log file for free radius 1.1.6 eap-tls authentication
Anoop
anoop_c at sifycorp.com
Wed May 30 14:27:21 CEST 2007
1. RE: Gigaword support (eugene at snowball.co.za)
2. Re : Multiple server certificates in EAP-TLS or EAP-TTLS
(Eshun Benjamin)
3. Re: log file for free radius 1.1.6 eap-tls authentication
(anoop_c at sifycorp.com)
4. problem in autehtication with EAP-MD5 (shantanu choudhary)
Hi
2
I am getting the following message
in log first it satatrts (radiud -X)
[root at localhost radius]# cat radius.log
Wed May 30 11:24:14 2007 : Info: Using deprecated naslist file. Support for
this will go away soon.
Wed May 30 11:24:14 2007 : Info: rlm_exec: Wait=yes but no output defined.
Did you mean output=none?
Wed May 30 11:24:14 2007 : Info: rlm_eap_tls: Loading the certificate file
as a chain
Wed May 30 11:24:14 2007 : Info: Ready to process requests.
But if again start the server no logs and nothing other than this is coming
in the log.
regarding users file in navisradius i uesd to do that in EAP_TLS thats why
i asked.
Regards
Anoop
--
>
> Message: 5
> Date: Tue, 29 May 2007 09:42:52 +0100
> From: <tnt at kalik.co.yu>
> Subject: Re: log file for free radius 1.1.6 eap-tls authentication
> To: \"FreeRadius users mailing list\"
> <freeradius-users at lists.freeradius.org>
> Message-ID: <g9b0RimS.1180428172.8965940.tnt at kalik.co.yu>
> Content-Type: text/plain; charset=ISO-8859-2
>
> 1. That\'s not how certificates work. You add those that you want to
> PREVENT from connecting (for whatever reason) to Certificate Revocation
> List (CRL). You suposedly do have control over who are certificates
> issued to. If you have no control over CA then you shouldn\'t be using
> them.
>
> 2. Is anything (reading config files etc.) written to the log when you
> restart the server?
>
> Ivan Kalik
> Kalik Informatika ISP
>
>
> Dana 29/5/2007, \"anoop_c at sifycorp.com\" <anoop_c at sifycorp.com> pi?e:
>
> >Hi
> > 1 I know its eap-tls and certificate based.
> >Earlier i was using Navis radius .In that for eap-tls we have to add
> certificate name to a specific user file.
> > Like that here also user file is there can i make use of the user
> file so that only that user get authenticated,
> >
> > 2 Logs are not happening.In config changes required to get the same?
> >Regards
> >Anoop
> >
> >>
> >>
> >> Message: 2
> >> Date: Mon, 28 May 2007 15:07:06 +0100
> >> From: <tnt at kalik.co.yu>
> >> Subject: Re: log file for free radius 1.1.6 eap-tls authentication
> >> To: \"FreeRadius users mailing list\"
> >> <freeradius-users at lists.freeradius.org>
> >> Message-ID: <a8emGRAP.1180361226.4861000.tnt at kalik.co.yu>
> >> Content-Type: text/plain; charset=ISO-8859-2
> >>
> >> This is EAP-TLS. This user has a valid user certificate and is
> >> accepted.
> >> If you don\'t want to go via certificates but use user/password, use
> >> EAP-TTLS with MS-CHAPv2 (or PAP or any other auth protocol).
> >>
> >> Ivan Kalik
> >> Kalik Informatika ISP
------------------------------
Message: 4
Date: Wed, 30 May 2007 09:23:21 +0100 (BST)
From: shantanu choudhary <shantanu_843 at yahoo.co.in>
Subject: problem in autehtication with EAP-MD5
To: freeradius-users at lists.freeradius.org
Message-ID: <327609.49387.qm at web7602.mail.in.yahoo.com>
Content-Type: text/plain; charset="iso-8859-1"
hi all,
i am trying to get autheticated by radius server using EAP-MD5 but i always
get FAILURE and i m not able to figure out the problem, can anyone help me
out!!!!!
