Mac PEAP authentication with FreeRADIUS Pre2.0
King, Michael
MKing at bridgew.edu
Thu Feb 1 16:12:25 CET 2007
Resending First two were too big
I've been testing with FreeRADIUS 2.0 Pre (CVS nightly snapshots, this
one dated the either the 12th or the 16th of January, can't remember.)
When I use a windows machine, it works fine.
When I try a Mac (PowerMac 10.4.8, but have tried also on 10.3.x), it
seems to not work. The Mac throws an error "802.1x Authentication has
failed."
Here's the debug. Server is using ntlm_auth to talk to active
directory. PEAP and TTLS are enabled, using a trusted root certificate
issued via Equifax.
Mac is configured only to perform PEAP
I'm running a server on 1.0.4, with virtually the identical config.
(only difference is I changed certificates, and commented out the Port
and Address directives, and configured the Listen section), and the MAC
works fine.
Any idea's?
rad_recv: Access-Request packet from host 10.0.1.22 port 32769, id=165,
length=171
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message = 0x0201000a016d6b696e67
Message-Authenticator = 0xc7a736e44368def56d66ca97def52e66
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
modcall[authorize]: module "unix" returns notfound for request 0
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: EAP packet type response id 1 length 10
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 0
modcall[authorize]: module "files" returns noop for request 0
modcall[authorize]: module "expiration" returns noop for request 0
modcall[authorize]: module "logintime" returns noop for request 0
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 0
modcall: group authorize returns updated for request 0
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
modcall[authenticate]: module "eap" returns handled for request 0
modcall: group authenticate returns handled for request 0
Sending Access-Challenge of id 165 to 10.0.1.22 port 32769
EAP-Message = 0x010200061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xd5b7f711e4e5f357067fd5227bb9469b
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 10.0.1.22 port 32769, id=166,
length=297
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message =
0x0202007619800000006c160301006701000063030145c0cf0d28e2df34bc54f46575ef
c682373748ed7736d3b232bacf977c1139d200003c002f000500040035000aff830009ff
82000300080006ff8000320033003400380039003a001600150014001300120011001800
1b001a0017001900010100
State = 0xd5b7f711e4e5f357067fd5227bb9469b
Message-Authenticator = 0xffa4f10599a73d7d9b2ea7c7a026877d
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
modcall[authorize]: module "preprocess" returns ok for request 1
modcall[authorize]: module "chap" returns noop for request 1
modcall[authorize]: module "mschap" returns noop for request 1
modcall[authorize]: module "unix" returns notfound for request 1
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 1
rlm_eap: EAP packet type response id 2 length 118
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 1
modcall[authorize]: module "files" returns noop for request 1
modcall[authorize]: module "expiration" returns noop for request 1
modcall[authorize]: module "logintime" returns noop for request 1
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 1
modcall: group authorize returns updated for request 1
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 1
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
(other): before/accept initialization
TLS_accept: before/accept initialization
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0067], ClientHello
TLS_accept: SSLv3 read client hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
TLS_accept: SSLv3 write server hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0f42], Certificate
TLS_accept: SSLv3 write certificate A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
TLS_accept: SSLv3 write server done A
TLS_accept: SSLv3 flush data
TLS_accept:error in SSLv3 read client certificate A
rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0)
In SSL Handshake Phase
In SSL Accept mode
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 1
modcall: group authenticate returns handled for request 1
Sending Access-Challenge of id 166 to 10.0.1.22 port 32769
EAP-Message =
0x0103040a19c000000f9f160301004a02000046030145c0cdfb13b32b7a4673263263b3
c5c468cb8bf6ea744368e05f9c6dcfc1accc20b6a3638e33dfea10a399d3ffed143abad5
128f2976e995e0678b05b4e328b876002f001603010f420b000f3e000f3b00068d308206
89308205f2a0030201020203009187300d06092a864886f70d010105050030820112310b
3009060355040613024553311230100603550408130942617263656c6f6e613112301006
03550407130942617263656c6f6e6131293027060355040a132049505320436572746966
69636174696f6e20417574686f7269747920732e6c2e312e302c060355040a142567656e
6572
EAP-Message =
0x616c4069707363612e636f6d20432e492e462e2020422d423632323130363935312e30
2c060355040b1325697073434120434c41534541312043657274696669636174696f6e20
417574686f72697479312e302c06035504031325697073434120434c4153454131204365
7274696669636174696f6e20417574686f726974793120301e06092a864886f70d010901
161167656e6572616c4069707363612e636f6d301e170d3036303530343232313331345a
170d3038303530333232313331345a3081c3310b30090603550406130255533116301406
03550408130d4d617373616368757365747473311430120603550407130b427269646765
7761
EAP-Message =
0x74657231223020060355040a1319427269646765776174657220537461746520436f6c
6c656765311b3019060355040b131254656c65636f6d6d756e69636174696f6e73312030
1e06035504031317726164322e63616d7075732e627269646765772e6564753123302106
092a864886f70d010901161474656c65636f6d6d40627269646765772e65647530819f30
0d06092a864886f70d010101050003818d0030818902818100bafacc8f16e6686769b809
7698e2aeef926367d3d91ab2eb0110ca80f484c9c0ca3ce4eb11e92ffc968e9b585444c9
557738f9ae5839a7b1d10ece940548abb5def53f18be41dc5a5c83a0011481450cfeafcd
7a7e
EAP-Message =
0xd7ff87eb7e1ca346ee2a361e8093b98ba19c272f43d213c7d3f58847e6709ef86714eb
f0736a01d0f4c44d0203010001a38203373082033330090603551d130402300030110609
6086480186f8420101040403020640300b0603551d0f0404030203f830130603551d2504
0c300a06082b06010505070301301d0603551d0e04160414788bb22abb6e8a41d4a35b01
66a8047f0746d9b7301f0603551d230418301680140e0760d439c91b5b5d907b23c8d234
9d4a9a4639301f0603551d1104183016811474656c65636f6d6d40627269646765772e65
6475301c0603551d1204153013811167656e6572616c4069707363612e636f6d30720609
6086
EAP-Message = 0x480186f842010d046516634f7267616e697a6174696f
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xd81ec1bb27d01b67ec3eaf8c75a12379
Finished request 1
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 10.0.1.22 port 32769, id=167,
length=185
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message = 0x020300061900
State = 0xd81ec1bb27d01b67ec3eaf8c75a12379
Message-Authenticator = 0x114ab155d61d2e0fa003a1d0db140f25
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
modcall[authorize]: module "preprocess" returns ok for request 2
modcall[authorize]: module "chap" returns noop for request 2
modcall[authorize]: module "mschap" returns noop for request 2
modcall[authorize]: module "unix" returns notfound for request 2
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 2
rlm_eap: EAP packet type response id 3 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 2
modcall[authorize]: module "files" returns noop for request 2
modcall[authorize]: module "expiration" returns noop for request 2
modcall[authorize]: module "logintime" returns noop for request 2
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 2
modcall: group authorize returns updated for request 2
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 2
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 2
modcall: group authenticate returns handled for request 2
Sending Access-Challenge of id 167 to 10.0.1.22 port 32769
EAP-Message =
0x0104040619406e20496e666f726d6174696f6e204e4f542056414c4944415445442e20
434c41534541312053657276657220436572746966696361746520697373756564206279
2068747470733a2f2f7777772e69707363612e636f6d2f302f06096086480186f8420102
0422162068747470733a2f2f7777772e69707363612e636f6d2f6970736361323030322f
304306096086480186f84201040436163468747470733a2f2f7777772e69707363612e63
6f6d2f6970736361323030322f697073636132303032434c41534541312e63726c304606
096086480186f84201030439163768747470733a2f2f7777772e69707363612e636f6d2f
6970
EAP-Message =
0x736361323030322f7265766f636174696f6e434c41534541312e68746d6c3f30430609
6086480186f84201070436163468747470733a2f2f7777772e69707363612e636f6d2f69
70736361323030322f72656e6577616c434c41534541312e68746d6c3f30410609608648
0186f84201080434163268747470733a2f2f7777772e69707363612e636f6d2f69707363
