802.1x+WLAN and radtest

Dr.Peer-Joachim Koch pkoch at bgc-jena.mpg.de
Wed Apr 23 14:25:23 CEST 2008 

Hi,

enclose the output from radiusd -X

first using radtest, the switching on the WLAN with the
same useranme and password:

=====================radiusd -X out================================

rad_recv: Access-Request packet from host 141.5.16.151:2234, id=228, 
length=68
         User-Name = "pkoch at ice.mpg.de"
         User-Password = "PASSWD"
         NAS-IP-Address = 255.255.255.255
         NAS-Port = 1
   Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 7
   modcall[authorize]: module "preprocess" returns ok for request 7
radius_xlat:  '/var/log/radius/radacct/141.5.16.151/auth-detail-20080423'
rlm_detail: 
/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands 
to /var/log/radius/radacct/141.5.16.151/auth-detail-20080423
   modcall[authorize]: module "auth_log" returns ok for request 7
   modcall[authorize]: module "mschap" returns noop for request 7
     rlm_realm: Looking up realm "ice.mpg.de" for User-Name = 
"pkoch at ice.mpg.de"
     rlm_realm: Found realm "DEFAULT"
     rlm_realm: Proxying request from user pkoch to realm DEFAULT
     rlm_realm: Adding Realm = "DEFAULT"
     rlm_realm: Preparing to proxy authentication request to realm "DEFAULT"
   modcall[authorize]: module "suffix" returns updated for request 7
   rlm_eap: No EAP-Message, not doing EAP
   modcall[authorize]: module "eap" returns noop for request 7
   modcall[authorize]: module "files" returns notfound for request 7
rlm_ldap: - authorize
rlm_ldap: performing user authorization for pkoch at ice.mpg.de
radius_xlat:  'uid=_'
radius_xlat:  'dc=bgc-jena, dc=mpg, dc=de'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=bgc-jena, dc=mpg, dc=de, with filter uid=_
rlm_ldap: object not found or got ambiguous search result
rlm_ldap: search failed
rlm_ldap: ldap_release_conn: Release Id: 0
   modcall[authorize]: module "ldap" returns notfound for request 7
modcall: leaving group authorize (returns updated) for request 7
Sending Access-Request of id 6 to 193.174.75.134 port 1812
         User-Name = "pkoch at ice.mpg.de"
         User-Password = "PASSWD"
         NAS-IP-Address = 255.255.255.255
         NAS-Port = 1
         Proxy-State = 0x323238
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Accept packet from host 193.174.75.134:1812, id=6, 
length=25
         Proxy-State = 0x323238
   Processing the post-proxy section of radiusd.conf
modcall: entering group post-proxy for request 7
  attr_filter: Matched entry DEFAULT at line 103
   modcall[post-proxy]: module "attr_filter" returns updated for request 7
   modcall[post-proxy]: module "eap" returns noop for request 7
modcall: leaving group post-proxy (returns updated) for request 7
   Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 7
   modcall[authorize]: module "preprocess" returns ok for request 7
radius_xlat:  '/var/log/radius/radacct/141.5.16.151/auth-detail-20080423'
rlm_detail: 
/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands 
to /var/log/radius/radacct/141.5.16.151/auth-detail-20080423
   modcall[authorize]: module "auth_log" returns ok for request 7
   modcall[authorize]: module "mschap" returns noop for request 7
     rlm_realm: Proxy reply, or no User-Name.  Ignoring.
   modcall[authorize]: module "suffix" returns noop for request 7
   modcall[authorize]: module "eap" returns noop for request 7
   modcall[authorize]: module "files" returns notfound for request 7
rlm_ldap: - authorize
rlm_ldap: performing user authorization for pkoch at ice.mpg.de
radius_xlat:  'uid=_'
radius_xlat:  'dc=bgc-jena, dc=mpg, dc=de'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=bgc-jena, dc=mpg, dc=de, with filter uid=_
rlm_ldap: object not found or got ambiguous search result
rlm_ldap: search failed
rlm_ldap: ldap_release_conn: Release Id: 0
   modcall[authorize]: module "ldap" returns notfound for request 7
modcall: leaving group authorize (returns ok) for request 7
   rad_check_password:  Found Auth-Type
   rad_check_password: Auth-Type = Accept, accepting the user
   Processing the post-auth section of radiusd.conf
modcall: entering group post-auth for request 7
   modcall[post-auth]: module "ldap" returns noop for request 7
modcall: leaving group post-auth (returns noop) for request 7
Sending Access-Accept of id 228 to 141.5.16.151 port 2234
Finished request 7
Going to the next request
Waking up in 6 seconds...




