Fw: My AP does accountig but radwho doesn't work..
adreas Polyxronopoulos
apolyxrono at yahoo.co.uk
Thu Jan 4 15:01:57 CET 2007
Hi list ,
I am still have problem with the radwho , i will show you the out put of radiusd -X and some Access-Requests and Accounting-Requests. My Ap (3Com 7250) has the option for accounting and i have enable it. However when i try to do radwho i get this: " radwho: Error reading /usr/local/var/log/radius/radutmp: No such file or directory "
Is there something i have to configure in the radiusd.conf file to make radwho work ? Or just my AP (Access Point) doesn't provide to the freeradius the necessary information in the Acct-Request packets ?
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/local/etc/raddb/proxy.conf
Config: including file: /usr/local/etc/raddb/clients.conf
Config: including file: /usr/local/etc/raddb/snmp.conf
Config: including file: /usr/local/etc/raddb/eap.conf
Config: including file: /usr/local/etc/raddb/sql.conf
main: prefix = "/usr/local"
main: localstatedir = "/usr/local/var"
main: logdir = "/usr/local/var/log/radius"
main: libdir = "/usr/local/lib"
main: radacctdir = "/usr/local/var/log/radius/radacct"
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = "/usr/local/var/log/radius/radius.log"
main: log_auth = no
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
main: bind_address = 10.0.0.15 IP address [10.0.0.15]
main: user = "(null)"
main: group = "(null)"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: checkrad = "/usr/local/sbin/checkrad"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = no
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will go away soon.
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded exec
exec: wait = yes
exec: program = "(null)"
exec: input_pairs = "request"
exec: output_pairs = "(null)"
exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded MS-CHAP
mschap: use_mppe = no
mschap: require_encryption = yes
mschap: require_strong = yes
mschap: with_ntdomain_hack = yes
mschap: passwd = "(null)"
mschap: ntlm_auth = "(null)"
Module: Instantiated mschap (mschap)
Module: Loaded eap
eap: default_eap_type = "peap"
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
tls: rsa_key_exchange = no
tls: dh_key_exchange = yes
tls: rsa_key_length = 512
tls: dh_key_length = 512
tls: verify_depth = 0
tls: CA_path = "(null)"
tls: pem_file_type = yes
tls: private_key_file = "/usr/local/etc/raddb/certs/server_keycert.pem"
tls: certificate_file = "/usr/local/etc/raddb/certs/server_keycert.pem"
tls: CA_file = "/usr/local/etc/raddb/certs/demoCA/cacert.pem"
tls: private_key_password = "whatever"
tls: dh_file = "/usr/local/etc/raddb/certs/dh"
tls: random_file = "/usr/local/etc/raddb/certs/random"
tls: fragment_size = 1024
tls: include_length = yes
tls: check_crl = no
tls: check_cert_cn = "(null)"
tls: cipher_list = "(null)"
tls: check_cert_issuer = "(null)"
rlm_eap_tls: Loading the certificate file as a chain
rlm_eap: Loaded and initialized type tls
peap: default_eap_type = "mschapv2"
peap: copy_request_to_tunnel = yes
peap: use_tunneled_reply = no
peap: proxy_tunneled_request_as_eap = yes
rlm_eap: Loaded and initialized type peap
mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
preprocess: huntgroups = "/usr/local/etc/raddb/huntgroups"
preprocess: hints = "/usr/local/etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
preprocess: with_alvarion_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded files
files: usersfile = "/usr/local/etc/raddb/users"
files: acctusersfile = "/usr/local/etc/raddb/acct_users"
files: preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"
files: compat = "no"
Module: Instantiated files (files)
Module: Loaded Acct-Unique-Session-Id
acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
realm: ignore_default = no
realm: ignore_null = no
Module: Instantiated realm (suffix)
Module: Loaded detail
detail: detailfile = "/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename = "/usr/local/var/log/radius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: case_sensitive = yes
radutmp: check_with_nas = yes
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on authentication 10.0.0.15:1812
Listening on accounting 10.0.0.15:1813
Ready to process requests.