61323030322f706f6c696379434c41534541312e68746d6c3081830603551d1f047c307a
3039a037a0358633687474703a2f2f7777772e69707363612e636f6d2f69707363613230
30322f697073636132303032434c41534541312e63726c303da03ba0398637687474703a
2f2f
EAP-Message =
0x7777776261636b2e69707363612e636f6d2f6970736361323030322f69707363613230
3032434c41534541312e63726c303206082b0601050507010104263024302206082b0601
05050730018616687474703a2f2f6f6373702e69707363612e636f6d2f300d06092a8648
86f70d0101050500038181002f3dd42c1e10181bdd0c69894e19e045c958fd430fc2fd52
9a6c0c19db08b7df43ee5b948d26f7dbcfe04d0ae488f7ecee9dbedc296722a33c0d0291
c1244aa67c913c4e2fe2cae9087971f71e42f5da2fb52f5288ed6d4ed3e5b47165d4ba89
fd3a37d2fd6de04ad2ac3bb0873f97626c50338a20d91ea129be3539037cf4e80005ea30
8205
EAP-Message =
0xe63082054fa0030201020203009018300d06092a864886f70d01010505003081a3310b
3009060355040613024553311230100603550408130942415243454c4f4e413112301006
03550407130942415243454c4f4e4131193017060355040a131049505320536567757269
64616420434131183016060355040b130f43657274696669636163696f6e657331173015
0603550403130e495053205345525649444f524553311e301c06092a864886f70d010901
160f697073406d61696c2e6970732e6573301e170d3031313233303133333631315a170d
3235313232393133333631315a30820112310b3009060355040613024553311230100603
5504
EAP-Message = 0x08130942617263656c6f6e61311230100603
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xf1011404227a553879fda99e0ed324dd
Finished request 2
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 10.0.1.22 port 32769, id=168,
length=185
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message = 0x020400061900
State = 0xf1011404227a553879fda99e0ed324dd
Message-Authenticator = 0x6c51c58fbb55463f18efc0de6c491d1c
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 3
modcall[authorize]: module "preprocess" returns ok for request 3
modcall[authorize]: module "chap" returns noop for request 3
modcall[authorize]: module "mschap" returns noop for request 3
modcall[authorize]: module "unix" returns notfound for request 3
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 3
rlm_eap: EAP packet type response id 4 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 3
modcall[authorize]: module "files" returns noop for request 3
modcall[authorize]: module "expiration" returns noop for request 3
modcall[authorize]: module "logintime" returns noop for request 3
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 3
modcall: group authorize returns updated for request 3
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 3
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 3
modcall: group authenticate returns handled for request 3
Sending Access-Challenge of id 168 to 10.0.1.22 port 32769
EAP-Message =
0x010504061940550407130942617263656c6f6e6131293027060355040a132049505320
43657274696669636174696f6e20417574686f7269747920732e6c2e312e302c06035504
0a142567656e6572616c4069707363612e636f6d20432e492e462e2020422d4236323231
30363935312e302c060355040b1325697073434120434c41534541312043657274696669
636174696f6e20417574686f72697479312e302c06035504031325697073434120434c41
534541312043657274696669636174696f6e20417574686f726974793120301e06092a86
4886f70d010901161167656e6572616c4069707363612e636f6d30819f300d06092a8648
86f7
EAP-Message =
0x0d010101050003818d0030818902818100a6f57366361da32f4fad2ad8ef0ca64befa7
1bacf7f246171bb202ab3e11898c6aa80fd8631499d71fbcb22768026ef43089ebadeb41
dcb44206fa481f138c64df872dc714d4a783e4723b32ead34d793165050933812b6ee636
ad211133362b68cabe432c37b73d69163be59dbe32a7d5df4a80fcda7370aad928822f68
bbb10203010001a38202b4308202b0300c0603551d13040530030101ff30110609608648
0186f8420101040403020007300c0603551d0f0405030307ff80306b0603551d25046430
6206082b0601050507030106082b0601050507030206082b0601050507030306082b0601
0505
EAP-Message =
0x07030406082b06010505070308060a2b060104018237020115060a2b06010401823702
0116060a2b0601040182370a0301060a2b0601040182370a0304301d0603551d0e041604
140e0760d439c91b5b5d907b23c8d2349d4a9a46393081ba0603551d230481b23081afa1
81a9a481a63081a3310b3009060355040613024553311230100603550408130942415243
454c4f4e41311230100603550407130942415243454c4f4e4131193017060355040a1310
4950532053656775726964616420434131183016060355040b130f436572746966696361
63696f6e6573311730150603550403130e495053205345525649444f524553311e301c06
092a
EAP-Message =
0x864886f70d010901160f697073406d61696c2e6970732e6573820100301c0603551d11
04153013811167656e6572616c4069707363612e636f6d30090603551d12040230003043
06096086480186f842010d04361634434c41534541312043412043657274696669636174
65206973737565642062792068747470733a2f2f7777772e6970732e65732f3022060960
86480186f84201020415161368747470733a2f2f7777772e6970732e65732f3073060355
1d1f046c306a3031a02fa02d862b68747470733a2f2f7777772e6970732e65732f63726c
2f6970735345525649444f52455363726c2e63726c3035a033a031862f68747470733a2f
2f77
EAP-Message = 0x77776261636b2e6970732e65732f63726c2f
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x5bd47dd150af5009605cdacc8a33cfae
Finished request 3
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 10.0.1.22 port 32769, id=169,
length=185
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message = 0x020500061900
State = 0x5bd47dd150af5009605cdacc8a33cfae
Message-Authenticator = 0xca319b1b087d5867f43ca2a3d436e6a0
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 4
modcall[authorize]: module "preprocess" returns ok for request 4
modcall[authorize]: module "chap" returns noop for request 4
modcall[authorize]: module "mschap" returns noop for request 4
modcall[authorize]: module "unix" returns notfound for request 4
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 4
rlm_eap: EAP packet type response id 5 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 4
modcall[authorize]: module "files" returns noop for request 4
modcall[authorize]: module "expiration" returns noop for request 4
modcall[authorize]: module "logintime" returns noop for request 4
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 4
modcall: group authorize returns updated for request 4
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 4
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 4
modcall: group authenticate returns handled for request 4
Sending Access-Challenge of id 169 to 10.0.1.22 port 32769
EAP-Message =
0x010603a519006970735345525649444f52455363726c2e63726c302f06082b06010505
07010104233021301f06082b060105050730018613687474703a2f2f6f6373702e697073
2e45532f300d06092a864886f70d01010505000381810027054a0c74c9145dc875c8deee
890c631e1f0184c702cb19d791c8dd3ecfb0c8f3f592b5548254621f32eb80a17d56f1e4
e7285926a47df0ca2d31c6c9f3709dc1cf5e26a4efb212e788e81985ed80e43902688763
a9133c6cf5456a22ce9656075fa6a3ee370a6e928b9e40de143019289390b7f3fcb54ef2
f7960ebb1094d40002bb308202b730820220020100300d06092a864886f70d0101040500
3081
EAP-Message =
0xa3310b3009060355040613024553311230100603550408130942415243454c4f4e4131
1230100603550407130942415243454c4f4e4131193017060355040a1310495053205365
6775726964616420434131183016060355040b130f43657274696669636163696f6e6573
311730150603550403130e495053205345525649444f524553311e301c06092a864886f7
0d010901160f697073406d61696c2e6970732e6573301e170d3938303130313233323130
375a170d3039313232393233323130375a3081a3310b3009060355040613024553311230
100603550408130942415243454c4f4e41311230100603550407130942415243454c4f4e
4131
EAP-Message =
0x193017060355040a13104950532053656775726964616420434131183016060355040b
130f43657274696669636163696f6e6573311730150603550403130e4950532053455256
49444f524553311e301c06092a864886f70d010901160f697073406d61696c2e6970732e
657330819f300d06092a864886f70d010101050003818d0030818902818100ac4f52749f
39ea8edc25c4bc985d986424093c21b3cc19b58e948e87d1f8373ea1c82d58a480355ba1
756c1d450c1f61636a5e6f9b0a4cc1c8b861233581fffeac78702d68e13a0798950254dd
cd23b78053d7c8374572062412ba1361218a6e7528e0c50f34fd36d8457fe1b836efb3e1
c620
EAP-Message =
0x8ee8b438bce13ef611de8c9d010203010001300d06092a864886f70d01010405000381
81002cf3c3795824dec63bd1e04269b8ee64b33d6201b9b384df237ddd98cf10a9fe00d8
22960513075457c5a7decbd9b88842f699db14771fb6fe253de1a23e03a981d22d6c47f5
96468c22abc8cc0d0e975e8b41b43bc40a06401ddd46f401ddba822e3c3d78709e7c18d0
abf8b877074671f1ca0b635c6af97294d5014fa0db4216030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xabf70c773528c0d794f6cd39da918c4f
Finished request 4
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 10.0.1.22 port 32769, id=170,
length=387
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message =
0x020600d01980000000c616030100861000008200804b2ceb2529d0338f2a0b8feececa
1d5a6fe6a1a15b2e21d1f9459fec741912eb395dee2fc21372761b38aca6cd69639a3307
f8e2929083b7b05f083acaa72e73fa02e0adab2764ea6fe3900127ad8eb936fe4cbf6f27
