Can't connect through Access Point
Ron Perez
perez.2ron at gmail.com
Mon Aug 9 04:29:35 CEST 2010
Here is the debug when I try to connect to the wireless network with
freeradius2.
rad_recv: Access-Request packet from host 10.96.100.205 port 1095, id=0,
length=127
User-Name = "rrperez"
NAS-IP-Address = 10.96.100.205
Called-Station-Id = "0014bf8abbc5"
Calling-Station-Id = "0016e3cdc0a3"
NAS-Identifier = "0014bf8abbc5"
NAS-Port = 46
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x0201000c017272706572657a
Message-Authenticator = 0x4f2ba1b95873a9bf8b13863f1ce6d52f
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "rrperez", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 1 length 12
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
[files] users: Matched entry rrperez at line 93
++[files] returns ok
[ldap] performing user authorization for rrperez
[ldap] expand: %{Stripped-User-Name} ->
[ldap] expand: %{User-Name} -> rrperez
[ldap] expand: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) ->
(uid=rrperez)
[ldap] expand: dc=testldap1,dc=test,dc=corpoff ->
dc=testldap1,dc=test,dc=corpoff
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=testldap1,dc=test,dc=corpoff, with filter
(uid=rrperez)
[ldap] looking for check items in directory...
rlm_ldap: userpassword -> Cleartext-Password == "p at ssw0rd"
rlm_ldap: userPassword -> User-Password == "p at ssw0rd"
[ldap] looking for reply items in directory...
[ldap] user rrperez authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
++[ldap] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] Found existing Auth-Type, not changing it.
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type md5
rlm_eap_md5: Issuing Challenge
++[eap] returns handled
Sending Access-Challenge of id 0 to 10.96.100.205 port 1095
EAP-Message = 0x010200160410b26f8606d20313bfb074702fb88c12dc
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x472a339647283709d04328c11ec504b2
Finished request 2.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.96.100.205 port 1097, id=0,
length=139
User-Name = "rrperez"
NAS-IP-Address = 10.96.100.205
Called-Station-Id = "0014bf8abbc5"
Calling-Station-Id = "0016e3cdc0a3"
NAS-Identifier = "0014bf8abbc5"
NAS-Port = 46
Framed-MTU = 1400
State = 0x472a339647283709d04328c11ec504b2
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x020200060319
Message-Authenticator = 0x2d96e463cb33f53668e660cc806f5396
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "rrperez", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 2 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
[files] users: Matched entry rrperez at line 93
++[files] returns ok
[ldap] performing user authorization for rrperez
[ldap] expand: %{Stripped-User-Name} ->
[ldap] expand: %{User-Name} -> rrperez
[ldap] expand: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) ->
(uid=rrperez)
[ldap] expand: dc=testldap1,dc=test,dc=corpoff ->
dc=testldap1,dc=test,dc=corpoff
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=testldap1,dc=test,dc=corpoff, with filter
(uid=rrperez)
[ldap] looking for check items in directory...
rlm_ldap: userpassword -> Cleartext-Password == "p at ssw0rd"
rlm_ldap: userPassword -> User-Password == "p at ssw0rd"
[ldap] looking for reply items in directory...
[ldap] user rrperez authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
++[ldap] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] Found existing Auth-Type, not changing it.
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP NAK
[eap] EAP-NAK asked for EAP-Type/peap
[eap] processing type tls
[tls] Initiate
[tls] Start returned 1
++[eap] returns handled
Sending Access-Challenge of id 0 to 10.96.100.205 port 1097
EAP-Message = 0x010300061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x472a339646292a09d04328c11ec504b2
Finished request 3.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.96.100.205 port 1099, id=0,
length=251
User-Name = "rrperez"
NAS-IP-Address = 10.96.100.205
Called-Station-Id = "0014bf8abbc5"
Calling-Station-Id = "0016e3cdc0a3"
NAS-Identifier = "0014bf8abbc5"
NAS-Port = 46
Framed-MTU = 1400
State = 0x472a339646292a09d04328c11ec504b2
NAS-Port-Type = Wireless-802.11
EAP-Message =
0x0203007619800000006c16030100670100006303014c60485419960635d1ade97d45e42d310da2c1bd2228f6a268e4c8d2725deccc000018002f00350005000ac009c00ac013c0140032003800130004010000220000000c000a0000077272706572657a000a00080006001700180019000b00020100
