Hi,

For some reason I cannot get Stripped-User-Name attribute to get populated when using nostrip for a realm. Is this normal behaviour or am I missing something?

I need the User-Name attribute unchanged for EAP but it gets stripped as expected when nostrip is unset.

(Sorry about the banner :/)


# radiusd -X
FreeRADIUS Version 2.1.12, for host x86_64-redhat-linux-gnu, built on Oct  3 2012 at 01:22:51
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /etc/raddb/radiusd.conf
including configuration file /etc/raddb/proxy.conf
including configuration file /etc/r! addb/clients.conf
including files in directory /etc/raddb/modules/
including configuration file /etc/raddb/modules/dynamic_clients
including configuration file /etc/raddb/modules/mschap-dist
including configuration file /etc/raddb/modules/opendirectory
including configuration file /etc/raddb/modules/detail.example.com
including configuration file /etc/raddb/modules/files
including configuration file /etc/raddb/modules/sradutmp
including configuration file /etc/raddb/modules/cui
including configuration file /etc/raddb/modules/inner-eap
including configuration file /etc/raddb/modules/ntlm_auth
including configuration file /etc/raddb/modules/detail
including configuration file /etc/raddb/modules/counter
including configuration file /etc/raddb/modules/mac2ip
including configuration file /etc/raddb/modules/unix
including configuration file /etc/raddb/modules/ldap
including configuration file /etc/raddb/modules/expr
including con! figuration file /etc/raddb/modules/soh
including configuration file /etc/raddb/modules/smbpasswd
including configuration file /etc/raddb/modules/linelog
including configuration file /etc/raddb/modules/detail.log
including configuration file /etc/raddb/modules/perl
including configuration file /etc/raddb/modules/mschap
including configuration file /etc/raddb/modules/sqlcounter_expire_on_login
including configuration file /etc/raddb/modules/exec
including configuration file /etc/raddb/modules/always
including configuration file /etc/raddb/modules/rediswho
including configuration file /etc/raddb/modules/radutmp
including configuration file /etc/raddb/modules/acct_unique
including configuration file /etc/raddb/modules/attr_filter
including configuration file /etc/raddb/modules/ntlm_auth-innra.umsja.is
including configuration file /etc/raddb/modules/pam
including configuration file /etc/raddb/modules/ippool
including configuration file /etc/raddb/modules/preprocess
including configuration file /etc! /raddb/modules/redis
including configuration file /etc/raddb/modules/attr_rewrite
including configuration file /etc/raddb/modules/ldap-innra.umsja.is
including configuration file /etc/raddb/modules/etc_group
including configuration file /etc/raddb/modules/chap
including configuration file /etc/raddb/modules/sql_log
including configuration file /etc/raddb/modules/expiration
including configuration file /etc/raddb/modules/mschap-innra.umsja.is
including configuration file /etc/raddb/modules/realm
including configuration file /etc/raddb/modules/krb5
including configuration file /etc/raddb/modules/wimax
including configuration file /etc/raddb/modules/checkval
including configuration file /etc/raddb/modules/mac2vlan
including configuration file /etc/raddb/modules/otp
including configuration file /etc/raddb/modules/echo
including configuration file /etc/raddb/modules/pap
including configuration file /etc/raddb/modules/ldap-dist
i! ncluding configuration file /etc/raddb/modules/smsotp
including con figuration file /etc/raddb/modules/policy
including configuration file /etc/raddb/modules/digest
including configuration file /etc/raddb/modules/logintime
including configuration file /etc/raddb/modules/passwd
including configuration file /etc/raddb/modules/replicate
including configuration file /etc/raddb/eap.conf
including configuration file /etc/raddb/sql.conf
including configuration file /etc/raddb/sql/mysql/dialup.conf
including configuration file /etc/raddb/sqlippool.conf
including configuration file /etc/raddb/sql/mysql/ippool.conf
including configuration file /etc/raddb/policy.conf
including files in directory /etc/raddb/sites-enabled/
including configuration file /etc/raddb/sites-enabled/control-socket
including configuration file /etc/raddb/sites-enabled/innra.umsja.is
including configuration file /etc/raddb/sites-enabled/default
including configuration file /etc/raddb/sites-enabled/inner-tunnel
main {
  !       user = "radiusd"
        group = "radiusd"
        allow_core_dumps = no
}
including dictionary file /etc/raddb/dictionary
main {
        name = "radiusd"
        prefix = "/usr"
        localstatedir = "/var"
        sbindir = "/usr/sbin"
        logdir = "/var/log/radius"
        run_dir = "/var/run/radiusd"
        libdir = "/usr/lib64/freeradius"
        radacctdir = "/var/log/radius/radacct"
        hostname_lookups = no
        max_request_time = 30
     ! ;   cleanup_delay = 5
       ;  max_requests = 1024
        pidfile = "/var/run/radiusd/radiusd.pid"
        checkrad = "/usr/sbin/checkrad"
        debug_level = 0
        proxy_requests = yes
 log {
        stripped_names = no
        auth = no
        auth_badpass = no
        auth_goodpass = no
 }
 security {
        max_attributes = 200
        reject_delay = 1
        status_server = yes
 }
}
radiusd: #### Loading Realms and Home Servers ####
 proxy server {
        retry_delay = 5
  &nb! sp;     retry_count = 3
        default_fallback = no
        dead_time = 120
        wake_all_if_all_dead = no
 }
 home_server innra.umsja.is-hsrv {
        virtual_server = "innra.umsja.is-srv"
        port = 0
        response_window = 30
        max_outstanding = 65536
        zombie_period = 40
        status_check = "none"
        ping_interval = 30
        check_interval = 30
        num_answers_to_alive = 3
        num_pings_to_alive = 3
 ! ;       revive_interval = 300
 & nbsp;      status_check_timeout = 4
 }
 home_server localhost {
