VLAN Assignment of Wifi-Clients

Marten Pape Marten.Pape at pape-hn.de
Tue Aug 31 17:48:55 CEST 2010


Alan DeKok schrieb:
> Marten Pape wrote:
>   
>> Now my goal is to tell the NAS to assign every wifi-packet to a certain
>> VLAN. I don't need to have a dynamic assignment of VLAN based on
>> usernames or something else. One VLAN would be sufficient.
>>     
>
>   You can assign the vlan in the "post-auth" section.
>   
Now, I added this answer to the sites-available/default -> post-auth
section:
        update reply {
                Tunnel-Type := 13
                Tunnel-Medium-Type = 6
                Tunnel-Private-Group-ID = 123
        }

But the access point doesn't seem to tag this traffic with the vlan-ID
123. As far as I know, this access point is able to do that. Do you see
anything else going wrong? The debug log of a new connection try is
attached below.

>   
>> The solution I found was to insert the following lines into the
>> radgroupreply table (splitted up into the correct columns...):
>> Tunnel-Type = 13
>> Tunnel-Medium-Type = 6
>> Tunnel-Private-Group-Id = 10
>>
>> After I've done this entry, I hoped that it would work, but it didn't.
>>     
>
>   From the debug log you posted, it's clear that you didn't enable the
> "sql" module in the "authorize" section.
>   
Well, the thing is, that is is enabled in both files - "default" and
"inner-tunnel" (virtual servers)

Thanks,
Marten Pape
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>   
================================================
==========debug log================================
================================================
rad_recv: Access-Request packet from host 172.20.160.171 port 1812,
id=2, length=135
        User-Name = "marpap"
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 0
        NAS-Identifier =
"default\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
        Calling-Station-Id = "00-60-b3-63-4e-03"
        EAP-Message = 0x0201000b016d6172706170
        NAS-IP-Address = 172.20.160.171
        Message-Authenticator = 0x4c68db4ae1e988fdc7b61ccd1375f3b7
+- entering group authorize {...}
++[preprocess] returns ok
++[mschap] returns noop
[eap] EAP packet type response id 1 length 11
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
[sql]   expand: %{User-Name} -> marpap
[sql] sql_set_user escaped user --> 'marpap'
rlm_sql (sql): Reserving sql socket id: 4
[sql]   expand: SELECT logins.id, logins.username, radcheck.attribute,
logins.pass_lm, radcheck.op                 FROM radcheck,
logins                 WHERE logins.username = '%{SQL-User-Name}' AND
radcheck.id='1' AND                 (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='%{SQL-User-Name}' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'             ORDER
BY id -> SELECT logins.id, logins.username, radcheck.attribute,
logins.pass_lm, radcheck.op                 FROM radcheck,
logins                 WHERE logins.username = 'marpap' AND
radcheck.id='1' AND            (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='marpap' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'              
ORDER BY id
rlm_sql_mysql: query:  SELECT logins.id, logins.username,
radcheck.attribute, logins.pass_lm, radcheck.op                 FROM
radcheck, logins                 WHERE logins.username = 'marpap' AND
radcheck.id='1' AND            (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='marpap' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'              
ORDER BY id
[sql] User found in radcheck table
[sql]   expand: SELECT logins.id, logins.username, radreply.attribute,
logins.pass_lm, radreply.op                 FROM radreply,
logins                 WHERE logins.username = '%{SQL-User-Name}' AND
radreply.id='1' AND                 (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='%{SQL-User-Name}' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'             ORDER
BY id -> SELECT logins.id, logins.username, radreply.attribute,
logins.pass_lm, radreply.op                 FROM radreply,
logins                 WHERE logins.username = 'marpap' AND
radreply.id='1' AND            (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='marpap' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'              
ORDER BY id
rlm_sql_mysql: query:  SELECT logins.id, logins.username,
radreply.attribute, logins.pass_lm, radreply.op                 FROM
radreply, logins                 WHERE logins.username = 'marpap' AND
radreply.id='1' AND            (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='marpap' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'              
ORDER BY id
[sql]   expand: SELECT groupname           FROM radusergroup          
WHERE username = '%{SQL-User-Name}'           ORDER BY priority ->
SELECT groupname           FROM radusergroup           WHERE username =
'marpap'           ORDER BY priority
rlm_sql_mysql: query:  SELECT groupname           FROM
radusergroup           WHERE username = 'marpap'           ORDER BY priority
rlm_sql (sql): Released sql socket id: 4
