EAP-TLS OK - EAP-PEAP KO!! why that?
Reveal MAP
revealmapp at yahoo.fr
Fri Jul 18 01:46:25 CEST 2008
well....
the entire output is so so long.... i guess it will be bounced!!
---------------------------------------------------------------------------------------
rad_recv: Access-Request packet from host 10.10.44.246 port 1031, id=36, length=168
User-Name = "PLUTON\\glouglou"
NAS-IP-Address = 10.10.44.246
NAS-Port = 1
Called-Station-Id = "00-1C-F0-08-FB-FA:PEAP"
Calling-Station-Id = "00-12-F0-0C-97-61"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 54Mbps 802.11g"
EAP-Message = 0x0200001401504c55544f4e5c676c6f75676c6f75
Message-Authenticator = 0xcbb528f5292b11d67c080cc387f843bc
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: No '@' in User-Name = "PLUTON\glouglou", looking up realm NULL
rlm_realm: No such realm "NULL"
++[suffix] returns noop
rlm_eap: EAP packet type response id 0 length 20
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
++[files] returns noop
expand: %{User-Name} -> PLUTON\glouglou
rlm_sql (sql): sql_set_user escaped user --> 'PLUTON\glouglou'
rlm_sql (sql): Reserving sql socket id: 3
expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'PLUTON=5Cglouglou' ORDER BY id
expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'PLUTON=5Cglouglou' ORDER BY priority
rlm_sql (sql): Released sql socket id: 3
rlm_sql (sql): User PLUTON\glouglou not found
++[sql] returns notfound
++[expiration] returns noop
++[logintime] returns noop
rlm_pap: WARNING! No "known good" password found for the user. Authentication may fail because of this.
++[pap] returns noop
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
++[eap] returns handled
Sending Access-Challenge of id 36 to 10.10.44.246 port 1031
EAP-Message = 0x010100061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x83d5d79483d4ce1dada70e42703d8db9
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.10.44.246 port 1031, id=37, length=246
User-Name = "PLUTON\\glouglou"
NAS-IP-Address = 10.10.44.246
NAS-Port = 1
Called-Station-Id = "00-1C-F0-08-FB-FA:PEAP"
Calling-Station-Id = "00-12-F0-0C-97-61"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 54Mbps 802.11g"
EAP-Message = 0x0201005019800000004616030100410100003d030148813744665ecdbe63b302d853648f2eee8bae6b5453ef683054af22f5caa22800001600040005000a000900640062000300060013001200630100
State = 0x83d5d79483d4ce1dada70e42703d8db9
Message-Authenticator = 0x7f20d5424c08d0debb4c7e3342fb34d9
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: No '@' in User-Name = "PLUTON\glouglou", looking up realm NULL
rlm_realm: No such realm "NULL"
++[suffix] returns noop
rlm_eap: EAP packet type response id 1 length 80
rlm_eap: Continuing tunnel setup.
++[eap] returns ok
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
TLS Length 70
rlm_eap_tls: Length Included
eaptls_verify returned 11
(other): before/accept initialization
TLS_accept: before/accept initialization
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0041], ClientHello
TLS_accept: SSLv3 read client hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
TLS_accept: SSLv3 write server hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 081b], Certificate
TLS_accept: SSLv3 write certificate A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
TLS_accept: SSLv3 write server done A
TLS_accept: SSLv3 flush data
TLS_accept: Need to read more data: SSLv3 read client certificate A
In SSL Handshake Phase
In SSL Accept mode
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 37 to 10.10.44.246 port 1031
