log file for free radius 1.1.6 eap-tls authentication

anoop_c at sifycorp.com anoop_c at sifycorp.com
Mon May 28 14:46:26 CEST 2007


Hi
  pls find the o/p of radius -X.Also the log file is not coming.

  [root at localhost sbin]# radiusd -X
Starting - reading configuration files ...
reread_config:  reading radiusd.conf
Config:   including file: /etc/raddb/proxy.conf
Config:   including file: /etc/raddb/clients.conf
Config:   including file: /etc/raddb/snmp.conf
Config:   including file: /etc/raddb/eap.conf
Config:   including file: /etc/raddb/sql.conf
 main: prefix = \"/usr/local\"
 main: localstatedir = \"/usr/local/var\"
 main: logdir = \"/usr/local/var/log/radius\"
 main: libdir = \"/usr/local/lib\"
 main: radacctdir = \"/usr/local/var/log/radius/radacct\"
 main: hostname_lookups = no
 main: snmp = no
 main: max_request_time = 30
 main: cleanup_delay = 5
 main: max_requests = 1024
 main: delete_blocked_requests = 0
 main: port = 0
 main: allow_core_dumps = no
 main: log_stripped_names = no
 main: log_file = \"/usr/local/var/log/radius/radius.log\"
 main: log_auth = yes
 main: log_auth_badpass = no
 main: log_auth_goodpass = no
 main: pidfile = \"/usr/local/var/run/radiusd/radiusd.pid\"
 main: user = \"(null)\"
 main: group = \"(null)\"
 main: usercollide = no
 main: lower_user = \"no\"
 main: lower_pass = \"no\"
 main: nospace_user = \"no\"
 main: nospace_pass = \"no\"
 main: checkrad = \"/usr/local/sbin/checkrad\"
 main: proxy_requests = yes
 proxy: retry_delay = 5
 proxy: retry_count = 3
 proxy: synchronous = no
 proxy: default_fallback = yes
 proxy: dead_time = 120
 proxy: post_proxy_authorize = no
 proxy: wake_all_if_all_dead = no
 security: max_attributes = 200
 security: reject_delay = 1
 security: status_server = no
 main: debug_level = 0
read_config_files:  reading dictionary
read_config_files:  reading naslist
Using deprecated naslist file.  Support for this will go away soon.
read_config_files:  reading clients
read_config_files:  reading realms
radiusd:  entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded exec
 exec: wait = yes
 exec: program = \"(null)\"
 exec: input_pairs = \"request\"
 exec: output_pairs = \"(null)\"
 exec: packet_type = \"(null)\"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded System
 unix: cache = no
 unix: passwd = \"(null)\"
 unix: shadow = \"(null)\"
 unix: group = \"(null)\"
 unix: radwtmp = \"/usr/local/var/log/radius/radwtmp\"
 unix: usegroup = no
 unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
 eap: default_eap_type = \"tls\"
 eap: timer_expire = 60
 eap: ignore_unknown_eap_types = no
 eap: cisco_accounting_username_bug = no
 tls: rsa_key_exchange = no
 tls: dh_key_exchange = yes
 tls: rsa_key_length = 512
 tls: dh_key_length = 512
 tls: verify_depth = 0
 tls: CA_path = \"(null)\"
 tls: pem_file_type = yes
 tls: private_key_file = \"/etc/1x/07xwifi.pem\"
 tls: certificate_file = \"/etc/1x/07xwifi.pem\"
 tls: CA_file = \"/etc/1x/root.pem\"
 tls: private_key_password = \"password\"
 tls: dh_file = \"/etc/1x/DH\"
 tls: random_file = \"/etc/1x/random\"
 tls: fragment_size = 1024
 tls: include_length = yes
 tls: check_crl = no
 tls: check_cert_cn = \"(null)\"
 tls: cipher_list = \"(null)\"
 tls: check_cert_issuer = \"(null)\"
rlm_eap_tls: Loading the certificate file as a chain
rlm_eap: Loaded and initialized type tls
Module: Instantiated eap (eap)
Module: Loaded preprocess
 preprocess: huntgroups = \"/etc/raddb/huntgroups\"