        ipaddr = 127.0.0.1
        port = 1812
        type = "auth"
        secret = "testing123"
        response_window = 20
        max_outstanding = 65536
        require_message_authenticator = yes
        zombie_period = 40
        status_check = "status-server"
        ping_interval = 30
        check_interval = 30
        num_answers_to_alive = 3
        num_pings_to_alive = 3        revive_interval = 120
        status_check_timeout = 4
  coa {
        irt = 2
        mrt = 16
        mrc = 5
        mrd = 30
  }
 }
 realm innra.umsja.is {
        virtual_server = innra.umsja.is-hsrv
 }
 realm umsja {
        nostrip
        virtual_server = innra.umsja.is-hsrv
 }
 realm bolungarvik.is {
        virtual_server = innra.umsja.is-hsrv
 }
 realm LOCAL {
 }
radiusd: #### Loading Clients ####
 client 127.0.0.1 {
        require_message_authenti! cator = no
        secret = "pro fun222"
        shortname = "localhost"
        nastype = "other"
 }
radiusd: #### Instantiating modules ####
 instantiate {
 Module: Linked to module rlm_exec
 Module: Instantiating module "exec" from file /etc/raddb/modules/exec
  exec {
        wait = no
        input_pairs = "request"
        shell_escape = yes
  }
 Module: Linked to module rlm_expr
 Module: Instantiating module "expr" from file /etc/raddb/modules/expr
 Module: Linked to module rlm_expiration
 Module: Instantiating module "expiration" from file /etc/raddb/modules/expiration
  expiration {
        reply-message = "Password Has Expired  "
  }
 Module: Linked to module rlm_! logintime
 Module: Instantiating module "logintime" from file /etc/raddb/modules/logintime
  logintime {
        reply-message = "You are calling outside your allowed timespan  "
        minimum-timeout = 60
  }
 }
radiusd: #### Loading Virtual Servers ####
server { # from file /etc/raddb/radiusd.conf
 modules {
  Module: Creating Auth-Type = digest
  Module: Creating Post-Auth-Type = REJECT
 Module: Checking authenticate {...} for more modules to load
 Module: Linked to module rlm_pap
 Module: Instantiating module "pap" from file /etc/raddb/modules/pap
  pap {
        encryption_scheme = "auto"
        auto_header = no
  }
 Module: Linked to module rlm_chap
 Module: Instantiating module "chap" from file! /etc/raddb/modules/chap
 Module: Linked to module rlm_mschap< br> Module: Instantiating module "mschap" from file /etc/raddb/modules/mschap-dist
  mschap {
        use_mppe = yes
        require_encryption = no
        require_strong = no
        with_ntdomain_hack = no
        allow_retry = yes
  }
 Module: Linked to module rlm_digest
 Module: Instantiating module "digest" from file /etc/raddb/modules/digest
 Module: Linked to module rlm_unix
 Module: Instantiating module "unix" from file /etc/raddb/modules/unix
  unix {
        radwtmp = "/var/log/radius/radwtmp"
  }
 Module: Linked to module rlm_eap
 Module: Instantiating module "eap" from file /etc/raddb/eap.conf
  eap {
        ! default_eap_type = "md5"
        timer_expire = 60
        ignore_unknown_eap_types = no
        cisco_accounting_username_bug = no
        max_sessions = 4096
  }
 Module: Linked to sub-module rlm_eap_md5
 Module: Instantiating eap-md5
 Module: Linked to sub-module rlm_eap_leap
 Module: Instantiating eap-leap
 Module: Linked to sub-module rlm_eap_gtc
 Module: Instantiating eap-gtc
   gtc {
        challenge = "Password: "
        auth_type = "PAP"
   }
 Module: Linked to sub-module rlm_eap_tls
 Module: Instantiating eap-tls
   tls {
        rsa_key_exchange = no
      &n! bsp; dh_key_exchange = yes
      &nbs p; rsa_key_length = 512
        dh_key_length = 512
        verify_depth = 0
        CA_path = "/etc/raddb/certs"
        pem_file_type = yes
        private_key_file = "/etc/raddb/certs/server.pem"
        certificate_file = "/etc/raddb/certs/server.pem"
        CA_file = "/etc/raddb/certs/ca.pem"
        private_key_password = "whatever"
        dh_file = "/etc/raddb/certs/dh"
        random_file = "/etc/raddb/certs/random"
        fragment_size = 1024
        include_length = yes
       ! check_crl = no
        cipher_list = "DEFAULT"
    cache {
        enable = no
        lifetime = 24
        max_entries = 255
    }
    verify {
    }
    ocsp {
        enable = no
        override_cert_url = yes
        url = "http://127.0.0.1/ocsp/"
    }
   }
 Module: Linked to sub-module rlm_eap_ttls
 Module: Instantiating eap-ttls
   ttls {
        default_eap_type = "md5"
        copy_request_to_tunnel = no
        use_tunneled_reply = no
&nb! sp;       virtual_server = "inner-tunnel "
        include_length = yes
   }
 Module: Linked to sub-module rlm_eap_peap
 Module: Instantiating eap-peap
   peap {
        default_eap_type = "mschapv2"
        copy_request_to_tunnel = no
        use_tunneled_reply = no
        proxy_tunneled_request_as_eap = yes
        virtual_server = "inner-tunnel"
        soh = no
   }
 Module: Linked to sub-module rlm_eap_mschapv2
 Module: Instantiating eap-mschapv2
   mschapv2 {
        with_ntdomain_hack = no
        send_error = no
   }
 Module: Checking authorize {...} for more modules ! to load
 Module: Linked to module rlm_preprocess
 Module: Instantiating module "preprocess" from file /etc/raddb/modules/preprocess
  preprocess {
        huntgroups = "/etc/raddb/huntgroups"
        hints = "/etc/raddb/hints"
        with_ascend_hack = no
        ascend_channels_per_line = 23
        with_ntdomain_hack = no
        with_specialix_jetstream_hack = no
        with_cisco_vsa_hack = no
        with_alvarion_vsa_hack = no
  }
 Module: Linked to module rlm_realm
 Module: Instantiating module "suffix" from file /etc/raddb/modules/realm
  realm suffix {
        format = "su! ffix"
        delimiter = "@"
        ignore_default = no
        ignore_null = yes
  }
 Module: Instantiating module "ntdomain" from file /etc/raddb/modules/realm
  realm ntdomain {
        format = "prefix"
        delimiter = "\"
        ignore_default = no