my client side shows out put like this:-
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=17): 01 00 00 0d 02 00 00 0d 01 74 65 73 74 75 73 65
72
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:03:7f:09:60:a0
RX EAPOL - hexdump(len=26): 01 00 00 16 01 01 00 16 04 10 e5 b2 63 cb 4e 4f
e7 d1 b1 4f 30 95 6c 21 cd a9
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=1 method=4 vendor=0 vendorMethod=0
EAP: EAP entering state GET_METHOD
EAP: Initialize selected EAP method: vendor 0 method 4 (MD5)
CTRL-EVENT-EAP-METHOD EAP vendor 0 method 4 (MD5) selected
CTRL_IFACE monitor send - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f 63 74
72 6c 5f 31 36 32 37 35 2d 31 00
EAP: EAP entering state METHOD
EAP-MD5: Challenge - hexdump(len=16): e5 b2 63 cb 4e 4f e7 d1 b1 4f 30 95 6c
21 cd a9
EAP-MD5: Generating Challenge Response
EAP-MD5: Response - hexdump(len=16): 4a f8 0b fc 31 7e 27 47 ac 95 4c 77 56
30 bf c6
EAP: method process -> ignore=FALSE methodState=DONE decision=UNCOND_SUCC
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=26): 01 00 00 16 02 01 00 16 04 10 4a f8 0b fc 31 7e
27 47 ac 95 4c 77 56 30 bf c6
EAPOL: SUPP_BE entering state RECEIVE
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=6):
53 54 41 54 55 53 STATUS
ioctl[SIOCGIFADDR]: Cannot assign requested address
RX ctrl_iface - hexdump_ascii(len=13):
4c 49 53 54 5f 4e 45 54 57 4f 52 4b 53 LIST_NETWORKS
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX EAPOL from 00:03:7f:09:60:a0
RX EAPOL - hexdump(len=8): 01 00 00 04 04 01 00 04
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Failure
EAP: EAP entering state DISCARD
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RECEIVE
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
EAPOL: startWhen --> 0
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=6):
53 54 41 54 55 53 STATUS
ioctl[SIOCGIFADDR]: Cannot assign requested address
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=6):
53 54 41 54 55 53 STATUS
ioctl[SIOCGIFADDR]: Cannot assign requested address
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=6):
53 54 41 54 55 53 STATUS
ioctl[SIOCGIFADDR]: Cannot assign requested address
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
EAPOL: authWhile --> 0
EAPOL: SUPP_BE entering state TIMEOUT
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_BE entering state IDLE
RX EAPOL from 00:03:7f:09:60:a0
RX EAPOL - hexdump(len=9): 01 00 00 05 01 02 00 05 01
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_PAE entering state RESTART
EAP: EAP entering state INITIALIZE
EAP: deinitialize previously used EAP method (4, MD5) at INITIALIZE
EAP: EAP entering state IDLE
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=2 method=1 vendor=0 vendorMethod=0
EAP: EAP entering state IDENTITY
CTRL-EVENT-EAP-STARTED EAP authentication started
CTRL_IFACE monitor send - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f 63 74
72 6c 5f 31 36 32 37 35 2d 31 00
EAP: EAP-Request Identity data - hexdump_ascii(len=0):
EAP: using real identity - hexdump_ascii(len=8):
74 65 73 74 75 73 65 72 testuser
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=17): 01 00 00 0d 02 02 00 0d 01 74 65 73 74 75 73 65
72
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:03:7f:09:60:a0
RX EAPOL - hexdump(len=26): 01 00 00 16 01 03 00 16 04 10 62 2a 69 09 f7 63
b3 30 cf 0b bd 05 83 73 4f 4f
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=3 method=4 vendor=0 vendorMethod=0
EAP: EAP entering state GET_METHOD
EAP: Initialize selected EAP method: vendor 0 method 4 (MD5)
CTRL-EVENT-EAP-METHOD EAP vendor 0 method 4 (MD5) selected
CTRL_IFACE monitor send - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f 63 74
72 6c 5f 31 36 32 37 35 2d 31 00
EAP: EAP entering state METHOD
EAP-MD5: Challenge - hexdump(len=16): 62 2a 69 09 f7 63 b3 30 cf 0b bd 05 83
73 4f 4f
EAP-MD5: Generating Challenge Response
EAP-MD5: Response - hexdump(len=16): bd c1 d1 e3 be 9e 4c 46 7d d1 c0 a3 72
11 b0 ff
EAP: method process -> ignore=FALSE methodState=DONE decision=UNCOND_SUCC
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=26): 01 00 00 16 02 03 00 16 04 10 bd c1 d1 e3 be 9e
4c 46 7d d1 c0 a3 72 11 b0 ff
EAPOL: SUPP_BE entering state RECEIVE
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=6):
53 54 41 54 55 53 STATUS
ioctl[SIOCGIFADDR]: Cannot assign requested address
RX ctrl_iface - hexdump_ascii(len=13):
4c 49 53 54 5f 4e 45 54 57 4f 52 4b 53 LIST_NETWORKS
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
EAPOL: startWhen --> 0
RX EAPOL from 00:03:7f:09:60:a0
RX EAPOL - hexdump(len=8): 01 00 00 04 04 03 00 04
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Failure
EAP: EAP entering state DISCARD
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RECEIVE
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=6):
53 54 41 54 55 53 STATUS
ioctl[SIOCGIFADDR]: Cannot assign requested address
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=6):
53 54 41 54 55 53 STATUS
ioctl[SIOCGIFADDR]: Cannot assign requested address
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
CTRL_IFACE monitor detached - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f 63
74 72 6c 5f 31 36 32 37 35 2d 31 00
EAPOL: authWhile --> 0
EAPOL: SUPP_BE entering state TIMEOUT
>> i dont know what is this cannot assign requested address,(i am not
requesting for any address!!!)