d1bda28396d98a3b158ad1a81c890ef2d7f25279d2e3026636ba53e4e3d48161a5b4f88d
64596eb714641403010001011603010030d1e1eac0b2617cab5f73cd22e40e2ecede9002
89770803dbb96cc5bdabc098307884f4058bc98dbc2365a0eeba5011ec
State = 0xabf70c773528c0d794f6cd39da918c4f
Message-Authenticator = 0x964e45b9956ba62639699f1be699f5a1
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 5
modcall[authorize]: module "preprocess" returns ok for request 5
modcall[authorize]: module "chap" returns noop for request 5
modcall[authorize]: module "mschap" returns noop for request 5
modcall[authorize]: module "unix" returns notfound for request 5
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 5
rlm_eap: EAP packet type response id 6 length 208
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 5
modcall[authorize]: module "files" returns noop for request 5
modcall[authorize]: module "expiration" returns noop for request 5
modcall[authorize]: module "logintime" returns noop for request 5
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 5
modcall: group authorize returns updated for request 5
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 5
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
TLS_accept: SSLv3 read client key exchange A
rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001]
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 read finished A
rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001]
TLS_accept: SSLv3 write change cipher spec A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 write finished A
TLS_accept: SSLv3 flush data
(other): SSL negotiation finished successfully
rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0)
SSL Connection Established
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 5
modcall: group authenticate returns handled for request 5
Sending Access-Challenge of id 170 to 10.0.1.22 port 32769
EAP-Message =
0x0107004119001403010001011603010030ad0db85f0a6ae2f1442b0f5cede52e87b536
3f91a97648ce79527519be374d9c75e4deaae32cc4ab21bc8b878be20f9a
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x8e85eaecc8226fe211c2fe676acabbab
Finished request 5
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 10.0.1.22 port 32769, id=171,
length=185
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message = 0x020700061900
State = 0x8e85eaecc8226fe211c2fe676acabbab
Message-Authenticator = 0xec37697dac66fd504b727c9614b5e4bd
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 6
modcall[authorize]: module "preprocess" returns ok for request 6
modcall[authorize]: module "chap" returns noop for request 6
modcall[authorize]: module "mschap" returns noop for request 6
modcall[authorize]: module "unix" returns notfound for request 6
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 6
rlm_eap: EAP packet type response id 7 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 6
modcall[authorize]: module "files" returns noop for request 6
modcall[authorize]: module "expiration" returns noop for request 6
modcall[authorize]: module "logintime" returns noop for request 6
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 6
modcall: group authorize returns updated for request 6
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 6
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake is finished
eaptls_verify returned 3
eaptls_process returned 3
rlm_eap_peap: EAPTLS_SUCCESS
modcall[authenticate]: module "eap" returns handled for request 6
modcall: group authenticate returns handled for request 6
Sending Access-Challenge of id 171 to 10.0.1.22 port 32769
EAP-Message =
0x0108002b190017030100202932520c3037cd7231c9e4c29bd5d8178f7161d5defa1c90
95e58a8799b06bcc
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x4031f009ed451856af719c2e10ecb267
Finished request 6
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 10.0.1.22 port 32769, id=172,
length=222
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message =
0x0208002b19001703010020badeca3e86dbf680d2b4062642dbb19cf5de37a53fa5ea82
cc655ffcdd62abe9
State = 0x4031f009ed451856af719c2e10ecb267
Message-Authenticator = 0x86a0512096f9f123c88beab135960e10
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 7
modcall[authorize]: module "preprocess" returns ok for request 7
modcall[authorize]: module "chap" returns noop for request 7
modcall[authorize]: module "mschap" returns noop for request 7
modcall[authorize]: module "unix" returns notfound for request 7
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 7
rlm_eap: EAP packet type response id 8 length 43
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 7
modcall[authorize]: module "files" returns noop for request 7
modcall[authorize]: module "expiration" returns noop for request 7
modcall[authorize]: module "logintime" returns noop for request 7
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 7
modcall: group authorize returns updated for request 7
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 7
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: Identity - mking
rlm_eap_peap: Tunneled data is valid.
PEAP: Got tunneled EAP-Message
EAP-Message = 0x0208000a016d6b696e67
PEAP: Got tunneled identity of mking
PEAP: Setting default EAP type for tunneled EAP session.
PEAP: Setting User-Name to mking
PEAP: Sending tunneled request
EAP-Message = 0x0208000a016d6b696e67
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 7
modcall[authorize]: module "preprocess" returns ok for request 7
modcall[authorize]: module "chap" returns noop for request 7
modcall[authorize]: module "mschap" returns noop for request 7
modcall[authorize]: module "unix" returns notfound for request 7
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 7
rlm_eap: EAP packet type response id 8 length 10
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 7
modcall[authorize]: module "files" returns noop for request 7
modcall[authorize]: module "expiration" returns noop for request 7
modcall[authorize]: module "logintime" returns noop for request 7
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 7
modcall: group authorize returns updated for request 7
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 7
rlm_eap: EAP Identity
rlm_eap: processing type mschapv2
rlm_eap_mschapv2: Issuing Challenge
modcall[authenticate]: module "eap" returns handled for request 7
modcall: group authenticate returns handled for request 7
PEAP: Got tunneled reply RADIUS code 11
EAP-Message =
0x0109001f1a0109001a1028bf33c556e4cdfa81a11bad54fdf8d76d6b696e67
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xd87f3ad01d5221db60e68f86307dd262
PEAP: Processing from tunneled session code 0x819c8b8 11
EAP-Message =
0x0109001f1a0109001a1028bf33c556e4cdfa81a11bad54fdf8d76d6b696e67
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xd87f3ad01d5221db60e68f86307dd262
PEAP: Got tunneled Access-Challenge
modcall[authenticate]: module "eap" returns handled for request 7
modcall: group authenticate returns handled for request 7
Sending Access-Challenge of id 172 to 10.0.1.22 port 32769
EAP-Message =
0x0109003b19001703010030189705fc9c090c645a4b12723c7a5b55a4ddf3e91433cbfa
3d977ba7edb7f43db02190855ba535e1bbb1e9440c0320a2
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x19165309aec39877b5010bb47b6dabdc
Finished request 7
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 10.0.1.22 port 32769, id=173,
length=286
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message =
0x0209006b190017030100608b0cb604ffd82e64496d5262cbcb1b171cce66fe9b6175f9
cea8f9a47ee102c0b35de4a50abd22a5288ba4ddf84f09f98fe72f921b8a7f609729f574
292b6ee3cae4533c4cdca8a5508761b7d28d5eeab872458ea7689d7c39feff98daa95089
State = 0x19165309aec39877b5010bb47b6dabdc
Message-Authenticator = 0x495f607941b37fe4a9319edfe2e5efd8
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 8
modcall[authorize]: module "preprocess" returns ok for request 8
modcall[authorize]: module "chap" returns noop for request 8
modcall[authorize]: module "mschap" returns noop for request 8
modcall[authorize]: module "unix" returns notfound for request 8
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 8
rlm_eap: EAP packet type response id 9 length 107
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 8
modcall[authorize]: module "files" returns noop for request 8
modcall[authorize]: module "expiration" returns noop for request 8
modcall[authorize]: module "logintime" returns noop for request 8
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 8
modcall: group authorize returns updated for request 8
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 8
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: EAP type mschapv2
rlm_eap_peap: Tunneled data is valid.