        ignore_null = no
  }
 Module: Linked to module rlm_files
 Module: Instantiating module "files" from file /etc/raddb/modules/files
  files {
        usersfile = "/etc/raddb/users"
        acctusersfile = "/etc/raddb/acct_users"
        preproxy_usersfile = "/etc/raddb/preproxy_users"
        compat = "no"
  ! }
 Module: Linked to module rlm_sql
 Module: Instantiating module "sql" from file /etc/raddb/sql.conf
  sql {
        driver = "rlm_sql_mysql"
        server = "localhost"
        port = ""
        login = "freeradius"
        password = "xw5lblNn03ny405i4c1I"
        radius_db = "radius"
        read_groups = yes
        sqltrace = no
        sqltracefile = "/var/log/radius/sqltrace.sql"
        readclients = no
        deletestalesessions = yes
        num_sql_socks = 5
    &nbs! p;   lifetime = 0
      &nb sp; max_queries = 0
        sql_user_name = "%{User-Name}"
        default_user_profile = ""
        nas_query = "SELECT id, nasname, shortname, type, secret, server FROM nas"
        authorize_check_query = "SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id"
        authorize_reply_query = "SELECT id, username, attribute, value, op           FROM radreply           WHERE username = '%{SQL-User-Name}'           ! ORDER BY id"
        authorize_group_check_query = "SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id"
        authorize_group_reply_query = "SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id"
        accounting_onoff_query = "         ! ; UPDATE radacct            SET              acctstoptime       =  '%S',              acctsessiontime    =  unix_timestamp('%S') -                                    unix_timestamp(acctstarttime),              acctterminatecause =  '%{Acct-Terminate-Cause}',              acctstopdelay      =  %{%{Acct-Delay-Time}:-0}           WHERE acctstoptime IS NULL           AND nasipaddress&nb! sp;     =  '%{NAS-IP-Address}'           AND acctstarttime     <= '%S'"
        accounting_update_query = "           UPDATE radacct           SET              framedipaddress = '%{Framed-IP-Address}',              acctsessiontime     = '%{Acct-Session-Time}',              acctinputoctets     = '%{%{Acct-Input-Gigawords}:-0}'  << 32 |                            &n! bsp;       '%{%{Acct-Input-Octets}:-0}',               acctoutputoctets    = '%{%{Acct-Output-Gigawords}:-0}' << 32 |                                    '%{%{Acct-Output-Octets}:-0}'           WHERE acctsessionid = '%{Acct-Session-Id}'           AND username        = '%{SQL-User-Name}'           AND nasipaddress    = '%{NAS-IP-Address}'"
        accounting_update_query_alt = "           INSERT INTO radacct            ! (acctsessionid,    acctuniqueid,      username,              realm,            nasipaddress,      nasportid,              nasporttype,      acctstarttime,     acctsessiontime,              acctauthentic,    connectinfo_start, acctinputoctets,              acctoutputoctets, calledstationid,   callingstationid,              servicetype,      framedprotocol,    framedipaddress,         &! nbsp;    acctstartdelay,   xascendsessionsvrk ey)           VALUES             ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',              '%{SQL-User-Name}',              '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',              '%{NAS-Port-Type}',              DATE_SUB('%S',                       INTERVAL (%{%{Acct-Session-Time}:-0} +                                 %{%{Acct-Delay-T! ime}:-0}) SECOND),                       '%{Acct-Session-Time}',              '%{Acct-Authentic}', '',              '%{%{Acct-Input-Gigawords}:-0}' << 32 |              '%{%{Acct-Input-Octets}:-0}',              '%{%{Acct-Output-Gigawords}:-0}' << 32 |              '%{%{Acct-Output-Octets}:-0}',              '%{Called-Station-Id}', '%{Calling-Station-Id}',              '%{Service-Type}', '%{Framed-Protocol}'! ,           &nb sp;  '%{Framed-IP-Address}',              '0', '%{X-Ascend-Session-Svr-Key}')"
        accounting_start_query = "           INSERT INTO radacct             (acctsessionid,    acctuniqueid,     username,              realm,            nasipaddress,     nasportid,              nasporttype,      acctstarttime,    acctstoptime,              acctsessiontime,  acctauthentic,    connectinfo_start,  &! nbsp;           connectinfo_stop, acctinputoctets,  acctoutputoctets,              calledstationid,  callingstationid, acctterminatecause,              servicetype,      framedprotocol,   framedipaddress,              acctstartdelay,   acctstopdelay,    xascendsessionsvrkey)           VALUES             ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',              '%{SQL-User-Name}',              '%{Realm}', '%{NAS-IP-Address}! ', '%{NAS-Port}',          ;     '%{NAS-Port-Type}', '%S', NULL,              '0', '%{Acct-Authentic}', '%{Connect-Info}',              '', '0', '0',              '%{Called-Station-Id}', '%{Calling-Station-Id}', '',              '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}',              '%{%{Acct-Delay-Time}:-0}', '0', '%{X-Ascend-Session-Svr-Key}')"
        accounting_start_query_alt = "           UPDATE radacct SET              acctstarttime     = '%S',   &n! bsp;          acctstartdelay    = '%{%{Acct-Delay-Time}:-0}',              connectinfo_start = '%{Connect-Info}'           WHERE acctsessionid  = '%{Acct-Session-Id}'           AND username         = '%{SQL-User-Name}'           AND nasipaddress     = '%{NAS-IP-Address}'"
        accounting_stop_query = "           UPDATE radacct SET              acctstoptime       = '%S',              acctsession! time    = '%{Acct-Session-Time}',   &nbs p;          acctinputoctets    = '%{%{Acct-Input-Gigawords}:-0}' << 32 |                                   '%{%{Acct-Input-Octets}:-0}',              acctoutputoctets   = '%{%{Acct-Output-Gigawords}:-0}' << 32 |                                   '%{%{Acct-Output-Octets}:-0}',              acctterminatecause = '%{Acct-Terminate-Cause}',              acctstopdelay &n! bsp;    = '%{%{Acct-Delay-Time}:-0}',              connectinfo_stop   = '%{Connect-Info}'           WHERE acctsessionid   = '%{Acct-Session-Id}'           AND username          = '%{SQL-User-Name}'           AND nasipaddress      = '%{NAS-IP-Address}'"
