Stefan Winter ha scritto:
Hi!
It is incredible! I have just installed SecureW2 and all is ok now! Have you any idea why XP SP2 didn't work? For my user will be more comfortable use XP interface instead install and use SecureW2. A second problema. I have activate accounting but in "radacct" (log file and mysql table) I can't see the IP address of the supplicant client. I see only the nas ip address. There are some parameter to secify to add this feature? Following you can see the AAA log now, thank you very much for your help. Alessandro =~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2006.06.16 11:31:56 =~=~=~=~=~=~=~=~=~=~=~= rad_recv: Access-Request packet from host 149.139.32.61:20005, id=50, length=148 NAS-Port-Id = "2/1" Calling-Station-Id = "00-08-E3-B0-73-46" Called-Station-Id = "00-12-A9-17-08-40:wpa-experimental" Service-Type = Framed-User EAP-Message = 0x0201000d01616e647265756363 User-Name = "andreucc" NAS-Port-Type = Wireless-802.11 NAS-Identifier = "3Com" NAS-IP-Address = 149.139.36.231 Message-Authenticator = 0x2b4afa796d61155f27b6541bc1656620 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 40 modcall[authorize]: module "preprocess" returns ok for request 40 modcall[authorize]: module "chap" returns noop for request 40 modcall[authorize]: module "mschap" returns noop for request 40 rlm_realm: No '@' in User-Name = "andreucc", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 40 rlm_eap: EAP packet type response id 1 length 13 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 40 radius_xlat: 'andreucc' rlm_sql (sql): sql_set_user escaped user --> 'andreucc' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 3 rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id' rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id rlm_sql (sql): Released sql socket id: 3 modcall[authorize]: module "sql" returns ok for request 40 modcall[authorize]: module "files" returns notfound for request 40 modcall: group authorize returns updated for request 40 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 40 rlm_eap: EAP Identity rlm_eap: processing type tls rlm_eap_tls: Initiate rlm_eap_tls: Start returned 1 modcall[authenticate]: module "eap" returns handled for request 40 modcall: group authenticate returns handled for request 40 Sending Access-Challenge of id 50 to 149.139.32.61:20005 Service-Type := Framed-User Tunnel-Type:0 := VLAN Tunnel-Private-Group-Id:0 := "ifac" EAP-Message = 0x010200061920 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xf82c5c85632ef77d01a75cb767b54d0c Finished request 40 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 149.139.32.61:20005, id=51, length=159 NAS-Port-Id = "2/1" Calling-Station-Id = "00-08-E3-B0-73-46" Called-Station-Id = "00-12-A9-17-08-40:wpa-experimental" Service-Type = Framed-User User-Name = "andreucc" State = 0xf82c5c85632ef77d01a75cb767b54d0c EAP-Message = 0x020200060315 NAS-Port-Type = Wireless-802.11 NAS-Identifier = "3Com" NAS-IP-Address = 149.139.36.231 Message-Authenticator = 0x5da6d901e58254e66be7474b0cede914 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 41 modcall[authorize]: module "preprocess" returns ok for request 41 modcall[authorize]: module "chap" returns noop for request 41 modcall[authorize]: module "mschap" returns noop for request 41 rlm_realm: No '@' in User-Name = "andreucc", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 41 rlm_eap: EAP packet type response id 2 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 41 radius_xlat: 'andreucc' rlm_sql (sql): sql_set_user escaped user --> 'andreucc' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 2 rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id' rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id rlm_sql (sql): Released sql socket id: 2 modcall[authorize]: module "sql" returns ok for request 41 modcall[authorize]: module "files" returns notfound for request 41 modcall: group authorize returns updated for request 41 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 41 rlm_eap: Request found, released from the list rlm_eap: EAP NAK rlm_eap: EAP-NAK asked for EAP-Type/ttls rlm_eap: processing type tls rlm_eap_tls: Initiate rlm_eap_tls: Start returned 1 modcall[authenticate]: module "eap" returns handled for request 41 modcall: group authenticate returns handled for request 41 Sending Access-Challenge of id 51 to 149.139.32.61:20005 Service-Type := Framed-User Tunnel-Type:0 := VLAN Tunnel-Private-Group-Id:0 := "ifac" EAP-Message = 0x010300061520 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x6ac64571854b50844471628e06aab242 