PEAP: Got tunneled EAP-Message
EAP-Message =
0x020900401a0209003b3175ee2ca867b01ee62b08d3297296360f000000000000000043
aed21fe3ad224567fa7bf4ee4761bce44d01cf2f2e3511006d6b696e67
PEAP: Setting User-Name to mking
PEAP: Adding old state with ffffffd8 7f
PEAP: Sending tunneled request
EAP-Message =
0x020900401a0209003b3175ee2ca867b01ee62b08d3297296360f000000000000000043
aed21fe3ad224567fa7bf4ee4761bce44d01cf2f2e3511006d6b696e67
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "mking"
State = 0xd87f3ad01d5221db60e68f86307dd262
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 8
modcall[authorize]: module "preprocess" returns ok for request 8
modcall[authorize]: module "chap" returns noop for request 8
modcall[authorize]: module "mschap" returns noop for request 8
modcall[authorize]: module "unix" returns notfound for request 8
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 8
rlm_eap: EAP packet type response id 9 length 64
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 8
modcall[authorize]: module "files" returns noop for request 8
modcall[authorize]: module "expiration" returns noop for request 8
modcall[authorize]: module "logintime" returns noop for request 8
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 8
modcall: group authorize returns updated for request 8
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 8
rlm_eap: Request found, released from the list
rlm_eap: EAP/mschapv2
rlm_eap: processing type mschapv2
Processing the authenticate section of radiusd.conf
modcall: entering group MS-CHAP for request 8
rlm_mschap: No Cleartext-Password configured. Cannot create
LM-Password.
rlm_mschap: No Cleartext-Password configured. Cannot create
NT-Password.
rlm_mschap: Told to do MS-CHAPv2 for mking with NT-Password
radius_xlat: Running registered xlat function of module mschap for
string 'User-Name'
radius_xlat: '--username=mking'
radius_xlat: Running registered xlat function of module mschap for
string 'Challenge'
mschap2: 28
radius_xlat: '--challenge=3a624fb67f99b29b'
radius_xlat: Running registered xlat function of module mschap for
string 'NT-Response'
radius_xlat:
'--nt-response=43aed21fe3ad224567fa7bf4ee4761bce44d01cf2f2e3511'
Exec-Program output: NT_KEY: 1BA2159EDC0597637BA8848B83AA9B2B
Exec-Program-Wait: plaintext: NT_KEY: 1BA2159EDC0597637BA8848B83AA9B2B
Exec-Program: returned: 0
rlm_mschap: adding MS-CHAPv2 MPPE keys
modcall[authenticate]: module "mschap" returns ok for request 8
modcall: group MS-CHAP returns ok for request 8
MSCHAP Success
modcall[authenticate]: module "eap" returns handled for request 8
modcall: group authenticate returns handled for request 8
PEAP: Got tunneled reply RADIUS code 11
MS-CHAP2-Success =
0x09533d3764626163383663653431383862646432623465643561613932663964326232
3965333264323661
EAP-Message =
0x010a00331a0309002e533d376462616338366365343138386264643262346564356161
39326639643262323965333264323661
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x661907626e9bc3903f8855d75ffb125c
PEAP: Processing from tunneled session code 0x819c8f8 11
MS-CHAP2-Success =
0x09533d3764626163383663653431383862646432623465643561613932663964326232
3965333264323661
EAP-Message =
0x010a00331a0309002e533d376462616338366365343138386264643262346564356161
39326639643262323965333264323661
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x661907626e9bc3903f8855d75ffb125c
PEAP: Got tunneled Access-Challenge
modcall[authenticate]: module "eap" returns handled for request 8
modcall: group authenticate returns handled for request 8
Sending Access-Challenge of id 173 to 10.0.1.22 port 32769
EAP-Message =
0x010a005b19001703010050fa0f4abe4222911637afbdd93ec080aade40e3272ef0e89b
243c5f133170592145f6cd4d83d612798a39862b49e8b0edf16b5f47fa5ad7ed0328bef7
9e45fb733f651fa130983909ea51533590ba83ac
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x912a43506650f048b5c3ab58788a0740
Finished request 8
Going to the next request
Waking up in 5 seconds...
--- Walking the entire request list ---
Cleaning up request 3 ID 168 with timestamp 45c0cdfb
Cleaning up request 1 ID 166 with timestamp 45c0cdfb
Cleaning up request 7 ID 172 with timestamp 45c0cdfb
Cleaning up request 6 ID 171 with timestamp 45c0cdfb
Cleaning up request 8 ID 173 with timestamp 45c0cdfb
Cleaning up request 0 ID 165 with timestamp 45c0cdfb
Cleaning up request 2 ID 167 with timestamp 45c0cdfb
Cleaning up request 5 ID 170 with timestamp 45c0cdfb
Cleaning up request 4 ID 169 with timestamp 45c0cdfb
Nothing to do. Sleeping until we see a request.
rad_recv: Access-Request packet from host 10.0.1.22 port 32769, id=174,
length=171
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message = 0x0201000a016d6b696e67
Message-Authenticator = 0xfa067bd05064fe513e0bf8bd5b003ff6
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 9
modcall[authorize]: module "preprocess" returns ok for request 9
modcall[authorize]: module "chap" returns noop for request 9
modcall[authorize]: module "mschap" returns noop for request 9
modcall[authorize]: module "unix" returns notfound for request 9
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 9
rlm_eap: EAP packet type response id 1 length 10
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 9
modcall[authorize]: module "files" returns noop for request 9
modcall[authorize]: module "expiration" returns noop for request 9
modcall[authorize]: module "logintime" returns noop for request 9
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 9
modcall: group authorize returns updated for request 9
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 9
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
modcall[authenticate]: module "eap" returns handled for request 9
modcall: group authenticate returns handled for request 9
Sending Access-Challenge of id 174 to 10.0.1.22 port 32769
EAP-Message = 0x010200061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x24724d168a5718e218473bb54a5fd416
Finished request 9
Going to the next request
--- Walking the entire request list ---
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 10.0.1.22 port 32769, id=175,
length=329
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message =
0x0202009619800000008c160301008701000083030145c0cf14396b1b500fe7f47427e3
42a016f21632822c80e7e79dd4a30bd9b3e020b6a3638e33dfea10a399d3ffed143abad5
128f2976e995e0678b05b4e328b876003c002f000500040035000aff830009ff82000300
080006ff8000320033003400380039003a0016001500140013001200110018001b001a00
17001900010100
State = 0x24724d168a5718e218473bb54a5fd416
Message-Authenticator = 0x581cf38304e97e7b1a3cd633a7a0c249
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 10
modcall[authorize]: module "preprocess" returns ok for request 10
modcall[authorize]: module "chap" returns noop for request 10
modcall[authorize]: module "mschap" returns noop for request 10
modcall[authorize]: module "unix" returns notfound for request 10
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 10
rlm_eap: EAP packet type response id 2 length 150
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 10
modcall[authorize]: module "files" returns noop for request 10
modcall[authorize]: module "expiration" returns noop for request 10
modcall[authorize]: module "logintime" returns noop for request 10
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 10
modcall: group authorize returns updated for request 10
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 10
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
(other): before/accept initialization
TLS_accept: before/accept initialization
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0087], ClientHello
TLS_accept: SSLv3 read client hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
TLS_accept: SSLv3 write server hello A
rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001]
TLS_accept: SSLv3 write change cipher spec A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 write finished A
TLS_accept: SSLv3 flush data
TLS_accept:error in SSLv3 read finished A
rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0)
In SSL Handshake Phase
In SSL Accept mode
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 10
modcall: group authenticate returns handled for request 10
Sending Access-Challenge of id 175 to 10.0.1.22 port 32769
EAP-Message =
0x010300901900160301004a02000046030145c0ce02d3ae13b4cc3889bfd36dba09b790
baf8d03b7568a086991c5493d0df20b6a3638e33dfea10a399d3ffed143abad5128f2976
e995e0678b05b4e328b876002f00140301000101160301003099f88cf3b67be829069cc7
13fa151f2f5a4b6178922c3680a6703872d7455ef75b9d56386f3286148c3052bba0e7d4
86
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xa1d5f920a97340ec230fdd136023bf9a
Finished request 10
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 10.0.1.22 port 32769, id=176,
length=248
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message =
0x0203004519800000003b1403010001011603010030694f21d4ad9008657a4965896d73
611950e66bb3865d53634a8b9119d0fa07b669e3130a2e071763ae171143574777f5
State = 0xa1d5f920a97340ec230fdd136023bf9a
Message-Authenticator = 0xd5bc7460d68f267e04b796decdf6e99a
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 11
modcall[authorize]: module "preprocess" returns ok for request 11
modcall[authorize]: module "chap" returns noop for request 11
modcall[authorize]: module "mschap" returns noop for request 11
modcall[authorize]: module "unix" returns notfound for request 11
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 11
rlm_eap: EAP packet type response id 3 length 69
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 11
modcall[authorize]: module "files" returns noop for request 11
modcall[authorize]: module "expiration" returns noop for request 11
modcall[authorize]: module "logintime" returns noop for request 11
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 11
modcall: group authorize returns updated for request 11
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 11
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001]
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 read finished A
(other): SSL negotiation finished successfully
rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0)
SSL Connection Established
rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0)
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
rlm_eap: Freeing handler
modcall[authenticate]: module "eap" returns reject for request 11
modcall: group authenticate returns reject for request 11
auth: Failed to validate the user.
