AW: postproxy breaks eap authentication
hans.bornemann at tu-dortmund.de
hans.bornemann at tu-dortmund.de
Wed Nov 17 14:49:02 CET 2010
Hi,
the debug output:
the differences begin at line 82.
Thanks
hans
1. without postproxy
############without post-proxy ###################
rad_recv: Access-Request packet from host 192.168.10.10 port 32768, id=75, length=215
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x0202001c016d68616e626f726e4074752d646f72746d756e642e6465
Message-Authenticator = 0xd5c382277710afa8317da27237ea09fa
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "tu-dortmund.de" for User-Name = "testuser at tu-dortmund.de"
[suffix] Found realm "tu-dortmund.de"
[suffix] Adding Realm = "tu-dortmund.de"
[suffix] Proxying request from user testuser to realm tu-dortmund.de
[suffix] Preparing to proxy authentication request to realm "tu-dortmund.de"
++[suffix] returns updated
[eap] Request is supposed to be proxied to Realm tu-dortmund.de. Not doing EAP.
++[eap] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
WARNING: Empty section. Using default return values.
Sending Access-Request of id 137 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x0202001c016d68616e626f726e4074752d646f72746d756e642e6465
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3735
Proxying request 0 to home server 129.217.131.42 port 1812
Sending Access-Request of id 137 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x0202001c016d68616e626f726e4074752d646f72746d756e642e6465
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3735
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Access-Challenge packet from host 129.217.131.42 port 1812, id=137, length=68
EAP-Message = 0x010300061920
Message-Authenticator = 0x14967f75b5c45d7d7dde72b19e9955ab
State = 0x4be46e334be77713b03b4dc635d63d43
Proxy-State = 0x3735
+- entering group post-proxy {...}
[post_proxy_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d -> /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d expands to /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] expand: %t -> Fri Nov 12 09:43:24 2010
++[post_proxy_log] returns ok
[eap] No pre-existing handler found
++[eap] returns noop
Sending Access-Challenge of id 75 to 192.168.10.10 port 32768
EAP-Message = 0x010300061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x4be46e334be77713b03b4dc635d63d43
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 192.168.10.10 port 32768, id=76, length=292
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x0203005719800000004d16030100480100004403014cdcfe2aa854ea70bfde8d5ce18b3add883979df06a50f0fb82351a592c9265b00001600040005000a0009006400620003000600130012006301000005ff01000100
State = 0x4be46e334be77713b03b4dc635d63d43
Message-Authenticator = 0x7b3dcbe75097797444b75fcbfa2333cb
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "tu-dortmund.de" for User-Name = "testuser at tu-dortmund.de"
[suffix] Found realm "tu-dortmund.de"
[suffix] Adding Realm = "tu-dortmund.de"
[suffix] Proxying request from user testuser to realm tu-dortmund.de
[suffix] Preparing to proxy authentication request to realm "tu-dortmund.de"
++[suffix] returns updated
[eap] Request is supposed to be proxied to Realm tu-dortmund.de. Not doing EAP.
++[eap] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
WARNING: Empty section. Using default return values.
Sending Access-Request of id 233 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x0203005719800000004d16030100480100004403014cdcfe2aa854ea70bfde8d5ce18b3add883979df06a50f0fb82351a592c9265b00001600040005000a0009006400620003000600130012006301000005ff01000100
State = 0x4be46e334be77713b03b4dc635d63d43
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3736
Proxying request 1 to home server 129.217.131.42 port 1812
Sending Access-Request of id 233 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x0203005719800000004d16030100480100004403014cdcfe2aa854ea70bfde8d5ce18b3add883979df06a50f0fb82351a592c9265b00001600040005000a0009006400620003000600130012006301000005ff01000100
State = 0x4be46e334be77713b03b4dc635d63d43
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3736
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Access-Challenge packet from host 129.217.131.42 port 1812, id=233, length=1094
EAP-Message = 0x0104040019c0000012a716030100310200002d03014cdcfdf378e084bc9dbef6e770538827bd2925db478c1f152a3c5b666b9bf018000004000005ff0100010016030112630b00125f00125c00055f3082055b30820443a00302010202040c241b80300d06092a864886f70d0101050500308195310b3009060355040613024445311e301c060355040a1315556e6976657273697461657420446f72746d756e64311f301d060355040b1316486f6368736368756c72656368656e7a656e7472756d311e301c06035504031315556e6920446f72746d756e64204341202d204730313125302306092a864886f70d0109011616636140706b692e756e69
