Freeradius-Users Digest, Vol 57, Issue 58

TAKANASHI, Hitoshi takanashi at nttmcl.com
Mon Jan 18 21:11:20 CET 2010



freeradius-users-request at lists.freeradius.org wrote:

>Send Freeradius-Users mailing list submissions to
>	freeradius-users at lists.freeradius.org
>
>To subscribe or unsubscribe via the World Wide Web, visit
>	http://lists.freeradius.org/mailman/listinfo/freeradius-users
>or, via email, send a message with subject or body 'help' to
>	freeradius-users-request at lists.freeradius.org
>
>You can reach the person managing the list at
>	freeradius-users-owner at lists.freeradius.org
>
>When replying, please edit your Subject line so it is more specific
>than "Re: Contents of Freeradius-Users digest..."
>
>
>Today's Topics:
>
>   1. Re: Escaped . does match any character (Matthias Cramer)
>   2. EAP-FAST (Stefan Winter)
>   3. Re: Can't start radiusd -X ? (Fernando)
>   4. Help with Freeradius + MySQL Problem.... (Ale Luna)
>
>
>----------------------------------------------------------------------
>
>Message: 1
>Date: Mon, 18 Jan 2010 13:50:39 +0100
>From: Matthias Cramer <matthias.cramer at iway.ch>
>Subject: Re: Escaped . does match any character
>To: FreeRadius users mailing list
>	<freeradius-users at lists.freeradius.org>
>Message-ID: <4B54591F.2040800 at iway.ch>
>Content-Type: text/plain; charset=UTF-8
>
>Hi Alan
>
>Alan DeKok wrote:
>> Matthias Cramer wrote:
>>> I have the following in my users file:
>>>
>>>
>>> DEFAULT User-Name =~ ".+\.xy at example.com", Auth-Type := Accept,
>>> Proxy-To-Realm := "DONOTREALM"
>>>
>>> This Regexp macthes not only user.xy at example.com but also
>>> useraxy at example.com.
>>>
>>> Is this a bug, or do I have to escape the . in a different way ?
>> 
>>   You may need two \\
>
>Thanks, this solved the problem.
>
>Regards
>
>  Matthias
>
>-- 
>Matthias Cramer / mc322-ripe   Senior Network & Security Engineer
>iway AG	                       Phone +41 43 500 1111
>Josefstrasse 225               Fax   +41 44 271 3535
>CH-8005 Z?rich                 http://www.iway.ch/
>GnuPG 1024D/2D208250 = DBC6 65B6 7083 1029 781E  3959 B62F DF1C 2D20 8250
>
>
>
>
>------------------------------
>
>Message: 2
>Date: Mon, 18 Jan 2010 14:05:04 +0100
>From: Stefan Winter <stefan.winter at restena.lu>
>Subject: EAP-FAST
>To: FreeRadius users mailing list
>	<freeradius-users at lists.freeradius.org>
>Message-ID: <4B545C80.5010703 at restena.lu>
>Content-Type: text/plain; charset="iso-8859-15"
>
>Hello,
>
>every now and then there's a mild interest on this list about enabling
>EAP-FAST. In our eduroam R&D group, we are currently looking into
>EAP-FAST, which naturally includes FreeRADIUS support. Is it worthwhile
>posting our results here, for others "play with it" as well? Or has
>everybody already run away from the somwhat complicated installation of
>EAP-FAST support in FreeRADIUS [we certainly had our difficulties...]
>
>Greetings,
>
>Stefan Winter
>
>-- 
>Stefan WINTER
>Ingenieur de Recherche
>Fondation RESTENA - R?seau T?l?informatique de l'Education Nationale et de la Recherche
>6, rue Richard Coudenhove-Kalergi
>L-1359 Luxembourg
>
>Tel: +352 424409 1
>Fax: +352 422473
>
>
>-------------- next part --------------
>A non-text attachment was scrubbed...
>Name: signature.asc
>Type: application/pgp-signature
>Size: 262 bytes
>Desc: OpenPGP digital signature
>Url : <https://lists.freeradius.org/pipermail/freeradius-users/attachments/20100118/6f89fcce/attachment.bin>
>
>------------------------------
>
>Message: 3
>Date: Mon, 18 Jan 2010 15:52:14 +0100
>From: Fernando <fbernal at um.es>
>Subject: Re: Can't start radiusd -X ?
>To: FreeRadius users mailing list
>	<freeradius-users at lists.freeradius.org>
>Message-ID: <4B54759E.30000 at um.es>
>Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
>Zhang Shukun escribi?:
>> hi, when i want to start radius in debug mode. error happened.
>>
>> Failed binding to authentication address * port 1812: Address already 
>> in use
>> /usr/local/etc/raddb/radiusd.conf[240]: Error binding to port for 
>> 0.0.0.0 port 1812
>>
>> Could you tell me what's wrong?
>kill your radiusd instance before run another one
>
>>
>> Thanks!
>>
>> -- 
>> Regards,
>> Sucan
>> ------------------------------------------------------------------------
>>
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
>
>------------------------------
>
>Message: 4
>Date: Mon, 18 Jan 2010 12:43:54 -0300
>From: Ale Luna <ale-luna at argentina.com>
>Subject: Help with Freeradius + MySQL Problem....
>To: freeradius-users at lists.freeradius.org
>Cc: ale-luna at mail.com
>Message-ID: <fc8cc3e22114199d4ad3ea77df9d4a23 at wmx1.argentina.com>
>Content-Type: text/plain; charset="iso-8859-1"
>
>Hi to all
>I have the following problem with my FreeRADIUS 2.1.8 + MySQL 5.0.75-0ubuntu10.2
>I configure my Freeradius in the most basic configuration like You recommend in your SQL HOWTO and I can Authenticate an 
>user whit the users file and everithing runs very well with all my users ....
>Now I configure It with MySQL and My Freeradius is talking with MySQL but I Can't get an Access-Accept to my users 
>If I run a radtest, I can have an Access-Accept but when I run with my Laptop using Windows XP SP3 I only have an 
>Access-Reject...
>
>This is my radiusd -X output, when I run my radtest and I can get an Access-Accept
>
>root at servidor1-desktop:/usr/local/etc/raddb# radtest alexmoon prueba 127.0.0.1 1812 testing123
>?
