NAS-IP-Address, rlm_perl, and loopback

Adam W. Sewell awsewell at catawba.edu
Thu Aug 21 19:20:52 CEST 2008


> > This also leads into the second issue I'm having that when
> > the perl script does run, it doesn't always pass the same
> > data in the NAS-IP-Address variable. Half the time it is the
> > correct information and half the time it is 127.0.0.1.
> 
>   Go read the debug output.  The NAS-IP-Address is sent by the NAS.
> It's not invented by the server.  There's no magic here.
> 
>   If the NAS-IP-Address is different from packet to packet, it's likely
> because the NAS is *sending* it differently for each packet.
> 
>   If there are multiple packets for one "authentication" session, it's
> because you're doing EAP... which takes multiple round trips.  Again,
> read the debugging output to see what's going on.

I am using PEAP/MsChapv2.

>   Perhaps you could try talking about what you *want* to have happen,
> rather than wondering why the server doesn't work the way you expect.
> The server is doing exactly the right thing for the authentication
> protocol you're using, and is doing exactly what you told it to do.

I am using a perl script to authorize the user access to the network based on some information that is pulled out of a database via our perl script. This part is working ok. What I want to happen is with the NAS-IP-Address being sent back, I can tell the port on the switch (NAS) which policy this person should have. This would work great if I could get some consistent data from the NAS. 

Below are some excerpts from debug log and a log of the variables in RAD_REQUEST for one of our test users. I've looked through the logs and all I can come up with is that it looks like some of the packets are being proxyed even though I have proxy turned off in the radius.conf file and have the proxy.conf file commented out.  

----------------------
Debug: 
----------------------
Thu Aug 21 12:57:15 2008 : rad_recv: Access-Request packet from host 192.168.0.1:1212, id=248, length=151
Thu Aug 21 12:57:15 2008 : 	Message-Authenticator = 0xd4a6f83dee299957e58e7ad71fb484b6
Thu Aug 21 12:57:15 2008 : 	User-Name = "test_user"
Thu Aug 21 12:57:15 2008 : 	NAS-IP-Address = 192.168.0.1
Thu Aug 21 12:57:15 2008 : 	NAS-Port = 8
Thu Aug 21 12:57:15 2008 : 	NAS-Port-Type = Ethernet
Thu Aug 21 12:57:15 2008 : 	Calling-Station-Id = "00-03-25-12-39-09"
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x0201000d016a6d63646f77656c
Thu Aug 21 12:57:15 2008 : 	Framed-MTU = 1000
Thu Aug 21 12:57:15 2008 : 	Called-Station-Id = "0001F4-7A-06-60\0009"
Thu Aug 21 12:57:15 2008 : 	NAS-Identifier = "BZRBAS_09614_M80"
Thu Aug 21 12:57:15 2008 : 	NAS-Port-Id = "fe.0.8"
Thu Aug 21 12:57:15 2008 : Using perl at 0x80116518
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Filter-Id = Enterasys:version=1:policy=CCP_Student
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Cleartext-Password = USERPASS
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Auth-Type = EAP
Thu Aug 21 12:57:15 2008 : Sending Access-Challenge of id 248 to 192.168.0.1 port 1212
Thu Aug 21 12:57:15 2008 : 	Filter-Id = "Enterasys:version=1:policy=CCP_Student"
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x010200061920
Thu Aug 21 12:57:15 2008 : 	Message-Authenticator = 0x00000000000000000000000000000000
Thu Aug 21 12:57:15 2008 : 	State = 0xad137155784feb70aaf74d3c65a9a86e
Thu Aug 21 12:57:15 2008 : rad_recv: Access-Request packet from host 192.168.0.1:1212, id=249, length=248
Thu Aug 21 12:57:15 2008 : 	Message-Authenticator = 0x07f9f250ad693b0842998be1dda18420
Thu Aug 21 12:57:15 2008 : 	User-Name = "test_user"
Thu Aug 21 12:57:15 2008 : 	State = 0xad137155784feb70aaf74d3c65a9a86e
Thu Aug 21 12:57:15 2008 : 	NAS-IP-Address = 192.168.0.1
Thu Aug 21 12:57:15 2008 : 	NAS-Port = 8
Thu Aug 21 12:57:15 2008 : 	NAS-Port-Type = Ethernet
Thu Aug 21 12:57:15 2008 : 	Calling-Station-Id = "00-03-25-12-39-09"
Thu Aug 21 12:57:15 2008 : 	Called-Station-Id = "00-01-F4-7A-06-60"
Thu Aug 21 12:57:15 2008 : 	Framed-MTU = 1000