Finished request 41 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 149.139.32.61:20005, id=52, length=213 NAS-Port-Id = "2/1" Calling-Station-Id = "00-08-E3-B0-73-46" Called-Station-Id = "00-12-A9-17-08-40:wpa-experimental" Service-Type = Framed-User User-Name = "andreucc" State = 0x6ac64571854b50844471628e06aab242 EAP-Message = 0x0203003c158000000032160301002d010000290301fc020900eed96d87875fcf65bebbd2a946effaeb29a6a5407cf4d58dde28dd79000002000a0100 NAS-Port-Type = Wireless-802.11 NAS-Identifier = "3Com" NAS-IP-Address = 149.139.36.231 Message-Authenticator = 0x83c5f67a2d4b53094fc6321a4587300b Processing the authorize section of radiusd.conf modcall: entering group authorize for request 42 modcall[authorize]: module "preprocess" returns ok for request 42 modcall[authorize]: module "chap" returns noop for request 42 modcall[authorize]: module "mschap" returns noop for request 42 rlm_realm: No '@' in User-Name = "andreucc", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 42 rlm_eap: EAP packet type response id 3 length 60 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 42 radius_xlat: 'andreucc' rlm_sql (sql): sql_set_user escaped user --> 'andreucc' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 1 rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id' rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id rlm_sql (sql): Released sql socket id: 1 modcall[authorize]: module "sql" returns ok for request 42 modcall[authorize]: module "files" returns notfound for request 42 modcall: group authorize returns updated for request 42 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 42 rlm_eap: Request found, released from the list rlm_eap: EAP/ttls rlm_eap: processing type ttls rlm_eap_ttls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 (other): before/accept initialization TLS_accept: before/accept initialization rlm_eap_tls: <<< TLS 1.0 Handshake [length 002d], ClientHello TLS_accept: SSLv3 read client hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello TLS_accept: SSLv3 write server hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0694], Certificate TLS_accept: SSLv3 write certificate A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone TLS_accept: SSLv3 write server done A TLS_accept: SSLv3 flush data TLS_accept:error in SSLv3 read client certificate A In SSL Handshake Phase In SSL Accept mode eaptls_process returned 13 modcall[authenticate]: module "eap" returns handled for request 42 modcall: group authenticate returns handled for request 42 Sending Access-Challenge of id 52 to 149.139.32.61:20005 Service-Type := Framed-User Tunnel-Type:0 := VLAN Tunnel-Private-Group-Id:0 := "ifac" EAP-Message = 0x0104040a15c0000006f1160301004a02000046030144927a9ae4869ce6957ded8e328b85eaecc585cbd333a6911c18553e72eecde820683d0de362645f22d761ffff6a36da58ffdf7465b61596764a9ee9cdb77c2255000a0016030106940b00069000068d0002cd308202c930820232a003020102020102300d06092a864886f70d010104050030819f310b30090603550406130243413111300f0603550408130850726f76696e63653112301006035504071309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f6e31123010060355040b13096c6f63616c686f7374311b301906035504031312436c69656e74206365 EAP-Message = 0x7274696669636174653121301f06092a864886f70d0109011612636c69656e74406578616d706c652e636f6d301e170d3034303132353133323631305a170d3035303132343133323631305a30819b310b30090603550406130243413111300f0603550408130850726f76696e63653112301006035504071309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f6e31123010060355040b13096c6f63616c686f73743119301706035504031310526f6f74206365727469666963617465311f301d06092a864886f70d0109011610726f6f74406578616d706c652e636f6d30819f300d06092a864886f70d010101050003 EAP-Message = 0x818d0030818902818100dac525422bfedb082629a2cba44b3449c90d0ab462fb72c8434a782098863d7eb7d7e70028c2b7ad555a51cc756cf4fa1d7091615ab450d5289553ae6616aff014a55085d6b8fb4aee98638e426175cdd36c665c63cda177d34920eb30585edc8773999c2980f81ad4638bbbea1c82d054023db7ef24a3ec1c3f6241a903d7f30203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d0101040500038181007a2d921b1cf13bf2982a9178ec9ede6d88edc178a2e8bd40a0a06fb6f0769957884cd7084537083496fd184165293f583c8e8240eb68e042c94b15752e4c07e80d09 EAP-Message = 0x779afa3dd55c24fa54ac292d77205d1c2477ed30d59f57caf9bd21ff2a8d16cc0911c50e4f295763fcb60efa3c3d2d0e43850f6e6fbe284902f6e83503650003ba308203b63082031fa003020102020100300d06092a864886f70d010104050030819f310b30090603550406130243413111300f0603550408130850726f76696e63653112301006035504071309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f6e31123010060355040b13096c6f63616c686f7374311b301906035504031312436c69656e742063657274696669636174653121301f06092a864886f70d0109011612636c69656e74406578616d706c