Perl/Peap-MSChapV2 Issues

Thu Mar 19 15:18:27 CET 2009

I'm trying to get Perl authentication setup along with Peap/MSChapV2. I 
have a perl script that I wish to use to authenticate the user but for 
some reason, it does not look like the perl script is even being called 
at the point where it needs to. See below for the log. I could be wrong, 
but the issue seems to be here:

------------------------------------------------
  WARNING: You set Proxy-To-Realm = LOCAL, but the realm does not exist! 
 Cancel                                                                  
            ling invalid proxy request.
auth: No authenticate method (Auth-Type) configuration found for the 
request: Re                                                              
                jecting the user
auth: Failed to validate the user.
Login incorrect: [testUser] (from client DORMTEST2_M80 port 0 via TLS 
tunnel)
  PEAP: Tunneled authentication was rejected.
  rlm_eap_peap: FAILURE
++[eap] returns handled
--------------------------------------------------
If I need to provide any config files, please just say so. I'm not sure 
which ones to include here. Version is 2.0.5

Thanks.
-Adam Sewell

Log:
--------------------------------------------------

rad_recv: Access-Request packet from host 192.168.240.78 port 2372, 
id=131, lengt                                                            
                  h=152
        Message-Authenticator = 0xede4cc6e1f95787b1f2f1eb7172fdf44
        User-Name = "testUser"
        NAS-IP-Address = 192.168.240.78
        NAS-Port = 4
        NAS-Port-Type = Ethernet
        Calling-Station-Id = "00-16-D3-30-E5-74"
        EAP-Message = 0x0207000d016c6a61636b736f6e
        Framed-MTU = 1000
        Called-Station-Id = "0001F4-B6-1B-80\0004"
        NAS-Identifier = "HOKDORM_01953_M48"
        NAS-Port-Id = "fe.0.4"
+- entering group authorize
++[preprocess] returns ok
++[mschap] returns noop
    users: Matched entry DEFAULT at line 189
++[files] returns ok
  rlm_eap: EAP packet type response id 7 length 13
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++? if (EAP-Message)
? Evaluating (EAP-Message) -> TRUE
++? if (EAP-Message) -> TRUE
++- entering if (EAP-Message)
+++[noop] returns noop
++- if (EAP-Message) returns noop
++ ... skipping elsif for request 0: Preceding "if" was taken
++ ... skipping elsif for request 0: Preceding "if" was taken
  rad_check_password:  Found Auth-Type Perl
  rad_check_password:  Found Auth-Type EAP
Warning:  Found 2 auth-types on request for user 'testUser'
auth: type "EAP"
+- entering group authenticate
  rlm_eap: EAP Identity
  rlm_eap: processing type tls
  rlm_eap_tls: Initiate
  rlm_eap_tls: Start returned 1
++[eap] returns handled
Sending Access-Challenge of id 131 to 192.168.240.78 port 2372
        EAP-Message = 0x010800061920
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xbd856426bd8d7d24113b1577a1fc0b35
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 192.168.240.78 port 2372, 
id=132, lengt                                                            
                  h=249
        Message-Authenticator = 0xff045bcad52434215028c1d31990ae00
        User-Name = "testUser"
        State = 0xbd856426bd8d7d24113b1577a1fc0b35
        NAS-IP-Address = 192.168.240.78
        NAS-Port = 4
        NAS-Port-Type = Ethernet
        Calling-Station-Id = "00-16-D3-30-E5-74"
        Called-Station-Id = "00-01-F4-B6-1B-80"
        Framed-MTU = 1000
        EAP-Message = 
0x0208005c190016030100510100004d030149c2516a7d86eed958cf9d               

