we did install a new freeradius server and default configuration. then we did your tutorial step by step. no more lines, nothing left out.
password is double checked, everything else should be find. wbinfo works, ntlm_auth works, plain_ntlm works, certificates creates with makefile (so with xpextensions).
it is really strange..
rad_recv: Access-Request packet from host 10.80.10.150 port 1645, id=205, length=137
User-Name = "asartori"
Framed-MTU = 1400
Called-Station-Id = "0021.d792.3040"
Calling-Station-Id = "0023.121b.f71b"
Service-Type = Login-User
Message-Authenticator = 0xdde7d44ba64198a77fe4911087b2a442
EAP-Message = 0x0202000d0161736172746f7269
NAS-Port-Type = Wireless-802.11
NAS-Port = 1461
NAS-Port-Id = "1461"
NAS-IP-Address = 10.80.10.150
NAS-Identifier = "AP50"
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "asartori", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 2 length 13
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
[files] users: Matched entry DEFAULT at line 1
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type md5
rlm_eap_md5: Issuing Challenge
++[eap] returns handled
Sending Access-Challenge of id 205 to 10.80.10.150 port 1645
EAP-Message = 0x01030016041020f6c8632f50cb7bc445d921e8c7e355
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x86dda94b86dead6cb4af2a8bdb01132e
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.80.10.150 port 1645, id=206, length=148
User-Name = "asartori"
Framed-MTU = 1400
Called-Station-Id = "0021.d792.3040"
Calling-Station-Id = "0023.121b.f71b"
Service-Type = Login-User
Message-Authenticator = 0x6145259b02547df93d0552b7414f0fb5
EAP-Message = 0x020300060319
NAS-Port-Type = Wireless-802.11
NAS-Port = 1461
NAS-Port-Id = "1461"
State = 0x86dda94b86dead6cb4af2a8bdb01132e
NAS-IP-Address = 10.80.10.150
NAS-Identifier = "AP50"
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "asartori", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 3 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
[files] users: Matched entry DEFAULT at line 1
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP NAK
[eap] EAP-NAK asked for EAP-Type/peap
[eap] processing type tls
[tls] Initiate
[tls] Start returned 1
++[eap] returns handled
Sending Access-Challenge of id 206 to 10.80.10.150 port 1645
EAP-Message = 0x010400061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x86dda94b87d9b06cb4af2a8bdb01132e
Finished request 1.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.80.10.150 port 1645, id=207, length=306
User-Name = "asartori"
Framed-MTU = 1400
Called-Station-Id = "0021.d792.3040"
Calling-Station-Id = "0023.121b.f71b"
Service-Type = Login-User
Message-Authenticator = 0x6373d1c83ed630d072424e4571b5c427
EAP-Message = 0x020400a419800000009a16030100950100009103014bbdd4e87af6f0d31b28590f069d4838a0fd4a7b44519d4b20b553e8b0a38540000056c00ac009c007c008c013c014c011c012c004c005c002c003c00ec00fc00cc00d002f000500040035000a000900030008000600320033003800390016001500140013001200110034003a0018001b001a00170019000101000012000a00080006001700180019000b00020100
NAS-Port-Type = Wireless-802.11
NAS-Port = 1461
NAS-Port-Id = "1461"
State = 0x86dda94b87d9b06cb4af2a8bdb01132e
NAS-IP-Address = 10.80.10.150
NAS-Identifier = "AP50"
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "asartori", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 4 length 164
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
TLS Length 154
[peap] Length Included
[peap] eaptls_verify returned 11
