AW: Still no authentication

Bernd s4ndm4n at gmx.de
Sun Nov 11 17:11:33 CET 2007


Client = Windows, yes

Server = openSuSe Linux 10.2

When I install Odyssey Client I can authenticate and connect to my WLAN.
Without it, it does not work.

Whole Debug:

radius:/home/radius # radiusd -X
Starting - reading configuration files ...
reread_config:  reading radiusd.conf
Config:   including file: /etc/raddb/proxy.conf
Config:   including file: /etc/raddb/clients.conf
Config:   including file: /etc/raddb/snmp.conf
Config:   including file: /etc/raddb/eap.conf
Config:   including file: /etc/raddb/sql.conf
 main: prefix = "/usr"
 main: localstatedir = "/var"
 main: logdir = "/var/log/radius"
 main: libdir = "/usr/lib/freeradius"
 main: radacctdir = "/var/log/radius/radacct"
 main: hostname_lookups = no
 main: snmp = no
 main: max_request_time = 30
 main: cleanup_delay = 5
 main: max_requests = 1024
 main: delete_blocked_requests = 0
 main: port = 0
 main: allow_core_dumps = no
 main: log_stripped_names = no
 main: log_file = "/var/log/radius/radius.log"
 main: log_auth = no
 main: log_auth_badpass = no
 main: log_auth_goodpass = no
 main: pidfile = "/var/run/radiusd/radiusd.pid"
 main: user = "radius"
 main: group = "radiusd"
 main: usercollide = no
 main: lower_user = "no"
 main: lower_pass = "no"
 main: nospace_user = "no"
 main: nospace_pass = "no"
 main: checkrad = "/usr/sbin/checkrad"
 main: proxy_requests = yes
 proxy: retry_delay = 5
 proxy: retry_count = 3
 proxy: synchronous = no
 proxy: default_fallback = yes
 proxy: dead_time = 120
 proxy: post_proxy_authorize = no
 proxy: wake_all_if_all_dead = no
 security: max_attributes = 200
 security: reject_delay = 1
 security: status_server = no
 main: debug_level = 0
read_config_files:  reading dictionary
read_config_files:  reading naslist
read_config_files:  reading clients
read_config_files:  reading realms
radiusd:  entering modules setup
Module: Library search path is /usr/lib/freeradius
Module: Loaded exec
 exec: wait = yes
 exec: program = "(null)"
 exec: input_pairs = "request"
 exec: output_pairs = "(null)"
 exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
 pap: encryption_scheme = "crypt"
 pap: auto_header = yes
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
 mschap: use_mppe = yes
 mschap: require_encryption = no
 mschap: require_strong = no
 mschap: with_ntdomain_hack = yes
 mschap: passwd = "(null)"
 mschap: ntlm_auth = "(null)"
Module: Instantiated mschap (mschap)
Module: Loaded eap
 eap: default_eap_type = "peap"
 eap: timer_expire = 60
 eap: ignore_unknown_eap_types = no
 eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
 gtc: challenge = "Password: "
 gtc: auth_type = "PAP"
rlm_eap: Loaded and initialized type gtc
 tls: rsa_key_exchange = no
 tls: dh_key_exchange = yes
 tls: rsa_key_length = 512
 tls: dh_key_length = 512
 tls: verify_depth = 0
 tls: CA_path = "(null)"
 tls: pem_file_type = yes
 tls: private_key_file = "/etc/raddb/certs/server.pem"
 tls: certificate_file = "/etc/raddb/certs/server.pem"
 tls: CA_file = "/etc/raddb/certs/ca.pem"
 tls: private_key_password = "whatever"
 tls: dh_file = "/etc/raddb/certs/dh"
 tls: random_file = "/etc/raddb/certs/random"
 tls: fragment_size = 1024
 tls: include_length = yes
 tls: check_crl = no
 tls: check_cert_cn = "(null)"
 tls: cipher_list = "(null)"
 tls: check_cert_issuer = "(null)"
rlm_eap_tls: Loading the certificate file as a chain
rlm_eap: Loaded and initialized type tls
 peap: default_eap_type = "mschapv2"
 peap: copy_request_to_tunnel = no
 peap: use_tunneled_reply = no
 peap: proxy_tunneled_request_as_eap = yes
rlm_eap: Loaded and initialized type peap
 mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
 preprocess: huntgroups = "/etc/raddb/huntgroups"
 preprocess: hints = "/etc/raddb/hints"
 preprocess: with_ascend_hack = no
 preprocess: ascend_channels_per_line = 23
 preprocess: with_ntdomain_hack = no
 preprocess: with_specialix_jetstream_hack = no
 preprocess: with_cisco_vsa_hack = no
 preprocess: with_alvarion_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
 realm: format = "suffix"
 realm: delimiter = "@"
 realm: ignore_default = no
 realm: ignore_null = no
Module: Instantiated realm (suffix)
Module: Loaded SQL
 sql: driver = "rlm_sql_mysql"
 sql: server = "localhost"
 sql: port = ""
 sql: login = "root"
 sql: password = "1234"
 sql: radius_db = "radius"
 sql: nas_table = "nas"
 sql: sqltrace = yes
 sql: sqltracefile = "/var/log/radius/sqltrace.sql"
 sql: readclients = no
 sql: deletestalesessions = yes
 sql: num_sql_socks = 5
 sql: sql_user_name = "%{User-Name}"
 sql: default_user_profile = ""
 sql: query_on_not_found = no
 sql: authorize_check_query = "SELECT id, UserName, Attribute, Value, op
   FROM radcheck           WHERE Username = '%{SQL-User-Name}'
ORDER B
Y id"
 sql: authorize_reply_query = "SELECT id, UserName, Attribute, Value, op
   FROM radreply           WHERE Username = '%{SQL-User-Name}'
ORDER B
Y id"
 sql: authorize_group_check_query = "SELECT
radgroupcheck.id,radgroupcheck.Group
Name,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op  FROM
radgroup
check,usergroup WHERE usergroup.Username = '%{SQL-User-Name}' AND
usergroup.Grou
pName = radgroupcheck.GroupName ORDER BY radgroupcheck.id"
 sql: authorize_group_reply_query = "SELECT
radgroupreply.id,radgroupreply.Group
Name,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op  FROM
radgroup
reply,usergroup WHERE usergroup.Username = '%{SQL-User-Name}' AND
usergroup.Grou
pName = radgroupreply.GroupName ORDER BY radgroupreply.id"
 sql: accounting_onoff_query = "UPDATE radacct SET AcctStopTime='%S',
AcctSessio
nTime=unix_timestamp('%S') - unix_timestamp(AcctStartTime),
AcctTerminateCause='
%{Acct-Terminate-Cause}', AcctStopDelay = '%{Acct-Delay-Time}' WHERE
AcctSession
Time=0 AND AcctStopTime=0 AND NASIPAddress= '%{NAS-IP-Address}' AND
AcctStartTim
e <= '%S'"
 sql: accounting_update_query = "UPDATE radacct           SET
FramedIPAddress =
'%{Framed-IP-Address}',           AcctSessionTime = '%{Acct-Session-Time}',
      AcctInputOctets = '%{Acct-Input-Octets}',           AcctOutputOctets =
'%{