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x0202005c190016030100510100004d030148ad9e3eee721642dca72c79e437cd5e18483257e35b2933d1b1bf7c255d087300002600390038003500160013000a00330032002f00050004001500120009001400110008000600030100
Thu Aug 21 12:57:15 2008 : 	NAS-Identifier = "BZRBAS_09614_M80"
Thu Aug 21 12:57:15 2008 : 	NAS-Port-Id = "fe.0.8"
Thu Aug 21 12:57:15 2008 : Using perl at 0x80116518
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Filter-Id = Enterasys:version=1:policy=CCP_Student
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Cleartext-Password = USERPASS
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Auth-Type = EAP
Thu Aug 21 12:57:15 2008 : Sending Access-Challenge of id 249 to 192.168.0.1 port 1212
Thu Aug 21 12:57:15 2008 : 	Filter-Id = "Enterasys:version=1:policy=CCP_Student"
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x010303e419c0000006f1160301004a02000046030148ad9e6bfdc4f38a98c79b19ac33e3d798da798cc40d26165353af83871e163f207e014833d90a269c310638cd1b6fee1277289e6dec47756ed80c84cb99bca26f00350016030106940b00069000068d0002cd308202c930820232a003020102020102300d06092a864886f70d010104050030819f310b30090603550406130243413111300f0603550408130850726f76696e63653112301006035504071309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f6e31123010060355040b13096c6f63616c686f7374311b301906035504031312436c69656e74206365
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x7274696669636174653121301f06092a864886f70d0109011612636c69656e74406578616d706c652e636f6d301e170d3034303132353133323631305a170d3035303132343133323631305a30819b310b30090603550406130243413111300f0603550408130850726f76696e63653112301006035504071309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f6e31123010060355040b13096c6f63616c686f73743119301706035504031310526f6f74206365727469666963617465311f301d06092a864886f70d0109011610726f6f74406578616d706c652e636f6d30819f300d06092a864886f70d010101050003
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x818d0030818902818100dac525422bfedb082629a2cba44b3449c90d0ab462fb72c8434a782098863d7eb7d7e70028c2b7ad555a51cc756cf4fa1d7091615ab450d5289553ae6616aff014a55085d6b8fb4aee98638e426175cdd36c665c63cda177d34920eb30585edc8773999c2980f81ad4638bbbea1c82d054023db7ef24a3ec1c3f6241a903d7f30203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d0101040500038181007a2d921b1cf13bf2982a9178ec9ede6d88edc178a2e8bd40a0a06fb6f0769957884cd7084537083496fd184165293f583c8e8240eb68e042c94b15752e4c07e80d09
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x779afa3dd55c24fa54ac292d77205d1c2477ed30d59f57caf9bd21ff2a8d16cc0911c50e4f295763fcb60efa3c3d2d0e43850f6e6fbe284902f6e83503650003ba308203b63082031fa003020102020100300d06092a864886f70d010104050030819f310b30090603550406130243413111300f0603550408130850726f76696e63653112301006035504071309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f6e31123010060355040b13096c6f63616c686f7374311b301906035504031312436c69656e742063657274696669636174653121301f06092a864886f70d0109
Thu Aug 21 12:57:15 2008 : 	Message-Authenticator = 0x00000000000000000000000000000000
Thu Aug 21 12:57:15 2008 : 	State = 0x2eefe560f2b69a3fa21bd3b283bdea79
Thu Aug 21 12:57:15 2008 : rad_recv: Access-Request packet from host 192.168.0.1:1212, id=250, length=162
Thu Aug 21 12:57:15 2008 : 	Message-Authenticator = 0x8db5a2e81990cfddf03a87f13f0c4e1d
Thu Aug 21 12:57:15 2008 : 	User-Name = "test_user"
Thu Aug 21 12:57:15 2008 : 	State = 0x2eefe560f2b69a3fa21bd3b283bdea79
Thu Aug 21 12:57:15 2008 : 	NAS-IP-Address = 192.168.0.1
Thu Aug 21 12:57:15 2008 : 	NAS-Port = 8
Thu Aug 21 12:57:15 2008 : 	NAS-Port-Type = Ethernet
Thu Aug 21 12:57:15 2008 : 	Calling-Station-Id = "00-03-25-12-39-09"
Thu Aug 21 12:57:15 2008 : 	Called-Station-Id = "00-01-F4-7A-06-60"
Thu Aug 21 12:57:15 2008 : 	Framed-MTU = 1000
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x020300061900
Thu Aug 21 12:57:15 2008 : 	NAS-Identifier = "BZRBAS_09614_M80"
Thu Aug 21 12:57:15 2008 : 	NAS-Port-Id = "fe.0.8"
Thu Aug 21 12:57:15 2008 : Using perl at 0x80116518