EAP-Message = 0x0102040019c000000878160301004a020000460301487fe7a483ef4daf3eb78afc912dbb12c2c415a45ae1c789645893327db8e38820c41a3627717a66af39e2a3a63f0c1138a06d729e6d36a2a4d6be80b3f58b9171000400160301081b0b000817000814000346308203423082022aa003020102020101300d06092a864886f70d010105050030819c310b3009060355040613024d41310e300c0603550408130552616261743110300e06035504071307536f756973736931263024060355040a141d556e69766572736974c3a9204d6f68616d6564205620536f756973736931143012060355040b130b43656e74726520496e666f310f300d0603
EAP-Message = 0x55040314065f5f5f414141311c301a06092a864886f70d010901160d61616140706c75746f6e2e6d61301e170d3038303731343034343233355a170d3133303731333034343233355a308196310b3009060355040613024d41310e300c06035504081305526162617431263024060355040a141d556e69766572736974c3a9204d6f68616d6564205620536f75697373693111300f060355040b13084574756469616e74311530130603550403130c7261646975737365727665723125302306092a864886f70d010901161672616469757373657276657240706c75746f6e2e6d6130819f300d06092a864886f70d010101050003818d003081890281
EAP-Message = 0x8100fb2d9fb89729da2158253e05d3f13a07ac5c7d8f704d5d4d252fe6d5a800025696037f40ccef2c89dd227f8b4b381d067fd3522f311e4f9c074834d8067cd79c59466c1cfc2fbf23e76abea2cd1b56e01f63be206334f9e5bff434d9086d7f4b01d68943a414c83b1aacdac240867545c20eed6e8b34aaaa389eebf824233adb0203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d010105050003820101008adbb8dcc1bd2e966234a410aff3737b7b6b215e227bafe5791bef0a3cde30866ce9ddbf9747393b897b94746c26ede5383c3c65b86751ccf84f9780700d9c6e54372e41f9b0e0c1f4
EAP-Message = 0x80f459d0429a8ff91e628e907562daf98692ebba46adf1ed0ae3870c6762a34afa7d29993fd4ddd4f70c15ca9fecc678ce28199d69df44a2450bae8f791d5305d28ce5df59b4f20b8ff47b3e4392f26e95e3c97eaf3c7e7e702c7c0c4066324696ab44b821cc7176af64f355597a1d3654bdb2e8a67af503d130f343432aa7e7ea4970e5e137a6449efc4103dc2fd60b554e763ab92ec64129b91bf0a128ab274fc40987d2adf3e1eb008f291cc2dd4b9f17be2bba0db70004c8308204c4308203aca003020102020900996209457d2cc679300d06092a864886f70d010105050030819c310b3009060355040613024d41310e300c0603550408130552
EAP-Message = 0x616261743110300e06035504
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x83d5d79482d7ce1dada70e42703d8db9
Finished request 1.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.10.44.246 port 1031, id=38, length=172
User-Name = "PLUTON\\glouglou"
NAS-IP-Address = 10.10.44.246
NAS-Port = 1
Called-Station-Id = "00-1C-F0-08-FB-FA:PEAP"
Calling-Station-Id = "00-12-F0-0C-97-61"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 54Mbps 802.11g"
EAP-Message = 0x020200061900
State = 0x83d5d79482d7ce1dada70e42703d8db9
Message-Authenticator = 0x7732bf9fad90dd26b294e9d7a9d3dcdf
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: No '@' in User-Name = "PLUTON\glouglou", looking up realm NULL
rlm_realm: No such realm "NULL"
++[suffix] returns noop
rlm_eap: EAP packet type response id 2 length 6
rlm_eap: Continuing tunnel setup.
++[eap] returns ok
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 38 to 10.10.44.246 port 1031
EAP-Message = 0x010303fc1940071307536f756973736931263024060355040a141d556e69766572736974c3a9204d6f68616d6564205620536f756973736931143012060355040b130b43656e74726520496e666f310f300d060355040314065f5f5f414141311c301a06092a864886f70d010901160d61616140706c75746f6e2e6d61301e170d3038303731343034333932345a170d3038303831333034333932345a30819c310b3009060355040613024d41310e300c0603550408130552616261743110300e06035504071307536f756973736931263024060355040a141d556e69766572736974c3a9204d6f68616d6564205620536f7569737369311430120603
EAP-Message = 0x55040b130b43656e74726520496e666f310f300d060355040314065f5f5f414141311c301a06092a864886f70d010901160d61616140706c75746f6e2e6d6130820122300d06092a864886f70d01010105000382010f003082010a0282010100a08601136d34839df53e736dbe50da12db4edae1263b8e41febd10b349933dd0a3348524ca2ca3512a63aeef81f5ee964d780b8e7f02dd99a1bb8c7beb15a09b0bf6a5ef7f444ffb5cb6b09519b55682c06ebd716b5d41e9c8c035d30252d9504c6c7d9c6332c60c3c8c3a7e617e326f9e5adf732c650759db5d1ec26305f7968c8db0b50685ba7803c1b6f36927d807be03e116f24efd0b93136079ab