Acct-Output-Octets}', ?  AcctStopTime =
FROM_UNIXTIME(UNIX_TIMESTAMP(`AcctStartT
ime`) + `AcctSessionTime` )           WHERE UserName = '%{SQL-User-Name}'
    AND AcctStopTime= '0000-00-00 00:00:00' "
 sql: accounting_update_query_alt = "INSERT into radacct (AcctSessionId,
AcctUni
queId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime,
Acc
tSessionTime, AcctAuthentic, ConnectInfo_start, AcctInputOctets,
AcctOutputOctet
s, CalledStationId, CallingStationId, ServiceType, FramedProtocol,
FramedIPAddre
ss, AcctStartDelay) values('%{Acct-Session-Id}',
'%{Acct-Unique-Session-Id}', '%
{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',
'%{NAS-Port-Ty
pe}', DATE_SUB('%S',INTERVAL (%{Acct-Session-Time:-0} +
%{Acct-Delay-Time:-0}) S
ECOND), '%{Acct-Session-Time}', '%{Acct-Authentic}', '',
'%{Acct-Input-Octets}',
 '%{Acct-Output-Octets}', '%{Called-Station-Id}', '%{Calling-Station-Id}',
'%{Se
rvice-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '0')"
 sql: accounting_start_query = "INSERT into radacct (AcctSessionId,
AcctUniqueId
, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime,
AcctStop
Time, AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop,
AcctI
nputOctets, AcctOutputOctets, CalledStationId, CallingStationId,
AcctTerminateCa
use, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay,
AcctStopDelay
) values('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',
'%{SQL-User-Name}',
'%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S',
'0', '
0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0',
'%{Called-Station-Id}'
, '%{Calling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}',
'%{Frame
d-IP-Address}', '%{Acct-Delay-Time}', '0')"
 sql: accounting_start_query_alt = "UPDATE radacct SET AcctStartTime = '%S',
Acc
tStartDelay = '%{Acct-Delay-Time}', ConnectInfo_start = '%{Connect-Info}'
WHERE
AcctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}' AND
NASIP
Address = '%{NAS-IP-Address}'"
 sql: accounting_stop_query = "UPDATE radacct           SET FramedIPAddress
= '%
{Framed-IP-Address}',           AcctSessionTime = '%{Acct-Session-Time}',
    AcctInputOctets = '%{Acct-Input-Octets}',           AcctOutputOctets =
'%{Ac
ct-Output-Octets}', ?  AcctStopTime =
FROM_UNIXTIME(UNIX_TIMESTAMP(`AcctStartTim
e`) + `AcctSessionTime` )           WHERE UserName = '%{SQL-User-Name}'
  AND AcctStopTime= '0000-00-00 00:00:00' "
 sql: accounting_stop_query_alt = "INSERT into radacct (AcctSessionId,
AcctUniqu
eId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime,
AcctS
topTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start,
ConnectInfo_stop, Ac
ctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId,
AcctTerminat
eCause, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay,
AcctStopDe
lay) values('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',
'%{SQL-User-Name}
', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}',
DATE_SUB(
'%S', INTERVAL (%{Acct-Session-Time:-0} + %{Acct-Delay-Time:-0}) SECOND),
'%S',
'%{Acct-Session-Time}', '%{Acct-Authentic}', '', '%{Connect-Info}',
'%{Acct-Inpu
t-Octets}', '%{Acct-Output-Octets}', '%{Called-Station-Id}',
'%{Calling-Station-
Id}', '%{Acct-Terminate-Cause}', '%{Service-Type}', '%{Framed-Protocol}',
'%{Fra
med-IP-Address}', '0', '%{Acct-Delay-Time}')"
 sql: group_membership_query = "SELECT GroupName FROM usergroup WHERE
UserName='
%{SQL-User-Name}'"
 sql: connect_failure_retry_delay = 60
 sql: simul_count_query = "SELECT COUNT(*) FROM radacct WHERE
UserName='%{SQL-Us
er-Name}' AND AcctStopTime = 0"
 sql: simul_verify_query = "SELECT RadAcctId, AcctSessionId, UserName,
NASIPAddr
ess, NASPortId, FramedIPAddress, CallingStationId, FramedProtocol FROM
radacct W
HERE UserName='%{SQL-User-Name}' AND AcctStopTime = 0"
 sql: postauth_query = "INSERT into radpostauth (id, user, pass, reply,
date) va
lues ('', '%{User-Name}', '%{User-Password:-Chap-Password}',
'%{reply:Packet-Typ
e}', NOW())"
 sql: safe-characters =
"@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01
23456789.-_: /"
rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
rlm_sql (sql): Attempting to connect to root at localhost:/radius
rlm_sql (sql): starting 0
rlm_sql (sql): Attempting to connect rlm_sql_mysql #0
rlm_sql_mysql: Starting connect to MySQL server for #0
rlm_sql (sql): Connected new DB handle, #0
rlm_sql (sql): starting 1
rlm_sql (sql): Attempting to connect rlm_sql_mysql #1
rlm_sql_mysql: Starting connect to MySQL server for #1
rlm_sql (sql): Connected new DB handle, #1
rlm_sql (sql): starting 2
rlm_sql (sql): Attempting to connect rlm_sql_mysql #2
rlm_sql_mysql: Starting connect to MySQL server for #2
rlm_sql (sql): Connected new DB handle, #2
rlm_sql (sql): starting 3
rlm_sql (sql): Attempting to connect rlm_sql_mysql #3
rlm_sql_mysql: Starting connect to MySQL server for #3
rlm_sql (sql): Connected new DB handle, #3
rlm_sql (sql): starting 4
rlm_sql (sql): Attempting to connect rlm_sql_mysql #4
rlm_sql_mysql: Starting connect to MySQL server for #4
rlm_sql (sql): Connected new DB handle, #4
Module: Instantiated sql (sql)
Module: Loaded Acct-Unique-Session-Id
 acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address,
Client-IP-Addre
ss, NAS-Port"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded files
 files: usersfile = "/etc/raddb/users"
 files: acctusersfile = "/etc/raddb/acct_users"
 files: preproxy_usersfile = "/etc/raddb/preproxy_users"
 files: compat = "no"
Module: Instantiated files (files)
Module: Loaded detail
 detail: detailfile =
"/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%
d"
 detail: detailperm = 384
 detail: dirperm = 493
 detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded System
 unix: cache = no
 unix: passwd = "(null)"
 unix: shadow = "(null)"
 unix: group = "(null)"
 unix: radwtmp = "/var/log/radius/radwtmp"
 unix: usegroup = no
 unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded radutmp
 radutmp: filename = "/var/log/radius/radutmp"
 radutmp: username = "%{User-Name}"
 radutmp: case_sensitive = yes
 radutmp: check_with_nas = yes
 radutmp: perm = 384
 radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.







