hi, I am use freeradius1.1.6 . And It can work. But there is a question: why freeradius recieve username=anonymous many time? and than receive real username hwang?? Listening on authentication *:1812 Listening on accounting *:1813 Ready to process requests. rad_recv: Access-Request packet from host 10.155.20.84:1030, id=27, length=162 User-Name = "anonymous" // My username is hwang??? NAS-IP-Address = 10.155.20.84 NAS-Identifier = "hello" NAS-Port = 0 Called-Station-Id = "00-19-77-00-00-34:hhe" Calling-Station-Id = "00-19-E0-80-A5-5A" Framed-MTU = 1500 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 11Mbps 802.11b" EAP-Message = 0x0200000e01616e6f6e796d6f7573 Message-Authenticator = 0x892d753593e189cd36612f7fa07e459f Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "anonymous", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: EAP packet type response id 0 length 14 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 0 rlm_ldap: - authorize rlm_ldap: performing user authorization for anonymous radius_xlat: '(cn=anonymous)' radius_xlat: 'dc=company,dc=com' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: attempting LDAP reconnection rlm_ldap: (re)connect to 127.0.0.1:389, authentication 0 rlm_ldap: setting TLS CACert File to /usr/local/etc/openldap/ssl/cacert.pem rlm_ldap: setting TLS Require Cert to never rlm_ldap: bind as / to 127.0.0.1:389 rlm_ldap: waiting for bind result ... rlm_ldap: Bind was successful rlm_ldap: performing search in dc=company,dc=com, with filter (cn=anonymous) rlm_ldap: object not found or got ambiguous search result rlm_ldap: search failed rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns notfound for request 0 modcall: leaving group authorize (returns updated) for request 0 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 rlm_eap: EAP Identity rlm_eap: processing type md5 rlm_eap_md5: Issuing Challenge modcall[authenticate]: module "eap" returns handled for request 0 modcall: leaving group authenticate (returns handled) for request 0 Sending Access-Challenge of id 27 to 10.155.20.84 port 1030 EAP-Message = 0x01010016041061094fc60ca2cd662178a3d6eea822cc Message-Authenticator = 0x00000000000000000000000000000000 State = 0x3a5eacc7a46269daed6e2e83bf27092c Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 10.155.20.84:1030, id=28, length=172 User-Name = "anonymous" NAS-IP-Address = 10.155.20.84 NAS-Identifier = "hello" NAS-Port = 0 Called-Station-Id = "00-19-77-00-00-34:hhe" Calling-Station-Id = "00-19-E0-80-A5-5A" Framed-MTU = 1500 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 11Mbps 802.11b" EAP-Message = 0x020100060319 State = 0x3a5eacc7a46269daed6e2e83bf27092c Message-Authenticator = 0x3429d0e18b932a327161388ce7e0bdc4 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 1 modcall[authorize]: module "mschap" returns noop for request 1 rlm_realm: No '@' in User-Name = "anonymous", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 1 rlm_eap: EAP packet type response id 1 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 1 rlm_ldap: - authorize rlm_ldap: performing user authorization for anonymous radius_xlat: '(cn=anonymous)' radius_xlat: 'dc=company,dc=com' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in dc=company,dc=com, with filter (cn=anonymous) rlm_ldap: object not found or got ambiguous search result rlm_ldap: search failed rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns notfound for request 1 modcall: leaving group authorize (returns updated) for request 1 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 1 rlm_eap: Request found, released from the list rlm_eap: EAP NAK rlm_eap: EAP-NAK asked for EAP-Type/peap rlm_eap: processing type tls rlm_eap_tls: Initiate rlm_eap_tls: Start returned 1 modcall[authenticate]: module "eap" returns handled for request 1 modcall: leaving group authenticate (returns handled) for request 1 Sending Access-Challenge of id 28 to 10.155.20.84 port 1030 EAP-Message = 0x010200061920 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x78c6b1e762ecc5c348c57839451373fc Finished request 1 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 10.155.20.84:1030, id=29, length=308 User-Name = "anonymous" NAS-IP-Address = 10.155.20.84 NAS-Identifier = "hello" NAS-Port = 0 Called-Station-Id = "00-19-77-00-00-34:hhe" Calling-Station-Id = "00-19-E0-80-A5-5A" Framed-MTU = 1500 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 