>
>rad_recv: Access-Request packet from host 127.0.0.1 port 32878, id=165, length=60 
>User-Name = "alexmoon" 
>User-Password = "prueba" 
>NAS-IP-Address = 127.0.1.1 
>NAS-Port = 1812 
>+- entering group authorize {...} 
>++[preprocess] returns ok 
>++[chap] returns noop 
>++[mschap] returns noop 
>[suffix] No '@' in User-Name = "alexmoon", looking up realm NULL 
>[suffix] No such realm "NULL" 
>++[suffix] returns noop 
>[eap] No EAP-Message, not doing EAP 
>++[eap] returns noop 
>++[unix] returns notfound 
>++[files] returns noop 
>[sql] expand: %{User-Name} -> alexmoon 
>[sql] sql_set_user escaped user --> 'alexmoon' 
>rlm_sql (sql): Reserving sql socket id: 4 
>[sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'alexmoon' ORDER BY id 
>[sql] User found in radcheck table 
>[sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'alexmoon' ORDER BY id 
>[sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'alexmoon' ORDER BY priority 
>[sql] expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = 'dynamic' ORDER BY id 
>[sql] User found in group dynamic 
>[sql] expand: SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = 'dynamic' ORDER BY id 
>rlm_sql (sql): Released sql socket id: 4 
>++[sql] returns ok 
>++[expiration] returns noop 
>++[logintime] returns noop 
>++[pap] returns updated 
>Found Auth-Type = PAP 
>+- entering group PAP {...} 
>[pap] login attempt with password "prueba" 
>[pap] Using clear text password "prueba" 
>[pap] User authenticated successfully 
>++[pap] returns ok 
>+- entering group post-auth {...} 
>++[exec] returns noop 
>Sending Access-Accept of id 165 to 127.0.0.1 port 32878 
>Service-Type := Framed-User 
>Framed-Protocol := PPP 
>Framed-Compression := Van-Jacobson-TCP-IP 
>Framed-MTU := 1500 
>Finished request 0. 
>Going to the next request 
>Waking up in 4.9 seconds. 
>Cleaning up request 0 ID 165 with timestamp +129 
>Ready to process requests. 
>?
>################################################################################################
>And this is my radiusd -X Output with the same user when I try to authenticate my laptop, is a very large output 
>and I can see it is doing more than 1, 2, 3,.... request and only in the first I can see the sql interaction...
>?
>rad_recv: Access-Request packet from host 192.168.1.10 port 1060, id=0, length=178 
>Message-Authenticator = 0x98fe26e9ef295e0939b045b3c3883ba9 
>Service-Type = Framed-User 
>User-Name = "alexmoon" 
>Framed-MTU = 1488 
>Called-Station-Id = "00-21-27-FB-5A-10:TP-LINK" 
>Calling-Station-Id = "00-22-68-B7-EE-D7" 
>NAS-Port-Type = Wireless-802.11 
>Connect-Info = "CONNECT 54Mbps 802.11g" 
>EAP-Message = 0x0200000d01616c65786d6f6f6e 
>NAS-IP-Address = 192.168.1.5 
>NAS-Port = 1 
>NAS-Port-Id = "STA port # 1" 
>+- entering group authorize {...} 
>++[preprocess] returns ok 
>++[chap] returns noop 
>++[mschap] returns noop 
>[suffix] No '@' in User-Name = "alexmoon", looking up realm NULL 
>[suffix] No such realm "NULL" 
>++[suffix] returns noop 
>[eap] EAP packet type response id 0 length 13 
>[eap] No EAP Start, assuming it's an on-going EAP conversation 
>++[eap] returns updated 
>++[unix] returns notfound 
>++[files] returns noop 
>[sql] expand: %{User-Name} -> alexmoon 
>[sql] sql_set_user escaped user --> 'alexmoon' 
>rlm_sql (sql): Reserving sql socket id: 2 
>[sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'alexmoon' ORDER BY id 
>[sql] User found in radcheck table 
>[sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'alexmoon' ORDER BY id 
>[sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'alexmoon' ORDER BY priority 
>[sql] expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = 'dynamic' ORDER BY id 
>[sql] User found in group dynamic 
>[sql] expand: SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = 'dynamic' ORDER BY id 
>rlm_sql (sql): Released sql socket id: 2 
>++[sql] returns ok 
>++[expiration] returns noop 
>++[logintime] returns noop 
>[pap] Found existing Auth-Type, not changing it. 
>++[pap] returns noop 
>Found Auth-Type = EAP 
>+- entering group authenticate {...} 
>[eap] EAP Identity 
>[eap] processing type md5 
>rlm_eap_md5: Issuing Challenge 
>++[eap] returns handled 
>Sending Access-Challenge of id 0 to 192.168.1.10 port 1060 
>Service-Type := Framed-User 
>Framed-Protocol := PPP 
>Framed-Compression := Van-Jacobson-TCP-IP 
>Framed-MTU := 1500 
>EAP-Message = 0x010100160410739d9907d0f007e8a5b9bf9e6ceedeb2 
>Message-Authenticator = 0x00000000000000000000000000000000 
>State = 0x043a00db043b04154cf77263c06ef160 
>Finished request 10. 
>Going to the next request 
>Waking up in 4.9 seconds. 
>rad_recv: Access-Request packet from host 192.168.1.10 port 1060, id=1, length=189 
>Message-Authenticator = 0x90c2a53ea79f5b5fcff2ff4effa6c9c9 
>Service-Type = Framed-User 
>User-Name = "alexmoon" 
>Framed-MTU = 1488 
>State = 0x043a00db043b04154cf77263c06ef160 
>Called-Station-Id = "00-21-27-FB-5A-10:TP-LINK" 
>Calling-Station-Id = "00-22-68-B7-EE-D7" 
>NAS-Port-Type = Wireless-802.11 
>Connect-Info = "CONNECT 54Mbps 802.11g" 
>EAP-Message = 0x020100060319 
>NAS-IP-Address = 192.168.1.5 
>NAS-Port = 1 
>NAS-Port-Id = "STA port # 1" 
>+- entering group authorize {...} 
>++[preprocess] returns ok 
>++[chap] returns noop 
>++[mschap] returns noop 
>[suffix] No '@' in User-Name = "alexmoon", looking up realm NULL 
>[suffix] No such realm "NULL" 
>++[suffix] returns noop 
>[eap] EAP packet type response id 1 length 6 
>[eap] No EAP Start, assuming it's an on-going EAP conversation 
>++[eap] returns updated 
>++[unix] returns notfound 
>++[files] returns noop 
>[sql] expand: %{User-Name} -> alexmoon 
>[sql] sql_set_user escaped user --> 'alexmoon' 
>rlm_sql (sql): Reserving sql socket id: 1 
>[sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'alexmoon' ORDER BY id 
>[sql] User found in radcheck table 
>[sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'alexmoon' ORDER BY id 
>[sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'alexmoon' ORDER BY priority 
>[sql] expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = 'dynamic' ORDER BY id 
>[sql] User found in group dynamic 
>[sql] expand: SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = 'dynamic' ORDER BY id 
>rlm_sql (sql): Released sql socket id: 1 
>++[sql] returns ok 
>++[expiration] returns noop 
>++[logintime] returns noop 
>[pap] Found existing Auth-Type, not changing it. 