EAP-Message = 0x2d646f72746d756e642e6465301e170d3038303431353132323230385a170d3133303431343132323230385a30818f310b3009060355040613024445311e301c060355040a1315556e6976657273697461657420446f72746d756e64310d300b060355040b130449544d433111300f06035504071308446f72746d756e64311c301a060355040813134e6f7264726865696e2d5765737466616c656e3120301e06035504031317756e696d61696c2e756e692d646f72746d756e642e646530820122300d06092a864886f70d01010105000382010f003082010a0282010100ca0e7f76442ccacd39a38e8e62f598860024e7fb2c5a7618ceb7d6f7b3cf
EAP-Message = 0x1d11038eab5dc233a604fd12e605dd7cf198b0b50689dbb55d2d671232dc80268570cafe408b54538ad80032969c2f1d4b0e58866fd8fd12abaa09ce08f2abe3aa25eb9291ab318d015b70eb3baf9f7fe9c6b3b3817a2a5983e1d2b3531916b873b29b4027076473956b6b3bc9e1c52577ef22fd619a3e307d3bd56b5a6fda3a5c542f5c11e3ad90d1171e3e3d2b5e4bc76a653c5bcc636efc1dddd963f45bc18b2b75bbea414ba62081d857f39e1d0577246bb21918f2b8e3c5207d9a756c977c5d7caa55fe5576d79dace14af1ea82808cdc0d8412a78ca585f8d4357b989926dd0203010001a38201b5308201b130090603551d1304023000300b06
EAP-Message = 0x03551d0f0404030205e0301d0603551d250416301406082b0601050507030206082b06010505070301301d0603551d0e041604142721f30ecc23ceaabe4c4ac310a25e0272cc02fe301f0603551d23041830168014b6c54c1e86869c1a885135ee146699c133ebc33c30220603551d11041b30198217756e696d61696c2e756e692d646f72746d756e642e6465307b0603551d1f047430723037a035a0338631687474703a2f2f636470312e7063612e64666e2e64652f756e69646f2d63612f7075622f63726c2f636163726c2e63726c3037a035a0338631687474703a2f2f636470322e7063612e64666e2e64652f756e69646f2d63612f7075622f
EAP-Message = 0x63726c2f636163726c2e6372
Message-Authenticator = 0xdabd25d0ae764250c11dfd38aaaa5d62
State = 0x4be46e334ae07713b03b4dc635d63d43
Proxy-State = 0x3736
+- entering group post-proxy {...}
[post_proxy_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d -> /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d expands to /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] expand: %t -> Fri Nov 12 09:43:24 2010
++[post_proxy_log] returns ok
[eap] No pre-existing handler found
++[eap] returns noop
Sending Access-Challenge of id 76 to 192.168.10.10 port 32768
EAP-Message = 0x0104040019c0000012a716030100310200002d03014cdcfdf378e084bc9dbef6e770538827bd2925db478c1f152a3c5b666b9bf018000004000005ff0100010016030112630b00125f00125c00055f3082055b30820443a00302010202040c241b80300d06092a864886f70d0101050500308195310b3009060355040613024445311e301c060355040a1315556e6976657273697461657420446f72746d756e64311f301d060355040b1316486f6368736368756c72656368656e7a656e7472756d311e301c06035504031315556e6920446f72746d756e64204341202d204730313125302306092a864886f70d0109011616636140706b692e756e69
EAP-Message = 0x2d646f72746d756e642e6465301e170d3038303431353132323230385a170d3133303431343132323230385a30818f310b3009060355040613024445311e301c060355040a1315556e6976657273697461657420446f72746d756e64310d300b060355040b130449544d433111300f06035504071308446f72746d756e64311c301a060355040813134e6f7264726865696e2d5765737466616c656e3120301e06035504031317756e696d61696c2e756e692d646f72746d756e642e646530820122300d06092a864886f70d01010105000382010f003082010a0282010100ca0e7f76442ccacd39a38e8e62f598860024e7fb2c5a7618ceb7d6f7b3cf
EAP-Message = 0x1d11038eab5dc233a604fd12e605dd7cf198b0b50689dbb55d2d671232dc80268570cafe408b54538ad80032969c2f1d4b0e58866fd8fd12abaa09ce08f2abe3aa25eb9291ab318d015b70eb3baf9f7fe9c6b3b3817a2a5983e1d2b3531916b873b29b4027076473956b6b3bc9e1c52577ef22fd619a3e307d3bd56b5a6fda3a5c542f5c11e3ad90d1171e3e3d2b5e4bc76a653c5bcc636efc1dddd963f45bc18b2b75bbea414ba62081d857f39e1d0577246bb21918f2b8e3c5207d9a756c977c5d7caa55fe5576d79dace14af1ea82808cdc0d8412a78ca585f8d4357b989926dd0203010001a38201b5308201b130090603551d1304023000300b06
EAP-Message = 0x03551d0f0404030205e0301d0603551d250416301406082b0601050507030206082b06010505070301301d0603551d0e041604142721f30ecc23ceaabe4c4ac310a25e0272cc02fe301f0603551d23041830168014b6c54c1e86869c1a885135ee146699c133ebc33c30220603551d11041b30198217756e696d61696c2e756e692d646f72746d756e642e6465307b0603551d1f047430723037a035a0338631687474703a2f2f636470312e7063612e64666e2e64652f756e69646f2d63612f7075622f63726c2f636163726c2e63726c3037a035a0338631687474703a2f2f636470322e7063612e64666e2e64652f756e69646f2d63612f7075622f
EAP-Message = 0x63726c2f636163726c2e6372
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x4be46e334ae07713b03b4dc635d63d43
Finished request 1.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 192.168.10.10 port 32768, id=77, length=211
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020400061900
State = 0x4be46e334ae07713b03b4dc635d63d43
Message-Authenticator = 0x4b29e92a48e8446c3efd159ef01ba601
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "tu-dortmund.de" for User-Name = "testuser at tu-dortmund.de"
[suffix] Found realm "tu-dortmund.de"
[suffix] Adding Realm = "tu-dortmund.de"
[suffix] Proxying request from user testuser to realm tu-dortmund.de
[suffix] Preparing to proxy authentication request to realm "tu-dortmund.de"
++[suffix] returns updated
[eap] Request is supposed to be proxied to Realm tu-dortmund.de. Not doing EAP.
