XP auth + PEAP
debik
debik at vp.pl
Tue Dec 6 13:46:12 CET 2005
When i try to connect i have something like this:
rad_recv: Access-Request packet from host 192.168.0.20:1206, id=43,
length=126
User-Name = "debik"
NAS-IP-Address = 192.168.0.20
NAS-Port = 0
Called-Station-Id = "00-0D-88-F2-69-0E"
Calling-Station-Id = "00-0F-CB-B0-06-86"
NAS-Identifier = "dlink"
Framed-MTU = 1380
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x0201000a01646562696b
Message-Authenticator = 0xf5b2e3caa43cb0ff7c3bd6d54d15be73
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
rlm_realm: No '@' in User-Name = "debik", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: EAP packet type response id 1 length 10
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 0
users: Matched debik at 1
modcall[authorize]: module "files" returns ok for request 0
modcall: group authorize returns updated for request 0
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
modcall[authenticate]: module "eap" returns handled for request 0
modcall: group authenticate returns handled for request 0
Sending Access-Challenge of id 48 to 192.168.0.20:1206
EAP-Message = 0x010200061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xd409266b7b84fd964331bed3eeaa28e7
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.0.20:1206, id=49,
length=214
User-Name = "debik"
NAS-IP-Address = 192.168.0.20
NAS-Port = 0
Called-Station-Id = "00-0D-88-F2-69-0E"
Calling-Station-Id = "00-0F-CB-B0-06-86"
NAS-Identifier = "dlink"
Framed-MTU = 1380
NAS-Port-Type = Wireless-802.11
EAP-Message =
0x0202005019800000004616030100410100003d030143958782e70aee5659c0bfe7eb0584cec3c2aba075e8a56625bc53f97bea5c3400001600040005000a0009006400
62000300060013001200630100
State = 0xd409266b7b84fd964331bed3eeaa28e7
Message-Authenticator = 0x9a3362a24be687fbdafad2133f24ea4e
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
modcall[authorize]: module "preprocess" returns ok for request 1
modcall[authorize]: module "chap" returns noop for request 1
modcall[authorize]: module "mschap" returns noop for request 1
rlm_realm: No '@' in User-Name = "debik", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 1
rlm_eap: EAP packet type response id 2 length 80
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 1
users: Matched debik at 1
modcall[authorize]: module "files" returns ok for request 1
modcall: group authorize returns updated for request 1
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 1
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
(other): before/accept initialization
TLS_accept: before/accept initialization
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0041], ClientHello
TLS_accept: SSLv3 read client hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
TLS_accept: SSLv3 write server hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0589], Certificate
TLS_accept: SSLv3 write certificate A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
TLS_accept: SSLv3 write server done A
TLS_accept: SSLv3 flush data
TLS_accept:error in SSLv3 read client certificate A
In SSL Handshake Phase
In SSL Accept mode
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 1
modcall: group authenticate returns handled for request 1
Sending Access-Challenge of id 49 to 192.168.0.20:1206
EAP-Message =
0x0103040a19c0000005e6160301004a02000046030143958528b6f0e8b16fbb2f8683d68f408394292ac7e827a85fc26fcbff876995208e832c8ad766b0b6d131231d61
d7c64bfa5b8fedc936807e160a24dbb3064c3100040016030105890b00058500058200025c30820258308201c1020900c59f08c38d6114ab300d06092a864886f70d01010405003068310b30090603
5504061302504c311530130603550408130c646f6c6e6f736c61736b6965311330110603550407130a50726f63686f776963653111300f060355040a1308646562696b6e6574311a301806092a8648
86f70d010901160b646562696b4076702e706c301e170d3035313230