>++[pap] returns noop 
>Found Auth-Type = EAP 
>+- entering group authenticate {...} 
>[eap] Request found, released from the list 
>[eap] EAP NAK 
>[eap] EAP-NAK asked for EAP-Type/peap 
>[eap] processing type tls 
>[tls] Initiate 
>[tls] Start returned 1 
>++[eap] returns handled 
>Sending Access-Challenge of id 1 to 192.168.1.10 port 1060 
>Service-Type := Framed-User 
>Framed-Protocol := PPP 
>Framed-Compression := Van-Jacobson-TCP-IP 
>Framed-MTU := 1500 
>EAP-Message = 0x010200061920 
>Message-Authenticator = 0x00000000000000000000000000000000 
>State = 0x043a00db053819154cf77263c06ef160 
>Finished request 11. 
>Going to the next request 
>Waking up in 4.9 seconds. 
>rad_recv: Access-Request packet from host 192.168.1.10 port 1060, id=2, length=263 
>Message-Authenticator = 0xeeb28ab0ada1ad4ba26125a9d6c10d0c 
>Service-Type = Framed-User 
>User-Name = "alexmoon" 
>Framed-MTU = 1488 
>State = 0x043a00db053819154cf77263c06ef160 
>Called-Station-Id = "00-21-27-FB-5A-10:TP-LINK" 
>Calling-Station-Id = "00-22-68-B7-EE-D7" 
>NAS-Port-Type = Wireless-802.11 
>Connect-Info = "CONNECT 54Mbps 802.11g" 
>EAP-Message = 0x0202005019800000004616030100410100003d03014b4fad659a9ce2fbeb4f5ffea969ffa643916fb5fe5947f16116d57cdbd2507a00001600040005000a000900640062000300060013001200630100 
>NAS-IP-Address = 192.168.1.5 
>NAS-Port = 1 
>NAS-Port-Id = "STA port # 1" 
>+- entering group authorize {...} 
>++[preprocess] returns ok 
>++[chap] returns noop 
>++[mschap] returns noop 
>[suffix] No '@' in User-Name = "alexmoon", looking up realm NULL 
>[suffix] No such realm "NULL" 
>++[suffix] returns noop 
>[eap] EAP packet type response id 2 length 80 
>[eap] Continuing tunnel setup. 
>++[eap] returns ok 
>Found Auth-Type = EAP 
>+- entering group authenticate {...} 
>[eap] Request found, released from the list 
>[eap] EAP/peap 
>[eap] processing type peap 
>[peap] processing EAP-TLS 
>TLS Length 70 
>[peap] Length Included 
>[peap] eaptls_verify returned 11 
>[peap] (other): before/accept initialization 
>[peap] TLS_accept: before/accept initialization 
>[peap] <<< TLS 1.0 Handshake [length 0041], ClientHello 
>[peap] TLS_accept: SSLv3 read client hello A 
>[peap] >>> TLS 1.0 Handshake [length 002a], ServerHello 
>[peap] TLS_accept: SSLv3 write server hello A 
>[peap] >>> TLS 1.0 Handshake [length 085e], Certificate 
>[peap] TLS_accept: SSLv3 write certificate A 
>[peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone 
>[peap] TLS_accept: SSLv3 write server done A 
>[peap] TLS_accept: SSLv3 flush data 
>[peap] TLS_accept: Need to read more data: SSLv3 read client certificate A 
>In SSL Handshake Phase 
>In SSL Accept mode 
>[peap] eaptls_process returned 13 
>[peap] EAPTLS_HANDLED 
>++[eap] returns handled 
>Sending Access-Challenge of id 2 to 192.168.1.10 port 1060 
>EAP-Message = 0x0103040019c00000089b160301002a0200002603014b4fad608e1611c18dd5080c12aa082cfa8dbab65a830ff3d7f424f6a876d40700000400160301085e0b00085a0008570003a6308203a23082028aa003020102020101300d06092a864886f70d0101040500308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479 
>EAP-Message = 0x301e170d3039313232343138323330365a170d3130313232343138323330365a307c310b3009060355040613024652310f300d0603550408130652616469757331153013060355040a130c4578616d706c6520496e632e312330210603550403131a4578616d706c65205365727665722043657274696669636174653120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100cf4dc6ad3d327155612f45f3a965c735dd65532ed0d3b9abb36a4e8a15c7650f375fc676baddfbafd21fba35dad2819fa96aa3dbee1849eb8f945049b6bb 
>EAP-Message = 0x6ab5cd9a58a1a4f661dce9a69e81422473bed1c7a47f708abdc60fd13b1c29fdef726b675346e590013ea3cae14bbb57c8b1582d0e5c6c02a4c4dec2a24dbfcc984f04f0cef38473118b210722e07d7c28b1f6d4520b85dcd4bf36744920f63535dbf5a4700464fb667b30ac94afa0c407905ea03d5977095f804fffdda7834cbb5ac049d498465f24b71be83d8ae93d015530b760a5080dbe28c2456797b34e1dc478a32906cadfb203d8b11a4fb4b1e90538f20fe427d0e34f047c3ca198543bf30203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d0101040500038201010003c62e5e0d0244b6f5 
>EAP-Message = 0x9925e951afecbeb0abf6f3a3e953bdfc1c85048b10d067ed86802d4dcd24ce16f5f6432e202dd5e91ce09a405e5f4f218406ca5e4172f15d392905f70a4d3a4512140c307fd68abac0255be7e3b551b3b4a6c63ae85bbb451dc136fc5f937d8789bdd5a5f9167ed5e75a50e4f847becb0e87c52e45cfc59f0363036d4a198e6b972c0d759e9f457c2d34946b5c220e3f7d49f01eb6f507333d3295720a1fc945b35c372a99974c54b72f5436739626328fec5ce6d4e5ca5e2149a3b92369400777cce709b3cde7af38a12d1b2b26d8de204a049257ecb700f901e156bede5e82ab6cdbf4428a9ef5bbf80f0b55ab5e9144e6f074407e350004ab308204 
>EAP-Message = 0xa73082038fa0030201020209 
>Message-Authenticator = 0x00000000000000000000000000000000 
>State = 0x043a00db063919154cf77263c06ef160 
>Finished request 12. 