rad_recv: Access-Request packet from host 10.0.0.10:1408, id=198, length=138
NAS-IP-Address = 10.0.0.10
NAS-Port-Type = Wireless-802.11
NAS-Port = 1
Framed-MTU = 1400
User-Name = "apolyxrono"
Calling-Station-Id = "00166f122595"
Called-Station-Id = "000d545c4190"
NAS-Identifier = "3Com Access Point"
EAP-Message = 0x0201000f0161706f6c7978726f6e6f
Message-Authenticator = 0x47cc3024d51fb19485e90cd52962ad61
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
rlm_eap: EAP packet type response id 1 length 15
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 0
users: Matched entry DEFAULT at line 155
users: Matched entry apolyxrono at line 220
modcall[authorize]: module "files" returns ok for request 0
modcall: leaving group authorize (returns updated) for request 0
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
modcall[authenticate]: module "eap" returns handled for request 0
modcall: leaving group authenticate (returns handled) for request 0
Sending Access-Challenge of id 198 to 10.0.0.10 port 1408
Reply-Message = "Welcome , %u"
EAP-Message = 0x010200061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x234c381b5cc68119faa7499b3cb59fee
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 10.0.0.10:1409, id=199, length=253
NAS-IP-Address = 10.0.0.10
NAS-Port-Type = Wireless-802.11
NAS-Port = 1
Framed-MTU = 1400
User-Name = "apolyxrono"
Calling-Station-Id = "00166f122595"
Called-Station-Id = "000d545c4190"
NAS-Identifier = "3Com Access Point"
State = 0x234c381b5cc68119faa7499b3cb59fee
EAP-Message = 0x0202007019800000006616030100610100005d0301459c110f9b82999f23a84db7a26eb27c0b9c6711dd4390cdfbf5c2db4aa57bec2050182aa819b8b58cd0adaeb387a3a622e8709999ff8180a08b02ddb68a7f6840001600040005000a000900640062000300060013001200630100
Message-Authenticator = 0x433ccf5b0655d036f762b73192f98553
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
modcall[authorize]: module "preprocess" returns ok for request 1
rlm_eap: EAP packet type response id 2 length 112
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 1
users: Matched entry DEFAULT at line 155
users: Matched entry apolyxrono at line 220
modcall[authorize]: module "files" returns ok for request 1
modcall: leaving group authorize (returns updated) for request 1
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 1
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
(other): before/accept initialization
TLS_accept: before/accept initialization
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0061], ClientHello
TLS_accept: SSLv3 read client hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
TLS_accept: SSLv3 write server hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 05c7], Certificate
TLS_accept: SSLv3 write certificate A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
TLS_accept: SSLv3 write server done A
TLS_accept: SSLv3 flush data
TLS_accept:error in SSLv3 read client certificate A
rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0)
In SSL Handshake Phase
In SSL Accept mode
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 1
modcall: leaving group authenticate (returns handled) for request 1
Sending Access-Challenge of id 199 to 10.0.0.10 port 1409
Reply-Message = "Welcome , %u"
EAP-Message = 0x0103040a19c000000624160301004a020000460301459c110c72f30bb48cc61e2cfefdd7b22f3f769088d8070b7fe1dde43f0b4fbb203657eb36fab0f3d097829ecd32df30fff5c3248187469347e1602169d8acf23e00040016030105c70b0005c30005c00002b3308202af30820218a003020102020101300d06092a864886f70d0101050500308188310b3009060355040613024752310f300d06035504081306416368616961310c300a060355040a130365636531123010060355040b13096563652e63736c6162311f301d0603550403131661706f6c7978726f6e6f322e64796e646e732e6f72673125302306092a864886f70d010901161661
EAP-Message = 0x706f6c7978726f6e6f407961686f6f2e636f2e756b301e170d3036313232393134353531305a170d3037313232393134353531305a308198310b3009060355040613024752310f300d06035504081306416368616961310e300c060355040713055061747261310c300a060355040a130365636531123010060355040b13096563652e63736c6162311f301d0603550403131661706f6c7978726f6e6f322e64796e646e732e6f72673125302306092a864886f70d010901161661706f6c7978726f6e6f407961686f6f2e636f2e756b30819f300d06092a864886f70d010101050003818d0030818902818100c9fb97cf2d9a82ed3ab81aebddf5b1e7