++[sql] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type md5
rlm_eap_md5: Issuing Challenge
++[eap] returns handled
Sending Access-Challenge of id 2 to 172.20.160.171 port 1812
        EAP-Message = 0x010200160410cc89b3225a82d01a8654a32775f9e4f6
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xe259fe12e25bfa2c7c464fa29a32360e
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 172.20.160.171 port 1812,
id=3, length=148
        User-Name = "marpap"
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 0
        NAS-Identifier =
"default\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
        Calling-Station-Id = "00-60-b3-63-4e-03"
        EAP-Message = 0x020200060319
        State = 0xe259fe12e25bfa2c7c464fa29a32360e
        NAS-IP-Address = 172.20.160.171
        Message-Authenticator = 0xfb2d0002328c7451026bb0e9277431bf
+- entering group authorize {...}
++[preprocess] returns ok
++[mschap] returns noop
[eap] EAP packet type response id 2 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
[sql]   expand: %{User-Name} -> marpap
[sql] sql_set_user escaped user --> 'marpap'
rlm_sql (sql): Reserving sql socket id: 3
[sql]   expand: SELECT logins.id, logins.username, radcheck.attribute,
logins.pass_lm, radcheck.op                 FROM radcheck,
logins                 WHERE logins.username = '%{SQL-User-Name}' AND
radcheck.id='1' AND                 (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='%{SQL-User-Name}' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'             ORDER
BY id -> SELECT logins.id, logins.username, radcheck.attribute,
logins.pass_lm, radcheck.op                 FROM radcheck,
logins                 WHERE logins.username = 'marpap' AND
radcheck.id='1' AND            (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='marpap' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'              
ORDER BY id
rlm_sql_mysql: query:  SELECT logins.id, logins.username,
radcheck.attribute, logins.pass_lm, radcheck.op                 FROM
radcheck, logins                 WHERE logins.username = 'marpap' AND
radcheck.id='1' AND            (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='marpap' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'              
ORDER BY id
[sql] User found in radcheck table
[sql]   expand: SELECT logins.id, logins.username, radreply.attribute,
logins.pass_lm, radreply.op                 FROM radreply,
logins                 WHERE logins.username = '%{SQL-User-Name}' AND
radreply.id='1' AND                 (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='%{SQL-User-Name}' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'             ORDER
BY id -> SELECT logins.id, logins.username, radreply.attribute,
logins.pass_lm, radreply.op                 FROM radreply,
logins                 WHERE logins.username = 'marpap' AND
radreply.id='1' AND            (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='marpap' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'              
ORDER BY id
rlm_sql_mysql: query:  SELECT logins.id, logins.username,
radreply.attribute, logins.pass_lm, radreply.op                 FROM
radreply, logins                 WHERE logins.username = 'marpap' AND
radreply.id='1' AND            (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='marpap' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'              
ORDER BY id
[sql]   expand: SELECT groupname           FROM radusergroup          
WHERE username = '%{SQL-User-Name}'           ORDER BY priority ->
SELECT groupname           FROM radusergroup           WHERE username =
'marpap'           ORDER BY priority
rlm_sql_mysql: query:  SELECT groupname           FROM
radusergroup           WHERE username = 'marpap'           ORDER BY priority
rlm_sql (sql): Released sql socket id: 3
++[sql] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP NAK
[eap] EAP-NAK asked for EAP-Type/peap
[eap] processing type tls
[tls] Initiate
[tls] Start returned 1
++[eap] returns handled
Sending Access-Challenge of id 3 to 172.20.160.171 port 1812
        EAP-Message = 0x010300061920
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xe259fe12e35ae72c7c464fa29a32360e
Finished request 1.
Going to the next request
Waking up in 4.7 seconds.
rad_recv: Access-Request packet from host 172.20.160.171 port 1812,
id=4, length=407
        User-Name = "marpap"
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 0
        NAS-Identifier =
"default\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
        Calling-Station-Id = "00-60-b3-63-4e-03"
        EAP-Message =
0x020301071980000000fd16030100f8010000f403014c7d20f3fa216ccffbe4c3766774a615b3df331dd1b6c5a8e71d6418f000af1300002600390038003500160013000a00330032002f000500040015001200090014001100080006000302010000a4002300a06f3f44d1030e19f01a26014ebb90bb4d30ebedf651941a44c981c2725fa7f74d497304a67e3fcc2a3238341f64c879a94462bb6ec961c0d0c30f1e7aab938ab83be023485226f47cab774aab19cdec8869894da7545c478fffe6a2bf0323a2cf6e0b6e281c20cd9cc341d2da3ba4dfc637cbd82e61a0c31c166878c05b5ea6c22786596da21587619cff7e60f02c26cc6428b89a6557
        EAP-Message = 0xb602f6a821cd661755c5