 preprocess: hints = \"/etc/raddb/hints\"
 preprocess: with_ascend_hack = no
 preprocess: ascend_channels_per_line = 23
 preprocess: with_ntdomain_hack = no
 preprocess: with_specialix_jetstream_hack = no
 preprocess: with_cisco_vsa_hack = no
 preprocess: with_alvarion_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
 realm: format = \"suffix\"
 realm: delimiter = \"@\"
 realm: ignore_default = no
 realm: ignore_null = no
Module: Instantiated realm (suffix)
Module: Loaded files
 files: usersfile = \"/etc/raddb/users\"
 files: acctusersfile = \"/etc/raddb/acct_users\"
 files: preproxy_usersfile = \"/etc/raddb/preproxy_users\"
 files: compat = \"no\"
Module: Instantiated files (files)
Module: Loaded Acct-Unique-Session-Id
 acct_unique: key = \"User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port\"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded detail
 detail: detailfile = \"/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d\"
 detail: detailperm = 384
 detail: dirperm = 493
 detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
 radutmp: filename = \"/usr/local/var/log/radius/radutmp\"
 radutmp: username = \"%{User-Name}\"
 radutmp: case_sensitive = yes
 radutmp: check_with_nas = yes
 radutmp: perm = 384
 radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.0.50:1026, id=0, length=213
        Message-Authenticator = 0x348faa1d22631530332a81f21a480716
        Service-Type = Framed-User
        User-Name = \"saravanakumar07\"
        Framed-MTU = 1488
        Called-Station-Id = \"00-0F-3D-AF-DD-C2:default\"
        Calling-Station-Id = \"00-0E-35-F3-A1-67\"
        NAS-Identifier = \"D-Link Access Point\"
        NAS-Port-Type = Wireless-802.11
        Connect-Info = \"CONNECT 54Mbps 802.11g\"
        EAP-Message = 0x02000014017361726176616e616b756d61723037
        NAS-IP-Address = 192.168.0.50
        NAS-Port = 1
        NAS-Port-Id = \"STA port # 1\"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module \"preprocess\" returns ok for request 0
    rlm_realm: No \'@\' in User-Name = \"saravanakumar07\", looking up realm NULL
    rlm_realm: No such realm \"NULL\"
  modcall[authorize]: module \"suffix\" returns noop for request 0
  rlm_eap: EAP packet type response id 0 length 20
  rlm_eap: No EAP Start, assuming it\'s an on-going EAP conversation
  modcall[authorize]: module \"eap\" returns updated for request 0
  modcall[authorize]: module \"files\" returns notfound for request 0
modcall: leaving group authorize (returns updated) for request 0
  rad_check_password:  Found Auth-Type EAP
auth: type \"EAP\"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
  rlm_eap: EAP Identity
  rlm_eap: processing type tls
 rlm_eap_tls: Requiring client certificate
  rlm_eap_tls: Initiate
  rlm_eap_tls: Start returned 1
  modcall[authenticate]: module \"eap\" returns handled for request 0
modcall: leaving group authenticate (returns handled) for request 0
Sending Access-Challenge of id 0 to 192.168.0.50 port 1026
        EAP-Message = 0x010100060d20
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xc1a1b99ed892aaa874bb2dabd58a9da3
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.0.50:1026, id=1, length=307
        Message-Authenticator = 0x4ee10f4214227b83aa487603fc4261db
        Service-Type = Framed-User
        User-Name = \"saravanakumar07\"
        Framed-MTU = 1488
        State = 0xc1a1b99ed892aaa874bb2dabd58a9da3
        Called-Station-Id = \"00-0F-3D-AF-DD-C2:default\"
