98.239.0/24 {
Fri Sep 4 17:53:36 2009 : Debug: require_message_authenticator =
no
Fri Sep 4 17:53:36 2009 : Debug: secret = "password"
Fri Sep 4 17:53:36 2009 : Debug: shortname =
"LANDomainADNeydensRC"
Fri Sep 4 17:53:36 2009 : Debug: nastype = "cisco"
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: client 10.103.0.0/21 {
Fri Sep 4 17:53:36 2009 : Debug: require_message_authenticator =
no
Fri Sep 4 17:53:36 2009 : Debug: secret = "password"
Fri Sep 4 17:53:36 2009 : Debug: shortname =
"LANDomainADNeydensRC"
Fri Sep 4 17:53:36 2009 : Debug: nastype = "cisco"
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: radiusd: #### Loading Realms and Home
Servers ####
Fri Sep 4 17:53:36 2009 : Debug: proxy server {
Fri Sep 4 17:53:36 2009 : Debug: retry_delay = 5
Fri Sep 4 17:53:36 2009 : Debug: retry_count = 3
Fri Sep 4 17:53:36 2009 : Debug: default_fallback = no
Fri Sep 4 17:53:36 2009 : Debug: dead_time = 120
Fri Sep 4 17:53:36 2009 : Debug: wake_all_if_all_dead = no
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: home_server localhost {
Fri Sep 4 17:53:36 2009 : Debug: ipaddr = 127.0.0.1
Fri Sep 4 17:53:36 2009 : Debug: port = 1812
Fri Sep 4 17:53:36 2009 : Debug: type = "auth"
Fri Sep 4 17:53:36 2009 : Debug: secret = "testing123"
Fri Sep 4 17:53:36 2009 : Debug: response_window = 20
Fri Sep 4 17:53:36 2009 : Debug: max_outstanding = 65536
Fri Sep 4 17:53:36 2009 : Debug: zombie_period = 40
Fri Sep 4 17:53:36 2009 : Debug: status_check = "status-server"
Fri Sep 4 17:53:36 2009 : Debug: ping_check = "none"
Fri Sep 4 17:53:36 2009 : Debug: ping_interval = 30
Fri Sep 4 17:53:36 2009 : Debug: check_interval = 30
Fri Sep 4 17:53:36 2009 : Debug: num_answers_to_alive = 3
Fri Sep 4 17:53:36 2009 : Debug: num_pings_to_alive = 3
Fri Sep 4 17:53:36 2009 : Debug: revive_interval = 120
Fri Sep 4 17:53:36 2009 : Debug: status_check_timeout = 4
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: home_server_pool my_auth_failover {
Fri Sep 4 17:53:36 2009 : Debug: type = fail-over
Fri Sep 4 17:53:36 2009 : Debug: home_server = localhost
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: realm example.com {
Fri Sep 4 17:53:36 2009 : Debug: auth_pool = my_auth_failover
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: realm LOCAL {
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: radiusd: #### Instantiating modules
####
Fri Sep 4 17:53:36 2009 : Debug: instantiate {
Fri Sep 4 17:53:36 2009 : Debug: (Loaded rlm_exec, checking if it's
valid)
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to module rlm_exec
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating exec
Fri Sep 4 17:53:36 2009 : Debug: exec {
Fri Sep 4 17:53:36 2009 : Debug: wait = yes
Fri Sep 4 17:53:36 2009 : Debug: input_pairs = "request"
Fri Sep 4 17:53:36 2009 : Debug: shell_escape = yes
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: (Loaded rlm_expr, checking if it's
valid)
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to module rlm_expr
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating expr
Fri Sep 4 17:53:36 2009 : Debug: (Loaded rlm_expiration, checking
if it's valid)
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to module
rlm_expiration
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating expiration
Fri Sep 4 17:53:36 2009 : Debug: expiration {
Fri Sep 4 17:53:36 2009 : Debug: reply-message = "Password Has
Expired "
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: (Loaded rlm_logintime, checking if
it's valid)
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to module
rlm_logintime
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating logintime
Fri Sep 4 17:53:36 2009 : Debug: logintime {
Fri Sep 4 17:53:36 2009 : Debug: reply-message = "You are calling
outside your allowed timespan "
Fri Sep 4 17:53:36 2009 : Debug: minimum-timeout = 60
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: radiusd: #### Loading Virtual Servers
####
Fri Sep 4 17:53:36 2009 : Debug: server inner-tunnel {
Fri Sep 4 17:53:36 2009 : Debug: modules {
Fri Sep 4 17:53:36 2009 : Debug: Module: Checking authenticate {...}
for more modules to load
Fri Sep 4 17:53:36 2009 : Debug: (Loaded rlm_pap, checking if it's
valid)
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to module rlm_pap
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating pap
Fri Sep 4 17:53:36 2009 : Debug: pap {
Fri Sep 4 17:53:36 2009 : Debug: encryption_scheme = "auto"
Fri Sep 4 17:53:36 2009 : Debug: auto_header = no
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: (Loaded rlm_chap, checking if it's
valid)
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to module rlm_chap
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating chap
Fri Sep 4 17:53:36 2009 : Debug: (Loaded rlm_mschap, checking if
it's valid)
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to module rlm_mschap
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating mschap
Fri Sep 4 17:53:36 2009 : Debug: mschap {
Fri Sep 4 17:53:36 2009 : Debug: use_mppe = yes
Fri Sep 4 17:53:36 2009 : Debug: require_encryption = no
Fri Sep 4 17:53:36 2009 : Debug: require_strong = yes
Fri Sep 4 17:53:36 2009 : Debug: with_ntdomain_hack = yes
Fri Sep 4 17:53:36 2009 : Debug: ntlm_auth = "/usr/bin/ntlm_auth
--request-nt-key --username=%{mschap:User-Name:-None}
--domain=%{mschap:NT-Domain:-DomainAD}
--challenge=%{mschap:Challenge:-00}
--nt-response=%{mschap:NT-Response:-00}"
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: (Loaded rlm_unix, checking if it's
valid)
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to module rlm_unix
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating unix
Fri Sep 4 17:53:36 2009 : Debug: unix {
Fri Sep 4 17:53:36 2009 : Debug: radwtmp =
"/var/log/freeradius/radwtmp"
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: (Loaded rlm_eap, checking if it's
valid)
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to module rlm_eap
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating eap
Fri Sep 4 17:53:36 2009 : Debug: eap {
Fri Sep 4 17:53:36 2009 : Debug: default_eap_type = "peap"
Fri Sep 4 17:53:36 2009 : Debug: timer_expire = 60
Fri Sep 4 17:53:36 2009 : Debug: ignore_unknown_eap_types = no
Fri Sep 4 17:53:36 2009 : Debug: cisco_accounting_username_bug =
no
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to sub-module
rlm_eap_md5
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating eap-md5
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to sub-module
rlm_eap_leap
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating eap-leap
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to sub-module
rlm_eap_gtc
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating eap-gtc
Fri Sep 4 17:53:36 2009 : Debug: gtc {
Fri Sep 4 17:53:36 2009 : Debug: challenge = "Password: "
Fri Sep 4 17:53:36 2009 : Debug: auth_type = "PAP"
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to sub-module
rlm_eap_tls
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating eap-tls
Fri Sep 4 17:53:36 2009 : Debug: tls {
Fri Sep 4 17:53:36 2009 : Debug: rsa_key_exchange = no
Fri Sep 4 17:53:36 2009 : Debug: dh_key_exchange = yes
Fri Sep 4 17:53:36 2009 : Debug: rsa_key_length = 512
Fri Sep 4 17:53:36 2009 : Debug: dh_key_length = 512
Fri Sep 4 17:53:36 2009 : Debug: verify_depth = 0
Fri Sep 4 17:53:36 2009 : Debug: pem_file_type = yes
Fri Sep 4 17:53:36 2009 : Debug: private_key_file =
"/etc/freeradius/certs/server.pem"
Fri Sep 4 17:53:36 2009 : Debug: certificate_file =
"/etc/freeradius/certs/server.pem"
Fri Sep 4 17:53:36 2009 : Debug: CA_file =
"/etc/freeradius/certs/ca.pem"
Fri Sep 4 17:53:36 2009 : Debug: private_key_password =
"ADFknadfidfi4r7akAgf083249wT"
Fri Sep 4 17:53:36 2009 : Debug: dh_file =
"/etc/freeradius/certs/dh"
Fri Sep 4 17:53:36 2009 : Debug: random_file =
"/etc/freeradius/certs/random"
Fri Sep 4 17:53:36 2009 : Debug: fragment_size = 1024
Fri Sep 4 17:53:36 2009 : Debug: include_length = yes
Fri Sep 4 17:53:36 2009 : Debug: check_crl = no
Fri Sep 4 17:53:36 2009 : Debug: cipher_list = "DEFAULT"
Fri Sep 4 17:53:36 2009 : Debug: make_cert_command =
"/etc/freeradius/certs/bootstrap"
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to sub-module
rlm_eap_ttls
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating eap-ttls
Fri Sep 4 17:53:36 2009 : Debug: ttls {
Fri Sep 4 17:53:36 2009 : Debug: default_eap_type = "md5"
Fri Sep 4 17:53:36 2009 : Debug: copy_request_to_tunnel = no
Fri Sep 4 17:53:36 2009 : Debug: use_tunneled_reply = no
Fri Sep 4 17:53:36 2009 : Debug: virtual_server = "inner-tunnel"
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to sub-module
rlm_eap_peap
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating eap-peap
Fri Sep 4 17:53:36 2009 : Debug: peap {
Fri Sep 4 17:53:36 2009 : Debug: default_eap_type = "mschapv2"
Fri Sep 4 17:53:36 2009 : Debug: copy_request_to_tunnel = no
Fri Sep 4 17:53:36 2009 : Debug: use_tunneled_reply = no
Fri Sep 4 17:53:36 2009 : Debug: proxy_tunneled_request_as_eap =
yes
Fri Sep 4 17:53:36 2009 : Debug: virtual_server = "inner-tunnel"
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to sub-module
rlm_eap_mschapv2
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating eap-mschapv2
Fri Sep 4 17:53:36 2009 : Debug: mschapv2 {
Fri Sep 4 17:53:36 2009 : Debug: with_ntdomain_hack = no
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: Module: Checking authorize {...} for
more modules to load
Fri Sep 4 17:53:36 2009 : Debug: (Loaded rlm_realm, checking if
it's valid)
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to module rlm_realm
