rad_recv: Access-Request packet from host 192.168.101.254 port 49154, id=0, length=124
Cleaning up request 81 ID 0 with timestamp +1769
NAS-IP-Address = 192.168.101.254
NAS-Port-Type = Ethernet
NAS-Port = 5
User-Name = "mz254.mtm"
State = 0xe985bf0fef95a607b34238093b97add2
EAP-Message = 0x021000251900170301001a11c6b5cf6d88c21a6758d861aa6d49e3a4686ffa5cb4a4380d20
Message-Authenticator = 0x46f742c7927f46d42c9708a756a03bfd
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No
'@' in User-Name = "mz254.mtm", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 16 length 37
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established. Decoding tunneled attributes.
[peap] Identity - mz254.mtm
[peap] Got tunneled request
EAP-Message = 0x0210000e016d7a3235342e6d746d
server {
PEAP: Got tunneled identity of mz254.mtm
PEAP: Setting default EAP type for tunneled EAP session.
PEAP: Setting User-Name to mz254.mtm
Sending tunneled request
EAP-Message = 0x0210000e016d7a3235342e6d746d
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "mz254.mtm"
server inner-tunnel {
+- entering group authorize {...}
++[chap] returns noop
++[mschap] returns noop
++[unix] returns notfound
[suffix] No
'@' in User-Name = "mz254.mtm", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[control] returns noop
[eap] EAP packet type response id 16 length 14
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type mschapv2
rlm_eap_mschapv2: Issuing Challenge
++[eap] returns handled
} # server inner-tunnel
[peap] Got tunneled reply code 11
EAP-Message = 0x011100231a0111001e10a7a80a0d95340caaef928a607b6afaec6d7a3235342e6d746d
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x0831d1c40820cb8cd5b8829097e99997
[peap] Got tunneled reply RADIUS code 11
EAP-Message = 0x011100231a0111001e10a7a80a0d95340caaef928a607b6afaec6d7a3235342e6d746d
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x0831d1c40820cb8cd5b8829097e99997
[peap] Got tunneled Access-Challenge
++[eap] returns handled
Sending Access-Challenge of id 0 to 192.168.101.254 port 49154
EAP-Message = 0x0111003a1900170301002fe48c43420e254b8de5958f35506d01a8077e703876321c1aac403281cf905c26fe5e4e8d17c412c32d2f6db08d876b
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xe985bf0fee94a607b34238093b97add2
Finished request 82.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 192.168.101.254 port 49154, id=0, length=116
Cleaning up request 82 ID 0 with timestamp +1769
NAS-IP-Address = 192.168.101.254
NAS-Port-Type = Ethernet
NAS-Port = 5
User-Name = "mz254.mtm"
State = 0xe985bf0fee94a607b34238093b97add2
EAP-Message = 0x0211001d19001703010012d4f65388faa55d96da4c39fd25a2781ab64d
Message-Authenticator = 0x0ddd687b9218a2e5cb52ae4e06735fc8
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No
'@' in User-Name = "mz254.mtm", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 17 length 29
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established. Decoding tunneled attributes.
[peap] EAP type nak
[peap] Got tunneled request
EAP-Message = 0x02110006030d
server {
PEAP: Setting User-Name to mz254.mtm
Sending tunneled request
EAP-Message = 0x02110006030d
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "mz254.mtm"
State = 0x0831d1c40820cb8cd5b8829097e99997
server inner-tunnel {
+- entering group authorize {...}
++[chap] returns noop
++[mschap] returns noop
++[unix] returns notfound
[suffix] No
'@' in User-Name = "mz254.mtm", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[control] returns noop
[eap] EAP packet type response id 17 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP NAK
[eap] EAP-NAK asked for EAP-Type/tls
[eap] processing type tls
[tls] Requiring client certificate
[tls] Initiate
[tls] Start returned 1
++[eap] returns handled
} # server inner-tunnel
[peap] Got tunneled reply code 11
EAP-Message = 0x011200060d20
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x0831d1c40923dc8cd5b8829097e99997
[peap] Got tunneled reply RADIUS code 11
EAP-Message = 0x011200060d20
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x0831d1c40923dc8cd5b8829097e99997
[peap] Got tunneled Access-Challenge
++[eap] returns handled
Sending Access-Challenge of id 0 to 192.168.101.254 port 49154
EAP-Message = 0x0112001d19001703010012cae867eb763daa542fc65b9c67ab94c4fe21
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xe985bf0fe197a607b34238093b97add2
Finished request 83.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 192.168.101.254 port 49154, id=0, length=190
Cleaning up request 83 ID 0 with timestamp +1769
NAS-IP-Address = 192.168.101.254
NAS-Port-Type = Ethernet
NAS-Port = 5
User-Name = "mz254.mtm"
State = 0xe985bf0fe197a607b34238093b97add2
EAP-Message = 0x021200671900170301005ce0549b2a1b945c71e5696bd5b46950b5958ac040274a4217e3ff26d685a74594049fea12d4bae4e09c7119bad31cea81699dd953c79b536dd53dfead7281499ace37ff9cdbf342a5c7803673b2f09883b16fabbe5b3ca8fc81e6ac81
Message-Authenticator = 0xe50342f509c7d70a7a40b733653658fd
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No
'@' in User-Name = "mz254.mtm", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 18 length 103
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established. Decoding tunneled attributes.