        State = 0xe259fe12e35ae72c7c464fa29a32360e
        NAS-IP-Address = 172.20.160.171
        Message-Authenticator = 0xb64933ff5487a81eb73845fe3b883de1
+- entering group authorize {...}
++[preprocess] returns ok
++[mschap] returns noop
[eap] EAP packet type response id 3 length 253
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
  TLS Length 253
[peap] Length Included
[peap] eaptls_verify returned 11
[peap]     (other): before/accept initialization
[peap]     TLS_accept: before/accept initialization
[peap] <<< TLS 1.0 Handshake [length 00f8], ClientHello 
[peap]     TLS_accept: SSLv3 read client hello A
[peap] >>> TLS 1.0 Handshake [length 0030], ServerHello 
[peap]     TLS_accept: SSLv3 write server hello A
[peap] >>> TLS 1.0 Handshake [length 066b], Certificate 
[peap]     TLS_accept: SSLv3 write certificate A
[peap] >>> TLS 1.0 Handshake [length 010d], ServerKeyExchange 
[peap]     TLS_accept: SSLv3 write key exchange A
[peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone 
[peap]     TLS_accept: SSLv3 write server done A
[peap]     TLS_accept: SSLv3 flush data
[peap]     TLS_accept: Need to read more data: SSLv3 read client
certificate A
In SSL Handshake Phase
In SSL Accept mode 
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 4 to 172.20.160.171 port 1812
        EAP-Message =
0x0104040019c0000007c016030100300200002c03014c7d26c25b5679783a15c69df1d7e20cf3e8a8d601a8b4a8b0d90d816944de6900003901000400230000160301066b0b0006670006640002cb308202c730820230a003020102020101300d06092a864886f70d0101050500308192310b3009060355040613024445310b300906035504081302425731143012060355040a130b41424820756e642052534831183016060355040b130f496e7465726e65747475746f72656e311830160603550403130f496e7465726e65747475746f72656e312c302a06092a864886f70d010901161d696e7465726e6574406162682e756e692d6b61726c737275
        EAP-Message =
0x68652e6465301e170d3130303432393132353032305a170d3131303432393132353032305a3081a6310b3009060355040613024445310b300906035504081302425731123010060355040713094b61726c737275686531143012060355040a130b41424820756e642052534831183016060355040b130f496e7465726e65747475746f72656e311830160603550403130f496e7465726e65747475746f72656e312c302a06092a864886f70d010901161d696e7465726e6574406162682e756e692d6b61726c73727568652e646530819f300d06092a864886f70d010101050003818d0030818902818100e37557356ce2962b24717823a65441ba1bcf
        EAP-Message =
0x86283adbe99e40434effc0828ffdd4310d26c5d6a6b394c9e6de115e8a1dfe28c044dc5a8c42de5116cc21fd09b9d755bde7e08b9915ab79bf5fe6aed64e54e7fb4493bd5744310d0deea244a55f235f3d8cf20f759c59de8248cc8a60f246ee46197100d9859e20e21baa2230250203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d0101050500038181004eeb94bcddd320b658bc280887659ff063462714947a0b8c5755bc3868c8407395974494f6b519671a1987a73c3595c6fe5466b0a99d40548fd6036cedcb4a5aa0cd364b3e7d16cf4955381ada37724840a29709975f823293e29bda0fd0
        EAP-Message =
0x21972fe49cd753d971dcde764b8a60ec5e424ed95c54aaacbc89a92daee26094c01b0003933082038f308202f8a003020102020100300d06092a864886f70d0101050500308192310b3009060355040613024445310b300906035504081302425731143012060355040a130b41424820756e642052534831183016060355040b130f496e7465726e65747475746f72656e311830160603550403130f496e7465726e65747475746f72656e312c302a06092a864886f70d010901161d696e7465726e6574406162682e756e692d6b61726c73727568652e6465301e170d3130303432393132333933315a170d3133303432383132333933315a30819231
        EAP-Message = 0x0b3009060355040613024445
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xe259fe12e05de72c7c464fa29a32360e
Finished request 2.
Going to the next request
Waking up in 3.7 seconds.
rad_recv: Access-Request packet from host 172.20.160.171 port 1812,
id=5, length=148
        User-Name = "marpap"
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 0
        NAS-Identifier =
"default\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
        Calling-Station-Id = "00-60-b3-63-4e-03"
        EAP-Message = 0x020400061900
        State = 0xe259fe12e05de72c7c464fa29a32360e
        NAS-IP-Address = 172.20.160.171
        Message-Authenticator = 0xbe1d186150159736a954c6531efa002c
+- entering group authorize {...}
++[preprocess] returns ok
++[mschap] returns noop
[eap] EAP packet type response id 4 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] ACK handshake fragment handler
[peap] eaptls_verify returned 1
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 5 to 172.20.160.171 port 1812
        EAP-Message =
0x010503d01900310b300906035504081302425731143012060355040a130b41424820756e642052534831183016060355040b130f496e7465726e65747475746f72656e311830160603550403130f496e7465726e65747475746f72656e312c302a06092a864886f70d010901161d696e7465726e6574406162682e756e692d6b61726c73727568652e646530819f300d06092a864886f70d010101050003818d0030818902818100c111b48452ef2ce1ed2f09ae837d35631ae023ed67b8c0f4e954280344bed7b623a40a1e8f44dd778d8f9e4b4c7d1fc52b9c0c0bece2446a7a742b7974df4fde3c2277f9e1c3afb0b633f2e6d146a85ca1d6b0a6ff
        EAP-Message =