        accounting_stop_query_alt = "           INSERT INTO radacct             (acctsessionid, acctuniqueid, username,              realm, nasipaddress, nasportid,      &n! bsp;       nasporttype, acctstarttime, a cctstoptime,              acctsessiontime, acctauthentic, connectinfo_start,              connectinfo_stop, acctinputoctets, acctoutputoctets,              calledstationid, callingstationid, acctterminatecause,              servicetype, framedprotocol, framedipaddress,              acctstartdelay, acctstopdelay)           VALUES             ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',              '%{SQL-User-Name}',          &n! bsp;   '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',              '%{NAS-Port-Type}',              DATE_SUB('%S',                  INTERVAL (%{%{Acct-Session-Time}:-0} +                  %{%{Acct-Delay-Time}:-0}) SECOND),              '%S', '%{Acct-Session-Time}', '%{Acct-Authentic}', '',              '%{Connect-Info}',              '%{%{Acct-Input-Gigawords}:-0}' << 32 |              '%{%{Acct-Input-Octets! }:-0}',          &nb sp;   '%{%{Acct-Output-Gigawords}:-0}' << 32 |              '%{%{Acct-Output-Octets}:-0}',              '%{Called-Station-Id}', '%{Calling-Station-Id}',              '%{Acct-Terminate-Cause}',              '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}',              '0', '%{%{Acct-Delay-Time}:-0}')"
        group_membership_query = "SELECT groupname           FROM radusergroup           WHERE username = '%{SQL-User-Name}'           ORDER B! Y priority"
        connect_failure_retry_delay = 60
        simul_count_query = ""
        simul_verify_query = "SELECT radacctid, acctsessionid, username,                                nasipaddress, nasportid, framedipaddress,                                callingstationid, framedprotocol                                FROM radacct            !            &nbs p;        WHERE username = '%{SQL-User-Name}'                                AND acctstoptime IS NULL"
        postauth_query = "INSERT INTO radpostauth                           (username, pass, reply, authdate)                           VALUES (                           '%{User-Name}',             &nbs! p;             '%{%{User-Password}:-%{Chap-Password}}',                           '%{reply:Packet-Type}', '%S')"
        safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
  }
rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
rlm_sql (sql): Attempting to connect to freeradius@localhost:/radius
rlm_sql (sql): starting 0
rlm_sql (sql): Attempting to connect rlm_sql_mysql #0
rlm_sql_mysql: Starting connect to MySQL server for #0
rlm_sql (sql): Connected new DB handle, #0
rlm_sql (sql): starting 1
rlm_sql (sql): Attempting to connect rlm_sql_mysql #1
rlm_sql_mysql: Starting connect to MySQL server for #1
rlm_sql (sql): Connected new DB handle, #1
rl! m_sql (sql): starting 2
rlm_sql (sql): Attempting to connect rlm_sq l_mysql #2
rlm_sql_mysql: Starting connect to MySQL server for #2
rlm_sql (sql): Connected new DB handle, #2
rlm_sql (sql): starting 3
rlm_sql (sql): Attempting to connect rlm_sql_mysql #3
rlm_sql_mysql: Starting connect to MySQL server for #3
rlm_sql (sql): Connected new DB handle, #3
rlm_sql (sql): starting 4
rlm_sql (sql): Attempting to connect rlm_sql_mysql #4
rlm_sql_mysql: Starting connect to MySQL server for #4
rlm_sql (sql): Connected new DB handle, #4
 Module: Checking preacct {...} for more modules to load
 Module: Linked to module rlm_acct_unique
 Module: Instantiating module "acct_unique" from file /etc/raddb/modules/acct_unique
  acct_unique {
        key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
  }
 Module: Checking accounting {...} for more modules to load
 Module: Linked to module rlm_detail
 Mo! dule: Instantiating module "detail" from file /etc/raddb/modules/detail
  detail {
        detailfile = "/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d"
        header = "%t"
        detailperm = 384
        dirperm = 493
        locking = no
        log_packet_header = no
  }
 Module: Linked to module rlm_radutmp
 Module: Instantiating module "radutmp" from file /etc/raddb/modules/radutmp
  radutmp {
        filename = "/var/log/radius/radutmp"
        username = "%{User-Name}"
        case_sensitive = yes
        ! check_with_nas = yes
        per m = 384
        callerid = yes
  }
 Module: Linked to module rlm_attr_filter
 Module: Instantiating module "attr_filter.accounting_response" from file /etc/raddb/modules/attr_filter
  attr_filter attr_filter.accounting_response {
        attrsfile = "/etc/raddb/attrs.accounting_response"
        key = "%{User-Name}"
        relaxed = no
  }
 Module: Checking session {...} for more modules to load
 Module: Checking post-proxy {...} for more modules to load
 Module: Checking post-auth {...} for more modules to load
 Module: Instantiating module "attr_filter.access_reject" from file /etc/raddb/modules/attr_filter
  attr_filter attr_filter.access_reject {
        attrsfile = "/etc/raddb/attrs.access_reject"
&nb! sp;       key = "%{User-Name}"
        relaxed = no
  }
 } # modules
} # server
server innra.umsja.is-srv { # from file /etc/raddb/sites-enabled/innra.umsja.is
 modules {
  Module: Creating Auth-Type = LDAP
  Module: Creating Auth-Type = ntlm_auth
 Module: Checking authenticate {...} for more modules to load
 Module: Linked to module rlm_ldap
 Module: Instantiating module "ldap-innra.umsja.is" from file /etc/raddb/modules/ldap-innra.umsja.is
  ldap ldap-innra.umsja.is {
        server = "innra.umsja.is"
        port = 389
        password = "L3sV1rku5krana."