11Mbps 802.11b" EAP-Message = 0x0202008e198000000084160301007f0100007b0301469dfab4e8c534467a7efea117a737c912db65b70fd69087e66db970d315915320ccd869a4c60335849db3ab1a6ac62e61453a4b96028a90f4d7003b9354af598f003400390038003300320016001300660035002f00150012000a000500040009006300650060006200610064001400110003000600080100 State = 0x78c6b1e762ecc5c348c57839451373fc Message-Authenticator = 0xd219e2d5ad47c0fac48409f97e811c06 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 2 modcall[authorize]: module "mschap" returns noop for request 2 rlm_realm: No '@' in User-Name = "anonymous", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 2 rlm_eap: EAP packet type response id 2 length 142 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 2 rlm_ldap: - authorize rlm_ldap: performing user authorization for anonymous radius_xlat: '(cn=anonymous)' radius_xlat: 'dc=company,dc=com' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in dc=company,dc=com, with filter (cn=anonymous) rlm_ldap: object not found or got ambiguous search result rlm_ldap: search failed rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns notfound for request 2 modcall: leaving group authorize (returns updated) for request 2 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 2 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 (other): before/accept initialization TLS_accept: before/accept initialization rlm_eap_tls: <<< TLS 1.0 Handshake [length 007f], ClientHello TLS_accept: SSLv3 read client hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello TLS_accept: SSLv3 write server hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 05f5], Certificate TLS_accept: SSLv3 write certificate A rlm_eap_tls: >>> TLS 1.0 Handshake [length 010d], ServerKeyExchange TLS_accept: SSLv3 write key exchange A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone TLS_accept: SSLv3 write server done A TLS_accept: SSLv3 flush data TLS_accept: Need to read more data: SSLv3 read client certificate A In SSL Handshake Phase In SSL Accept mode eaptls_process returned 13 rlm_eap_peap: EAPTLS_HANDLED modcall[authenticate]: module "eap" returns handled for request 2 modcall: leaving group authenticate (returns handled) for request 2 Sending Access-Challenge of id 29 to 10.155.20.84 port 1030 EAP-Message = 0x0103040a19c000000764160301004a020000460301469dfab309c80c31b99e98c0a34aca8264f8f297de2c96c8d749bc2f8643ed65203b46728ba323185caf08c85e3a2c79d9f28fd7c95c65f4f1c94f9a20d9abaf1e00390016030105f50b0005f10005ee00028b30820287308201f0a003020102020101300d06092a864886f70d0101040500307c310b300906035504061302434e310b3009060355040813026161310b3009060355040713026161310b3009060355040a13026161310b3009060355040b1302616131193017060355040313107777772e6165726f686976652e636f6d311e301c06092a864886f70d010901160f6161406165726f EAP-Message = 0x686976652e636f6d301e170d3037303632363037323031385a170d3038303632353037323031385a307e310b300906035504061302434e310b3009060355040813026164310c300a06035504071303736466310b3009060355040a13027366310c300a060355040b130361736431193017060355040313107777772e6165726f686976652e636f6d311e301c06092a864886f70d010901160f6464406165726f686976652e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100b634f0dd4ca2b2710ceb06a0d511a77b99bfffd41c3287bda963b1fd868b978dccbf7be1e4986cf08af63cbc811a7147b865c3dbdd529749 EAP-Message = 0xe54ebd3528f0bc1e070bef3576e374cda904f61c7fb19c861d52361206b659e74221081cb674521e21172342968b83c2e56606310d4cdb30f5670f53234c2006c89544dca8afa7690203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d0101040500038181004285d778012c69d462728a5cf6c7187151c83b5ec1509ad697bd4e2c55cd886be9097a289c13bdefe578674ce5ce0481c9840bb5dc878a9445465fc61f53205f875f79107dfdb55e15a5a38bbc8f8387f0abec3917629363ef6b0f1a15910dbb516fa80cd63c3d4f99508882c04935170a0750997e724a88284627d5a33390a400035d30 EAP-Message = 0x820359308202c2a0030201020209009f961f4fc34f74f5300d06092a864886f70d0101040500307c310b300906035504061302434e310b3009060355040813026161310b3009060355040713026161310b3009060355040a13026161310b3009060355040b1302616131193017060355040313107777772e6165726f686976652e636f6d311e301c06092a864886f70d010901160f6161406165726f686976652e636f6d301e170d3037303632363037313235365a170d3038303632353037313235365a307c310b300906035504061302434e310b3009060355040813026161310b3009060355040713026161310b3009060355040a13026161310b30 EAP-Message = 0x09060355040b13026161311930170603550403131077 