0x7e198320efe37208296b8b974b42024adeb4b4a8fec17666ef702f5a0406bb9d506e79613d2e02ce4171590203010001a381f23081ef301d0603551d0e04160414e6292f8ee610197b0e952c3ceaee6de6898029253081bf0603551d230481b73081b48014e6292f8ee610197b0e952c3ceaee6de689802925a18198a48195308192310b3009060355040613024445310b300906035504081302425731143012060355040a130b41424820756e642052534831183016060355040b130f496e7465726e65747475746f72656e311830160603550403130f496e7465726e65747475746f72656e312c302a06092a864886f70d010901161d696e7465726e
        EAP-Message =
0x6574406162682e756e692d6b61726c73727568652e6465820100300c0603551d13040530030101ff300d06092a864886f70d010105050003818100a4f951a1a0cf7d1d9ea06b944351512c3f498fedca5da170a3ca057c2e03d143d37ad8bafe2f647afc67f99191c0b14e891323c7f2a2dc2babcfec7959a9ab88b5f66235d586b6eb13541338e2db423c3b3ace184be71bb8e1538f37880d2ce2501fe1f3c3fb22b1eeb6af7fb180e91d037109f6df113f8001fbc00bdf752289160301010d0c00010900409a1fe380d6584eedb413c8212ecff8cb0671793d5baf315842054b754ed5aeb883ea1bee3bc8843ddaf1aa6d8a604ce0f478ba662c0584
        EAP-Message =
0x7de987277998c963ab0001020040379238420cf45d32ee9ed5dfdf3107fd726373dfcd34e425f7d9f0107f6cf6c67490032b2e37954bea5f4c58fa0a373cd5692b71194546b24c1bb92444fbf2df0080be55fa60e63eceb40fd8c34486d5f76fc8ffeefb483139c55657ffd755ea15dd306f67946f33fcb990dbbd5dfdc7a6ef9ed7307d175c00747278ebd8989ae3b7363866caea9b0ca6bd8e93eda3c64fe19d215db5c69a49414730f72ce0d557b5f259d48cd19ea73b1ce25a77e23452ea36671c4fbd7777a3353f40371e2b6c0916030100040e000000
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xe259fe12e15ce72c7c464fa29a32360e
Finished request 3.
Going to the next request
Waking up in 2.7 seconds.
rad_recv: Access-Request packet from host 172.20.160.171 port 1812,
id=6, length=286
        User-Name = "marpap"
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 0
        NAS-Identifier =
"default\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
        Calling-Station-Id = "00-60-b3-63-4e-03"
        EAP-Message =
0x02050090198000000086160301004610000042004086ff635b6acd5edf3bbdeb989141e8aacf8f374c373dd882d88ed24328f184363c5f0d3034135aeed659c48e3eddeeba361ee37ff418c94051213436a2ce322514030100010116030100308d883a4e915796bfadced45c11620bf8ab5943d0d3b23f67029d2696b6cfba3c4bb39b004274d45af9383e7b65a64a8c
        State = 0xe259fe12e15ce72c7c464fa29a32360e
        NAS-IP-Address = 172.20.160.171
        Message-Authenticator = 0x9bc8be05544e6e946523cc2a2cd6f950
+- entering group authorize {...}
++[preprocess] returns ok
++[mschap] returns noop
[eap] EAP packet type response id 5 length 144
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
  TLS Length 134
[peap] Length Included
[peap] eaptls_verify returned 11
[peap] <<< TLS 1.0 Handshake [length 0046], ClientKeyExchange 
[peap]     TLS_accept: SSLv3 read client key exchange A
[peap] <<< TLS 1.0 ChangeCipherSpec [length 0001] 
[peap] <<< TLS 1.0 Handshake [length 0010], Finished 
[peap]     TLS_accept: SSLv3 read finished A
[peap] >>> TLS 1.0 Handshake [length 00aa]??? 
[peap]     TLS_accept: unknown state
[peap] >>> TLS 1.0 ChangeCipherSpec [length 0001] 
[peap]     TLS_accept: SSLv3 write change cipher spec A
[peap] >>> TLS 1.0 Handshake [length 0010], Finished 
[peap]     TLS_accept: SSLv3 write finished A
[peap]     TLS_accept: SSLv3 flush data
[peap]     (other): SSL negotiation finished successfully
SSL Connection Established
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 6 to 172.20.160.171 port 1812
        EAP-Message =
0x010600f0190016030100aa040000a60000000000a0cf73dfba597c06dd86bb94a2b382e913bc6b8bc5e660d5f86ff3707aeab944ddf1d4bebeffd1afd0154af8fd2e551d8168209a799662bfe471cdf2a2707205cc8236d1ec06f44d75910ada87a68160569275f406c0b0d12eeb51594d1c9efe026d2c5d1a971e2a56f9dcfce385e335b1e0ad7c8bc23e720aa0ce542f3002d8d6948a0042dde52904ee0b104121d0d5190973d56a37372c6a86ba216031e81b091403010001011603010030d3783002e4f5fbaf016aa04bce082458dfcfe4cf932b4d264bab5e3f83d62cac67cf557a75c9590667105a2451962373
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xe259fe12e65fe72c7c464fa29a32360e
Finished request 4.
Going to the next request
Waking up in 1.7 seconds.
rad_recv: Access-Request packet from host 172.20.160.171 port 1812,
id=7, length=148
        User-Name = "marpap"
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 0
        NAS-Identifier =
"default\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
        Calling-Station-Id = "00-60-b3-63-4e-03"
        EAP-Message = 0x020600061900
        State = 0xe259fe12e65fe72c7c464fa29a32360e
        NAS-IP-Address = 172.20.160.171
        Message-Authenticator = 0xbd22b652240bed2cae865dd7d624f7df
+- entering group authorize {...}
++[preprocess] returns ok
++[mschap] returns noop
[eap] EAP packet type response id 6 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] ACK handshake is finished
[peap] eaptls_verify returned 3
[peap] eaptls_process returned 3
[peap] EAPTLS_SUCCESS
++[eap] returns handled
Sending Access-Challenge of id 7 to 172.20.160.171 port 1812
        EAP-Message =
0x0107002b190017030100203cdcb53ac51156f2c11810063c218c6481a6451c580fe83d6b014b56207e88d9
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xe259fe12e75ee72c7c464fa29a32360e
Finished request 5.