rlm_sql (sql): Released sql socket id: 0
  modcall[authorize]: module "sql" returns ok for request 11
rlm_pap: Found existing Auth-Type, not changing it.
  modcall[authorize]: module "pap" returns noop for request 11
modcall: leaving group authorize (returns updated) for request 11
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 11
  rlm_eap: EAP Identity
  rlm_eap: processing type tls
  rlm_eap_tls: Initiate
  rlm_eap_tls: Start returned 1
  modcall[authenticate]: module "eap" returns handled for request 11
modcall: leaving group authenticate (returns handled) for request 11
Sending Access-Challenge of id 35 to 192.168.1.6 port 1027
        EAP-Message = 0x010200061920
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x1c573af9975491ac8be748bf8024ac41
Finished request 11
Going to the next request
--- Walking the entire request list ---
Waking up in 3 seconds...
rad_recv: Access-Request packet from host 192.168.1.6:1027, id=36,
length=256
        User-Name = "bnickaes"
        NAS-IP-Address = 192.168.1.6
        NAS-Identifier = "BBi5"
        Framed-MTU = 1496
        Called-Station-Id = "00-19-cb-1f-66-2d:BBi WLAN test"
        Calling-Station-Id = "00-14-a5-3e-a8-ba"
        NAS-Port-Type = Wireless-802.11
        EAP-Message =
0x0202007019800000006616030100610100005d03014736e9471b157a597019f0888c64f2ba
32b91e4e1399ed9a7e0d2583ec412d1f20af53175a1d6ac82c8f8fa4976c5f19f15efdc73564
f9bf04752c425b17feb14b001600040005000a000900640062000300060013001200630100
        State = 0x1c573af9975491ac8be748bf8024ac41
        Message-Authenticator = 0xb14c0d8f757b07ce5cdeda12c2f6a070
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 12
  modcall[authorize]: module "preprocess" returns ok for request 12
  modcall[authorize]: module "chap" returns noop for request 12
  modcall[authorize]: module "mschap" returns noop for request 12
    rlm_realm: No '@' in User-Name = "bnickaes", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 12
  rlm_eap: EAP packet type response id 2 length 112
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 12
radius_xlat:  'bnickaes'
rlm_sql (sql): sql_set_user escaped user --> 'bnickaes'
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radcheck           WHERE Username = 'bnickaes'           ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radcheck           WHERE Username = 'bnickaes'           ORDER BY id
radius_xlat:  'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query:  SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radreply           WHERE Username = 'bnickaes'           ORDER BY id'
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radreply           WHERE Username = 'bnickaes'           ORDER BY id
radius_xlat:  'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query:  SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 4
  modcall[authorize]: module "sql" returns ok for request 12
rlm_pap: Found existing Auth-Type, not changing it.
  modcall[authorize]: module "pap" returns noop for request 12
modcall: leaving group authorize (returns updated) for request 12
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 12
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls:  Length Included
  eaptls_verify returned 11
    (other): before/accept initialization
    TLS_accept: before/accept initialization
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 0061], ClientHello
    TLS_accept: SSLv3 read client hello A
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
    TLS_accept: SSLv3 write server hello A
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 075b], Certificate
    TLS_accept: SSLv3 write certificate A
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
    TLS_accept: SSLv3 write server done A
    TLS_accept: SSLv3 flush data
    TLS_accept: Need to read more data: SSLv3 read client certificate A
In SSL Handshake Phase
In SSL Accept mode
  eaptls_process returned 13
  rlm_eap_peap: EAPTLS_HANDLED
  modcall[authenticate]: module "eap" returns handled for request 12
modcall: leaving group authenticate (returns handled) for request 12
Sending Access-Challenge of id 36 to 192.168.1.6 port 1027
        EAP-Message =
0x0103040a19c0000007b8160301004a0200004603014736e98b65609455a21ef05c01b85131
0ea51b4d64d3efc8da5d618a1ad35f34208c101f1f581270999dfb1eb285802ebbf9a2bcd4fb
94a3e82ecc4f9fc0a6e2cb000400160301075b0b0007570007540003a6308203a23082028aa0
03020102020102300d06092a864886f70d0101040500308193310b3009060355040613024652
310f300d060355040813065261646975733112301006035504071309536f6d65776865726531
153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d01090116
1161646d696e406578616d706c652e636f6d3126302406035504
        EAP-Message =
0x03131d4578616d706c6520436572746966696361746520417574686f72697479301e170d30
37313130373134333834375a170d3038313130363134333834375a307c310b30090603550406
13024652310f300d0603550408130652616469757331153013060355040a130c4578616d706c
6520496e632e312330210603550403131a4578616d706c652053657276657220436572746966
69636174653120301e06092a864886f70d010901161161646d696e406578616d706c652e636f
6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100b39ce1ac
f0f1d9d6d70e21f6296a1641eb5902cf64fd1e4542652851f83b
        EAP-Message =
0xa00fa1b7df9fca03131f92f41be7e5d162d71bf91f740fdfac8fcd0df46c31895d81405e6d
f28103ef244753bd42b1b1ca6ddc4415eba090ced2084944626c815ed764795f9f4667fc851e
a23224ffcfe374f6007e96e86bbb552ef308a1ba6f4db62648aef4d32f82fe4a25b837377f44
1f0c212f3be30caa15d3fb587f1dd81b3d5fb83e76d9a8db16646c0fed788b08347a90be2fd2
05e2bf6c20e893f8dfe0520c7e0d94747b579d37dec0eeb1201ed42d476f5224597d5cc66ca2
9fdbfe5c62e99bccb861a11742bdd63081201964f744441fe7b024d1ec5d4bbb32d316506f02
03010001a317301530130603551d25040c300a06082b06010505
        EAP-Message =
0x070301300d06092a864886f70d0101040500038201010065205f756eae963e5a0ddf7e982f
b453ede31c5c913da37cf87ddd9a7a7ae7e195caa5e6de89327098ec5e9763185909a63bc3e9
c86085cbf31d84a2e14c9e8c93d841cb29eb080ff8dd7076d6929cb4c821994718b13bafe196
83eea9a98e54eb8e0fcb8ebcc988ab5e3116785088f31d9968b49ef1b3c017b7720360dadafb
44dd9645c389bb7cd5b362884dc03d35302d267bcfaabe56cfb8f2a1bc46e7632cea223f72ca
3aa0329a76284ff85c109fee855ebc69d7e82cdceef73fcfbea095dd080d2e58eedace1e13cb
4f008d0a8f731d3eaa17d17462e67164cdab589e305e5bf2c2e3
        EAP-Message = 0x9390707123f3c195a6b9dd93b1605ae7e0c7d20c49b3
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x4693336b54c59c785a6b877b8ff1fa6e
Finished request 12
Going to the next request
Waking up in 3 seconds...
rad_recv: Access-Request packet from host 192.168.1.6:1027, id=37,
length=150
        User-Name = "bnickaes"
        NAS-IP-Address = 192.168.1.6
        NAS-Identifier = "BBi5"
        Framed-MTU = 1496
        Called-Station-Id = "00-19-cb-1f-66-2d:BBi WLAN test"
        Calling-Station-Id = "00-14-a5-3e-a8-ba"
        NAS-Port-Type = Wireless-802.11
        EAP-Message = 0x020300061900
        State = 0x4693336b54c59c785a6b877b8ff1fa6e
        Message-Authenticator = 0xb3256ab25db6eb63eb32d1b7ac988596
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 13
  modcall[authorize]: module "preprocess" returns ok for request 13
  modcall[authorize]: module "chap" returns noop for request 13
  modcall[authorize]: module "mschap" returns noop for request 13
    rlm_realm: No '@' in User-Name = "bnickaes", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 13
  rlm_eap: EAP packet type response id 3 length 6
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 13
radius_xlat:  'bnickaes'
rlm_sql (sql): sql_set_user escaped user --> 'bnickaes'
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radcheck           WHERE Username = 'bnickaes'           ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radcheck           WHERE Username = 'bnickaes'           ORDER BY id
radius_xlat:  'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query:  SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radreply           WHERE Username = 'bnickaes'           ORDER BY id'
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radreply           WHERE Username = 'bnickaes'           ORDER BY id
radius_xlat:  'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query:  SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 3
  modcall[authorize]: module "sql" returns ok for request 13
rlm_pap: Found existing Auth-Type, not changing it.