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Filter-Id = Enterasys:version=1:policy=CCP_Student
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Cleartext-Password = USERPASS
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Auth-Type = EAP
Thu Aug 21 12:57:15 2008 : Sending Access-Challenge of id 250 to 192.168.0.1 port 1212
Thu Aug 21 12:57:15 2008 : 	Filter-Id = "Enterasys:version=1:policy=CCP_Student"
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x0104031d1900011612636c69656e74406578616d706c652e636f6d301e170d3034303132353133323630375a170d3036303132343133323630375a30819f310b30090603550406130243413111300f0603550408130850726f76696e63653112301006035504071309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f6e31123010060355040b13096c6f63616c686f7374311b301906035504031312436c69656e742063657274696669636174653121301f06092a864886f70d0109011612636c69656e74406578616d706c652e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100d4c5b1
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x9724f164acf1ffb189db1c8fbff4f14396ea7cb1e90f78d69451725377895dfe52ccb99b41e80ddeb58b127a943f4f58cbc562878192fbdc6fece9f871e7c130d35cf5188817e9b133249edd2a1c75d31043ae87553cec7a77ef26aa7d74281db9b77e17c6446c5dd9b188b43250ca0229963722a123a726b00b4027fd0203010001a381ff3081fc301d0603551d0e0416041468d36d3e1ee7bc9d5a057021c363da1365d1ade33081cc0603551d230481c43081c1801468d36d3e1ee7bc9d5a057021c363da1365d1ade3a181a5a481a230819f310b30090603550406130243413111300f0603550408130850726f76696e6365311230100603550407
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x1309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f6e31123010060355040b13096c6f63616c686f7374311b301906035504031312436c69656e742063657274696669636174653121301f06092a864886f70d0109011612636c69656e74406578616d706c652e636f6d820100300c0603551d13040530030101ff300d06092a864886f70d01010405000381810033c00b66b1e579ef73a06798252dab8d5e5511fc00fd276d80d12f834777c6743fdc2743fca1507704e4bc0979e4f60ac3ad9ee83e6f347369229d1f77229ba2e982359da563024a00163dba6d6c986c0bad28af85132ff8f0d76501bf1b7c2dff658c
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0xe1e62c01997b6e64e3e8d4373354ce9912847651539063b85bbc5485c516030100040e000000
Thu Aug 21 12:57:15 2008 : 	Message-Authenticator = 0x00000000000000000000000000000000
Thu Aug 21 12:57:15 2008 : 	State = 0x876eafb8eaa34f7a92909f47ff37535a
Thu Aug 21 12:57:15 2008 : rad_recv: Access-Request packet from host 192.168.0.1:1212, id=251, length=360
Thu Aug 21 12:57:15 2008 : 	Message-Authenticator = 0x34ddf22633e56e2571435bae935e3ebc
Thu Aug 21 12:57:15 2008 : 	User-Name = "test_user"
Thu Aug 21 12:57:15 2008 : 	State = 0x876eafb8eaa34f7a92909f47ff37535a
Thu Aug 21 12:57:15 2008 : 	NAS-IP-Address = 192.168.0.1
Thu Aug 21 12:57:15 2008 : 	NAS-Port = 8
Thu Aug 21 12:57:15 2008 : 	NAS-Port-Type = Ethernet
Thu Aug 21 12:57:15 2008 : 	Calling-Station-Id = "00-03-25-12-39-09"
Thu Aug 21 12:57:15 2008 : 	Called-Station-Id = "00-01-F4-7A-06-60"
Thu Aug 21 12:57:15 2008 : 	Framed-MTU = 1000
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x020400cc19001603010086100000820080a8f57977511dd6abfcae0544bf8d4eac67a3ce02430f91fa933266f9adc4a7b3da3b99f26d584eb8e75a765420f0a6abd3b9db96ede6a4ce8663b74ae828f6b8f2fd54e194be9b710df180c4390f1e8d658b2e24b5d2490c51c70d667051e4fe6c4ab31df13b957f1a51010a28dc38e2f151f008bc08d573ccb964fa91a8f992140301000101160301003006481d8c90ae1fb5bff4c87c5061af65b991a8187e251e42401f5f76bd0a8ecb8edfb3f74e9b0f898dc99935bf87efbb
Thu Aug 21 12:57:15 2008 : 	NAS-Identifier = "BZRBAS_09614_M80"
Thu Aug 21 12:57:15 2008 : 	NAS-Port-Id = "fe.0.8"
Thu Aug 21 12:57:15 2008 : Using perl at 0x80116518
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Filter-Id = Enterasys:version=1:policy=CCP_Student
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Cleartext-Password = USERPASS
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Auth-Type = EAP
Thu Aug 21 12:57:15 2008 : Sending Access-Challenge of id 251 to 192.168.0.1 port 1212
Thu Aug 21 12:57:15 2008 : 	Filter-Id = "Enterasys:version=1:policy=CCP_Student"
