Radius log files
David Blackman
db at ece.ufl.edu
Fri Dec 5 19:20:15 CET 2008
This is a windows XP laptop logging in as db and the mac address is
0003:471f:9744. I was not able to find the mac address in the output,
so would there need to be something that I need to configure to get this
info? Where do find information on the linelog module?
tnt at kalik.net wrote:
>> Can I get the mac
>> address or computer name of the computer written to the log file? I see
>> that the computer name is logged when the user is denied.
>>
>
> Do radiusd -X and see if mac address (computer name will not appear for
> user authentication) appears in the request attributes
> (Calling-Station-Id is the most likely). If it does, you can log it. See
> linelog module.
>
> Ivan Kalik
> Kalik Informatika ISP
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
rad_recv: Access-Request packet from host 128.227.232.133 port 49155,
id=0, length=69
NAS-IP-Address = 128.227.232.133
NAS-Port-Type = Ethernet
NAS-Port = 15
User-Name = "db"
EAP-Message = 0x02010007016462
Message-Authenticator = 0x6cf174049e73916e850b9cd445f2425b
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "db", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 1 length 7
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user.
Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type md5
rlm_eap_md5: Issuing Challenge
++[eap] returns handled
Sending Access-Challenge of id 0 to 128.227.232.133 port 49155
EAP-Message = 0x010200160410f43f631dda6ea458c36c654f666e7c24
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xc4c69974c4c49dc928a82c4f8dbb2dbf
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 128.227.232.133 port 49155,
id=0, length=86
Cleaning up request 0 ID 0 with timestamp +36
NAS-IP-Address = 128.227.232.133
NAS-Port-Type = Ethernet
NAS-Port = 15
User-Name = "db"
State = 0xc4c69974c4c49dc928a82c4f8dbb2dbf
EAP-Message = 0x020200060319
Message-Authenticator = 0xbe4aa971c4100fa839166c318dd6ded1
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "db", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 2 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user.
Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP NAK
[eap] EAP-NAK asked for EAP-Type/peap
[eap] processing type tls
[tls] Initiate
[tls] Start returned 1
++[eap] returns handled
Sending Access-Challenge of id 0 to 128.227.232.133 port 49155
EAP-Message = 0x010300061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xc4c69974c5c580c928a82c4f8dbb2dbf
Finished request 1.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 128.227.232.133 port 49155,
id=0, length=160
Cleaning up request 1 ID 0 with timestamp +36
NAS-IP-Address = 128.227.232.133
NAS-Port-Type = Ethernet
NAS-Port = 15
User-Name = "db"
State = 0xc4c69974c5c580c928a82c4f8dbb2dbf
EAP-Message =
0x0203005019800000004616030100410100003d03014939381309817df59b25a5b17df37c14546f41cb32caceb84db43cb1977a8d4100001600040005000a000900640062000300060013001200630100
Message-Authenticator = 0x92c16642be16c4c8c883fabef163ce4e
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "db", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 3 length 80
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
TLS Length 70
[peap] Length Included
[peap] eaptls_verify returned 11
[peap] (other): before/accept initialization
[peap] TLS_accept: before/accept initialization
[peap] <<< TLS 1.0 Handshake [length 0041], ClientHello
[peap] TLS_accept: SSLv3 read client hello A
[peap] >>> TLS 1.0 Handshake [length 002a], ServerHello
[peap] TLS_accept: SSLv3 write server hello A
[peap] >>> TLS 1.0 Handshake [length 085e], Certificate
[peap] TLS_accept: SSLv3 write certificate A
[peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
[peap] TLS_accept: SSLv3 write server done A
[peap] TLS_accept: SSLv3 flush data