++[eap] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
WARNING: Empty section. Using default return values.
Sending Access-Request of id 156 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020400061900
State = 0x4be46e334ae07713b03b4dc635d63d43
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3737
Proxying request 2 to home server 129.217.131.42 port 1812
Sending Access-Request of id 156 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020400061900
State = 0x4be46e334ae07713b03b4dc635d63d43
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3737
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Access-Challenge packet from host 129.217.131.42 port 1812, id=156, length=1090
EAP-Message = 0x010503fc19406c30819606082b06010505070101048189308186304106082b060105050730028635687474703a2f2f636470312e7063612e64666e2e64652f756e69646f2d63612f7075622f6361636572742f6361636572742e637274304106082b060105050730028635687474703a2f2f636470322e7063612e64666e2e64652f756e69646f2d63612f7075622f6361636572742f6361636572742e637274300d06092a864886f70d010105050003820101004fa47802d8026282a4969c5879abbfcf03641b98b7e5b499e8715a042fc75d5b1d9632cb42dc65c5ff4c5c4b8b58944a63441af656404539afc4c367e405b16e98673f518d4f671122
EAP-Message = 0xaf0ba516e09afdb62e5c3ffac9f26d5e154a5cfa3e1ed5ad82ba5151882a3a88b9629c1ce8afcc940c10b7ff4ef476b9b9bc52c889db2330c610362d2ffedbf779358ad51d619bfdcb92a0ebcc529a78ac1da3a0c2e3e921d61cf39e445d5e0663a87803108917dc1c5b088be7d579a55afdf784ec925b697781acf712b7e3c9c44416387bc74a84ca518bdd01509a7b032d09e7a83580adfef9fe1ceb43d2b3b298176c89d1a5a2d84d5e8e486478bf948347756e5ef9000529308205253082040da003020102020409de9958300d06092a864886f70d0101050500305a310b300906035504061302444531133011060355040a130a44464e2d566572
EAP-Message = 0x65696e3110300e060355040b130744464e2d504b49312430220603550403131b44464e2d56657265696e2050434120476c6f62616c202d20473031301e170d3037303133303130313935345a170d3139303132393030303030305a308195310b3009060355040613024445311e301c060355040a1315556e6976657273697461657420446f72746d756e64311f301d060355040b1316486f6368736368756c72656368656e7a656e7472756d311e301c06035504031315556e6920446f72746d756e64204341202d204730313125302306092a864886f70d0109011616636140706b692e756e692d646f72746d756e642e646530820122300d06092a86
EAP-Message = 0x4886f70d01010105000382010f003082010a02820101008ae4f8612242b609e316b981fa84dab71045b2e85aafd50663fa96a0b828d3e41af4ee055027aee042a691a85813c0ca623c186dc8b97c7bef75cbe9220c5d0a484e7df955e93d57875ebd66f05cf0e67268f8f518753bb9f2a420623d0aa53c1b85c15dbd33c016f6ade349f04c45fba01efe1161ca54d9a578a6a6c8a5bc97d5fe3a422e3c0228badc6c0413cc9a790c8a7836176d07aea34cf36a1c278c4f1f59ea3a11f7753ce3cc820212beaa17fb27dc2ee91e8a1e36cb7fcdc63f897370e0ed0e8b59864255cc1ef0dcf61546618aba3c8a9b52f76c8970e2125d7a304f760ba9095a
EAP-Message = 0x95861ee4d214a9d9
Message-Authenticator = 0x4bab5b526d2fb801c5e57a6e19dc0233
State = 0x4be46e3349e17713b03b4dc635d63d43
Proxy-State = 0x3737
+- entering group post-proxy {...}
[post_proxy_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d -> /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d expands to /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] expand: %t -> Fri Nov 12 09:43:24 2010