[peap] EAP type tls
[peap] Got tunneled request
EAP-Message = 0x021200500d800000004616030100410100003d03014dc01a18f6c3d3a9524dc7896df274307ebd918011714be32204ce96e3108ff600001600040005000a000900640062000300060013001200630100
server {
PEAP: Setting User-Name to mz254.mtm
Sending tunneled request
EAP-Message = 0x021200500d800000004616030100410100003d03014dc01a18f6c3d3a9524dc7896df274307ebd918011714be32204ce96e3108ff600001600040005000a000900640062000300060013001200630100
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "mz254.mtm"
State = 0x0831d1c40923dc8cd5b8829097e99997
server inner-tunnel {
+- entering group authorize {...}
++[chap] returns noop
++[mschap] returns noop
++[unix] returns notfound
[suffix] No
'@' in User-Name = "mz254.mtm", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[control] returns noop
[eap] EAP packet type response id 18 length 80
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
TLS Length 70
[tls] Length Included
[tls] eaptls_verify returned 11
[tls] (other): before/accept initialization
[tls] TLS_accept: before/accept initialization
[tls] <<< TLS 1.0 Handshake [length 0041], ClientHello
[tls] TLS_accept: SSLv3 read client hello A
[tls] >>> TLS 1.0 Handshake [length 002a], ServerHello
[tls] TLS_accept: SSLv3 write server hello A
[tls] >>> TLS 1.0 Handshake [length 081a], Certificate
[tls] TLS_accept: SSLv3 write certificate A
[tls] >>> TLS 1.0 Handshake [length 007c], CertificateRequest
[tls] TLS_accept: SSLv3 write certificate request A
[tls] TLS_accept: SSLv3 flush data
[tls] TLS_accept: Need to read more data: SSLv3 read client certificate A
In SSL Handshake Phase
In SSL Accept mode
[tls] eaptls_process returned 13
++[eap] returns handled
} # server inner-tunnel
[peap] Got tunneled reply code 11
EAP-Message = 0x011304000dc0000008cf160301002a0200002603014dc014ba69a4e4904b4864f80ed6cf43eea65370906c43feb609f3234613502000000400160301081a0b0008160008130003ef308203eb308202d3a00302010202010b300d06092a864886f70d0101050500306b310b30090603550406130241523110300e060355040813074d656e646f7a6131183016060355040a130f4d6f6e74656d61722050727565626131133011060355040b130a534c4720507275656261311b3019060355040313124341204d6f6e74656d617220507275656261301e170d3131303432373136333734375a170d3133303432363136333734375a3073310b3009060355
EAP-Message = 0x0406130241523110300e060355040813074d656e646f7a613110300e060355040713074d656e646f7a6131183016060355040a130f4d6f6e74656d61722050727565626131133011060355040b130a534c47205072756562613111300f060355040313086665646f7261303130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6deee09048786218bf3e874398aa662c6f61b9298eddf33d3663a8d85e51b3031a70046ba1c15695976ff4dc78498f6e27f432d6df5c42349a29241a955d07c813a6ef8690ddf16eefb5fa414f3e2ecc29eacf9224660361dd7839431f85106bc5e8f890e236705f4afb860bc7d22fd
EAP-Message = 0x146f9aeffc1404a8f961a297ecca08d38554f3e0ac75940614a7765893f0da2bbd0a4382b76a742d97be8fb014e6c397668877a140bf69537fe526af59194c876b008b5187bb56d5a8b30abbd2d746b029d1b528eb844db590fcb48da7a186c9faf0e691a25b233434e2713afde902236a3393c16b22c756ff1ba0ee75036f8cca897cce5edd7166f6644d5dda79e3ab0203010001a3819130818e30130603551d25040c300a06082b0601050507030130090603551d1304023000302c06096086480186f842010d041f161d4f70656e53534c2047656e657261746564204365727469666963617465301d0603551d0e041604148929112c325ec9491b