EAP-Message = 0x652e636f6d301e170d3034303132353133323630375a Message-Authenticator = 0x00000000000000000000000000000000 State = 0xf3b9cd219d3052e9bbb8061ac6c584f9 Finished request 42 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 149.139.32.61:20005, id=53, length=159 NAS-Port-Id = "2/1" Calling-Station-Id = "00-08-E3-B0-73-46" Called-Station-Id = "00-12-A9-17-08-40:wpa-experimental" Service-Type = Framed-User User-Name = "andreucc" State = 0xf3b9cd219d3052e9bbb8061ac6c584f9 EAP-Message = 0x020400061500 NAS-Port-Type = Wireless-802.11 NAS-Identifier = "3Com" NAS-IP-Address = 149.139.36.231 Message-Authenticator = 0xc259d68f8b77337487c5dc11c62c70a3 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 43 modcall[authorize]: module "preprocess" returns ok for request 43 modcall[authorize]: module "chap" returns noop for request 43 modcall[authorize]: module "mschap" returns noop for request 43 rlm_realm: No '@' in User-Name = "andreucc", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 43 rlm_eap: EAP packet type response id 4 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 43 radius_xlat: 'andreucc' rlm_sql (sql): sql_set_user escaped user --> 'andreucc' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 0 rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id' rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id rlm_sql (sql): Released sql socket id: 0 modcall[authorize]: module "sql" returns ok for request 43 modcall[authorize]: module "files" returns notfound for request 43 modcall: group authorize returns updated for request 43 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 43 rlm_eap: Request found, released from the list rlm_eap: EAP/ttls rlm_eap: processing type ttls rlm_eap_ttls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: ack handshake fragment handler eaptls_verify returned 1 eaptls_process returned 13 modcall[authenticate]: module "eap" returns handled for request 43 modcall: group authenticate returns handled for request 43 Sending Access-Challenge of id 53 to 149.139.32.61:20005 Service-Type := Framed-User Tunnel-Type:0 := VLAN Tunnel-Private-Group-Id:0 := "ifac" EAP-Message = 0x010502fb1580000006f1170d3036303132343133323630375a30819f310b30090603550406130243413111300f0603550408130850726f76696e63653112301006035504071309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f6e31123010060355040b13096c6f63616c686f7374311b301906035504031312436c69656e742063657274696669636174653121301f06092a864886f70d0109011612636c69656e74406578616d706c652e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100d4c5b19724f164acf1ffb189db1c8fbff4f14396ea7cb1e90f78d69451725377895dfe52cc EAP-Message = 0xb99b41e80ddeb58b127a943f4f58cbc562878192fbdc6fece9f871e7c130d35cf5188817e9b133249edd2a1c75d31043ae87553cec7a77ef26aa7d74281db9b77e17c6446c5dd9b188b43250ca0229963722a123a726b00b4027fd0203010001a381ff3081fc301d0603551d0e0416041468d36d3e1ee7bc9d5a057021c363da1365d1ade33081cc0603551d230481c43081c1801468d36d3e1ee7bc9d5a057021c363da1365d1ade3a181a5a481a230819f310b30090603550406130243413111300f0603550408130850726f76696e63653112301006035504071309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f6e EAP-Message = 0x31123010060355040b13096c6f63616c686f7374311b301906035504031312436c69656e742063657274696669636174653121301f06092a864886f70d0109011612636c69656e74406578616d706c652e636f6d820100300c0603551d13040530030101ff300d06092a864886f70d01010405000381810033c00b66b1e579ef73a06798252dab8d5e5511fc00fd276d80d12f834777c6743fdc2743fca1507704e4bc0979e4f60ac3ad9ee83e6f347369229d1f77229ba2e982359da563024a00163dba6d6c986c0bad28af85132ff8f0d76501bf1b7c2dff658ce1e62c01997b6e64e3e8d4373354ce9912847651539063b85bbc5485c51603010004 EAP-Message = 0x0e000000 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xae863cadd3c45a1c9b375f1fcd3b4c9c Finished request 43 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 149.139.32.61:20005, id=54, length=353 NAS-Port-Id = "2/1" Calling-Station-Id = "00-08-E3-B0-73-46" Called-Station-Id = "00-12-A9-17-08-40:wpa-experimental" Service-Type = Framed-User User-Name = "andreucc" State = 0xae863cadd3c45a1c9b375f1fcd3b4c9c EAP-Message = 0x020500c81580000000be16030100861000008200806e4c406596b4f70fd4c45e6560758938a71fb729e106b49689d0d08d5b730f3abc1e464422109e3721fdc238bc7de4e40f43ddad203860447798360e7dfe21a57eb461ffcc87785db4f495d18eb28bb636a37b07b46ffc95c91bcda2f5e17c82f8f27b2ea1972b8abf47ae2fa26b7df0f0b3fa43165a3393ca5ee8240495e8ce1403010001011603010028d471bb3ed5ee049d4dbd994e0e9abdad765aa85434b821ddb8abf3ba1c2f9efc5dbf6778274aa3d1 