++[post_proxy_log] returns ok
[eap] No pre-existing handler found
++[eap] returns noop
Sending Access-Challenge of id 77 to 192.168.10.10 port 32768
EAP-Message = 0x010503fc19406c30819606082b06010505070101048189308186304106082b060105050730028635687474703a2f2f636470312e7063612e64666e2e64652f756e69646f2d63612f7075622f6361636572742f6361636572742e637274304106082b060105050730028635687474703a2f2f636470322e7063612e64666e2e64652f756e69646f2d63612f7075622f6361636572742f6361636572742e637274300d06092a864886f70d010105050003820101004fa47802d8026282a4969c5879abbfcf03641b98b7e5b499e8715a042fc75d5b1d9632cb42dc65c5ff4c5c4b8b58944a63441af656404539afc4c367e405b16e98673f518d4f671122
EAP-Message = 0xaf0ba516e09afdb62e5c3ffac9f26d5e154a5cfa3e1ed5ad82ba5151882a3a88b9629c1ce8afcc940c10b7ff4ef476b9b9bc52c889db2330c610362d2ffedbf779358ad51d619bfdcb92a0ebcc529a78ac1da3a0c2e3e921d61cf39e445d5e0663a87803108917dc1c5b088be7d579a55afdf784ec925b697781acf712b7e3c9c44416387bc74a84ca518bdd01509a7b032d09e7a83580adfef9fe1ceb43d2b3b298176c89d1a5a2d84d5e8e486478bf948347756e5ef9000529308205253082040da003020102020409de9958300d06092a864886f70d0101050500305a310b300906035504061302444531133011060355040a130a44464e2d566572
EAP-Message = 0x65696e3110300e060355040b130744464e2d504b49312430220603550403131b44464e2d56657265696e2050434120476c6f62616c202d20473031301e170d3037303133303130313935345a170d3139303132393030303030305a308195310b3009060355040613024445311e301c060355040a1315556e6976657273697461657420446f72746d756e64311f301d060355040b1316486f6368736368756c72656368656e7a656e7472756d311e301c06035504031315556e6920446f72746d756e64204341202d204730313125302306092a864886f70d0109011616636140706b692e756e692d646f72746d756e642e646530820122300d06092a86
EAP-Message = 0x4886f70d01010105000382010f003082010a02820101008ae4f8612242b609e316b981fa84dab71045b2e85aafd50663fa96a0b828d3e41af4ee055027aee042a691a85813c0ca623c186dc8b97c7bef75cbe9220c5d0a484e7df955e93d57875ebd66f05cf0e67268f8f518753bb9f2a420623d0aa53c1b85c15dbd33c016f6ade349f04c45fba01efe1161ca54d9a578a6a6c8a5bc97d5fe3a422e3c0228badc6c0413cc9a790c8a7836176d07aea34cf36a1c278c4f1f59ea3a11f7753ce3cc820212beaa17fb27dc2ee91e8a1e36cb7fcdc63f897370e0ed0e8b59864255cc1ef0dcf61546618aba3c8a9b52f76c8970e2125d7a304f760ba9095a
EAP-Message = 0x95861ee4d214a9d9
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x4be46e3349e17713b03b4dc635d63d43
Finished request 2.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 192.168.10.10 port 32768, id=78, length=211
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020500061900
State = 0x4be46e3349e17713b03b4dc635d63d43
Message-Authenticator = 0x5138ebc4d5ceb7d44788f01d5df84cd8
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "tu-dortmund.de" for User-Name = "testuser at tu-dortmund.de"
[suffix] Found realm "tu-dortmund.de"
[suffix] Adding Realm = "tu-dortmund.de"
[suffix] Proxying request from user testuser to realm tu-dortmund.de
[suffix] Preparing to proxy authentication request to realm "tu-dortmund.de"
++[suffix] returns updated
[eap] Request is supposed to be proxied to Realm tu-dortmund.de. Not doing EAP.
++[eap] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
WARNING: Empty section. Using default return values.