Message-Authenticator = 0xfb781696d1e2b68de3ca4be44368e6ba
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "rrperez", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 3 length 118
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
TLS Length 108
[peap] Length Included
[peap] eaptls_verify returned 11
[peap] (other): before/accept initialization
[peap] TLS_accept: before/accept initialization
[peap] <<< TLS 1.0 Handshake [length 0067], ClientHello
[peap] TLS_accept: SSLv3 read client hello A
[peap] >>> TLS 1.0 Handshake [length 002a], ServerHello
[peap] TLS_accept: SSLv3 write server hello A
[peap] >>> TLS 1.0 Handshake [length 0847], Certificate
[peap] TLS_accept: SSLv3 write certificate A
[peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
[peap] TLS_accept: SSLv3 write server done A
[peap] TLS_accept: SSLv3 flush data
[peap] TLS_accept: Need to read more data: SSLv3 read client certificate
A
In SSL Handshake Phase
In SSL Accept mode
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 0 to 10.96.100.205 port 1099
EAP-Message =
0x0104040019c000000884160301002a0200002603014c5ef69f90cc66244e85fa9ea030af56c83a42baaf970ef5afd98d6a5c23a1af00002f0016030108470b00084300084000039e3082039a30820282a003020102020101300d06092a864886f70d010104050030818e310b3009060355040613025048310f300d060355040813064d616e696c61310e300c0603550407130550617361793111300f060355040a1308534d205072696d653123302106092a864886f70d0109011614706572657a2e32726f6e40676d61696c2e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479301e170d31
EAP-Message =
0x30303830353231343433315a170d3131303830353231343433315a3079310b3009060355040613025048310f300d060355040813064d616e696c613111300f060355040a1308534d205072696d65312330210603550403131a4578616d706c65205365727665722043657274696669636174653121301f06092a864886f70d01090116127272706572657a406170632e6564752e706830820122300d06092a864886f70d01010105000382010f003082010a0282010100c6e7ab6d35efefbf0f386233076f46ad36cbbd54ddc07f0488bee8c4db14c0fe37a0ea6818d01ebbd3b409769818e4036bfc962238f8475d6583da6ac2512363845f5fb04d9d
EAP-Message =
0xbd5b53e9c2ef6647a4b8dd02daceb3066d9a9ae26cd11a8300b9d53c043f09b33b53354bdbcf6ce4d0b1a8e4770eb537f583c6ebce6487ffa1dc2b1c4cc541aa04e98fae7a73336ee461bdbdc0909080852e47fc49b64b146ad18cbafaf350647f19758c5e781d6bd8882f6d8e136f87b1f3e013342b79c05deef124b9c800c2461cb265ae547aa5c299facd146c391c91abcd5e0f03aac4cba67d9b5a86ff440e52850806b7c9b7f45ba4f4bcecb86bb5bb5f9dba3453e974fb0203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d010104050003820101004aac0765701c5185080a5fb6e5363b88b5
EAP-Message =
0xc7390b7836e78f8547c84ee349ca8b9d6a71e78cdf38ed81af871098700b1c03aa6970cd9a14107ec7aa9f4a84409a359a2c87c5eb09cca8b35d7c55ac7f2ee3db355438c00c50a5a0c96e5b6b850db681772588de4ca7035e033fa00f2c6091b1fbbdc232bc4374b1e653d08a9bdc91f5bdedc1f21ab134093737c8972f0ddd6c53bb535ba2808f59563caddf2c14f684f1856e78a49f8e6009495f1ec9115fc41f5fe3786444758c65121b714422aef588fa496d876beade61319aa7c4812908f4aeb34a13692a725fd11a5cd9a065daca5c078bf289686c7038c6e77fb9410b320bd5a62d7e3994d4353531cf7b00049c3082049830820380a00302
EAP-Message = 0x0102020900e6d6f0b5c23c70
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x472a3396452e2a09d04328c11ec504b2
Finished request 4.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.96.100.205 port 1101, id=0,
length=139
User-Name = "rrperez"
NAS-IP-Address = 10.96.100.205
Called-Station-Id = "0014bf8abbc5"
Calling-Station-Id = "0016e3cdc0a3"
NAS-Identifier = "0014bf8abbc5"
NAS-Port = 46
Framed-MTU = 1400
State = 0x472a3396452e2a09d04328c11ec504b2
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x020400061900
Message-Authenticator = 0x2e5b1abd57419deda1b17bc06072af82
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "rrperez", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 4 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] ACK handshake fragment handler
[peap] eaptls_verify returned 1
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 0 to 10.96.100.205 port 1101
EAP-Message =
0x010503fc1940a5300d06092a864886f70d010105050030818e310b3009060355040613025048310f300d060355040813064d616e696c61310e300c0603550407130550617361793111300f060355040a1308534d205072696d653123302106092a864886f70d0109011614706572657a2e32726f6e40676d61696c2e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479301e170d3130303830353231343433315a170d3131303830353231343433315a30818e310b3009060355040613025048310f300d060355040813064d616e696c61310e300c0603550407130550617361793111300f06