Going to the next request
Waking up in 0.7 seconds.
Cleaning up request 0 ID 2 with timestamp +6
Waking up in 0.2 seconds.
Cleaning up request 1 ID 3 with timestamp +6
Waking up in 1.0 seconds.
rad_recv: Access-Request packet from host 172.20.160.171 port 1812,
id=8, length=238
        User-Name = "marpap"
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 0
        NAS-Identifier =
"default\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
        Calling-Station-Id = "00-60-b3-63-4e-03"
        EAP-Message =
0x02070060190017030100202b298c4cb2829f58d430afcd835386a5f1d8d5406a4ecfe378729bd47041c4ba170301003060ae2c4208d05100e3d595095b3e3f9908f1954b2f1a310c889c623d751d0037feff76628ac672c3f8f7d82e29c2bfd8
        State = 0xe259fe12e75ee72c7c464fa29a32360e
        NAS-IP-Address = 172.20.160.171
        Message-Authenticator = 0xaf8eafe2466000e8be56847385ea807e
+- entering group authorize {...}
++[preprocess] returns ok
++[mschap] returns noop
[eap] EAP packet type response id 7 length 96
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established.  Decoding tunneled attributes.
[peap] Identity - marpap
[peap] Got tunneled request
        EAP-Message = 0x0207000b016d6172706170
server  {
  PEAP: Got tunneled identity of marpap
  PEAP: Setting default EAP type for tunneled EAP session.
  PEAP: Setting User-Name to marpap
Sending tunneled request
        EAP-Message = 0x0207000b016d6172706170
        FreeRADIUS-Proxied-To = 127.0.0.1
        User-Name = "marpap"
server inner-tunnel {
+- entering group authorize {...}
++[control] returns notfound
[eap] EAP packet type response id 7 length 11
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
[sql]   expand: %{User-Name} -> marpap
[sql] sql_set_user escaped user --> 'marpap'
rlm_sql (sql): Reserving sql socket id: 2
[sql]   expand: SELECT logins.id, logins.username, radcheck.attribute,
logins.pass_lm, radcheck.op                 FROM radcheck,
logins                 WHERE logins.username = '%{SQL-User-Name}' AND
radcheck.id='1' AND                 (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='%{SQL-User-Name}' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'             ORDER
BY id -> SELECT logins.id, logins.username, radcheck.attribute,
logins.pass_lm, radcheck.op                 FROM radcheck,
logins                 WHERE logins.username = 'marpap' AND
radcheck.id='1' AND            (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='marpap' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'              
ORDER BY id
rlm_sql_mysql: query:  SELECT logins.id, logins.username,
radcheck.attribute, logins.pass_lm, radcheck.op                 FROM
radcheck, logins                 WHERE logins.username = 'marpap' AND
radcheck.id='1' AND            (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='marpap' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'              
ORDER BY id
[sql] User found in radcheck table
[sql]   expand: SELECT logins.id, logins.username, radreply.attribute,
logins.pass_lm, radreply.op                 FROM radreply,
logins                 WHERE logins.username = '%{SQL-User-Name}' AND
radreply.id='1' AND                 (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='%{SQL-User-Name}' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'             ORDER
BY id -> SELECT logins.id, logins.username, radreply.attribute,
logins.pass_lm, radreply.op                 FROM radreply,
logins                 WHERE logins.username = 'marpap' AND
radreply.id='1' AND            (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='marpap' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'              
ORDER BY id
rlm_sql_mysql: query:  SELECT logins.id, logins.username,
radreply.attribute, logins.pass_lm, radreply.op                 FROM
radreply, logins                 WHERE logins.username = 'marpap' AND
radreply.id='1' AND            (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='marpap' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'              
ORDER BY id
[sql]   expand: SELECT groupname           FROM radusergroup          
WHERE username = '%{SQL-User-Name}'           ORDER BY priority ->
SELECT groupname           FROM radusergroup           WHERE username =
'marpap'           ORDER BY priority
rlm_sql_mysql: query:  SELECT groupname           FROM
radusergroup           WHERE username = 'marpap'           ORDER BY priority
rlm_sql (sql): Released sql socket id: 2
++[sql] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type mschapv2
rlm_eap_mschapv2: Issuing Challenge
++[eap] returns handled
} # server inner-tunnel
[peap] Got tunneled reply code 11
        EAP-Message =
0x010800201a0108001b10c6b081df2c654a8a679008b2e2710fd06d6172706170
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xf0d328dff0db32c653a8b81dca2d1d07
[peap] Got tunneled reply RADIUS code 11
        EAP-Message =
0x010800201a0108001b10c6b081df2c654a8a679008b2e2710fd06d6172706170
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xf0d328dff0db32c653a8b81dca2d1d07
[peap] Got tunneled Access-Challenge
++[eap] returns handled
Sending Access-Challenge of id 8 to 172.20.160.171 port 1812
        EAP-Message =
0x0108004b19001703010040cc4756e012ff1f167cd3af426d562ac651c31423c3f17f33e094c76b3dcd8cd2cb7880071a9c86e39ce1e98e547c5e2895a12afab3f12e4063a79ef085f183eb
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xe259fe12e451e72c7c464fa29a32360e
Finished request 6.