my supplicant file is like this:-
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel
eapol_version=1
ap_scan=1
fast_reauth=1
network={
ssid="ATH182"
scan_ssid=1
key_mgmt=WPA-EAP
eap=MD5
identity="testuser"
password="whatever"
}
>>and correspondingly server side shows message like this:-
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/local/etc/raddb/proxy.conf
Config: including file: /usr/local/etc/raddb/clients.conf
Config: including file: /usr/local/etc/raddb/snmp.conf
Config: including file: /usr/local/etc/raddb/eap.conf
Config: including file: /usr/local/etc/raddb/sql.conf
main: prefix = "/usr/local"
main: localstatedir = "/usr/local/var"
main: logdir = "/usr/local/var/log/radius"
main: libdir = "/usr/local/lib"
main: radacctdir = "/usr/local/var/log/radius/radacct"
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = "/usr/local/var/log/radius/radius.log"
main: log_auth = no
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
main: user = "(null)"
main: group = "(null)"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: checkrad = "/usr/local/sbin/checkrad"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = no
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will go away soon.
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded exec
exec: wait = yes
exec: program = "(null)"
exec: input_pairs = "request"
exec: output_pairs = "(null)"
exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = "crypt"
pap: auto_header = yes
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: with_ntdomain_hack = no
mschap: passwd = "(null)"
mschap: ntlm_auth = "(null)"
Module: Instantiated mschap (mschap)
Module: Loaded System
unix: cache = no
unix: passwd = "(null)"
unix: shadow = "(null)"
unix: group = "(null)"
unix: radwtmp = "/usr/local/var/log/radius/radwtmp"
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
eap: default_eap_type = "md5"
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
gtc: challenge = "Password: "
gtc: auth_type = "PAP"
rlm_eap: Loaded and initialized type gtc
tls: rsa_key_exchange = no
tls: dh_key_exchange = yes
tls: rsa_key_length = 512
tls: dh_key_length = 512
tls: verify_depth = 0
tls: CA_path = "(null)"
tls: pem_file_type = yes
tls: private_key_file = "/usr/local/etc/raddb/certs/cert-srv.pem"
tls: certificate_file = "/usr/local/etc/raddb/certs/cert-srv.pem"
tls: CA_file = "/usr/local/etc/raddb/certs/root.pem"
tls: private_key_password = "whatever"
tls: dh_file = "/usr/local/etc/raddb/certs/dh"
tls: random_file = "/usr/local/etc/raddb/certs/random"
tls: fragment_size = 1024
tls: include_length = yes
tls: check_crl = no
tls: check_cert_cn = "(null)"
tls: cipher_list = "(null)"
tls: check_cert_issuer = "(null)"
rlm_eap_tls: Loading the certificate file as a chain
rlm_eap: Loaded and initialized type tls
mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
preprocess: huntgroups = "/usr/local/etc/raddb/huntgroups"
preprocess: hints = "/usr/local/etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
preprocess: with_alvarion_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
realm: ignore_default = no
realm: ignore_null = no
Module: Instantiated realm (suffix)
Module: Loaded files
files: usersfile = "/usr/local/etc/raddb/users"
files: acctusersfile = "/usr/local/etc/raddb/acct_users"
files: preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"
files: compat = "no"
Module: Instantiated files (files)
Module: Loaded Acct-Unique-Session-Id
acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address,
Client-IP-Address, NAS-Port"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded detail
detail: detailfile =
"/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename = "/usr/local/var/log/radius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: case_sensitive = yes
radutmp: check_with_nas = yes
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.2.183:1079, id=0,
length=177
Message-Authenticator = 0x48563b978d926b5c042592ec5eae4537
Service-Type = Framed-User
User-Name = "testuser"
Framed-MTU = 1488
Called-Station-Id = "00-03-7F-09-60-7E:ATH183"
Calling-Station-Id = "00-03-7F-05-C0-9C"
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 54Mbps 802.11g"
EAP-Message = 0x0200000d017465737475736572
NAS-IP-Address = 192.168.2.183
NAS-Port = 2
NAS-Port-Id = "STA port # 2"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
rlm_realm: No '@' in User-Name = "testuser", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: EAP packet type response id 0 length 13
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 0
users: Matched entry DEFAULT at line 153
users: Matched entry DEFAULT at line 172
users: Matched entry testuser at line 216
modcall[authorize]: module "files" returns ok for request 0
rlm_pap: Found existing Auth-Type, not changing it.