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating suffix
Fri Sep 4 17:53:36 2009 : Debug: realm suffix {
Fri Sep 4 17:53:36 2009 : Debug: format = "suffix"
Fri Sep 4 17:53:36 2009 : Debug: delimiter = "@"
Fri Sep 4 17:53:36 2009 : Debug: ignore_default = no
Fri Sep 4 17:53:36 2009 : Debug: ignore_null = no
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: (Loaded rlm_files, checking if
it's valid)
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to module rlm_files
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating files
Fri Sep 4 17:53:36 2009 : Debug: files {
Fri Sep 4 17:53:36 2009 : Debug: usersfile =
"/etc/freeradius/users"
Fri Sep 4 17:53:36 2009 : Debug: acctusersfile =
"/etc/freeradius/acct_users"
Fri Sep 4 17:53:36 2009 : Debug: preproxy_usersfile =
"/etc/freeradius/preproxy_users"
Fri Sep 4 17:53:36 2009 : Debug: compat = "no"
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: Module: Checking session {...} for
more modules to load
Fri Sep 4 17:53:36 2009 : Debug: (Loaded rlm_radutmp, checking if
it's valid)
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to module rlm_radutmp
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating radutmp
Fri Sep 4 17:53:36 2009 : Debug: radutmp {
Fri Sep 4 17:53:36 2009 : Debug: filename =
"/var/log/freeradius/radutmp"
Fri Sep 4 17:53:36 2009 : Debug: username = "%{User-Name}"
Fri Sep 4 17:53:36 2009 : Debug: case_sensitive = yes
Fri Sep 4 17:53:36 2009 : Debug: check_with_nas = yes
Fri Sep 4 17:53:36 2009 : Debug: perm = 384
Fri Sep 4 17:53:36 2009 : Debug: callerid = yes
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: Module: Checking post-proxy {...} for
more modules to load
Fri Sep 4 17:53:36 2009 : Debug: Module: Checking post-auth {...} for
more modules to load
Fri Sep 4 17:53:36 2009 : Debug: (Loaded rlm_attr_filter, checking
if it's valid)
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to module
rlm_attr_filter
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating
attr_filter.access_reject
Fri Sep 4 17:53:36 2009 : Debug: attr_filter
attr_filter.access_reject {
Fri Sep 4 17:53:36 2009 : Debug: attrsfile =
"/etc/freeradius/attrs.access_reject"
Fri Sep 4 17:53:36 2009 : Debug: key = "%{User-Name}"
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: server {
Fri Sep 4 17:53:36 2009 : Debug: modules {
Fri Sep 4 17:53:36 2009 : Debug: Module: Checking authenticate {...}
for more modules to load
Fri Sep 4 17:53:36 2009 : Debug: Module: Checking authorize {...} for
more modules to load
Fri Sep 4 17:53:36 2009 : Debug: (Loaded rlm_preprocess, checking
if it's valid)
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to module
rlm_preprocess
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating preprocess
Fri Sep 4 17:53:36 2009 : Debug: preprocess {
Fri Sep 4 17:53:36 2009 : Debug: huntgroups =
"/etc/freeradius/huntgroups"
Fri Sep 4 17:53:36 2009 : Debug: hints = "/etc/freeradius/hints"
Fri Sep 4 17:53:36 2009 : Debug: with_ascend_hack = no
Fri Sep 4 17:53:36 2009 : Debug: ascend_channels_per_line = 23
Fri Sep 4 17:53:36 2009 : Debug: with_ntdomain_hack = no
Fri Sep 4 17:53:36 2009 : Debug: with_specialix_jetstream_hack =
no
Fri Sep 4 17:53:36 2009 : Debug: with_cisco_vsa_hack = no
Fri Sep 4 17:53:36 2009 : Debug: with_alvarion_vsa_hack = no
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: Module: Checking preacct {...} for
more modules to load
Fri Sep 4 17:53:36 2009 : Debug: (Loaded rlm_acct_unique, checking
if it's valid)
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to module
rlm_acct_unique
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating acct_unique
Fri Sep 4 17:53:36 2009 : Debug: acct_unique {
Fri Sep 4 17:53:36 2009 : Debug: key = "User-Name,
Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: Module: Checking accounting {...} for
more modules to load
Fri Sep 4 17:53:36 2009 : Debug: (Loaded rlm_detail, checking if
it's valid)
Fri Sep 4 17:53:36 2009 : Debug: Module: Linked to module rlm_detail
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating detail
Fri Sep 4 17:53:36 2009 : Debug: detail {
Fri Sep 4 17:53:36 2009 : Debug: detailfile =
"/var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
Fri Sep 4 17:53:36 2009 : Debug: header = "%t"
Fri Sep 4 17:53:36 2009 : Debug: detailperm = 384
Fri Sep 4 17:53:36 2009 : Debug: dirperm = 493
Fri Sep 4 17:53:36 2009 : Debug: locking = no
Fri Sep 4 17:53:36 2009 : Debug: log_packet_header = no
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: Module: Instantiating
attr_filter.accounting_response
Fri Sep 4 17:53:36 2009 : Debug: attr_filter
attr_filter.accounting_response {
Fri Sep 4 17:53:36 2009 : Debug: attrsfile =
"/etc/freeradius/attrs.accounting_response"
Fri Sep 4 17:53:36 2009 : Debug: key = "%{User-Name}"
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: Module: Checking session {...} for
more modules to load
Fri Sep 4 17:53:36 2009 : Debug: Module: Checking post-proxy {...} for
more modules to load
Fri Sep 4 17:53:36 2009 : Debug: Module: Checking post-auth {...} for
more modules to load
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: radiusd: #### Opening IP addresses and
Ports ####
Fri Sep 4 17:53:36 2009 : Debug: listen {
Fri Sep 4 17:53:36 2009 : Debug: type = "auth"
Fri Sep 4 17:53:36 2009 : Debug: ipaddr = *
Fri Sep 4 17:53:36 2009 : Debug: port = 0
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: listen {
Fri Sep 4 17:53:36 2009 : Debug: type = "acct"
Fri Sep 4 17:53:36 2009 : Debug: ipaddr = *
Fri Sep 4 17:53:36 2009 : Debug: port = 0
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: main {
Fri Sep 4 17:53:36 2009 : Debug: snmp = no
Fri Sep 4 17:53:36 2009 : Debug: smux_password = ""
Fri Sep 4 17:53:36 2009 : Debug: snmp_write_access = no
Fri Sep 4 17:53:36 2009 : Debug: }
Fri Sep 4 17:53:36 2009 : Debug: Listening on authentication address *
port 1812
Fri Sep 4 17:53:36 2009 : Debug: Listening on accounting address * port
1813
Fri Sep 4 17:53:36 2009 : Debug: Listening on proxy address * port 1814
Fri Sep 4 17:53:36 2009 : Debug: Ready to process requests.
rad_recv: Access-Request packet from host 10.98.243.81 port 1645,
id=251, length=148
User-Name = "DomainAD\\UserAD"
Framed-MTU = 1400
Called-Station-Id = "0023.5e03.1d9c"
Calling-Station-Id = "001d.e0a9.17a7"
Service-Type = Login-User
Message-Authenticator = 0xba7a8648fc4ed0bf6184f1ca875b38a7
EAP-Message = 0x02020010016d66725c74657374637278
NAS-Port-Type = Wireless-802.11
NAS-Port = 2756
NAS-Port-Id = "2756"
NAS-IP-Address = 10.98.243.81
NAS-Identifier = "frneyap81"
Fri Sep 4 17:55:07 2009 : Debug: +- entering group authorize
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: calling
preprocess (rlm_preprocess) for request 0
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: returned from
preprocess (rlm_preprocess) for request 0
Fri Sep 4 17:55:07 2009 : Debug: ++[preprocess] returns ok
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: calling chap
(rlm_chap) for request 0
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: returned from
chap (rlm_chap) for request 0
Fri Sep 4 17:55:07 2009 : Debug: ++[chap] returns noop
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: calling mschap
(rlm_mschap) for request 0
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: returned from
mschap (rlm_mschap) for request 0
Fri Sep 4 17:55:07 2009 : Debug: ++[mschap] returns noop
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: calling suffix
(rlm_realm) for request 0
Fri Sep 4 17:55:07 2009 : Debug: rlm_realm: No '@' in User-Name =
"DomainAD\UserAD", looking up realm NULL
Fri Sep 4 17:55:07 2009 : Debug: rlm_realm: No such realm "NULL"
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: returned from
suffix (rlm_realm) for request 0
Fri Sep 4 17:55:07 2009 : Debug: ++[suffix] returns noop
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: calling eap
(rlm_eap) for request 0
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap: EAP packet type response id
2 length 16
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap: No EAP Start, assuming it's
an on-going EAP conversation
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: returned from
eap (rlm_eap) for request 0
Fri Sep 4 17:55:07 2009 : Debug: ++[eap] returns updated
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: calling unix
(rlm_unix) for request 0
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: returned from
unix (rlm_unix) for request 0
Fri Sep 4 17:55:07 2009 : Debug: ++[unix] returns notfound
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: calling files
(rlm_files) for request 0
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: returned from
files (rlm_files) for request 0
Fri Sep 4 17:55:07 2009 : Debug: ++[files] returns noop
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: calling
expiration (rlm_expiration) for request 0
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: returned from
expiration (rlm_expiration) for request 0
Fri Sep 4 17:55:07 2009 : Debug: ++[expiration] returns noop
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: calling
logintime (rlm_logintime) for request 0
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: returned from
logintime (rlm_logintime) for request 0
Fri Sep 4 17:55:07 2009 : Debug: ++[logintime] returns noop
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: calling pap
(rlm_pap) for request 0
Fri Sep 4 17:55:07 2009 : Debug: rlm_pap: WARNING! No "known good"
password found for the user. Authentication may fail because of this.