  modcall[authorize]: module "pap" returns noop for request 13
modcall: leaving group authorize (returns updated) for request 13
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 13
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
  rlm_eap_tls: ack handshake fragment handler
  eaptls_verify returned 1
  eaptls_process returned 13
  rlm_eap_peap: EAPTLS_HANDLED
  modcall[authenticate]: module "eap" returns handled for request 13
modcall: leaving group authenticate (returns handled) for request 13
Sending Access-Challenge of id 37 to 192.168.1.6 port 1027
        EAP-Message =
0x010403be19002a00f5630003a8308203a43082028c020900e543e5683834a82a300d06092a
864886f70d0101050500308193310b3009060355040613024652310f300d0603550408130652
61646975733112301006035504071309536f6d65776865726531153013060355040a130c4578
616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d70
6c652e636f6d312630240603550403131d4578616d706c652043657274696669636174652041
7574686f72697479301e170d3037313130373134333834375a170d3037313230373134333834
375a308193310b3009060355040613024652310f300d06035504
        EAP-Message =
0x0813065261646975733112301006035504071309536f6d6577686572653115301306035504
0a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e40
6578616d706c652e636f6d312630240603550403131d4578616d706c65204365727469666963
61746520417574686f7269747930820122300d06092a864886f70d01010105000382010f0030
82010a0282010100d5ff39122c8a438f0e116ecc633bd2018107a76d23757ea6289decc489d2
af4d98a19581812a2e82a5506b7ccf01aee15df7292360a0c97dcd2199ed736fa0afc6ae927d
569ed9e7b3feab24fd512a20a00c366525b9d309a1b5904b8f5f
        EAP-Message =
0xa2e7daa54a3af454a8d51dfccfdb9a8f28872d420fbe02f5d0cfb815e2f3c3c8597cd620ef
c35dc54825eb6526209b4ca42be08cc9e96fe7d0dfc659dd7b4ba4479ccdc442f9e6fc1bb434
fc94b0e7422812a3d84bbf4a2b0fdfc8b4f2867038093d5c89cdc381c4b7d981a1cffe5bfc80
1662135f156c1f4f626d87da578cf9223dfcb61d41c4177aaa144a79b20db30b16d402771fe9
d19529f6ab4fbc6770ba5f0203010001300d06092a864886f70d01010505000382010100bd70
295b2e9f2f9ea582a8763359ea8dc201156fda57ef33ce34547f2bc63c97164f441ad3432e32
aa9a4d381a9f70de9fe7a287781dd1a245bb64223f9b4b11425d
        EAP-Message =
0xeb97e5d182b67ba4ca9de386c7057413c0942f2c9b4beaedb056fddbfd745222a80ecd63fe
db85297bbc8ad41059f59d9f8ec1cbdc51d35d17d1c9e4c9ba207859a22efdc12c11de035ae8
3f34dc5f0476701be89057a5e2dea742514d122097c21c48e30139298848e71be51a647e3fa1
e1b2763a409985fc936d6fe197fec5b06e0ac14b77d52be7fa2203e4083336b5602800a1edae
af80e7bd586d51fa44c3d2ff8a2e2277dca74fcc2d75d393a70125e0735062a05d20c2d8fae3
4f16030100040e000000
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xcdc80d3faa15f82f9fe73703eb8e1d03
Finished request 13
Going to the next request
Waking up in 3 seconds...
rad_recv: Access-Request packet from host 192.168.1.6:1027, id=38,
length=466
        User-Name = "bnickaes"
        NAS-IP-Address = 192.168.1.6
        NAS-Identifier = "BBi5"
        Framed-MTU = 1496
        Called-Station-Id = "00-19-cb-1f-66-2d:BBi WLAN test"
        Calling-Station-Id = "00-14-a5-3e-a8-ba"
        NAS-Port-Type = Wireless-802.11
        EAP-Message =
0x020401401980000001361603010106100001020100a3eb9993c6828ab831c81b45da361ec3
2c24ceef3462ef2bbf233aa472949a13014790fba0010a45a2bf25d8d9f3ce9f4298dbfe5eea
9e41ac3ba49f1fb33bf7a6d4cf5bd197d7c09d032054781aa9edcf7373c2e6af68e361c26885
773af0bfba5d6a7f8c3c4ecd025b5e450b872bf2e20742d26973e70d331820fa43e3d709d0b0
2b40c1183e07c082de699b5b8d526255b5b7f2409c22a9db88e5dcfe90f3f5b3b7071ce48335
a519340df1809d7cc94e19209eab291c97794ee3f0e71efaf6410c2edb691d83a949ae552fd7
f0e7dddf3937e34498ad01fec474651d02942281dba6ae893a75
        EAP-Message =
0xd369774b59acb2b5dcec5943ac1421be6f047608e1b3b6aa14030100010116030100207907
06d527ce6fde472fc4d9cb18883ff27b841bd7fcda3bdb41778023f08feb
        State = 0xcdc80d3faa15f82f9fe73703eb8e1d03
        Message-Authenticator = 0x5d221123cf8e2578c09dc5a53c480aa2
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 14
  modcall[authorize]: module "preprocess" returns ok for request 14
  modcall[authorize]: module "chap" returns noop for request 14
  modcall[authorize]: module "mschap" returns noop for request 14
    rlm_realm: No '@' in User-Name = "bnickaes", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 14
  rlm_eap: EAP packet type response id 4 length 253
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 14
radius_xlat:  'bnickaes'
rlm_sql (sql): sql_set_user escaped user --> 'bnickaes'
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radcheck           WHERE Username = 'bnickaes'           ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 2
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radcheck           WHERE Username = 'bnickaes'           ORDER BY id
radius_xlat:  'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query:  SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radreply           WHERE Username = 'bnickaes'           ORDER BY id'
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radreply           WHERE Username = 'bnickaes'           ORDER BY id
radius_xlat:  'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query:  SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 2
  modcall[authorize]: module "sql" returns ok for request 14
rlm_pap: Found existing Auth-Type, not changing it.
  modcall[authorize]: module "pap" returns noop for request 14
modcall: leaving group authorize (returns updated) for request 14
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 14
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls:  Length Included
  eaptls_verify returned 11
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 0106], ClientKeyExchange
    TLS_accept: SSLv3 read client key exchange A
  rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001]
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished
    TLS_accept: SSLv3 read finished A
  rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001]
    TLS_accept: SSLv3 write change cipher spec A
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished
    TLS_accept: SSLv3 write finished A
    TLS_accept: SSLv3 flush data
    (other): SSL negotiation finished successfully
SSL Connection Established
  eaptls_process returned 13
  rlm_eap_peap: EAPTLS_HANDLED
  modcall[authenticate]: module "eap" returns handled for request 14
modcall: leaving group authenticate (returns handled) for request 14
Sending Access-Challenge of id 38 to 192.168.1.6 port 1027
        EAP-Message =
0x0105003119001403010001011603010020d3de7ebaf87a5cb374cc669358062fe5ff92222d
12a71ac9ca2163335146a5d8
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x612c9e30f99df6600fa3cb8f7bb664ab
Finished request 14
Going to the next request
Waking up in 3 seconds...