EAP-Message =
0x353134303031305a170d3135313230333134303031305a3079310b300906035504061302504c311530130603550408130c646f6c6e6f736c61736b6965311330110603
550407130a50726f63686f776963653111300f060355040a1308646562696b6e6574310f300d06035504031306526164697573311a301806092a864886f70d010901160b646562696b4076702e706c
30819f300d06092a864886f70d010101050003818d0030818902818100ad2ccaf9101658a275609bf273302ad9cc21bab195cb383e347778554223d111b1c3b8b86f40a9d9b64ac4316df79dfe7013
bb7091855f4bfc27d2f40eb73f87c6288925728f67c34abc07baff7f
EAP-Message =
0x22188b4b15baee9f924ecc124130fbdad9df9e91134ec1c1b191501edc3043001162fe9c2db36c4df2311b8be44ff48a95cd0203010001300d06092a864886f70d0101
04050003818100170e4dd30a49556585d3d291f663e4ef67f98c95312118180cceec62837a6d32bdcb6c74125071fecbdc7943a0740f925beac9f15312b6c0306a7ec093d5331a1f790571423aca1f
6b79f22feb4c077366ddded369f9de70a4a3c3037f43a44adccf8836c3c4dc477b2d519f2cb411d8c965529cbf853fe41bf096fed77c309b0003203082031c30820285a00302010202090085b8227a
5105b072300d06092a864886f70d01010405003068310b3009060355
EAP-Message =
0x04061302504c311530130603550408130c646f6c6e6f736c61736b6965311330110603550407130a50726f63686f776963653111300f060355040a1308646562696b6e
6574311a301806092a864886f70d010901160b646562696b4076702e706c301e170d3035313230353133353832365a170d3135313230333133353832365a3068310b300906035504061302504c3115
30130603550408130c646f6c6e6f736c61736b6965311330110603550407130a50726f63686f776963653111300f060355040a1308646562696b6e6574311a301806092a864886f70d010901160b64
6562696b4076702e706c30819f300d06092a864886f70d0101010500
EAP-Message = 0x03818d0030818902818100e38abc83ea7d012624fa56
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x12a04df1d25bc567048572358616fcd5
Finished request 1
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.0.20:1206, id=50,
length=140
User-Name = "debik"
User-Name = "debik"
NAS-IP-Address = 192.168.0.20
NAS-Port = 0
Called-Station-Id = "00-0D-88-F2-69-0E"
Calling-Station-Id = "00-0F-CB-B0-06-86"
NAS-Identifier = "dlink"
Framed-MTU = 1380
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x020300061900
State = 0x12a04df1d25bc567048572358616fcd5
Message-Authenticator = 0x235f8e4035fb9dae121b4d90e4af7f00
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
modcall[authorize]: module "preprocess" returns ok for request 2
modcall[authorize]: module "chap" returns noop for request 2
modcall[authorize]: module "mschap" returns noop for request 2
rlm_realm: No '@' in User-Name = "debik", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 2
rlm_eap: EAP packet type response id 3 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 2
users: Matched debik at 1
modcall[authorize]: module "files" returns ok for request 2
modcall: group authorize returns updated for request 2
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 2
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 2
modcall: group authenticate returns handled for request 2
Sending Access-Challenge of id 50 to 192.168.0.20:1206
EAP-Message =
0x010401ec1900a217587efb570cd3ad86c9451a2be31057de20c5ad878f5f9d58602c6b5b6d214e3c95acd92bf69a81245d7b1fa23166837166423f6bb78178e3e3293d
eb7dc818e27da8aa78ab1926fce97cb179b7dcd5396dfc57e5369bcb295aab2fa3ca9e46350815545fb00809c6e11bb052907951d486484f0203010001a381cd3081ca301d0603551d0e04160414fb
0932b35698efe3daab492c7864a9fb679850d930819a0603551d2304819230818f8014fb0932b35698efe3daab492c7864a9fb679850d9a16ca46a3068310b300906035504061302504c3115301306
03550408130c646f6c6e6f736c61736b696531133011060355040713
EAP-Message =
0x0a50726f63686f776963653111300f060355040a1308646562696b6e6574311a301806092a864886f70d010901160b646562696b4076702e706c82090085b8227a5105
b072300c0603551d13040530030101ff300d06092a864886f70d0101040500038181003e39e5a843ee73c4d83cf96c051e0b41648b388e9aefb50622b05bb100e089c157dde4497246b15857839aac