[peap] (other): before/accept initialization
[peap] TLS_accept: before/accept initialization
[peap] <<< TLS 1.0 Handshake [length 0095], ClientHello
[peap] TLS_accept: SSLv3 read client hello A
[peap] >>> TLS 1.0 Handshake [length 002a], ServerHello
[peap] TLS_accept: SSLv3 write server hello A
[peap] >>> TLS 1.0 Handshake [length 07d3], Certificate
[peap] TLS_accept: SSLv3 write certificate A
[peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
[peap] TLS_accept: SSLv3 write server done A
[peap] TLS_accept: SSLv3 flush data
[peap] TLS_accept: Need to read more data: SSLv3 read client certificate A
In SSL Handshake Phase
In SSL Accept mode
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 207 to 10.80.10.150 port 1645
EAP-Message = 0x0105040019c000000810160301002a0200002603014bbdd55952cf35d69ba60e1ebfa404231554215dd7630613d874ef2de8b12a5800002f0016030107d30b0007cf0007cc000368308203643082024ca003020102020101300d06092a864886f70d0101040500307b310b30090603550406130241543111300f0603550408130853616c7a62757267310d300b0603550407130450756368310c300a060355040a1303464853311c301a06092a864886f70d010901160d61646d696e406668732e636f6d311e301c06035504031315464853204578616d706c6520417574686f72697479301e170d3130303430383131353035385a170d313130343038
EAP-Message = 0x3131353035385a3057310b30090603550406130241543111300f0603550408130853616c7a62757267310c300a060355040a1303464853312730250603550403131e726164697573612e636f72652e66682d73616c7a627572672e61632e617430820122300d06092a864886f70d01010105000382010f003082010a0282010100c39b6c9e63a914640d8d8a7c1541bd93830de1c9e2cfe9884561c881bf9e24fe0c7a527b9e1b506cf5b3e7d91096f19262938134ec231685c0621f5cbc1c2b89cf0613672e5ae4512824541bb1e25a3e5f312e401c6d55f2f71a7ae6aedd0a2b61322c313ec13c142df0226a2f0f33186a2a79d8a0f4080f75002059
EAP-Message = 0x167cac17436aea8917fea74bf6f3d13e6f1b418bef900a14e412c1be0bf81b73a057b55cc9a8e0716e260a5eb233aae763dd2f8dcffdf00efec148cc3b8a031c91c0afe9e6cbdd4ae309666a8422bf65865f4f25a48cf4a2e6522bc562addf30df7ba7fd91acbac6895d4fcd749165e4c14d401be8f590c88eadf1282576e7d4137a36ed0203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d010104050003820101008e95b04b25e446f50b2f051d095242b369ad2a25f21f8a4cca4debec31e3b73adace1f6bee620a4e639392171b73aed8b26df169fe4ab62c52069e4ab6124d5dc9aafaaf6e68ec
EAP-Message = 0xbbc076ca92538a95cdbf0661a29c02b103f9bfecbed8eaaaf3a1b6c49b31ef111e3abaa6ebe7a283186f3c3d0e9f07ff3c1cc91eb36547d4cd51bf18b37ca033859df3543283a91e9323b5845c254d600c923ae22fcfbd0c7f90e76d5b3904d84c4cd2c4398f9f430deeabe3e3b7118533e78da3c3512da2caadacdddccd09e2bd939ba7ba591fe9dd2aa43e3a9ce93720e627d5acf6c6bd0f4df106b3356e18ae0be95a63c0c7051f7e296edb76ec57bec3b9b7a47442dee500045e3082045a30820342a003020102020900a85c3b04575e9007300d06092a864886f70d0101050500307b310b30090603550406130241543111300f06035504081308
EAP-Message = 0x53616c7a62757267310d300b
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x86dda94b84d8b06cb4af2a8bdb01132e
Finished request 2.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.80.10.150 port 1645, id=208, length=148
User-Name = "asartori"
Framed-MTU = 1400
Called-Station-Id = "0021.d792.3040"
Calling-Station-Id = "0023.121b.f71b"
Service-Type = Login-User
Message-Authenticator = 0x67049f9481a63497a1ad63f7dc535106
EAP-Message = 0x020500061900
NAS-Port-Type = Wireless-802.11
NAS-Port = 1461
NAS-Port-Id = "1461"
State = 0x86dda94b84d8b06cb4af2a8bdb01132e
NAS-IP-Address = 10.80.10.150
NAS-Identifier = "AP50"