        identity = "sa.ldapFreeRadius@innra.umsja.is"
        net_timeout = 1
 !        timeout = 4
         timelimit = 3
        tls_mode = no
        start_tls = no
        tls_require_cert = "allow"
   tls {
        start_tls = no
        require_cert = "allow"
   }
        basedn = "DC=innra,DC=umsja,DC=is"
        filter = "(sAMAccountName=%{%{Stripped-User-Name}:-%{User-Name}})"
        base_filter = "(objectClass=user)"
        auto_header = no
        access_attr_used_for_allow = yes
        chase_referrals = yes
        rebind = yes
      &nb! sp; groupname_attribute = "cn"
        groupmembership_filter = "(|(&(objectClass=group)(member:1.2.840.113556.1.4.1941:=%{Ldap-UserDn}))(&(objectClass=user)(uniquemember=%{Ldap-UserDn})))"
        groupmembership_attribute = "memberOf"
        dictionary_mapping = "/etc/raddb/ldap.attrmap"
        ldap_debug = 0
        ldap_connections_number = 5
        compare_check_items = no
        do_xlat = yes
        set_auth_type = yes
   keepalive {
        idle = 60
        probes = 3
        interval = 3
   }
  }
rlm_ldap:! Registering ldap_groupcmp for Ldap-Group
rlm_ldap: Creating new at tribute ldap-innra.umsja.is-Ldap-Group
rlm_ldap: Registering ldap_groupcmp for ldap-innra.umsja.is-Ldap-Group
rlm_ldap: Registering ldap_xlat with xlat_name ldap-innra.umsja.is
rlm_ldap: reading ldap<->radius mappings from file /etc/raddb/ldap.attrmap
rlm_ldap: LDAP radiusCheckItem mapped to RADIUS $GENERIC$
rlm_ldap: LDAP radiusReplyItem mapped to RADIUS $GENERIC$
rlm_ldap: LDAP lmPassword mapped to RADIUS LM-Password
rlm_ldap: LDAP ntPassword mapped to RADIUS NT-Password
rlm_ldap: LDAP extensionAttribute10 mapped to RADIUS Jira-Key
rlm_ldap: LDAP msRADIUSFramedRoute mapped to RADIUS Framed-Route
rlm_ldap: LDAP extensionAttribute13 mapped to RADIUS Framed-IP-Address
conns: 0x7f45bf8f1e10
 Module: Instantiating module "mschap-innra.umsja.is" from file /etc/raddb/modules/mschap-innra.umsja.is
  mschap mschap-innra.umsja.is {
        use_mppe = yes
     &nbs! p;  require_encryption = no
        require_strong = no
        with_ntdomain_hack = no
        ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --domain=innra.umsja.is --username=%{%{Stripped-User-Name}:-%{%{User-Name}:-None}} --challenge=%{%{mschap:Challenge}:-00} --nt-response=%{%{mschap:NT-Response}:-00}"
        allow_retry = yes
  }
 Module: Instantiating module "ntlm_auth-innra.umsja.is" from file /etc/raddb/modules/ntlm_auth-innra.umsja.is
  exec ntlm_auth-innra.umsja.is {
        wait = yes
        program = "/usr/bin/ntlm_auth --request-nt-key --domain=innra.umsja.is --username=%{mschap:User-Name} --password=%{User-Password}"
        input_pairs = "request"
  &n! bsp;     shell_escape = yes
  }
 M odule: Checking authorize {...} for more modules to load
 Module: Linked to module rlm_always
 Module: Instantiating module "reject" from file /etc/raddb/modules/always
  always reject {
        rcode = "reject"
        simulcount = 0
        mpp = no
  }
 Module: Checking accounting {...} for more modules to load
 Module: Linked to module rlm_sqlippool
 Module: Instantiating module "sqlippool" from file /etc/raddb/sqlippool.conf
  sqlippool {
        sql-instance-name = "sql"
        lease-duration = 3600
        pool-name = ""
        allocate-begin = "START TRANSACTION"
        allocate-clear = "UPDATE radippoo! l   SET nasipaddress = '', pool_key = 0,   callingstationid = '', username = '',   expiry_time = NULL   WHERE expiry_time <= NOW() - INTERVAL 1 SECOND   AND nasipaddress = '%{Nas-IP-Address}'"
        allocate-find = "SELECT framedipaddress FROM radippool  WHERE pool_name = '%{control:Pool-Name}' AND (expiry_time < NOW() OR expiry_time IS NULL)  ORDER BY (username <> '%{User-Name}'),  (callingstationid <> '%{Calling-Station-Id}'),  expiry_time  LIMIT 1  FOR UPDATE"
        allocate-update = "UPDATE radippool  SET nasipaddress = '%{NAS-IP-Address}', pool_key = '%{NAS-Port}',  callingstationid = '%{Calling-Station-Id}', username = '%{User-Name}',  expiry_time = NOW() + INTERVAL 3600 SECOND  WHERE framedipaddress = '%I' AND expiry_time IS NULL"
      &nb! sp; allocate-commit = "COMMIT"
         allocate-rollback = "ROLLBACK"
        pool-check = "SELECT id FROM radippool  WHERE pool_name='%{control:Pool-Name}' LIMIT 1"
        start-begin = "START TRANSACTION"
        start-update = "UPDATE radippool  SET expiry_time = NOW() + INTERVAL 3600 SECOND  WHERE nasipaddress = '%{NAS-IP-Address}' AND  pool_key = '%{NAS-Port}'  AND username = '%{User-Name}'  AND callingstationid = '%{Calling-Station-Id}'  AND framedipaddress = '%{Framed-IP-Address}'"
        start-commit = "COMMIT"
        start-rollback = "ROLLBACK"
        alive-begin = "START TRANSACTION"
        alive-update = "UPDATE radippool  SET expiry_time = NOW() + INTERVAL 3600 SECOND  WHERE nasipaddr! ess = '%{Nas-IP-Address}' AND pool_key = '%{NAS-Port}'  AND username = '%{User-Name}'  AND callingstationid = '%{Calling-Station-Id}'  AND framedipaddress = '%{Framed-IP-Address}'"