30ccb7483aec2fa2b571e372b374b7b16a660b9be2c5190ba106fb0dce346f46e0cd44b815bdad2ad834699c72a4625015e7ba591452dec105ef0bb7492fb2d4a7e0ea85c8bae823ada82d77635e13
a144405a8416030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xd64aaa565bb9852f6f3a2b54484b28dc
Finished request 2
Going to the next request
--- Walking the entire request list ---
Cleaning up request 0 ID 48 with timestamp 43958528
Cleaning up request 1 ID 49 with timestamp 43958528
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.0.20:1206, id=51,
length=326
User-Name = "debik"
NAS-IP-Address = 192.168.0.20
NAS-Port = 0
Called-Station-Id = "00-0D-88-F2-69-0E"
Calling-Station-Id = "00-0F-CB-B0-06-86"
NAS-Identifier = "dlink"
Framed-MTU = 1380
NAS-Port-Type = Wireless-802.11
EAP-Message =
0x020400c01980000000b6160301008610000082008014b0b7a4bc9c45391d798b40293b3fee2381910cdb4f9af290c83b643f98645e2ef3d4226bc21923a77a5c418fe4
c748c44a7188f6eda2b3cece213d12e32ac93f4f9ecfc5a604fc758d918114e99eff6a985febbcb33c81c85f18cb85ccafd787fb77c263e56bfa5f6cc1c34e000ffffbe8d8c7e4cf8542f4c16b7f31
f2ac111403010001011603010020f8a252f5e71e671bbc7330cf10ca9a39a34eb9bc10bace79d0ae59583b648289
State = 0xd64aaa565bb9852f6f3a2b54484b28dc
Message-Authenticator = 0x64ea60b0db912489a53276326ade6844
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 3
modcall[authorize]: module "preprocess" returns ok for request 3
modcall[authorize]: module "chap" returns noop for request 3
modcall[authorize]: module "mschap" returns noop for request 3
rlm_realm: No '@' in User-Name = "debik", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 3
rlm_eap: EAP packet type response id 4 length 192
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 3
users: Matched debik at 1
modcall[authorize]: module "files" returns ok for request 3
modcall: group authorize returns updated for request 3
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 3
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
TLS_accept: SSLv3 read client key exchange A
rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001]
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 read finished A
rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001]
TLS_accept: SSLv3 write change cipher spec A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 write finished A
TLS_accept: SSLv3 flush data
(other): SSL negotiation finished successfully
SSL Connection Established
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 3
modcall: group authenticate returns handled for request 3
Sending Access-Challenge of id 51 to 192.168.0.20:1206
EAP-Message =
0x01050031190014030100010116030100208eb9a4b1373a0af658bee7efec4987165d4c8196370248598649a9fc3b7f2e44
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xc49efeda851d78556950d82633fb46c5
Finished request 3
Going to the next request
--- Walking the entire request list ---
Cleaning up request 2 ID 50 with timestamp 43958534
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.0.20:1206, id=52,
length=140
User-Name = "debik"
NAS-IP-Address = 192.168.0.20
NAS-Port = 0
Called-Station-Id = "00-0D-88-F2-69-0E"
Calling-Station-Id = "00-0F-CB-B0-06-86"
NAS-Identifier = "dlink"
Framed-MTU = 1380
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x020500061900
State = 0xc49efeda851d78556950d82633fb46c5
Message-Authenticator = 0x9e4324d1bf70f18fb05af290cb00713a
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 4
modcall[authorize]: module "preprocess" returns ok for request 4
modcall[authorize]: module "chap" returns noop for request 4
modcall[authorize]: module "mschap" returns noop for request 4
rlm_realm: No '@' in User-Name = "debik", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 4
rlm_eap: EAP packet type response id 5 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 4