EAP-Message = 0xdcf787e60a91d86319f766d38e9e6f2af8f03efd7b2d7c92de4af0a30b2fb5d5661e709b421e15724951cc4da98e0e5b1d92d20f61fa553e3dfce33a9306fa09b788f0ab4156144c3ccb48196d18710a11705dab958926f1879794705a6c6aa1ae878b5e3c0ddc5471c9a80edd39929b0203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d0101050500038181007bc44533035deb3201fe3a4e1f111d7d513ed3122ce5c1f7fb8e14e4eb11387150afb568e1d027afbc48af622b38407e0d94b352f5b7f46c95f724b521742d70d15b16ac33fc6727fd0a62678a8879c2ca4f9e3c7a000089495c0d63
EAP-Message = 0x47e3aa91c4a7c62d855ebefbb225c270321d32ce654de2912e25c66095225ba00c3a0bd8000307308203033082026ca003020102020100300d06092a864886f70d0101050500308188310b3009060355040613024752310f300d06035504081306416368616961310c300a060355040a130365636531123010060355040b13096563652e63736c6162311f301d0603550403131661706f6c7978726f6e6f322e64796e646e732e6f72673125302306092a864886f70d010901161661706f6c7978726f6e6f407961686f6f2e636f2e756b301e170d3036313232393134343730345a170d3039313232383134343730345a308188310b30090603550406
EAP-Message = 0x13024752310f300d0603550408130641636861696131
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xda4ab1c620d6543d234fea807c3610fd
Finished request 1
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 10.0.0.10:1410, id=200, length=147
NAS-IP-Address = 10.0.0.10
NAS-Port-Type = Wireless-802.11
NAS-Port = 1
Framed-MTU = 1400
User-Name = "apolyxrono"
Calling-Station-Id = "00166f122595"
Called-Station-Id = "000d545c4190"
NAS-Identifier = "3Com Access Point"
State = 0xda4ab1c620d6543d234fea807c3610fd
EAP-Message = 0x020300061900
Message-Authenticator = 0xb2c20697f1b00778ece132668b102f09
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
modcall[authorize]: module "preprocess" returns ok for request 2
rlm_eap: EAP packet type response id 3 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 2
users: Matched entry DEFAULT at line 155
users: Matched entry apolyxrono at line 220
modcall[authorize]: module "files" returns ok for request 2
modcall: leaving group authorize (returns updated) for request 2
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 2
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 2
modcall: leaving group authenticate (returns handled) for request 2
Sending Access-Challenge of id 200 to 10.0.0.10 port 1410
Reply-Message = "Welcome , %u"
EAP-Message = 0x0104022a19000c300a060355040a130365636531123010060355040b13096563652e63736c6162311f301d0603550403131661706f6c7978726f6e6f322e64796e646e732e6f72673125302306092a864886f70d010901161661706f6c7978726f6e6f407961686f6f2e636f2e756b30819f300d06092a864886f70d010101050003818d0030818902818100a63567b72d02611f373233857b4561496815aa6e31d7cf2d099e29d2c68c9e92cee0b7fc7331795f934a2c84bb9242cee22f679dd5cf0830c6449497df7bb061e6822c44afb11db5f4861f1aac0508fac51b4369da77792d7c84c778f2f8afc5e2a7a1d7852db126675d374c0bfed9e7b1
EAP-Message = 0x021f97eaf20a07d1ee691bca6f9edf0203010001a37b307930090603551d1304023000302c06096086480186f842010d041f161d4f70656e53534c2047656e657261746564204365727469666963617465301d0603551d0e04160414236e092428b6279db0902d93c661ec1869435d6d301f0603551d23041830168014236e092428b6279db0902d93c661ec1869435d6d300d06092a864886f70d0101050500038181000e9b9e19e3b949849577302b8c3480ecf0784ed7c4344d544f489f2f99e3cd3e37ce4a2b46e01fec33f424993ecfe11e03a62304fccc3b8540330e5bb10da0dc5beb49dde87a92caec3464d33c2d28dd4722e107985d8fa736
EAP-Message = 0x552ebd7278944fa0618f2f18622a0961279cce8b46d7def9fe29728f1abcacb913c9d0fba7f5f416030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xe5971a6cf703ba3d34e50a5601826968
Finished request 2
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 10.0.0.10:1411, id=201, length=333
NAS-IP-Address = 10.0.0.10
NAS-Port-Type = Wireless-802.11
NAS-Port = 1
Framed-MTU = 1400
User-Name = "apolyxrono"
Calling-Station-Id = "00166f122595"
Called-Station-Id = "000d545c4190"
NAS-Identifier = "3Com Access Point"
State = 0xe5971a6cf703ba3d34e50a5601826968
EAP-Message = 0x020400c01980000000b61603010086100000820080940d782ad49cef7da548211b2c6775484f6be3b48f45bc5c2bde617b77263903ceec02088ff173c3f35faa83d3df22947969a7744b08374c00f453ac0d3c3e355416136ab709d25db736b0ab88d57f98ced91b799a1f86fe29c00d5efc2339946745d8ae5bcf52d46f28ac95b7085e20ffc3406d2e7cd460c727eb99806f472b1403010001011603010020aa06319174db144f78daf52ca226c3812f18c1c8e066e6880307700708bf4508