Going to the next request
Waking up in 0.9 seconds.
Cleaning up request 2 ID 4 with timestamp +7
rad_recv: Access-Request packet from host 172.20.160.171 port 1812,
id=9, length=286
        User-Name = "marpap"
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 0
        NAS-Identifier =
"default\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
        Calling-Station-Id = "00-60-b3-63-4e-03"
        EAP-Message =
0x0208009019001703010020db117f6a4213a280b8c8b81dc380515a3c51cad1936497f49e4c135a8d32a68c1703010060d899c5bec375f74915ec3830ac88e1af2fe071a96f8e36cb48d28b2aceee47360bc8b810f5f9521fbbf65ca4ca01873d8ebb2d1dcbc0a982056579268993fe86b4a39705c7c625fc95bd9787eca3336611165d19354e8a1c6140634daa94d75e
        State = 0xe259fe12e451e72c7c464fa29a32360e
        NAS-IP-Address = 172.20.160.171
        Message-Authenticator = 0x394906002929a9ade62c13af2f0fb812
+- entering group authorize {...}
++[preprocess] returns ok
++[mschap] returns noop
[eap] EAP packet type response id 8 length 144
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established.  Decoding tunneled attributes.
[peap] EAP type mschapv2
[peap] Got tunneled request
        EAP-Message =
0x020800411a0208003c319638518d9abfbbd6fd487bfc22202f550000000000000000258a4493454de759c37caa281d4f4fff8ef0e602b2507b97006d6172706170
server  {
  PEAP: Setting User-Name to marpap
Sending tunneled request
        EAP-Message =
0x020800411a0208003c319638518d9abfbbd6fd487bfc22202f550000000000000000258a4493454de759c37caa281d4f4fff8ef0e602b2507b97006d6172706170
        FreeRADIUS-Proxied-To = 127.0.0.1
        User-Name = "marpap"
        State = 0xf0d328dff0db32c653a8b81dca2d1d07
server inner-tunnel {
+- entering group authorize {...}
++[control] returns notfound
[eap] EAP packet type response id 8 length 65
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
[sql]   expand: %{User-Name} -> marpap
[sql] sql_set_user escaped user --> 'marpap'
rlm_sql (sql): Reserving sql socket id: 1
[sql]   expand: SELECT logins.id, logins.username, radcheck.attribute,
logins.pass_lm, radcheck.op                 FROM radcheck,
logins                 WHERE logins.username = '%{SQL-User-Name}' AND
radcheck.id='1' AND                 (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='%{SQL-User-Name}' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'             ORDER
BY id -> SELECT logins.id, logins.username, radcheck.attribute,
logins.pass_lm, radcheck.op                 FROM radcheck,
logins                 WHERE logins.username = 'marpap' AND
radcheck.id='1' AND            (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='marpap' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'              
ORDER BY id
rlm_sql_mysql: query:  SELECT logins.id, logins.username,
radcheck.attribute, logins.pass_lm, radcheck.op                 FROM
radcheck, logins                 WHERE logins.username = 'marpap' AND
radcheck.id='1' AND            (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='marpap' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'              
ORDER BY id
[sql] User found in radcheck table
[sql]   expand: SELECT logins.id, logins.username, radreply.attribute,
logins.pass_lm, radreply.op                 FROM radreply,
logins                 WHERE logins.username = '%{SQL-User-Name}' AND
radreply.id='1' AND                 (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='%{SQL-User-Name}' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'             ORDER
BY id -> SELECT logins.id, logins.username, radreply.attribute,
logins.pass_lm, radreply.op                 FROM radreply,
logins                 WHERE logins.username = 'marpap' AND
radreply.id='1' AND            (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='marpap' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'              
ORDER BY id
rlm_sql_mysql: query:  SELECT logins.id, logins.username,
radreply.attribute, logins.pass_lm, radreply.op                 FROM
radreply, logins                 WHERE logins.username = 'marpap' AND
radreply.id='1' AND            (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='marpap' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'              
ORDER BY id
[sql]   expand: SELECT groupname           FROM radusergroup          
WHERE username = '%{SQL-User-Name}'           ORDER BY priority ->
SELECT groupname           FROM radusergroup           WHERE username =
'marpap'           ORDER BY priority
rlm_sql_mysql: query:  SELECT groupname           FROM
radusergroup           WHERE username = 'marpap'           ORDER BY priority
rlm_sql (sql): Released sql socket id: 1
++[sql] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/mschapv2
[eap] processing type mschapv2
[mschapv2] +- entering group MS-CHAP {...}
[mschap] No Cleartext-Password configured.  Cannot create LM-Password.