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: returned from
pap (rlm_pap) for request 0
Fri Sep 4 17:55:07 2009 : Debug: ++[pap] returns noop
Fri Sep 4 17:55:07 2009 : Debug: rad_check_password: Found Auth-Type
EAP
Fri Sep 4 17:55:07 2009 : Debug: auth: type "EAP"
Fri Sep 4 17:55:07 2009 : Debug: +- entering group authenticate
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authenticate]: calling eap
(rlm_eap) for request 0
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap: EAP Identity
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap: processing type tls
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap_tls: Initiate
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap_tls: Start returned 1
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authenticate]: returned
from eap (rlm_eap) for request 0
Fri Sep 4 17:55:07 2009 : Debug: ++[eap] returns handled
Sending Access-Challenge of id 251 to 10.98.243.81 port 1645
EAP-Message = 0x010300061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x43424b86434152da8c5bd6231a93e0bc
Fri Sep 4 17:55:07 2009 : Debug: Finished request 0.
Fri Sep 4 17:55:07 2009 : Debug: Going to the next request
Fri Sep 4 17:55:07 2009 : Debug: Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.98.243.81 port 1645,
id=252, length=271
User-Name = "DomainAD\\UserAD"
Framed-MTU = 1400
Called-Station-Id = "0023.5e03.1d9c"
Calling-Station-Id = "001d.e0a9.17a7"
Service-Type = Login-User
Message-Authenticator = 0x759524dd61333f374bfa001a10baf665
EAP-Message =
0x0203007919800000006f160301006a0100006603014aa1385bd71ebc13e5a1e250ed47
8ccf97b3d766ef9611119db6f6060dbdd951000038003900380035008800870084001600
13000a00330032002f009a00990096004500440041000500040015001200090014001100
0800060003020100000400230000
NAS-Port-Type = Wireless-802.11
NAS-Port = 2756
NAS-Port-Id = "2756"
State = 0x43424b86434152da8c5bd6231a93e0bc
NAS-IP-Address = 10.98.243.81
NAS-Identifier = "frneyap81"
Fri Sep 4 17:55:07 2009 : Debug: +- entering group authorize
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: calling
preprocess (rlm_preprocess) for request 1
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: returned from
preprocess (rlm_preprocess) for request 1
Fri Sep 4 17:55:07 2009 : Debug: ++[preprocess] returns ok
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: calling chap
(rlm_chap) for request 1
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: returned from
chap (rlm_chap) for request 1
Fri Sep 4 17:55:07 2009 : Debug: ++[chap] returns noop
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: calling mschap
(rlm_mschap) for request 1
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: returned from
mschap (rlm_mschap) for request 1
Fri Sep 4 17:55:07 2009 : Debug: ++[mschap] returns noop
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: calling suffix
(rlm_realm) for request 1
Fri Sep 4 17:55:07 2009 : Debug: rlm_realm: No '@' in User-Name =
"DomainAD\UserAD", looking up realm NULL
Fri Sep 4 17:55:07 2009 : Debug: rlm_realm: No such realm "NULL"
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: returned from
suffix (rlm_realm) for request 1
Fri Sep 4 17:55:07 2009 : Debug: ++[suffix] returns noop
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: calling eap
(rlm_eap) for request 1
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap: EAP packet type response id
3 length 121
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap: Continuing tunnel setup.
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: returned from
eap (rlm_eap) for request 1
Fri Sep 4 17:55:07 2009 : Debug: ++[eap] returns ok
Fri Sep 4 17:55:07 2009 : Debug: rad_check_password: Found Auth-Type
EAP
Fri Sep 4 17:55:07 2009 : Debug: auth: type "EAP"
Fri Sep 4 17:55:07 2009 : Debug: +- entering group authenticate
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authenticate]: calling eap
(rlm_eap) for request 1
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap: Request found, released
from the list
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap: EAP/peap
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap: processing type peap
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap_peap: Authenticate
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap_tls: processing TLS
Fri Sep 4 17:55:07 2009 : Debug: TLS Length 111
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap_tls: Length Included
Fri Sep 4 17:55:07 2009 : Debug: eaptls_verify returned 11
Fri Sep 4 17:55:07 2009 : Debug: (other): before/accept
initialization
Fri Sep 4 17:55:07 2009 : Debug: TLS_accept: before/accept
initialization
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap_tls: <<< TLS 1.0 Handshake
[length 006a], ClientHello
Fri Sep 4 17:55:07 2009 : Debug: TLS_accept: SSLv3 read client
hello A
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap_tls: >>> TLS 1.0 Handshake
[length 0030], ServerHello
Fri Sep 4 17:55:07 2009 : Debug: TLS_accept: SSLv3 write server
hello A
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap_tls: >>> TLS 1.0 Handshake
[length 085f], Certificate
Fri Sep 4 17:55:07 2009 : Debug: TLS_accept: SSLv3 write
certificate A
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap_tls: >>> TLS 1.0 Handshake
[length 018d], ServerKeyExchange
Fri Sep 4 17:55:07 2009 : Debug: TLS_accept: SSLv3 write key
exchange A
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap_tls: >>> TLS 1.0 Handshake
[length 0004], ServerHelloDone
Fri Sep 4 17:55:07 2009 : Debug: TLS_accept: SSLv3 write server
done A
Fri Sep 4 17:55:07 2009 : Debug: TLS_accept: SSLv3 flush data
Fri Sep 4 17:55:07 2009 : Debug: TLS_accept: Need to read more
data: SSLv3 read client certificate A
Fri Sep 4 17:55:07 2009 : Debug: In SSL Handshake Phase
Fri Sep 4 17:55:07 2009 : Debug: In SSL Accept mode
Fri Sep 4 17:55:07 2009 : Debug: eaptls_process returned 13
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap_peap: EAPTLS_HANDLED
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authenticate]: returned
from eap (rlm_eap) for request 1
Fri Sep 4 17:55:07 2009 : Debug: ++[eap] returns handled
Sending Access-Challenge of id 252 to 10.98.243.81 port 1645
EAP-Message =
0x0104040019c000000a3416030100300200002c03014aa1385bc82693d892b0e1c4a6d5
608e61619434c36f9a5c3e3d733e343a6af500003901000400230000160301085f0b0008
5b0008580003aa308203a63082028ea003020102020103300d06092a864886f70d010104
0500308192310b3009060355040613024652311530130603550408130c48415554452d53
41564f49453110300e060355040713074e455944454e5331163014060355040a130d4d49
47524f53204672616e63653125302306092a864886f70d0109011616696e666f726d6174
69717565406d6967726f732e6672311b30190603550403131266726e65796c696e38352e
6d66
EAP-Message =
0x722e6e6574301e170d3039303930333231333035365a170d3130303930333231333035
365a308180310b3009060355040613024652311530130603550408130c48415554452d53
41564f494531163014060355040a130d4d4947524f53204672616e6365311b3019060355
0403131266726e65796c696e38352e6d66722e6e65743125302306092a864886f70d0109
011616696e666f726d617469717565406d6967726f732e667230820122300d06092a8648
86f70d01010105000382010f003082010a0282010100b43f85aeae7b987f21762308841b
5316c4f804afe182acb1b51d9d87676dfaba76aa9f7382e6915ee4f335b655a5c2b332fd
b8f5
EAP-Message =
0x35ce8c61694b20e82c1eee523415a5ba95efcb8b3cd1ae0383377b6c6fdee1bcb9c9a3
6a27eea00f22b695ae9dcd5ab4bb5c1f403e37d98e0af4226acd08192defeb9609fcdc37
476163e1b962b2368d9a475fd7ac65a9c68e492e37f773b5abb5c1565267278a53f71b21
a5e81f4e30c36ffd8e706045b57e461d1ae66886ad74aa5c7315c5a2a62b1ce34477f0d6
6886458a37bebfa78a80b05d848162a38b62015bf0a02c0e3e9c13f14127c15063f75711
82f5bdd376139be6eb8ac3900add6a4c339fedb85ce680c97b0203010001a31730153013
0603551d25040c300a06082b06010505070301300d06092a864886f70d01010405000382
0101
EAP-Message =
0x006737eebdb97d335b98dba87681c61236882bcc4152519e6d96d4064e8c866e40a9ab
ac89faf264243ad436fb6be9f7957e95e74b985f0b5401e38d159767e9e10a01aec93dca
b68c3507f2b99c111db476c0b89181454dead4acefd4364e7ad6cedad34aad5d94bdf6d4
ae834cd02345c71e2ac8d2738f45c41cd72e98a26efe6ec5d55e5c8aac43610196a3badf
3b63e83fe46299c9c4413d3f064464cfeb640c0804ebff3ef58b51bb7a04956bfaf49660
e0fcc3e375fd47d7e8ac5b684c06e0ccc642233721ea59029621a0ec82fb37429b4efd30
07231011c932d68654e827361e1802a50cc9d96e88a2d7c0f550614428329e4d2209e385
c68c
EAP-Message = 0x917982590004a8308204a430
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x43424b86424652da8c5bd6231a93e0bc
Fri Sep 4 17:55:07 2009 : Debug: Finished request 1.