Message-Authenticator = 0x73d01bd8b079e8bc0d49909e2cb39700
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 3
modcall[authorize]: module "preprocess" returns ok for request 3
rlm_eap: EAP packet type response id 4 length 192
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 3
users: Matched entry DEFAULT at line 155
users: Matched entry apolyxrono at line 220
modcall[authorize]: module "files" returns ok for request 3
modcall: leaving group authorize (returns updated) for request 3
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 3
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
TLS_accept: SSLv3 read client key exchange A
rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001]
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 read finished A
rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001]
TLS_accept: SSLv3 write change cipher spec A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 write finished A
TLS_accept: SSLv3 flush data
(other): SSL negotiation finished successfully
rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0)
SSL Connection Established
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 3
modcall: leaving group authenticate (returns handled) for request 3
Sending Access-Challenge of id 201 to 10.0.0.10 port 1411
Reply-Message = "Welcome , %u"
EAP-Message = 0x010500311900140301000101160301002092640e9bc3fcce865c35b8528a7f206a309454b72226f26d8d107e3a0cb7a755
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xa5a5d4a87f265e058a85b60ce58a7cb6
Finished request 3
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 10.0.0.10:1412, id=202, length=147
NAS-IP-Address = 10.0.0.10
NAS-Port-Type = Wireless-802.11
NAS-Port = 1
Framed-MTU = 1400
User-Name = "apolyxrono"
Calling-Station-Id = "00166f122595"
Called-Station-Id = "000d545c4190"
NAS-Identifier = "3Com Access Point"
State = 0xa5a5d4a87f265e058a85b60ce58a7cb6
EAP-Message = 0x020500061900
Message-Authenticator = 0x1e3917b24041754e476563660eb4c159
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 4
modcall[authorize]: module "preprocess" returns ok for request 4
rlm_eap: EAP packet type response id 5 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 4
users: Matched entry DEFAULT at line 155
users: Matched entry apolyxrono at line 220
modcall[authorize]: module "files" returns ok for request 4
modcall: leaving group authorize (returns updated) for request 4
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 4
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake is finished
eaptls_verify returned 3
eaptls_process returned 3
rlm_eap_peap: EAPTLS_SUCCESS
modcall[authenticate]: module "eap" returns handled for request 4
modcall: leaving group authenticate (returns handled) for request 4
Sending Access-Challenge of id 202 to 10.0.0.10 port 1412
Reply-Message = "Welcome , %u"
EAP-Message = 0x0106002019001703010015a5e4c6ef8df54c0af887510e0c454fc9c925240453
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x6f3444032f54184c98c36e48843a19fb
Finished request 4
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 10.0.0.10:1413, id=203, length=179
NAS-IP-Address = 10.0.0.10
NAS-Port-Type = Wireless-802.11
NAS-Port = 1
Framed-MTU = 1400
User-Name = "apolyxrono"
Calling-Station-Id = "00166f122595"
Called-Station-Id = "000d545c4190"
NAS-Identifier = "3Com Access Point"
State = 0x6f3444032f54184c98c36e48843a19fb
EAP-Message = 0x020600261900170301001b1ac5bbbeeaf972dfe254c4d9d8994af2df354179c44d399937a9a8
Message-Authenticator = 0xe9929230d068c0cfb686d1edc0254c24
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 5
modcall[authorize]: module "preprocess" returns ok for request 5
rlm_eap: EAP packet type response id 6 length 38
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 5
users: Matched entry DEFAULT at line 155
users: Matched entry apolyxrono at line 220
modcall[authorize]: module "files" returns ok for request 5
modcall: leaving group authorize (returns updated) for request 5
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 5
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: Identity - apolyxrono
rlm_eap_peap: Tunneled data is valid.
PEAP: Got tunneled identity of apolyxrono
PEAP: Setting default EAP type for tunneled EAP session.