        alive-commit = "COMMIT"
        alive-rollback = "ROLLBACK"
        stop-begin = "START TRANSACTION"
        stop-clear = "UPDATE radippool  SET nasipaddress = '', pool_key = 0, callingstationid = '', username = '',  expiry_time = NULL  WHERE nasipaddress = '%{Nas-IP-Address}' AND pool_key = '%{NAS-Port}'  AND username = '%{User-Name}'  AND callingstationid = '%{Calling-Station-Id}'  AND framedipaddress = '%{Framed-IP-Address}'"
        stop-commit = "COMMIT"
        stop-rollback = "ROLLBACK"
    !     on-begin = "START TRANSACTION"
    ;     on-clear = "UPDATE radippool  SET nasipaddress = '', pool_key = 0, callingstationid = '', username = '',  expiry_time = NULL  WHERE nasipaddress = '%{Nas-IP-Address}'"
        on-commit = "COMMIT"
        on-rollback = "ROLLBACK"
        off-begin = "START TRANSACTION"
        off-clear = "UPDATE radippool  SET nasipaddress = '', pool_key = 0, callingstationid = '', username = '',  expiry_time = NULL  WHERE nasipaddress = '%{Nas-IP-Address}'"
        off-commit = "COMMIT"
        off-rollback = "ROLLBACK"
        sqlippool_log_exists = "Existing IP: %{reply:Framed-IP-Address}   (did %{Called-Station-Id} cli %{Calling-Station-Id} port %{NAS-Port} use! r %{User-Name})"
        sqlippool_log_success = "Allocated IP: %{reply:Framed-IP-Address} from %{control:Pool-Name}   (did %{Called-Station-Id} cli %{Calling-Station-Id} port %{NAS-Port} user %{User-Name})"
        sqlippool_log_clear = "Released IP %{Framed-IP-Address} (did %{Called-Station-Id} cli %{Calling-Station-Id} user %{User-Name})"
        sqlippool_log_failed = "IP Allocation FAILED from %{control:Pool-Name}   (did %{Called-Station-Id} cli %{Calling-Station-Id} port %{NAS-Port} user %{User-Name})"
        sqlippool_log_nopool = "No Pool-Name defined   (did %{Called-Station-Id} cli %{Calling-Station-Id} port %{NAS-Port} user %{User-Name})"
        defaultpool = "main_pool"
  }
 Module: Checking post-auth {...} for more modules to lo! ad
 } # modules
} # server
server inner-tunnel { # from file /etc/raddb/sites-enabled/inner-tunnel
 modules {
 Module: Checking authenticate {...} for more modules to load
 Module: Checking authorize {...} for more modules to load
 Module: Checking session {...} for more modules to load
 Module: Checking post-proxy {...} for more modules to load
 Module: Checking post-auth {...} for more modules to load
 } # modules
} # server
radiusd: #### Opening IP addresses and Ports ####
listen {
        type = "auth"
        ipaddr = *
        port = 0
        clients = "nyherji_clients"
  client 172.31.0.40 {
        require_message_authenticator = no
        secret = "MMj0qKYzpw"
        shortname = "vpnko! pbr01"
        nastype = "cisco"
  }
  client 10.255.0.99 {
        require_message_authenticator = no
        secret = "MfaDmvfUGUKLZ27gIN8h"
        shortname = "vpnkopbr02"
        nastype = "cisco"
  }
  client 217.28.182.248 {
        require_message_authenticator = no
        secret = "MfaDmvfUGUKLZ27gIN8h"
        shortname = "vpnkopbr02"
        nastype = "cisco"
  }
  client 127.0.0.1 {
        require_message_authenticator = no
        secret = "profun222"
        short! name = "localhost"
        nasty pe = "other"
  }
  client 172.31.0.18 {
        require_message_authenticator = no
        secret = "lns-siminn"
        shortname = "WMRB37BR05"
        nastype = "cisco"
  }
  client 10.41.255.67 {
        require_message_authenticator = no
        secret = "Pn$FrOW4O,LzI(wgw50="
        shortname = "NYHB37WL01"
        nastype = "cisco"
  }
}
listen {
        type = "acct"
        ipaddr = *
        port = 0
        clients = "nyherji_clients"
}
listen {
  &nbs! p;     type = "control"
 listen {
        socket = "/var/run/radiusd/radiusd.sock"
 }
}
listen {
        type = "auth"
        ipaddr = 127.0.0.1
        port = 18120
}
 ... adding new socket proxy address * port 56971
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on command file /var/run/radiusd/radiusd.sock
Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel
Listening on proxy address * port 1814
Ready to process requests.






















rad_recv: Access-Request packet from host 10.255.0.99 port 1645, id=113, length=122
        User-Name = "nyherji.is"
&nb! sp;       User-Password = "cisco"
&nb sp;       Calling-Station-Id = "217.28.191.33"
        NAS-Port-Type = Virtual
        NAS-Port-Type = Virtual
        Service-Type = Outbound-User
        NAS-IP-Address = 10.255.0.99
        Acct-Session-Id = "0000CC1A"
        NAS-Identifier = "VPNKOPBR02.nyherji.is"
# Executing section authorize from file /etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
        expand: %{Stripped-User-Name} ->
++[expand] returns noop
[suffix] No '@' in User-Name = "nyherji.is", skipping NULL due to config.