Fri Sep 4 17:55:07 2009 : Debug: Going to the next request
Fri Sep 4 17:55:07 2009 : Debug: Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.98.243.81 port 1645,
id=253, length=156
User-Name = "DomainAD\\UserAD"
Framed-MTU = 1400
Called-Station-Id = "0023.5e03.1d9c"
Calling-Station-Id = "001d.e0a9.17a7"
Service-Type = Login-User
Message-Authenticator = 0xafc3f40468d7d58eb331032beb3f9213
EAP-Message = 0x020400061900
NAS-Port-Type = Wireless-802.11
NAS-Port = 2756
NAS-Port-Id = "2756"
State = 0x43424b86424652da8c5bd6231a93e0bc
NAS-IP-Address = 10.98.243.81
NAS-Identifier = "frneyap81"
Fri Sep 4 17:55:07 2009 : Debug: +- entering group authorize
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: calling
preprocess (rlm_preprocess) for request 2
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: returned from
preprocess (rlm_preprocess) for request 2
Fri Sep 4 17:55:07 2009 : Debug: ++[preprocess] returns ok
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: calling chap
(rlm_chap) for request 2
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: returned from
chap (rlm_chap) for request 2
Fri Sep 4 17:55:07 2009 : Debug: ++[chap] returns noop
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: calling mschap
(rlm_mschap) for request 2
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: returned from
mschap (rlm_mschap) for request 2
Fri Sep 4 17:55:07 2009 : Debug: ++[mschap] returns noop
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: calling suffix
(rlm_realm) for request 2
Fri Sep 4 17:55:07 2009 : Debug: rlm_realm: No '@' in User-Name =
"DomainAD\UserAD", looking up realm NULL
Fri Sep 4 17:55:07 2009 : Debug: rlm_realm: No such realm "NULL"
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: returned from
suffix (rlm_realm) for request 2
Fri Sep 4 17:55:07 2009 : Debug: ++[suffix] returns noop
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: calling eap
(rlm_eap) for request 2
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap: EAP packet type response id
4 length 6
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap: Continuing tunnel setup.
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authorize]: returned from
eap (rlm_eap) for request 2
Fri Sep 4 17:55:07 2009 : Debug: ++[eap] returns ok
Fri Sep 4 17:55:07 2009 : Debug: rad_check_password: Found Auth-Type
EAP
Fri Sep 4 17:55:07 2009 : Debug: auth: type "EAP"
Fri Sep 4 17:55:07 2009 : Debug: +- entering group authenticate
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authenticate]: calling eap
(rlm_eap) for request 2
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap: Request found, released
from the list
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap: EAP/peap
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap: processing type peap
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap_peap: Authenticate
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap_tls: processing TLS
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap_tls: Received EAP-TLS ACK
message
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap_tls: ack handshake fragment
handler
Fri Sep 4 17:55:07 2009 : Debug: eaptls_verify returned 1
Fri Sep 4 17:55:07 2009 : Debug: eaptls_process returned 13
Fri Sep 4 17:55:07 2009 : Debug: rlm_eap_peap: EAPTLS_HANDLED
Fri Sep 4 17:55:07 2009 : Debug: modsingle[authenticate]: returned
from eap (rlm_eap) for request 2
Fri Sep 4 17:55:07 2009 : Debug: ++[eap] returns handled
Sending Access-Challenge of id 253 to 10.98.243.81 port 1645
EAP-Message =
0x010503fc194082038ca00302010202090086c7ae8e4098664d300d06092a864886f70d
0101050500308192310b3009060355040613024652311530130603550408130c48415554
452d5341564f49453110300e060355040713074e455944454e5331163014060355040a13
0d4d4947524f53204672616e63653125302306092a864886f70d0109011616696e666f72
6d617469717565406d6967726f732e6672311b30190603550403131266726e65796c696e
38352e6d66722e6e6574301e170d3039303930333231333030305a170d31303039303332
31333030305a308192310b3009060355040613024652311530130603550408130c484155
5445
EAP-Message =
0x2d5341564f49453110300e060355040713074e455944454e5331163014060355040a13
0d4d4947524f53204672616e63653125302306092a864886f70d0109011616696e666f72
6d617469717565406d6967726f732e6672311b30190603550403131266726e65796c696e
38352e6d66722e6e657430820122300d06092a864886f70d01010105000382010f003082
010a0282010100dd1cde1bbaa86534a76a2bd1aee295e6446e2113434d4d4e5c36a73dd5
0e8b5048af3be8e040d03a314acf7549953fe77f03a54124b36cfb9ebc485f92e6bdd946
12f67f91fea405f59ce703e6b12772c5ab370cc470ccd84db1aedfd4c437eb860dc804bc
a36e
EAP-Message =
0xdc2e4873058a9e3aed7df35cba51891c6cbf1b4b8d3939034c45e5cadc8c656c63cb0d
971ed277ea545200bee9b0ae781796fac26b91bd42c3bda09eab6583843e2f11bd71e225
c1b233066b8b7dabba86eb8d0253a4e0bad978b3ff75eb6f521d77f8847146f4f83dc2a9
4f4d056d420d5624d2d8920a67f4ee432bd0ba7b48c445f573134fe842b9d45fbee40815
17a5804cd6bcb9ec51e30203010001a381fa3081f7301d0603551d0e041604149e8217bc
6e0ecedc9d2d73b3374a9d5d7f691b653081c70603551d230481bf3081bc80149e8217bc
6e0ecedc9d2d73b3374a9d5d7f691b65a18198a48195308192310b300906035504061302
4652
EAP-Message =
0x311530130603550408130c48415554452d5341564f49453110300e060355040713074e
455944454e5331163014060355040a130d4d4947524f53204672616e6365312530230609
2a864886f70d0109011616696e666f726d617469717565406d6967726f732e6672311b30
190603550403131266726e65796c696e38352e6d66722e6e657482090086c7ae8e409866
4d300c0603551d13040530030101ff300d06092a864886f70d0101050500038201010085
ce4aa1ef4d1cef57a18cf872e4a3db0dd76bfccf776205cad975627b54ca3e6d0d75732a
fdc9fd6ae19a6f6fe26d1c995cff701fab69728f22b206940b9541e57d67f729fa0caebc
0aca
EAP-Message = 0xad609817438ada11
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x43424b86414752da8c5bd6231a93e0bc
Fri Sep 4 17:55:07 2009 : Debug: Finished request 2.
Fri Sep 4 17:55:07 2009 : Debug: Going to the next request
Fri Sep 4 17:55:07 2009 : Debug: Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.98.243.81 port 1645,
id=254, length=156
User-Name = "DomainAD\\UserAD"
Framed-MTU = 1400
Called-Station-Id = "0023.5e03.1d9c"
Calling-Station-Id = "001d.e0a9.17a7"
Service-Type = Login-User
Message-Authenticator = 0x6899b835358a5442400b892cadef8194
EAP-Message = 0x020500061900
NAS-Port-Type = Wireless-802.11
NAS-Port = 2756
NAS-Port-Id = "2756"
State = 0x43424b86414752da8c5bd6231a93e0bc
NAS-IP-Address = 10.98.243.81
NAS-Identifier = "frneyap81"
Fri Sep 4 17:55:08 2009 : Debug: +- entering group authorize
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling
preprocess (rlm_preprocess) for request 3
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
preprocess (rlm_preprocess) for request 3
Fri Sep 4 17:55:08 2009 : Debug: ++[preprocess] returns ok
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling chap
(rlm_chap) for request 3
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
chap (rlm_chap) for request 3
Fri Sep 4 17:55:08 2009 : Debug: ++[chap] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling mschap
(rlm_mschap) for request 3
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
mschap (rlm_mschap) for request 3
Fri Sep 4 17:55:08 2009 : Debug: ++[mschap] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling suffix
(rlm_realm) for request 3
Fri Sep 4 17:55:08 2009 : Debug: rlm_realm: No '@' in User-Name =
"DomainAD\UserAD", looking up realm NULL
Fri Sep 4 17:55:08 2009 : Debug: rlm_realm: No such realm "NULL"
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
suffix (rlm_realm) for request 3
Fri Sep 4 17:55:08 2009 : Debug: ++[suffix] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling eap
(rlm_eap) for request 3
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: EAP packet type response id
5 length 6
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: Continuing tunnel setup.
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
eap (rlm_eap) for request 3
Fri Sep 4 17:55:08 2009 : Debug: ++[eap] returns ok
Fri Sep 4 17:55:08 2009 : Debug: rad_check_password: Found Auth-Type
EAP
Fri Sep 4 17:55:08 2009 : Debug: auth: type "EAP"
Fri Sep 4 17:55:08 2009 : Debug: +- entering group authenticate
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authenticate]: calling eap
(rlm_eap) for request 3
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: Request found, released
from the list
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: EAP/peap
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: processing type peap
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_peap: Authenticate
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_tls: processing TLS
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_tls: Received EAP-TLS ACK
message
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_tls: ack handshake fragment
handler
Fri Sep 4 17:55:08 2009 : Debug: eaptls_verify returned 1
Fri Sep 4 17:55:08 2009 : Debug: eaptls_process returned 13
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_peap: EAPTLS_HANDLED
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authenticate]: returned
from eap (rlm_eap) for request 3
Fri Sep 4 17:55:08 2009 : Debug: ++[eap] returns handled
Sending Access-Challenge of id 254 to 10.98.243.81 port 1645
EAP-Message =
0x0106024e19009c738834cdd2b138e34dd02156b9de07d6fce587e2bad24926c0bfae0e
8f9bec93552e01eca0136a6b5bbe40e5d125ca3bb7a48f9e2957e7e396462c5e1ba601c6
862a48f98c1860ba5f0d1f491d5df93d43069d3041bc89c80d4ac12e6687a3b785c584d4
589fdefc180fe433ca66efa06e48d9777d7b965c4332ad4e4fc7770c9fad8a3058d1ed7f
57b79d706e5c9722fed417c97101399567b703c8deab474d7132b7d2c3cd4b28015822e4
160301018d0c0001890040c9cd0f4994190469ad72d1b942d2a8480ac429cc24e04db06e
ac3c6e92becee0b0324a6cf11a0686d1f94e19ddfc2b25e5e47ded306237fa0e998487bb
b8b6
EAP-Message =
0xf70001050040723ee2dce58fb748a24bea1dd3917ab2b6484a9af8996930612c24a1bf
a11fba6963ead7ca1368afb9f6661515186a2921f23a466344623de5d3c044d525563901
007607c1880108ac5d77d74d5578d0c661a422f7dd6fa9954a0480cd93e6bf31b84d818d
18a2e105af1736468481fdfa0e7b8872faa14ca6f1c86a2d829af7baf6d404d6fb5965db
04c81abcbf32f546f2082177dbe3afd061d68e06293de4284b11928e0a5fccc1718fe31a
0e86cc008ef6df3770bb693c9f9487127d3653d9ba209670f7694e0bde216002568a7be7
1cd5faafdfea2b673c84b907d6327e5d81faa2b34c983d4952e77683c4fcefd281445fe0
483f
EAP-Message =
0xdee0d78d70116f8bfb5bf8675992431ec58cca4144fb8c1a05d30a5f5728a77731ec7f
fa960342ebed54deffc06fde6d5bc5946b38c79715b9ecf6486576957cd6a77498b31e38
1d1a314616030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x43424b86404452da8c5bd6231a93e0bc
Fri Sep 4 17:55:08 2009 : Debug: Finished request 3.