[peap] TLS_accept: Need to read more data: SSLv3 read client
certificate A
In SSL Handshake Phase
In SSL Accept mode
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 0 to 128.227.232.133 port 49155
EAP-Message =
0x0104040019c00000089b160301002a0200002603014939378f4f79715c33d3fcb8d151624a459b0dfe4ff75e75dfa0c57a97ab07ff00000400160301085e0b00085a0008570003a6308203a23082028aa003020102020101300d06092a864886f70d0101040500308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479
EAP-Message =
0x301e170d3038313132313132333634325a170d3039313132313132333634325a307c310b3009060355040613024652310f300d0603550408130652616469757331153013060355040a130c4578616d706c6520496e632e312330210603550403131a4578616d706c65205365727665722043657274696669636174653120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100b0d1c53761f23ed6bcbe5829ae1f7ee42bb872a471a41a406c39245c5eee1eff466b53e9c0a408c0b2193ebd6038534cf776bcca7bd5e5fb3e4523f37a3a
EAP-Message =
0xf0d64da701b2c341de791bbef1dd368e05d57b2e29da4a622b4c4cec28110f2889274f38c16839070c91df46cf25df2ea57c9430b5818de736cf53198dbbfbbd612836537aee3b02d4bcdd35a6290ce04172f810ba195bbfb9b691b902efb8d7400664682d38adf5efd3b27bddaa133a34c9d37a9cff5f2457beeaa7e281640f5ea49c41ea3d4e37e6e7cec05ac5baf34f7a56e95f32347c259486a042dc8be27aaf804ba086f7f6c45126f67405f8198325f03c9d423e792c883c228c08ec49c2ab0203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d01010405000382010100b31304040677886af3
EAP-Message =
0x46cedef774d9e364c150b372405812bd7129734528eace0193907e520ac4b8943bb8271a4371a560b86d278b555de22e7a2a85e8cfa0de9a23b3ac73d0f1942d6a7dc811864f1cdf1aac81852e10f0ea07bba51b5a88750c72066938331be9ea6a606415329df18838d45f9f770dd375ffd76f246d5a0737e2c05c08bc6e9f6e7c51194bc2268f8489282f0fbbbefabd5e9627ea615a405c3536f80b402b86f87ff9386e4fe6a4316943025fb26855646fba0c6cf5ffb71f0638efe63339715d0d5c2564ee8c85dead273ed8d0a2c642fa584cf8db1dc7a92c32b86d9a4c3a4ee9e2f9c6f34bf4ad0f933860e9493806697c50d55272b80004ab308204
EAP-Message = 0xa73082038fa0030201020209
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xc4c69974c6c280c928a82c4f8dbb2dbf
Finished request 2.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 128.227.232.133 port 49155,
id=0, length=86
Cleaning up request 2 ID 0 with timestamp +36
NAS-IP-Address = 128.227.232.133
NAS-Port-Type = Ethernet
NAS-Port = 15
User-Name = "db"
State = 0xc4c69974c6c280c928a82c4f8dbb2dbf
EAP-Message = 0x020400061900
Message-Authenticator = 0xcb57c55cec7c517d2b6cf487656813a0
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "db", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 4 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] ACK handshake fragment handler
[peap] eaptls_verify returned 1
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 0 to 128.227.232.133 port 49155
EAP-Message =
0x010503fc194000e933f589b2cf8a9f300d06092a864886f70d0101050500308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479301e170d3038313132313132333634325a170d3038313232313132333634325a308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504
EAP-Message =
0x071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f7269747930820122300d06092a864886f70d01010105000382010f003082010a0282010100ccc29daa54a5c71b482dcf462ab915fd2de753ac7324da27dc7d9ec352897bb8bad924b8033ba4a4b23da8f479b3e28456df616968ce61063dc8e99b01990fa37ff16e1e7fa20d225e52bb1c832f9a1eed1645fa50365a74a9cd71841f06268abec5731e6d309df5eb34c139f522e5
EAP-Message =
0x919f9e1cc1670ba28debb5561f56bc6e71aaab2463325a2d0fbbba5073316a612fa3ddc10189cc94f31650011a69b0951231073b1500030c397da571ddcab803d6921d0ccb779f31ca5c56f6ccd070ea1a2ee9355cd29769861f8ffc8771449aebab34e5844b75d0a750bd07ceec98efd31a5206824b4833aa79334b48122b385b0d0208b61449fe44f1b238fa03d89df10203010001a381fb3081f8301d0603551d0e041604140c52de42b880fdc7dc21d255fc2be207fbe5a4ff3081c80603551d230481c03081bd80140c52de42b880fdc7dc21d255fc2be207fbe5a4ffa18199a48196308193310b3009060355040613024652310f300d06035504
