Cisco Access Points

Christian Ejlertsen chr.ejlertsen at has.dk
Mon May 14 18:47:24 CEST 2007


This is what I get.

triagia ~ # radiusd -A -X
Starting - reading configuration files ...
reread_config:  reading radiusd.conf
Config:   including file: /etc/raddb/proxy.conf
Config:   including file: /etc/raddb/clients.conf
Config:   including file: /etc/raddb/snmp.conf
Config:   including file: /etc/raddb/eap.conf
Config:   including file: /etc/raddb/sql.conf
 main: prefix = "/usr"
 main: localstatedir = "/var"
 main: logdir = "/var/log/radius"
 main: libdir = "/usr/lib"
 main: radacctdir = "/var/log/radius/radacct"
 main: hostname_lookups = no
 main: max_request_time = 30
 main: cleanup_delay = 5
 main: max_requests = 1024
 main: delete_blocked_requests = 0
 main: port = 0
 main: allow_core_dumps = no
 main: log_stripped_names = no
 main: log_file = "/var/log/radius/radius.log"
 main: log_auth = no
 main: log_auth_badpass = no
 main: log_auth_goodpass = no
 main: pidfile = "/var/run/radiusd/radiusd.pid"
 main: user = "radiusd"
 main: group = "radiusd"
 main: usercollide = no
 main: lower_user = "no"
 main: lower_pass = "no"
 main: nospace_user = "no"
 main: nospace_pass = "no"
 main: checkrad = "/usr/sbin/checkrad"
 main: proxy_requests = yes
 proxy: retry_delay = 5
 proxy: retry_count = 3
 proxy: synchronous = no
 proxy: default_fallback = yes
 proxy: dead_time = 120
 proxy: post_proxy_authorize = no
 proxy: wake_all_if_all_dead = no
 security: max_attributes = 200
 security: reject_delay = 1
 security: status_server = no
 main: debug_level = 0
read_config_files:  reading dictionary
read_config_files:  reading naslist
Using deprecated naslist file.  Support for this will go away soon.
read_config_files:  reading clients
read_config_files:  reading realms
radiusd:  entering modules setup
Module: Library search path is /usr/lib
Module: Loaded exec
 exec: wait = yes
 exec: program = "(null)"
 exec: input_pairs = "request"
 exec: output_pairs = "(null)"
 exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
 pap: encryption_scheme = "crypt"
 pap: auto_header = no
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
 mschap: use_mppe = yes
 mschap: require_encryption = no
 mschap: require_strong = no
 mschap: with_ntdomain_hack = no
 mschap: passwd = "(null)"
 mschap: ntlm_auth = "(null)"
Module: Instantiated mschap (mschap)
Module: Loaded System
 unix: cache = no
 unix: passwd = "(null)"
 unix: shadow = "(null)"
 unix: group = "(null)"
 unix: radwtmp = "/var/log/radius/radwtmp"
 unix: usegroup = no
 unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
 eap: default_eap_type = "md5"
 eap: timer_expire = 60
 eap: ignore_unknown_eap_types = no
 eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
 gtc: challenge = "Password: "
 gtc: auth_type = "PAP"
rlm_eap: Loaded and initialized type gtc
 mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
 preprocess: huntgroups = "/etc/raddb/huntgroups"
 preprocess: hints = "/etc/raddb/hints"
 preprocess: with_ascend_hack = no
 preprocess: ascend_channels_per_line = 23
 preprocess: with_ntdomain_hack = no
 preprocess: with_specialix_jetstream_hack = no
 preprocess: with_cisco_vsa_hack = no
 preprocess: with_alvarion_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
 realm: format = "suffix"
 realm: delimiter = "@"
 realm: ignore_default = no
 realm: ignore_null = no
Module: Instantiated realm (suffix)
Module: Loaded files
 files: usersfile = "/etc/raddb/users"
 files: acctusersfile = "/etc/raddb/acct_users"
 files: preproxy_usersfile = "/etc/raddb/preproxy_users"
 files: compat = "no"
[/etc/raddb/users]:65 WARNING! Check item "MS-CHAP-Use-NTLM-Auth" ?found in
reply item list for user "wifiuser". ?This attribute MUST go on the first
line with the other check items
Module: Instantiated files (files)
Module: Loaded Acct-Unique-Session-Id
 acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address,