        Calling-Station-Id = \"00-0E-35-F3-A1-67\"
        NAS-Identifier = \"D-Link Access Point\"
        NAS-Port-Type = Wireless-802.11
        Connect-Info = \"CONNECT 54Mbps 802.11g\"
        EAP-Message = 0x020100600d800000005616030100510100004d0301465ac684a8794ef0e567e436456ba8869ab7189a3c1ae5716f3fdec38ae182a610193a5d3bf49222fa530aa6094dd80e76001600040005000a000900640062000300060013001200630100
        NAS-IP-Address = 192.168.0.50
        NAS-Port = 1
        NAS-Port-Id = \"STA port # 1\"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
  modcall[authorize]: module \"preprocess\" returns ok for request 1
    rlm_realm: No \'@\' in User-Name = \"saravanakumar07\", looking up realm NULL
    rlm_realm: No such realm \"NULL\"
  modcall[authorize]: module \"suffix\" returns noop for request 1
  rlm_eap: EAP packet type response id 1 length 96
  rlm_eap: No EAP Start, assuming it\'s an on-going EAP conversation
  modcall[authorize]: module \"eap\" returns updated for request 1
  modcall[authorize]: module \"files\" returns notfound for request 1
modcall: leaving group authorize (returns updated) for request 1
  rad_check_password:  Found Auth-Type EAP
auth: type \"EAP\"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 1
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/tls
  rlm_eap: processing type tls
  rlm_eap_tls: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls:  Length Included
  eaptls_verify returned 11
    (other): before/accept initialization
    TLS_accept: before/accept initialization
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 0051], ClientHello
    TLS_accept: SSLv3 read client hello A
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
    TLS_accept: SSLv3 write server hello A
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 04be], Certificate
    TLS_accept: SSLv3 write certificate A
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 004c], CertificateRequest
    TLS_accept: SSLv3 write certificate request A
    TLS_accept: SSLv3 flush data
    TLS_accept: Need to read more data: SSLv3 read client certificate A
In SSL Handshake Phase
In SSL Accept mode
  eaptls_process returned 13
  modcall[authenticate]: module \"eap\" returns handled for request 1
modcall: leaving group authenticate (returns handled) for request 1
Sending Access-Challenge of id 1 to 192.168.0.50 port 1026
        EAP-Message = 0x0102040a0dc000000563160301004a020000460301465ac5ef2d0abda5b36cc686ccef0d9e8a907e16548ba82817b475b8cef9fe3b20f0328a38d5b438cbb376872879f3f0f89c7343ee8688765c8fc2ad235adbbef500040016030104be0b0004ba0004b700022b3082022730820190a003020102020101300d06092a864886f70d0101040500303b310b300906035504061302494e310b300906035504081302544e310d300b060355040a1304536966793110300e0603550403130730377877696669301e170d3037303131333037353834305a170d3038303131333037353834305a305f310b300906035504061302494e310b3009060355040813
        EAP-Message = 0x02544e310d300b060355040a1304536966793110300e06035504031307303778776966693122302006092a864886f70d01090116136a65796b756d61725f7340736966792e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100c6f366d39a74d8b66b561628be123f18f9b0a71f09b98d21b990e9a987d9acf3ceabd01df377e13da987a23f244496dfc0609e99ee03a9f44e51033cbb84c814d9d3225aacc7c67786fcd193d57c3f5ac16d7d1b83570152edca9ba9ff99ca4feffcb244551292fad52026afda1f876205e84a26b81cebd89fa03fd97e5f7fdb0203010001a317301530130603551d25040c300a06082b06
