My error:
Martin Silvero
silvero.martin at gmail.com
Wed Nov 26 18:39:10 CET 2008
rad_recv: Access-Request packet from host 10.0.16.4 port 1645, id=6, length=136
User-Name = "test"
Framed-MTU = 1400
Called-Station-Id = "0019.2fdb.9d00"
Calling-Station-Id = "001f.3c22.44c5"
Service-Type = Login-User
Message-Authenticator = 0x8185244a1739d905761d97635ccde126
EAP-Message = 0x020100090163657274
NAS-Port-Type = Wireless-802.11
NAS-Port = 262
NAS-IP-Address = 10.0.16.4
NAS-Identifier = "ap"
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: No '@' in User-Name = "test", looking up realm NULL
rlm_realm: No such realm "NULL"
++[suffix] returns noop
rlm_eap: EAP packet type response id 1 length 9
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
users: Matched entry cert at line 76
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
rlm_pap: Found existing Auth-Type, not changing it.
++[pap] returns noop
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Requiring client certificate
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
++[eap] returns handled
Sending Access-Challenge of id 6 to 10.0.16.4 port 1645
EAP-Message = 0x010200060d20
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xb7c9adf3b7cba0f54e6f2b406f75dfd7
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 0 ID 6 with timestamp +5
Ready to process requests.
--------
this error is with the supplicant "wire1"
but... when the supplicant is "Intel PROset wireless" the error is this:
rad_recv: Access-Request packet from host 10.0.31.40 port 1645, id=2, length=136
User-Name = "cert"
Framed-MTU = 1400
Called-Station-Id = "0019.2fdb.9e00"
Calling-Station-Id = "001f.3c22.674a"
Service-Type = Login-User
Message-Authenticator = 0xba5587f920826e2bd4beb4695b9be3de
EAP-Message = 0x020100090163657274
NAS-Port-Type = Wireless-802.11
NAS-Port = 259
NAS-IP-Address = 10.0.31.40
NAS-Identifier = "ap-Reconquista-31"
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: No '@' in User-Name = "cert", looking up realm NULL
rlm_realm: No such realm "NULL"
++[suffix] returns noop
rlm_eap: EAP packet type response id 1 length 9
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
users: Matched entry cert at line 76
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
rlm_pap: Found existing Auth-Type, not changing it.
++[pap] returns noop
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Requiring client certificate
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
++[eap] returns handled
Sending Access-Challenge of id 2 to 10.0.31.40 port 1645
EAP-Message = 0x010200060d20
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x45047f1b45067264424db5b65333fec0
Finished request 1.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.0.31.40 port 1645, id=3, length=255
User-Name = "cert"
Framed-MTU = 1400
Called-Station-Id = "0019.2fdb.9e00"
Calling-Station-Id = "001f.3c22.674a"
Service-Type = Login-User
Message-Authenticator = 0x565fba63fe92ec25bb27dc9b7cd35351
EAP-Message =
0x0202006e0d8000000064160301005f0100005b0301492d8813d8442284e62309c1463f24d6bd6dff31a5a199dee31582cbb9fa140400003400390038003500160013000a00330032002f006600050004006500640063006200610060001500120009001400110008000600030100
NAS-Port-Type = Wireless-802.11
NAS-Port = 259
State = 0x45047f1b45067264424db5b65333fec0
NAS-IP-Address = 10.0.31.40
NAS-Identifier = "ap-Reconquista-31"
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: No '@' in User-Name = "cert", looking up realm NULL
rlm_realm: No such realm "NULL"
++[suffix] returns noop
rlm_eap: EAP packet type response id 2 length 110
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
users: Matched entry cert at line 76
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
rlm_pap: Found existing Auth-Type, not changing it.