PEAP: Setting User-Name to apolyxrono
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 5
modcall[authorize]: module "preprocess" returns ok for request 5
rlm_eap: EAP packet type response id 6 length 15
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 5
users: Matched entry DEFAULT at line 155
users: Matched entry apolyxrono at line 220
modcall[authorize]: module "files" returns ok for request 5
modcall: leaving group authorize (returns updated) for request 5
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 5
rlm_eap: EAP Identity
rlm_eap: processing type mschapv2
rlm_eap_mschapv2: Issuing Challenge
modcall[authenticate]: module "eap" returns handled for request 5
modcall: leaving group authenticate (returns handled) for request 5
PEAP: Got tunneled Access-Challenge
modcall[authenticate]: module "eap" returns handled for request 5
modcall: leaving group authenticate (returns handled) for request 5
Sending Access-Challenge of id 203 to 10.0.0.10 port 1413
Reply-Message = "Welcome , %u"
EAP-Message = 0x0107003b19001703010030bf95008eecd47ff31262d612d1974351e866dc9784d2bf0c90ee40b9878d1a2d53f184267dee7c301bcf369f5290042e
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x217d9fd513bdaefaf143de9dd53e661c
Finished request 5
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 10.0.0.10:1414, id=204, length=233
NAS-IP-Address = 10.0.0.10
NAS-Port-Type = Wireless-802.11
NAS-Port = 1
Framed-MTU = 1400
User-Name = "apolyxrono"
Calling-Station-Id = "00166f122595"
Called-Station-Id = "000d545c4190"
NAS-Identifier = "3Com Access Point"
State = 0x217d9fd513bdaefaf143de9dd53e661c
EAP-Message = 0x0207005c1900170301005142250a1eb7f636498a5f6402e9d43b70c634ef5ece8bd44c67dd9b0b3b5d300d5571bb362d4629003f5eee3bb00bb17ea98d3706a7016e0956a9964f1abf1166fca19ff1bff4073b5ba57e164c054902ca
Message-Authenticator = 0x3c8d531291a8cce0e8cd9cbd6483281e
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 6
modcall[authorize]: module "preprocess" returns ok for request 6
rlm_eap: EAP packet type response id 7 length 92
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 6
users: Matched entry DEFAULT at line 155
users: Matched entry apolyxrono at line 220
modcall[authorize]: module "files" returns ok for request 6
modcall: leaving group authorize (returns updated) for request 6
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 6
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: EAP type mschapv2
rlm_eap_peap: Tunneled data is valid.
PEAP: Setting User-Name to apolyxrono
PEAP: Adding old state with 97 52
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 6
modcall[authorize]: module "preprocess" returns ok for request 6
rlm_eap: EAP packet type response id 7 length 69
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 6
users: Matched entry DEFAULT at line 155
users: Matched entry apolyxrono at line 220
modcall[authorize]: module "files" returns ok for request 6
modcall: leaving group authorize (returns updated) for request 6
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 6
rlm_eap: Request found, released from the list
rlm_eap: EAP/mschapv2
rlm_eap: processing type mschapv2
Processing the authenticate section of radiusd.conf
modcall: entering group MS-CHAP for request 6
rlm_mschap: Told to do MS-CHAPv2 for apolyxrono with NT-Password
modcall[authenticate]: module "mschap" returns ok for request 6
modcall: leaving group MS-CHAP (returns ok) for request 6
MSCHAP Success
modcall[authenticate]: module "eap" returns handled for request 6
modcall: leaving group authenticate (returns handled) for request 6
PEAP: Got tunneled Access-Challenge
modcall[authenticate]: module "eap" returns handled for request 6
modcall: leaving group authenticate (returns handled) for request 6
Sending Access-Challenge of id 204 to 10.0.0.10 port 1414
Reply-Message = "Welcome , %u"
EAP-Message = 0x0108004a1900170301003f2f9e49443ff7ee46c8e5ffe8a2e92ef9306fdae10f5465276e42faa291bdc286c3b07291242c2c79dac47c1cefaf93b4e2595e87dd9604d6b97e3df8e789f9
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x3199fe744bdd4d6520d40c3aa9d0b14f
Finished request 6
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 10.0.0.10:1415, id=205, length=170
NAS-IP-Address = 10.0.0.10
NAS-Port-Type = Wireless-802.11
NAS-Port = 1
Framed-MTU = 1400
User-Name = "apolyxrono"
Calling-Station-Id = "00166f122595"
Called-Station-Id = "000d545c4190"
NAS-Identifier = "3Com Access Point"
State = 0x3199fe744bdd4d6520d40c3aa9d0b14f
EAP-Message = 0x0208001d1900170301001205ab33d832d8bc53b98060e66dc86305eb2d
Message-Authenticator = 0xcbc6bab94afd70655df82f4376410ccc
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 7
modcall[authorize]: module "preprocess" returns ok for request 7
rlm_eap: EAP packet type response id 8 length 29
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 7
users: Matched entry DEFAULT at line 155
users: Matched entry apolyxrono at line 220
modcall[authorize]: module "files" returns ok for request 7
modcall: leaving group authorize (returns updated) for request 7
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 7
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: EAP type mschapv2
rlm_eap_peap: Tunneled data is valid.