rad_recv: Access-Request packet from host 192.168.1.6:1027, id=39,
length=150
        User-Name = "bnickaes"
        NAS-IP-Address = 192.168.1.6
        NAS-Identifier = "BBi5"
        Framed-MTU = 1496
        Called-Station-Id = "00-19-cb-1f-66-2d:BBi WLAN test"
        Calling-Station-Id = "00-14-a5-3e-a8-ba"
        NAS-Port-Type = Wireless-802.11
        EAP-Message = 0x020500061900
        State = 0x612c9e30f99df6600fa3cb8f7bb664ab
        Message-Authenticator = 0x01d22472fc3be31bacbd46c4e36f4e6f
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 15
  modcall[authorize]: module "preprocess" returns ok for request 15
  modcall[authorize]: module "chap" returns noop for request 15
  modcall[authorize]: module "mschap" returns noop for request 15
    rlm_realm: No '@' in User-Name = "bnickaes", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 15
  rlm_eap: EAP packet type response id 5 length 6
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 15
radius_xlat:  'bnickaes'
rlm_sql (sql): sql_set_user escaped user --> 'bnickaes'
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radcheck           WHERE Username = 'bnickaes'           ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 1
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radcheck           WHERE Username = 'bnickaes'           ORDER BY id
radius_xlat:  'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query:  SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radreply           WHERE Username = 'bnickaes'           ORDER BY id'
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radreply           WHERE Username = 'bnickaes'           ORDER BY id
radius_xlat:  'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query:  SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 1
  modcall[authorize]: module "sql" returns ok for request 15
rlm_pap: Found existing Auth-Type, not changing it.
  modcall[authorize]: module "pap" returns noop for request 15
modcall: leaving group authorize (returns updated) for request 15
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 15
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
  rlm_eap_tls: ack handshake is finished
  eaptls_verify returned 3
  eaptls_process returned 3
  rlm_eap_peap: EAPTLS_SUCCESS
  modcall[authenticate]: module "eap" returns handled for request 15
modcall: leaving group authenticate (returns handled) for request 15
Sending Access-Challenge of id 39 to 192.168.1.6 port 1027
        EAP-Message =
0x0106002019001703010015922307bfce48fe27c78382e0fd6a85ca4c16abc18c
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x64b0fe9803b66bcb5b22149bf22ca12f
Finished request 15
Going to the next request
Waking up in 3 seconds...
rad_recv: Access-Request packet from host 192.168.1.6:1027, id=40,
length=180
        User-Name = "bnickaes"
        NAS-IP-Address = 192.168.1.6
        NAS-Identifier = "BBi5"
        Framed-MTU = 1496
        Called-Station-Id = "00-19-cb-1f-66-2d:BBi WLAN test"
        Calling-Station-Id = "00-14-a5-3e-a8-ba"
        NAS-Port-Type = Wireless-802.11
        EAP-Message =
0x0206002419001703010019cce43b01c134f19d324061a7b3f5b445e3b7023efe44c9077f
        State = 0x64b0fe9803b66bcb5b22149bf22ca12f
        Message-Authenticator = 0x43aac07528e8551ff25156f24ae9d1c6
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 16
  modcall[authorize]: module "preprocess" returns ok for request 16
  modcall[authorize]: module "chap" returns noop for request 16
  modcall[authorize]: module "mschap" returns noop for request 16
    rlm_realm: No '@' in User-Name = "bnickaes", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 16
  rlm_eap: EAP packet type response id 6 length 36
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 16
radius_xlat:  'bnickaes'
rlm_sql (sql): sql_set_user escaped user --> 'bnickaes'
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radcheck           WHERE Username = 'bnickaes'           ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 0
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radcheck           WHERE Username = 'bnickaes'           ORDER BY id
radius_xlat:  'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query:  SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radreply           WHERE Username = 'bnickaes'           ORDER BY id'
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radreply           WHERE Username = 'bnickaes'           ORDER BY id
radius_xlat:  'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query:  SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 0
  modcall[authorize]: module "sql" returns ok for request 16
rlm_pap: Found existing Auth-Type, not changing it.
  modcall[authorize]: module "pap" returns noop for request 16
modcall: leaving group authorize (returns updated) for request 16
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 16
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
  eaptls_verify returned 7
  rlm_eap_tls: Done initial handshake
  eaptls_process returned 7
  rlm_eap_peap: EAPTLS_OK
  rlm_eap_peap: Session established.  Decoding tunneled attributes.
  rlm_eap_peap: Identity - bnickaes
  rlm_eap_peap: Tunneled data is valid.
  PEAP: Got tunneled EAP-Message
        EAP-Message = 0x0206000d01626e69636b616573
  PEAP: Got tunneled identity of bnickaes
  PEAP: Setting default EAP type for tunneled EAP session.
  PEAP: Setting User-Name to bnickaes
  PEAP: Sending tunneled request
        EAP-Message = 0x0206000d01626e69636b616573
        FreeRADIUS-Proxied-To = 127.0.0.1
        User-Name = "bnickaes"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 16
  modcall[authorize]: module "preprocess" returns ok for request 16
  modcall[authorize]: module "chap" returns noop for request 16
  modcall[authorize]: module "mschap" returns noop for request 16
    rlm_realm: No '@' in User-Name = "bnickaes", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 16
  rlm_eap: EAP packet type response id 6 length 13
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 16
radius_xlat:  'bnickaes'
rlm_sql (sql): sql_set_user escaped user --> 'bnickaes'
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radcheck           WHERE Username = 'bnickaes'           ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radcheck           WHERE Username = 'bnickaes'           ORDER BY id
radius_xlat:  'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query:  SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radreply           WHERE Username = 'bnickaes'           ORDER BY id'
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radreply           WHERE Username = 'bnickaes'           ORDER BY id
radius_xlat:  'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query:  SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 4
  modcall[authorize]: module "sql" returns ok for request 16
rlm_pap: Found existing Auth-Type, not changing it.
  modcall[authorize]: module "pap" returns noop for request 16
modcall: leaving group authorize (returns updated) for request 16
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 16
  rlm_eap: EAP Identity
  rlm_eap: processing type mschapv2
rlm_eap_mschapv2: Issuing Challenge
  modcall[authenticate]: module "eap" returns handled for request 16
modcall: leaving group authenticate (returns handled) for request 16
  PEAP: Got tunneled reply RADIUS code 11
        EAP-Message =
0x010700221a0107001d10bb93669c447bd43928da439655b6d2fd626e69636b616573
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xe0b7b874b3d837032eb60369e1816600
  PEAP: Processing from tunneled session code 0x8016e998 11
        EAP-Message =
0x010700221a0107001d10bb93669c447bd43928da439655b6d2fd626e69636b616573
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xe0b7b874b3d837032eb60369e1816600
  PEAP: Got tunneled Access-Challenge
  modcall[authenticate]: module "eap" returns handled for request 16
modcall: leaving group authenticate (returns handled) for request 16
Sending Access-Challenge of id 40 to 192.168.1.6 port 1027
        EAP-Message =
0x010700391900170301002e4c7d2921dbc9b0cb22248824115efe0e2c0102ba4dc7eeb63eed
e1d9857a3ef9512f49d260f514c140ffe1fd409d
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xf555d10ac1030ae3df511a29b87b22dc
Finished request 16
Going to the next request
Waking up in 3 seconds...