===========Now the same over WLAN===========================

--- Walking the entire request list ---
Cleaning up request 7 ID 228 with timestamp 480f2719
Nothing to do.  Sleeping until we see a request.



rad_recv: Access-Request packet from host 141.5.16.23:20008, id=173, 
length=201
         User-Name = "pkoch at ice.mpg.de"
         MS-CHAP-Challenge = 0x04138c9db743bfbb843010bf7f8389aa
         MS-CHAP2-Response = 
0x00004a15d8a0523caab6ba7b2197599aa36f0000000000000000ee86063cd18395098328358032bf767fbc1bcb2c6ce3a658
         NAS-Port-Id = "2084/1"
         Calling-Station-Id = "00-13-CE-95-17-E8"
         Called-Station-Id = "00-0B-0E-33-71-80:eduroam"
         NAS-Port = 15439
         NAS-Port-Type = Wireless-802.11
         NAS-Identifier = "Trapeze"
         NAS-IP-Address = 141.5.16.23
   Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 8
   modcall[authorize]: module "preprocess" returns ok for request 8
radius_xlat:  '/var/log/radius/radacct/141.5.16.23/auth-detail-20080423'
rlm_detail: 
/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands 
to /var/log/radius/radacct/141.5.16.23/auth-detail-20080423
   modcall[authorize]: module "auth_log" returns ok for request 8
   rlm_mschap: Found MS-CHAP attributes.  Setting 'Auth-Type  = MS-CHAP'
   modcall[authorize]: module "mschap" returns ok for request 8
     rlm_realm: Looking up realm "ice.mpg.de" for User-Name = 
"pkoch at ice.mpg.de"
     rlm_realm: Found realm "DEFAULT"
     rlm_realm: Proxying request from user pkoch to realm DEFAULT
     rlm_realm: Adding Realm = "DEFAULT"
     rlm_realm: Preparing to proxy authentication request to realm "DEFAULT"
   modcall[authorize]: module "suffix" returns updated for request 8
   rlm_eap: No EAP-Message, not doing EAP
   modcall[authorize]: module "eap" returns noop for request 8
   modcall[authorize]: module "files" returns notfound for request 8
rlm_ldap: - authorize
rlm_ldap: performing user authorization for pkoch at ice.mpg.de
radius_xlat:  'uid=_'
radius_xlat:  'dc=bgc-jena, dc=mpg, dc=de'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=bgc-jena, dc=mpg, dc=de, with filter uid=_
rlm_ldap: object not found or got ambiguous search result
rlm_ldap: search failed
rlm_ldap: ldap_release_conn: Release Id: 0
   modcall[authorize]: module "ldap" returns notfound for request 8
modcall: leaving group authorize (returns updated) for request 8
Sending Access-Request of id 7 to 193.174.75.134 port 1812
         User-Name = "pkoch at ice.mpg.de"
         MS-CHAP-Challenge = 0x04138c9db743bfbb843010bf7f8389aa
         MS-CHAP2-Response = 
0x00004a15d8a0523caab6ba7b2197599aa36f0000000000000000ee86063cd18395098328358032bf767fbc1bcb2c6ce3a658
         NAS-Port-Id = "2084/1"
         Calling-Station-Id = "00-13-CE-95-17-E8"
         Called-Station-Id = "00-0B-0E-33-71-80:eduroam"
         NAS-Port = 15439
         NAS-Port-Type = Wireless-802.11
         NAS-Identifier = "Trapeze"
         NAS-IP-Address = 141.5.16.23
         Proxy-State = 0x313733
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 141.5.16.23:20008, id=173, 
length=201
Ignoring duplicate packet from client gaia:20008 - ID: 173, due to 
outstanding proxied request 8.
--- Walking the entire request list ---
Waking up in 1 seconds...
rad_recv: Access-Reject packet from host 193.174.75.134:1812, id=7, 
length=41
         Reply-Message = "Request Denied"
         Proxy-State = 0x313733
   Processing the post-proxy section of radiusd.conf
modcall: entering group post-proxy for request 8
  attr_filter: Matched entry DEFAULT at line 103
   modcall[post-proxy]: module "attr_filter" returns updated for request 8
   modcall[post-proxy]: module "eap" returns noop for request 8
modcall: leaving group post-proxy (returns updated) for request 8
   Found Post-Auth-Type
   Processing the post-auth section of radiusd.conf
modcall: entering group REJECT for request 8
   modcall[post-auth]: module "ldap" returns noop for request 8
modcall: leaving group REJECT (returns noop) for request 8
Delaying request 8 for 1 seconds
Finished request 8
Going to the next request
Waking up in 1 seconds...


Ivan Kalik schrieb:
> radiusd -X
> 
> Ivan Kalik
> Kalik Informatika ISP
> 
> 


-- 
Mit freundlichem Gruss
     Peer-Joachim Koch
_________________________________________________________
Max-Planck-Institut fuer Biogeochemie
Dr. Peer-Joachim Koch
Hans-Knöll Str.10            Telefon: ++49 3641 57-6705
D-07745 Jena                 Telefax: ++49 3641 57-7705

More information about the Freeradius-Users mailing list