PEAP: Setting User-Name to apolyxrono
PEAP: Adding old state with 91 96
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 7
modcall[authorize]: module "preprocess" returns ok for request 7
rlm_eap: EAP packet type response id 8 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 7
users: Matched entry DEFAULT at line 155
users: Matched entry apolyxrono at line 220
modcall[authorize]: module "files" returns ok for request 7
modcall: leaving group authorize (returns updated) for request 7
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 7
rlm_eap: Request found, released from the list
rlm_eap: EAP/mschapv2
rlm_eap: processing type mschapv2
rlm_eap: Freeing handler
modcall[authenticate]: module "eap" returns ok for request 7
modcall: leaving group authenticate (returns ok) for request 7
radius_xlat: 'Welcome , apolyxrono'
PEAP: Tunneled authentication was successful.
rlm_eap_peap: SUCCESS
modcall[authenticate]: module "eap" returns handled for request 7
modcall: leaving group authenticate (returns handled) for request 7
Sending Access-Challenge of id 205 to 10.0.0.10 port 1415
Reply-Message = "Welcome , %u"
EAP-Message = 0x010900261900170301001bc78ceb72a50f9f225f6367014d4d16aa2decfbd89251db50f6911c
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x2dbeeebf66adfa7162cb48fcca366dc8
Finished request 7
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 10.0.0.10:1416, id=206, length=179
NAS-IP-Address = 10.0.0.10
NAS-Port-Type = Wireless-802.11
NAS-Port = 1
Framed-MTU = 1400
User-Name = "apolyxrono"
Calling-Station-Id = "00166f122595"
Called-Station-Id = "000d545c4190"
NAS-Identifier = "3Com Access Point"
State = 0x2dbeeebf66adfa7162cb48fcca366dc8
EAP-Message = 0x020900261900170301001bb2aa704bedf0387c6419429b7adae92b476fc1df7c8cf339d09ed1
Message-Authenticator = 0xb006210dadcffc92b4807279b50f58f1
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 8
modcall[authorize]: module "preprocess" returns ok for request 8
rlm_eap: EAP packet type response id 9 length 38
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 8
users: Matched entry DEFAULT at line 155
users: Matched entry apolyxrono at line 220
modcall[authorize]: module "files" returns ok for request 8
modcall: leaving group authorize (returns updated) for request 8
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 8
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: Received EAP-TLV response.
rlm_eap_peap: Tunneled data is valid.
rlm_eap_peap: Success
rlm_eap: Freeing handler
modcall[authenticate]: module "eap" returns ok for request 8
modcall: leaving group authenticate (returns ok) for request 8
radius_xlat: 'Welcome , apolyxrono'
Sending Access-Accept of id 206 to 10.0.0.10 port 1416
Reply-Message = "Welcome , apolyxrono"
MS-MPPE-Recv-Key = 0x4f07bfd7b31f4bcf95c4537ee9dd4054b6ed23c353b8dfa380a1bee24b059371
MS-MPPE-Send-Key = 0x9b6219695728c1cf01e13abd0e73b2e08b52e5ceeaec910669d8cac5a5100657
EAP-Message = 0x03090004
Message-Authenticator = 0x00000000000000000000000000000000
User-Name = "apolyxrono"
Finished request 8
Going to the next request
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 198 with timestamp 459c110c
Cleaning up request 1 ID 199 with timestamp 459c110c
Cleaning up request 2 ID 200 with timestamp 459c110c
Cleaning up request 3 ID 201 with timestamp 459c110c
Cleaning up request 4 ID 202 with timestamp 459c110c
Cleaning up request 5 ID 203 with timestamp 459c110c
Cleaning up request 6 ID 204 with timestamp 459c110c
Cleaning up request 7 ID 205 with timestamp 459c110c
Cleaning up request 8 ID 206 with timestamp 459c110c
Nothing to do. Sleeping until we see a request.