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "asartori", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 5 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] ACK handshake fragment handler
[peap] eaptls_verify returned 1
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 208 to 10.80.10.150 port 1645
EAP-Message = 0x010603fc19400603550407130450756368310c300a060355040a1303464853311c301a06092a864886f70d010901160d61646d696e406668732e636f6d311e301c06035504031315464853204578616d706c6520417574686f72697479301e170d3130303430383131353035385a170d3131303430383131353035385a307b310b30090603550406130241543111300f0603550408130853616c7a62757267310d300b0603550407130450756368310c300a060355040a1303464853311c301a06092a864886f70d010901160d61646d696e406668732e636f6d311e301c06035504031315464853204578616d706c6520417574686f72697479308201
EAP-Message = 0x22300d06092a864886f70d01010105000382010f003082010a0282010100b38f72d456714063ebf429ab9d7d7611b055d1c8fd97baf555ae442f724484771f7603e32bb1a589ceded13e81867c1a582def69bc191e01d70b6cf21f20f3cdc0a0f706193c6a4beec6a1296192d033f22f7f44ae711f13e523b3fb2ade9459821d25409aed45f4bf058ed465622ac5e7634aaa4522bd388595787df04e04571591124fc8ab145bee8d84c08ca017ae0ee6b1785dbf04dcc257edb447817ef8f6b4a30a7565aa6e909b0baa8a5f1c07d8ef1adc4530a798b46f049ad3f00dea37559fa9cf6a5cd61912f18c8385b50215e38345f6f8b9fb7472d929ffe0d6
EAP-Message = 0x345de234cdf7d8130238a9cfeb0bf2b707297924715caa2b5649f9e26784d61dab0203010001a381e03081dd301d0603551d0e041604145908a6f5bb25e0bbd145dff7b843faebe6cc320c3081ad0603551d230481a53081a280145908a6f5bb25e0bbd145dff7b843faebe6cc320ca17fa47d307b310b30090603550406130241543111300f0603550408130853616c7a62757267310d300b0603550407130450756368310c300a060355040a1303464853311c301a06092a864886f70d010901160d61646d696e406668732e636f6d311e301c06035504031315464853204578616d706c6520417574686f72697479820900a85c3b04575e9007300c
EAP-Message = 0x0603551d13040530030101ff300d06092a864886f70d010105050003820101001ac5ce19a6d2ffac80d6d2f4128e9f10d4ba702680306bf4e4e7e3c7e45840e13cbd09e025bad22c7a0c74b03fdacdfcf81c61047acfa10d6338471f5a511a9f8ff316ea110719c709a8a95b63587d72648ba47072101a7a49b9ea3cd4b47f073739a0bbac5f520c309fba8bcd0db79a54f57ad6a3ad38e3112443c9a9fd1293a990a745dec88ef20c509aa6631e09aa0596cecb0d72088a44b8d0e89a7c730a0f165497b61ceb98285b9aad131d86bb73bc2514b387d4dad5a281dab3caa22d2d99b9722babc49058f91a438c4e82b3796c03c7b685b81587893675ff
EAP-Message = 0x5c06f7a83b954177
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x86dda94b85dbb06cb4af2a8bdb01132e
Finished request 3.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.80.10.150 port 1645, id=209, length=148
User-Name = "asartori"
Framed-MTU = 1400
Called-Station-Id = "0021.d792.3040"
Calling-Station-Id = "0023.121b.f71b"
Service-Type = Login-User
Message-Authenticator = 0xfa6f8dca0f9adcba437686053c92c7df
EAP-Message = 0x020600061900
NAS-Port-Type = Wireless-802.11
NAS-Port = 1461
NAS-Port-Id = "1461"
State = 0x86dda94b85dbb06cb4af2a8bdb01132e
NAS-IP-Address = 10.80.10.150
NAS-Identifier = "AP50"
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "asartori", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 6 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] ACK handshake fragment handler
[peap] eaptls_verify returned 1
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 209 to 10.80.10.150 port 1645
EAP-Message = 0x0107002a1900f4905796e9fc4532e77ad4389d9a690206e471189f26d41b82512116030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x86dda94b82dab06cb4af2a8bdb01132e