users: Matched debik at 1
modcall[authorize]: module "files" returns ok for request 4
modcall: group authorize returns updated for request 4
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 4
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake is finished
eaptls_verify returned 3
eaptls_process returned 3
rlm_eap_peap: EAPTLS_SUCCESS
modcall[authenticate]: module "eap" returns handled for request 4
modcall: group authenticate returns handled for request 4
Sending Access-Challenge of id 52 to 192.168.0.20:1206
EAP-Message =
0x0106002019001703010015c9d61d5c36917ecdb8e18d14cd08a39ff1f674f6c2
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x4534e9f630888261fb6fe1c94fbf6b4e
Finished request 4
Going to the next request
--- Walking the entire request list ---
Cleaning up request 3 ID 51 with timestamp 43958542
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.0.20:1206, id=53,
length=167
User-Name = "debik"
NAS-IP-Address = 192.168.0.20
NAS-Port = 0
Called-Station-Id = "00-0D-88-F2-69-0E"
Calling-Station-Id = "00-0F-CB-B0-06-86"
NAS-Identifier = "dlink"
Framed-MTU = 1380
NAS-Port-Type = Wireless-802.11
EAP-Message =
0x0206002119001703010016184d73dc80cba0f7d497edb0c2623e4810732c2faba2
State = 0x4534e9f630888261fb6fe1c94fbf6b4e
Message-Authenticator = 0xa681c5144dfee7628207f0919726e044
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 5
modcall[authorize]: module "preprocess" returns ok for request 5
modcall[authorize]: module "chap" returns noop for request 5
modcall[authorize]: module "mschap" returns noop for request 5
rlm_realm: No '@' in User-Name = "debik", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 5
rlm_eap: EAP packet type response id 6 length 33
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 5
users: Matched debik at 1
modcall[authorize]: module "files" returns ok for request 5
modcall: group authorize returns updated for request 5
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 5
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: Identity - debik
rlm_eap_peap: Tunneled data is valid.
PEAP: Got tunneled EAP-Message
EAP-Message = 0x0206000a01646562696b
PEAP: Got tunneled identity of debik
PEAP: Setting default EAP type for tunneled EAP session.
PEAP: Setting User-Name to debik
PEAP: Sending tunneled request
EAP-Message = 0x0206000a01646562696b
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "debik"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 5
modcall[authorize]: module "preprocess" returns ok for request 5
modcall[authorize]: module "chap" returns noop for request 5
modcall[authorize]: module "mschap" returns noop for request 5
rlm_realm: No '@' in User-Name = "debik", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 5
rlm_eap: EAP packet type response id 6 length 10
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 5
users: Matched debik at 1
modcall[authorize]: module "files" returns ok for request 5
modcall: group authorize returns updated for request 5
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 5
rlm_eap: EAP Identity
rlm_eap: processing type mschapv2
rlm_eap_mschapv2: Issuing Challenge
modcall[authenticate]: module "eap" returns handled for request 5
modcall: group authenticate returns handled for request 5
PEAP: Got tunneled reply RADIUS code 11
EAP-Message =
0x0107001f1a0107001a10122e94021a49b9d91abf5d5da281997e646562696b
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xcd4923eddcb6bf6b9817de86fa2b297e
PEAP: Processing from tunneled session code 0x8164490 11
EAP-Message =
0x0107001f1a0107001a10122e94021a49b9d91abf5d5da281997e646562696b
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xcd4923eddcb6bf6b9817de86fa2b297e
PEAP: Got tunneled Access-Challenge
modcall[authenticate]: module "eap" returns handled for request 5