bcc1b3a313d5271a03db4f39f3ce88760640dfaabc00002600390038003500160013000a
00330032                                                                 
             002f00050004001500120009001400110008000600030100
        NAS-Identifier = "HOKDORM_01953_M48"
        NAS-Port-Id = "fe.0.4"
+- entering group authorize
++[preprocess] returns ok
++[mschap] returns noop
    users: Matched entry DEFAULT at line 189
++[files] returns ok
  rlm_eap: EAP packet type response id 8 length 92
  rlm_eap: Continuing tunnel setup.
++[eap] returns ok
  rad_check_password:  Found Auth-Type Perl
  rad_check_password:  Found Auth-Type EAP
Warning:  Found 2 auth-types on request for user 'testUser'
auth: type "EAP"
+- entering group authenticate
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
  eaptls_verify returned 7
  rlm_eap_tls: Done initial handshake
    (other): before/accept initialization
    TLS_accept: before/accept initialization
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 0051], ClientHello
    TLS_accept: SSLv3 read client hello A
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
    TLS_accept: SSLv3 write server hello A
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 085e], Certificate
    TLS_accept: SSLv3 write certificate A
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 020d], ServerKeyExchange
    TLS_accept: SSLv3 write key exchange A
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
    TLS_accept: SSLv3 write server done A
    TLS_accept: SSLv3 flush data
    TLS_accept: Need to read more data: SSLv3 read client certificate A
In SSL Handshake Phase
In SSL Accept mode
  eaptls_process returned 13
  rlm_eap_peap: EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 132 to 192.168.240.78 port 2372
        EAP-Message = 
0x010903e419c000000acd160301004a02000046030149c23c6e6f3afe               

ce786b5cb656f4566f4b9ab71a9b123a9ee0c351d3cacad44a20e9c2f3afa8b7e0eeb081
288ac57e                                                                 

9975f411c844194714ff16f15cde4ad2f3ae003900160301085e0b00085a0008570003a6
308203a2                                                                 

3082028aa003020102020101300d06092a864886f70d0101040500308193310b30090603
55040613                                                                 

024652310f300d060355040813065261646975733112301006035504071309536f6d6577
68657265                                                                 

31153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d01
09011611                                                                 
             61646d696e406578616d706c652e636f6d3126302406035504
        EAP-Message = 
0x03131d4578616d706c6520436572746966696361746520417574686f               

72697479301e170d3039303232363138313530335a170d3130303232363138313530335a
307c310b                                                                 

3009060355040613024652310f300d060355040813065261646975733115301306035504
0a130c45                                                                 

78616d706c6520496e632e312330210603550403131a4578616d706c6520536572766572
20436572                                                                 

74696669636174653120301e06092a864886f70d010901161161646d696e406578616d70
6c652e63                                                                 

6f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100af
91ce4cc9                                                                 
             6ce447a1b9ce6a3c8d5cee06559ffe5d6c58649c8af10cf4d8
        EAP-Message = 
0x2196a122f04a957a7ca72043e3f61c0e4149a18d32bea21f5807e44e               

710762d5ede33f41f89e5238ba8ec146775ec45f90335564a0ccdf9d7332b714993b5277
76d70068                                                                 

a939f58c7475e677850446ef1de2427a39b1469d4707f59723cc3c5c432426f51d899e3d
f16df486                                                                 

41151eb1a34b9aacf00fb3380f43db62d6efe38255abd22667ba5a4a4d0de897d955eb54
532c642b                                                                 

009994eb1d4353ab340852d9a2db429111f08e31dc5a5c063a1b4625023d21496f55717d
44b2ef16                                                                 

38b6cce64bf716e719d885f20b305fed4e6d94a8ecb1201d43389cbbd9e48328d7f88506
41d50203                                                                 
             010001a317301530130603551d25040c300a06082b06010505
        EAP-Message = 
0x070301300d06092a864886f70d010104050003820101005e3f3bed58               

8f5e438581d8abdf869d6e5b9751c0407043ba804bae8a935f2ccfda3e106c7b9bd3c41e
3baa1e6b                                                                 

ea239a7878a67fa523f76e9207640ce1900a71ee645e0a200007826520944b15177a2d85
5ba97f35                                                                 

b5484cc4476b4c49bbcc55fa40b919506eb73e3f6f35c87ed3d38fca2b33a82d541a108e
60a54b95                                                                 

8ebab48dbcbed264380c05df5c4e8839169ade9bed2cde41faa08755b53dfe9a4a8fe741
7795f114                                                                 