        EAP-Message = 0x010505070301300d06092a864886f70d010104050003818100a4cbb4e6e8190d840edc9e61637a38ffa423b2a67e8d308c3005b8ec18318e94ddddbac0ccb1a15780c285de01622608f4caded74bab6f0c9d44dfdeb648e46bdd4de3606e4c7f86e5f86472722db409baffdb78eb6c7ad267a623e1155af13de26e83f3ce29b4f82baf551b756d2f49e5691cc1d80f6fb253b11e7a15bf296000028630820282308201eba003020102020100300d06092a864886f70d0101040500303b310b300906035504061302494e310b300906035504081302544e310d300b060355040a1304536966793110300e0603550403130730377877696669301e170d30
        EAP-Message = 0x37303131333037353830305a170d3038303131333037353830305a303b310b300906035504061302494e310b300906035504081302544e310d300b060355040a1304536966793110300e060355040313073037787769666930819f300d06092a864886f70d010101050003818d0030818902818100ec232cf24bd548a586d614994a3f3b9ee699eb64a3bf9a0c90d7bc8afb39842c767c3613757b8d38a78ceaa6a499be55dcf997abb9963b3ef406b39f766054d8e37d35859e6bd5ce686c01eb63a25684afb79cd6796193355bd3ae67eae642701a34d1bc93426ade87434dadfbc8a8b0cae8137d97d2a267973f2213ebeefcfd0203010001a38195
        EAP-Message = 0x308192301d0603551d0e04160414095ab44cec0cb80f
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x43e98998191c1122bfd72ba20764320b
Finished request 1
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.0.50:1026, id=2, length=217
        Message-Authenticator = 0xe8a5d1b7a5f9a89d7e42afc6244ffff5
        Service-Type = Framed-User
        User-Name = \"saravanakumar07\"
        Framed-MTU = 1488
        State = 0x43e98998191c1122bfd72ba20764320b
        Called-Station-Id = \"00-0F-3D-AF-DD-C2:default\"
        Calling-Station-Id = \"00-0E-35-F3-A1-67\"
        NAS-Identifier = \"D-Link Access Point\"
        NAS-Port-Type = Wireless-802.11
        Connect-Info = \"CONNECT 54Mbps 802.11g\"
        EAP-Message = 0x020200060d00
        NAS-IP-Address = 192.168.0.50
        NAS-Port = 1
        NAS-Port-Id = \"STA port # 1\"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
  modcall[authorize]: module \"preprocess\" returns ok for request 2
    rlm_realm: No \'@\' in User-Name = \"saravanakumar07\", looking up realm NULL
    rlm_realm: No such realm \"NULL\"
  modcall[authorize]: module \"suffix\" returns noop for request 2
  rlm_eap: EAP packet type response id 2 length 6
  rlm_eap: No EAP Start, assuming it\'s an on-going EAP conversation
  modcall[authorize]: module \"eap\" returns updated for request 2
  modcall[authorize]: module \"files\" returns notfound for request 2
modcall: leaving group authorize (returns updated) for request 2
  rad_check_password:  Found Auth-Type EAP
auth: type \"EAP\"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 2
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/tls
  rlm_eap: processing type tls
  rlm_eap_tls: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
  rlm_eap_tls: ack handshake fragment handler
  eaptls_verify returned 1
  eaptls_process returned 13
  modcall[authenticate]: module \"eap\" returns handled for request 2
modcall: leaving group authenticate (returns handled) for request 2
Sending Access-Challenge of id 2 to 192.168.0.50 port 1026
        EAP-Message = 0x0103016d0d80000005638c150861ea8bc609ed3cfbc030630603551d23045c305a8014095ab44cec0cb80f8c150861ea8bc609ed3cfbc0a13fa43d303b310b300906035504061302494e310b300906035504081302544e310d300b060355040a1304536966793110300e0603550403130730377877696669820100300c0603551d13040530030101ff300d06092a864886f70d01010405000381810019a69104ce7b395ddbb7a05ae632f71c590ba34e71b9a57cbe952eabed153fdacb07eb1c8d6db397f1f47a687103025a91b0431e73beac6e788de0af02e7d49e35808652dc4b2db60ccbcef9245239c47c785fb5c78c79ed7dd22d60ab6c19727e