NAS-Port-Type = Wireless-802.11 NAS-Identifier = "3Com" NAS-IP-Address = 149.139.36.231 Message-Authenticator = 0xfe57d7755364df869cc84e2463ebe71d Processing the authorize section of radiusd.conf modcall: entering group authorize for request 44 modcall[authorize]: module "preprocess" returns ok for request 44 modcall[authorize]: module "chap" returns noop for request 44 modcall[authorize]: module "mschap" returns noop for request 44 rlm_realm: No '@' in User-Name = "andreucc", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 44 rlm_eap: EAP packet type response id 5 length 200 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 44 radius_xlat: 'andreucc' rlm_sql (sql): sql_set_user escaped user --> 'andreucc' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 4 rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id' rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id rlm_sql (sql): Released sql socket id: 4 modcall[authorize]: module "sql" returns ok for request 44 modcall[authorize]: module "files" returns notfound for request 44 modcall: group authorize returns updated for request 44 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 44 rlm_eap: Request found, released from the list rlm_eap: EAP/ttls rlm_eap: processing type ttls rlm_eap_ttls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange TLS_accept: SSLv3 read client key exchange A rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001] rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished TLS_accept: SSLv3 read finished A rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001] TLS_accept: SSLv3 write change cipher spec A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished TLS_accept: SSLv3 write finished A TLS_accept: SSLv3 flush data (other): SSL negotiation finished successfully SSL Connection Established eaptls_process returned 13 modcall[authenticate]: module "eap" returns handled for request 44 modcall: group authenticate returns handled for request 44 Sending Access-Challenge of id 54 to 149.139.32.61:20005 Service-Type := Framed-User Tunnel-Type:0 := VLAN Tunnel-Private-Group-Id:0 := "ifac" EAP-Message = 0x0106003d1580000000331403010001011603010028ec2e3c3141e36f760792d396bf52c5400292fbbbf074fef5a9c0a4f193e6eb3fda9d23dfdffb3d4f Message-Authenticator = 0x00000000000000000000000000000000 State = 0xf5313c197f9b6b2f6255325aecf98621 Finished request 44 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 149.139.32.61:20005, id=55, length=240 NAS-Port-Id = "2/1" Calling-Station-Id = "00-08-E3-B0-73-46" Called-Station-Id = "00-12-A9-17-08-40:wpa-experimental" Service-Type = Framed-User User-Name = "andreucc" State = 0xf5313c197f9b6b2f6255325aecf98621 EAP-Message = 0x0206005715800000004d1703010048378795a078485cf6d11be71e2fa85c479c4ecb83edf7f245be7c8fc57473d6e97d9ef1a8af1c6a2972499277b9b98584f0262a37d42a2518d45c9ebf488398ef43a2f8c18ab91ddd NAS-Port-Type = Wireless-802.11 NAS-Identifier = "3Com" NAS-IP-Address = 149.139.36.231 Message-Authenticator = 0x9ed901d68235d7ebcb0e263bbdab7021 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 45 modcall[authorize]: module "preprocess" returns ok for request 45 modcall[authorize]: module "chap" returns noop for request 45 modcall[authorize]: module "mschap" returns noop for request 45 rlm_realm: No '@' in User-Name = "andreucc", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 45 rlm_eap: EAP packet type response id 6 length 87 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 45 radius_xlat: 'andreucc' rlm_sql (sql): sql_set_user escaped user --> 'andreucc' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 3 rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id' rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id rlm_sql (sql): Released sql socket id: 3 modcall[authorize]: module "sql" returns ok for request 45 modcall[authorize]: module "files" returns notfound for request 45 modcall: group authorize returns updated for request 45 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 45 rlm_eap: Request found, released from the list rlm_eap: EAP/ttls rlm_eap: processing type ttls rlm_eap_ttls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 eaptls_process returned 7 rlm_eap_ttls: Session established. Proceeding to decode tunneled attributes. TTLS: Got tunneled request EAP-Message = 0x0200000d01616e647265756363 Message-Authenticator = 0x00000000000000000000000000000000 FreeRADIUS-Proxied-To = 127.0.0.1 TTLS: Got tunneled identity of andreucc TTLS: Setting default EAP