Finished request 4.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.80.10.150 port 1645, id=210, length=480
User-Name = "asartori"
Framed-MTU = 1400
Called-Station-Id = "0021.d792.3040"
Calling-Station-Id = "0023.121b.f71b"
Service-Type = Login-User
Message-Authenticator = 0x0f678c6346e200b30e4eb192c234cfa5
EAP-Message = 0x020701501980000001461603010106100001020100b50408ec4644c60fcd4ef40d2ecbab1baeb98f024f5533545bf9f838d30a9231704176dc37a4e202c2666ae66f50a841f8217ddc0f3dd611c4c4e0f266f0e864fccf3072d065341e9b1ef0ddb0e740b02bcc76a3a699d30b3fc2d57b50251a8888604437ab94f5a2f3339166a59dfa02e2f01db8c93c22ca7b977cf04887f9a77f1d9832fb991888224344c77ccd82cc6ee36f853f8b3ecc659914bf2e7d5d70d001d623ff302826540564ab3e8a047b84d0820d178adacea88b5514b26caca2d0a0c5ef4ef1d37ca9e57bd38308bafa8d898d123fd297ea2682161d5d0d8f5a1225e101347b37ad
EAP-Message = 0x169980a7d425eff0390e9aca9a190e112a8cc25f449cb802140301000101160301003085391c105bd0ffcc46770ade2bd77ce23d8a064dad7423b83c7925ccd0cf9b1537c383c4d5551c2582ff37e3e304ba01
NAS-Port-Type = Wireless-802.11
NAS-Port = 1461
NAS-Port-Id = "1461"
State = 0x86dda94b82dab06cb4af2a8bdb01132e
NAS-IP-Address = 10.80.10.150
NAS-Identifier = "AP50"
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "asartori", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 7 length 253
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
TLS Length 326
[peap] Length Included
[peap] eaptls_verify returned 11
[peap] <<< TLS 1.0 Handshake [length 0106], ClientKeyExchange
[peap] TLS_accept: SSLv3 read client key exchange A
[peap] <<< TLS 1.0 ChangeCipherSpec [length 0001]
[peap] <<< TLS 1.0 Handshake [length 0010], Finished
[peap] TLS_accept: SSLv3 read finished A
[peap] >>> TLS 1.0 ChangeCipherSpec [length 0001]
[peap] TLS_accept: SSLv3 write change cipher spec A
[peap] >>> TLS 1.0 Handshake [length 0010], Finished
[peap] TLS_accept: SSLv3 write finished A
[peap] TLS_accept: SSLv3 flush data
[peap] (other): SSL negotiation finished successfully
SSL Connection Established
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 210 to 10.80.10.150 port 1645
EAP-Message = 0x01080041190014030100010116030100303ab52cb7421fe368739c6fb0ebcedfbe1829be5c8f2f519f42c5414eac35d4b2dcb900321e194dfd1cad32a515ab5645
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x86dda94b83d5b06cb4af2a8bdb01132e
Finished request 5.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.80.10.150 port 1645, id=211, length=148
User-Name = "asartori"
Framed-MTU = 1400
Called-Station-Id = "0021.d792.3040"
Calling-Station-Id = "0023.121b.f71b"
Service-Type = Login-User
Message-Authenticator = 0x6f2d93f260692f000e61dd774cebe08b
EAP-Message = 0x020800061900
NAS-Port-Type = Wireless-802.11
NAS-Port = 1461
NAS-Port-Id = "1461"
State = 0x86dda94b83d5b06cb4af2a8bdb01132e
NAS-IP-Address = 10.80.10.150
NAS-Identifier = "AP50"
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "asartori", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 8 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] ACK handshake is finished
[peap] eaptls_verify returned 3
[peap] eaptls_process returned 3
[peap] EAPTLS_SUCCESS
++[eap] returns handled
Sending Access-Challenge of id 211 to 10.80.10.150 port 1645
EAP-Message = 0x0109002b1900170301002076466e1135c056a6527a2a708b4251813d1f38271fd843d3cde43f6baa6e14e6
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x86dda94b80d4b06cb4af2a8bdb01132e
Finished request 6.