Login incorrect: [mking] (from client BUWiSM-2-2 port 29 cli
00-0D-93-EA-89-06)
Found Post-Auth-Type
Processing the post-auth section of radiusd.conf
modcall: entering group REJECT for request 11
radius_xlat: 'mking'
attr_filter: Matched entry DEFAULT at line 11
modcall[post-auth]: module "attr_filter.access_reject" returns updated
for request 11
modcall: group REJECT returns updated for request 11
Delaying request 11 for 1 seconds
Finished request 11
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 10.0.1.22 port 32769, id=176,
length=248
Delaying request 11 for 1 seconds
--- Walking the entire request list ---
Sending Access-Reject of id 176 to 10.0.1.22 port 32769
EAP-Message = 0x04030004
Message-Authenticator = 0x00000000000000000000000000000000
Waking up in 3 seconds...
--- Walking the entire request list ---
Cleaning up request 10 ID 175 with timestamp 45c0ce02
Cleaning up request 9 ID 174 with timestamp 45c0ce02
Cleaning up request 11 ID 176 with timestamp 45c0ce02
Nothing to do. Sleeping until we see a request.
rad_recv: Access-Request packet from host 10.0.1.22 port 32769, id=177,
length=171
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message = 0x0205000a016d6b696e67
Message-Authenticator = 0xda6e5910dcdd563176f0c096a36ccb5a
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 12
modcall[authorize]: module "preprocess" returns ok for request 12
modcall[authorize]: module "chap" returns noop for request 12
modcall[authorize]: module "mschap" returns noop for request 12
modcall[authorize]: module "unix" returns notfound for request 12
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 12
rlm_eap: EAP packet type response id 5 length 10
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 12
modcall[authorize]: module "files" returns noop for request 12
modcall[authorize]: module "expiration" returns noop for request 12
modcall[authorize]: module "logintime" returns noop for request 12
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 12
modcall: group authorize returns updated for request 12
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 12
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
modcall[authenticate]: module "eap" returns handled for request 12
modcall: group authenticate returns handled for request 12
Sending Access-Challenge of id 177 to 10.0.1.22 port 32769
EAP-Message = 0x010600061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x1a75f507cab69b2cdfbe5823de71edbc
Finished request 12
Going to the next request
--- Walking the entire request list ---
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 10.0.1.22 port 32769, id=178,
length=329
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message =
0x0206009619800000008c160301008701000083030145c0cf1c97d2dd0186cc6a642369
23a311dbb37d2878b3389e97e707b02b642520b6a3638e33dfea10a399d3ffed143abad5
128f2976e995e0678b05b4e328b876003c002f000500040035000aff830009ff82000300
080006ff8000320033003400380039003a0016001500140013001200110018001b001a00
17001900010100
State = 0x1a75f507cab69b2cdfbe5823de71edbc
Message-Authenticator = 0x1db5e2ae92ed0aae82bde7920c3986bb
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 13
modcall[authorize]: module "preprocess" returns ok for request 13
modcall[authorize]: module "chap" returns noop for request 13
modcall[authorize]: module "mschap" returns noop for request 13
modcall[authorize]: module "unix" returns notfound for request 13
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 13
rlm_eap: EAP packet type response id 6 length 150
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 13
modcall[authorize]: module "files" returns noop for request 13
modcall[authorize]: module "expiration" returns noop for request 13
modcall[authorize]: module "logintime" returns noop for request 13
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 13
modcall: group authorize returns updated for request 13
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 13
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
(other): before/accept initialization
TLS_accept: before/accept initialization
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0087], ClientHello
TLS_accept: SSLv3 read client hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
TLS_accept: SSLv3 write server hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0f42], Certificate
TLS_accept: SSLv3 write certificate A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
TLS_accept: SSLv3 write server done A
TLS_accept: SSLv3 flush data
TLS_accept:error in SSLv3 read client certificate A
rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0)
In SSL Handshake Phase
In SSL Accept mode
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 13
modcall: group authenticate returns handled for request 13
Sending Access-Challenge of id 178 to 10.0.1.22 port 32769
EAP-Message =
0x0107040a19c000000f9f160301004a02000046030145c0ce0a30b2b9e76f88557fd122
3e643237e35b67de5b5c3e2e462c08d9dc6e206b7c1c9675af99048c4d30ae9bcfe1b92c
69ae4bc4ed22bad08580bf220f94f1002f001603010f420b000f3e000f3b00068d308206
89308205f2a0030201020203009187300d06092a864886f70d010105050030820112310b
3009060355040613024553311230100603550408130942617263656c6f6e613112301006
03550407130942617263656c6f6e6131293027060355040a132049505320436572746966
69636174696f6e20417574686f7269747920732e6c2e312e302c060355040a142567656e
6572
EAP-Message =
0x616c4069707363612e636f6d20432e492e462e2020422d423632323130363935312e30
2c060355040b1325697073434120434c41534541312043657274696669636174696f6e20
417574686f72697479312e302c06035504031325697073434120434c4153454131204365
7274696669636174696f6e20417574686f726974793120301e06092a864886f70d010901
161167656e6572616c4069707363612e636f6d301e170d3036303530343232313331345a
170d3038303530333232313331345a3081c3310b30090603550406130255533116301406
03550408130d4d617373616368757365747473311430120603550407130b427269646765
7761
EAP-Message =
0x74657231223020060355040a1319427269646765776174657220537461746520436f6c
6c656765311b3019060355040b131254656c65636f6d6d756e69636174696f6e73312030
1e06035504031317726164322e63616d7075732e627269646765772e6564753123302106
092a864886f70d010901161474656c65636f6d6d40627269646765772e65647530819f30
0d06092a864886f70d010101050003818d0030818902818100bafacc8f16e6686769b809
7698e2aeef926367d3d91ab2eb0110ca80f484c9c0ca3ce4eb11e92ffc968e9b585444c9
557738f9ae5839a7b1d10ece940548abb5def53f18be41dc5a5c83a0011481450cfeafcd
7a7e
EAP-Message =
0xd7ff87eb7e1ca346ee2a361e8093b98ba19c272f43d213c7d3f58847e6709ef86714eb
f0736a01d0f4c44d0203010001a38203373082033330090603551d130402300030110609
6086480186f8420101040403020640300b0603551d0f0404030203f830130603551d2504
0c300a06082b06010505070301301d0603551d0e04160414788bb22abb6e8a41d4a35b01
66a8047f0746d9b7301f0603551d230418301680140e0760d439c91b5b5d907b23c8d234
9d4a9a4639301f0603551d1104183016811474656c65636f6d6d40627269646765772e65
6475301c0603551d1204153013811167656e6572616c4069707363612e636f6d30720609
6086
EAP-Message = 0x480186f842010d046516634f7267616e697a6174696f
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x85ef52c407b0ef221d26ef1553bf87d7
Finished request 13
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 10.0.1.22 port 32769, id=179,
length=185
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message = 0x020700061900
State = 0x85ef52c407b0ef221d26ef1553bf87d7
Message-Authenticator = 0x8c605bb8f3971d6d0748003737019319
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 14
modcall[authorize]: module "preprocess" returns ok for request 14
modcall[authorize]: module "chap" returns noop for request 14
modcall[authorize]: module "mschap" returns noop for request 14
modcall[authorize]: module "unix" returns notfound for request 14