++[pap] returns noop
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP/tls
rlm_eap: processing type tls
rlm_eap_tls: Authenticate
rlm_eap_tls: processing TLS
TLS Length 100
rlm_eap_tls: Length Included
eaptls_verify returned 11
(other): before/accept initialization
TLS_accept: before/accept initialization
rlm_eap_tls: <<< TLS 1.0 Handshake [length 005f], ClientHello
TLS_accept: SSLv3 read client hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
TLS_accept: SSLv3 write server hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0849], Certificate
TLS_accept: SSLv3 write certificate A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 020d], ServerKeyExchange
TLS_accept: SSLv3 write key exchange A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 00a3], CertificateRequest
TLS_accept: SSLv3 write certificate request A
TLS_accept: SSLv3 flush data
TLS_accept: Need to read more data: SSLv3 read client certificate A
In SSL Handshake Phase
In SSL Accept mode
eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 3 to 10.0.31.40 port 1645
EAP-Message =
0x010304000dc000000b57160301004a020000460301492d88149171a0d9fd6597a004574b6ff645784cfb233487f6a1178e983db8b9202849854d8af6a3dea84919340635e06d602786b93c1fe23e19cdfced138f4ce100390016030108490b00084500084200039d3082039930820281a003020102020101300d06092a864886f70d010104050030818f310b3009060355040613024152311530130603550408130c4275656e6f73204169726573311430120603550407130b5265636f6e717569737461310e300c060355040a130549504c414e3124302206092a864886f70d01090116156d73696c7665726f4069706c616e2e636f6d2e6172311d30
EAP-Message =
0x1b06035504031314436572746966696361646f205261646975734954301e170d3038313131383139303732335a170d3039313131383139303732335a3077310b3009060355040613024152311530130603550408130c4275656e6f73204169726573310e300c060355040a130549504c414e311b3019060355040313125365727665722043657274696669636174653124302206092a864886f70d01090116156d73696c7665726f4069706c616e2e636f6d2e617230820122300d06092a864886f70d01010105000382010f003082010a0282010100a3214e2a03be37b3b6da8eff4fae6c7842f472aeb12bba75eb5562cddb7952a6ae61663f628df1
EAP-Message =
0x2d1991b857f64a16e911276e3d6bcda584cbedf6869c19b871e9d8885955316739815ffee397c766ef9dd324f5eab40e761981f957447f775aa6fbb54d3524b76c08619fc3ebb786fa8347e080fd1512f9e04f4a0233cbe0c8a43efc96df5ac94f8a5270d4ff7fab98d04e464d1db1c53e62d412b0aca7f5a93e1e7386f65279b8dced42895115acecb76d0c619308bf79489223bdf468c6dff08d3ed46c2ed01398ee13207a187e36c82aa3b67679ce0278a9d89ec043ad8500eee052d4b5376a1d1c26153ccda064fdcf7bb2f6a1ad60fb34419705b89e650203010001a317301530130603551d25040c300a06082b06010505070301300d06092a86
EAP-Message =
0x4886f70d0101040500038201010098f1873453c3f3d52defa937a6a5ef9582a20758059e5aa37c451910b3b1a1823338a62070943b943c1f14aff489d62b163dccf164d7d60392a72d689778f6487087c8bc71ef77630065e987ec37c7fcccb2df32c6ca508a1f5a244c26a6b2e4d2ffbc6b9caa8b0676aace623b008ca88a0a1bc790e20110afca82544e136e9f6b748dcfa422a59fc780f9e59c29aba4163fe428b6a5090afb244d0d66ae5908f53ceaf6f4f21344372513726077ba93bafe985a2dd3107983de3ad686dfec2d78ef34c76148f6329cd5d00c8543803f27fe221df19d90465e602e4e0e1909d38cd03b108b5bb0f7bdc402f6cddfbf
EAP-Message = 0xb7420732d3d7b3e2232b37fd
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x45047f1b44077264424db5b65333fec0
Finished request 2.
Going to the next request
Waking up in 4.3 seconds.
-----------------------------
any suggestions?
many thanks!
More information about the Freeradius-Users
mailing list