EAP-Message = 0xda7461f9df24f3a0d26cc8301f0603551d23041830168014e6a44a4b3671560188d79e38de3e6c523ec2979a300d06092a864886f70d01010505000382010100272aaa1e38409b4ccee282d77457651dae1d93892fea8d4e0d5617e84637870806c313c3fc1c625beb7b4d00276dbfaddaae0ccc8958c968dda5ac507b2b9aa08821fdbe6275f928ca9dfdb36ade702778b65800947aabba3921d7d3fda04d2565cd41835cbc243435bdd012c62d59ee3dfeec2a39a6aef03668620a1657e4617264abbc72073a8a093012f40c61735d118bcf66596df8943f2f7c448d89423fda29e43ed1983cdfe07a2f435a4ff406a716ab22f67ba400f653b2b74b
EAP-Message = 0xacd7d2074a502468df7e7963
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x0831d1c40a22dc8cd5b8829097e99997
[peap] Got tunneled reply RADIUS code 11
EAP-Message = 0x011304000dc0000008cf160301002a0200002603014dc014ba69a4e4904b4864f80ed6cf43eea65370906c43feb609f3234613502000000400160301081a0b0008160008130003ef308203eb308202d3a00302010202010b300d06092a864886f70d0101050500306b310b30090603550406130241523110300e060355040813074d656e646f7a6131183016060355040a130f4d6f6e74656d61722050727565626131133011060355040b130a534c4720507275656261311b3019060355040313124341204d6f6e74656d617220507275656261301e170d3131303432373136333734375a170d3133303432363136333734375a3073310b3009060355
EAP-Message = 0x0406130241523110300e060355040813074d656e646f7a613110300e060355040713074d656e646f7a6131183016060355040a130f4d6f6e74656d61722050727565626131133011060355040b130a534c47205072756562613111300f060355040313086665646f7261303130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6deee09048786218bf3e874398aa662c6f61b9298eddf33d3663a8d85e51b3031a70046ba1c15695976ff4dc78498f6e27f432d6df5c42349a29241a955d07c813a6ef8690ddf16eefb5fa414f3e2ecc29eacf9224660361dd7839431f85106bc5e8f890e236705f4afb860bc7d22fd
EAP-Message = 0x146f9aeffc1404a8f961a297ecca08d38554f3e0ac75940614a7765893f0da2bbd0a4382b76a742d97be8fb014e6c397668877a140bf69537fe526af59194c876b008b5187bb56d5a8b30abbd2d746b029d1b528eb844db590fcb48da7a186c9faf0e691a25b233434e2713afde902236a3393c16b22c756ff1ba0ee75036f8cca897cce5edd7166f6644d5dda79e3ab0203010001a3819130818e30130603551d25040c300a06082b0601050507030130090603551d1304023000302c06096086480186f842010d041f161d4f70656e53534c2047656e657261746564204365727469666963617465301d0603551d0e041604148929112c325ec9491b
EAP-Message = 0xda7461f9df24f3a0d26cc8301f0603551d23041830168014e6a44a4b3671560188d79e38de3e6c523ec2979a300d06092a864886f70d01010505000382010100272aaa1e38409b4ccee282d77457651dae1d93892fea8d4e0d5617e84637870806c313c3fc1c625beb7b4d00276dbfaddaae0ccc8958c968dda5ac507b2b9aa08821fdbe6275f928ca9dfdb36ade702778b65800947aabba3921d7d3fda04d2565cd41835cbc243435bdd012c62d59ee3dfeec2a39a6aef03668620a1657e4617264abbc72073a8a093012f40c61735d118bcf66596df8943f2f7c448d89423fda29e43ed1983cdfe07a2f435a4ff406a716ab22f67ba400f653b2b74b
EAP-Message = 0xacd7d2074a502468df7e7963
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x0831d1c40a22dc8cd5b8829097e99997
[peap] Got tunneled Access-Challenge
++[eap] returns handled
Sending Access-Challenge of id 0 to 192.168.101.254 port 49154