        EAP-Message = 0xaa68ec38e3fc5b6e7716741e1f56eba981970face974b560ba07450ecdf817160301004c0d000044020102003f003d303b310b300906035504061302494e310b300906035504081302544e310d300b060355040a1304536966793110300e06035504031307303778776966690e000000
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x8670b977c646e91adfd91786496c45ef
Finished request 2
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.0.50:1026, id=3, length=1117
        Message-Authenticator = 0xa370f2b08e6e383872205a370026c41c
        Service-Type = Framed-User
        User-Name = \"saravanakumar07\"
        Framed-MTU = 1488
        State = 0x8670b977c646e91adfd91786496c45ef
        Called-Station-Id = \"00-0F-3D-AF-DD-C2:default\"
        Calling-Station-Id = \"00-0E-35-F3-A1-67\"
        NAS-Identifier = \"D-Link Access Point\"
        NAS-Port-Type = Wireless-802.11
        Connect-Info = \"CONNECT 54Mbps 802.11g\"
        EAP-Message = 0x020303840d800000037a160301034a0b00023a0002370002343082023030820199a0030201020202011f300d06092a864886f70d0101040500303b310b300906035504061302494e310b300906035504081302544e310d300b060355040a1304536966793110300e0603550403130730377877696669301e170d3037303131393033343135305a170d3038303131393033343135305a3067310b300906035504061302494e310b300906035504081302544e310d300b060355040a130453696679311830160603550403130f7361726176616e616b756d617230373122302006092a864886f70d01090116136a65796b756d61725f7340736966792e63
        EAP-Message = 0x6f6d30819f300d06092a864886f70d010101050003818d0030818902818100b6413143a14d8666369a759ccad7ab221e73ec0cc73ad7346a6060b34e8571d1838d97cc4aa7a2f99a4be83b9bb5af5daeb3307909d5a44c9338a43b19b6c1f3ec6232eae8508103741d5eeb9b4e7f99b3c2b4b283fcef13cc1b34a087e240e2ab94fee8fce66687dd95690b23d20e84551cd24f385afb5cdb086f851f9900070203010001a317301530130603551d25040c300a06082b06010505070302300d06092a864886f70d010104050003818100ca0e708d266de50c32dc92d523eed3b11d4e678e2d7bdfeffca92e91b3be256b1533f53180c670c7e224671bbc
        EAP-Message = 0x1b1245c125bd2f3c252da361542f7d43e5b18db9d6904d92d1300a9e333d7ac7d8a8ec00aa3bed5d0c9f07028b62f004e6bcfbdee18f80740820065ea68c48cca932d6e3388b9837c944c42ddc92eed2eb66851000008200800e8d0f8c2bbe84a6c2a1dec24b1301126c5014bc64bb60aa57053af71ce790709036034dfd85c2cde680388e410bf11cf623f0469c605f058313088a50be37ef633cf901ce8613c4968ef8d1f369bb38903fbda7c4a197b8357706c2abb0358c558e3f8d1306d11043d7762749e5133b7d7eb2cd2a226888a14bbc626cd3dcd80f0000820080448775660120cb094f6cf29dce77ccc080f202df2e3e5a5e0dcc6f8308e6
        EAP-Message = 0xc08f0e79440eec49c7b7fcb820bcecc8a3d02b8bffe75f901b9a1627479ae616e86d8a49ad93fb313b939cb73f5219b9230786cb348bed214a33e0499b638c3a3fffaa5b668d8d5324a0955f33bdf76524eff59a087c6fc15afd44bd75aa417546ee14030100010116030100205855ce98017c7c5ca87c91534c2fd241039ccad9a19ff4465cd7c040e9d540b7
        NAS-IP-Address = 192.168.0.50
        NAS-Port = 1
        NAS-Port-Id = \"STA port # 1\"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 3
  modcall[authorize]: module \"preprocess\" returns ok for request 3
    rlm_realm: No \'@\' in User-Name = \"saravanakumar07\", looking up realm NULL
    rlm_realm: No such realm \"NULL\"
  modcall[authorize]: module \"suffix\" returns noop for request 3
  rlm_eap: EAP packet type response id 3 length 253
  rlm_eap: No EAP Start, assuming it\'s an on-going EAP conversation