Client-IP-Address, NAS-Port"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded detail
 detail: detailfile =
"/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
 detail: detailperm = 384
 detail: dirperm = 493
 detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
 radutmp: filename = "/var/log/radius/radutmp"
 radutmp: username = "%{User-Name}"
 radutmp: case_sensitive = yes
 radutmp: check_with_nas = yes
 radutmp: perm = 384
 radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.150.250:1645, id=11,
length=135
        User-Name = "wifiuser"
        Framed-MTU = 1400
        Called-Station-Id = "0017.0e86.2cb0"
        Calling-Station-Id = "000e.35e6.0bd0"
        Service-Type = Login-User
        Message-Authenticator = 0xcef467e8a3b24b5c3eef6b1ebfea8bb1
        EAP-Message = 0x0202000d017769666975736572
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 346
        NAS-IP-Address = 192.168.150.250
        NAS-Identifier = "VOICE-AP"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
    rlm_realm: No '@' in User-Name = "wifiuser", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 0
  rlm_eap: EAP packet type response id 2 length 13
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 0
    users: Matched entry wifiuser at line 65
  modcall[authorize]: module "files" returns ok for request 0
modcall: leaving group authorize (returns updated) for request 0
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
  rlm_eap: EAP Identity
  rlm_eap: processing type md5
rlm_eap_md5: Issuing Challenge
  modcall[authenticate]: module "eap" returns handled for request 0
modcall: leaving group authenticate (returns handled) for request 0
Sending Access-Challenge of id 11 to 192.168.150.250 port 1645
        EAP-Message = 0x010300160410ec940a7577c4d10df211a4ddfebde7ca
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x977d6e6a369cd2ece8aca6a5b16ab920
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.150.250:1645, id=12,
length=146
        User-Name = "wifiuser"
        Framed-MTU = 1400
        Called-Station-Id = "0017.0e86.2cb0"
        Calling-Station-Id = "000e.35e6.0bd0"
        Service-Type = Login-User
        Message-Authenticator = 0x20d261fff76441857c609d0742b6ce64
        EAP-Message = 0x020300060319
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 346
        State = 0x977d6e6a369cd2ece8aca6a5b16ab920
        NAS-IP-Address = 192.168.150.250
        NAS-Identifier = "VOICE-AP"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
  modcall[authorize]: module "preprocess" returns ok for request 1
  modcall[authorize]: module "chap" returns noop for request 1
  modcall[authorize]: module "mschap" returns noop for request 1
    rlm_realm: No '@' in User-Name = "wifiuser", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 1
  rlm_eap: EAP packet type response id 3 length 6
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 1
    users: Matched entry wifiuser at line 65
  modcall[authorize]: module "files" returns ok for request 1
modcall: leaving group authorize (returns updated) for request 1
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 1
  rlm_eap: Request found, released from the list
  rlm_eap: EAP NAK
 rlm_eap: EAP-NAK asked for EAP-Type/peap
 rlm_eap: No such EAP type peap
  rlm_eap: Failed in EAP select
  modcall[authenticate]: module "eap" returns invalid for request 1
modcall: leaving group authenticate (returns invalid) for request 1
auth: Failed to validate the user.
Delaying request 1 for 1 seconds
Finished request 1
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.150.250:1645, id=12,
length=146
Sending Access-Reject of id 12 to 192.168.150.250 port 1645
        EAP-Message = 0x04030004
        Message-Authenticator = 0x00000000000000000000000000000000
--- Walking the entire request list ---
Waking up in 1 seconds...