9529d9e2ad6c0c6f610a12772c3a5b1dca9826bc8e55ba4d17bd2e60db88e70bb9f66b22
433be9a9                                                                 
             d28522870278805bab
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xbd856426bc8c7d24113b1577a1fc0b35
Finished request 1.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 192.168.240.78 port 2372, 
id=133, lengt                                                            
                  h=163
        Message-Authenticator = 0x1a136248076ddec3dfa07234893eb3fb
        User-Name = "testUser"
        State = 0xbd856426bc8c7d24113b1577a1fc0b35
        NAS-IP-Address = 192.168.240.78
        NAS-Port = 4
        NAS-Port-Type = Ethernet
        Calling-Station-Id = "00-16-D3-30-E5-74"
        Called-Station-Id = "00-01-F4-B6-1B-80"
        Framed-MTU = 1000
        EAP-Message = 0x020900061900
        NAS-Identifier = "HOKDORM_01953_M48"
        NAS-Port-Id = "fe.0.4"
+- entering group authorize
++[preprocess] returns ok
++[mschap] returns noop
    users: Matched entry DEFAULT at line 189
++[files] returns ok
  rlm_eap: EAP packet type response id 9 length 6
  rlm_eap: Continuing tunnel setup.
++[eap] returns ok
  rad_check_password:  Found Auth-Type Perl
  rad_check_password:  Found Auth-Type EAP
Warning:  Found 2 auth-types on request for user 'testUser'
auth: type "EAP"
+- entering group authenticate
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
  rlm_eap_tls: ack handshake fragment handler
  eaptls_verify returned 1
  eaptls_process returned 13
  rlm_eap_peap: EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 133 to 192.168.240.78 port 2372
        EAP-Message = 
0x010a03e01940192b141d954ba5dad16f574bfa9c6f1069e1fda082af               

c3ba1fc97a0d151f664e5dd53aed97cf332119fe0004ab308204a73082038fa003020102
020900ba                                                                 

d26bfd4ce6479b300d06092a864886f70d0101050500308193310b300906035504061302
4652310f                                                                 

300d060355040813065261646975733112301006035504071309536f6d65776865726531
15301306                                                                 

0355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161
646d696e                                                                 

406578616d706c652e636f6d312630240603550403131d4578616d706c65204365727469
66696361                                                                 
             746520417574686f72697479301e170d303930323236313831
        EAP-Message = 
0x3530315a170d3039303332383138313530315a308193310b30090603               

55040613024652310f300d06035504081306526164697573311230100603550407130953
6f6d6577                                                                 

6865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a8648
86f70d01                                                                 

0901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d
706c6520                                                                 

436572746966696361746520417574686f7269747930820122300d06092a864886f70d01
01010500                                                                 

0382010f003082010a0282010100c005918d15156e31de5cad4be43bcee9a30544cbd781
4d9e8b12                                                                 
             5c6aefc9a71a5c8d815d1cc12b0f37be7b2b30abd5cb4c696e
        EAP-Message = 
0x9f5aa45dd330796a68c9440b1114f9181342ef7006f2ca01e8805e58               

0f4505da0d6b20c3e5ec1c85ac9473c4ce52cbba3917612d45f3d2ddcd0a7da895a57d4e
f7defd41                                                                 

353010449e124599e5d3115874e99c358e6448a5b78d84626d9b4479134e2fe45407e708
8bf1930a                                                                 

59b64aa4d17dc992cd317ea3ace04b31064a61647847ad710d6f458d128810e2152bc460
182cf327                                                                 

c63cf30639c3072fbd5ac302e525319efdb02c7e3a33026e7228186d464695aa1e00e461
fc004d86                                                                 

f4aabb8be9f06db98714d5ef63b51c433d0203010001a381fb3081f8301d0603551d0e04
160414d0                                                                 
             0f03b207edebc2780daafc959d2c27157dcad13081c8060355
        EAP-Message = 
0x1d230481c03081bd8014d00f03b207edebc2780daafc959d2c27157d               

cad1a18199a48196308193310b3009060355040613024652310f300d0603550408130652
61646975                                                                 