  modcall[authorize]: module \"eap\" returns updated for request 3
  modcall[authorize]: module \"files\" returns notfound for request 3
modcall: leaving group authorize (returns updated) for request 3
  rad_check_password:  Found Auth-Type EAP
auth: type \"EAP\"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 3
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/tls
  rlm_eap: processing type tls
  rlm_eap_tls: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls:  Length Included
  eaptls_verify returned 11
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 023e], Certificate
chain-depth=1,
error=0
--> User-Name = saravanakumar07
--> BUF-Name = 07xwifi
--> subject = /C=IN/ST=TN/O=Sify/CN=07xwifi
--> issuer  = /C=IN/ST=TN/O=Sify/CN=07xwifi
--> verify return:1
chain-depth=0,
error=0
--> User-Name = saravanakumar07
--> BUF-Name = saravanakumar07
--> subject = /C=IN/ST=TN/O=Sify/CN=saravanakumar07/emailAddress=jeykumar_s at sify.com
--> issuer  = /C=IN/ST=TN/O=Sify/CN=07xwifi
--> verify return:1
    TLS_accept: SSLv3 read client certificate A
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
    TLS_accept: SSLv3 read client key exchange A
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], CertificateVerify
    TLS_accept: SSLv3 read certificate verify A
  rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001]
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished
    TLS_accept: SSLv3 read finished A
  rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001]
    TLS_accept: SSLv3 write change cipher spec A
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished
    TLS_accept: SSLv3 write finished A
    TLS_accept: SSLv3 flush data
    (other): SSL negotiation finished successfully
SSL Connection Established
  eaptls_process returned 13
  modcall[authenticate]: module \"eap\" returns handled for request 3
modcall: leaving group authenticate (returns handled) for request 3
Sending Access-Challenge of id 3 to 192.168.0.50 port 1026
        EAP-Message = 0x010400350d800000002b14030100010116030100204162186f236f12a6774a934742937f8d6653973dbce3f01ee4c223e78617f9d4
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x5edb6911600c27ccf2a62bd801e114ab
Finished request 3
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.0.50:1026, id=4, length=217
        Message-Authenticator = 0x885b78f58d62d0eec96b2535b1e9bfb1
        Service-Type = Framed-User
        User-Name = \"saravanakumar07\"
        Framed-MTU = 1488
        State = 0x5edb6911600c27ccf2a62bd801e114ab
        Called-Station-Id = \"00-0F-3D-AF-DD-C2:default\"
        Calling-Station-Id = \"00-0E-35-F3-A1-67\"
        NAS-Identifier = \"D-Link Access Point\"
        NAS-Port-Type = Wireless-802.11
        Connect-Info = \"CONNECT 54Mbps 802.11g\"
        EAP-Message = 0x020400060d00
        NAS-IP-Address = 192.168.0.50
        NAS-Port = 1
        NAS-Port-Id = \"STA port # 1\"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 4
  modcall[authorize]: module \"preprocess\" returns ok for request 4
    rlm_realm: No \'@\' in User-Name = \"saravanakumar07\", looking up realm NULL
    rlm_realm: No such realm \"NULL\"
  modcall[authorize]: module \"suffix\" returns noop for request 4
  rlm_eap: EAP packet type response id 4 length 6
  rlm_eap: No EAP Start, assuming it\'s an on-going EAP conversation
  modcall[authorize]: module \"eap\" returns updated for request 4
  modcall[authorize]: module \"files\" returns notfound for request 4