Sending Access-Request of id 16 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020500061900
State = 0x4be46e3349e17713b03b4dc635d63d43
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3738
Proxying request 3 to home server 129.217.131.42 port 1812
Sending Access-Request of id 16 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020500061900
State = 0x4be46e3349e17713b03b4dc635d63d43
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3738
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Access-Challenge packet from host 129.217.131.42 port 1812, id=16, length=1090
EAP-Message = 0x010603fc19401b7a8a4e57d1b3024cd22cb73ec7818f68e30203010001a38201b5308201b1300f0603551d130101ff040530030101ff300b0603551d0f040403020106301d0603551d0e04160414b6c54c1e86869c1a885135ee146699c133ebc33c301f0603551d2304183016801449b7c6cfe83d1f7fea447b1329f7f10a703ede6430210603551d11041a30188116636140706b692e756e692d646f72746d756e642e64653081880603551d1f048180307e303da03ba0398637687474703a2f2f636470312e7063612e64666e2e64652f676c6f62616c2d726f6f742d63612f7075622f63726c2f636163726c2e63726c303da03ba0398637687474
EAP-Message = 0x703a2f2f636470322e7063612e64666e2e64652f676c6f62616c2d726f6f742d63612f7075622f63726c2f636163726c2e63726c3081a206082b06010505070101048195308192304706082b06010505073002863b687474703a2f2f636470312e7063612e64666e2e64652f676c6f62616c2d726f6f742d63612f7075622f6361636572742f6361636572742e637274304706082b06010505073002863b687474703a2f2f636470322e7063612e64666e2e64652f676c6f62616c2d726f6f742d63612f7075622f6361636572742f6361636572742e637274300d06092a864886f70d0101050500038201010042ea392d1744cdbc8421de52f6e572b2
EAP-Message = 0x7cd0fa31795cc78c9aa857c80305edafc93a486fc47aaab44653501910963c5e7608175b24dc2111490d1e20bd2f18d5d6fdf23a8e99cc18462d8dadcca981aa2c46ccde6b2b19ce57ddfb57cca0522f17375eaf2b3472f2742e378f40c5551e49a01e2e12c996e0c7fa52be3f2eaef931737aa701c3d8ecbfa976e799febcf56693f34f0d6ec93de4b07492010cc5730ea88d7b1716e2fdde3c9c49cc2896a97923efa91c22cd9fd1a341513e83381f4394ce2bbf06d1ce1a2ae9beb259381a2c375d91b2c057c19c591833b52b447b8922cd41eece287904ed5a8fd26e2bd0b97ebcc97a36318cce8f34a215d526d40004253082042130820309a003
EAP-Message = 0x020102020200c7300d06092a864886f70d01010505003071310b3009060355040613024445311c301a060355040a131344657574736368652054656c656b6f6d204147311f301d060355040b1316542d54656c655365632054727573742043656e746572312330210603550403131a44657574736368652054656c656b6f6d20526f6f742043412032301e170d3036313231393130323930305a170d3139303633303233353930305a305a310b300906035504061302444531133011060355040a130a44464e2d56657265696e3110300e060355040b130744464e2d504b49312430220603550403131b44464e2d56657265696e2050434120476c6f62
EAP-Message = 0x616c202d20473031
Message-Authenticator = 0x768b626c6eb949cb0f30c94b4fbc73d5
State = 0x4be46e3348e27713b03b4dc635d63d43
Proxy-State = 0x3738
+- entering group post-proxy {...}
[post_proxy_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d -> /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d expands to /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] expand: %t -> Fri Nov 12 09:43:24 2010
++[post_proxy_log] returns ok
[eap] No pre-existing handler found
++[eap] returns noop
Sending Access-Challenge of id 78 to 192.168.10.10 port 32768
EAP-Message = 0x010603fc19401b7a8a4e57d1b3024cd22cb73ec7818f68e30203010001a38201b5308201b1300f0603551d130101ff040530030101ff300b0603551d0f040403020106301d0603551d0e04160414b6c54c1e86869c1a885135ee146699c133ebc33c301f0603551d2304183016801449b7c6cfe83d1f7fea447b1329f7f10a703ede6430210603551d11041a30188116636140706b692e756e692d646f72746d756e642e64653081880603551d1f048180307e303da03ba0398637687474703a2f2f636470312e7063612e64666e2e64652f676c6f62616c2d726f6f742d63612f7075622f63726c2f636163726c2e63726c303da03ba0398637687474
EAP-Message = 0x703a2f2f636470322e7063612e64666e2e64652f676c6f62616c2d726f6f742d63612f7075622f63726c2f636163726c2e63726c3081a206082b06010505070101048195308192304706082b06010505073002863b687474703a2f2f636470312e7063612e64666e2e64652f676c6f62616c2d726f6f742d63612f7075622f6361636572742f6361636572742e637274304706082b06010505073002863b687474703a2f2f636470322e7063612e64666e2e64652f676c6f62616c2d726f6f742d63612f7075622f6361636572742f6361636572742e637274300d06092a864886f70d0101050500038201010042ea392d1744cdbc8421de52f6e572b2