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x01050041190014030100010116030100307509549592e338e0b2e3d3b264a736005b3dc40f23231ee3a4c65b9e7f4831e28595d1db0c59e4c66c98c83307134358
Thu Aug 21 12:57:15 2008 : 	Message-Authenticator = 0x00000000000000000000000000000000
Thu Aug 21 12:57:15 2008 : 	State = 0x8dc608afd959f1ba53aa6b8de3d8c918
Thu Aug 21 12:57:15 2008 : rad_recv: Access-Request packet from host 192.168.0.1:1212, id=252, length=162
Thu Aug 21 12:57:15 2008 : 	Message-Authenticator = 0x15bf008081bf00ba89518d806f6e5ae1
Thu Aug 21 12:57:15 2008 : 	User-Name = "test_user"
Thu Aug 21 12:57:15 2008 : 	State = 0x8dc608afd959f1ba53aa6b8de3d8c918
Thu Aug 21 12:57:15 2008 : 	NAS-IP-Address = 192.168.0.1
Thu Aug 21 12:57:15 2008 : 	NAS-Port = 8
Thu Aug 21 12:57:15 2008 : 	NAS-Port-Type = Ethernet
Thu Aug 21 12:57:15 2008 : 	Calling-Station-Id = "00-03-25-12-39-09"
Thu Aug 21 12:57:15 2008 : 	Called-Station-Id = "00-01-F4-7A-06-60"
Thu Aug 21 12:57:15 2008 : 	Framed-MTU = 1000
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x020500061900
Thu Aug 21 12:57:15 2008 : 	NAS-Identifier = "BZRBAS_09614_M80"
Thu Aug 21 12:57:15 2008 : 	NAS-Port-Id = "fe.0.8"
Thu Aug 21 12:57:15 2008 : Using perl at 0x80116518
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Filter-Id = Enterasys:version=1:policy=CCP_Student
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Cleartext-Password = USERPASS
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Auth-Type = EAP
Thu Aug 21 12:57:15 2008 : Sending Access-Challenge of id 252 to 192.168.0.1 port 1212
Thu Aug 21 12:57:15 2008 : 	Filter-Id = "Enterasys:version=1:policy=CCP_Student"
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x0106002b190017030100205d6f2abfcaec20d3a9ab694c8c5fa8b1c35d976bd7beb3eca34e1e4ef5d3788c
Thu Aug 21 12:57:15 2008 : 	Message-Authenticator = 0x00000000000000000000000000000000
Thu Aug 21 12:57:15 2008 : 	State = 0x65a71246117c3fbc0bfe115d878d263f
Thu Aug 21 12:57:15 2008 : rad_recv: Access-Request packet from host 192.168.0.1:1212, id=253, length=236
Thu Aug 21 12:57:15 2008 : 	Message-Authenticator = 0x967b435c8686caa56358fcb3adfa3b7c
Thu Aug 21 12:57:15 2008 : 	User-Name = "test_user"
Thu Aug 21 12:57:15 2008 : 	State = 0x65a71246117c3fbc0bfe115d878d263f
Thu Aug 21 12:57:15 2008 : 	NAS-IP-Address = 192.168.0.1
Thu Aug 21 12:57:15 2008 : 	NAS-Port = 8
Thu Aug 21 12:57:15 2008 : 	NAS-Port-Type = Ethernet
Thu Aug 21 12:57:15 2008 : 	Calling-Station-Id = "00-03-25-12-39-09"
Thu Aug 21 12:57:15 2008 : 	Called-Station-Id = "00-01-F4-7A-06-60"
Thu Aug 21 12:57:15 2008 : 	Framed-MTU = 1000
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x0206005019001703010020a21f6678d5b4dfdf217c7affd3ab7621c88b3a9a1cf44b2e1692419c4002a249170301002067abe49ea2438f891a76337afbdda2fc12126725c01a20c9c93c8600aee0751b
Thu Aug 21 12:57:15 2008 : 	NAS-Identifier = "BZRBAS_09614_M80"
Thu Aug 21 12:57:15 2008 : 	NAS-Port-Id = "fe.0.8"
Thu Aug 21 12:57:15 2008 : Using perl at 0x80116518
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Filter-Id = Enterasys:version=1:policy=CCP_Student
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Cleartext-Password = USERPASS
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Auth-Type = EAP
Thu Aug 21 12:57:15 2008 : Using perl at 0x80116518
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Filter-Id = Enterasys:version=1:policy=CCP_Student
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Cleartext-Password = USERPASS
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Auth-Type = EAP
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair EAP-Type = MS-CHAP-V2
Thu Aug 21 12:57:15 2008 : rlm_eap_mschapv2: Issuing Challenge
Thu Aug 21 12:57:15 2008 : Sending Access-Challenge of id 253 to 192.168.0.1 port 1212
Thu Aug 21 12:57:15 2008 : 	Filter-Id = "Enterasys:version=1:policy=CCP_Student"
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x0107004b19001703010040bd7578d72dd8e59dc2b49b67f7eb16afc6d7cd2d36a560765ce1022d5c448130493a67920d798fd5c26832ba8605659a9d053c455c4c006a8c83c264a3f7f20d
Thu Aug 21 12:57:15 2008 : 	Message-Authenticator = 0x00000000000000000000000000000000