EAP-Message =
0x0813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479820900e933f589b2cf8a9f300c0603551d13040530030101ff300d06092a864886f70d0101050500038201010051cc8a8eadc15606b782734a28394423079b02e4a72b9fc701b840ef85001e4a3971bc70ea74df086e03c6db30b3f739408ba02bcebb7d74a722cb7a0c107b03598969ec3c75cc44e55f1ca588c3100c91d1
EAP-Message = 0x3cd7058f5a59b0ca
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xc4c69974c7c380c928a82c4f8dbb2dbf
Finished request 3.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 128.227.232.133 port 49155,
id=0, length=86
Cleaning up request 3 ID 0 with timestamp +36
NAS-IP-Address = 128.227.232.133
NAS-Port-Type = Ethernet
NAS-Port = 15
User-Name = "db"
State = 0xc4c69974c7c380c928a82c4f8dbb2dbf
EAP-Message = 0x020500061900
Message-Authenticator = 0x37173b6aba30f116e1fcd6d53e96390b
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "db", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 5 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] ACK handshake fragment handler
[peap] eaptls_verify returned 1
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 0 to 128.227.232.133 port 49155
EAP-Message =
0x010600b5190059972b202db051598212ff893b78971e21047260bec8269a3fdd020f5c9b2e875e9b20e738e834ff7a498fad311be07332acf6603ebf392b9aa1fa5adcbd8f9d33dab28fba6e2508987e38befb861ffbd1f01b823aad1e356716f702c7d0d78b773e2ab24f1b0bbfabf5f0b95e474f21c839299ac88cd3658f401899800dd48bd2ba50fa9aada70b984559335b326944e8f071670c7b1c2221d7eaad8d8bec4e43e15dd8701416030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xc4c69974c0c080c928a82c4f8dbb2dbf
Finished request 4.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 128.227.232.133 port 49155,
id=0, length=402
Cleaning up request 4 ID 0 with timestamp +36
NAS-IP-Address = 128.227.232.133
NAS-Port-Type = Ethernet
NAS-Port = 15
User-Name = "db"
State = 0xc4c69974c0c080c928a82c4f8dbb2dbf
EAP-Message =
0x02060140198000000136160301010610000102010002237bfe5672b9bcde15c59157a22efb23da9feb6d1f89de112098a30ecd91dcab118d3c648669603f24aec63759b3576bb39f36af0499488fde03257f3fcaf463155e8f6293f863845f1fc8ef608324c5f162a1cf68d3c1b488e5234626e6de1e4017fe4ddb407c0150dac8491f01c992c06ce7b80a9255675d755310b54b0bc326e1f761bab6b3e93a90c0e96f61842ae3d8ca4b6bbec3aba4b154a933c5818a34bbcd6a90f8cd54a3558af289309ae78f11bcea937c3fa0c29d377420ae062d98a169c992c078a67990d967d76d770adf2a6ed42ea06c3953dccd3b4fd8c4af16408c11f53d70
EAP-Message =
0xb202b05886f6e9e72e033ca94b80d26b25f60953ce05e23114030100010116030100200f510987043545e82e1971f24b11813eb17234847d9a74fd9f0ab9aac30cbb14
Message-Authenticator = 0xa555bff659a2646eae293793983303db
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "db", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 6 length 253
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
TLS Length 310
[peap] Length Included
[peap] eaptls_verify returned 11
[peap] <<< TLS 1.0 Handshake [length 0106], ClientKeyExchange
[peap] TLS_accept: SSLv3 read client key exchange A
[peap] <<< TLS 1.0 ChangeCipherSpec [length 0001]
[peap] <<< TLS 1.0 Handshake [length 0010], Finished
[peap] TLS_accept: SSLv3 read finished A
[peap] >>> TLS 1.0 ChangeCipherSpec [length 0001]
[peap] TLS_accept: SSLv3 write change cipher spec A
[peap] >>> TLS 1.0 Handshake [length 0010], Finished
[peap] TLS_accept: SSLv3 write finished A
[peap] TLS_accept: SSLv3 flush data
[peap] (other): SSL negotiation finished successfully
SSL Connection Established
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 0 to 128.227.232.133 port 49155
EAP-Message =
0x010700311900140301000101160301002085517dd00f76c063c85e979cd89e2a79c96c4621985f0bad90420313b60f0778
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xc4c69974c1c180c928a82c4f8dbb2dbf