rad_recv: Access-Request packet from host 192.168.150.250:1645, id=13,
length=135
        User-Name = "wifiuser"
        Framed-MTU = 1400
        Called-Station-Id = "0017.0e86.2cb0"
        Calling-Station-Id = "000e.35e6.0bd0"
        Service-Type = Login-User
        Message-Authenticator = 0xccf58d6473294ed5df1a339437f920a6
        EAP-Message = 0x0201000d017769666975736572
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 347
        NAS-IP-Address = 192.168.150.250
        NAS-Identifier = "VOICE-AP"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
  modcall[authorize]: module "preprocess" returns ok for request 2
  modcall[authorize]: module "chap" returns noop for request 2
  modcall[authorize]: module "mschap" returns noop for request 2
    rlm_realm: No '@' in User-Name = "wifiuser", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 2
  rlm_eap: EAP packet type response id 1 length 13
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 2
    users: Matched entry wifiuser at line 65
  modcall[authorize]: module "files" returns ok for request 2
modcall: leaving group authorize (returns updated) for request 2
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 2
  rlm_eap: EAP Identity
  rlm_eap: processing type md5
rlm_eap_md5: Issuing Challenge
  modcall[authenticate]: module "eap" returns handled for request 2
modcall: leaving group authenticate (returns handled) for request 2
Sending Access-Challenge of id 13 to 192.168.150.250 port 1645
        EAP-Message = 0x0102001604104ca975f3dc58a7f606b7e2201a8ab6c9
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x1bdaf4a324a3a44870d446bb2de9dac1
Finished request 2
Going to the next request
Cleaning up request 0 ID 11 with timestamp 4648921b
Cleaning up request 1 ID 12 with timestamp 4648921b
Waking up in 1 seconds...
rad_recv: Access-Request packet from host 192.168.150.250:1645, id=14,
length=135
        User-Name = "wifiuser"
        Framed-MTU = 1400
        Called-Station-Id = "0017.0e86.2cb0"
        Calling-Station-Id = "000e.35e6.0bd0"
        Service-Type = Login-User
        Message-Authenticator = 0x078522217ed23ba2b860e12164af494c
        EAP-Message = 0x0203000d017769666975736572
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 347
        NAS-IP-Address = 192.168.150.250
        NAS-Identifier = "VOICE-AP"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 3
  modcall[authorize]: module "preprocess" returns ok for request 3
  modcall[authorize]: module "chap" returns noop for request 3
  modcall[authorize]: module "mschap" returns noop for request 3
    rlm_realm: No '@' in User-Name = "wifiuser", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 3
  rlm_eap: EAP packet type response id 3 length 13
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 3
    users: Matched entry wifiuser at line 65
  modcall[authorize]: module "files" returns ok for request 3
modcall: leaving group authorize (returns updated) for request 3
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 3
  rlm_eap: EAP Identity
  rlm_eap: processing type md5
rlm_eap_md5: Issuing Challenge
  modcall[authenticate]: module "eap" returns handled for request 3
modcall: leaving group authenticate (returns handled) for request 3
Sending Access-Challenge of id 14 to 192.168.150.250 port 1645
        EAP-Message = 0x010400160410da2d678cd3e4a1a4339bc82f9880c72a
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x807cb82738bed6f381363d412f391090
Finished request 3
Going to the next request
Waking up in 1 seconds...
rad_recv: Access-Request packet from host 192.168.150.250:1645, id=15,
length=146
        User-Name = "wifiuser"
        Framed-MTU = 1400
        Called-Station-Id = "0017.0e86.2cb0"
        Calling-Station-Id = "000e.35e6.0bd0"
        Service-Type = Login-User
        Message-Authenticator = 0x51d62b2354da5f1a1f4dcf989ac44156
        EAP-Message = 0x020400060319
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 347
        State = 0x807cb82738bed6f381363d412f391090
        NAS-IP-Address = 192.168.150.250
        NAS-Identifier = "VOICE-AP"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 4
  modcall[authorize]: module "preprocess" returns ok for request 4
  modcall[authorize]: module "chap" returns noop for request 4
  modcall[authorize]: module "mschap" returns noop for request 4
    rlm_realm: No '@' in User-Name = "wifiuser", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 4
  rlm_eap: EAP packet type response id 4 length 6
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 4
    users: Matched entry wifiuser at line 65
  modcall[authorize]: module "files" returns ok for request 4
modcall: leaving group authorize (returns updated) for request 4
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 4
  rlm_eap: Request found, released from the list
  rlm_eap: EAP NAK
 rlm_eap: EAP-NAK asked for EAP-Type/peap
 rlm_eap: No such EAP type peap
  rlm_eap: Failed in EAP select
  modcall[authenticate]: module "eap" returns invalid for request 4
modcall: leaving group authenticate (returns invalid) for request 4
auth: Failed to validate the user.