Thu Aug 21 12:57:15 2008 : 	State = 0xb6f3bb628d6efa48f69f3706b79ed094
Thu Aug 21 12:57:15 2008 : rad_recv: Access-Request packet from host 192.168.0.1:1212, id=254, length=300
Thu Aug 21 12:57:15 2008 : 	Message-Authenticator = 0x5ffa7a0d302107e589272a5750a648d6
Thu Aug 21 12:57:15 2008 : 	User-Name = "test_user"
Thu Aug 21 12:57:15 2008 : 	State = 0xb6f3bb628d6efa48f69f3706b79ed094
Thu Aug 21 12:57:15 2008 : 	NAS-IP-Address = 192.168.0.1
Thu Aug 21 12:57:15 2008 : 	NAS-Port = 8
Thu Aug 21 12:57:15 2008 : 	NAS-Port-Type = Ethernet
Thu Aug 21 12:57:15 2008 : 	Calling-Station-Id = "00-03-25-12-39-09"
Thu Aug 21 12:57:15 2008 : 	Called-Station-Id = "00-01-F4-7A-06-60"
Thu Aug 21 12:57:15 2008 : 	Framed-MTU = 1000
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x0207009019001703010020763bbe0def6759f4e18446dbd000bec6a152cff634d2ed3972836148d4c0e0b2170301006084569e79ab4b3bc5a5aae995e1a5a368f28ba4b47f793025f06e6bad5366ef15305565c0ee11847af85a134ff1e1dae5d65ae59f47e3d821892a401efe6cbb07a4b6f5d7e4f05f588470938a733610f2b59330f82df1e19b10cfb90d152ee3b0
Thu Aug 21 12:57:15 2008 : 	NAS-Identifier = "BZRBAS_09614_M80"
Thu Aug 21 12:57:15 2008 : 	NAS-Port-Id = "fe.0.8"
Thu Aug 21 12:57:15 2008 : Using perl at 0x80116518
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Filter-Id = Enterasys:version=1:policy=CCP_Student
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Cleartext-Password = USERPASS
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Auth-Type = EAP
Thu Aug 21 12:57:15 2008 : Using perl at 0x80116518
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Filter-Id = Enterasys:version=1:policy=CCP_Student
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Cleartext-Password = USERPASS
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Auth-Type = EAP
Thu Aug 21 12:57:15 2008 : Sending Access-Challenge of id 254 to 192.168.0.1 port 1212
Thu Aug 21 12:57:15 2008 : 	Filter-Id = "Enterasys:version=1:policy=CCP_Student"
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x0108005b19001703010050fd6c0d5ef5a9f4f70a94f414ea0912381b75722720531e89fee49958fc6e9687bc91690f07a7a0c347196354e7087d7bf1c067e6c7313f28b42a7d67b0c3deaf90615934b7ae8fe16f8a9920db9a3060
Thu Aug 21 12:57:15 2008 : 	Message-Authenticator = 0x00000000000000000000000000000000
Thu Aug 21 12:57:15 2008 : 	State = 0xf164f4200735a7a9a87e1e2452c6ddb8
Thu Aug 21 12:57:15 2008 : rad_recv: Access-Request packet from host 192.168.0.1:1212, id=255, length=236
Thu Aug 21 12:57:15 2008 : 	Message-Authenticator = 0xfd4d4483941bac63b09b06a58039c7ed
Thu Aug 21 12:57:15 2008 : 	User-Name = "test_user"
Thu Aug 21 12:57:15 2008 : 	State = 0xf164f4200735a7a9a87e1e2452c6ddb8
Thu Aug 21 12:57:15 2008 : 	NAS-IP-Address = 192.168.0.1
Thu Aug 21 12:57:15 2008 : 	NAS-Port = 8
Thu Aug 21 12:57:15 2008 : 	NAS-Port-Type = Ethernet
Thu Aug 21 12:57:15 2008 : 	Calling-Station-Id = "00-03-25-12-39-09"
Thu Aug 21 12:57:15 2008 : 	Called-Station-Id = "00-01-F4-7A-06-60"
Thu Aug 21 12:57:15 2008 : 	Framed-MTU = 1000
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x0208005019001703010020a53ef3c4651c000c8bdd50da2b4e57cd9f0c4b3ebdc3416f9d02e47456276bb717030100200ae4ccd0e0f7ebf45e6b841b1d45c1172c117cf0164de9685b844ef45637e694
Thu Aug 21 12:57:15 2008 : 	NAS-Identifier = "BZRBAS_09614_M80"
Thu Aug 21 12:57:15 2008 : 	NAS-Port-Id = "fe.0.8"
Thu Aug 21 12:57:15 2008 : Using perl at 0x80116518
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Filter-Id = Enterasys:version=1:policy=CCP_Student
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Cleartext-Password = USERPASS
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Auth-Type = EAP
Thu Aug 21 12:57:15 2008 : Using perl at 0x80116518
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Filter-Id = Enterasys:version=1:policy=CCP_Student
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Cleartext-Password = USERPASS
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Auth-Type = EAP
Thu Aug 21 12:57:15 2008 : Trying to look up name of unknown client 127.0.0.1. 