type for tunneled EAP session. TTLS: Sending tunneled request EAP-Message = 0x0200000d01616e647265756363 Message-Authenticator = 0x00000000000000000000000000000000 FreeRADIUS-Proxied-To = 127.0.0.1 User-Name = "andreucc" NAS-Port-Id = "2/1" Calling-Station-Id = "00-08-E3-B0-73-46" Called-Station-Id = "00-12-A9-17-08-40:wpa-experimental" Service-Type = Framed-User NAS-Port-Type = Wireless-802.11 NAS-Identifier = "3Com" NAS-IP-Address = 149.139.36.231 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 45 modcall[authorize]: module "preprocess" returns ok for request 45 modcall[authorize]: module "chap" returns noop for request 45 modcall[authorize]: module "mschap" returns noop for request 45 rlm_realm: No '@' in User-Name = "andreucc", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 45 rlm_eap: EAP packet type response id 0 length 13 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 45 radius_xlat: 'andreucc' rlm_sql (sql): sql_set_user escaped user --> 'andreucc' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 2 rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id' rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id rlm_sql (sql): Released sql socket id: 2 modcall[authorize]: module "sql" returns ok for request 45 modcall[authorize]: module "files" returns notfound for request 45 modcall: group authorize returns updated for request 45 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 45 rlm_eap: EAP Identity rlm_eap: processing type md5 rlm_eap_md5: Issuing Challenge modcall[authenticate]: module "eap" returns handled for request 45 modcall: group authenticate returns handled for request 45 TTLS: Got tunneled reply RADIUS code 11 Service-Type := Framed-User Tunnel-Type:0 := VLAN Tunnel-Private-Group-Id:0 := "ifac" EAP-Message = 0x010100160410d794d1f9227864299706437598f3f1a9 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xed756e8a67ee45432bfbf8f7b70edabb TTLS: Got tunneled Access-Challenge modcall[authenticate]: module "eap" returns handled for request 45 modcall: group authenticate returns handled for request 45 Sending Access-Challenge of id 55 to 149.139.32.61:20005 Service-Type := Framed-User Tunnel-Type:0 := VLAN Tunnel-Private-Group-Id:0 := "ifac" EAP-Message = 0x0107006415800000005a17030100180e7350b38814fbd5d284fc2516fab92a08b7e4bdc77d15121703010038bc63d6cafb8e918683d2833406c12e909853d4adab6f100d735539bbd40a30fa834ae8e5fe8705c5b2ab31c17343cc7da8570099674f929e Message-Authenticator = 0x00000000000000000000000000000000 State = 0xa7c64ea508dd3faaf6c04d57b12e3b58 Finished request 45 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 149.139.32.61:20005, id=56, length=232 NAS-Port-Id = "2/1" Calling-Station-Id = "00-08-E3-B0-73-46" Called-Station-Id = "00-12-A9-17-08-40:wpa-experimental" Service-Type = Framed-User User-Name = "andreucc" State = 0xa7c64ea508dd3faaf6c04d57b12e3b58 EAP-Message = 0x0207004f1580000000451703010040de2ea6888cbed92c95d01e061f4bf4ea7d8a615d41bd69870d24635662ce65aa479f1914307d05f608da9319f144855ee99ab67e14869d5b5217698ad53cb2fe NAS-Port-Type = Wireless-802.11 NAS-Identifier = "3Com" NAS-IP-Address = 149.139.36.231 Message-Authenticator = 0xa67089fa201286c426f4c889ed5379c6 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 46 modcall[authorize]: module "preprocess" returns ok for request 46 modcall[authorize]: module "chap" returns noop for request 46 modcall[authorize]: module "mschap" returns noop for request 46 rlm_realm: No '@' in User-Name = "andreucc", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 46 rlm_eap: EAP packet type response id 7 length 79 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 46 radius_xlat: 'andreucc' rlm_sql (sql): sql_set_user escaped user --> 'andreucc' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 1 rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id' rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id rlm_sql (sql): Released sql socket id: 1 modcall[authorize]: module "sql" returns ok for request 46 modcall[authorize]: module "files" returns notfound for request 46 modcall: group authorize returns updated for request 46 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 46 rlm_eap: Request found, released from the list rlm_eap: EAP/ttls rlm_eap: processing type ttls rlm_eap_ttls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 eaptls_process returned 7 rlm_eap_ttls: Session established. Proceeding to decode tunneled attributes. TTLS: Got tunneled request EAP-Message = 0x02010006031a Message-Authenticator = 0x00000000000000000000000000000000 FreeRADIUS-Proxied-To = 127.0.0.1 TTLS: Adding