rad_recv: Access-Request packet from host 192.168.1.6:1027, id=41,
length=234
        User-Name = "bnickaes"
        NAS-IP-Address = 192.168.1.6
        NAS-Identifier = "BBi5"
        Framed-MTU = 1496
        Called-Station-Id = "00-19-cb-1f-66-2d:BBi WLAN test"
        Calling-Station-Id = "00-14-a5-3e-a8-ba"
        NAS-Port-Type = Wireless-802.11
        EAP-Message =
0x0207005a1900170301004fcb7177c20a99397bfc1ffccdd19de69de42a4c2f2e1dc0187e9a
c140a1380ae4a562be240729b3f75b8a64a0cb3966a24ba3a6462e7d0e1316d4c08e19c1831e
2f7fb68765fcb3b547319a15923358
        State = 0xf555d10ac1030ae3df511a29b87b22dc
        Message-Authenticator = 0x7d29c887fbb0276bf2a7b862450bc3cc
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 17
  modcall[authorize]: module "preprocess" returns ok for request 17
  modcall[authorize]: module "chap" returns noop for request 17
  modcall[authorize]: module "mschap" returns noop for request 17
    rlm_realm: No '@' in User-Name = "bnickaes", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 17
  rlm_eap: EAP packet type response id 7 length 90
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 17
radius_xlat:  'bnickaes'
rlm_sql (sql): sql_set_user escaped user --> 'bnickaes'
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radcheck           WHERE Username = 'bnickaes'           ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radcheck           WHERE Username = 'bnickaes'           ORDER BY id
radius_xlat:  'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query:  SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radreply           WHERE Username = 'bnickaes'           ORDER BY id'
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radreply           WHERE Username = 'bnickaes'           ORDER BY id
radius_xlat:  'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query:  SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 3
  modcall[authorize]: module "sql" returns ok for request 17
rlm_pap: Found existing Auth-Type, not changing it.
  modcall[authorize]: module "pap" returns noop for request 17
modcall: leaving group authorize (returns updated) for request 17
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 17
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
  eaptls_verify returned 7
  rlm_eap_tls: Done initial handshake
  eaptls_process returned 7
  rlm_eap_peap: EAPTLS_OK
  rlm_eap_peap: Session established.  Decoding tunneled attributes.
  rlm_eap_peap: EAP type mschapv2
  rlm_eap_peap: Tunneled data is valid.
  PEAP: Got tunneled EAP-Message
        EAP-Message =
0x020700431a0207003e311f1086ddd200b0669fa398620fd18ce000000000000000002d2b29
6b0a702ede56ab5a3c62b5ede3d9689ebee238d67d00626e69636b616573
  PEAP: Setting User-Name to bnickaes
  PEAP: Adding old state with e0 b7
  PEAP: Sending tunneled request
        EAP-Message =
0x020700431a0207003e311f1086ddd200b0669fa398620fd18ce000000000000000002d2b29
6b0a702ede56ab5a3c62b5ede3d9689ebee238d67d00626e69636b616573
        FreeRADIUS-Proxied-To = 127.0.0.1
        User-Name = "bnickaes"
        State = 0xe0b7b874b3d837032eb60369e1816600
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 17
  modcall[authorize]: module "preprocess" returns ok for request 17
  modcall[authorize]: module "chap" returns noop for request 17
  modcall[authorize]: module "mschap" returns noop for request 17
    rlm_realm: No '@' in User-Name = "bnickaes", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 17
  rlm_eap: EAP packet type response id 7 length 67
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 17
radius_xlat:  'bnickaes'
rlm_sql (sql): sql_set_user escaped user --> 'bnickaes'
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radcheck           WHERE Username = 'bnickaes'           ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 2
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radcheck           WHERE Username = 'bnickaes'           ORDER BY id
radius_xlat:  'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query:  SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radreply           WHERE Username = 'bnickaes'           ORDER BY id'
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radreply           WHERE Username = 'bnickaes'           ORDER BY id
radius_xlat:  'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query:  SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 2
  modcall[authorize]: module "sql" returns ok for request 17
rlm_pap: Found existing Auth-Type, not changing it.
  modcall[authorize]: module "pap" returns noop for request 17
modcall: leaving group authorize (returns updated) for request 17
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 17
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/mschapv2
  rlm_eap: processing type mschapv2
  Processing the authenticate section of radiusd.conf
modcall: entering group MS-CHAP for request 17
  rlm_mschap: Told to do MS-CHAPv2 for bnickaes with NT-Password
rlm_mschap: adding MS-CHAPv2 MPPE keys
  modcall[authenticate]: module "mschap" returns ok for request 17
modcall: leaving group MS-CHAP (returns ok) for request 17
MSCHAP Success
  modcall[authenticate]: module "eap" returns handled for request 17
modcall: leaving group authenticate (returns handled) for request 17
  PEAP: Got tunneled reply RADIUS code 11
        MS-CHAP2-Success =
0x07533d32443446393532384645304531363838423136423231414637324338424636333744
323034394135
        EAP-Message =
0x010800331a0307002e533d3244344639353238464530453136383842313642323141463732
4338424636333744323034394135
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x5c8e3c5c78e2324fdc6e3e45a1236ab7
  PEAP: Processing from tunneled session code 0x8016e6e8 11
        MS-CHAP2-Success =
0x07533d32443446393532384645304531363838423136423231414637324338424636333744
323034394135
        EAP-Message =
0x010800331a0307002e533d3244344639353238464530453136383842313642323141463732
4338424636333744323034394135
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x5c8e3c5c78e2324fdc6e3e45a1236ab7
  PEAP: Got tunneled Access-Challenge
  modcall[authenticate]: module "eap" returns handled for request 17
modcall: leaving group authenticate (returns handled) for request 17
Sending Access-Challenge of id 41 to 192.168.1.6 port 1027
        EAP-Message =
0x0108004a1900170301003f691652352bba2aa8f10e896b3a6f15e364f0bf9184b1a43ef43c
f97192dc1c778b44a80a00d161ec0ec43796793d33f5504f345efdb563f4c2714d7d609f14
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x11f1541f40085b41f7c94400c17bf5dc
Finished request 17
Going to the next request
Waking up in 3 seconds...
rad_recv: Access-Request packet from host 192.168.1.6:1027, id=42,
length=173
        User-Name = "bnickaes"
        NAS-IP-Address = 192.168.1.6
        NAS-Identifier = "BBi5"
        Framed-MTU = 1496
        Called-Station-Id = "00-19-cb-1f-66-2d:BBi WLAN test"
        Calling-Station-Id = "00-14-a5-3e-a8-ba"
        NAS-Port-Type = Wireless-802.11
        EAP-Message =
0x0208001d19001703010012b9b72172fbfcc065dcce836bf65148aaa6f7
        State = 0x11f1541f40085b41f7c94400c17bf5dc
        Message-Authenticator = 0xff664b617196e0d43825141bb01ff42a
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 18
  modcall[authorize]: module "preprocess" returns ok for request 18
  modcall[authorize]: module "chap" returns noop for request 18
  modcall[authorize]: module "mschap" returns noop for request 18
    rlm_realm: No '@' in User-Name = "bnickaes", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 18
  rlm_eap: EAP packet type response id 8 length 29
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 18
radius_xlat:  'bnickaes'
rlm_sql (sql): sql_set_user escaped user --> 'bnickaes'
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radcheck           WHERE Username = 'bnickaes'           ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 1
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radcheck           WHERE Username = 'bnickaes'           ORDER BY id
radius_xlat:  'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query:  SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radreply           WHERE Username = 'bnickaes'           ORDER BY id'
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radreply           WHERE Username = 'bnickaes'           ORDER BY id
radius_xlat:  'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query:  SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 1
  modcall[authorize]: module "sql" returns ok for request 18
rlm_pap: Found existing Auth-Type, not changing it.
  modcall[authorize]: module "pap" returns noop for request 18
modcall: leaving group authorize (returns updated) for request 18
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 18
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
  eaptls_verify returned 7
  rlm_eap_tls: Done initial handshake
  eaptls_process returned 7
  rlm_eap_peap: EAPTLS_OK
  rlm_eap_peap: Session established.  Decoding tunneled attributes.
  rlm_eap_peap: EAP type mschapv2
  rlm_eap_peap: Tunneled data is valid.