Finished request 5.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 128.227.232.133 port 49155,
id=0, length=86
Cleaning up request 5 ID 0 with timestamp +36
NAS-IP-Address = 128.227.232.133
NAS-Port-Type = Ethernet
NAS-Port = 15
User-Name = "db"
State = 0xc4c69974c1c180c928a82c4f8dbb2dbf
EAP-Message = 0x020700061900
Message-Authenticator = 0x15b89f3e60f5ba33ceb319cd34460358
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "db", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 7 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] ACK handshake is finished
[peap] eaptls_verify returned 3
[peap] eaptls_process returned 3
[peap] EAPTLS_SUCCESS
++[eap] returns handled
Sending Access-Challenge of id 0 to 128.227.232.133 port 49155
EAP-Message =
0x010800201900170301001589ad3dc08a7ecfe44d6e4f913f94a09baf106599a0
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xc4c69974c2ce80c928a82c4f8dbb2dbf
Finished request 6.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 128.227.232.133 port 49155,
id=0, length=110
Cleaning up request 6 ID 0 with timestamp +36
NAS-IP-Address = 128.227.232.133
NAS-Port-Type = Ethernet
NAS-Port = 15
User-Name = "db"
State = 0xc4c69974c2ce80c928a82c4f8dbb2dbf
EAP-Message =
0x0208001e19001703010013d1bcc00702a0a3bcf542d967aaebbdae12296d
Message-Authenticator = 0x0f53010212ba875747d9a449f48314be
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "db", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 8 length 30
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established. Decoding tunneled attributes.
[peap] Identity - db
[peap] Got tunnled request
EAP-Message = 0x02080007016462
server (null) {
PEAP: Got tunneled identity of db
PEAP: Setting default EAP type for tunneled EAP session.
PEAP: Setting User-Name to db
Sending tunneled request
EAP-Message = 0x02080007016462
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "db"
server inner-tunnel {
+- entering group authorize {...}
++[chap] returns noop
++[mschap] returns noop
++[unix] returns notfound
[suffix] No '@' in User-Name = "db", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[control] returns noop
[eap] EAP packet type response id 8 length 7
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type mschapv2
rlm_eap_mschapv2: Issuing Challenge
++[eap] returns handled
} # server inner-tunnel
[peap] Got tunneled reply code 11
EAP-Message =
0x0109001c1a0109001710675bee5b2ceb4d7bf7cc4b868dc35a5d6462
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x05ea8e8705e3949e67eba3369f01d8cb
[peap] Got tunneled reply RADIUS code 11
EAP-Message =
0x0109001c1a0109001710675bee5b2ceb4d7bf7cc4b868dc35a5d6462
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x05ea8e8705e3949e67eba3369f01d8cb
[peap] Got tunneled Access-Challenge
++[eap] returns handled
Sending Access-Challenge of id 0 to 128.227.232.133 port 49155
EAP-Message =
0x01090033190017030100286fff7a6f6a41c4a59725c9dce4ad8cd38a4990df1dc0dbf937e5f12702f9d01c6c4e1c1350473e8d
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xc4c69974c3cf80c928a82c4f8dbb2dbf
Finished request 7.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 128.227.232.133 port 49155,
id=0, length=164
Cleaning up request 7 ID 0 with timestamp +36
NAS-IP-Address = 128.227.232.133
NAS-Port-Type = Ethernet
NAS-Port = 15
User-Name = "db"
State = 0xc4c69974c3cf80c928a82c4f8dbb2dbf
EAP-Message =
0x02090054190017030100499b829184f088842c6e7a85463ee5a01f489219530924984de0169ccb86c43faf0acf6859660636e1facfa2ca3192318f3d0afe992745eb1be73f3a6d616a8acbeb1f4e53e27ae83104
Message-Authenticator = 0xedfe8dce463dee7ad4b9b2c7bcf853fe
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "db", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 9 length 84
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established. Decoding tunneled attributes.