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x64f0f8b513f75e5eda3b855da24e0e94 Finished request 2 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 10.155.20.84:1030, id=30, length=172 User-Name = "anonymous" NAS-IP-Address = 10.155.20.84 NAS-Identifier = "hello" NAS-Port = 0 Called-Station-Id = "00-19-77-00-00-34:hhe" Calling-Station-Id = "00-19-E0-80-A5-5A" Framed-MTU = 1500 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 11Mbps 802.11b" EAP-Message = 0x020300061900 State = 0x64f0f8b513f75e5eda3b855da24e0e94 Message-Authenticator = 0xeccfd2a31efa5926c1da829b98e7c190 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 3 modcall[authorize]: module "mschap" returns noop for request 3 rlm_realm: No '@' in User-Name = "anonymous", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 3 rlm_eap: EAP packet type response id 3 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 3 rlm_ldap: - authorize rlm_ldap: performing user authorization for anonymous radius_xlat: '(cn=anonymous)' radius_xlat: 'dc=company,dc=com' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in dc=company,dc=com, with filter (cn=anonymous) rlm_ldap: object not found or got ambiguous search result rlm_ldap: search failed rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns notfound for request 3 modcall: leaving group authorize (returns updated) for request 3 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 3 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: ack handshake fragment handler eaptls_verify returned 1 eaptls_process returned 13 rlm_eap_peap: EAPTLS_HANDLED modcall[authenticate]: module "eap" returns handled for request 3 modcall: leaving group authenticate (returns handled) for request 3 Sending Access-Challenge of id 30 to 10.155.20.84 port 1030 EAP-Message = 0x0104036a190077772e6165726f686976652e636f6d311e301c06092a864886f70d010901160f6161406165726f686976652e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100c474b27e94d9079f425dc26ae672f7422f90c0dc3acb64f6fe338cafd8c76abe6168006a0924e69387dafc4fe657a15ca04281abbc2f4e3012c0ec02fc49e4ea7d713ef14b49fec2339e9f4be422b21d468c3ad6f7cb5b111d586ffd642e7d0e030835b364d908b72b4c310a3c0740d3a6501f3f0ff54ad5f90fd8b7c5ff02b70203010001a381e23081df301d0603551d0e04160414050729ac4b9f02efbd89d61f801226f7b19871e730 EAP-Message = 0x81af0603551d230481a73081a48014050729ac4b9f02efbd89d61f801226f7b19871e7a18180a47e307c310b300906035504061302434e310b3009060355040813026161310b3009060355040713026161310b3009060355040a13026161310b3009060355040b1302616131193017060355040313107777772e6165726f686976652e636f6d311e301c06092a864886f70d010901160f6161406165726f686976652e636f6d8209009f961f4fc34f74f5300c0603551d13040530030101ff300d06092a864886f70d0101040500038181002617bba7fbd8d318ba237e03c59763285f5b3d552fb04f8295d6fb972e54a80e1ae55182b1b93fad56eccc EAP-Message = 0x008144c830ca22f22b37d28b7ec437ab988a5346105ad15a76f84ea9d1d746b6482241d95f106e8b83dcff277ffb4cfdb4b2c46e5030943c310d01e9e755e2a11bf21d3cf5eb1e50fb4e08e45d20f21cb01d75ef46160301010d0c00010900409fb2566c6daf40fa7213de35550402bb2c30650b0b690c926edfdc870939677dee5bef17f04c611d99c259a9f3c3564ff1b617cc682c42f2551d6061bee4ea6b00010500407c848e1deed61f74a1eae953c93aef3f11592a7ebca3039464d5caf560b157d1b36b1d2fe96779040e50b5b1203d45620b82d97b95128a3802d1c654301e4d35008007b33a97ac3ff6e4524749d01480f93aa974bbdca17c EAP-Message = 0x23edf88fd6106f647719683f43bedbd574348b023b18d55b950dc11e32e407bbf94d751f75df8b950263ddc4d50397b0e40f16fde6ea57d8a537ce16f38ddb4962e5b2546a48e4c9b25f94e8894cc44eba7f55133397855092202ead7e82ccfc59a0309620f73e75496e16030100040e000000 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x6aca38b181b8d8f126f6f9d75a95cea1 Finished request 3 Going to the next request --- Walking the entire request list --- Waking up in 5 seconds... rad_recv: Access-Request packet from host 10.155.20.84:1030, id=31, length=310 User-Name = "anonymous" NAS-IP-Address = 10.155.20.84 NAS-Identifier = "hello" NAS-Port = 0 Called-Station-Id = "00-19-77-00-00-34:hhe" Calling-Station-Id = "00-19-E0-80-A5-5A" Framed-MTU = 1500 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 11Mbps 802.11b" EAP-Message = 0x02040090198000000086160301004610000042004023b55a35ee451dc35ed4700cccf7378a2207e0602fc6d015659ebbc130312ca4b42ab2e6bc10b7ea3038f5057c5d2e42b75b074ef2b61cc07da33dad7fdef00314030100010116030100302259954c3a5d5001b973d8db65bfbc80b209196649f453710f17ee22aa0a8b24c37251c79d2617bdfc0db164c5d1f06f