old state with ed 75 TTLS: Sending tunneled request EAP-Message = 0x02010006031a Message-Authenticator = 0x00000000000000000000000000000000 FreeRADIUS-Proxied-To = 127.0.0.1 User-Name = "andreucc" State = 0xed756e8a67ee45432bfbf8f7b70edabb NAS-Port-Id = "2/1" Calling-Station-Id = "00-08-E3-B0-73-46" Called-Station-Id = "00-12-A9-17-08-40:wpa-experimental" Service-Type = Framed-User NAS-Port-Type = Wireless-802.11 NAS-Identifier = "3Com" NAS-IP-Address = 149.139.36.231 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 46 modcall[authorize]: module "preprocess" returns ok for request 46 modcall[authorize]: module "chap" returns noop for request 46 modcall[authorize]: module "mschap" returns noop for request 46 rlm_realm: No '@' in User-Name = "andreucc", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 46 rlm_eap: EAP packet type response id 1 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 46 radius_xlat: 'andreucc' rlm_sql (sql): sql_set_user escaped user --> 'andreucc' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 0 rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id' rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id rlm_sql (sql): Released sql socket id: 0 modcall[authorize]: module "sql" returns ok for request 46 modcall[authorize]: module "files" returns notfound for request 46 modcall: group authorize returns updated for request 46 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 46 rlm_eap: Request found, released from the list rlm_eap: EAP NAK rlm_eap: EAP-NAK asked for EAP-Type/mschapv2 rlm_eap: processing type mschapv2 rlm_eap_mschapv2: Issuing Challenge modcall[authenticate]: module "eap" returns handled for request 46 modcall: group authenticate returns handled for request 46 TTLS: Got tunneled reply RADIUS code 11 Service-Type := Framed-User Tunnel-Type:0 := VLAN Tunnel-Private-Group-Id:0 := "ifac" EAP-Message = 0x010200221a0102001d100672f896d50b3676aa3970d3f62bb805616e647265756363 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x813684ca3299995136a2c8ba1a5becc0 TTLS: Got tunneled Access-Challenge modcall[authenticate]: module "eap" returns handled for request 46 modcall: group authenticate returns handled for request 46 Sending Access-Challenge of id 56 to 149.139.32.61:20005 Service-Type := Framed-User Tunnel-Type:0 := VLAN Tunnel-Private-Group-Id:0 := "ifac" EAP-Message = 0x0108007415800000006a1703010018c7489bc21a04b28bff5feb3a488e6e0d54ecade4ba290db617030100484198f9c1ccfc361cdca2523272a6702629ddeb3668a467479474fbd81458c1986a574be8dce4071995e34a3a97384e8acf9c2843fbea39db279779cbb256a512d586335dc30ffa4c Message-Authenticator = 0x00000000000000000000000000000000 State = 0xe98ef96def4d0229110801d949be80e0 Finished request 46 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 149.139.32.61:20005, id=57, length=296 NAS-Port-Id = "2/1" Calling-Station-Id = "00-08-E3-B0-73-46" Called-Station-Id = "00-12-A9-17-08-40:wpa-experimental" Service-Type = Framed-User User-Name = "andreucc" State = 0xe98ef96def4d0229110801d949be80e0 EAP-Message = 0x0208008f1580000000851703010080e21fbe3a570fb59d88896fac19226037768af965ee0098e915d76140250e03f8637097b9cb5cbbb1fe4ce5728a4c5a2b554b435dcf513bf21e3fbf9e360a9c326111a60c329340d294983f84c05673f4c0741500b70f635f9b61386d34fdf28bd7115f13c3ef8b15887dc12b707b431bee1c71cac7ce9efecb364fa3acba8675 NAS-Port-Type = Wireless-802.11 NAS-Identifier = "3Com" NAS-IP-Address = 149.139.36.231 Message-Authenticator = 0x22ea7c929a3b9ed4d2ebb34589d46e14 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 47 modcall[authorize]: module "preprocess" returns ok for request 47 modcall[authorize]: module "chap" returns noop for request 47 modcall[authorize]: module "mschap" returns noop for request 47 rlm_realm: No '@' in User-Name = "andreucc", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 47 rlm_eap: EAP packet type response id 8 length 143 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 47 radius_xlat: 'andreucc' rlm_sql (sql): sql_set_user escaped user --> 'andreucc' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 4 rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id' rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id rlm_sql (sql): Released sql socket id: 4 modcall[authorize]: module "sql" returns ok for request 47 modcall[authorize]: module "files" returns notfound for request 47 modcall: group authorize returns updated for request 47 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 47 rlm_eap: Request found, released from the list rlm_eap: EAP/ttls rlm_eap: processing type ttls rlm_eap_ttls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 