EAP-Message = 0x7cd0fa31795cc78c9aa857c80305edafc93a486fc47aaab44653501910963c5e7608175b24dc2111490d1e20bd2f18d5d6fdf23a8e99cc18462d8dadcca981aa2c46ccde6b2b19ce57ddfb57cca0522f17375eaf2b3472f2742e378f40c5551e49a01e2e12c996e0c7fa52be3f2eaef931737aa701c3d8ecbfa976e799febcf56693f34f0d6ec93de4b07492010cc5730ea88d7b1716e2fdde3c9c49cc2896a97923efa91c22cd9fd1a341513e83381f4394ce2bbf06d1ce1a2ae9beb259381a2c375d91b2c057c19c591833b52b447b8922cd41eece287904ed5a8fd26e2bd0b97ebcc97a36318cce8f34a215d526d40004253082042130820309a003
EAP-Message = 0x020102020200c7300d06092a864886f70d01010505003071310b3009060355040613024445311c301a060355040a131344657574736368652054656c656b6f6d204147311f301d060355040b1316542d54656c655365632054727573742043656e746572312330210603550403131a44657574736368652054656c656b6f6d20526f6f742043412032301e170d3036313231393130323930305a170d3139303633303233353930305a305a310b300906035504061302444531133011060355040a130a44464e2d56657265696e3110300e060355040b130744464e2d504b49312430220603550403131b44464e2d56657265696e2050434120476c6f62
EAP-Message = 0x616c202d20473031
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x4be46e3348e27713b03b4dc635d63d43
Finished request 3.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 192.168.10.10 port 32768, id=79, length=211
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020600061900
State = 0x4be46e3348e27713b03b4dc635d63d43
Message-Authenticator = 0x4f0971b8b8d2a7964a598511defc6c65
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "tu-dortmund.de" for User-Name = "testuser at tu-dortmund.de"
[suffix] Found realm "tu-dortmund.de"
[suffix] Adding Realm = "tu-dortmund.de"
[suffix] Proxying request from user testuser to realm tu-dortmund.de
[suffix] Preparing to proxy authentication request to realm "tu-dortmund.de"
++[suffix] returns updated
[eap] Request is supposed to be proxied to Realm tu-dortmund.de. Not doing EAP.
++[eap] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
WARNING: Empty section. Using default return values.
Sending Access-Request of id 101 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020600061900
State = 0x4be46e3348e27713b03b4dc635d63d43
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3739
Proxying request 4 to home server 129.217.131.42 port 1812
Sending Access-Request of id 101 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020600061900
State = 0x4be46e3348e27713b03b4dc635d63d43
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3739
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Access-Challenge packet from host 129.217.131.42 port 1812, id=101, length=1090
EAP-Message = 0x010703fc194030820122300d06092a864886f70d01010105000382010f003082010a0282010100e99bc36785f90daef58d54c39650353d62e96e4ced94d7005b952274d420eb348fd6ecc031040b9981e2a614d252a02823848b7489045e5be0e278c178cb16cb2835397b2d9045d0eda0007a7cbf4a0e1b00c386e95c2b31117b0cf38224438c1c388b6a68009aeedc4f78abd2c6139b76adeede26e8ef01af740fc109a2f66bcebdd3cd14304ff5e5e3a4c8629b821a0327300d0265604dedd109232a96355827d376c671b6901dc4edff35867d6f33b3db0fc511c28a83a1945d416bd8d210f54cfdca51acd9bdef9283bbdaeb8b16565643cfe1d5
EAP-Message = 0x133da61f2730cd4954dbc913349a7175c56ceaa70b98f9219d27af3ea33939486a8cadc999fbc312f2bd0203010001a381d93081d630700603551d1f046930673065a063a061865f687474703a2f2f706b692e74656c657365632e64652f6367692d62696e2f736572766963652f61665f446f776e6c6f616441524c2e63726c3f2d63726c5f666f726d61743d585f353039262d6973737565723d44545f524f4f545f43415f32301d0603551d0e0416041449b7c6cfe83d1f7fea447b1329f7f10a703ede64301f0603551d2304183016801431c3791bbaf553d717e0897a2d176c0ab32b9d33300e0603551d0f0101ff04040302010630120603551d
EAP-Message = 0x130101ff040830060101ff020102300d06092a864886f70d010105050003820101003be15a77c04817dca918ec81af5a89f0bd2892a6ca59181270ec28f2e7ae7f962ce7f25d1931f6132b74bdbd80b2b9f767c939a2793be11111ee6b7891337e3b5f26277553658e3363eecf73c3b092234921507523a11f18e294853d3f33e977208da2bde6a1852940f63f7332580d096ba6da856cc03fbb8d666456244eae0d3f3235015be98c82d972594fb18685f1748556e5c3f85cf38dee47b3530570e7e54d8a698328e11309869e5ec8ea581e0c1ff9a4d45a0468fd283e8b02b658b5f6a12c37570067ab23688d63a5ef996b5cfd4b56f6ab408734d411