[peap] EAP type mschapv2
[peap] Got tunnled request
EAP-Message =
0x0209003d1a0209003831e1be910c4be80d86af472f9e74dc68300000000000000000abc52c2ca80f2469100aecdc5ac5be45e7df91778a8d1168006462
server (null) {
PEAP: Setting User-Name to db
Sending tunneled request
EAP-Message =
0x0209003d1a0209003831e1be910c4be80d86af472f9e74dc68300000000000000000abc52c2ca80f2469100aecdc5ac5be45e7df91778a8d1168006462
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "db"
State = 0x05ea8e8705e3949e67eba3369f01d8cb
server inner-tunnel {
+- entering group authorize {...}
++[chap] returns noop
++[mschap] returns noop
++[unix] returns notfound
[suffix] No '@' in User-Name = "db", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[control] returns noop
[eap] EAP packet type response id 9 length 61
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/mschapv2
[eap] processing type mschapv2
[mschapv2] +- entering group MS-CHAP {...}
[mschap] No Cleartext-Password configured. Cannot create LM-Password.
[mschap] No Cleartext-Password configured. Cannot create NT-Password.
[mschap] Told to do MS-CHAPv2 for db with NT-Password
[mschap] WARNING: Deprecated conditional expansion ":-". See "man
unlang" for details
[mschap] WARNING: Deprecated conditional expansion ":-". See "man
unlang" for details
[mschap] expand:
--username=%{Stripped-User-Name:-%{User-Name:-None}} -> --username=db
[mschap] mschap2: 67
[mschap] expand: --challenge=%{mschap:Challenge:-00} ->
--challenge=7902fb728a15bd02
[mschap] expand: --nt-response=%{mschap:NT-Response:-00} ->
--nt-response=abc52c2ca80f2469100aecdc5ac5be45e7df91778a8d1168
Exec-Program output: NT_KEY: 48C51DE27D32D2A8BF7F254E8D34BD38
Exec-Program-Wait: plaintext: NT_KEY: 48C51DE27D32D2A8BF7F254E8D34BD38
Exec-Program: returned: 0
[mschap] adding MS-CHAPv2 MPPE keys
++[mschap] returns ok
MSCHAP Success
++[eap] returns handled
} # server inner-tunnel
[peap] Got tunneled reply code 11
EAP-Message =
0x010a00331a0309002e533d30393542343545424233314639324634423331384134333633423138343735343938303742343433
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x05ea8e8704e0949e67eba3369f01d8cb
[peap] Got tunneled reply RADIUS code 11
EAP-Message =
0x010a00331a0309002e533d30393542343545424233314639324634423331384134333633423138343735343938303742343433
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x05ea8e8704e0949e67eba3369f01d8cb
[peap] Got tunneled Access-Challenge
++[eap] returns handled
Sending Access-Challenge of id 0 to 128.227.232.133 port 49155
EAP-Message =
0x010a004a1900170301003ff12a6fe47b20c40575e8fbcfc89163be1ef59b3319c5adca26a0d159e7af4f3345544bfdb3879a41cc16769896a3f31cc960836ef523b911d9bf47e169c720
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xc4c69974cccc80c928a82c4f8dbb2dbf
Finished request 8.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 128.227.232.133 port 49155,
id=0, length=109
Cleaning up request 8 ID 0 with timestamp +36
NAS-IP-Address = 128.227.232.133
NAS-Port-Type = Ethernet
NAS-Port = 15
User-Name = "db"
State = 0xc4c69974cccc80c928a82c4f8dbb2dbf
EAP-Message =
0x020a001d19001703010012855c27de1b549acfa34df91ecdca58a62d6d
Message-Authenticator = 0xb935a35d8e8abda7c24fd8eb24cac102
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "db", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 10 length 29
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established. Decoding tunneled attributes.