>Going to the next request 
>Waking up in 4.9 seconds. 
>rad_recv: Access-Request packet from host 192.168.1.10 port 1060, id=3, length=189 
>Message-Authenticator = 0xb6576d7ee5e01e197c632fe7d20f45a1 
>Service-Type = Framed-User 
>User-Name = "alexmoon" 
>Framed-MTU = 1488 
>State = 0x043a00db063919154cf77263c06ef160 
>Called-Station-Id = "00-21-27-FB-5A-10:TP-LINK" 
>Calling-Station-Id = "00-22-68-B7-EE-D7" 
>NAS-Port-Type = Wireless-802.11 
>Connect-Info = "CONNECT 54Mbps 802.11g" 
>EAP-Message = 0x020300061900 
>NAS-IP-Address = 192.168.1.5 
>NAS-Port = 1 
>NAS-Port-Id = "STA port # 1" 
>+- entering group authorize {...} 
>++[preprocess] returns ok 
>++[chap] returns noop 
>++[mschap] returns noop 
>[suffix] No '@' in User-Name = "alexmoon", looking up realm NULL 
>[suffix] No such realm "NULL" 
>++[suffix] returns noop 
>[eap] EAP packet type response id 3 length 6 
>[eap] Continuing tunnel setup. 
>++[eap] returns ok 
>Found Auth-Type = EAP 
>+- entering group authenticate {...} 
>[eap] Request found, released from the list 
>[eap] EAP/peap 
>[eap] processing type peap 
>[peap] processing EAP-TLS 
>[peap] Received TLS ACK 
>[peap] ACK handshake fragment handler 
>[peap] eaptls_verify returned 1 
>[peap] eaptls_process returned 13 
>[peap] EAPTLS_HANDLED 
>++[eap] returns handled 
>Sending Access-Challenge of id 3 to 192.168.1.10 port 1060 
>EAP-Message = 0x010403fc194000b526c63ec2860c41300d06092a864886f70d0101050500308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479301e170d3039313232343138323330365a170d3130313232343138323330365a308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504 
>EAP-Message = 0x071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f7269747930820122300d06092a864886f70d01010105000382010f003082010a0282010100af53216f4070226b6621456467b8083ec8228e3c839fccd9b8133d19a065df275fea1450334ce0bb9942a863872efe551ed4f1a1adfd541eb5d1e918be984db37964a4c137153f3db595dd7d0dccddbc5a5104df68e170a6eda0d63f2bb866451c254e3a49c4f4f3e1f6071e7e65d1 
>EAP-Message = 0x489f4144e709bfe07d05d66fc198985555dd7f1c03216c5d71a074ac4bddadec93aadba95434368ccea897fb5ad0e16ebe9a7e2813961563f7b282f63ad653dfe16fca332e5cf93c9c47b3bc6a5af350d74676d425f0d47865ad0999ce9491ef5fe1f2d1c9b8d9b78e9b6f92b0d14d663c61f26261d65e41450b7cad7d729d2c1e5215081bb4ae3dab3e09532ad597f13f0203010001a381fb3081f8301d0603551d0e041604141254e57464a345c8860b1e1368ce66bf1a2de5423081c80603551d230481c03081bd80141254e57464a345c8860b1e1368ce66bf1a2de542a18199a48196308193310b3009060355040613024652310f300d06035504 
>EAP-Message = 0x0813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479820900b526c63ec2860c41300c0603551d13040530030101ff300d06092a864886f70d0101050500038201010085166fde34033935062c9a1f91962eb3a64d55a9d0766ac75d9cc485c761eb793c76264323c8a5b665d12f821cc685509791ef32bc042d6f45380ce11393384b634483d3386b856654560cfb3758ccc63b30 
>EAP-Message = 0x71fc430f72b2c81d 
>Message-Authenticator = 0x00000000000000000000000000000000 
>State = 0x043a00db073e19154cf77263c06ef160 
>Finished request 13. 
>Going to the next request 
>Waking up in 4.9 seconds. 
>rad_recv: Access-Request packet from host 192.168.1.10 port 1060, id=4, length=189 
>Message-Authenticator = 0xb377f7d0c4cb51758726ca050fd7146f 
>Service-Type = Framed-User 
>User-Name = "alexmoon" 
>Framed-MTU = 1488 
>State = 0x043a00db073e19154cf77263c06ef160 
>Called-Station-Id = "00-21-27-FB-5A-10:TP-LINK" 
>Calling-Station-Id = "00-22-68-B7-EE-D7" 
>NAS-Port-Type = Wireless-802.11 
>Connect-Info = "CONNECT 54Mbps 802.11g" 
>EAP-Message = 0x020400061900 
>NAS-IP-Address = 192.168.1.5 
>NAS-Port = 1 
>NAS-Port-Id = "STA port # 1" 
>+- entering group authorize {...} 
>++[preprocess] returns ok 
>++[chap] returns noop 
>++[mschap] returns noop 
>[suffix] No '@' in User-Name = "alexmoon", looking up realm NULL 
>[suffix] No such realm "NULL" 
>++[suffix] returns noop 
>[eap] EAP packet type response id 4 length 6 
>[eap] Continuing tunnel setup. 