EAP-Message = 0x926cec87c50a0b073372b46f0c1d542cd851c7ccbf30d34372f132bf8cce4963a800f7f21c0003a33082039f30820287a003020102020126300d06092a864886f70d01010505003071310b3009060355040613024445311c301a060355040a131344657574736368652054656c656b6f6d204147311f301d060355040b1316542d54656c655365632054727573742043656e746572312330210603550403131a44657574736368652054656c656b6f6d20526f6f742043412032301e170d3939303730393132313130305a170d3139303730393233353930305a3071310b3009060355040613024445311c301a060355040a1313446575747363686520
EAP-Message = 0x54656c656b6f6d20
Message-Authenticator = 0x5aaa90da71bf3a69fda02e737069c522
State = 0x4be46e334fe37713b03b4dc635d63d43
Proxy-State = 0x3739
+- entering group post-proxy {...}
[post_proxy_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d -> /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d expands to /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] expand: %t -> Fri Nov 12 09:43:24 2010
++[post_proxy_log] returns ok
[eap] No pre-existing handler found
++[eap] returns noop
Sending Access-Challenge of id 79 to 192.168.10.10 port 32768
EAP-Message = 0x010703fc194030820122300d06092a864886f70d01010105000382010f003082010a0282010100e99bc36785f90daef58d54c39650353d62e96e4ced94d7005b952274d420eb348fd6ecc031040b9981e2a614d252a02823848b7489045e5be0e278c178cb16cb2835397b2d9045d0eda0007a7cbf4a0e1b00c386e95c2b31117b0cf38224438c1c388b6a68009aeedc4f78abd2c6139b76adeede26e8ef01af740fc109a2f66bcebdd3cd14304ff5e5e3a4c8629b821a0327300d0265604dedd109232a96355827d376c671b6901dc4edff35867d6f33b3db0fc511c28a83a1945d416bd8d210f54cfdca51acd9bdef9283bbdaeb8b16565643cfe1d5
EAP-Message = 0x133da61f2730cd4954dbc913349a7175c56ceaa70b98f9219d27af3ea33939486a8cadc999fbc312f2bd0203010001a381d93081d630700603551d1f046930673065a063a061865f687474703a2f2f706b692e74656c657365632e64652f6367692d62696e2f736572766963652f61665f446f776e6c6f616441524c2e63726c3f2d63726c5f666f726d61743d585f353039262d6973737565723d44545f524f4f545f43415f32301d0603551d0e0416041449b7c6cfe83d1f7fea447b1329f7f10a703ede64301f0603551d2304183016801431c3791bbaf553d717e0897a2d176c0ab32b9d33300e0603551d0f0101ff04040302010630120603551d
EAP-Message = 0x130101ff040830060101ff020102300d06092a864886f70d010105050003820101003be15a77c04817dca918ec81af5a89f0bd2892a6ca59181270ec28f2e7ae7f962ce7f25d1931f6132b74bdbd80b2b9f767c939a2793be11111ee6b7891337e3b5f26277553658e3363eecf73c3b092234921507523a11f18e294853d3f33e977208da2bde6a1852940f63f7332580d096ba6da856cc03fbb8d666456244eae0d3f3235015be98c82d972594fb18685f1748556e5c3f85cf38dee47b3530570e7e54d8a698328e11309869e5ec8ea581e0c1ff9a4d45a0468fd283e8b02b658b5f6a12c37570067ab23688d63a5ef996b5cfd4b56f6ab408734d411
EAP-Message = 0x926cec87c50a0b073372b46f0c1d542cd851c7ccbf30d34372f132bf8cce4963a800f7f21c0003a33082039f30820287a003020102020126300d06092a864886f70d01010505003071310b3009060355040613024445311c301a060355040a131344657574736368652054656c656b6f6d204147311f301d060355040b1316542d54656c655365632054727573742043656e746572312330210603550403131a44657574736368652054656c656b6f6d20526f6f742043412032301e170d3939303730393132313130305a170d3139303730393233353930305a3071310b3009060355040613024445311c301a060355040a1313446575747363686520
EAP-Message = 0x54656c656b6f6d20
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x4be46e334fe37713b03b4dc635d63d43
Finished request 4.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 192.168.10.10 port 32768, id=80, length=211
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020700061900
State = 0x4be46e334fe37713b03b4dc635d63d43
Message-Authenticator = 0xf867011aac610e0125c71e1023526847
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "tu-dortmund.de" for User-Name = "testuser at tu-dortmund.de"
[suffix] Found realm "tu-dortmund.de"
[suffix] Adding Realm = "tu-dortmund.de"
[suffix] Proxying request from user testuser to realm tu-dortmund.de
[suffix] Preparing to proxy authentication request to realm "tu-dortmund.de"
++[suffix] returns updated
[eap] Request is supposed to be proxied to Realm tu-dortmund.de. Not doing EAP.
++[eap] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
WARNING: Empty section. Using default return values.