733112301006035504071309536f6d65776865726531153013060355040a130c4578616d
706c6520                                                                 

496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e63
6f6d3126                                                                 

30240603550403131d4578616d706c6520436572746966696361746520417574686f7269
74798209                                                                 

00bad26bfd4ce6479b300c0603551d13040530030101ff300d06092a864886f70d010105
05000382                                                                 
             010100183c
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xbd856426bf8f7d24113b1577a1fc0b35
Finished request 2.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 192.168.240.78 port 2372, 
id=134, lengt                                                            
                  h=163
        Message-Authenticator = 0xfe56a2125a6096f339b3c22ce587817b
        User-Name = "testUser"
        State = 0xbd856426bf8f7d24113b1577a1fc0b35
        NAS-IP-Address = 192.168.240.78
        NAS-Port = 4
        NAS-Port-Type = Ethernet
        Calling-Station-Id = "00-16-D3-30-E5-74"
        Called-Station-Id = "00-01-F4-B6-1B-80"
        Framed-MTU = 1000
        EAP-Message = 0x020a00061900
        NAS-Identifier = "HOKDORM_01953_M48"
        NAS-Port-Id = "fe.0.4"
+- entering group authorize
++[preprocess] returns ok
++[mschap] returns noop
    users: Matched entry DEFAULT at line 189
++[files] returns ok
  rlm_eap: EAP packet type response id 10 length 6
  rlm_eap: Continuing tunnel setup.
++[eap] returns ok
  rad_check_password:  Found Auth-Type Perl
  rad_check_password:  Found Auth-Type EAP
Warning:  Found 2 auth-types on request for user 'testUser'
auth: type "EAP"
+- entering group authenticate
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
  rlm_eap_tls: ack handshake fragment handler
  eaptls_verify returned 1
  eaptls_process returned 13
  rlm_eap_peap: EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 134 to 192.168.240.78 port 2372
        EAP-Message = 
0x010b031f19005647775d06a03ebb8b89c3256914ceac4171e7ee41b3               

bb5f8497c3f7eea643ac0637116e282046f3611e910dcf39d779ad13a14a68e75e9c416a
f68cb847                                                                 

4782e1d77d20cbb4785c40d8b36de0f2caca1c5a477b3a09c488d3065b0865e63b546965
fa1bc70c                                                                 

89f578eb1c88bcd329c3afb49730d0af199bf022be1f0cb74f71fde6d6be2f23af396c88
3b5411c1                                                                 

07b4d6fc51bc2bc07534c6d6d352c9afde1cb48565b9b669489403d0940d0da70125b207
3f724b7d                                                                 

1e3cd7cf5f31432eb7a659105af9fb92e5f67d36ad6c15321a218a34f89235844c88cc09
f44d3915                                                                 
             1cbbc12c70d4f6dba5f9e80cbfb2af15bb644c7749a3b34a57
        EAP-Message = 
0x50b8f96e2da78c160301020d0c000209008095c28ea954c729df2931               

ea0e63d9b9ab25cdacbad88a7ded24c19ae298dddfd9b9b2dfba285398d544e1aebe2e6f
d4302399                                                                 

a2a156a1be615d6b7579973fe3323c4f65428282088b141e06ee2d99144c7b458bb1da4e
c85778a8                                                                 

806b2e9183475abdc4707fd70974a7bfeb9068894e5b15a6a576a266a6ccf9e439a22428
44530001                                                                 

0200807016d2ffeeac20415bd5e3d06f5d56797b894340ba4cfa86b7c249d7a19f4a30a1
50166a1c                                                                 

ad77dc80946762574bbe839165a11847955d822c7618609cb0823aa6fbfa3fde5ac1689d
e3992cc7                                                                 
             7b62ed0f56f46e72899d535b2a7686b42a23879e2e43b31ebe
        EAP-Message = 
0x1436022c138e7ea74e034cd234eed9bf9e88a34b36dcf47a567b0100               