Fri Sep 4 17:55:08 2009 : Debug: Going to the next request
Fri Sep 4 17:55:08 2009 : Debug: Waking up in 4.3 seconds.
rad_recv: Access-Request packet from host 10.98.243.81 port 1645,
id=255, length=294
User-Name = "DomainAD\\UserAD"
Framed-MTU = 1400
Called-Station-Id = "0023.5e03.1d9c"
Calling-Station-Id = "001d.e0a9.17a7"
Service-Type = Login-User
Message-Authenticator = 0x8480272a8582a581feb18b1b1c9180ab
EAP-Message =
0x020600901980000000861603010046100000420040168724e2dc505b50aa71912ce1a5
b0888978085079b8f030f579f105eb5e7e064c3746fe09ab05b3b87c82cd7e2b05776cf0
6f3568c7884f307be12fd7fcef5c140301000101160301003078e1bef532f92cdc1f0516
c48becb6b5da6c39dd3c2a6d4a21c6d7393506cd7b433b2dd61b0ba4d7e4c706fb178ff0
e0
NAS-Port-Type = Wireless-802.11
NAS-Port = 2756
NAS-Port-Id = "2756"
State = 0x43424b86404452da8c5bd6231a93e0bc
NAS-IP-Address = 10.98.243.81
NAS-Identifier = "frneyap81"
Fri Sep 4 17:55:08 2009 : Debug: +- entering group authorize
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling
preprocess (rlm_preprocess) for request 4
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
preprocess (rlm_preprocess) for request 4
Fri Sep 4 17:55:08 2009 : Debug: ++[preprocess] returns ok
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling chap
(rlm_chap) for request 4
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
chap (rlm_chap) for request 4
Fri Sep 4 17:55:08 2009 : Debug: ++[chap] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling mschap
(rlm_mschap) for request 4
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
mschap (rlm_mschap) for request 4
Fri Sep 4 17:55:08 2009 : Debug: ++[mschap] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling suffix
(rlm_realm) for request 4
Fri Sep 4 17:55:08 2009 : Debug: rlm_realm: No '@' in User-Name =
"DomainAD\UserAD", looking up realm NULL
Fri Sep 4 17:55:08 2009 : Debug: rlm_realm: No such realm "NULL"
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
suffix (rlm_realm) for request 4
Fri Sep 4 17:55:08 2009 : Debug: ++[suffix] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling eap
(rlm_eap) for request 4
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: EAP packet type response id
6 length 144
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: Continuing tunnel setup.
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
eap (rlm_eap) for request 4
Fri Sep 4 17:55:08 2009 : Debug: ++[eap] returns ok
Fri Sep 4 17:55:08 2009 : Debug: rad_check_password: Found Auth-Type
EAP
Fri Sep 4 17:55:08 2009 : Debug: auth: type "EAP"
Fri Sep 4 17:55:08 2009 : Debug: +- entering group authenticate
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authenticate]: calling eap
(rlm_eap) for request 4
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: Request found, released
from the list
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: EAP/peap
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: processing type peap
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_peap: Authenticate
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_tls: processing TLS
Fri Sep 4 17:55:08 2009 : Debug: TLS Length 134
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_tls: Length Included
Fri Sep 4 17:55:08 2009 : Debug: eaptls_verify returned 11
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_tls: <<< TLS 1.0 Handshake
[length 0046], ClientKeyExchange
Fri Sep 4 17:55:08 2009 : Debug: TLS_accept: SSLv3 read client key
exchange A
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_tls: <<< TLS 1.0
ChangeCipherSpec [length 0001]
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_tls: <<< TLS 1.0 Handshake
[length 0010], Finished
Fri Sep 4 17:55:08 2009 : Debug: TLS_accept: SSLv3 read finished A
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_tls: >>> TLS 1.0 Handshake
[length 00aa]???
Fri Sep 4 17:55:08 2009 : Debug: TLS_accept: unknown state
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_tls: >>> TLS 1.0
ChangeCipherSpec [length 0001]
Fri Sep 4 17:55:08 2009 : Debug: TLS_accept: SSLv3 write change
cipher spec A
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_tls: >>> TLS 1.0 Handshake
[length 0010], Finished
Fri Sep 4 17:55:08 2009 : Debug: TLS_accept: SSLv3 write finished A
Fri Sep 4 17:55:08 2009 : Debug: TLS_accept: SSLv3 flush data
Fri Sep 4 17:55:08 2009 : Debug: (other): SSL negotiation finished
successfully
Fri Sep 4 17:55:08 2009 : Debug: SSL Connection Established
Fri Sep 4 17:55:08 2009 : Debug: eaptls_process returned 13
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_peap: EAPTLS_HANDLED
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authenticate]: returned
from eap (rlm_eap) for request 4
Fri Sep 4 17:55:08 2009 : Debug: ++[eap] returns handled
Sending Access-Challenge of id 255 to 10.98.243.81 port 1645
EAP-Message =
0x010700f0190016030100aa040000a60000000000a0298804e82e370691178516528132
f85c4ae6c4d6322d8ff57d68fe554d533c170cb40414eeec4b2a52b49e9803c4e7a5df61
d74988dfe0ea3ee3208b745bf3e2dddf747e50b4632a2e1963bce52e890c8e09f294917e
15495e28716b8d742cde2a073718cf16d3332698fa073e4cbc2716c5f24c8141c47088b7
be0a91f83216fe94ec7ef0c33f0ea611f7010005152ab9c099599cc3a9ef80ff7b32c933
5c8a14030100010116030100301778f5d4e9f5f100c170d48216b163bdfd4b1e4d48538f
2b5fe9efa5fb88a1d6b6d31070193feec3f86202e184eb1f7b
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x43424b86474552da8c5bd6231a93e0bc
Fri Sep 4 17:55:08 2009 : Debug: Finished request 4.
Fri Sep 4 17:55:08 2009 : Debug: Going to the next request
Fri Sep 4 17:55:08 2009 : Debug: Waking up in 4.2 seconds.
rad_recv: Access-Request packet from host 10.98.243.81 port 1645, id=0,
length=156
User-Name = "DomainAD\\UserAD"
Framed-MTU = 1400
Called-Station-Id = "0023.5e03.1d9c"
Calling-Station-Id = "001d.e0a9.17a7"
Service-Type = Login-User
Message-Authenticator = 0xa8b7ce52a645207f94b3b43c4fbe9b1f
EAP-Message = 0x020700061900
NAS-Port-Type = Wireless-802.11
NAS-Port = 2756
NAS-Port-Id = "2756"
State = 0x43424b86474552da8c5bd6231a93e0bc
NAS-IP-Address = 10.98.243.81
NAS-Identifier = "frneyap81"
Fri Sep 4 17:55:08 2009 : Debug: +- entering group authorize
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling
preprocess (rlm_preprocess) for request 5
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
preprocess (rlm_preprocess) for request 5
Fri Sep 4 17:55:08 2009 : Debug: ++[preprocess] returns ok
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling chap
(rlm_chap) for request 5
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
chap (rlm_chap) for request 5
Fri Sep 4 17:55:08 2009 : Debug: ++[chap] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling mschap
(rlm_mschap) for request 5
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
mschap (rlm_mschap) for request 5
Fri Sep 4 17:55:08 2009 : Debug: ++[mschap] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling suffix
(rlm_realm) for request 5
Fri Sep 4 17:55:08 2009 : Debug: rlm_realm: No '@' in User-Name =
"DomainAD\UserAD", looking up realm NULL
Fri Sep 4 17:55:08 2009 : Debug: rlm_realm: No such realm "NULL"
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
suffix (rlm_realm) for request 5
Fri Sep 4 17:55:08 2009 : Debug: ++[suffix] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling eap
(rlm_eap) for request 5
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: EAP packet type response id
7 length 6
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: Continuing tunnel setup.