State = 0x6aca38b181b8d8f126f6f9d75a95cea1 Message-Authenticator = 0xf0b976660c9afb2bebbd92af021e7f39 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 4 modcall[authorize]: module "mschap" returns noop for request 4 rlm_realm: No '@' in User-Name = "anonymous", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 4 rlm_eap: EAP packet type response id 4 length 144 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 4 rlm_ldap: - authorize rlm_ldap: performing user authorization for anonymous radius_xlat: '(cn=anonymous)' radius_xlat: 'dc=company,dc=com' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in dc=company,dc=com, with filter (cn=anonymous) rlm_ldap: object not found or got ambiguous search result rlm_ldap: search failed rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns notfound for request 4 modcall: leaving group authorize (returns updated) for request 4 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 4 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 rlm_eap_tls: <<< TLS 1.0 Handshake [length 0046], ClientKeyExchange TLS_accept: SSLv3 read client key exchange A rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001] rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished TLS_accept: SSLv3 read finished A rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001] TLS_accept: SSLv3 write change cipher spec A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished TLS_accept: SSLv3 write finished A TLS_accept: SSLv3 flush data (other): SSL negotiation finished successfully SSL Connection Established eaptls_process returned 13 rlm_eap_peap: EAPTLS_HANDLED modcall[authenticate]: module "eap" returns handled for request 4 modcall: leaving group authenticate (returns handled) for request 4 Sending Access-Challenge of id 31 to 10.155.20.84 port 1030 EAP-Message = 0x010500411900140301000101160301003058e4fa4949dbfc44b6eb52a41e2a278ae305a5e729bc575f83623c66afd6560be127d8c5f212e2925261c4a1334393d3 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x24be7ab489df058566683a9ebe9c117e Finished request 4 Going to the next request Waking up in 5 seconds... rad_recv: Access-Request packet from host 10.155.20.84:1030, id=32, length=172 User-Name = "anonymous" NAS-IP-Address = 10.155.20.84 NAS-Identifier = "hello" NAS-Port = 0 Called-Station-Id = "00-19-77-00-00-34:hhe" Calling-Station-Id = "00-19-E0-80-A5-5A" Framed-MTU = 1500 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 11Mbps 802.11b" EAP-Message = 0x020500061900 State = 0x24be7ab489df058566683a9ebe9c117e Message-Authenticator = 0xee16952d86d913a0de63ea9ac30686b5 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 5 modcall[authorize]: module "mschap" returns noop for request 5 rlm_realm: No '@' in User-Name = "anonymous", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 5 rlm_eap: EAP packet type response id 5 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 5 rlm_ldap: - authorize rlm_ldap: performing user authorization for anonymous radius_xlat: '(cn=anonymous)' radius_xlat: 'dc=company,dc=com' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in dc=company,dc=com, with filter (cn=anonymous) rlm_ldap: object not found or got ambiguous search result rlm_ldap: search failed rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns notfound for request 5 modcall: leaving group authorize (returns updated) for request 5 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 5 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: ack handshake is finished eaptls_verify returned 3 eaptls_process returned 3 rlm_eap_peap: EAPTLS_SUCCESS modcall[authenticate]: module "eap" returns handled for request 5 modcall: leaving group authenticate (returns handled) for request 5 Sending Access-Challenge of id 32 to 10.155.20.84 port 1030 EAP-Message = 0x0106002b190017030100200d55461e9cdb964514a669c9dfe5c13871fdd2169a2e4baaa0c9dfe12e76e04e Message-Authenticator = 0x00000000000000000000000000000000 State = 0x0f2025da9f0e12d75d1b92245369cae4 Finished request 5 Going to the next request Waking up in 5 seconds... rad_recv: Access-Request packet from host 10.155.20.84:1030, id=33, length=209 User-Name = "anonymous" NAS-IP-Address = 10.155.20.84 NAS-Identifier = "hello" NAS-Port = 0 Called-Station-Id = "00-19-77-00-00-34:hhe" Calling-Station-Id = "00-19-E0-80-A5-5A" Framed-MTU = 1500 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 