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 14
rlm_eap: EAP packet type response id 7 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 14
modcall[authorize]: module "files" returns noop for request 14
modcall[authorize]: module "expiration" returns noop for request 14
modcall[authorize]: module "logintime" returns noop for request 14
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 14
modcall: group authorize returns updated for request 14
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 14
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 14
modcall: group authenticate returns handled for request 14
Sending Access-Challenge of id 179 to 10.0.1.22 port 32769
EAP-Message =
0x0108040619406e20496e666f726d6174696f6e204e4f542056414c4944415445442e20
434c41534541312053657276657220436572746966696361746520697373756564206279
2068747470733a2f2f7777772e69707363612e636f6d2f302f06096086480186f8420102
0422162068747470733a2f2f7777772e69707363612e636f6d2f6970736361323030322f
304306096086480186f84201040436163468747470733a2f2f7777772e69707363612e63
6f6d2f6970736361323030322f697073636132303032434c41534541312e63726c304606
096086480186f84201030439163768747470733a2f2f7777772e69707363612e636f6d2f
6970
EAP-Message =
0x736361323030322f7265766f636174696f6e434c41534541312e68746d6c3f30430609
6086480186f84201070436163468747470733a2f2f7777772e69707363612e636f6d2f69
70736361323030322f72656e6577616c434c41534541312e68746d6c3f30410609608648
0186f84201080434163268747470733a2f2f7777772e69707363612e636f6d2f69707363
61323030322f706f6c696379434c41534541312e68746d6c3081830603551d1f047c307a
3039a037a0358633687474703a2f2f7777772e69707363612e636f6d2f69707363613230
30322f697073636132303032434c41534541312e63726c303da03ba0398637687474703a
2f2f
EAP-Message =
0x7777776261636b2e69707363612e636f6d2f6970736361323030322f69707363613230
3032434c41534541312e63726c303206082b0601050507010104263024302206082b0601
05050730018616687474703a2f2f6f6373702e69707363612e636f6d2f300d06092a8648
86f70d0101050500038181002f3dd42c1e10181bdd0c69894e19e045c958fd430fc2fd52
9a6c0c19db08b7df43ee5b948d26f7dbcfe04d0ae488f7ecee9dbedc296722a33c0d0291
c1244aa67c913c4e2fe2cae9087971f71e42f5da2fb52f5288ed6d4ed3e5b47165d4ba89
fd3a37d2fd6de04ad2ac3bb0873f97626c50338a20d91ea129be3539037cf4e80005ea30
8205
EAP-Message =
0xe63082054fa0030201020203009018300d06092a864886f70d01010505003081a3310b
3009060355040613024553311230100603550408130942415243454c4f4e413112301006
03550407130942415243454c4f4e4131193017060355040a131049505320536567757269
64616420434131183016060355040b130f43657274696669636163696f6e657331173015
0603550403130e495053205345525649444f524553311e301c06092a864886f70d010901
160f697073406d61696c2e6970732e6573301e170d3031313233303133333631315a170d
3235313232393133333631315a30820112310b3009060355040613024553311230100603
5504
EAP-Message = 0x08130942617263656c6f6e61311230100603
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x411b15a2a0f23dca925bb877336883a0
Finished request 14
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 10.0.1.22 port 32769, id=180,
length=185
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message = 0x020800061900
State = 0x411b15a2a0f23dca925bb877336883a0
Message-Authenticator = 0x2667c47e71cb63b6bd60abc6e7e8f5cb
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 15
modcall[authorize]: module "preprocess" returns ok for request 15
modcall[authorize]: module "chap" returns noop for request 15
modcall[authorize]: module "mschap" returns noop for request 15
modcall[authorize]: module "unix" returns notfound for request 15
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 15
rlm_eap: EAP packet type response id 8 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 15
modcall[authorize]: module "files" returns noop for request 15
modcall[authorize]: module "expiration" returns noop for request 15
modcall[authorize]: module "logintime" returns noop for request 15
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 15
modcall: group authorize returns updated for request 15
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 15
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 15
modcall: group authenticate returns handled for request 15
Sending Access-Challenge of id 180 to 10.0.1.22 port 32769
EAP-Message =
0x010904061940550407130942617263656c6f6e6131293027060355040a132049505320
43657274696669636174696f6e20417574686f7269747920732e6c2e312e302c06035504
0a142567656e6572616c4069707363612e636f6d20432e492e462e2020422d4236323231
30363935312e302c060355040b1325697073434120434c41534541312043657274696669
636174696f6e20417574686f72697479312e302c06035504031325697073434120434c41
534541312043657274696669636174696f6e20417574686f726974793120301e06092a86
4886f70d010901161167656e6572616c4069707363612e636f6d30819f300d06092a8648
86f7
EAP-Message =
0x0d010101050003818d0030818902818100a6f57366361da32f4fad2ad8ef0ca64befa7
1bacf7f246171bb202ab3e11898c6aa80fd8631499d71fbcb22768026ef43089ebadeb41
dcb44206fa481f138c64df872dc714d4a783e4723b32ead34d793165050933812b6ee636
ad211133362b68cabe432c37b73d69163be59dbe32a7d5df4a80fcda7370aad928822f68
bbb10203010001a38202b4308202b0300c0603551d13040530030101ff30110609608648
0186f8420101040403020007300c0603551d0f0405030307ff80306b0603551d25046430
6206082b0601050507030106082b0601050507030206082b0601050507030306082b0601
0505
EAP-Message =
0x07030406082b06010505070308060a2b060104018237020115060a2b06010401823702
0116060a2b0601040182370a0301060a2b0601040182370a0304301d0603551d0e041604
140e0760d439c91b5b5d907b23c8d2349d4a9a46393081ba0603551d230481b23081afa1
81a9a481a63081a3310b3009060355040613024553311230100603550408130942415243
454c4f4e41311230100603550407130942415243454c4f4e4131193017060355040a1310
4950532053656775726964616420434131183016060355040b130f436572746966696361
63696f6e6573311730150603550403130e495053205345525649444f524553311e301c06
092a
EAP-Message =
0x864886f70d010901160f697073406d61696c2e6970732e6573820100301c0603551d11
04153013811167656e6572616c4069707363612e636f6d30090603551d12040230003043
06096086480186f842010d04361634434c41534541312043412043657274696669636174
65206973737565642062792068747470733a2f2f7777772e6970732e65732f3022060960
86480186f84201020415161368747470733a2f2f7777772e6970732e65732f3073060355
1d1f046c306a3031a02fa02d862b68747470733a2f2f7777772e6970732e65732f63726c
2f6970735345525649444f52455363726c2e63726c3035a033a031862f68747470733a2f
2f77
EAP-Message = 0x77776261636b2e6970732e65732f63726c2f
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x4b637d4526e129ee143b3d9b5dce47dd
Finished request 15
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 10.0.1.22 port 32769, id=181,
length=185
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message = 0x020900061900
State = 0x4b637d4526e129ee143b3d9b5dce47dd
Message-Authenticator = 0x42f1be03f8180080f043c511ad3944e7
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 16
modcall[authorize]: module "preprocess" returns ok for request 16
modcall[authorize]: module "chap" returns noop for request 16
modcall[authorize]: module "mschap" returns noop for request 16
modcall[authorize]: module "unix" returns notfound for request 16
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 16
rlm_eap: EAP packet type response id 9 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 16
modcall[authorize]: module "files" returns noop for request 16
modcall[authorize]: module "expiration" returns noop for request 16
modcall[authorize]: module "logintime" returns noop for request 16
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 16
modcall: group authorize returns updated for request 16
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 16