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
eap (rlm_eap) for request 5
Fri Sep 4 17:55:08 2009 : Debug: ++[eap] returns ok
Fri Sep 4 17:55:08 2009 : Debug: rad_check_password: Found Auth-Type
EAP
Fri Sep 4 17:55:08 2009 : Debug: auth: type "EAP"
Fri Sep 4 17:55:08 2009 : Debug: +- entering group authenticate
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authenticate]: calling eap
(rlm_eap) for request 5
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: Request found, released
from the list
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: EAP/peap
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: processing type peap
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_peap: Authenticate
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_tls: processing TLS
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_tls: Received EAP-TLS ACK
message
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_tls: ack handshake is
finished
Fri Sep 4 17:55:08 2009 : Debug: eaptls_verify returned 3
Fri Sep 4 17:55:08 2009 : Debug: eaptls_process returned 3
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_peap: EAPTLS_SUCCESS
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authenticate]: returned
from eap (rlm_eap) for request 5
Fri Sep 4 17:55:08 2009 : Debug: ++[eap] returns handled
Sending Access-Challenge of id 0 to 10.98.243.81 port 1645
EAP-Message =
0x0108002b1900170301002063d57239661f91b1174f2a9f8ad7e9be639101381b7ad5fa
1a1a3c443d809138
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x43424b86464a52da8c5bd6231a93e0bc
Fri Sep 4 17:55:08 2009 : Debug: Finished request 5.
Fri Sep 4 17:55:08 2009 : Debug: Going to the next request
Fri Sep 4 17:55:08 2009 : Debug: Waking up in 4.2 seconds.
rad_recv: Access-Request packet from host 10.98.243.81 port 1645, id=1,
length=246
User-Name = "DomainAD\\UserAD"
Framed-MTU = 1400
Called-Station-Id = "0023.5e03.1d9c"
Calling-Station-Id = "001d.e0a9.17a7"
Service-Type = Login-User
Message-Authenticator = 0x1793337594b3c516273337c79c70ff08
EAP-Message =
0x02080060190017030100202220cd292c4c3aec8fabf418b31e513c509ad83fad42a99f
b82c2630a41f460f1703010030921d9c42d1cd654932472d24d04441821570dd00835d71
08d2dac7cd3a57e6b05ad4de2a9d586fb34def3354a341e598
NAS-Port-Type = Wireless-802.11
NAS-Port = 2756
NAS-Port-Id = "2756"
State = 0x43424b86464a52da8c5bd6231a93e0bc
NAS-IP-Address = 10.98.243.81
NAS-Identifier = "frneyap81"
Fri Sep 4 17:55:08 2009 : Debug: +- entering group authorize
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling
preprocess (rlm_preprocess) for request 6
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
preprocess (rlm_preprocess) for request 6
Fri Sep 4 17:55:08 2009 : Debug: ++[preprocess] returns ok
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling chap
(rlm_chap) for request 6
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
chap (rlm_chap) for request 6
Fri Sep 4 17:55:08 2009 : Debug: ++[chap] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling mschap
(rlm_mschap) for request 6
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
mschap (rlm_mschap) for request 6
Fri Sep 4 17:55:08 2009 : Debug: ++[mschap] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling suffix
(rlm_realm) for request 6
Fri Sep 4 17:55:08 2009 : Debug: rlm_realm: No '@' in User-Name =
"DomainAD\UserAD", looking up realm NULL
Fri Sep 4 17:55:08 2009 : Debug: rlm_realm: No such realm "NULL"
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
suffix (rlm_realm) for request 6
Fri Sep 4 17:55:08 2009 : Debug: ++[suffix] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling eap
(rlm_eap) for request 6
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: EAP packet type response id
8 length 96
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: Continuing tunnel setup.
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
eap (rlm_eap) for request 6
Fri Sep 4 17:55:08 2009 : Debug: ++[eap] returns ok
Fri Sep 4 17:55:08 2009 : Debug: rad_check_password: Found Auth-Type
EAP
Fri Sep 4 17:55:08 2009 : Debug: auth: type "EAP"
Fri Sep 4 17:55:08 2009 : Debug: +- entering group authenticate
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authenticate]: calling eap
(rlm_eap) for request 6
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: Request found, released
from the list
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: EAP/peap
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: processing type peap
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_peap: Authenticate
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_tls: processing TLS
Fri Sep 4 17:55:08 2009 : Debug: eaptls_verify returned 7
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_tls: Done initial handshake
Fri Sep 4 17:55:08 2009 : Debug: eaptls_process returned 7
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_peap: EAPTLS_OK
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_peap: Session established.
Decoding tunneled attributes.
PEAP tunnel data in 0000: 01 6d 66 72 5c 74 65 73 74 63 72 78
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_peap: Identity -
DomainAD\UserAD
PEAP: Got tunneled EAP-Message
EAP-Message = 0x02080010016d66725c74657374637278
Fri Sep 4 17:55:08 2009 : Debug: PEAP: Got tunneled identity of
DomainAD\UserAD
Fri Sep 4 17:55:08 2009 : Debug: PEAP: Setting default EAP type for
tunneled EAP session.
Fri Sep 4 17:55:08 2009 : Debug: PEAP: Setting User-Name to
DomainAD\UserAD
PEAP: Sending tunneled request
EAP-Message = 0x02080010016d66725c74657374637278
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "DomainAD\\UserAD"
server inner-tunnel {
Fri Sep 4 17:55:08 2009 : Debug: +- entering group authorize
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling chap
(rlm_chap) for request 6
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
chap (rlm_chap) for request 6
Fri Sep 4 17:55:08 2009 : Debug: ++[chap] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling mschap
(rlm_mschap) for request 6
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
mschap (rlm_mschap) for request 6
Fri Sep 4 17:55:08 2009 : Debug: ++[mschap] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling unix
(rlm_unix) for request 6
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
unix (rlm_unix) for request 6
Fri Sep 4 17:55:08 2009 : Debug: ++[unix] returns notfound
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling suffix
(rlm_realm) for request 6
Fri Sep 4 17:55:08 2009 : Debug: rlm_realm: No '@' in User-Name =
"DomainAD\UserAD", looking up realm NULL
Fri Sep 4 17:55:08 2009 : Debug: rlm_realm: No such realm "NULL"
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
suffix (rlm_realm) for request 6
Fri Sep 4 17:55:08 2009 : Debug: ++[suffix] returns noop
Fri Sep 4 17:55:08 2009 : Debug: ::: FROM 1 TO 1 MAX 2
Fri Sep 4 17:55:08 2009 : Debug: ::: Examining Proxy-To-Realm
Fri Sep 4 17:55:08 2009 : Debug: ::: APPENDING Proxy-To-Realm FROM 0 TO
1
Fri Sep 4 17:55:08 2009 : Debug: ::: TO in 1 out 2
Fri Sep 4 17:55:08 2009 : Debug: ::: to[0] = EAP-Type
Fri Sep 4 17:55:08 2009 : Debug: ::: to[1] = Proxy-To-Realm
Fri Sep 4 17:55:08 2009 : Debug: ++[control] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling eap
(rlm_eap) for request 6
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: EAP packet type response id
8 length 16
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: No EAP Start, assuming it's
an on-going EAP conversation
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
eap (rlm_eap) for request 6
Fri Sep 4 17:55:08 2009 : Debug: ++[eap] returns updated
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling files
(rlm_files) for request 6
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
files (rlm_files) for request 6
Fri Sep 4 17:55:08 2009 : Debug: ++[files] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling
expiration (rlm_expiration) for request 6
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
expiration (rlm_expiration) for request 6
Fri Sep 4 17:55:08 2009 : Debug: ++[expiration] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling
logintime (rlm_logintime) for request 6
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
logintime (rlm_logintime) for request 6
Fri Sep 4 17:55:08 2009 : Debug: ++[logintime] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling pap
(rlm_pap) for request 6
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
pap (rlm_pap) for request 6
Fri Sep 4 17:55:08 2009 : Debug: ++[pap] returns noop
Fri Sep 4 17:55:08 2009 : Debug: rad_check_password: Found Auth-Type
EAP
Fri Sep 4 17:55:08 2009 : Debug: auth: type "EAP"
Fri Sep 4 17:55:08 2009 : Debug: +- entering group authenticate
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authenticate]: calling eap
(rlm_eap) for request 6
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: EAP Identity
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: processing type mschapv2
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_mschapv2: Issuing Challenge
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authenticate]: returned
from eap (rlm_eap) for request 6
Fri Sep 4 17:55:08 2009 : Debug: ++[eap] returns handled
} # server inner-tunnel
PEAP: Got tunneled reply RADIUS code 11
EAP-Message =
0x010900251a01090020107220a7eeadf0315a8871dd8775980d956d66725c7465737463
7278
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xda60b1f7da69abf76e6f8d94d0caf3f2
PEAP: Processing from tunneled session code 0x8dc22e8 11
EAP-Message =
0x010900251a01090020107220a7eeadf0315a8871dd8775980d956d66725c7465737463
7278
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xda60b1f7da69abf76e6f8d94d0caf3f2
Fri Sep 4 17:55:08 2009 : Debug: PEAP: Got tunneled Access-Challenge
PEAP tunnel data out 0000: 1a 01 09 00 20 10 72 20 a7 ee ad f0 31 5a
88 71
PEAP tunnel data out 0010: dd 87 75 98 0d 95 6d 66 72 5c 74 65 73 74
63 72
PEAP tunnel data out 0020: 78
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authenticate]: returned
from eap (rlm_eap) for request 6
Fri Sep 4 17:55:08 2009 : Debug: ++[eap] returns handled
Sending Access-Challenge of id 1 to 10.98.243.81 port 1645
EAP-Message =
0x0109004b1900170301004047e6af741d1f360a3138f6785c296fddb4220c72a9ac2248
b46aed0dcecf93c06af749dcdda8840e024c55a146860c278588197f402c8428e26c120f
99c72f1e
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x43424b86454b52da8c5bd6231a93e0bc
Fri Sep 4 17:55:08 2009 : Debug: Finished request 6.