Delaying request 4 for 1 seconds
Finished request 4
Going to the next request
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 15 to 192.168.150.250 port 1645
        EAP-Message = 0x04040004
        Message-Authenticator = 0x00000000000000000000000000000000
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 2 ID 13 with timestamp 46489220
Cleaning up request 3 ID 14 with timestamp 46489220
Cleaning up request 4 ID 15 with timestamp 46489220
Nothing to do.  Sleeping until we see a request.

> -----Original Message-----
> From: freeradius-users-bounces+chr.ejlertsen=has.dk at lists.freeradius.org
> [mailto:freeradius-users-
> bounces+chr.ejlertsen=has.dk at lists.freeradius.org] On Behalf Of Riccardo
> Veraldi
> Sent: 14. maj 2007 18:37
> To: FreeRadius users mailing list
> Subject: Re: Cisco Access Points
> 
> 
> radiusd -A -X
> 
> an tell what you see on the radius server
> 
> 
> thanks
> 
> Rick
> 
> 
> Christian Ejlertsen wrote:
> >
> > Hello to all
> >
> > I'm very new at this whole radius deal so I hope I can find a kind
> > soul that could help me with this setup.
> >
> > I'm sorry if this is described somewhere I've been looking around and
> > I don't seem to find this.
> >
> > For now i'm trying to get a very simple setup to work
> >
> > I have a Cisco 1121G AP which I want to use with my freeeradius server
> > EAP/PEAP
> >
> > Nothing fancy just a user local on the freeradius server
> >
> > I can't get the user credentials to authenticate
> >
> > It's a Windows machine that I trying to authenticate with and the
> > wireless netcard is set to use EAP (PEAP), no certificates and
> > EAP-MSCHAPv2 as authentication method.
> >
> > I have a user in the radius users file called
> >
> > wifiuser User-Password := "SomePasswordHere"
> >
> > MS-CHAP-Use-NTLM-Auth := 0
> >
> > In the clients.conf I have
> >
> > client 192.168.150.250 {
> >
> > secret = SomePasswordHere
> >
> > shortname = CiscoAP1121
> >
> > nastype = cisco
> >
> > }
> >
> > In the eap.conf I unmarked
> >
> > default_eap_type = mschapv2
> >
> > Then I read this in the eap.conf
> >
> > # This module is the *Microsoft* implementation of MS-CHAPv2
> >
> > # in EAP. There is another (incompatible) implementation
> >
> > # of MS-CHAPv2 in EAP by Cisco, which FreeRADIUS does not
> >
> > # currently support.
> >
> > #
> >
> > mschapv2 {
> >
> > }
> >
> > Does this apply to my setup and if so what is an alternative to what
> > I'm trying todo?
> >
> > When I debug on the cisco AP I get the following lines that are odd
> > (Full log in bottom of the mail)
> >
> > *Apr 23 19:50:57.298: RADIUS: AAA Unsupported [263] 12
> >
> > *Apr 23 19:50:57.299: RADIUS: 57 49 46 49 5F 50 52 49 56 41 [WIFI_PRIVA]
> >
> > *Apr 23 19:50:57.299: RADIUS: AAA Unsupported [156] 3
> >
> > *Apr 23 19:50:57.299: RADIUS: 33
> >
> > It's a pretty standard Freeradius config havn't done anything to it
> > but added some users and one other client.