modcall: group authenticate returns handled for request 5
Sending Access-Challenge of id 53 to 192.168.0.20:1206
EAP-Message =
0x010700361900170301002b33df14728848abaf757de4623752468afe9055407f1de5e26969e870a3f18d5af3d413a600636cefc8754c
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xade4e1d7dc126e63b410f3afea66e71c
Finished request 5
Going to the next request
--- Walking the entire request list ---
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 192.168.0.20:1206, id=54,
length=221
User-Name = "debik"
NAS-IP-Address = 192.168.0.20
NAS-Port = 0
Called-Station-Id = "00-0D-88-F2-69-0E"
Calling-Station-Id = "00-0F-CB-B0-06-86"
NAS-Identifier = "dlink"
Framed-MTU = 1380
NAS-Port-Type = Wireless-802.11
EAP-Message =
0x020700571900170301004c2570b32e76e1448dfd467aa52174cfa19a916c9d1d37d3b2a5a398264e042dc9b0e3d7af28b2d9001c6418835ee3ac0d9f7f4cb7936f32cb
b10a2f433de88f39f1078962e5a5e3e091f436a9
State = 0xade4e1d7dc126e63b410f3afea66e71c
Message-Authenticator = 0x8c537236cb4fb0018e7bf1c1906bded3
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 6
modcall[authorize]: module "preprocess" returns ok for request 6
modcall[authorize]: module "chap" returns noop for request 6
modcall[authorize]: module "mschap" returns noop for request 6
rlm_realm: No '@' in User-Name = "debik", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 6
rlm_eap: EAP packet type response id 7 length 87
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 6
users: Matched debik at 1
modcall[authorize]: module "files" returns ok for request 6
modcall: group authorize returns updated for request 6
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 6
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: EAP type mschapv2
rlm_eap_peap: Tunneled data is valid.
PEAP: Got tunneled EAP-Message
EAP-Message =
0x020700401a0207003b31ebc8273c78a1ee903bd1d5ec117ac6510000000000000000da0517de9bbbea89b5a02566f8d040e0c7de299c3eb3b89600646562696b
PEAP: Setting User-Name to debik
PEAP: Adding old state with cd 49
PEAP: Sending tunneled request
EAP-Message =
0x020700401a0207003b31ebc8273c78a1ee903bd1d5ec117ac6510000000000000000da0517de9bbbea89b5a02566f8d040e0c7de299c3eb3b89600646562696b
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "debik"
State = 0xcd4923eddcb6bf6b9817de86fa2b297e
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 6
modcall[authorize]: module "preprocess" returns ok for request 6
modcall[authorize]: module "chap" returns noop for request 6
modcall[authorize]: module "mschap" returns noop for request 6
rlm_realm: No '@' in User-Name = "debik", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 6
rlm_eap: EAP packet type response id 7 length 64
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 6
users: Matched debik at 1
modcall[authorize]: module "files" returns ok for request 6
modcall: group authorize returns updated for request 6
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 6
rlm_eap: Request found, released from the list
rlm_eap: EAP/mschapv2
rlm_eap: processing type mschapv2
Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 6
rlm_mschap: Told to do MS-CHAPv2 for debik with NT-Password
rlm_mschap: adding MS-CHAPv2 MPPE keys
modcall[authenticate]: module "mschap" returns ok for request 6
modcall: group Auth-Type returns ok for request 6
MSCHAP Success
modcall[authenticate]: module "eap" returns handled for request 6
modcall: group authenticate returns handled for request 6
PEAP: Got tunneled reply RADIUS code 11
MS-CHAP2-Success =
0x07533d45344231323736453530433733414432384138323433363838463143343844353736354146384236
EAP-Message =
0x010800331a0307002e533d45344231323736453530433733414432384138323433363838463143343844353736354146384236
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x2f9b4d86c83410ad597e09d3eafceef2