EAP-Message = 0x9ab7bfa264a6708a4d7c6787d0a614761998cce5f89d107affa7c890913557b22455794d042341be775b2adc05bf248ced74efd6e4423f90570ba82f9c6626ecc7b256aad6f6f7057eaafce0f738b4d115cd3c5e34a50689ec6d9397785010d943ff8b0203010001a382010530820101301d0603551d0e041604141b03359ed6e59efc2ea37bf5aad0181ece3537363081d10603551d230481c93081c680141b03359ed6e59efc2ea37bf5aad0181ece353736a181a2a4819f30819c310b3009060355040613024d41310e300c0603550408130552616261743110300e06035504071307536f756973736931263024060355040a141d556e6976657273
EAP-Message = 0x6974c3a9204d6f68616d6564205620536f756973736931143012060355040b130b43656e74726520496e666f310f300d060355040314065f5f5f414141311c301a06092a864886f70d010901160d61616140706c75746f6e2e6d61820900996209457d2cc679300c0603551d13040530030101ff300d06092a864886f70d0101050500038201010041812ec7b34fb44923f615da9372941770dae14a5956ae6851e1501d13549abdfc745da70a38f7db222edc28a4067e63a9b711203ad28c9c27c03c2d422622394b6e119391399b0b32ab61b9b7c2b8b3b67101ac775d4c4028b3eb793788b5b0b53a6edad6e0503a4b5fb0074c0825ee91e9da4308
EAP-Message = 0x287d5f0755b00fed
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x83d5d79481d6ce1dada70e42703d8db9
Finished request 2.
Going to the next request
Waking up in 4.8 seconds.
rad_recv: Access-Request packet from host 10.10.44.246 port 1031, id=39, length=172
User-Name = "PLUTON\\glouglou"
NAS-IP-Address = 10.10.44.246
NAS-Port = 1
Called-Station-Id = "00-1C-F0-08-FB-FA:PEAP"
Calling-Station-Id = "00-12-F0-0C-97-61"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 54Mbps 802.11g"
EAP-Message = 0x020300061900
State = 0x83d5d79481d6ce1dada70e42703d8db9
Message-Authenticator = 0x0fe93834b2916e179db32a4a4e30c313
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: No '@' in User-Name = "PLUTON\glouglou", looking up realm NULL
rlm_realm: No such realm "NULL"
++[suffix] returns noop
rlm_eap: EAP packet type response id 3 length 6
rlm_eap: Continuing tunnel setup.
++[eap] returns ok
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 39 to 10.10.44.246 port 1031
EAP-Message = 0x010400921900095073db63e65f0ab28178db3958c7113b9733a22a8b2a88fa045dc87b44d2b3b6e185637aa474de4281c0a67db8311af9c449169c06852467d7fbcc6ad90bf7d94485afdc559d0bedf973b713003b7f64bf8adfe5ab2b62aee86a630eb0d2a19d4c73cd73f8e74f727366c28e71679a191f5928b58406159ab8eb2bd5624051481c1816030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x83d5d79480d1ce1dada70e42703d8db9
Finished request 3.
Going to the next request
Waking up in 4.7 seconds.
rad_recv: Access-Request packet from host 10.10.44.246 port 1031, id=40, length=358
User-Name = "PLUTON\\glouglou"
NAS-IP-Address = 10.10.44.246
NAS-Port = 1
Called-Station-Id = "00-1C-F0-08-FB-FA:PEAP"
Calling-Station-Id = "00-12-F0-0C-97-61"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 54Mbps 802.11g"
EAP-Message = 0x020400c01980000000b6160301008610000082008012e599c1dd65207a3e9ce50d8996f74ba03b6b2833f240610e877ffe3f99d554514a7a1e11ba5599978d3b12cad9e79f592ff16e78d0adc47d6688a2cb24d4eb5206249677e1ef4608a986e9f3532ca498f7f97bdcd2d3693aea0eefe6de02907ecfba98f4cf5b13d8d9de1384c62e869fc4dde32db5263bb925d3dd5f9dbd64140301000101160301002014688001ba47c255120cf9919f1f508f8a60ee01751ce9039f2f78a6fcd7dc45
State = 0x83d5d79480d1ce1dada70e42703d8db9
Message-Authenticator = 0xdc6a35211c08eac1516e2faf3a4103d0
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: No '@' in User-Name = "PLUTON\glouglou", looking up realm NULL
rlm_realm: No such realm "NULL"
++[suffix] returns noop
rlm_eap: EAP packet type response id 4 length 192
rlm_eap: Continuing tunnel setup.