Fri Sep 4 17:55:08 2009 : Debug: Going to the next request
Fri Sep 4 17:55:08 2009 : Debug: Waking up in 3.9 seconds.
rad_recv: Access-Request packet from host 10.98.243.81 port 1645, id=2,
length=294
User-Name = "DomainAD\\UserAD"
Framed-MTU = 1400
Called-Station-Id = "0023.5e03.1d9c"
Calling-Station-Id = "001d.e0a9.17a7"
Service-Type = Login-User
Message-Authenticator = 0x883170fc2432559eb682199613ef6e69
EAP-Message =
0x020900901900170301002042dded9901b5b69a653fc942f3e7143e656622750f7c24ca
2698ef456c82579817030100608aece27dc9b20c5d2f6008ebec37f024587f6ab4db891e
d09cb5065bd244cd0e83ac09ba06f63161c2094a40811b99581ee99ad25665aa80d600b4
88c81c151ea90fe0a248ad9896691df0a8d5955134c6287eb9a600b4b71fbb5b8be81286
e6
NAS-Port-Type = Wireless-802.11
NAS-Port = 2756
NAS-Port-Id = "2756"
State = 0x43424b86454b52da8c5bd6231a93e0bc
NAS-IP-Address = 10.98.243.81
NAS-Identifier = "frneyap81"
Fri Sep 4 17:55:08 2009 : Debug: +- entering group authorize
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling
preprocess (rlm_preprocess) for request 7
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
preprocess (rlm_preprocess) for request 7
Fri Sep 4 17:55:08 2009 : Debug: ++[preprocess] returns ok
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling chap
(rlm_chap) for request 7
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
chap (rlm_chap) for request 7
Fri Sep 4 17:55:08 2009 : Debug: ++[chap] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling mschap
(rlm_mschap) for request 7
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
mschap (rlm_mschap) for request 7
Fri Sep 4 17:55:08 2009 : Debug: ++[mschap] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling suffix
(rlm_realm) for request 7
Fri Sep 4 17:55:08 2009 : Debug: rlm_realm: No '@' in User-Name =
"DomainAD\UserAD", looking up realm NULL
Fri Sep 4 17:55:08 2009 : Debug: rlm_realm: No such realm "NULL"
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
suffix (rlm_realm) for request 7
Fri Sep 4 17:55:08 2009 : Debug: ++[suffix] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling eap
(rlm_eap) for request 7
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: EAP packet type response id
9 length 144
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: Continuing tunnel setup.
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
eap (rlm_eap) for request 7
Fri Sep 4 17:55:08 2009 : Debug: ++[eap] returns ok
Fri Sep 4 17:55:08 2009 : Debug: rad_check_password: Found Auth-Type
EAP
Fri Sep 4 17:55:08 2009 : Debug: auth: type "EAP"
Fri Sep 4 17:55:08 2009 : Debug: +- entering group authenticate
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authenticate]: calling eap
(rlm_eap) for request 7
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: Request found, released
from the list
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: EAP/peap
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: processing type peap
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_peap: Authenticate
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_tls: processing TLS
Fri Sep 4 17:55:08 2009 : Debug: eaptls_verify returned 7
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_tls: Done initial handshake
Fri Sep 4 17:55:08 2009 : Debug: eaptls_process returned 7
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_peap: EAPTLS_OK
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_peap: Session established.
Decoding tunneled attributes.
PEAP tunnel data in 0000: 1a 02 09 00 41 31 43 33 8f e4 59 5f b5 eb 07
cc
PEAP tunnel data in 0010: 1e 95 8e b0 07 1b 00 00 00 00 00 00 00 00 16
f5
PEAP tunnel data in 0020: cb 65 81 4f 93 99 c5 6a 94 a4 19 6b e6 8e 8a
b1
PEAP tunnel data in 0030: f4 7f af c7 c1 45 00 6d 66 72 5c 74 65 73 74
63
PEAP tunnel data in 0040: 72 78
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap_peap: EAP type mschapv2
PEAP: Got tunneled EAP-Message
EAP-Message =
0x020900461a020900413143338fe4595fb5eb07cc1e958eb0071b000000000000000016
f5cb65814f9399c56a94a4196be68e8ab1f47fafc7c145006d66725c74657374637278
Fri Sep 4 17:55:08 2009 : Debug: PEAP: Setting User-Name to
DomainAD\UserAD
PEAP: Sending tunneled request
EAP-Message =
0x020900461a020900413143338fe4595fb5eb07cc1e958eb0071b000000000000000016
f5cb65814f9399c56a94a4196be68e8ab1f47fafc7c145006d66725c74657374637278
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "DomainAD\\UserAD"
State = 0xda60b1f7da69abf76e6f8d94d0caf3f2
server inner-tunnel {
Fri Sep 4 17:55:08 2009 : Debug: +- entering group authorize
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling chap
(rlm_chap) for request 7
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
chap (rlm_chap) for request 7
Fri Sep 4 17:55:08 2009 : Debug: ++[chap] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling mschap
(rlm_mschap) for request 7
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
mschap (rlm_mschap) for request 7
Fri Sep 4 17:55:08 2009 : Debug: ++[mschap] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling unix
(rlm_unix) for request 7
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
unix (rlm_unix) for request 7
Fri Sep 4 17:55:08 2009 : Debug: ++[unix] returns notfound
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling suffix
(rlm_realm) for request 7
Fri Sep 4 17:55:08 2009 : Debug: rlm_realm: No '@' in User-Name =
"DomainAD\UserAD", looking up realm NULL
Fri Sep 4 17:55:08 2009 : Debug: rlm_realm: No such realm "NULL"
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
suffix (rlm_realm) for request 7
Fri Sep 4 17:55:08 2009 : Debug: ++[suffix] returns noop
Fri Sep 4 17:55:08 2009 : Debug: ::: FROM 1 TO 0 MAX 1
Fri Sep 4 17:55:08 2009 : Debug: ::: Examining Proxy-To-Realm
Fri Sep 4 17:55:08 2009 : Debug: ::: APPENDING Proxy-To-Realm FROM 0 TO
0
Fri Sep 4 17:55:08 2009 : Debug: ::: TO in 0 out 1
Fri Sep 4 17:55:08 2009 : Debug: ::: to[0] = Proxy-To-Realm
Fri Sep 4 17:55:08 2009 : Debug: ++[control] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling eap
(rlm_eap) for request 7
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: EAP packet type response id
9 length 70
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: No EAP Start, assuming it's
an on-going EAP conversation
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
eap (rlm_eap) for request 7
Fri Sep 4 17:55:08 2009 : Debug: ++[eap] returns updated
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling files
(rlm_files) for request 7
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
files (rlm_files) for request 7
Fri Sep 4 17:55:08 2009 : Debug: ++[files] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling
expiration (rlm_expiration) for request 7
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
expiration (rlm_expiration) for request 7
Fri Sep 4 17:55:08 2009 : Debug: ++[expiration] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling
logintime (rlm_logintime) for request 7
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
logintime (rlm_logintime) for request 7
Fri Sep 4 17:55:08 2009 : Debug: ++[logintime] returns noop
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: calling pap
(rlm_pap) for request 7
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authorize]: returned from
pap (rlm_pap) for request 7
Fri Sep 4 17:55:08 2009 : Debug: ++[pap] returns noop
Fri Sep 4 17:55:08 2009 : Debug: rad_check_password: Found Auth-Type
EAP
Fri Sep 4 17:55:08 2009 : Debug: auth: type "EAP"
Fri Sep 4 17:55:08 2009 : Debug: +- entering group authenticate
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authenticate]: calling eap
(rlm_eap) for request 7
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: Request found, released
from the list
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: EAP/mschapv2
Fri Sep 4 17:55:08 2009 : Debug: rlm_eap: processing type mschapv2
Fri Sep 4 17:55:08 2009 : Debug: +- entering group MS-CHAP
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authenticate]: calling
mschap (rlm_mschap) for request 7
Fri Sep 4 17:55:08 2009 : Debug: rlm_mschap: No Cleartext-Password
configured. Cannot create LM-Password.
Fri Sep 4 17:55:08 2009 : Debug: rlm_mschap: No Cleartext-Password
configured. Cannot create NT-Password.