EAP-Message =
0x0355040a1308534d205072696d653123302106092a864886f70d0109011614706572657a2e32726f6e40676d61696c2e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f7269747930820122300d06092a864886f70d01010105000382010f003082010a0282010100c377b277cfce89da192b6975f0e2c6f2860fd64da3fd80309a1ea8bb2ef91fa0d004899dfb920f5bd5bba909cc537b86d0ac729985a36c6c7bb562a02aeb6cbbadbd25c73240631e24c7bc66d8bcc423848426c6094bebdca51e781a251f99361eb4885aaa88541eabb41ccf08250ccfa82eb3f18b3ba6025f53e1994f0e9a5f81
EAP-Message =
0x96ab436778d1b5b28ffa1d177836b9584f8228ae3f38eb1b255e5ecc9ffdb5fd5f41ed8f88d07fb1865be3b978d27fd8f5de8a5f66814c415f2f81948713e5475d61ff81076a6c12afd11a2b4efb8114e2dee083866a63775065a83aecaa60f96d32d41db2651e6523d1dda4968768503b77957ed302e70148af04bea6b33d0203010001a381f63081f3301d0603551d0e04160414eb114a719ea71a316c157f42cb959cbe3d7ad1453081c30603551d230481bb3081b88014eb114a719ea71a316c157f42cb959cbe3d7ad145a18194a4819130818e310b3009060355040613025048310f300d060355040813064d616e696c61310e300c0603550407
EAP-Message =
0x130550617361793111300f060355040a1308534d205072696d653123302106092a864886f70d0109011614706572657a2e32726f6e40676d61696c2e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479820900e6d6f0b5c23c70a5300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100560f8590dfda5419fd715a32a3c02c7dfea64b4f7ab3f1d76173a6206a9919d372f97837051eba6b10fa29e2f813863875f2f260ce5e7935ddc4267fb7b6230d9c2b4cdaaf825e25b4910d895ed0355c1860eb0cb62961ee54228efe26aa5315820139132002a30d07
EAP-Message = 0xbd4b27e772945483
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x472a3396442f2a09d04328c11ec504b2
Finished request 5.
Going to the next request
Waking up in 4.8 seconds.
rad_recv: Access-Request packet from host 10.96.100.205 port 1103, id=0,
length=139
User-Name = "rrperez"
NAS-IP-Address = 10.96.100.205
Called-Station-Id = "0014bf8abbc5"
Calling-Station-Id = "0016e3cdc0a3"
NAS-Identifier = "0014bf8abbc5"
NAS-Port = 46
Framed-MTU = 1400
State = 0x472a3396442f2a09d04328c11ec504b2
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x020500061900
Message-Authenticator = 0x748755f79dc28feaac6975d483fb2606
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "rrperez", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 5 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] ACK handshake fragment handler
[peap] eaptls_verify returned 1
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 0 to 10.96.100.205 port 1103
EAP-Message =
0x0106009e19006f0fd8a5dc5276fa83706f679780f3e60b36f5b3489d5551b7dc0590f2ddf6959d4ba9550b38329c20dce0ab3182205608a19b3d2964953695b467af4cd29ade6a679b18dfa5492a4286fe5b2a13c12d8305450e32b2441a68b97f9701655d60ad7d399f3b693b9562b3353d3bd5d730cab42857c0e5edb72fde0d9b70eeb03dd0afd787e1ceede01810d2c9e83bdc16030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x472a3396432c2a09d04328c11ec504b2
Finished request 6.
Going to the next request
Waking up in 4.8 seconds.
rad_recv: Access-Request packet from host 10.96.100.205 port 1105, id=0,
length=139
User-Name = "rrperez"
NAS-IP-Address = 10.96.100.205
Called-Station-Id = "0014bf8abbc5"
Calling-Station-Id = "0016e3cdc0a3"
NAS-Identifier = "0014bf8abbc5"
NAS-Port = 46
Framed-MTU = 1400
State = 0x472a3396432c2a09d04328c11ec504b2
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x020600061900
Message-Authenticator = 0x31c7e07cdcbfbce9826ce983e511159b
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "rrperez", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 6 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] ACK handshake fragment handler
[peap] eaptls_verify returned 1
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 0 to 10.96.100.205 port 1105
EAP-Message = 0x010700061900
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x472a3396422d2a09d04328c11ec504b2
Finished request 7.
Going to the next request
Waking up in 4.7 seconds.
Cleaning up request 2 ID 0 with timestamp +50
Cleaning up request 3 ID 0 with timestamp +50
Cleaning up request 4 ID 0 with timestamp +50
Cleaning up request 5 ID 0 with timestamp +50
Cleaning up request 6 ID 0 with timestamp +50
Cleaning up request 7 ID 0 with timestamp +51
Ready to process requests.
I don't know where is the error why I can't connect to the network, need
help ASAP...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100809/884ee5fb/attachment.html>
More information about the Freeradius-Users
mailing list