++[eap] returns ok
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
TLS Length 182
rlm_eap_tls: Length Included
eaptls_verify returned 11
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
TLS_accept: SSLv3 read client key exchange A
rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001]
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 read finished A
rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001]
TLS_accept: SSLv3 write change cipher spec A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 write finished A
TLS_accept: SSLv3 flush data
(other): SSL negotiation finished successfully
SSL Connection Established
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 40 to 10.10.44.246 port 1031
EAP-Message = 0x01050031190014030100010116030100202208f053e9a7b313afddf279d90493751e93be50d2edef23bf6194a7aada78cf
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x83d5d79487d0ce1dada70e42703d8db9
Finished request 4.
Going to the next request
Waking up in 4.7 seconds.
rad_recv: Access-Request packet from host 10.10.44.246 port 1031, id=41, length=172
User-Name = "PLUTON\\glouglou"
NAS-IP-Address = 10.10.44.246
NAS-Port = 1
Called-Station-Id = "00-1C-F0-08-FB-FA:PEAP"
Calling-Station-Id = "00-12-F0-0C-97-61"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 54Mbps 802.11g"
EAP-Message = 0x020500061900
State = 0x83d5d79487d0ce1dada70e42703d8db9
Message-Authenticator = 0xbac34e6b081e86a4b4a3af08c425a353
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: No '@' in User-Name = "PLUTON\glouglou", looking up realm NULL
rlm_realm: No such realm "NULL"
++[suffix] returns noop
rlm_eap: EAP packet type response id 5 length 6
rlm_eap: Continuing tunnel setup.
++[eap] returns ok
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake is finished
eaptls_verify returned 3
eaptls_process returned 3
rlm_eap_peap: EAPTLS_SUCCESS
++[eap] returns handled
Sending Access-Challenge of id 41 to 10.10.44.246 port 1031
EAP-Message = 0x0106002019001703010015ae3bbf7b20f836fdbe2fba94d4adcab00f30c19d8a
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x83d5d79486d3ce1dada70e42703d8db9
Finished request 5.
Going to the next request
Waking up in 4.7 seconds.
rad_recv: Access-Request packet from host 10.10.44.246 port 1031, id=42, length=209
User-Name = "PLUTON\\glouglou"
NAS-IP-Address = 10.10.44.246
NAS-Port = 1
Called-Station-Id = "00-1C-F0-08-FB-FA:PEAP"
Calling-Station-Id = "00-12-F0-0C-97-61"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 54Mbps 802.11g"
EAP-Message = 0x0206002b1900170301002073de0b4508a37d44acb522cff78dd1c87acb6b0cf362bf9d5f54becdc6c47701
State = 0x83d5d79486d3ce1dada70e42703d8db9
Message-Authenticator = 0xb10bf08e6aa8e978b875c4cc5b9eaf47
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: No '@' in User-Name = "PLUTON\glouglou", looking up realm NULL
rlm_realm: No such realm "NULL"
++[suffix] returns noop
rlm_eap: EAP packet type response id 6 length 43
rlm_eap: Continuing tunnel setup.
++[eap] returns ok
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: Identity - PLUTON\glouglou
PEAP: Got tunneled EAP-Message
EAP-Message = 0x0206001401504c55544f4e5c676c6f75676c6f75
PEAP: Got tunneled identity of PLUTON\glouglou
PEAP: Setting default EAP type for tunneled EAP session.
PEAP: Setting User-Name to PLUTON\glouglou
PEAP: Sending tunneled request
EAP-Message = 0x0206001401504c55544f4e5c676c6f75676c6f75
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "PLUTON\\glouglou"
server (null) {
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: No '@' in User-Name = "PLUTON\glouglou", looking up realm NULL
rlm_realm: No such realm "NULL"
++[suffix] returns noop
rlm_eap: EAP packet type response id 6 length 20
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
++[files] returns noop
expand: %{User-Name} -> PLUTON\glouglou
rlm_sql (sql): sql_set_user escaped user --> 'PLUTON\glouglou'
rlm_sql (sql): Reserving sql socket id: 2
expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'PLUTON=5Cglouglou' ORDER BY id
expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'PLUTON=5Cglouglou' ORDER BY priority
rlm_sql (sql): Released sql socket id: 2
rlm_sql (sql): User PLUTON\glouglou not found
++[sql] returns notfound
++[expiration] returns noop
++[logintime] returns noop
rlm_pap: WARNING! No "known good" password found for the user. Authentication may fail because of this.