[mschap] Found NT-Password
[mschap] Told to do MS-CHAPv2 for marpap with NT-Password
[mschap] adding MS-CHAPv2 MPPE keys
++[mschap] returns ok
MSCHAP Success
++[eap] returns handled
} # server inner-tunnel
[peap] Got tunneled reply code 11
        EAP-Message =
0x010900331a0308002e533d30353236444342323142323145443233394546424239413037363239343134344332353942354536
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xf0d328dff1da32c653a8b81dca2d1d07
[peap] Got tunneled reply RADIUS code 11
        EAP-Message =
0x010900331a0308002e533d30353236444342323142323145443233394546424239413037363239343134344332353942354536
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xf0d328dff1da32c653a8b81dca2d1d07
[peap] Got tunneled Access-Challenge
++[eap] returns handled
Sending Access-Challenge of id 9 to 172.20.160.171 port 1812
        EAP-Message =
0x0109005b1900170301005017a3a02c28820c047a06d62f0a2f2e30a8501c919a40426b8c6bb7b26dae2a52c5f65713700c8357e92a0c5e2767eaa6d91058d996c754ef5404b13473395d1de1e107dbf8031d8a634aaeae0decd8ce
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xe259fe12e550e72c7c464fa29a32360e
Finished request 7.
Going to the next request
Waking up in 0.9 seconds.
Cleaning up request 3 ID 5 with timestamp +8
Waking up in 1.0 seconds.
rad_recv: Access-Request packet from host 172.20.160.171 port 1812,
id=10, length=222
        User-Name = "marpap"
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 0
        NAS-Identifier =
"default\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
        Calling-Station-Id = "00-60-b3-63-4e-03"
        EAP-Message =
0x0209005019001703010020ea45ba7ab2126e05b40327975bb649779f732691225d8b13c8095e196ceef48c170301002017fcf2f1e53c0a8fc2b1cd312abd77e62e0306c7d4f4bcc6fe2f24f04ee35732
        State = 0xe259fe12e550e72c7c464fa29a32360e
        NAS-IP-Address = 172.20.160.171
        Message-Authenticator = 0xb6867159aae4b6a8241660c47a794da2
+- entering group authorize {...}
++[preprocess] returns ok
++[mschap] returns noop
[eap] EAP packet type response id 9 length 80
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established.  Decoding tunneled attributes.
[peap] EAP type mschapv2
[peap] Got tunneled request
        EAP-Message = 0x020900061a03
server  {
  PEAP: Setting User-Name to marpap
Sending tunneled request
        EAP-Message = 0x020900061a03
        FreeRADIUS-Proxied-To = 127.0.0.1
        User-Name = "marpap"
        State = 0xf0d328dff1da32c653a8b81dca2d1d07
server inner-tunnel {
+- entering group authorize {...}
++[control] returns notfound
[eap] EAP packet type response id 9 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
[sql]   expand: %{User-Name} -> marpap
[sql] sql_set_user escaped user --> 'marpap'
rlm_sql (sql): Reserving sql socket id: 0
[sql]   expand: SELECT logins.id, logins.username, radcheck.attribute,
logins.pass_lm, radcheck.op                 FROM radcheck,
logins                 WHERE logins.username = '%{SQL-User-Name}' AND
radcheck.id='1' AND                 (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='%{SQL-User-Name}' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'             ORDER
BY id -> SELECT logins.id, logins.username, radcheck.attribute,
logins.pass_lm, radcheck.op                 FROM radcheck,
logins                 WHERE logins.username = 'marpap' AND
radcheck.id='1' AND            (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='marpap' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'              
ORDER BY id
rlm_sql_mysql: query:  SELECT logins.id, logins.username,
radcheck.attribute, logins.pass_lm, radcheck.op                 FROM
radcheck, logins                 WHERE logins.username = 'marpap' AND
radcheck.id='1' AND            (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='marpap' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'              
ORDER BY id
[sql] User found in radcheck table
[sql]   expand: SELECT logins.id, logins.username, radreply.attribute,
logins.pass_lm, radreply.op                 FROM radreply,
logins                 WHERE logins.username = '%{SQL-User-Name}' AND
radreply.id='1' AND                 (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='%{SQL-User-Name}' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'             ORDER
BY id -> SELECT logins.id, logins.username, radreply.attribute,
logins.pass_lm, radreply.op                 FROM radreply,
logins                 WHERE logins.username = 'marpap' AND
radreply.id='1' AND            (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='marpap' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'              
ORDER BY id
rlm_sql_mysql: query:  SELECT logins.id, logins.username,
radreply.attribute, logins.pass_lm, radreply.op                 FROM
radreply, logins                 WHERE logins.username = 'marpap' AND
radreply.id='1' AND            (SELECT internet_accounts.aktiv FROM
internet_accounts, logins                  WHERE
logins.username='marpap' AND logins.account_id =
internet_accounts.account_id)                  = 'yes'              
ORDER BY id
[sql]   expand: SELECT groupname           FROM radusergroup          
WHERE username = '%{SQL-User-Name}'           ORDER BY priority ->
SELECT groupname           FROM radusergroup           WHERE username =
'marpap'           ORDER BY priority
rlm_sql_mysql: query:  SELECT groupname           FROM
radusergroup           WHERE username = 'marpap'           ORDER BY priority
rlm_sql (sql): Released sql socket id: 0
++[sql] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/mschapv2
[eap] processing type mschapv2
[eap] Freeing handler
++[eap] returns ok
  WARNING: Empty section.  Using default return values.