++[suffix] returns noop
[ntdomain] No '\' in U! ser-Name = "nyherji.is", looking up realm NULL
[ntdomain] No such realm "NULL"
++[ntdomain] returns noop
        expand: %{Stripped-User-Name} ->
++[expand] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[files] users: Matched entry nyherji.is at line 5
++[files] returns ok
[sql]   expand: %{User-Name} -> nyherji.is
[sql] sql_set_user escaped user --> 'nyherji.is'
rlm_sql (sql): Reserving sql socket id: 4
[sql]   expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck     &nbs! p;     WHERE username = 'nyherji.is'  &n bsp;        ORDER BY id
[sql]   expand: SELECT groupname           FROM radusergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM radusergroup           WHERE username = 'nyherji.is'           ORDER BY priority
rlm_sql (sql): Released sql socket id: 4
[sql] User nyherji.is not found
++[sql] returns notfound
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns updated
Found Auth-Type = PAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group PAP {...}
[pap] login attempt with password "cisco"
! [pap] Using clear text password "cisco"
[pap] User authenticated successfully
++[pap] returns ok
# Executing section post-auth from file /etc/raddb/sites-enabled/default
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 113 to 10.255.0.99 port 1645
        Tunnel-Type:0 = ESP
        Tunnel-Private-Group-Id:0 = "nyherji.is"
        Tunnel-Password:0 = "kdjr#4k3#kjr"
        Cisco-AVPair += "ipsec:key-exchange=ike"
        Cisco-AVPair += "ipsec:key-exchange=preshared-key"
        Service-Type = Framed-User
        Framed-Protocol = PPP
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 0 ID 113 with timestamp ! +5
Ready to process requests.
rad_recv: Access-Request packet fr om host 10.255.0.99 port 1645, id=114, length=213
        User-Name = "umsja\\test.juliusbess"
        Calling-Station-Id = "217.28.191.33"
        MS-CHAP-Challenge = 0x46e46acdc5c7c0ab3e41c0b6e5a5f361
        MS-CHAP2-Response = 0x0100f4080e92afe58e4e9af6d281db4fe4490000000000000000c9867a29ce8ca48b0ca255d634fe7cb9f1b4ad9795edc642
        NAS-Port-Type = Virtual
        NAS-Port = 2
        NAS-Port-Id = "217.28.182.248"
        Service-Type = Login-User
        NAS-IP-Address = 10.255.0.99
        Acct-Session-Id = "0000CC1B"
        NAS-Identifier = "VPNKOPBR02.! nyherji.is"
# Executing section authorize from file /etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
[mschap] Found MS-CHAP attributes.  Setting 'Auth-Type  = mschap'
++[mschap] returns ok
++[digest] returns noop
        expand: %{Stripped-User-Name} ->
++[expand] returns noop
[suffix] No '@' in User-Name = "umsja\test.juliusbess", skipping NULL due to config.
++[suffix] returns noop
[ntdomain] Looking up realm "umsja" for User-Name = "umsja\test.juliusbess"
[ntdomain] Found realm "umsja"
[ntdomain] Adding Realm = "umsja"
[ntdomain] Proxying request from user test.juliusbess to realm umsja
[ntdomain] Preparing to proxy authentication request to realm "umsja"
++[ntdomain] returns updated
        expand: %{Stripped-User-Name} ->
++[expand] returns updated
[eap] No ! EAP-Message, not doing EAP
++[eap] returns noop
++[files] return s noop
[sql]   expand: %{User-Name} -> umsja\test.juliusbess
[sql] sql_set_user escaped user --> 'umsja\test.juliusbess'
rlm_sql (sql): Reserving sql socket id: 3
[sql]   expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = 'umsja=5Ctest.juliusbess'           ORDER BY id
[sql]   expand: SELECT groupname           FROM radusergroup           WHERE u! sername = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM radusergroup           WHERE username = 'umsja=5Ctest.juliusbess'           ORDER BY priority
rlm_sql (sql): Released sql socket id: 3
[sql] User umsja\test.juliusbess not found
++[sql] returns notfound
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
  WARNING: Empty pre-proxy section.  Using default return values.
>>> Sending proxied request internally to virtual server.
server innra.umsja.is-srv {
# Executing section authorize from file /etc/raddb/sites-enabled/innra.umsja.is
+- entering group authorize {...}
++[preprocess] returns ok
[suffix] Request already proxied.  Ignoring.
++[suffix] ! returns ok
[ntdomain] Request already proxied.  Ignoring.
+ +[ntdomain] returns ok
[mschap-innra.umsja.is] Found MS-CHAP attributes.  Setting 'Auth-Type  = mschap-innra.umsja.is'
++[mschap-innra.umsja.is] returns ok
[ldap-innra.umsja.is] performing user authorization for umsja\test.juliusbess
[ldap-innra.umsja.is]   expand: %{Stripped-User-Name} ->
[ldap-innra.umsja.is]   ... expanding second conditional
[ldap-innra.umsja.is]   expand: %{User-Name} -> umsja\5ctest.juliusbess
[ldap-innra.umsja.is]   expand: (sAMAccountName=%{%{Stripped-User-Name}:-%{User-Name}}) -> (sAMAccountName=umsja\5ctest.juliusbess)
[ldap-innra.umsja.is]   expand: DC=innra,DC=umsja,DC=is -> DC=innra,DC=umsja,DC=is
  [ldap-innra.umsja.is] ldap_get_conn: Checking Id: 0
  [ldap-innra.umsja.is] ldap_get_conn: Got Id: 0
  [ldap-innra.umsja.is] attempting LDAP reconnection
  [ldap-innra.umsja.is] (re)connect to innra.umsja.is:389, authentica! tion 0
  [ldap-innra.umsja.is] bind as sa.ldapFreeRadius@innra.umsja.is/L3sV1rku5krana. to innra.umsja.is:389
  [ldap-innra.umsja.is] waiting for bind result ...