++[pap] returns noop
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
rlm_eap: EAP Identity
rlm_eap: processing type mschapv2
rlm_eap_mschapv2: Issuing Challenge
++[eap] returns handled
} # server (null)
PEAP: Got tunneled reply RADIUS code 11
EAP-Message = 0x010700291a0107002410143a5b03364fd869b4023ba4684793ae504c55544f4e5c676c6f75676c6f75
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x0082521f0085488ca5623cd1d98000f3
PEAP: Processing from tunneled session code 0x81d6eb8 11
EAP-Message = 0x010700291a0107002410143a5b03364fd869b4023ba4684793ae504c55544f4e5c676c6f75676c6f75
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x0082521f0085488ca5623cd1d98000f3
PEAP: Got tunneled Access-Challenge
++[eap] returns handled
Sending Access-Challenge of id 42 to 10.10.44.246 port 1031
EAP-Message = 0x010700401900170301003502eef878156b04a5701a286b125da5076e11baa135cd31da9c211836dc928e7221e2999df9ca197ffb848df97c76437b47181fdc20
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x83d5d79485d2ce1dada70e42703d8db9
Finished request 6.
Going to the next request
Waking up in 4.7 seconds.
rad_recv: Access-Request packet from host 10.10.44.246 port 1031, id=43, length=263
User-Name = "PLUTON\\glouglou"
NAS-IP-Address = 10.10.44.246
NAS-Port = 1
Called-Station-Id = "00-1C-F0-08-FB-FA:PEAP"
Calling-Station-Id = "00-12-F0-0C-97-61"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 54Mbps 802.11g"
EAP-Message = 0x02070061190017030100561cbc6e123c503a093fd6a673cbf7360f4e24bf73ba51460c1569983acc8c5108f97ab88d184e863b30ceabfe474b5eaa1cd03694078357040411d8b6ad42ac7b71344f92795d4fe103ea54ca25e8a7d03bc079a9d617
State = 0x83d5d79485d2ce1dada70e42703d8db9
Message-Authenticator = 0xb362d572e672ba6a8e839ac0ccad74b5
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: No '@' in User-Name = "PLUTON\glouglou", looking up realm NULL
rlm_realm: No such realm "NULL"
++[suffix] returns noop
rlm_eap: EAP packet type response id 7 length 97
rlm_eap: Continuing tunnel setup.
++[eap] returns ok
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: EAP type mschapv2
PEAP: Got tunneled EAP-Message
EAP-Message = 0x0207004a1a020700453172c46d596461e157d2b122da27332a3c0000000000000000f3dd3327fd3672e1e3922e61ccfa5146ced3e82a830f157c00504c55544f4e5c676c6f75676c6f75
PEAP: Setting User-Name to PLUTON\glouglou
PEAP: Sending tunneled request
EAP-Message = 0x0207004a1a020700453172c46d596461e157d2b122da27332a3c0000000000000000f3dd3327fd3672e1e3922e61ccfa5146ced3e82a830f157c00504c55544f4e5c676c6f75676c6f75
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "PLUTON\\glouglou"
State = 0x0082521f0085488ca5623cd1d98000f3
server (null) {
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: No '@' in User-Name = "PLUTON\glouglou", looking up realm NULL
rlm_realm: No such realm "NULL"
++[suffix] returns noop
rlm_eap: EAP packet type response id 7 length 74
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
++[files] returns noop
expand: %{User-Name} -> PLUTON\glouglou
rlm_sql (sql): sql_set_user escaped user --> 'PLUTON\glouglou'
rlm_sql (sql): Reserving sql socket id: 1
expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'PLUTON=5Cglouglou' ORDER BY id
expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'PLUTON=5Cglouglou' ORDER BY priority
rlm_sql (sql): Released sql socket id: 1
rlm_sql (sql): User PLUTON\glouglou not found
++[sql] returns notfound
++[expiration] returns noop
++[logintime] returns noop
rlm_pap: WARNING! No "known good" password found for the user. Authentication may fail because of this.