Thu Aug 21 12:57:15 2008 : Login OK: [test_user] (from client UNKNOWN-CLIENT port 0)
Thu Aug 21 12:57:15 2008 : Sending Access-Challenge of id 255 to 192.168.0.1 port 1212
Thu Aug 21 12:57:15 2008 : 	Filter-Id = "Enterasys:version=1:policy=CCP_Student"
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x0109002b190017030100206d7fb91b133883f0cb531cedbc147922386ee5635549691c9e4d0e5ba46fffb9
Thu Aug 21 12:57:15 2008 : 	Message-Authenticator = 0x00000000000000000000000000000000
Thu Aug 21 12:57:15 2008 : 	State = 0x3266fdeac3871e835b7c53d1a3870fb8
Thu Aug 21 12:57:15 2008 : rad_recv: Access-Request packet from host 192.168.0.1:1212, id=0, length=236
Thu Aug 21 12:57:15 2008 : 	Message-Authenticator = 0x19606efc98ecd138cf28570fccd09519
Thu Aug 21 12:57:15 2008 : 	User-Name = "test_user"
Thu Aug 21 12:57:15 2008 : 	State = 0x3266fdeac3871e835b7c53d1a3870fb8
Thu Aug 21 12:57:15 2008 : 	NAS-IP-Address = 192.168.0.1
Thu Aug 21 12:57:15 2008 : 	NAS-Port = 8
Thu Aug 21 12:57:15 2008 : 	NAS-Port-Type = Ethernet
Thu Aug 21 12:57:15 2008 : 	Calling-Station-Id = "00-03-25-12-39-09"
Thu Aug 21 12:57:15 2008 : 	Called-Station-Id = "00-01-F4-7A-06-60"
Thu Aug 21 12:57:15 2008 : 	Framed-MTU = 1000
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x0209005019001703010020abc1af43cc220992d562921d95ee36d2c35057a40babe20c3c86201525e724c517030100200109871f131fefbaedb2ea9a7cfeb6d95c0f37f9fccf2666f7633f79f10ad52d
Thu Aug 21 12:57:15 2008 : 	NAS-Identifier = "BZRBAS_09614_M80"
Thu Aug 21 12:57:15 2008 : 	NAS-Port-Id = "fe.0.8"
Thu Aug 21 12:57:15 2008 : Using perl at 0x80116518
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Filter-Id = Enterasys:version=1:policy=CCP_Student
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Cleartext-Password = USERPASS
Thu Aug 21 12:57:15 2008 : rlm_perl: Added pair Auth-Type = EAP
Thu Aug 21 12:57:15 2008 : Login OK: [test_user] (from client BZRBAS_09614_M80 port 8 cli 00-03-25-12-39-09)
Thu Aug 21 12:57:15 2008 : Sending Access-Accept of id 0 to 192.168.0.1 port 1212
Thu Aug 21 12:57:15 2008 : 	Filter-Id = "Enterasys:version=1:policy=CCP_Student"
Thu Aug 21 12:57:15 2008 : 	MS-MPPE-Recv-Key = 0xe17aa5f7a0d3118e0ff82ae015e5059ab6da0e20c4906609201c3c0857e381e1
Thu Aug 21 12:57:15 2008 : 	MS-MPPE-Send-Key = 0xf9a35ef16d862cb4270dcd627c926505c91a4ea5ff606dd6c3eadff81677ccd8
Thu Aug 21 12:57:15 2008 : 	EAP-Message = 0x03090004
Thu Aug 21 12:57:15 2008 : 	Message-Authenticator = 0x00000000000000000000000000000000
Thu Aug 21 12:57:15 2008 : 	User-Name = "test_user"

----------------------
RAD_REQUEST: 
----------------------
2008-08-21 12:57:15,test_user,CCP_Student
RAD_REQUEST: NAS-Port-Type = Ethernet
RAD_REQUEST: Called-Station-Id = 0001F4-7A-06-60\0009
RAD_REQUEST: Calling-Station-Id = 00-03-25-12-39-09
RAD_REQUEST: Message-Authenticator = 0xd4a6f83dee299957e58e7ad71fb484b6
RAD_REQUEST: Client-IP-Address = 192.168.0.1
RAD_REQUEST: User-Name = test_user
RAD_REQUEST: NAS-Identifier = BZRBAS_09614_M80
RAD_REQUEST: EAP-Message = 0x0201000d016a6d63646f77656c
RAD_REQUEST: EAP-Type = Identity
RAD_REQUEST: NAS-IP-Address = 192.168.0.1
RAD_REQUEST: NAS-Port = 8
RAD_REQUEST: NAS-Port-Id = fe.0.8
RAD_REQUEST: Framed-MTU = 1000
2008-08-21 12:57:15,test_user,CCP_Student
RAD_REQUEST: NAS-Port-Type = Ethernet
RAD_REQUEST: Called-Station-Id = 00-01-F4-7A-06-60
RAD_REQUEST: Calling-Station-Id = 00-03-25-12-39-09
RAD_REQUEST: State = 0xad137155784feb70aaf74d3c65a9a86e
RAD_REQUEST: Message-Authenticator = 0x07f9f250ad693b0842998be1dda18420
RAD_REQUEST: Client-IP-Address = 192.168.0.1
RAD_REQUEST: User-Name = test_user