>++[eap] returns ok 
>Found Auth-Type = EAP 
>+- entering group authenticate {...} 
>[eap] Request found, released from the list 
>[eap] EAP/peap 
>[eap] processing type peap 
>[peap] processing EAP-TLS 
>[peap] Received TLS ACK 
>[peap] ACK handshake fragment handler 
>[peap] eaptls_verify returned 1 
>[peap] eaptls_process returned 13 
>[peap] EAPTLS_HANDLED 
>++[eap] returns handled 
>Sending Access-Challenge of id 4 to 192.168.1.10 port 1060 
>EAP-Message = 0x010500b51900794b79ea841348662131dd8b2859030e05ae6e25eb94aeeb47189dfcad0ac73fbe13bc40052ea36862e34b18ae12dd66466c5db8690b7e915696e287191d756618c6690ab8a82b0e9e63070a5beb6de3ce93a78f31894b85c798381dc69e976b052b80b01ecc3d3acb7bf8141aa124094d24b808a32a304ab9174e2e484918c7f5067e9b9126c4e14a479c915bbef300845ad0674216abb7b198b2ff6531d2f59f6c5bdc625216030100040e000000 
>Message-Authenticator = 0x00000000000000000000000000000000 
>State = 0x043a00db003f19154cf77263c06ef160 
>Finished request 14. 
>Going to the next request 
>Waking up in 4.8 seconds. 
>rad_recv: Access-Request packet from host 192.168.1.10 port 1060, id=5, length=505 
>Message-Authenticator = 0x1027e3e1828740fbe58c5a21c7b36a7f 
>Service-Type = Framed-User 
>User-Name = "alexmoon" 
>Framed-MTU = 1488 
>State = 0x043a00db003f19154cf77263c06ef160 
>Called-Station-Id = "00-21-27-FB-5A-10:TP-LINK" 
>Calling-Station-Id = "00-22-68-B7-EE-D7" 
>NAS-Port-Type = Wireless-802.11 
>Connect-Info = "CONNECT 54Mbps 802.11g" 
>EAP-Message = 0x0205014019800000013616030101061000010201001d150b43732d1df67a2c9954e40dbd0d4b1a3942a1bf6105668d17322943422740a559b73ddb1ea538586ee1e22620c4d3cd7ce369f1cd14d6eba6d31a190ffb8d6fce52fb9f4693e44343b7d989754d8a7a6e5ee16b4b5a3ebb2937a589cab9bff4332f49ef53da68507b8bd5a96ba94d8060ec0f044c49f4759ff41d0032b1a4b34dc6c757900387e066af1ad174439e715b01a23eb989691755772e8f377fc99f4c4d7e66c82e77cf4eadc5041adcd97210283b9155398c3af6465e84b299fd0140c9ef4e0a70438af3f60e0a7a083b360ba8caef281fc5dec4df0ab765c9ac14e0299ff96b9e 
>EAP-Message = 0xb195517d78c1fb27bacce08d8595e6d0a735e11b894c3d5e14030100010116030100205c494488b295571f372cddd27008921d743a867ac158300c73d88eb53cdcd6c0 
>NAS-IP-Address = 192.168.1.5 
>NAS-Port = 1 
>NAS-Port-Id = "STA port # 1" 
>+- entering group authorize {...} 
>++[preprocess] returns ok 
>++[chap] returns noop 
>++[mschap] returns noop 
>[suffix] No '@' in User-Name = "alexmoon", looking up realm NULL 
>[suffix] No such realm "NULL" 
>++[suffix] returns noop 
>[eap] EAP packet type response id 5 length 253 
>[eap] Continuing tunnel setup. 
>++[eap] returns ok 
>Found Auth-Type = EAP 
>+- entering group authenticate {...} 
>[eap] Request found, released from the list 
>[eap] EAP/peap 
>[eap] processing type peap 
>[peap] processing EAP-TLS 
>TLS Length 310 
>[peap] Length Included 
>[peap] eaptls_verify returned 11 
>[peap] <<< TLS 1.0 Handshake [length 0106], ClientKeyExchange 
>[peap] TLS_accept: SSLv3 read client key exchange A 
>[peap] <<< TLS 1.0 ChangeCipherSpec [length 0001] 
>[peap] <<< TLS 1.0 Handshake [length 0010], Finished 
>[peap] TLS_accept: SSLv3 read finished A 
>[peap] >>> TLS 1.0 ChangeCipherSpec [length 0001] 
>[peap] TLS_accept: SSLv3 write change cipher spec A 
>[peap] >>> TLS 1.0 Handshake [length 0010], Finished 
>[peap] TLS_accept: SSLv3 write finished A 
>[peap] TLS_accept: SSLv3 flush data 
>[peap] (other): SSL negotiation finished successfully 
>SSL Connection Established 
>[peap] eaptls_process returned 13 
>[peap] EAPTLS_HANDLED 
>++[eap] returns handled 
>Sending Access-Challenge of id 5 to 192.168.1.10 port 1060 
>EAP-Message = 0x010600311900140301000101160301002067fe1793f016565d10b02851ee1a7248c50e5406b4074453e24b318bb0989a20 
>Message-Authenticator = 0x00000000000000000000000000000000 
>State = 0x043a00db013c19154cf77263c06ef160 
>Finished request 15. 
>Going to the next request 
>Waking up in 4.7 seconds. 
>rad_recv: Access-Request packet from host 192.168.1.10 port 1060, id=6, length=505 
>Message-Authenticator = 0x728299ab490caf6af3905238fb92df7a 
>Service-Type = Framed-User 
>User-Name = "alexmoon" 
>Framed-MTU = 1488 
>State = 0xd59750e4d191490045b22f12f1b8e43e 
>Called-Station-Id = "00-21-27-FB-5A-10:TP-LINK" 
>Calling-Station-Id = "00-22-68-B7-EE-D7" 
>NAS-Port-Type = Wireless-802.11 
>Connect-Info = "CONNECT 54Mbps 802.11g" 
>EAP-Message = 0x020601401980000001361603010106100001020100abda5c21ed9ff50be717e2d776b293bc884bbd72c165f9493208a21442db65d253bcd44a2756a1106d21af9d68b4f242185e9b96a2f63de4fbb3999acfccb21124ca1f7d3d9586b0e3d0993f08d0d1971c6a20b653efee63056ef7cbb2e5d43e922aff8ec8c99ebe3f11fe3f1c87521b7d82f58a8dfea2f0719a87118c13122a7036fa65acc6dfcd79d244dd8b7fe6298eba29ddabf42ef10efb449328499585a9eeab013a42da816cd0dce04745a1c595f9d8c9169957c87a7fef626825a0254db8c2ab08ea84c61bf57d8991f98cb56978e10f5ffae23d025080a755dd1b162fe2643f66ff92c3 
>EAP-Message = 0xcdef94ee28aaa02fdae268614bf4dcd5f1492f1d4dc40ad51403010001011603010020edefeea82fcb88158e3b7734a649469f8942ca0f600b945360e10ff5f1b237ab 
>NAS-IP-Address = 192.168.1.5 
>NAS-Port = 1 
>NAS-Port-Id = "STA port # 1" 
>+- entering group authorize {...} 
>++[preprocess] returns ok 
>++[chap] returns noop 
>++[mschap] returns noop 
>[suffix] No '@' in User-Name = "alexmoon", looking up realm NULL 
>[suffix] No such realm "NULL" 
>++[suffix] returns noop 
>[eap] EAP packet type response id 6 length 253 
>[eap] Continuing tunnel setup. 