  PEAP: Got tunneled EAP-Message
        EAP-Message = 0x020800061a03
  PEAP: Setting User-Name to bnickaes
  PEAP: Adding old state with 5c 8e
  PEAP: Sending tunneled request
        EAP-Message = 0x020800061a03
        FreeRADIUS-Proxied-To = 127.0.0.1
        User-Name = "bnickaes"
        State = 0x5c8e3c5c78e2324fdc6e3e45a1236ab7
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 18
  modcall[authorize]: module "preprocess" returns ok for request 18
  modcall[authorize]: module "chap" returns noop for request 18
  modcall[authorize]: module "mschap" returns noop for request 18
    rlm_realm: No '@' in User-Name = "bnickaes", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 18
  rlm_eap: EAP packet type response id 8 length 6
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 18
radius_xlat:  'bnickaes'
rlm_sql (sql): sql_set_user escaped user --> 'bnickaes'
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radcheck           WHERE Username = 'bnickaes'           ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 0
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radcheck           WHERE Username = 'bnickaes'           ORDER BY id
radius_xlat:  'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query:  SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radreply           WHERE Username = 'bnickaes'           ORDER BY id'
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radreply           WHERE Username = 'bnickaes'           ORDER BY id
radius_xlat:  'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query:  SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 0
  modcall[authorize]: module "sql" returns ok for request 18
rlm_pap: Found existing Auth-Type, not changing it.
  modcall[authorize]: module "pap" returns noop for request 18
modcall: leaving group authorize (returns updated) for request 18
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 18
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/mschapv2
  rlm_eap: processing type mschapv2
  rlm_eap: Freeing handler
  modcall[authenticate]: module "eap" returns ok for request 18
modcall: leaving group authenticate (returns ok) for request 18
  PEAP: Got tunneled reply RADIUS code 2
        EAP-Message = 0x03080004
        Message-Authenticator = 0x00000000000000000000000000000000
        User-Name = "bnickaes"
  PEAP: Processing from tunneled session code 0x8016fb08 2
        EAP-Message = 0x03080004
        Message-Authenticator = 0x00000000000000000000000000000000
        User-Name = "bnickaes"
  PEAP: Tunneled authentication was successful.
  rlm_eap_peap: SUCCESS
  modcall[authenticate]: module "eap" returns handled for request 18
modcall: leaving group authenticate (returns handled) for request 18
Sending Access-Challenge of id 42 to 192.168.1.6 port 1027
        EAP-Message =
0x010900261900170301001b443bc120b1abd0e4be7dc1898c94bd70daf0aed09f42c7d207f1
79
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x4ffcfd604476ec85e8e093f1c114ff79
Finished request 18
Going to the next request
Waking up in 3 seconds...
rad_recv: Access-Request packet from host 192.168.1.6:1027, id=43,
length=182
        User-Name = "bnickaes"
        NAS-IP-Address = 192.168.1.6
        NAS-Identifier = "BBi5"
        Framed-MTU = 1496
        Called-Station-Id = "00-19-cb-1f-66-2d:BBi WLAN test"
        Calling-Station-Id = "00-14-a5-3e-a8-ba"
        NAS-Port-Type = Wireless-802.11
        EAP-Message =
0x020900261900170301001b49c3587552176ac1165f4cebd8506498d4b3c1b221c71a627a9f
e3
        State = 0x4ffcfd604476ec85e8e093f1c114ff79
        Message-Authenticator = 0x1d5ec7557b35831e487a353595bd4cfb
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 19
  modcall[authorize]: module "preprocess" returns ok for request 19
  modcall[authorize]: module "chap" returns noop for request 19
  modcall[authorize]: module "mschap" returns noop for request 19
    rlm_realm: No '@' in User-Name = "bnickaes", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 19
  rlm_eap: EAP packet type response id 9 length 38
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 19
radius_xlat:  'bnickaes'
rlm_sql (sql): sql_set_user escaped user --> 'bnickaes'
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radcheck           WHERE Username = 'bnickaes'           ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radcheck           WHERE Username = 'bnickaes'           ORDER BY id
radius_xlat:  'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query:  SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radreply           WHERE Username = 'bnickaes'           ORDER BY id'
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radreply           WHERE Username = 'bnickaes'           ORDER BY id
radius_xlat:  'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query:  SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = 'bnickaes' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 4
  modcall[authorize]: module "sql" returns ok for request 19
rlm_pap: Found existing Auth-Type, not changing it.
  modcall[authorize]: module "pap" returns noop for request 19
modcall: leaving group authorize (returns updated) for request 19
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 19
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
  eaptls_verify returned 7
  rlm_eap_tls: Done initial handshake
  eaptls_process returned 7
  rlm_eap_peap: EAPTLS_OK
  rlm_eap_peap: Session established.  Decoding tunneled attributes.
  rlm_eap_peap: Received EAP-TLV response.
  rlm_eap_peap: Tunneled data is valid.
  rlm_eap_peap: Success
  rlm_eap: Freeing handler
  modcall[authenticate]: module "eap" returns ok for request 19
modcall: leaving group authenticate (returns ok) for request 19
Sending Access-Accept of id 43 to 192.168.1.6 port 1027
        MS-MPPE-Recv-Key =
0x6a89768e4a99c18a94168fbd9f72efad7580f28e9db3cdb99996ea11092b2b9a
        MS-MPPE-Send-Key =
0x0ea90ccf685f8883935a9e155596dd82ed9b6aa6446f0750d024ef44c18caeb6
        EAP-Message = 0x03090004
        Message-Authenticator = 0x00000000000000000000000000000000
        User-Name = "bnickaes"
Finished request 19
Going to the next request
Waking up in 3 seconds...
rad_recv: Accounting-Request packet from host 192.168.1.6:1028, id=44,
length=113
        User-Name = "bnickaes"
        NAS-Identifier = "BBi5"
        Called-Station-Id = "00-19-cb-1f-66-2d:BBi WLAN test"
        Calling-Station-Id = "00-14-a5-3e-a8-ba"
        Acct-Status-Type = Start
        Acct-Delay-Time = 0
        Acct-Session-Id = "40000000004"
  Processing the preacct section of radiusd.conf
modcall: entering group preacct for request 20
  modcall[preacct]: module "preprocess" returns noop for request 20
rlm_acct_unique: WARNING: Attribute NAS-Port was not found in request,
unique ID MAY be inconsistent
rlm_acct_unique: Hashing ',Client-IP-Address = 192.168.1.6,NAS-IP-Address =
192.168.1.6,Acct-Session-Id = "40000000004",User-Name = "bnickaes"'
rlm_acct_unique: Acct-Unique-Session-ID = "a6a19773addbabe7".
  modcall[preacct]: module "acct_unique" returns ok for request 20
    rlm_realm: No '@' in User-Name = "bnickaes", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[preacct]: module "suffix" returns noop for request 20
  modcall[preacct]: module "files" returns noop for request 20
modcall: leaving group preacct (returns ok) for request 20
  Processing the accounting section of radiusd.conf
modcall: entering group accounting for request 20
radius_xlat:  '/var/log/radius/radacct/192.168.1.6/detail-20071111'
rlm_detail: /var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
expands to /var/log/radius/radacct/192.168.1.6/detail-20071111
  modcall[accounting]: module "detail" returns ok for request 20
  modcall[accounting]: module "unix" returns noop for request 20
radius_xlat:  '/var/log/radius/radutmp'
radius_xlat:  'bnickaes'
  rlm_radutmp: No NAS-Port seen.  Cannot do anything.