> >
> > Thank you in advance
> >
> > Christian
> >
> > -------- LOGS BELOW ---------
> >
> > All I get in radius.log is
> >
> > Mon May 14 19:50:20 2007 : Info: rlm_eap_md5: Issuing Challenge
> >
> > --------------- CISCO DEBUG RADIUS -----------------------
> >
> > *Apr 23 19:50:57.288: RADIUS/ENCODE(000000D3):Orig. component type =
> DOT11
> >
> > *Apr 23 19:50:57.288: RADIUS: AAA Unsupported [263] 12
> >
> > *Apr 23 19:50:57.288: RADIUS: 57 49 46 49 5F 50 52 49 56 41 [WIFI_PRIVA]
> >
> > *Apr 23 19:50:57.288: RADIUS: AAA Unsupported [156] 3
> >
> > *Apr 23 19:50:57.288: RADIUS: 33 [3]
> >
> > *Apr 23 19:50:57.288: RADIUS(000000D3): Storing nasport 336 in rad_db
> >
> > *Apr 23 19:50:57.289: RADIUS(000000D3): Config NAS IP: 192.168.150.250
> >
> > *Apr 23 19:50:57.289: RADIUS/ENCODE(000000D3): acct_session_id: 82
> >
> > *Apr 23 19:50:57.289: RADIUS(000000D3): Config NAS IP: 192.168.150.250
> >
> > *Apr 23 19:50:57.289: RADIUS(000000D3): sending
> >
> > *Apr 23 19:50:57.290: RADIUS(000000D3): Send Access-Request to
> > 192.168.150.1:1812 id 1645/33, len 135
> >
> > *Apr 23 19:50:57.290: RADIUS: authenticator EA B6 33 72 6C 09 8E CF -
> > 84 B1 60 BB 54 B8 55 BF
> >
> > *Apr 23 19:50:57.290: RADIUS: User-Name [1] 10 "wifiuser"
> >
> > *Apr 23 19:50:57.290: RADIUS: Framed-MTU [12] 6 1400
> >
> > *Apr 23 19:50:57.290: RADIUS: Called-Station-Id [30] 16 "0017.0e86.2cb0"
> >
> > *Apr 23 19:50:57.290: RADIUS: Calling-Station-Id [31] 16
> "000e.35e6.0bd0"
> >
> > *Apr 23 19:50:57.290: RADIUS: Service-Type [6] 6 Login [1]
> >
> > *Apr 23 19:50:57.291: RADIUS: Message-Authenticato[80] 18 *
> >
> > *Apr 23 19:50:57.291: RADIUS: EAP-Message [79] 15
> >
> > *Apr 23 19:50:57.291: RADIUS: 02 02 00 0D 01 77 69 66 69 75 73 65 72
> > [?????wifiuser]
> >
> > *Apr 23 19:50:57.291: RADIUS: NAS-Port-Type [61] 6 802.11 wireless [19]
> >
> > *Apr 23 19:50:57.292: RADIUS: NAS-Port [5] 6 336
> >
> > *Apr 23 19:50:57.292: RADIUS: NAS-IP-Address [4] 6 192.168.150.250
> >
> > *Apr 23 19:50:57.292: RADIUS: Nas-Identifier [32] 10 "VOICE-AP"
> >
> > *Apr 23 19:50:57.293: RADIUS: Received from id 1645/33
> > 192.168.150.1:1812, Access-Challenge, len 80
> >
> > *Apr 23 19:50:57.294: RADIUS: authenticator F9 A4 EE 6B E1 5A 8A AB -
> > F5 BD 19 CA 96 33 48 CA
> >
> > *Apr 23 19:50:57.294: RADIUS: EAP-Message [79] 24
> >
> > *Apr 23 19:50:57.294: RADIUS: 01 03 00 16 04 10 41 8F DB 50 B7 94 9A
> > 30 DF CE [??????A??P???0??]
> >
> > *Apr 23 19:50:57.294: RADIUS: 60 DA D1 51 EB 08 [`??Q??]
> >
> > *Apr 23 19:50:57.294: RADIUS: Message-Authenticato[80] 18 *
> >
> > *Apr 23 19:50:57.294: RADIUS: State [24] 18
> >
> > *Apr 23 19:50:57.295: RADIUS: DE 53 56 01 A4 DC 17 CD C0 B9 E0 46 DF
> > 21 54 FB [?SV????????F?!T?]