} # server inner-tunnel
[peap] Got tunneled reply code 2
        EAP-Message = 0x03090004
        Message-Authenticator = 0x00000000000000000000000000000000
        User-Name = "marpap"
[peap] Got tunneled reply RADIUS code 2
        EAP-Message = 0x03090004
        Message-Authenticator = 0x00000000000000000000000000000000
        User-Name = "marpap"
[peap] Tunneled authentication was successful.
[peap] SUCCESS
++[eap] returns handled
Sending Access-Challenge of id 10 to 172.20.160.171 port 1812
        EAP-Message =
0x010a003b190017030100308d1101b1c350d4328ebe3ce50675f915848a0c09c7ac0114cc569409948903d28694d60747d490ad19887f2e657a701a
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xe259fe12ea53e72c7c464fa29a32360e
Finished request 8.
Going to the next request
Waking up in 0.9 seconds.
Cleaning up request 4 ID 6 with timestamp +9
Waking up in 1.0 seconds.
rad_recv: Access-Request packet from host 172.20.160.171 port 1812,
id=11, length=238
        User-Name = "marpap"
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 0
        NAS-Identifier =
"default\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
        Calling-Station-Id = "00-60-b3-63-4e-03"
        EAP-Message =
0x020a0060190017030100201246b2d46e1ba6b660948078c75ecb1c32333ae90a280a5b371b072cb28a65231703010030bcbc8fec75782b5f139c2a090733a5602a62fb27f26f5cbcf02425c34279a49107f659f3775b8a533cd226fc6588c2f1
        State = 0xe259fe12ea53e72c7c464fa29a32360e
        NAS-IP-Address = 172.20.160.171
        Message-Authenticator = 0x5233cb5b3343b5ea0db86d94bf4150d9
+- entering group authorize {...}
++[preprocess] returns ok
++[mschap] returns noop
[eap] EAP packet type response id 10 length 96
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established.  Decoding tunneled attributes.
[peap] Received EAP-TLV response.
[peap] Success
[eap] Freeing handler
++[eap] returns ok
+- entering group post-auth {...}
++[reply] returns noop
[sql]   expand: %{User-Name} -> marpap
[sql] sql_set_user escaped user --> 'marpap'
[sql]   expand: %{User-Password} ->
[sql]   ... expanding second conditional
[sql]   expand: %{Chap-Password} ->
[sql]   expand: INSERT INTO radpostauth                          
(username, pass, reply, authdate)                           VALUES
(                           '%{User-Name}',                          
'%{%{User-Password}:-%{Chap-Password}}',                          
'%{reply:Packet-Type}', '%S') -> INSERT INTO
radpostauth                           (username, pass, reply,
authdate)                           VALUES (                          
'marpap',                           '',                          
'Access-Accept', '2010-08-31 17:59:05')
[sql]   expand: /var/log/freeradius/sqltrace.sql ->
/var/log/freeradius/sqltrace.sql
rlm_sql (sql) in sql_postauth: query is INSERT INTO
radpostauth                           (username, pass, reply,
authdate)                           VALUES (                          
'marpap',                           '',                          
'Access-Accept', '2010-08-31 17:59:05')
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql_mysql: query:  INSERT INTO radpostauth                          
(username, pass, reply, authdate)                           VALUES
(                           'marpap',                          
'',                           'Access-Accept', '2010-08-31 17:59:05')
rlm_sql (sql): Released sql socket id: 4
++[sql] returns ok
++[exec] returns noop
Sending Access-Accept of id 11 to 172.20.160.171 port 1812
        MS-MPPE-Recv-Key =
0x35b16df4a592e9da418da46ab5164210166ad66293fd8831c5dec7d2f7eb1a8d
        MS-MPPE-Send-Key =
0x0709cee111f7985f495c7208fe4ceb3b57b1657f9fc10762578ba41ba9727b85
        EAP-Message = 0x030a0004
        Message-Authenticator = 0x00000000000000000000000000000000
        User-Name = "marpap"
        Tunnel-Type:0 = VLAN
        Tunnel-Medium-Type:0 = IEEE-802
        Tunnel-Private-Group-Id:0 = "123"
Finished request 9.
Going to the next request
Waking up in 0.9 seconds.
Cleaning up request 5 ID 7 with timestamp +10
Waking up in 1.0 seconds.
Cleaning up request 6 ID 8 with timestamp +11
Waking up in 0.9 seconds.
Cleaning up request 7 ID 9 with timestamp +12
Waking up in 0.9 seconds.
Cleaning up request 8 ID 10 with timestamp +13
Waking up in 0.9 seconds.
Cleaning up request 9 ID 11 with timestamp +14
Ready to process requests.




More information about the Freeradius-Users mailing list