>++[eap] returns ok 
>Found Auth-Type = EAP 
>+- entering group authenticate {...} 
>[eap] Request found, released from the list 
>[eap] EAP/peap 
>[eap] processing type peap 
>[peap] processing EAP-TLS 
>TLS Length 310 
>[peap] Length Included 
>[peap] eaptls_verify returned 11 
>[peap] <<< TLS 1.0 Handshake [length 0106], ClientKeyExchange 
>[peap] TLS_accept: SSLv3 read client key exchange A 
>[peap] <<< TLS 1.0 ChangeCipherSpec [length 0001] 
>[peap] <<< TLS 1.0 Handshake [length 0010], Finished 
>[peap] TLS_accept: SSLv3 read finished A 
>[peap] >>> TLS 1.0 ChangeCipherSpec [length 0001] 
>[peap] TLS_accept: SSLv3 write change cipher spec A 
>[peap] >>> TLS 1.0 Handshake [length 0010], Finished 
>[peap] TLS_accept: SSLv3 write finished A 
>[peap] TLS_accept: SSLv3 flush data 
>[peap] (other): SSL negotiation finished successfully 
>SSL Connection Established 
>[peap] eaptls_process returned 13 
>[peap] EAPTLS_HANDLED 
>++[eap] returns handled 
>Sending Access-Challenge of id 6 to 192.168.1.10 port 1060 
>EAP-Message = 0x01070031190014030100010116030100200ce6d1a797311fb8320943f625858c9ed525457cf7b530143b24685f2d00ce32 
>Message-Authenticator = 0x00000000000000000000000000000000 
>State = 0xd59750e4d090490045b22f12f1b8e43e 
>Finished request 16. 
>Going to the next request 
>Waking up in 3.7 seconds. 
>rad_recv: Access-Request packet from host 192.168.1.10 port 1060, id=7, length=189 
>Message-Authenticator = 0xf6156e7f878a80e329008af8da8b1d67 
>Service-Type = Framed-User 
>User-Name = "alexmoon" 
>Framed-MTU = 1488 
>State = 0xd59750e4d090490045b22f12f1b8e43e 
>Called-Station-Id = "00-21-27-FB-5A-10:TP-LINK" 
>Calling-Station-Id = "00-22-68-B7-EE-D7" 
>NAS-Port-Type = Wireless-802.11 
>Connect-Info = "CONNECT 54Mbps 802.11g" 
>EAP-Message = 0x020700061900 
>NAS-IP-Address = 192.168.1.5 
>NAS-Port = 1 
>NAS-Port-Id = "STA port # 1" 
>+- entering group authorize {...} 
>++[preprocess] returns ok 
>++[chap] returns noop 
>++[mschap] returns noop 
>[suffix] No '@' in User-Name = "alexmoon", looking up realm NULL 
>[suffix] No such realm "NULL" 
>++[suffix] returns noop 
>[eap] EAP packet type response id 7 length 6 
>[eap] Continuing tunnel setup. 
>++[eap] returns ok 
>Found Auth-Type = EAP 
>+- entering group authenticate {...} 
>[eap] Request found, released from the list 
>[eap] EAP/peap 
>[eap] processing type peap 
>[peap] processing EAP-TLS 
>[peap] Received TLS ACK 
>[peap] ACK handshake is finished 
>[peap] eaptls_verify returned 3 
>[peap] eaptls_process returned 3 
>[peap] EAPTLS_SUCCESS 
>++[eap] returns handled 
>Sending Access-Challenge of id 7 to 192.168.1.10 port 1060 
>EAP-Message = 0x0108002019001703010015bd2ca6dc31201cbac2765c94ad5303ba4129260bf8 
>Message-Authenticator = 0x00000000000000000000000000000000 
>State = 0xd59750e4d39f490045b22f12f1b8e43e 
>Finished request 17. 
>Going to the next request 
>Waking up in 2.7 seconds. 
>rad_recv: Access-Request packet from host 192.168.1.10 port 1060, id=8, length=219 
>Message-Authenticator = 0xd4d619972ac59c3378c8cbbfa0c8b0aa 
>Service-Type = Framed-User 
>User-Name = "alexmoon" 
>Framed-MTU = 1488 
>State = 0xd59750e4d39f490045b22f12f1b8e43e 
>Called-Station-Id = "00-21-27-FB-5A-10:TP-LINK" 
>Calling-Station-Id = "00-22-68-B7-EE-D7" 
>NAS-Port-Type = Wireless-802.11 
>Connect-Info = "CONNECT 54Mbps 802.11g" 
>EAP-Message = 0x0208002419001703010019b852857840f2598aa6f763c8cf37968914ee607f6b8d338b5a 
>NAS-IP-Address = 192.168.1.5 
>NAS-Port = 1 
>NAS-Port-Id = "STA port # 1" 
>+- entering group authorize {...} 
>++[preprocess] returns ok 
>++[chap] returns noop 
>++[mschap] returns noop 
>[suffix] No '@' in User-Name = "alexmoon", looking up realm NULL 
>[suffix] No such realm "NULL" 
>++[suffix] returns noop 
>[eap] EAP packet type response id 8 length 36 
>[eap] Continuing tunnel setup. 
>++[eap] returns ok 
>Found Auth-Type = EAP 
>+- entering group authenticate {...} 
>[eap] Request found, released from the list 
>[eap] EAP/peap 
>[eap] processing type peap 
>[peap] processing EAP-TLS 
>[peap] eaptls_verify returned 7 
>[peap] Done initial handshake 
>[peap] eaptls_process returned 7 
>[peap] EAPTLS_OK 
>[peap] Session established. Decoding tunneled attributes. 