rad_recv: Accounting-Request packet from host 10.0.0.10:1406, id=2, length=158
Acct-Status-Type = Start
Acct-Session-Id = "00166f122595-000d54fdb5ea-4d5e"
NAS-IP-Address = 10.0.0.10
Acct-Input-Octets = 37687
Acct-Output-Octets = 21336
Acct-Input-Packets = 124
Acct-Output-Packets = 152
User-Name = "apolyxrono"
Vendor-Specific = 0x564c414e2049442069733a2030
Vendor-Specific = 0x4553534944203d206d794170
Vendor-Specific = 0x45415020547970652069733a204541502d50454150
Acct-Session-Time = 32
Processing the preacct section of radiusd.conf
modcall: entering group preacct for request 9
modcall[preacct]: module "preprocess" returns noop for request 9
rlm_acct_unique: WARNING: Attribute NAS-Port was not found in request, unique ID MAY be inconsistent
rlm_acct_unique: Hashing ',Client-IP-Address = 10.0.0.10,NAS-IP-Address = 10.0.0.10,Acct-Session-Id = "00166f122595-000d54fdb5ea-4d5e",User-Name = "apolyxrono"'
rlm_acct_unique: Acct-Unique-Session-ID = "e27dcefb66f90e5e".
modcall[preacct]: module "acct_unique" returns ok for request 9
rlm_realm: No '@' in User-Name = "apolyxrono", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[preacct]: module "suffix" returns noop for request 9
modcall[preacct]: module "files" returns noop for request 9
modcall: leaving group preacct (returns ok) for request 9
Processing the accounting section of radiusd.conf
modcall: entering group accounting for request 9
radius_xlat: '/usr/local/var/log/radius/radacct/10.0.0.10/detail-20070103'
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/10.0.0.10/detail-20070103
modcall[accounting]: module "detail" returns ok for request 9
radius_xlat: '/usr/local/var/log/radius/radutmp'
radius_xlat: 'apolyxrono'
rlm_radutmp: No NAS-Port seen. Cannot do anything.
rlm_radumtp: WARNING: checkrad will probably not work!
modcall[accounting]: module "radutmp" returns noop for request 9
modcall: leaving group accounting (returns ok) for request 9
Sending Accounting-Response of id 2 to 10.0.0.10 port 1406
Finished request 9
Going to the next request
--- Walking the entire request list ---
Cleaning up request 9 ID 2 with timestamp 459c112d
Nothing to do. Sleeping until we see a request.
thanks
Adreas Polyxronopoulos
----- Forwarded Message ----
From: adreas Polyxronopoulos <apolyxrono at yahoo.co.uk>
To: freeradius users-list <freeradius-users at lists.freeradius.org>
Sent: Wednesday, 3 January, 2007 3:03:23 PM
Subject: My AP does accountig but radwho doesn't work..
Hi list,
I am trying to work the radwho command but i get this error : radwho: Error reading /usr/local/var/log/radius/radutmp: No such file or directory
My AccessPoint (3com 7250) has the accounting option i have set it enable and i have detail files in /usr/local/var/log/radius/radacct/10.0.0.10 .
In my radiusd.conf :
radutmp {
filename = ${LOGDIR}/radutmp
username = %{User-Name}
case_sensitive = yes
check_with_nas = yes
perm = 0600
callerid = yes
}
accounting {
detail
radutmp
}
session {
radutmp
}
-----
and when running radiusd -X :
..............
Module: Loaded radutmp
radutmp: filename =
"/var/log/radius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: case_sensitive = yes
radutmp: check_with_nas = yes
radutmp: perm = 384
radutmp: callerid = yes
....
Module: Instantiated radutmp (radutmp)
thanks
Adreas Polyxronopoulos
Send instant messages to your online friends http://uk.messenger.yahoo.com
Send instant messages to your online friends http://uk.messenger.yahoo.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070104/594f4bd4/attachment.html>
More information about the Freeradius-Users
mailing list