> >
> > *Apr 23 19:50:57.295: RADIUS(000000D3): Received from id 1645/33
> >
> > *Apr 23 19:50:57.296: RADIUS/DECODE: EAP-Message fragments, 22, total
> > 22 bytes
> >
> > *Apr 23 19:50:57.298: RADIUS/ENCODE(000000D3):Orig. component type =
> DOT11
> >
> > *Apr 23 19:50:57.298: RADIUS: AAA Unsupported [263] 12
> >
> > *Apr 23 19:50:57.299: RADIUS: 57 49 46 49 5F 50 52 49 56 41 [WIFI_PRIVA]
> >
> > *Apr 23 19:50:57.299: RADIUS: AAA Unsupported [156] 3
> >
> > *Apr 23 19:50:57.299: RADIUS: 33 [3]
> >
> > *Apr 23 19:50:57.299: RADIUS(000000D3): Using existing nas_port 336
> >
> > *Apr 23 19:50:57.300: RADIUS(000000D3): Config NAS IP: 192.168.150.250
> >
> > *Apr 23 19:50:57.300: RADIUS/ENCODE(000000D3): acct_session_id: 82
> >
> > *Apr 23 19:50:57.300: RADIUS(000000D3): Config NAS IP: 192.168.150.250
> >
> > *Apr 23 19:50:57.300: RADIUS(000000D3): sending
> >
> > *Apr 23 19:50:57.300: RADIUS(000000D3): Send Access-Request to
> > 192.168.150.1:1812 id 1645/34, len 146
> >
> > *Apr 23 19:50:57.300: RADIUS: authenticator 56 F3 92 78 A7 7A 09 FA -
> > 99 29 51 99 7D E0 9F B3
> >
> > *Apr 23 19:50:57.301: RADIUS: User-Name [1] 10 "wifiuser"
> >
> > *Apr 23 19:50:57.301: RADIUS: Framed-MTU [12] 6 1400
> >
> > *Apr 23 19:50:57.301: RADIUS: Called-Station-Id [30] 16 "0017.0e86.2cb0"
> >
> > *Apr 23 19:50:57.301: RADIUS: Calling-Station-Id [31] 16
> "000e.35e6.0bd0"
> >
> > *Apr 23 19:50:57.301: RADIUS: Service-Type [6] 6 Login [1]
> >
> > *Apr 23 19:50:57.302: RADIUS: Message-Authenticato[80] 18 *
> >
> > *Apr 23 19:50:57.302: RADIUS: EAP-Message [79] 8
> >
> > *Apr 23 19:50:57.302: RADIUS: 02 03 00 06 03 19 [??????]
> >
> > *Apr 23 19:50:57.302: RADIUS: NAS-Port-Type [61] 6 802.11 wireless [19]
> >
> > *Apr 23 19:50:57.302: RADIUS: NAS-Port [5] 6 336
> >
> > *Apr 23 19:50:57.302: RADIUS: State [24] 18
> >
> > *Apr 23 19:50:57.302: RADIUS: DE 53 56 01 A4 DC 17 CD C0 B9 E0 46 DF
> > 21 54 FB [?SV????????F?!T?]
> >
> > *Apr 23 19:50:57.302: RADIUS: NAS-IP-Address [4] 6 192.168.150.250
> >
> > *Apr 23 19:50:57.303: RADIUS: Nas-Identifier [32] 10 "VOICE-AP"
> >
> > *Apr 23 19:51:02.527: RADIUS: no sg in radius-timers: ctx 0xC2506C sg
> > 0x0000
> >
> > *Apr 23 19:51:02.527: RADIUS: Retransmit to (192.168.150.1:1812,1813)
> > for id 1645/34
> >
> > *Apr 23 19:51:02.527: RADIUS: Received from id 1645/34
> > 192.168.150.1:1812, Access-Reject, len 44
> >
> > *Apr 23 19:51:02.528: RADIUS: authenticator 27 C2 B4 DD 14 F9 C3 C0 -
> > DF 88 BD B5 DC 0D 6C 63
> >
> > *Apr 23 19:51:02.528: RADIUS: EAP-Message [79] 6
> >
> > *Apr 23 19:51:02.528: RADIUS: 04 03 00 04 [????]
> >
> > *Apr 23 19:51:02.528: RADIUS: Message-Authenticato[80] 18 *
> >
> > *Apr 23 19:51:02.529: RADIUS(000000D3): Received from id 1645/34
> >
> > *Apr 23 19:51:02.529: RADIUS/DECODE: EAP-Message fragments, 4, total 4
> > bytes
> >
> > ------------------------ CISCO DEBUG RADIUS END ---------------------
> >
> > ------------------------------------------------------------------------
> >
> > -
> > List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
> 
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html




More information about the Freeradius-Users mailing list