>[peap] Identity - alexmoon 
>[peap] Got tunneled request 
>EAP-Message = 0x0208000d01616c65786d6f6f6e 
>server { 
>PEAP: Got tunneled identity of alexmoon 
>PEAP: Setting default EAP type for tunneled EAP session. 
>PEAP: Setting User-Name to alexmoon 
>Sending tunneled request 
>EAP-Message = 0x0208000d01616c65786d6f6f6e 
>FreeRADIUS-Proxied-To = 127.0.0.1 
>User-Name = "alexmoon" 
>Service-Type = Framed-User 
>Framed-MTU = 1488 
>Called-Station-Id = "00-21-27-FB-5A-10:TP-LINK" 
>Calling-Station-Id = "00-22-68-B7-EE-D7" 
>NAS-Port-Type = Wireless-802.11 
>Connect-Info = "CONNECT 54Mbps 802.11g" 
>NAS-IP-Address = 192.168.1.5 
>NAS-Port = 1 
>NAS-Port-Id = "STA port # 1" 
>server inner-tunnel { 
>+- entering group authorize {...} 
>++[chap] returns noop 
>++[mschap] returns noop 
>++[unix] returns notfound 
>[suffix] No '@' in User-Name = "alexmoon", looking up realm NULL 
>[suffix] No such realm "NULL" 
>++[suffix] returns noop 
>++[control] returns noop 
>[eap] EAP packet type response id 8 length 13 
>[eap] No EAP Start, assuming it's an on-going EAP conversation 
>++[eap] returns updated 
>++[files] returns noop 
>++[expiration] returns noop 
>++[logintime] returns noop 
>++[pap] returns noop 
>Found Auth-Type = EAP 
>+- entering group authenticate {...} 
>[eap] EAP Identity 
>[eap] processing type mschapv2 
>rlm_eap_mschapv2: Issuing Challenge 
>++[eap] returns handled 
>} # server inner-tunnel 
>[peap] Got tunneled reply code 11 
>EAP-Message = 0x010900221a0109001d10df7423b52603b13210d2ab29758122cd616c65786d6f6f6e 
>Message-Authenticator = 0x00000000000000000000000000000000 
>State = 0x236e171123670dd05b80bcbd90b4450f 
>[peap] Got tunneled reply RADIUS code 11 
>EAP-Message = 0x010900221a0109001d10df7423b52603b13210d2ab29758122cd616c65786d6f6f6e 
>Message-Authenticator = 0x00000000000000000000000000000000 
>State = 0x236e171123670dd05b80bcbd90b4450f 
>[peap] Got tunneled Access-Challenge 
>++[eap] returns handled 
>Sending Access-Challenge of id 8 to 192.168.1.10 port 1060 
>EAP-Message = 0x010900391900170301002e34b8040eee73493cdbab2165d4af7b7b846dc28272752c8c870a55590c2961a1467130f4273c935663d362439ebf 
>Message-Authenticator = 0x00000000000000000000000000000000 
>State = 0xd59750e4d29e490045b22f12f1b8e43e 
>Finished request 18. 
>Going to the next request 
>Waking up in 2.6 seconds. 
>rad_recv: Access-Request packet from host 192.168.1.10 port 1060, id=9, length=273 
>Message-Authenticator = 0xe240978f209e4bbe0dc03c770b583d4e 
>Service-Type = Framed-User 
>User-Name = "alexmoon" 
>Framed-MTU = 1488 
>State = 0xd59750e4d29e490045b22f12f1b8e43e 
>Called-Station-Id = "00-21-27-FB-5A-10:TP-LINK" 
>Calling-Station-Id = "00-22-68-B7-EE-D7" 
>NAS-Port-Type = Wireless-802.11 
>Connect-Info = "CONNECT 54Mbps 802.11g" 
>EAP-Message = 0x0209005a1900170301004f0a8979df9593c6ea1ae7efbd97b57e6c69ce5269a3191f1cee64f80be2e37da7808f7867320332f9f5234c4e1b9efc74068bcef6c9a838994b8067c79dba9d4cdf8070b7a72e47759ac67e977924a9 
>NAS-IP-Address = 192.168.1.5 
>NAS-Port = 1 
>NAS-Port-Id = "STA port # 1" 
>+- entering group authorize {...} 
>++[preprocess] returns ok 
>++[chap] returns noop 
>++[mschap] returns noop 
>[suffix] No '@' in User-Name = "alexmoon", looking up realm NULL 
>[suffix] No such realm "NULL" 
>++[suffix] returns noop 
>[eap] EAP packet type response id 9 length 90 
>[eap] Continuing tunnel setup. 
>++[eap] returns ok 
>Found Auth-Type = EAP 
>+- entering group authenticate {...} 
>[eap] Request found, released from the list 
>[eap] EAP/peap 
>[eap] processing type peap 
>[peap] processing EAP-TLS 
>[peap] eaptls_verify returned 7 
>[peap] Done initial handshake 
>[peap] eaptls_process returned 7 
>[peap] EAPTLS_OK 
>[peap] Session established. Decoding tunneled attributes. 
>[peap] EAP type mschapv2 
>[peap] Got tunneled request 
>EAP-Message = 0x020900431a0209003e314bb8a0e4a2fed3fb7f36852ae21d2c6f0000000000000000ad31edb3c40dd7c7b3479ebdea4885e099f63702c6eb18f800616c65786d6f6f6e 
>server { 
>PEAP: Setting User-Name to alexmoon 
>Sending tunneled request 
>EAP-Message = 0x020900431a0209003e314bb8a0e4a2fed3fb7f36852ae21d2c6f0000000000000000ad31edb3c40dd7c7b3479ebdea4885e099f63702c6eb18f800616c65786d6f6f6e 
>FreeRADIUS-Proxied-To = 127.0.0.1 
>User-Name = "alexmoon" 
>State = 0x236e171123670dd05b80bcbd90b4450f 
>Service-Type = Framed-User 
>Framed-MTU = 1488 
>Called-Station-Id = "00-21-27-FB-5A-10:TP-LINK" 
>Calling-Station-Id = "00-22-68-B7-EE-D7" 
>NAS-Port-Type = Wireless-802.11 
>Connect-Info = "CONNECT 54Mbps 802.11g" 
>NAS-IP-Address = 192.168.1.5 
>NAS-Port = 1 
>NAS-Port-Id = "STA port # 1" 
>server inner-tunnel { 
>+- entering group authorize {...} 
>++[chap] returns noop 
>++[mschap] returns noop 
>++[unix] returns notfound 
>[suffix] No '@' in User-Name = "alexmoon", looking up realm NULL 
>[suffix] No such realm "NULL" 
>++[suffix] returns noop 
>++[control] returns noop 
>[eap] EAP packet type response id 9 length 67 
>[eap] No EAP Start, assuming it's an on-going EAP conversation 
>++[eap] returns updated 
>++[files] returns noop 
>++[expiration] returns noop 
>++[logintime] returns noop 
>++[pap] returns noop 
>Found Auth-Type = EAP 
>+- entering group authenticate {...} 
>[eap] Request found, released from the list 
>[eap] EAP/mschapv2 
>[eap] processing type mschapv2 
>[mschapv2] +- entering group MS-CHAP {...} 
>[mschap] No Cleartext-Password configured. Cannot create LM-Password. 