Going to the next request
Waking up in 4.8 seconds.
rad_recv: Access-Request packet from host 10.80.10.150 port 1645, id=212, length=185
User-Name = "asartori"
Framed-MTU = 1400
Called-Station-Id = "0021.d792.3040"
Calling-Station-Id = "0023.121b.f71b"
Service-Type = Login-User
Message-Authenticator = 0x59d7bbb9d55c9f5bb299c085bc74c031
EAP-Message = 0x0209002b19001703010020c1c0917073c12dced76254e218501258277be220391dc99ad0d529323ff6121e
NAS-Port-Type = Wireless-802.11
NAS-Port = 1461
NAS-Port-Id = "1461"
State = 0x86dda94b80d4b06cb4af2a8bdb01132e
NAS-IP-Address = 10.80.10.150
NAS-Identifier = "AP50"
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "asartori", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 9 length 43
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established. Decoding tunneled attributes.
[peap] Identity - asartori
[peap] Got tunneled request
EAP-Message = 0x0209000d0161736172746f7269
server {
PEAP: Got tunneled identity of asartori
PEAP: Setting default EAP type for tunneled EAP session.
PEAP: Setting User-Name to asartori
Sending tunneled request
EAP-Message = 0x0209000d0161736172746f7269
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "asartori"
server inner-tunnel {
+- entering group authorize {...}
++[chap] returns noop
++[mschap] returns noop
++[unix] returns notfound
[suffix] No '@' in User-Name = "asartori", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[control] returns noop
[eap] EAP packet type response id 9 length 13
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
[files] users: Matched entry DEFAULT at line 1
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type mschapv2
rlm_eap_mschapv2: Issuing Challenge
++[eap] returns handled
} # server inner-tunnel
[peap] Got tunneled reply code 11
EAP-Message = 0x010a00221a010a001d100c689ea9809fa0838234c966c821e9bb61736172746f7269
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xb24fee6fb245f433fdbba9329dca04b3
[peap] Got tunneled reply RADIUS code 11
EAP-Message = 0x010a00221a010a001d100c689ea9809fa0838234c966c821e9bb61736172746f7269
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xb24fee6fb245f433fdbba9329dca04b3
[peap] Got tunneled Access-Challenge
++[eap] returns handled
Sending Access-Challenge of id 212 to 10.80.10.150 port 1645
EAP-Message = 0x010a004b19001703010040cdc6317e2ff6c9d3c89ab6117470329dd73fa12bf1908cde2bca4d90a9cf3f80fd6ea002994ea13db3b9e77e0c0e6239532f294f142143440694facf692a6628
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x86dda94b81d7b06cb4af2a8bdb01132e
Finished request 7.
Going to the next request
Waking up in 4.8 seconds.
rad_recv: Access-Request packet from host 10.80.10.150 port 1645, id=213, length=249
User-Name = "asartori"
Framed-MTU = 1400
Called-Station-Id = "0021.d792.3040"
Calling-Station-Id = "0023.121b.f71b"
Service-Type = Login-User
Message-Authenticator = 0x8711a7593adce970637511cdfb6fdf93
EAP-Message = 0x020a006b19001703010060e26d5b3e614ba6d3033b4c830626fa0fe19c112648fa68b6fe5e0be1377918efb7640489515fa9285dffc3f9acd9d58fdf4f214a94e4d0f80797bf953a8f7533978bc6f4dc86271728a72369d5e478dae6c06a37893a8db46d8a8af29af965b5
NAS-Port-Type = Wireless-802.11
NAS-Port = 1461
NAS-Port-Id = "1461"
State = 0x86dda94b81d7b06cb4af2a8bdb01132e
NAS-IP-Address = 10.80.10.150
NAS-Identifier = "AP50"
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "asartori", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 10 length 107
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established. Decoding tunneled attributes.