eaptls_process returned 7 rlm_eap_ttls: Session established. Proceeding to decode tunneled attributes. TTLS: Got tunneled request EAP-Message = 0x020200431a0202003e313c9bdaf99b4c49f82fbebb8edddc2eb10000000000000000da3347b81ee40f1622b070dd183cb960042eac7eef5e5ffa00616e647265756363 Message-Authenticator = 0x00000000000000000000000000000000 FreeRADIUS-Proxied-To = 127.0.0.1 TTLS: Adding old state with 81 36 TTLS: Sending tunneled request EAP-Message = 0x020200431a0202003e313c9bdaf99b4c49f82fbebb8edddc2eb10000000000000000da3347b81ee40f1622b070dd183cb960042eac7eef5e5ffa00616e647265756363 Message-Authenticator = 0x00000000000000000000000000000000 FreeRADIUS-Proxied-To = 127.0.0.1 User-Name = "andreucc" State = 0x813684ca3299995136a2c8ba1a5becc0 NAS-Port-Id = "2/1" Calling-Station-Id = "00-08-E3-B0-73-46" Called-Station-Id = "00-12-A9-17-08-40:wpa-experimental" Service-Type = Framed-User NAS-Port-Type = Wireless-802.11 NAS-Identifier = "3Com" NAS-IP-Address = 149.139.36.231 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 47 modcall[authorize]: module "preprocess" returns ok for request 47 modcall[authorize]: module "chap" returns noop for request 47 modcall[authorize]: module "mschap" returns noop for request 47 rlm_realm: No '@' in User-Name = "andreucc", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 47 rlm_eap: EAP packet type response id 2 length 67 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 47 radius_xlat: 'andreucc' rlm_sql (sql): sql_set_user escaped user --> 'andreucc' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 3 rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id' rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id rlm_sql (sql): Released sql socket id: 3 modcall[authorize]: module "sql" returns ok for request 47 modcall[authorize]: module "files" returns notfound for request 47 modcall: group authorize returns updated for request 47 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 47 rlm_eap: Request found, released from the list rlm_eap: EAP/mschapv2 rlm_eap: processing type mschapv2 Processing the authenticate section of radiusd.conf modcall: entering group Auth-Type for request 47 rlm_mschap: Told to do MS-CHAPv2 for andreucc with NT-Password modcall[authenticate]: module "mschap" returns ok for request 47 modcall: group Auth-Type returns ok for request 47 MSCHAP Success modcall[authenticate]: module "eap" returns handled for request 47 modcall: group authenticate returns handled for request 47 TTLS: Got tunneled reply RADIUS code 11 Service-Type := Framed-User Tunnel-Type:0 := VLAN Tunnel-Private-Group-Id:0 := "ifac" MS-CHAP2-Success = 0x02533d30333538303936453541464133433742454343314434443646413244454230413042314432363539 EAP-Message = 0x010300331a0302002e533d30333538303936453541464133433742454343314434443646413244454230413042314432363539 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x0379a708ac4071c773ba2c4a3a7e0acb TTLS: Got tunneled Access-Challenge modcall[authenticate]: module "eap" returns handled for request 47 modcall: group authenticate returns handled for request 47 Sending Access-Challenge of id 57 to 149.139.32.61:20005 Service-Type := Framed-User Tunnel-Type:0 := VLAN Tunnel-Private-Group-Id:0 := "ifac" EAP-Message = 0x0109008415800000007a1703010018bb10ca992933491bc84400fb744de89f8bf75831495aaef9170301005840990f60a90497a690a696fc359dd2c2fd12f77846eb29f70957a52fb6448a6a6e24f079c515f0ab7a31890435309e3b63ea26e3077347413b17fd76583434d61404064824c09045e7ccd5f16d94c1788a75845d00f702d3 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x3590a2833c47e7febedaf889ab3edb56 Finished request 47 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 149.139.32.61:20005, id=58, length=232 NAS-Port-Id = "2/1" Calling-Station-Id = "00-08-E3-B0-73-46" Called-Station-Id = "00-12-A9-17-08-40:wpa-experimental" Service-Type = Framed-User User-Name = "andreucc" State = 0x3590a2833c47e7febedaf889ab3edb56 EAP-Message = 0x0209004f1580000000451703010040248cde5e7df4ef59acc9941fc00aeea59913d10c35ae5e1bac74db13e538d0a46c48c0c867318bc3f0dc70b9bd3e3fcc5b76df73744b1c0fc9a0a22f30b905bf NAS-Port-Type = Wireless-802.11 NAS-Identifier = "3Com" NAS-IP-Address = 149.139.36.231 Message-Authenticator = 0xc1e1400a7bcc245266196c8875764baf Processing the authorize section of radiusd.conf modcall: entering group authorize for request 48 modcall[authorize]: module "preprocess" returns ok for request 48 modcall[authorize]: module "chap" returns noop for request 48 modcall[authorize]: module "mschap" returns noop for request 48 rlm_realm: No '@' in User-Name = "andreucc", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 48 rlm_eap: EAP packet type response id 9 length 79 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 48 radius_xlat: 'andreucc' rlm_sql (sql): sql_set_user escaped user --> 'andreucc' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 2 rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id' rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id rlm_sql (sql): Released sql socket id: 2 modcall[authorize]: module "sql" returns ok for request 48 modcall[authorize]: module "files" returns notfound for request 48 modcall: group authorize returns updated for request 48 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 48 rlm_eap: Request found, released from the list rlm_eap: EAP/ttls rlm_eap: processing type ttls rlm_eap_ttls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 eaptls_process returned 7 rlm_eap_ttls: Session established. Proceeding to decode tunneled attributes. TTLS: Got tunneled request EAP-Message = 0x020300061a03 Message-Authenticator = 0x00000000000000000000000000000000 FreeRADIUS-Proxied-To = 127.0.0.1 TTLS: Adding old state with 03 79 TTLS: Sending tunneled request EAP-Message = 0x020300061a03 Message-Authenticator = 0x00000000000000000000000000000000 FreeRADIUS-Proxied-To = 127.0.0.1 User-Name = "andreucc" State = 0x0379a708ac4071c773ba2c4a3a7e0acb NAS-Port-Id = "2/1" Calling-Station-Id = "00-08-E3-B0-73-46" Called-Station-Id = "00-12-A9-17-08-40:wpa-experimental" Service-Type = Framed-User NAS-Port-Type = Wireless-802.11 NAS-Identifier = "3Com" NAS-IP-Address = 149.139.36.231 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 48 modcall[authorize]: module "preprocess" returns ok for request 48 modcall[authorize]: module "chap" returns noop for request 48 modcall[authorize]: module "mschap" returns noop for request 48 rlm_realm: No '@' in User-Name = "andreucc", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 48 rlm_eap: EAP packet type response id 3 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 48 radius_xlat: 'andreucc' rlm_sql (sql): sql_set_user escaped user --> 'andreucc' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 1 rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id' rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'andreucc' ORDER BY id radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'andreucc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id rlm_sql (sql): Released sql socket id: 1 modcall[authorize]: module "sql" returns ok for request 48 modcall[authorize]: module "files" returns notfound for request 48 modcall: group authorize returns updated for request 48 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 48 rlm_eap: Request found, released from the list rlm_eap: EAP/mschapv2 rlm_eap: processing type mschapv2 rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns ok for request 48 modcall: group authenticate returns ok for request 48 Login OK: [andreucc/<no User-Password attribute>] (from client localhost port 0 cli 00-08-E3-B0-73-46) TTLS: Got tunneled reply RADIUS code 2 Service-Type := Framed-User Tunnel-Type:0 := VLAN Tunnel-Private-Group-Id:0 := "ifac" EAP-Message = 0x03030004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = "andreucc" TTLS: Got tunneled Access-Accept rlm_eap: Freeing handler TTLS: Freeing handler for user andreucc modcall[authenticate]: module "eap" returns ok for request 48 modcall: group authenticate returns ok for request 48 Login OK: [andreucc/<no User-Password attribute>] (from client Wx1200-B1D port 0 cli 00-08-E3-B0-73-46) Sending Access-Accept of id 58 to 149.139.32.61:20005 Service-Type := Framed-User Tunnel-Type:0 := VLAN Tunnel-Private-Group-Id:0 := "ifac" MS-MPPE-Recv-Key = 0xd90f9cadd44b9f21dd38c0e810d97dd9f215b83a237cda44a4411895864d760a MS-MPPE-Send-Key = 0xfab59357d9dbc3e653e189305e27d50b47ce321c5a06836d263b35c57674f93a EAP-Message = 0x03090004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = "andreucc" Finished request 48 Going to the next request Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 40 ID 50 with timestamp 44927a9a Cleaning up request 41 ID 51 with timestamp 44927a9a Cleaning up request 42 ID 52 with timestamp 44927a9a Cleaning up request 43 ID 53 with timestamp 44927a9a Cleaning up request 44 ID 54 with timestamp 44927a9a Cleaning up request 45 ID 55 with timestamp 44927a9a Cleaning up request 46 ID 56 with timestamp 44927a9a Cleaning up request 47 ID 57 with timestamp 44927a9a Cleaning up request 48 ID 58 with timestamp 44927a9a Nothing to do. Sleeping until we see a request.