RAD_REQUEST: NAS-Identifier = BZRBAS_09614_M80
RAD_REQUEST: EAP-Message = 0x0202005c190016030100510100004d030148ad9e3eee721642dca72c79e437cd5e18483257e35b2933d1b1bf7c255d087300002600390038003500160013000a00330032002f00050004001500120009001400110008000600030100
RAD_REQUEST: EAP-Type = PEAP
RAD_REQUEST: NAS-IP-Address = 192.168.0.1
RAD_REQUEST: NAS-Port = 8
RAD_REQUEST: NAS-Port-Id = fe.0.8
RAD_REQUEST: Framed-MTU = 1000
2008-08-21 12:57:15,test_user,CCP_Student
RAD_REQUEST: NAS-Port-Type = Ethernet
RAD_REQUEST: Called-Station-Id = 00-01-F4-7A-06-60
RAD_REQUEST: Calling-Station-Id = 00-03-25-12-39-09
RAD_REQUEST: State = 0x2eefe560f2b69a3fa21bd3b283bdea79
RAD_REQUEST: Message-Authenticator = 0x8db5a2e81990cfddf03a87f13f0c4e1d
RAD_REQUEST: Client-IP-Address = 192.168.0.1
RAD_REQUEST: User-Name = test_user
RAD_REQUEST: NAS-Identifier = BZRBAS_09614_M80
RAD_REQUEST: EAP-Message = 0x020300061900
RAD_REQUEST: EAP-Type = PEAP
RAD_REQUEST: NAS-IP-Address = 192.168.0.1
RAD_REQUEST: NAS-Port = 8
RAD_REQUEST: NAS-Port-Id = fe.0.8
RAD_REQUEST: Framed-MTU = 1000
2008-08-21 12:57:15,test_user,CCP_Student
RAD_REQUEST: NAS-Port-Type = Ethernet
RAD_REQUEST: Called-Station-Id = 00-01-F4-7A-06-60
RAD_REQUEST: Calling-Station-Id = 00-03-25-12-39-09
RAD_REQUEST: State = 0x876eafb8eaa34f7a92909f47ff37535a
RAD_REQUEST: Message-Authenticator = 0x34ddf22633e56e2571435bae935e3ebc
RAD_REQUEST: Client-IP-Address = 192.168.0.1
RAD_REQUEST: User-Name = test_user
RAD_REQUEST: NAS-Identifier = BZRBAS_09614_M80
RAD_REQUEST: EAP-Message = 0x020400cc19001603010086100000820080a8f57977511dd6abfcae0544bf8d4eac67a3ce02430f91fa933266f9adc4a7b3da3b99f26d584eb8e75a765420f0a6abd3b9db96ede6a4ce8663b74ae828f6b8f2fd54e194be9b710df180c4390f1e8d658b2e24b5d2490c51c70d667051e4fe6c4ab31df13b957f1a51010a28dc38e2f151f008bc08d573ccb964fa91a8f992140301000101160301003006481d8c90ae1fb5bff4c87c5061af65b991a8187e251e42401f5f76bd0a8ecb8edfb3f74e9b0f898dc99935bf87efbb
RAD_REQUEST: EAP-Type = PEAP
RAD_REQUEST: NAS-IP-Address = 192.168.0.1
RAD_REQUEST: NAS-Port = 8
RAD_REQUEST: NAS-Port-Id = fe.0.8
RAD_REQUEST: Framed-MTU = 1000
2008-08-21 12:57:15,test_user,CCP_Student
RAD_REQUEST: NAS-Port-Type = Ethernet
RAD_REQUEST: Called-Station-Id = 00-01-F4-7A-06-60
RAD_REQUEST: Calling-Station-Id = 00-03-25-12-39-09
RAD_REQUEST: State = 0x8dc608afd959f1ba53aa6b8de3d8c918
RAD_REQUEST: Message-Authenticator = 0x15bf008081bf00ba89518d806f6e5ae1
RAD_REQUEST: Client-IP-Address = 192.168.0.1
RAD_REQUEST: User-Name = test_user
RAD_REQUEST: NAS-Identifier = BZRBAS_09614_M80
RAD_REQUEST: EAP-Message = 0x020500061900
RAD_REQUEST: EAP-Type = PEAP
RAD_REQUEST: NAS-IP-Address = 192.168.0.1
RAD_REQUEST: NAS-Port = 8
RAD_REQUEST: NAS-Port-Id = fe.0.8
RAD_REQUEST: Framed-MTU = 1000
2008-08-21 12:57:15,test_user,CCP_Student
RAD_REQUEST: NAS-Port-Type = Ethernet
RAD_REQUEST: Called-Station-Id = 00-01-F4-7A-06-60
RAD_REQUEST: Calling-Station-Id = 00-03-25-12-39-09
RAD_REQUEST: State = 0x65a71246117c3fbc0bfe115d878d263f
RAD_REQUEST: Message-Authenticator = 0x967b435c8686caa56358fcb3adfa3b7c
RAD_REQUEST: Client-IP-Address = 192.168.0.1
RAD_REQUEST: User-Name = test_user
RAD_REQUEST: NAS-Identifier = BZRBAS_09614_M80
RAD_REQUEST: EAP-Message = 0x0206005019001703010020a21f6678d5b4dfdf217c7affd3ab7621c88b3a9a1cf44b2e1692419c4002a249170301002067abe49ea2438f891a76337afbdda2fc12126725c01a20c9c93c8600aee0751b
RAD_REQUEST: EAP-Type = PEAP
RAD_REQUEST: NAS-IP-Address = 192.168.0.1
RAD_REQUEST: NAS-Port = 8
RAD_REQUEST: NAS-Port-Id = fe.0.8
RAD_REQUEST: Framed-MTU = 1000
2008-08-21 12:57:15,test_user,CCP_Student
RAD_REQUEST: Client-IP-Address = 127.0.0.1