  rlm_radumtp: WARNING: checkrad will probably not work!
  modcall[accounting]: module "radutmp" returns noop for request 20
radius_xlat:  'bnickaes'
rlm_sql (sql): sql_set_user escaped user --> 'bnickaes'
radius_xlat:  'INSERT into radacct (AcctSessionId, AcctUniqueId, UserName,
Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctStopTime,
AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop,
AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId,
AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress,
AcctStartDelay, AcctStopDelay) values('40000000004', 'a6a19773addbabe7',
'bnickaes', '', '192.168.1.6', '', '', '2007-11-11 12:37:47', '0', '0', '',
'', '', '0', '0', '00-19-cb-1f-66-2d:BBi WLAN test', '00-14-a5-3e-a8-ba',
'', '', '', '', '0', '0')'
radius_xlat:  '/var/log/radius/sqltrace.sql'
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql_mysql: query:  INSERT into radacct (AcctSessionId, AcctUniqueId,
UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime,
AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start,
ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId,
CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol,
FramedIPAddress, AcctStartDelay, AcctStopDelay) values('40000000004',
'a6a19773addbabe7', 'bnickaes', '', '192.168.1.6', '', '', '2007-11-11
12:37:47', '0', '0', '', '', '', '0', '0', '00-19-cb-1f-66-2d:BBi WLAN
test', '00-14-a5-3e-a8-ba', '', '', '', '', '0', '0')
rlm_sql (sql): Released sql socket id: 3
  modcall[accounting]: module "sql" returns ok for request 20
modcall: leaving group accounting (returns ok) for request 20
Sending Accounting-Response of id 44 to 192.168.1.6 port 1028
Finished request 20
Going to the next request
Waking up in 3 seconds...
--- Walking the entire request list ---
Cleaning up request 10 ID 34 with timestamp 4736e988
Waking up in 3 seconds...
rad_recv: Accounting-Request packet from host 192.168.1.6:1028, id=45,
length=161
        User-Name = "bnickaes"
        NAS-Identifier = "BBi5"
        Called-Station-Id = "00-19-cb-1f-66-2d:BBi WLAN test"
        Calling-Station-Id = "00-14-a5-3e-a8-ba"
        Acct-Status-Type = Stop
        Acct-Session-Id = "40000000004"
        Acct-Input-Octets = 1350
        Acct-Output-Octets = 1192
        Acct-Input-Packets = 13
        Acct-Output-Packets = 4
        Acct-Delay-Time = 0
        Acct-Session-Time = 6
        Acct-Terminate-Cause = Lost-Carrier
        Acct-Input-Gigawords = 0
        Acct-Output-Gigawords = 0
  Processing the preacct section of radiusd.conf
modcall: entering group preacct for request 21
  modcall[preacct]: module "preprocess" returns noop for request 21
rlm_acct_unique: WARNING: Attribute NAS-Port was not found in request,
unique ID MAY be inconsistent
rlm_acct_unique: Hashing ',Client-IP-Address = 192.168.1.6,NAS-IP-Address =
192.168.1.6,Acct-Session-Id = "40000000004",User-Name = "bnickaes"'
rlm_acct_unique: Acct-Unique-Session-ID = "a6a19773addbabe7".
  modcall[preacct]: module "acct_unique" returns ok for request 21
    rlm_realm: No '@' in User-Name = "bnickaes", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[preacct]: module "suffix" returns noop for request 21
  modcall[preacct]: module "files" returns noop for request 21
modcall: leaving group preacct (returns ok) for request 21
  Processing the accounting section of radiusd.conf
modcall: entering group accounting for request 21
radius_xlat:  '/var/log/radius/radacct/192.168.1.6/detail-20071111'
rlm_detail: /var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
expands to /var/log/radius/radacct/192.168.1.6/detail-20071111
  modcall[accounting]: module "detail" returns ok for request 21
  modcall[accounting]: module "unix" returns noop for request 21
radius_xlat:  '/var/log/radius/radutmp'
radius_xlat:  'bnickaes'
  rlm_radutmp: No NAS-Port seen.  Cannot do anything.
  rlm_radumtp: WARNING: checkrad will probably not work!
  modcall[accounting]: module "radutmp" returns noop for request 21
radius_xlat:  'bnickaes'
rlm_sql (sql): sql_set_user escaped user --> 'bnickaes'
radius_xlat:  'UPDATE radacct           SET FramedIPAddress = '',
AcctSessionTime = '6',           AcctInputOctets = '1350',
AcctOutputOctets = '1192', ?  AcctStopTime =
FROM_UNIXTIME(UNIX_TIMESTAMP(`AcctStartTime`) + `AcctSessionTime` )
WHERE UserName = 'bnickaes'           AND AcctStopTime= '0000-00-00
00:00:00' '
radius_xlat:  '/var/log/radius/sqltrace.sql'
rlm_sql (sql): Reserving sql socket id: 2
rlm_sql_mysql: query:  UPDATE radacct           SET FramedIPAddress = '',
AcctSessionTime = '6',           AcctInputOctets = '1350',
AcctOutputOctets = '1192', ?  AcctStopTime =
FROM_UNIXTIME(UNIX_TIMESTAMP(`AcctStartTime`) + `AcctSessionTime` )
WHERE UserName = 'bnickaes'           AND AcctStopTime= '0000-00-00
00:00:00'
rlm_sql (sql): Released sql socket id: 2
  modcall[accounting]: module "sql" returns ok for request 21
modcall: leaving group accounting (returns ok) for request 21
Sending Accounting-Response of id 45 to 192.168.1.6 port 1028
Finished request 21
Going to the next request
--- Walking the entire request list ---
Cleaning up request 11 ID 35 with timestamp 4736e98b
Cleaning up request 12 ID 36 with timestamp 4736e98b
Cleaning up request 13 ID 37 with timestamp 4736e98b
Cleaning up request 14 ID 38 with timestamp 4736e98b
Cleaning up request 15 ID 39 with timestamp 4736e98b
Cleaning up request 16 ID 40 with timestamp 4736e98b
Cleaning up request 17 ID 41 with timestamp 4736e98b
Cleaning up request 18 ID 42 with timestamp 4736e98b
Cleaning up request 19 ID 43 with timestamp 4736e98b
Cleaning up request 20 ID 44 with timestamp 4736e98b
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 21 ID 45 with timestamp 4736e991
Nothing to do.  Sleeping until we see a request.



-----Ursprüngliche Nachricht-----
Von: freeradius-users-bounces at lists.freeradius.org
[mailto:freeradius-users-bounces at lists.freeradius.org] Im Auftrag von Alan
DeKok
Gesendet: Sonntag, 11. November 2007 14:23
An: FreeRadius users mailing list
Betreff: Re: Still no authentication

Bernd wrote:
> When I try to connect to my Network with a Laptop (certs installed) using
> PEAP (MSCHAPv2), the Laptop finds the WLAN, I am asked to type in my
> username and PW and - it does not work. 

  Windows, right?
...

> Sending Access-Challenge of id 36 to 192.168.1.6 port 1027
...
> And so on...
> 
> Can someone help me please...I don't know whats wrong there.

  Read eap.conf.  It describes this exact problem.  See also the FAQ,
about PEAP not working.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html





More information about the Freeradius-Users mailing list