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 16
modcall: group authenticate returns handled for request 16
Sending Access-Challenge of id 181 to 10.0.1.22 port 32769
EAP-Message =
0x010a03a519006970735345525649444f52455363726c2e63726c302f06082b06010505
07010104233021301f06082b060105050730018613687474703a2f2f6f6373702e697073
2e45532f300d06092a864886f70d01010505000381810027054a0c74c9145dc875c8deee
890c631e1f0184c702cb19d791c8dd3ecfb0c8f3f592b5548254621f32eb80a17d56f1e4
e7285926a47df0ca2d31c6c9f3709dc1cf5e26a4efb212e788e81985ed80e43902688763
a9133c6cf5456a22ce9656075fa6a3ee370a6e928b9e40de143019289390b7f3fcb54ef2
f7960ebb1094d40002bb308202b730820220020100300d06092a864886f70d0101040500
3081
EAP-Message =
0xa3310b3009060355040613024553311230100603550408130942415243454c4f4e4131
1230100603550407130942415243454c4f4e4131193017060355040a1310495053205365
6775726964616420434131183016060355040b130f43657274696669636163696f6e6573
311730150603550403130e495053205345525649444f524553311e301c06092a864886f7
0d010901160f697073406d61696c2e6970732e6573301e170d3938303130313233323130
375a170d3039313232393233323130375a3081a3310b3009060355040613024553311230
100603550408130942415243454c4f4e41311230100603550407130942415243454c4f4e
4131
EAP-Message =
0x193017060355040a13104950532053656775726964616420434131183016060355040b
130f43657274696669636163696f6e6573311730150603550403130e4950532053455256
49444f524553311e301c06092a864886f70d010901160f697073406d61696c2e6970732e
657330819f300d06092a864886f70d010101050003818d0030818902818100ac4f52749f
39ea8edc25c4bc985d986424093c21b3cc19b58e948e87d1f8373ea1c82d58a480355ba1
756c1d450c1f61636a5e6f9b0a4cc1c8b861233581fffeac78702d68e13a0798950254dd
cd23b78053d7c8374572062412ba1361218a6e7528e0c50f34fd36d8457fe1b836efb3e1
c620
EAP-Message =
0x8ee8b438bce13ef611de8c9d010203010001300d06092a864886f70d01010405000381
81002cf3c3795824dec63bd1e04269b8ee64b33d6201b9b384df237ddd98cf10a9fe00d8
22960513075457c5a7decbd9b88842f699db14771fb6fe253de1a23e03a981d22d6c47f5
96468c22abc8cc0d0e975e8b41b43bc40a06401ddd46f401ddba822e3c3d78709e7c18d0
abf8b877074671f1ca0b635c6af97294d5014fa0db4216030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xe56ba7f425ed6d7a7f910c8ce2be1e00
Finished request 16
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 10.0.1.22 port 32769, id=182,
length=387
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message =
0x020a00d01980000000c616030100861000008200804b528a478c8009d2d624a53abf3e
ff22fc9ce70a7c8ead3d399096ce924cc4bd5a8c421d4aaaefe8de060aa90074e43fb2eb
c7838024f0d5358b64c0ca47b969660e2d0bff51ca13327aac7fcd0731db1240dd5b4f4a
962e4e700aa5ca9310a47aa8b2e1caa6734f5b174c19edced1f17d785dbde4e046f4c925
cdd8052c7b131403010001011603010030855a99bb5a5ff2879757acaaa280075918fd34
cc1ef336b9942dca1755bfecc70ae6103cacba5c6cf318202c9aee3678
State = 0xe56ba7f425ed6d7a7f910c8ce2be1e00
Message-Authenticator = 0x566a7f103a884ddae8ef70074b1c8aa7
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 17
modcall[authorize]: module "preprocess" returns ok for request 17
modcall[authorize]: module "chap" returns noop for request 17
modcall[authorize]: module "mschap" returns noop for request 17
modcall[authorize]: module "unix" returns notfound for request 17
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 17
rlm_eap: EAP packet type response id 10 length 208
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 17
modcall[authorize]: module "files" returns noop for request 17
modcall[authorize]: module "expiration" returns noop for request 17
modcall[authorize]: module "logintime" returns noop for request 17
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 17
modcall: group authorize returns updated for request 17
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 17
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
TLS_accept: SSLv3 read client key exchange A
rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001]
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 read finished A
rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001]
TLS_accept: SSLv3 write change cipher spec A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 write finished A
TLS_accept: SSLv3 flush data
(other): SSL negotiation finished successfully
rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0)
SSL Connection Established
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 17
modcall: group authenticate returns handled for request 17
Sending Access-Challenge of id 182 to 10.0.1.22 port 32769
EAP-Message =
0x010b0041190014030100010116030100301b45de92e00ccb321c71ba97b8fbd4ab6e43
fa3ac64687e7d89ae7a5ea47c8d7fb1aa85b107043183efa2dc4ad57481f
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x8898fc6c25f7bdb11904f89775f22df9
Finished request 17
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 10.0.1.22 port 32769, id=183,
length=185
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message = 0x020b00061900
State = 0x8898fc6c25f7bdb11904f89775f22df9
Message-Authenticator = 0x834accfce629cde317bfc2075d6a76e2
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 18
modcall[authorize]: module "preprocess" returns ok for request 18
modcall[authorize]: module "chap" returns noop for request 18
modcall[authorize]: module "mschap" returns noop for request 18
modcall[authorize]: module "unix" returns notfound for request 18
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 18
rlm_eap: EAP packet type response id 11 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 18
modcall[authorize]: module "files" returns noop for request 18
modcall[authorize]: module "expiration" returns noop for request 18
modcall[authorize]: module "logintime" returns noop for request 18
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 18
modcall: group authorize returns updated for request 18
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 18
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake is finished
eaptls_verify returned 3
eaptls_process returned 3
rlm_eap_peap: EAPTLS_SUCCESS
modcall[authenticate]: module "eap" returns handled for request 18
modcall: group authenticate returns handled for request 18
Sending Access-Challenge of id 183 to 10.0.1.22 port 32769
EAP-Message =
0x010c002b1900170301002043808714ad903c7f152e4c715c243dc795cb1ee203969f39
0c9c99c526d86d69
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x9a1f0d00d523197cc369e5d186bc93cf
Finished request 18
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 10.0.1.22 port 32769, id=184,
length=222
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message =
0x020c002b19001703010020e8908a40296a92ddfb27f6394ac1b3442ab2cfb2191d979e
8e4bf9d3792ac8a6
State = 0x9a1f0d00d523197cc369e5d186bc93cf
Message-Authenticator = 0x69d2705cc4686669e6501d11c68deba5
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 19
modcall[authorize]: module "preprocess" returns ok for request 19
modcall[authorize]: module "chap" returns noop for request 19
modcall[authorize]: module "mschap" returns noop for request 19
modcall[authorize]: module "unix" returns notfound for request 19
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 19
rlm_eap: EAP packet type response id 12 length 43
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 19
modcall[authorize]: module "files" returns noop for request 19
modcall[authorize]: module "expiration" returns noop for request 19
modcall[authorize]: module "logintime" returns noop for request 19
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 19
modcall: group authorize returns updated for request 19
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 19
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: Identity - mking
rlm_eap_peap: Tunneled data is valid.