5ecc0ea78b9c0878dfc0795293d10b08dd9bd428ded50b9ee6e466268adcefea9d179f53
f109cdb2                                                                 

1a8e7a3db6b0968211beffd26709bdfd941711deeadcfcdb3070a225778a47dd4d37e189
b12514b4                                                                 

002bee6009872c50d6fba56fc0a687d4d6d4db9e034ce2679d03a28d2b3cc2cdee4c2107
7e7c41aa                                                                 

15a5e1cb08fa98e01ad0c70248712e18b4e491dc63d54c1e0e4276997f834f02a76138e4
ecc3cf95                                                                 

2f47659401e312bc4e3a1f7fad06988938bb26f6e16261603f793c33220772ae205cdab2
7d1b7271                                                                 
             846bf24a154840e38af13a8be8e8b37245599708ee3458d84d
        EAP-Message = 
0xf119be8b5c51d006e288aa595c249249489b1c5e01ba8561fac3ff17               

13e15416030100040e000000
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xbd856426be8e7d24113b1577a1fc0b35
Finished request 3.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 192.168.240.78 port 2372, 
id=135, lengt                                                            
                  h=361
        Message-Authenticator = 0xaadc7c7cbfc2e4703d87937b07653f56
        User-Name = "testUser"
        State = 0xbd856426be8e7d24113b1577a1fc0b35
        NAS-IP-Address = 192.168.240.78
        NAS-Port = 4
        NAS-Port-Type = Ethernet
        Calling-Station-Id = "00-16-D3-30-E5-74"
        Called-Station-Id = "00-01-F4-B6-1B-80"
        Framed-MTU = 1000
        EAP-Message = 
0x020b00cc1900160301008610000082008034b73538e4af77762136cf               

968dff3f35c0d7d26816075e8acf59f85a9ea17d2d2bdaba8c52bf8b73ca5e4cf1b3f41d
df18b7b3                                                                 

445bd77cd43505da9d00164b0b4e910aaa253aa28e96c2b434a5bffc9676162be91af163
ed23925d                                                                 

1d81ba43067a5a8745490c4084d009852adf47e9378c5449fc0ec305b358ee2bbfae681f
04140301                                                                 

0001011603010030c008d2eb665cdccc20489b58aef27cf392e5c948d673fb629ba7c518
b1b5639c                                                                 
             a046ccb28c891a79e2fedb7bc1b55850
        NAS-Identifier = "HOKDORM_01953_M48"
        NAS-Port-Id = "fe.0.4"
+- entering group authorize
++[preprocess] returns ok
++[mschap] returns noop
    users: Matched entry DEFAULT at line 189
++[files] returns ok
  rlm_eap: EAP packet type response id 11 length 204
  rlm_eap: Continuing tunnel setup.
++[eap] returns ok
  rad_check_password:  Found Auth-Type Perl
  rad_check_password:  Found Auth-Type EAP
Warning:  Found 2 auth-types on request for user 'testUser'
auth: type "EAP"
+- entering group authenticate
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
  eaptls_verify returned 7
  rlm_eap_tls: Done initial handshake
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
    TLS_accept: SSLv3 read client key exchange A
  rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001]
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished
    TLS_accept: SSLv3 read finished A
  rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001]
    TLS_accept: SSLv3 write change cipher spec A
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished
    TLS_accept: SSLv3 write finished A
    TLS_accept: SSLv3 flush data
    (other): SSL negotiation finished successfully
SSL Connection Established
  eaptls_process returned 13
  rlm_eap_peap: EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 135 to 192.168.240.78 port 2372
        EAP-Message = 
0x010c0041190014030100010116030100309920be9ebe8f52fa4ed630               