11Mbps 802.11b" EAP-Message = 0x0206002b19001703010020cdfc4e1259368e75a31d741ace309219962619f1d83af282f29c39016fdcf570 State = 0x0f2025da9f0e12d75d1b92245369cae4 Message-Authenticator = 0xc3aa3be0f439676efe53acf688e853df Processing the authorize section of radiusd.conf modcall: entering group authorize for request 6 modcall[authorize]: module "mschap" returns noop for request 6 rlm_realm: No '@' in User-Name = "anonymous", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 6 rlm_eap: EAP packet type response id 6 length 43 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 6 rlm_ldap: - authorize rlm_ldap: performing user authorization for anonymous radius_xlat: '(cn=anonymous)' radius_xlat: 'dc=company,dc=com' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in dc=company,dc=com, with filter (cn=anonymous) rlm_ldap: object not found or got ambiguous search result rlm_ldap: search failed rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns notfound for request 6 modcall: leaving group authorize (returns updated) for request 6 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 6 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS eaptls_verify returned 7 rlm_eap_tls: Done initial handshake eaptls_process returned 7 rlm_eap_peap: EAPTLS_OK rlm_eap_peap: Session established. Decoding tunneled attributes. rlm_eap_peap: Identity - hwang rlm_eap_peap: Tunneled data is valid. PEAP: Got tunneled EAP-Message EAP-Message = 0x0206000a016877616e67 PEAP: Got tunneled identity of hwang PEAP: Setting default EAP type for tunneled EAP session. PEAP: Setting User-Name to hwang PEAP: Sending tunneled request EAP-Message = 0x0206000a016877616e67 FreeRADIUS-Proxied-To = 127.0.0.1 User-Name = "hwang" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 6 modcall[authorize]: module "mschap" returns noop for request 6 rlm_realm: No '@' in User-Name = "hwang", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 6 rlm_eap: EAP packet type response id 6 length 10 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 6 rlm_ldap: - authorize rlm_ldap: performing user authorization for hwang radius_xlat: '(cn=hwang)' radius_xlat: 'dc=company,dc=com' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in dc=company,dc=com, with filter (cn=hwang) rlm_ldap: checking if remote access for hwang is allowed by uid rlm_ldap: Added password hwang123 in check items rlm_ldap: looking for check items in directory... rlm_ldap: looking for reply items in directory... rlm_ldap: user hwang authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 6 modcall: leaving group authorize (returns updated) for request 6 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 6 rlm_eap: EAP Identity rlm_eap: processing type mschapv2 rlm_eap_mschapv2: Issuing Challenge modcall[authenticate]: module "eap" returns handled for request 6 modcall: leaving group authenticate (returns handled) for request 6 PEAP: Got tunneled reply RADIUS code 11 EAP-Message = 0x0107001f1a0107001a10a2750f27e0c8b270b5791e5e4bd204a06877616e67 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xfc422a3c47ff3cec088d7cffbe0a09d3 PEAP: Processing from tunneled session code 0x81504d0 11 EAP-Message = 0x0107001f1a0107001a10a2750f27e0c8b270b5791e5e4bd204a06877616e67 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xfc422a3c47ff3cec088d7cffbe0a09d3 PEAP: Got tunneled Access-Challenge modcall[authenticate]: module "eap" returns handled for request 6 modcall: leaving group authenticate (returns handled) for request 6 Sending Access-Challenge of id 33 to 10.155.20.84 port 1030 EAP-Message = 0x0107003b19001703010030e585bc4c07bbbcb1bd451d8aed4f816f199eae6bc7aa0387afe552a14f10124aace813bcd79348bf52e26944fbe0aef8 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x67537faf447ee16778062badc8ed4ea2 Finished request 6 Going to the next request --- Walking the entire request list --- Waking up in 4 seconds... rad_recv: Access-Request packet from host 10.155.20.84:1030, id=34, length=273 --------------------------------- 抢注雅虎免费邮箱3.5G容量,20M附件!
PEAP: Got tunneled identity of hwang PEAP: Setting default EAP type for tunneled EAP session. PEAP: Setting User-Name to hwang PEAP: Sending tunneled request
Your "real" username will be sent only inside the encrypted tunnel. Many NASes will set identity outside the tunnel to "anonymous". Ivan Kalik Kalik Informatika ISP
participants (2)
-
Hangjun He -
tnt@kalik.co.yu