[peap] EAP type mschapv2
[peap] Got tunneled request
EAP-Message = 0x020a00431a020a003e317cfba43e0f5c2bbaa5f9ea2f7ecab36300000000000000009e634fd362803e8b674b270cea334172de0831f9ae2e13a70061736172746f7269
server {
PEAP: Setting User-Name to asartori
Sending tunneled request
EAP-Message = 0x020a00431a020a003e317cfba43e0f5c2bbaa5f9ea2f7ecab36300000000000000009e634fd362803e8b674b270cea334172de0831f9ae2e13a70061736172746f7269
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "asartori"
State = 0xb24fee6fb245f433fdbba9329dca04b3
server inner-tunnel {
+- entering group authorize {...}
++[chap] returns noop
++[mschap] returns noop
++[unix] returns notfound
[suffix] No '@' in User-Name = "asartori", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[control] returns noop
[eap] EAP packet type response id 10 length 67
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
[files] users: Matched entry DEFAULT at line 1
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/mschapv2
[eap] processing type mschapv2
[mschapv2] +- entering group MS-CHAP {...}
[mschap] Told to do MS-CHAPv2 for asartori with NT-Password
[mschap] expand: --username=%{mschap:User-Name:-None} -> --username=asartori
[mschap] No NT-Domain was found in the User-Name.
[mschap] expand: %{mschap:NT-Domain} ->
[mschap] ... expanding second conditional
[mschap] expand: --domain=%{%{mschap:NT-Domain}:-FHS} -> --domain=FHS
[mschap] mschap2: 0c
[mschap] expand: --challenge=%{mschap:Challenge:-00} -> --challenge=1c7d952acd9082a2
[mschap] expand: --nt-response=%{mschap:NT-Response:-00} -> --nt-response=9e634fd362803e8b674b270cea334172de0831f9ae2e13a7
Exec-Program output: NT_KEY: 34B23A4A9A7D33D7F95F179B116492ED
Exec-Program-Wait: plaintext: NT_KEY: 34B23A4A9A7D33D7F95F179B116492ED
Exec-Program: returned: 0
[mschap] adding MS-CHAPv2 MPPE keys
++[mschap] returns ok
MSCHAP Success
++[eap] returns handled
} # server inner-tunnel
[peap] Got tunneled reply code 11
EAP-Message = 0x010b00331a030a002e533d31414445413043344632373745353141393134464234323839304246394246454430393642333543
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xb24fee6fb344f433fdbba9329dca04b3
[peap] Got tunneled reply RADIUS code 11
EAP-Message = 0x010b00331a030a002e533d31414445413043344632373745353141393134464234323839304246394246454430393642333543
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xb24fee6fb344f433fdbba9329dca04b3
[peap] Got tunneled Access-Challenge
++[eap] returns handled
Sending Access-Challenge of id 213 to 10.80.10.150 port 1645
EAP-Message = 0x010b005b190017030100500bbb95462d8c42ed4affecd3c7a13a31f6a78c2061c64accf1f54660b9cadfb560b141370ba12cca3b97c261c41559d43c77d5fc9bbe09b2e21c171638666eafafbe82f51e4783bf2b13fec525aea889
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x86dda94b8ed6b06cb4af2a8bdb01132e
Finished request 8.
Going to the next request
Waking up in 4.8 seconds.
Cleaning up request 0 ID 205 with timestamp +13
Cleaning up request 1 ID 206 with timestamp +13
Cleaning up request 2 ID 207 with timestamp +13
Cleaning up request 3 ID 208 with timestamp +14
Cleaning up request 4 ID 209 with timestamp +14
Cleaning up request 5 ID 210 with timestamp +14
Cleaning up request 6 ID 211 with timestamp +14
Cleaning up request 7 ID 212 with timestamp +14
Cleaning up request 8 ID 213 with timestamp +14
Ready to process requests.
[root@radiusa raddb]#