8ada16be1cd50eec4ec78738d17b4397acff90fd2bf52e77f77ceb28a8acacd32c82e092
ab
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xbd856426b9897d24113b1577a1fc0b35
Finished request 4.
Going to the next request
Waking up in 4.7 seconds.
rad_recv: Access-Request packet from host 192.168.240.78 port 2372, 
id=136, lengt                                                            
                  h=163
        Message-Authenticator = 0xcfaba03208b5391f2170865024c7b4d2
        User-Name = "testUser"
        State = 0xbd856426b9897d24113b1577a1fc0b35
        NAS-IP-Address = 192.168.240.78
        NAS-Port = 4
        NAS-Port-Type = Ethernet
        Calling-Station-Id = "00-16-D3-30-E5-74"
        Called-Station-Id = "00-01-F4-B6-1B-80"
        Framed-MTU = 1000
        EAP-Message = 0x020c00061900
        NAS-Identifier = "HOKDORM_01953_M48"
        NAS-Port-Id = "fe.0.4"
+- entering group authorize
++[preprocess] returns ok
++[mschap] returns noop
    users: Matched entry DEFAULT at line 189
++[files] returns ok
  rlm_eap: EAP packet type response id 12 length 6
  rlm_eap: Continuing tunnel setup.
++[eap] returns ok
  rad_check_password:  Found Auth-Type Perl
  rad_check_password:  Found Auth-Type EAP
Warning:  Found 2 auth-types on request for user 'testUser'
auth: type "EAP"
+- entering group authenticate
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
  rlm_eap_tls: ack handshake is finished
  eaptls_verify returned 3
  eaptls_process returned 3
  rlm_eap_peap: EAPTLS_SUCCESS
++[eap] returns handled
Sending Access-Challenge of id 136 to 192.168.240.78 port 2372
        EAP-Message = 
0x010d002b19001703010020eaa91fa81f90eda46f466f7882f677ea9e               

bcc91b987231d339cf0aa989cf0c54
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xbd856426b8887d24113b1577a1fc0b35
Finished request 5.
Going to the next request
Waking up in 4.7 seconds.
rad_recv: Access-Request packet from host 192.168.240.78 port 2372, 
id=137, lengt                                                            
                  h=237
        Message-Authenticator = 0xa9aedf5cd00f0ac40e58d97685afb53c
        User-Name = "testUser"
        State = 0xbd856426b8887d24113b1577a1fc0b35
        NAS-IP-Address = 192.168.240.78
        NAS-Port = 4
        NAS-Port-Type = Ethernet
        Calling-Station-Id = "00-16-D3-30-E5-74"
        Called-Station-Id = "00-01-F4-B6-1B-80"
        Framed-MTU = 1000
        EAP-Message = 
0x020d00501900170301002057cb0d149913d21e3bf3fef3c63273735c               

374f1f98a48743223f9256cf517be31703010020a85accc63c089e33310a616953971ec9
20520cb9                                                                 
             8fe0d3244b4bd8ce10aaa739
        NAS-Identifier = "HOKDORM_01953_M48"
        NAS-Port-Id = "fe.0.4"
+- entering group authorize
++[preprocess] returns ok
++[mschap] returns noop
    users: Matched entry DEFAULT at line 189
++[files] returns ok
  rlm_eap: EAP packet type response id 13 length 80
  rlm_eap: Continuing tunnel setup.
++[eap] returns ok
  rad_check_password:  Found Auth-Type Perl
  rad_check_password:  Found Auth-Type EAP
Warning:  Found 2 auth-types on request for user 'testUser'
auth: type "EAP"
+- entering group authenticate
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
  eaptls_verify returned 7
  rlm_eap_tls: Done initial handshake
  eaptls_process returned 7
  rlm_eap_peap: EAPTLS_OK
  rlm_eap_peap: Session established.  Decoding tunneled attributes.
  rlm_eap_peap: Identity - testUser
  PEAP: Got tunneled identity of testUser
  PEAP: Setting default EAP type for tunneled EAP session.
  PEAP: Setting User-Name to testUser
+- entering group authorize
++[mschap] returns noop
    rlm_realm: No '@' in User-Name = "testUser", looking up realm NULL
    rlm_realm: No such realm "NULL"
++[suffix] returns noop
++[control] returns noop
  rlm_eap: Request is supposed to be proxied to Realm LOCAL.  Not doing 
EAP.
++[eap] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
  WARNING: You set Proxy-To-Realm = LOCAL, but the realm does not exist! 
 Cancel                                                                  
            ling invalid proxy request.
auth: No authenticate method (Auth-Type) configuration found for the 
request: Re                                                              
                jecting the user
auth: Failed to validate the user.
Login incorrect: [testUser] (from client DORMTEST2_M80 port 0 via TLS 
tunnel)
  PEAP: Tunneled authentication was rejected.
  rlm_eap_peap: FAILURE
++[eap] returns handled
Sending Access-Challenge of id 137 to 192.168.240.78 port 2372
        EAP-Message = 
0x010e002b190017030100200dbc1fdc99ce198e1395aaf13395f18c2a               