>[mschap] No Cleartext-Password configured. Cannot create NT-Password. 
>[mschap] Told to do MS-CHAPv2 for alexmoon with NT-Password 
>[mschap] FAILED: No NT/LM-Password. Cannot perform authentication. 
>[mschap] FAILED: MS-CHAP2-Response is incorrect 
>++[mschap] returns reject 
>[eap] Freeing handler 
>++[eap] returns reject 
>Failed to authenticate the user. 
>} # server inner-tunnel 
>[peap] Got tunneled reply code 3 
>MS-CHAP-Error = "\tE=691 R=1" 
>EAP-Message = 0x04090004 
>Message-Authenticator = 0x00000000000000000000000000000000 
>[peap] Got tunneled reply RADIUS code 3 
>MS-CHAP-Error = "\tE=691 R=1" 
>EAP-Message = 0x04090004 
>Message-Authenticator = 0x00000000000000000000000000000000 
>[peap] Tunneled authentication was rejected. 
>[peap] FAILURE 
>++[eap] returns handled 
>Sending Access-Challenge of id 9 to 192.168.1.10 port 1060 
>EAP-Message = 0x010a00261900170301001bcb26c0900b6c7334a11d90d38d3eae1d4bed0508ec5dcafbe5cf9e 
>Message-Authenticator = 0x00000000000000000000000000000000 
>State = 0xd59750e4dd9d490045b22f12f1b8e43e 
>Finished request 19. 
>Going to the next request 
>Waking up in 2.6 seconds. 
>rad_recv: Access-Request packet from host 192.168.1.10 port 1060, id=10, length=221 
>Message-Authenticator = 0x30bd3c98fa2126beff67293312dd4d54 
>Service-Type = Framed-User 
>User-Name = "alexmoon" 
>Framed-MTU = 1488 
>State = 0xd59750e4dd9d490045b22f12f1b8e43e 
>Called-Station-Id = "00-21-27-FB-5A-10:TP-LINK" 
>Calling-Station-Id = "00-22-68-B7-EE-D7" 
>NAS-Port-Type = Wireless-802.11 
>Connect-Info = "CONNECT 54Mbps 802.11g" 
>EAP-Message = 0x020a00261900170301001b1cee016d3d76e97133abb3fb9e621ac14d14ed95a56470c731c8c7 
>NAS-IP-Address = 192.168.1.5 
>NAS-Port = 1 
>NAS-Port-Id = "STA port # 1" 
>+- entering group authorize {...} 
>++[preprocess] returns ok 
>++[chap] returns noop 
>++[mschap] returns noop 
>[suffix] No '@' in User-Name = "alexmoon", looking up realm NULL 
>[suffix] No such realm "NULL" 
>++[suffix] returns noop 
>[eap] EAP packet type response id 10 length 38 
>[eap] Continuing tunnel setup. 
>++[eap] returns ok 
>Found Auth-Type = EAP 
>+- entering group authenticate {...} 
>[eap] Request found, released from the list 
>[eap] EAP/peap 
>[eap] processing type peap 
>[peap] processing EAP-TLS 
>[peap] eaptls_verify returned 7 
>[peap] Done initial handshake 
>[peap] eaptls_process returned 7 
>[peap] EAPTLS_OK 
>[peap] Session established. Decoding tunneled attributes. 
>[peap] Received EAP-TLV response. 
>[peap] Had sent TLV failure. User was rejected earlier in this session. 
>[eap] Handler failed in EAP/peap 
>[eap] Failed in EAP select 
>++[eap] returns invalid 
>Failed to authenticate the user. 
>Using Post-Auth-Type Reject 
>+- entering group REJECT {...} 
>[attr_filter.access_reject] expand: %{User-Name} -> alexmoon 
>attr_filter: Matched entry DEFAULT at line 11 
>++[attr_filter.access_reject] returns updated 
>Delaying reject of request 20 for 1 seconds 
>Going to the next request 
>Waking up in 0.9 seconds. 
>Sending delayed reject for request 20 
>Sending Access-Reject of id 10 to 192.168.1.10 port 1060 
>EAP-Message = 0x040a0004 
>Message-Authenticator = 0x00000000000000000000000000000000 
>Waking up in 1.6 seconds. 
>Cleaning up request 10 ID 0 with timestamp +53 
>Cleaning up request 11 ID 1 with timestamp +53 
>Cleaning up request 12 ID 2 with timestamp +53 
>Cleaning up request 13 ID 3 with timestamp +53 
>Cleaning up request 14 ID 4 with timestamp +53 
>Cleaning up request 15 ID 5 with timestamp +53 
>Waking up in 1.1 seconds. 
>Cleaning up request 16 ID 6 with timestamp +54 
>Waking up in 1.0 seconds. 
>Cleaning up request 17 ID 7 with timestamp +55 
>Cleaning up request 18 ID 8 with timestamp +55 
>Cleaning up request 19 ID 9 with timestamp +55 
>Waking up in 1.0 seconds. 
>Cleaning up request 20 ID 10 with timestamp +55 
>Ready to process requests.
>
>##############################################################################################################
>If You have any sugestion I really appreciate, Thanks for your time to help me and all the people in this mailing list....
>Thank you in advance...
>All
>?
>
>-------------- next part --------------
>An HTML attachment was scrubbed...
>URL: <https://lists.freeradius.org/pipermail/freeradius-users/attachments/20100118/48301be7/attachment.html>
>
>------------------------------
>
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
>End of Freeradius-Users Digest, Vol 57, Issue 58
>************************************************




More information about the Freeradius-Users mailing list