PEAP: Processing from tunneled session code 0x8185120 11
MS-CHAP2-Success =
0x07533d45344231323736453530433733414432384138323433363838463143343844353736354146384236
EAP-Message =
0x010800331a0307002e533d45344231323736453530433733414432384138323433363838463143343844353736354146384236
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x2f9b4d86c83410ad597e09d3eafceef2
PEAP: Got tunneled Access-Challenge
modcall[authenticate]: module "eap" returns handled for request 6
modcall: group authenticate returns handled for request 6
Sending Access-Challenge of id 54 to 192.168.0.20:1206
EAP-Message =
0x0108004a1900170301003f43f9794f14dad7490df6a0127647429960ca6a93f0a5ec0c612d436d04a1183737e77eb2d8fdbc121abf7ddb4a26ebcc2bf05dc8d367b108
80a4cb4b61c514
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x8544df4e4de2c39dd35ee988e2fb9320
Finished request 6
Going to the next request
--- Walking the entire request list ---
Cleaning up request 4 ID 52 with timestamp 4395854e
Cleaning up request 5 ID 53 with timestamp 4395854f
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.0.20:1206, id=55,
length=163
User-Name = "debik"
NAS-IP-Address = 192.168.0.20
NAS-Port = 0
Called-Station-Id = "00-0D-88-F2-69-0E"
Calling-Station-Id = "00-0F-CB-B0-06-86"
NAS-Identifier = "dlink"
Framed-MTU = 1380
NAS-Port-Type = Wireless-802.11
EAP-Message =
0x0208001d1900170301001229f578af00b8fc7235c8eaa68fcdbc72feae
State = 0x8544df4e4de2c39dd35ee988e2fb9320
Message-Authenticator = 0x34ad86e3f2b7da07034b5fc3aca6e3d3
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 7
modcall[authorize]: module "preprocess" returns ok for request 7
modcall[authorize]: module "chap" returns noop for request 7
modcall[authorize]: module "mschap" returns noop for request 7
rlm_realm: No '@' in User-Name = "debik", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 7
rlm_eap: EAP packet type response id 8 length 29
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 7
users: Matched debik at 1
modcall[authorize]: module "files" returns ok for request 7
modcall: group authorize returns updated for request 7
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 7
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: EAP type mschapv2
rlm_eap_peap: Tunneled data is valid.
PEAP: Got tunneled EAP-Message
EAP-Message = 0x020800061a03
PEAP: Setting User-Name to debik
PEAP: Adding old state with 2f 9b
PEAP: Sending tunneled request
EAP-Message = 0x020800061a03
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "debik"
State = 0x2f9b4d86c83410ad597e09d3eafceef2
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 7
modcall[authorize]: module "preprocess" returns ok for request 7
modcall[authorize]: module "chap" returns noop for request 7
modcall[authorize]: module "mschap" returns noop for request 7
rlm_realm: No '@' in User-Name = "debik", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 7
rlm_eap: EAP packet type response id 8 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 7
users: Matched debik at 1
modcall[authorize]: module "files" returns ok for request 7
modcall: group authorize returns updated for request 7
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 7
rlm_eap: Request found, released from the list
rlm_eap: EAP/mschapv2
rlm_eap: processing type mschapv2
rlm_eap: Freeing handler
modcall[authenticate]: module "eap" returns ok for request 7
modcall: group authenticate returns ok for request 7
PEAP: Got tunneled reply RADIUS code 2
EAP-Message = 0x03080004
Message-Authenticator = 0x00000000000000000000000000000000
User-Name = "debik"
PEAP: Processing from tunneled session code 0x8176398 2
EAP-Message = 0x03080004
Message-Authenticator = 0x00000000000000000000000000000000
User-Name = "debik"
PEAP: Tunneled authentication was successful.