Fri Sep 4 17:55:08 2009 : Debug: rlm_mschap: Told to do MS-CHAPv2 for
UserAD with NT-Password
Fri Sep 4 17:55:08 2009 : Debug: radius_xlat: Running registered xlat
function of module mschap for string 'User-Name'
Fri Sep 4 17:55:08 2009 : Debug: expand:
--username=%{mschap:User-Name:-None} -> --username=UserAD
Fri Sep 4 17:55:08 2009 : Debug: radius_xlat: Running registered xlat
function of module mschap for string 'NT-Domain'
Fri Sep 4 17:55:08 2009 : Debug: expand:
--domain=%{mschap:NT-Domain:-DomainAD} -> --domain=DomainAD
Fri Sep 4 17:55:08 2009 : Debug: radius_xlat: Running registered xlat
function of module mschap for string 'Challenge'
Fri Sep 4 17:55:08 2009 : Debug: mschap2: 72
Fri Sep 4 17:55:08 2009 : Debug: expand:
--challenge=%{mschap:Challenge:-00} -> --challenge=b69fa6a998567023
Fri Sep 4 17:55:08 2009 : Debug: radius_xlat: Running registered xlat
function of module mschap for string 'NT-Response'
Fri Sep 4 17:55:08 2009 : Debug: expand:
--nt-response=%{mschap:NT-Response:-00} ->
--nt-response=16f5cb65814f9399c56a94a4196be68e8ab1f47fafc7c145
Fri Sep 4 17:55:08 2009 : Debug: Exec-Program output: NT_KEY:
252299AA10CCD0093057A89B2343E52B
Fri Sep 4 17:55:08 2009 : Debug: Exec-Program-Wait: plaintext: NT_KEY:
252299AA10CCD0093057A89B2343E52B
Fri Sep 4 17:55:08 2009 : Debug: Exec-Program: returned: 0
Fri Sep 4 17:55:08 2009 : Debug: rlm_mschap: adding MS-CHAPv2 MPPE keys
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authenticate]: returned
from mschap (rlm_mschap) for request 7
Fri Sep 4 17:55:08 2009 : Debug: ++[mschap] returns ok
Fri Sep 4 17:55:08 2009 : Debug: MSCHAP Success
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authenticate]: returned
from eap (rlm_eap) for request 7
Fri Sep 4 17:55:08 2009 : Debug: ++[eap] returns handled
} # server inner-tunnel
PEAP: Got tunneled reply RADIUS code 11
EAP-Message =
0x010a00331a0309002e533d443542384544443144314143304137374144323737433334
37333436303039423834364438364139
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xda60b1f7db6aabf76e6f8d94d0caf3f2
PEAP: Processing from tunneled session code 0x8de56b0 11
EAP-Message =
0x010a00331a0309002e533d443542384544443144314143304137374144323737433334
37333436303039423834364438364139
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xda60b1f7db6aabf76e6f8d94d0caf3f2
Fri Sep 4 17:55:08 2009 : Debug: PEAP: Got tunneled Access-Challenge
PEAP tunnel data out 0000: 1a 03 09 00 2e 53 3d 44 35 42 38 45 44 44
31 44
PEAP tunnel data out 0010: 31 41 43 30 41 37 37 41 44 32 37 37 43 33
34 37
PEAP tunnel data out 0020: 33 34 36 30 30 39 42 38 34 36 44 38 36 41
39
Fri Sep 4 17:55:08 2009 : Debug: modsingle[authenticate]: returned
from eap (rlm_eap) for request 7
Fri Sep 4 17:55:08 2009 : Debug: ++[eap] returns handled
Sending Access-Challenge of id 2 to 10.98.243.81 port 1645
EAP-Message =
0x010a005b190017030100509b0d6fadad74908faebd3e084986037fb135230eb270cd1e
59fd81a235aac5944cc14e1bf6c1cfb675c78d50fad9ea3978b7610959e7cd839fdabfe3
3cbfd57ce499e504f7f6d7d5330d79ff8bb90d85
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x43424b86444852da8c5bd6231a93e0bc
Fri Sep 4 17:55:08 2009 : Debug: Finished request 7.
Fri Sep 4 17:55:08 2009 : Debug: Going to the next request
Fri Sep 4 17:55:08 2009 : Debug: Waking up in 3.8 seconds.
Fri Sep 4 17:55:12 2009 : Debug: Cleaning up request 0 ID 251 with
timestamp +91
Fri Sep 4 17:55:12 2009 : Debug: Cleaning up request 1 ID 252 with
timestamp +91
Fri Sep 4 17:55:12 2009 : Debug: Cleaning up request 2 ID 253 with
timestamp +91
Fri Sep 4 17:55:12 2009 : Debug: Waking up in 0.5 seconds.
Fri Sep 4 17:55:13 2009 : Debug: Cleaning up request 3 ID 254 with
timestamp +92
Fri Sep 4 17:55:13 2009 : Debug: Cleaning up request 4 ID 255 with
timestamp +92
Fri Sep 4 17:55:13 2009 : Debug: Cleaning up request 5 ID 0 with
timestamp +92
Fri Sep 4 17:55:13 2009 : Debug: Waking up in 0.2 seconds.
Fri Sep 4 17:55:13 2009 : Debug: Cleaning up request 6 ID 1 with
timestamp +92
Fri Sep 4 17:55:13 2009 : Debug: Cleaning up request 7 ID 2 with
timestamp +92
Fri Sep 4 17:55:13 2009 : Debug: Ready to process requests.
=================== End Debug log, no connexion from HP laptop Linux
Client =========
------------------------------
Message: 2
Date: Mon, 07 Sep 2009 13:56:48 +0200
From: Alan DeKok <aland(a)deployingradius.com>
Subject: Re: intel Proset/wireless -> OK // windows zero config
wireless -> KO
To: FreeRadius users mailing list
<freeradius-users(a)lists.freeradius.org>
Message-ID: <4AA4F500.5010408(a)deployingradius.com>
Content-Type: text/plain; charset=UTF-8
Jaulin Bernard wrote:
> After many weeks with no results, It?s time to find help !
If it doesn't work after a day or so, ask for help...
> Freeradius : 3.0.4 (with openssl)
What is version 3.0.4?
> We use MSCHAP V2 with PEAP for Windows and Linux Client, the problem
> is so strange. On HP laptops with Intel Proset wireless or IBM Thinpad
> with Thinkvantage tools the connection was successful.
>
> The same laptop with Windows zero config wireless client or Linux
> (Fedora, Debian) impossible !
>
> No error on log debug, just an authentication silently failed.
Uh... that doesn't happen. Please post the debug log.
Alan DeKok.
2
2
On Mon, Sep 14, 2009 at 7:10 PM, Barbara Picci <barbara.picci(a)sardi.it> wrote:
> search for dynamic-clients
>
I have looked at the dynamic-clients file and also the read previous
post from you regarding this issue.
It seems like I just need to change the
ipaddr = 0.0.0.0
netmask = 0
I am using mysql as backend. Do I need to comment out the non-sql part
(update control)?
Thanks
--
==============================
Registered Linux User #460714
Currently Using Fedora 10, CentOS 5.3
==============================
1
1
I am using
FreeRADIUS.net v1.1.7 on Windows Server 2003,
radius database MySQL 5.0.67 on Fedora 10
The Problem:
I used to get the acctstop time for connected users as '000-00-00 00:00:00'
without the quotes or NULL. I cannot figure out what changed but right now I
cannot see connected users on radacct table. I have strange entries where
the acctstarttime = acctstoptime yet acctsessiontime is greater than zero.
Example:-
---- username ---- acctstarttime
acctstoptime acctsessiontime ----
---- user1 ---- 2009-09-14 13:22:47 2009-09-14 13:22:47
1020 ---
---- user2 ----- 2009-09-14 13:31:01 2009-09-14
13:31:01 511 ---
Can you help me as to what the cause maybe and possbily the solution.
Thank you all
Ngwarai Makotore
2009/9/10 <freeradius-users-request(a)lists.freeradius.org>
> Send Freeradius-Users mailing list submissions to
> freeradius-users(a)lists.freeradius.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.freeradius.org/mailman/listinfo/freeradius-users
> or, via email, send a message with subject or body 'help' to
> freeradius-users-request(a)lists.freeradius.org
>
> You can reach the person managing the list at
> freeradius-users-owner(a)lists.freeradius.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Freeradius-Users digest..."
>
>
> Today's Topics:
>
> 1. Re: Freeradius 1.X.X and LDAP groups. (Ivan Kalik)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Thu, 10 Sep 2009 10:45:43 +0100 (BST)
> From: "Ivan Kalik" <tnt(a)kalik.net>
> Subject: Re: Freeradius 1.X.X and LDAP groups.
> To: "FreeRadius users mailing list"
> <freeradius-users(a)lists.freeradius.org>
> Message-ID:
> <48561.194.176.105.43.1252575943.squirrel(a)webmail.kalik.net>
> Content-Type: text/plain;charset=utf-8
>
> > I am on the same problem ...and I wanna say one thing:
> > DEFAULT LDAP-Group == "it",* Auth-Type = LDAP* ....doesn't work (as it
> > mentioned in etc/radb/modules/ldap file ...That's all!!!
> > freeradiusServer 2.1.6
>
> Yes, just that they are not talking about that version but about ancient
> one where you *do* have to set Auth-Type.
>
> >> >> The scoop is I'm using Freeradius 1.1.3 under RHEL/Centos 5.2
>
> Ivan Kalik
> Kalik Informatika ISP
>
>
>
> ------------------------------
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> End of Freeradius-Users Digest, Vol 53, Issue 42
> ************************************************
>
2
1
Hi,
I am trying to authenticate the clients from AP at one location to the
radius server in different location. I also have one AP locally
connected to the location where the radius resides. For this local AP,
I have set the WAN IP of the NAS in the "nas" database for radius and
its working fine.
For the remote NAS also I am trying the similar setup but request is ignored.
The message is
================
Error: Ignoring request to authentication address * port 1812 from
unknown client 124.217.73.185 port 2050
================
What is the cause of this?
Thanks
--
==============================
Registered Linux User #460714
Currently Using Fedora 10, CentOS 5.3
==============================
3
5
Hello Everyone,
I want to use unlang to trim the Calling-Station-Id coming from the NAS
to only include the MAC address. I know what to do, and how to write
the unlang lines. But, I'm not sure where those lines should go.
At the moment, I put them in my virtual server's "preacct" section, like
so (ugly wrapping):
preacct {
preprocess
if (Calling-Station-Id =~ /(pppoe )([0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f])(.)/) {
update request {
Calling-Station-Id := "%{2}"
}
}
acct_unique
suffix
}
(yes, I could probably optimize the regex)
As far as I can see, this is working. The "callingstationid" field in
the radacct table now only contains the MAC address. Interim accounting
updates appear to be updating the rows properly as well. I don't see
any obvious problems.
Should I be putting the Calling-Station-Id rewriting in other sections
as well? I was thinking perhaps the "authorization" and/or "post-auth"
sections should have it, too.
Thanks in advance.
Regards,
Ranbir
--
Kanwar Ranbir Sandhu
Linux 2.6.27.30-170.2.82.fc10.x86_64 x86_64 GNU/Linux
10:41:48 up 6 days, 21:12, 4 users, load average: 0.81, 0.61, 0.51
2
3
Hi,
What should be the IP/Host of the NAS in nas database if the NAS in
other location in internet and NAS IP is dynamic based on their ISP?
0.0.0.0 ? or do I have to run the service like DynDNS in NAS to
properly identify it by domain name?
Thanks
--
==============================
Registered Linux User #460714
Currently Using Fedora 10, CentOS 5.3
==============================
2
2