++[pap] returns noop
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP/mschapv2
rlm_eap: processing type mschapv2
+- entering group MS-CHAP
rlm_mschap: No Cleartext-Password configured. Cannot create LM-Password.
rlm_mschap: No Cleartext-Password configured. Cannot create NT-Password.
rlm_mschap: Told to do MS-CHAPv2 for glouglou with NT-Password
expand: --username=%{mschap:User-Name} -> --username=glouglou
mschap2: 14
expand: --challenge=%{mschap:Challenge:-00} -> --challenge=91426d1805c9df8e
expand: --nt-response=%{mschap:NT-Response:-00} -> --nt-response=f3dd3327fd3672e1e3922e61ccfa5146ced3e82a830f157c
[2008/07/18 00:45:25, 0] utils/ntlm_auth.c:get_winbind_domain(173)
could not obtain winbind domain name!
Exec-Program output: Reading winbind reply failed! (0xc0000001)
Exec-Program-Wait: plaintext: Reading winbind reply failed! (0xc0000001)
Exec-Program: returned: 1
rlm_mschap: External script failed.
rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
++[mschap] returns reject
rlm_eap: Freeing handler
++[eap] returns reject
auth: Failed to validate the user.
} # server (null)
PEAP: Got tunneled reply RADIUS code 3
MS-CHAP-Error = "\007E=691 R=1"
EAP-Message = 0x04070004
Message-Authenticator = 0x00000000000000000000000000000000
PEAP: Processing from tunneled session code 0x81db090 3
MS-CHAP-Error = "\007E=691 R=1"
EAP-Message = 0x04070004
Message-Authenticator = 0x00000000000000000000000000000000
PEAP: Tunneled authentication was rejected.
rlm_eap_peap: FAILURE
++[eap] returns handled
Sending Access-Challenge of id 43 to 10.10.44.246 port 1031
EAP-Message = 0x010800261900170301001b1cb26351afcada6fa00681d513a98baa4adc04a92d662a5e7d5801
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x83d5d79484ddce1dada70e42703d8db9
Finished request 7.
Going to the next request
Waking up in 4.6 seconds.
rad_recv: Access-Request packet from host 10.10.44.246 port 1031, id=44, length=204
User-Name = "PLUTON\\glouglou"
NAS-IP-Address = 10.10.44.246
NAS-Port = 1
Called-Station-Id = "00-1C-F0-08-FB-FA:PEAP"
Calling-Station-Id = "00-12-F0-0C-97-61"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 54Mbps 802.11g"
EAP-Message = 0x020800261900170301001bed50b902c220b64b1ad0983260196e80d5b6c8f60cd080fa9537eb
State = 0x83d5d79484ddce1dada70e42703d8db9
Message-Authenticator = 0xbd133e03130add066fe0cdb5f7eead95
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: No '@' in User-Name = "PLUTON\glouglou", looking up realm NULL
rlm_realm: No such realm "NULL"
++[suffix] returns noop
rlm_eap: EAP packet type response id 8 length 38
rlm_eap: Continuing tunnel setup.
++[eap] returns ok
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: Received EAP-TLV response.
rlm_eap_peap: Had sent TLV failure. User was rejected earlier in this session.
rlm_eap: Handler failed in EAP/peap
rlm_eap: Failed in EAP select
++[eap] returns invalid
auth: Failed to validate the user.
Found Post-Auth-Type Reject
+- entering group REJECT
expand: %{User-Name} -> PLUTON\glouglou
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Sending Access-Reject of id 44 to 10.10.44.246 port 1031
EAP-Message = 0x04080004
Message-Authenticator = 0x00000000000000000000000000000000
Finished request 8.
Going to the next request
Waking up in 4.6 seconds.
Cleaning up request 0 ID 36 with timestamp +39
Cleaning up request 1 ID 37 with timestamp +39
Waking up in 0.1 seconds.
Cleaning up request 2 ID 38 with timestamp +40
Cleaning up request 3 ID 39 with timestamp +40
Cleaning up request 4 ID 40 with timestamp +40
Cleaning up request 5 ID 41 with timestamp +40
Cleaning up request 6 ID 42 with timestamp +40
Cleaning up request 7 ID 43 with timestamp +40
Cleaning up request 8 ID 44 with timestamp +40
Ready to process requests.
_____________________________________________________________________________
Envoyez avec Yahoo! Mail. Une boite mail plus intelligente http://mail.yahoo.fr
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080717/19996c58/attachment.html>
More information about the Freeradius-Users
mailing list