  [ldap-innra.umsja.is] Bind was successful
  [ldap-innra.umsja.is] performing search in DC=innra,DC=umsja,DC=is, with filter (sAMAccountName=umsja\5ctest.juliusbess)
  [ldap-innra.umsja.is] rebind to URL ldap://DomainDnsZones.innra.umsja.is/DC=DomainDnsZones,DC=innra,DC=umsja,DC=is
  [ldap-innra.umsja.is] rebind to URL ldap://ForestDnsZones.innra.umsja.is/DC=ForestDnsZones,DC=innra,DC=umsja,DC=is
  [ldap-innra.umsja.is] object not found
[ldap-innra.umsja.is] search failed
  [ldap-innra.umsja.is] ldap_release_conn: Release Id: 0
++[ldap-innra.umsja.is] returns notfound
        expand: %{control:Ldap-UserDN} ->
++[expand] returns notfound
++? if (control:Ldap-UserDN =~ /^.+,OU=Users,OU=([^,]+),/i)    (Attribute control:Ldap-UserDN was not found)
? Evaluating (control:Ldap-UserDN =~ /^.+,OU=Users,OU=([^,]+),/i) -> FALSE
++? if (control:Ldap-UserDN =~ /^.+,OU=Users,OU=([^,]+),/i) -> FALSE
++? if (control:Jira-Key != "")
    (Attribute control:Jira-Key was not found)
? Evaluating (control:Jira-Key != "") -> FALSE
++? if (control:Jira-Key != "") -> FALSE
++? if (Huntgroup-Name == ppp-bidlarar)
? Evaluating (Huntgroup-Name == ppp-bidlarar) -> FALSE
++? if (Huntgroup-Name == ppp-bidlarar) -> FALSE
++? if (Huntgroup-Name == vpn-nas)
? Evaluating (Huntgroup-Name == vpn-nas) -> TRUE
++? if (Huntgroup-Name == vpn-nas) -> TRUE
++- entering if (Huntgroup-Name == vpn-nas) {...}
+++? if (ldap-innra.umsja.is-Ldap-Group == "%{control:Tmp-String-0}-VPN-Allow")
        expand: %{control:Tmp-String-0}-VPN-Allow -> -VPN-Allow
  [ldap-innra.umsja.is] Entering ldap_groupcmp()
      ! ;  expand: DC=innra,DC=umsja,DC=is -> DC=innra,DC=umsja,DC=is
        expand: %{Stripped-User-Name} ->
        ... expanding second conditional
        expand: %{User-Name} -> umsja\5ctest.juliusbess
        expand: (sAMAccountName=%{%{Stripped-User-Name}:-%{User-Name}}) -> (sAMAccountName=umsja\5ctest.juliusbess)
  [ldap-innra.umsja.is] ldap_get_conn: Checking Id: 0
  [ldap-innra.umsja.is] ldap_get_conn: Got Id: 0
  [ldap-innra.umsja.is] performing search in DC=innra,DC=umsja,DC=is, with filter (sAMAccountName=umsja\5ctest.juliusbess)
  [ldap-innra.umsja.is] rebind to URL ldap://DomainDnsZones.innra.umsja.is/DC=DomainDnsZones,DC=innra,DC=umsja,DC=is
  [ldap-innra.umsja.is] rebind to URL ldap://ForestDnsZones.innra.umsja.is/DC=ForestDnsZones,DC=innra,DC=umsja,DC=is  [ldap-innra.umsja.is] object not found
rlm_ldap::ldap_group cmp: search failed
  [ldap-innra.umsja.is] ldap_release_conn: Release Id: 0
? Evaluating (ldap-innra.umsja.is-Ldap-Group == "%{control:Tmp-String-0}-VPN-Allow") -> FALSE
+++? if (ldap-innra.umsja.is-Ldap-Group == "%{control:Tmp-String-0}-VPN-Allow") -> FALSE
+++? elsif (ldap-innra.umsja.is-Ldap-Group == "vpn-nyherji.is")
  [ldap-innra.umsja.is] Entering ldap_groupcmp()
        expand: DC=innra,DC=umsja,DC=is -> DC=innra,DC=umsja,DC=is
        expand: %{Stripped-User-Name} ->
        ... expanding second conditional
        expand: %{User-Name} -> umsja\5ctest.juliusbess
        expand: (sAMAccountName=%{%{Stripped-User-Name}:-%{User-Name}}) -> (sAMAccountName=umsja\5ctest.juliusbess)
  [ldap-innra.umsja.is] ldap_get_conn: Checking Id: 0  [ldap-innra.umsja.is] ldap_get_conn: Got Id: 0
  [ldap-innra.umsja.is] performing search in DC=innra,DC=umsja,DC=is, with filter (sAMAccountName=umsja\5ctest.juliusbess)
  [ldap-innra.umsja.is] rebind to URL ldap://DomainDnsZones.innra.umsja.is/DC=DomainDnsZones,DC=innra,DC=umsja,DC=is
  [ldap-innra.umsja.is] rebind to URL ldap://ForestDnsZones.innra.umsja.is/DC=ForestDnsZones,DC=innra,DC=umsja,DC=is
  [ldap-innra.umsja.is] object not found
rlm_ldap::ldap_groupcmp: search failed
  [ldap-innra.umsja.is] ldap_release_conn: Release Id: 0
? Evaluating (ldap-innra.umsja.is-Ldap-Group == "vpn-nyherji.is") -> FALSE
+++? elsif (ldap-innra.umsja.is-Ldap-Group == "vpn-nyherji.is") -> FALSE
+++- entering else else {...}
++++[reject] returns reject
+++- else else returns reject
++- if (Huntgroup-Name == vpn-nas) returns reject
} # server innra.umsja.is-srv
Going to the next request
<<< Receiv! ed proxied response code 3 from internal virtual server.
# Executin g section post-proxy from file /etc/raddb/sites-enabled/default
+- entering group post-proxy {...}
[eap] No pre-existing handler found
++[eap] returns noop
Using Post-Auth-Type Reject
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject]     expand: %{User-Name} -> umsja\test.juliusbess
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Sending Access-Reject of id 114 to 10.255.0.99 port 1645
Finished request 1.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 1 ID 114 with timestamp +12
Ready to process requests.


Sumar