[peap] EAP type mschapv2
[peap] Got tunnled request
EAP-Message = 0x020a00061a03
server (null) {
PEAP: Setting User-Name to db
Sending tunneled request
EAP-Message = 0x020a00061a03
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "db"
State = 0x05ea8e8704e0949e67eba3369f01d8cb
server inner-tunnel {
+- entering group authorize {...}
++[chap] returns noop
++[mschap] returns noop
++[unix] returns notfound
[suffix] No '@' in User-Name = "db", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[control] returns noop
[eap] EAP packet type response id 10 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/mschapv2
[eap] processing type mschapv2
[eap] Freeing handler
++[eap] returns ok
Login OK: [db/<via Auth-Type = EAP>] (from client linksys port 0 via TLS
tunnel)
} # server inner-tunnel
[peap] Got tunneled reply code 2
EAP-Message = 0x030a0004
Message-Authenticator = 0x00000000000000000000000000000000
User-Name = "db"
[peap] Got tunneled reply RADIUS code 2
EAP-Message = 0x030a0004
Message-Authenticator = 0x00000000000000000000000000000000
User-Name = "db"
[peap] Tunneled authentication was successful.
[peap] SUCCESS
++[eap] returns handled
Sending Access-Challenge of id 0 to 128.227.232.133 port 49155
EAP-Message =
0x010b00261900170301001b1d9cb0acf60f1112a8580a3eb5b975b5a4562dc977ed63f4640939
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xc4c69974cdcd80c928a82c4f8dbb2dbf
Finished request 9.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 128.227.232.133 port 49155,
id=0, length=118
Cleaning up request 9 ID 0 with timestamp +36
NAS-IP-Address = 128.227.232.133
NAS-Port-Type = Ethernet
NAS-Port = 15
User-Name = "db"
State = 0xc4c69974cdcd80c928a82c4f8dbb2dbf
EAP-Message =
0x020b00261900170301001bef1aa91d4301bbe1fdc0b799dce0719ad4379167abe630fe97a299
Message-Authenticator = 0x0de154814807ff989649f7d3900a019a
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "db", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 11 length 38
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established. Decoding tunneled attributes.
[peap] Received EAP-TLV response.
[peap] Success
[eap] Freeing handler
++[eap] returns ok
Login OK: [db/<via Auth-Type = EAP>] (from client linksys port 15)
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 0 to 128.227.232.133 port 49155
MS-MPPE-Recv-Key =
0xc4410c2bd2e93ebb0a941a7729d1852e8502c49d8534fc2fb04a6defed9d5cc4
MS-MPPE-Send-Key =
0x24163650684a8c48c1f20d09ee3b89ec226aab12d16627d00a62d376b3756e00
EAP-Message = 0x030b0004
Message-Authenticator = 0x00000000000000000000000000000000
User-Name = "db"
Finished request 10.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 10 ID 0 with timestamp +36
Ready to process requests.
More information about the Freeradius-Users
mailing list