modcall[authorize]: module "pap" returns noop for request 0
modcall: leaving group authorize (returns updated) for request 0
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
rlm_eap: EAP Identity
rlm_eap: processing type md5
rlm_eap_md5: Issuing Challenge
modcall[authenticate]: module "eap" returns handled for request 0
modcall: leaving group authenticate (returns handled) for request 0
Sending Access-Challenge of id 0 to 192.168.2.183 port 1079
Framed-IP-Address = 255.255.255.254
Framed-MTU = 576
Service-Type = Framed-User
EAP-Message = 0x010100160410457803a5fc7f8de5ad1e9065c4fec0b0
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x0eb6726b77f05929d54be6c45de1f52f
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 0 with timestamp 465abecc
Nothing to do. Sleeping until we see a request.
rad_recv: Access-Request packet from host 192.168.2.183:1079, id=1,
length=204
Message-Authenticator = 0xfbcd80decacba158727083a6ca513fac
Service-Type = Framed-User
User-Name = "testuser"
Framed-MTU = 1488
State = 0x0eb6726b77f05929d54be6c45de1f52f
Called-Station-Id = "00-03-7F-09-60-7E:ATH183"
Calling-Station-Id = "00-03-7F-05-C0-9C"
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 54Mbps 802.11g"
EAP-Message = 0x020100160410b6cac9199b585c8705d9230d18b93094
NAS-IP-Address = 192.168.2.183
NAS-Port = 2
NAS-Port-Id = "STA port # 2"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
modcall[authorize]: module "preprocess" returns ok for request 1
modcall[authorize]: module "chap" returns noop for request 1
modcall[authorize]: module "mschap" returns noop for request 1
rlm_realm: No '@' in User-Name = "testuser", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 1
rlm_eap: EAP packet type response id 1 length 22
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 1
users: Matched entry DEFAULT at line 153
users: Matched entry DEFAULT at line 172
users: Matched entry testuser at line 216
modcall[authorize]: module "files" returns ok for request 1
rlm_pap: Found existing Auth-Type, not changing it.
modcall[authorize]: module "pap" returns noop for request 1
modcall: leaving group authorize (returns updated) for request 1
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 1
rlm_eap: Request found, released from the list
rlm_eap: EAP/md5
rlm_eap: processing type md5
rlm_eap: Freeing handler
modcall[authenticate]: module "eap" returns ok for request 1
modcall: leaving group authenticate (returns ok) for request 1
Sending Access-Accept of id 1 to 192.168.2.183 port 1079
Framed-IP-Address = 255.255.255.254
Framed-MTU = 576
Service-Type = Framed-User
EAP-Message = 0x03010004
Message-Authenticator = 0x00000000000000000000000000000000
User-Name = "testuser"
Finished request 1
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 1 ID 1 with timestamp 465abee0
Nothing to do. Sleeping until we see a request.
>>
can any one help me out it is really important and urgent.
if u need i will also tell u my radius.conf, eap.conf and users file!!
thank you
regards
shantanu
---------------------------------
Download prohibited? No problem! CHAT from any browser, without download.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
https://lists.freeradius.org/pipermail/freeradius-users/attachments/20070530
/32517eff/attachment.html
------------------------------
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
End of Freeradius-Users Digest, Vol 25, Issue 141
*************************************************
********** DISCLAIMER **********
Information contained and transmitted by this E-MAIL is proprietary to
Sify Limited and is intended for use only by the individual or entity to
which it is addressed, and may contain information that is privileged,
confidential or exempt from disclosure under applicable law. If this is a
forwarded message, the content of this E-MAIL may not have been sent with
the authority of the Company. If you are not the intended recipient, an
agent of the intended recipient or a person responsible for delivering the
information to the named recipient, you are notified that any use,
distribution, transmission, printing, copying or dissemination of this
information in any way or in any manner is strictly prohibited. If you have
received this communication in error, please delete this mail & notify us
immediately at admin at sifycorp.com
More information about the Freeradius-Users
mailing list