modcall: leaving group authorize (returns updated) for request 4
  rad_check_password:  Found Auth-Type EAP
auth: type \"EAP\"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 4
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/tls
  rlm_eap: processing type tls
  rlm_eap_tls: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
  rlm_eap_tls: ack handshake is finished
  eaptls_verify returned 3
  eaptls_process returned 3
  rlm_eap: Freeing handler
  modcall[authenticate]: module \"eap\" returns ok for request 4
modcall: leaving group authenticate (returns ok) for request 4
Login OK: [saravanakumar07] (from client private-network-1 port 1 cli 00-0E-35-F3-A1-67)
Sending Access-Accept of id 4 to 192.168.0.50 port 1026
        MS-MPPE-Recv-Key = 0xb6e9159f33592da50de909d1f12d8cdfa9b866be2d2b12f90f7edefa4c7af054
        MS-MPPE-Send-Key = 0xca94e3cdf69257d148b01ccb582dbb3e45b06dbc4450b07850fb47288111daf0
        EAP-Message = 0x03040004
        Message-Authenticator = 0x00000000000000000000000000000000
        User-Name = \"saravanakumar07\"
Finished request 4
Going to the next request
--- Walking the entire request list ---
Waking up in 5 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 0 with timestamp 465ac5ef
Cleaning up request 1 ID 1 with timestamp 465ac5ef
Cleaning up request 2 ID 2 with timestamp 465ac5ef
Cleaning up request 3 ID 3 with timestamp 465ac5ef
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 4 ID 4 with timestamp 465ac5f0
Nothing to do.  Sleeping until we see a request.
 
[root at localhost sbin]#



> Message: 5
> Date: Mon, 28 May 2007 12:08:21 +0100
> From: <tnt at kalik.co.yu>
> Subject: Re: log file for free radius 1.1.6 eap-tls authentication
> To: \"FreeRadius users mailing list\"
> 	<freeradius-users at lists.freeradius.org>
> Message-ID: <Bslo14cn.1180350501.8176480.tnt at kalik.co.yu>
> Content-Type: text/plain; charset=ISO-8859-2
> 
> Post the radiusd -X output of user not in users file being accepted.
> 
> Ivan Kalik
> Kalik Informatika ISP
> 
> 
> Dana 28/5/2007, \"anoop_c at sifycorp.com\" <anoop_c at sifycorp.com> pi?e:
> 
> >Hi all
> > I have two quieres
> >1
> >      I have changed the log_auth= yes
> >Still i am not able to get logs.Pls find my configs
> >  prefix = /usr/local
> >exec_prefix = ${prefix}
> >sysconfdir = /etc
> >localstatedir = ${prefix}/var
> >sbindir = ${exec_prefix}/sbin
> >logdir = /usr/local/var/log/radius
> >raddbdir = ${sysconfdir}/raddb
> >radacctdir = ${logdir}/radacct
> >
> >#  Location of config and logfiles.
> >confdir = ${raddbdir}
> >run_dir = ${localstatedir}/run/radiusd
> >
> >#
> >#  The logging messages for the server are appended to the
> >#  tail of this file.
> >#
> >log_file = /usr/local/var/log/radius/radius.log
> >
> >
> >
> >
> >log_stripped_names = no
> >
> >#  Log authentication requests to the log file.
> >#
> >#  allowed values: {no, yes}
> >#
> >log_auth = yes
> >
> >#  Log passwords with the authentication requests.
> >#  log_auth_badpass  - logs password if it\'s rejected
> >#  log_auth_goodpass - logs password if it\'s correct
> >
> >
> >2 While i am using Navis radius, ther will be one user file where you
> have to add all usernames.In free radius without adding the username
> also the authentication is working.I would like to have users file so
> that only the users specified in that will authenticate. Wat config
> change i should make for the same




More information about the Freeradius-Users mailing list