d4deecf9025e18d3a17e85698aba58
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xbd856426bb8b7d24113b1577a1fc0b35
Finished request 6.
Going to the next request
Waking up in 4.7 seconds.
rad_recv: Access-Request packet from host 192.168.240.78 port 2372, 
id=138, lengt                                                            
                  h=237
        Message-Authenticator = 0xc55c7e9c1e86cc3723640d1d5ca4ed5e
        User-Name = "testUser"
        State = 0xbd856426bb8b7d24113b1577a1fc0b35
        NAS-IP-Address = 192.168.240.78
        NAS-Port = 4
        NAS-Port-Type = Ethernet
        Calling-Station-Id = "00-16-D3-30-E5-74"
        Called-Station-Id = "00-01-F4-B6-1B-80"
        Framed-MTU = 1000
        EAP-Message = 
0x020e00501900170301002059f4b1892fa7f016f7576a058660d11c7d               

8064c436922e0ce4963588c05be5be1703010020d23026f856c74389b87ecbb68d220a7f
215ee0f5                                                                 
             1ed4cd4746cfdb39c6180a48
        NAS-Identifier = "HOKDORM_01953_M48"
        NAS-Port-Id = "fe.0.4"
+- entering group authorize
++[preprocess] returns ok
++[mschap] returns noop
    users: Matched entry DEFAULT at line 189
++[files] returns ok
  rlm_eap: EAP packet type response id 14 length 80
  rlm_eap: Continuing tunnel setup.
++[eap] returns ok
  rad_check_password:  Found Auth-Type Perl
  rad_check_password:  Found Auth-Type EAP
Warning:  Found 2 auth-types on request for user 'testUser'
auth: type "EAP"
+- entering group authenticate
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
  eaptls_verify returned 7
  rlm_eap_tls: Done initial handshake
  eaptls_process returned 7
  rlm_eap_peap: EAPTLS_OK
  rlm_eap_peap: Session established.  Decoding tunneled attributes.
  rlm_eap_peap: Received EAP-TLV response.
  rlm_eap_peap:  Had sent TLV failure.  User was rejected earlier in 
this sessio                                                              
                n.
 rlm_eap: Handler failed in EAP/peap
  rlm_eap: Failed in EAP select
++[eap] returns invalid
auth: Failed to validate the user.
Login incorrect: [testUser] (from client DORMTEST2_M80 port 4 cli 
00-16-D3-30-E5                                                           
                   -74)
  Found Post-Auth-Type Reject
+- entering group REJECT
        expand: %{User-Name} -> testUser
 attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Sending Access-Reject of id 138 to 192.168.240.78 port 2372
        EAP-Message = 0x040e0004
        Message-Authenticator = 0x00000000000000000000000000000000
Finished request 7.
Going to the next request
Waking up in 4.7 seconds.
Cleaning up request 0 ID 131 with timestamp +1335
Cleaning up request 1 ID 132 with timestamp +1335
Cleaning up request 2 ID 133 with timestamp +1335
Cleaning up request 3 ID 134 with timestamp +1335
Waking up in 0.1 seconds.
Cleaning up request 4 ID 135 with timestamp +1336
Cleaning up request 5 ID 136 with timestamp +1336
Cleaning up request 6 ID 137 with timestamp +1336
Cleaning up request 7 ID 138 with timestamp +1336
Ready to process requests.