RAD_REQUEST: User-Name = test_user
RAD_REQUEST: EAP-Message = 0x0206000d016a6d63646f77656c
RAD_REQUEST: EAP-Type = Identity
RAD_REQUEST: NAS-IP-Address = 127.0.0.1
RAD_REQUEST: FreeRADIUS-Proxied-To = 127.0.0.1
2008-08-21 12:57:15,test_user,CCP_Student
RAD_REQUEST: NAS-Port-Type = Ethernet
RAD_REQUEST: Called-Station-Id = 00-01-F4-7A-06-60
RAD_REQUEST: Calling-Station-Id = 00-03-25-12-39-09
RAD_REQUEST: State = 0xb6f3bb628d6efa48f69f3706b79ed094
RAD_REQUEST: Message-Authenticator = 0x5ffa7a0d302107e589272a5750a648d6
RAD_REQUEST: Client-IP-Address = 192.168.0.1
RAD_REQUEST: User-Name = test_user
RAD_REQUEST: NAS-Identifier = BZRBAS_09614_M80
RAD_REQUEST: EAP-Message = 0x0207009019001703010020763bbe0def6759f4e18446dbd000bec6a152cff634d2ed3972836148d4c0e0b2170301006084569e79ab4b3bc5a5aae995e1a5a368f28ba4b47f793025f06e6bad5366ef15305565c0ee11847af85a134ff1e1dae5d65ae59f47e3d821892a401efe6cbb07a4b6f5d7e4f05f588470938a733610f2b59330f82df1e19b10cfb90d152ee3b0
RAD_REQUEST: EAP-Type = PEAP
RAD_REQUEST: NAS-IP-Address = 192.168.0.1
RAD_REQUEST: NAS-Port = 8
RAD_REQUEST: NAS-Port-Id = fe.0.8
RAD_REQUEST: Framed-MTU = 1000
2008-08-21 12:57:15,test_user,CCP_Student
RAD_REQUEST: Client-IP-Address = 127.0.0.1
RAD_REQUEST: User-Name = test_user
RAD_REQUEST: EAP-Message = 0x020700431a0207003e3123b418a82e7f3e728d6cc632ffc145dd00000000000000009c8c53e6fc16eaa870de2e889dc4749a339b0adaa21b4215006a6d63646f77656c
RAD_REQUEST: EAP-Type = MS-CHAP-V2
RAD_REQUEST: NAS-IP-Address = 127.0.0.1
RAD_REQUEST: State = 0x54c144dd19aa7a1fdfa77ac3576f9f7c
RAD_REQUEST: FreeRADIUS-Proxied-To = 127.0.0.1
2008-08-21 12:57:15,test_user,CCP_Student
RAD_REQUEST: NAS-Port-Type = Ethernet
RAD_REQUEST: Called-Station-Id = 00-01-F4-7A-06-60
RAD_REQUEST: Calling-Station-Id = 00-03-25-12-39-09
RAD_REQUEST: State = 0xf164f4200735a7a9a87e1e2452c6ddb8
RAD_REQUEST: Message-Authenticator = 0xfd4d4483941bac63b09b06a58039c7ed
RAD_REQUEST: Client-IP-Address = 192.168.0.1
RAD_REQUEST: User-Name = test_user
RAD_REQUEST: NAS-Identifier = BZRBAS_09614_M80
RAD_REQUEST: EAP-Message = 0x0208005019001703010020a53ef3c4651c000c8bdd50da2b4e57cd9f0c4b3ebdc3416f9d02e47456276bb717030100200ae4ccd0e0f7ebf45e6b841b1d45c1172c117cf0164de9685b844ef45637e694
RAD_REQUEST: EAP-Type = PEAP
RAD_REQUEST: NAS-IP-Address = 192.168.0.1
RAD_REQUEST: NAS-Port = 8
RAD_REQUEST: NAS-Port-Id = fe.0.8
RAD_REQUEST: Framed-MTU = 1000
2008-08-21 12:57:15,test_user,CCP_Student
RAD_REQUEST: Client-IP-Address = 127.0.0.1
RAD_REQUEST: User-Name = test_user
RAD_REQUEST: EAP-Message = 0x020800061a03
RAD_REQUEST: EAP-Type = MS-CHAP-V2
RAD_REQUEST: NAS-IP-Address = 127.0.0.1
RAD_REQUEST: State = 0x61c6aa0dd526828442aa292a7530daac
RAD_REQUEST: FreeRADIUS-Proxied-To = 127.0.0.1
2008-08-21 12:57:15,test_user,CCP_Student
RAD_REQUEST: NAS-Port-Type = Ethernet
RAD_REQUEST: Called-Station-Id = 00-01-F4-7A-06-60
RAD_REQUEST: Calling-Station-Id = 00-03-25-12-39-09
RAD_REQUEST: State = 0x3266fdeac3871e835b7c53d1a3870fb8
RAD_REQUEST: Message-Authenticator = 0x19606efc98ecd138cf28570fccd09519
RAD_REQUEST: Client-IP-Address = 192.168.0.1
RAD_REQUEST: User-Name = test_user
RAD_REQUEST: NAS-Identifier = BZRBAS_09614_M80
RAD_REQUEST: EAP-Message = 0x0209005019001703010020abc1af43cc220992d562921d95ee36d2c35057a40babe20c3c86201525e724c517030100200109871f131fefbaedb2ea9a7cfeb6d95c0f37f9fccf2666f7633f79f10ad52d
RAD_REQUEST: EAP-Type = PEAP
RAD_REQUEST: NAS-IP-Address = 192.168.0.1
RAD_REQUEST: NAS-Port = 8
RAD_REQUEST: NAS-Port-Id = fe.0.8
RAD_REQUEST: Framed-MTU = 1000




More information about the Freeradius-Users mailing list