rlm_eap_peap: SUCCESS
modcall[authenticate]: module "eap" returns handled for request 7
modcall: group authenticate returns handled for request 7
Sending Access-Challenge of id 55 to 192.168.0.20:1206
EAP-Message =
0x010900261900170301001bdc1040801ce3f38b12fc19dd2138d8d9940b5c8ebc70d74477ee40
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x602378d5819fe5645fdad491ddd742d0
Finished request 7
Going to the next request
--- Walking the entire request list ---
Cleaning up request 6 ID 54 with timestamp 4395855a
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.0.20:1206, id=56,
length=172
User-Name = "debik"
NAS-IP-Address = 192.168.0.20
NAS-Port = 0
Called-Station-Id = "00-0D-88-F2-69-0E"
Calling-Station-Id = "00-0F-CB-B0-06-86"
NAS-Identifier = "dlink"
Framed-MTU = 1380
NAS-Port-Type = Wireless-802.11
EAP-Message =
0x020900261900170301001b84822106a8b961bb5fb40fc1fc1c6b371d3e6bc860496feeca0474
State = 0x602378d5819fe5645fdad491ddd742d0
Message-Authenticator = 0xc1aab6cc12adf088eb3c1f97aff29cb7
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 8
modcall[authorize]: module "preprocess" returns ok for request 8
modcall[authorize]: module "chap" returns noop for request 8
modcall[authorize]: module "mschap" returns noop for request 8
rlm_realm: No '@' in User-Name = "debik", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 8
rlm_eap: EAP packet type response id 9 length 38
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 8
users: Matched debik at 1
modcall[authorize]: module "files" returns ok for request 8
modcall: group authorize returns updated for request 8
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 8
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: Received EAP-TLV response.
rlm_eap_peap: Tunneled data is valid.
rlm_eap_peap: Success
rlm_eap: Freeing handler
modcall[authenticate]: module "eap" returns ok for request 8
modcall: group authenticate returns ok for request 8
Sending Access-Accept of id 56 to 192.168.0.20:1206
MS-MPPE-Recv-Key =
0xb77d91b85373992858a401f5c10221d07cb98ff5a27df64e28d42d1fd90b78ba
MS-MPPE-Send-Key =
0x3225b819a201a32e2d56693c1a3183196b2693be1017cf2c8a3679a9d6ec9c82
EAP-Message = 0x03090004
Message-Authenticator = 0x00000000000000000000000000000000
User-Name = "debik"
Finished request 8
Going to the next request
---------
So as you can se everything seems to be allright .
Am i right ???
----- Original Message -----
From: "Zoltan A. Ori" <z.ori at morehead-st.edu>
To: "FreeRadius users mailing list" <freeradius-users at lists.freeradius.org>
Sent: Tuesday, December 06, 2005 1:10 PM
Subject: Re: XP auth + PEAP
>
> On Tuesday 06 December 2005 04:10, debik wrote:
>> The problem is that i connect to the netowrk but i don't se the network.
>> Ican't not ping any hosts.
>
> And what have you done to troubleshoot your connection?
>
> You must check your network. If the supplicant connects as you say, then
> either the network information you've given it is unusable or the NAS is
> not
> forwarding traffic. Everything will do what you tell it to do. It's basic
> network stuff and not for the FreeRADIUS mailing list.
>
> When connected, check your supplicant (Windows XP SP2, this is *not* the
> client). Look at the detailed status of the connection. Is the address,
> subnet mask, gateway usable on your network?
>
> Check the NAS (*this* is the client, not your Windows PC). Is it in
> agreement
> that the supplicant is authenticated and ready to forward traffic?
>
> Those are questions to ask yourself and check. We don't need to know the
> answers. You do. There is nothing anyone on this list can do to help you
> if
> all you can give are vague, general statements of your problem.
>
>
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
> __________ NOD32 Informacje 1.1312 (20051205) __________
>
> Wiadomosc zostala sprawdzona przez System Antywirusowy NOD32
> http://www.nod32.com lub http://www.nod32.pl
>
>
More information about the Freeradius-Users
mailing list