EAP-Message = 0x0113040019c000000411170301040c0a26e6079ff37415887c6e864dbd7b3b93a29852b3a0143f07a8409f3f94620de9084bb6aafda166ef99945d4f51acf414b02543a15a55f60e418d7624b73f431f5fd023c8986bc0a889304bc68a0e333b8d431b0e6a84c06e8b9fdb782e175e03e6c9d8107ae3f4d1df94e2df4b719f67d0406304a53e8041e9ba18cee4c91521c57846e3327b4a2c73f4c787efc359a15d6ed82fa319c0aa724c9c521712231365e20a1e8d4b041494fd0193fd2c015a7091a0fb5ff693a4dfb94ff8c75ad7260300ee2619364f2e0db579a6ce831bb3dd816113b547a79f173c3dc5a01336704d9a63af0e290cd9518c27b682
EAP-Message = 0x71df0c5e2d1e95ef2f49647a42369c8be08448f5c5c8de03eaabfd4db90ca1dfacbd497f191fa1e6799b06dbb3f560fe7ef7e5d8c76581a09c860f9127c1dbfff4286db4af3bb405d3c20d7846828136ef1f164784786cb44933add06fff29457d058b7785683d39e41965ecb1b96ee6fd5d908cc5c62142858b958ad641304b74fd5d272633f7ce4dd61a01383ce6db3e0f80d06b00668a925038cec0c638efadc27f01aa50c4f3d17ef7204da74ddf17096e347f1d4f511895b58ccf7e4d2e7a09de3a36f19e1ff345e9e784620c13f2cdbd0cff512bf77f8c28878b5074c7cbbe43647dc45cbfb681950dc6e9a0502202c044276683359662e6b0ca
EAP-Message = 0x330b19a685b14bddafcc997a81e82534c5a69f2b5c498b01fda904ce743d8c7c523906aed3b76cee8b0fe1bcede93aef85aa0adbc4b6657710f0e7a2a72a285abc13a2d9b5ffb8bc99d28235e1db82373bd8660b015aa504b7a2c0db198b4f8dcd6fc42c73af72854125d18f8cb03ccd96979982db76c4b4752a5aa5f83782e570806d882a3c7d01f633ad8b733650709304ee76a146c75ef2344dc701f974ef882a7939aa0662814637db4798c8d471a9332656dacff4aa05930e2919c50ffc317e094986e557f5247860d227607676a99252b53d08e4364a81f85deb3d9fb7deb93fb1eda64c9fbd1811828eb11e82b3d27d032664d6ca8f5fe818d2
EAP-Message = 0xcdc91b24b32d3cb7941a25a4fe03ff434755f898bb5fa1c1d695c9ddeda1cb008573525bd6b46b134138672c0afde2337d5c282de83ac2c08795319a7fc6e07b92736796bec8749aa4082dfa7cf66f706102c334f6773dd0ca9ebf759f565bafe4c4292261ffedf19bec22aa1eced2d6ed61a6c28b6ef5cdc37ac18a523071d9e9e23475d36cb4cfbe034b72ecccb17b0bfaecd7839b96baba4ba4be20b02eda7ca728d016eaa5e4098bed3bd0c3bfdd9c393170e0c1799062670ca8cda12a904bdfb4974c248d696f577754da2057f9167eaca632bc4e73c79e58db0d69a7ea8ac9a8942aaf6e6a5f086eeb7dbeca84a2cc9d63c5e9fe4d26fd87ecd4
EAP-Message = 0x21fadae229d18ab0506ef141
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xe985bf0fe096a607b34238093b97add2
Finished request 84.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 84 ID 0 with timestamp +1769
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.101.254 port 49154, id=0, length=83
NAS-IP-Address = 192.168.101.254
NAS-Port-Type = Ethernet
NAS-Port = 5
User-Name = "mz254.mtm"
EAP-Message = 0x0214000e016d7a3235342e6d746d
Message-Authenticator = 0x78f7a34500a508c5078c6c93779f7575
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No
'@' in User-Name = "mz254.mtm", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 20 length 14
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type tls
[tls] Requiring client certificate
[tls] Initiate
[tls] Start returned 1
++[eap] returns handled
Sending Access-Challenge of id 0 to 192.168.101.254 port 49154
EAP-Message = 0x011500060d20
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x0ff1a38a0fe4ae700e5cfd450ee7a44f
Finished request 85.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 85 ID 0 with timestamp +1787
Ready to process requests.