PEAP: Got tunneled EAP-Message
EAP-Message = 0x020c000a016d6b696e67
PEAP: Got tunneled identity of mking
PEAP: Setting default EAP type for tunneled EAP session.
PEAP: Setting User-Name to mking
PEAP: Sending tunneled request
EAP-Message = 0x020c000a016d6b696e67
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 19
modcall[authorize]: module "preprocess" returns ok for request 19
modcall[authorize]: module "chap" returns noop for request 19
modcall[authorize]: module "mschap" returns noop for request 19
modcall[authorize]: module "unix" returns notfound for request 19
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 19
rlm_eap: EAP packet type response id 12 length 10
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 19
modcall[authorize]: module "files" returns noop for request 19
modcall[authorize]: module "expiration" returns noop for request 19
modcall[authorize]: module "logintime" returns noop for request 19
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 19
modcall: group authorize returns updated for request 19
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 19
rlm_eap: EAP Identity
rlm_eap: processing type mschapv2
rlm_eap_mschapv2: Issuing Challenge
modcall[authenticate]: module "eap" returns handled for request 19
modcall: group authenticate returns handled for request 19
PEAP: Got tunneled reply RADIUS code 11
EAP-Message =
0x010d001f1a010d001a10ba20acc30bdd2188214d6a234a8030e16d6b696e67
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xbddad8c6ddf521b4b96f91c1e61a2ce5
PEAP: Processing from tunneled session code 0x81910d8 11
EAP-Message =
0x010d001f1a010d001a10ba20acc30bdd2188214d6a234a8030e16d6b696e67
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xbddad8c6ddf521b4b96f91c1e61a2ce5
PEAP: Got tunneled Access-Challenge
modcall[authenticate]: module "eap" returns handled for request 19
modcall: group authenticate returns handled for request 19
Sending Access-Challenge of id 184 to 10.0.1.22 port 32769
EAP-Message =
0x010d003b19001703010030bf606c9604cf8968012ca988624b60d839184185bf620b95
7701201d0ef2b91ef9bf65aaea7770813bf59947e564df63
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x91c8c919e0038594249151843988b7ef
Finished request 19
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 10.0.1.22 port 32769, id=185,
length=286
User-Name = "mking"
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message =
0x020d006b19001703010060a909dde80325e998e9d2a618bc794217f1f75f99c116abee
74d613c212ec53e00ebaf6ca797aa254e7ded46139c2bfb9b69b84267878e47ea59f85d4
3561c08a03df03e30c7841dd75b3cdea5ab206dbd286fb0b1b4f908f92602f6b88afdf34
State = 0x91c8c919e0038594249151843988b7ef
Message-Authenticator = 0xe3388466c932cd726516cb7257b95259
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 20
modcall[authorize]: module "preprocess" returns ok for request 20
modcall[authorize]: module "chap" returns noop for request 20
modcall[authorize]: module "mschap" returns noop for request 20
modcall[authorize]: module "unix" returns notfound for request 20
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 20
rlm_eap: EAP packet type response id 13 length 107
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 20
modcall[authorize]: module "files" returns noop for request 20
modcall[authorize]: module "expiration" returns noop for request 20
modcall[authorize]: module "logintime" returns noop for request 20
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 20
modcall: group authorize returns updated for request 20
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 20
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: EAP type mschapv2
rlm_eap_peap: Tunneled data is valid.
PEAP: Got tunneled EAP-Message
EAP-Message =
0x020d00401a020d003b3158afc96d71efea3a29bc27ab0fee7153000000000000000063
e2f08f9de0c9713f7faa022aa65705de6b1f1e4aaf9c77006d6b696e67
PEAP: Setting User-Name to mking
PEAP: Adding old state with ffffffbd ffffffda
PEAP: Sending tunneled request
EAP-Message =
0x020d00401a020d003b3158afc96d71efea3a29bc27ab0fee7153000000000000000063
e2f08f9de0c9713f7faa022aa65705de6b1f1e4aaf9c77006d6b696e67
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "mking"
State = 0xbddad8c6ddf521b4b96f91c1e61a2ce5
Calling-Station-Id = "00-0D-93-EA-89-06"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.22
NAS-Identifier = "BUWISM2-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 20
modcall[authorize]: module "preprocess" returns ok for request 20
modcall[authorize]: module "chap" returns noop for request 20
modcall[authorize]: module "mschap" returns noop for request 20
modcall[authorize]: module "unix" returns notfound for request 20
rlm_realm: No '@' in User-Name = "mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 20
rlm_eap: EAP packet type response id 13 length 64
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 20
modcall[authorize]: module "files" returns noop for request 20
modcall[authorize]: module "expiration" returns noop for request 20
modcall[authorize]: module "logintime" returns noop for request 20
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
modcall[authorize]: module "pap" returns noop for request 20
modcall: group authorize returns updated for request 20
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 20
rlm_eap: Request found, released from the list
rlm_eap: EAP/mschapv2
rlm_eap: processing type mschapv2
Processing the authenticate section of radiusd.conf
modcall: entering group MS-CHAP for request 20
rlm_mschap: No Cleartext-Password configured. Cannot create
LM-Password.
rlm_mschap: No Cleartext-Password configured. Cannot create
NT-Password.
rlm_mschap: Told to do MS-CHAPv2 for mking with NT-Password
radius_xlat: Running registered xlat function of module mschap for
string 'User-Name'
radius_xlat: '--username=mking'
radius_xlat: Running registered xlat function of module mschap for
string 'Challenge'
mschap2: ba
radius_xlat: '--challenge=0a110e0ea2bb062e'
radius_xlat: Running registered xlat function of module mschap for
string 'NT-Response'
radius_xlat:
'--nt-response=63e2f08f9de0c9713f7faa022aa65705de6b1f1e4aaf9c77'
Exec-Program output: NT_KEY: 1BA2159EDC0597637BA8848B83AA9B2B
Exec-Program-Wait: plaintext: NT_KEY: 1BA2159EDC0597637BA8848B83AA9B2B
Exec-Program: returned: 0
rlm_mschap: adding MS-CHAPv2 MPPE keys
modcall[authenticate]: module "mschap" returns ok for request 20
modcall: group MS-CHAP returns ok for request 20
MSCHAP Success
modcall[authenticate]: module "eap" returns handled for request 20
modcall: group authenticate returns handled for request 20
PEAP: Got tunneled reply RADIUS code 11
MS-CHAP2-Success =
0x0d533d3033646638393739303464623066613462663738626231386430663464333230
6461613539626237
EAP-Message =
0x010e00331a030d002e533d303364663839373930346462306661346266373862623138
64306634643332306461613539626237
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xe6f9e271892e2132c29236c0bbbe8c1d
PEAP: Processing from tunneled session code 0x8192028 11
MS-CHAP2-Success =
0x0d533d3033646638393739303464623066613462663738626231386430663464333230
6461613539626237
EAP-Message =
0x010e00331a030d002e533d303364663839373930346462306661346266373862623138
64306634643332306461613539626237
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xe6f9e271892e2132c29236c0bbbe8c1d
PEAP: Got tunneled Access-Challenge
modcall[authenticate]: module "eap" returns handled for request 20
modcall: group authenticate returns handled for request 20
Sending Access-Challenge of id 185 to 10.0.1.22 port 32769
EAP-Message =
0x010e005b1900170301005085342526ccbdb2ee0fb0b76aa6d414edb7cdafb06af24bcd
2589fb591145f62502700741f8fa07f80bc1bc5bea7f5c30ea4fe394842200ec4d208400
433fd2db648708c83435a80ea534a12894e47cf2
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x94766e89bb444749a79a2023680fac4a
Finished request 20
More information about the Freeradius-Users
mailing list