Sending Access-Request of id 176 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020700061900
State = 0x4be46e334fe37713b03b4dc635d63d43
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3830
Proxying request 5 to home server 129.217.131.42 port 1812
Sending Access-Request of id 176 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020700061900
State = 0x4be46e334fe37713b03b4dc635d63d43
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3830
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Access-Challenge packet from host 129.217.131.42 port 1812, id=176, length=791
EAP-Message = 0x010802d519004147311f301d060355040b1316542d54656c655365632054727573742043656e746572312330210603550403131a44657574736368652054656c656b6f6d20526f6f74204341203230820122300d06092a864886f70d01010105000382010f003082010a0282010100ab0ba335e08b2914b11485af3c10e4396f355d4aaeddea618d9549f46f64a31a6066a4a9402284d9d4a5e578930e6801adb94d5c3aced3b8a84240dfcfa3ba82596a921bac1c9ada082b2527f9692347f1e0eb2c7a9bf51302d07e347cc29e3c0059abf5da0cf5323c2bac50dad6c3de8394caa80c99320e0848565b6afbdae1585801495f72413c1506018e5dad
EAP-Message = 0xaab893b4cd9eeba7e86a2d5234db3aef5c7551dadbf331f9ee719832c45415440cf99b55edaddf1808a0a3868a49ee53058f194cd5de58799bd26a1c42abc5d5a7cf680f96e4e161987661c8917cd63e00e2915087e19d0ae6ad97d21dc63a7dcbbcda0334d58e5b01f56a07b716b66e4a7f0203010001a3423040301d0603551d0e0416041431c3791bbaf553d717e0897a2d176c0ab32b9d33300f0603551d13040830060101ff020105300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100946459ad3964e729eb13fe5ac38b1357c80424f07477c060e367fbe989a683bf96827c6ed4c33def9e806ebb29b4
EAP-Message = 0x987ab13b54eb3917477e1a8e0bfc1f31593104b2ce17f32cc7623655e222d88955b49848aa64fad61c36d844785a5a233a5797f57a304fae9f6a4c4b2b8ea003e33ee0a9d4d27bd2b3a8e2723cad9eff8059e49b45b4f63bb0cd39199832e5ea216190e431218e34b1f72f354a8510dae78a3721be5963e0f285883153d45414857079f42e067727752f1fb88af9fec5bad836e483ece765b7bf635af346af819437d4418cd623d61ecff5681b4463a25abaa73559a1e570059b0e235799940a6dba3963288692f31884d8fbd1cf0556645716030100040e000000
Message-Authenticator = 0x39529adfab9d34b785634e20e3433435
State = 0x4be46e334eec7713b03b4dc635d63d43
Proxy-State = 0x3830
+- entering group post-proxy {...}
[post_proxy_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d -> /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d expands to /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] expand: %t -> Fri Nov 12 09:43:24 2010
++[post_proxy_log] returns ok
[eap] No pre-existing handler found
++[eap] returns noop
Sending Access-Challenge of id 80 to 192.168.10.10 port 32768
EAP-Message = 0x010802d519004147311f301d060355040b1316542d54656c655365632054727573742043656e746572312330210603550403131a44657574736368652054656c656b6f6d20526f6f74204341203230820122300d06092a864886f70d01010105000382010f003082010a0282010100ab0ba335e08b2914b11485af3c10e4396f355d4aaeddea618d9549f46f64a31a6066a4a9402284d9d4a5e578930e6801adb94d5c3aced3b8a84240dfcfa3ba82596a921bac1c9ada082b2527f9692347f1e0eb2c7a9bf51302d07e347cc29e3c0059abf5da0cf5323c2bac50dad6c3de8394caa80c99320e0848565b6afbdae1585801495f72413c1506018e5dad
EAP-Message = 0xaab893b4cd9eeba7e86a2d5234db3aef5c7551dadbf331f9ee719832c45415440cf99b55edaddf1808a0a3868a49ee53058f194cd5de58799bd26a1c42abc5d5a7cf680f96e4e161987661c8917cd63e00e2915087e19d0ae6ad97d21dc63a7dcbbcda0334d58e5b01f56a07b716b66e4a7f0203010001a3423040301d0603551d0e0416041431c3791bbaf553d717e0897a2d176c0ab32b9d33300f0603551d13040830060101ff020105300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100946459ad3964e729eb13fe5ac38b1357c80424f07477c060e367fbe989a683bf96827c6ed4c33def9e806ebb29b4
EAP-Message = 0x987ab13b54eb3917477e1a8e0bfc1f31593104b2ce17f32cc7623655e222d88955b49848aa64fad61c36d844785a5a233a5797f57a304fae9f6a4c4b2b8ea003e33ee0a9d4d27bd2b3a8e2723cad9eff8059e49b45b4f63bb0cd39199832e5ea216190e431218e34b1f72f354a8510dae78a3721be5963e0f285883153d45414857079f42e067727752f1fb88af9fec5bad836e483ece765b7bf635af346af819437d4418cd623d61ecff5681b4463a25abaa73559a1e570059b0e235799940a6dba3963288692f31884d8fbd1cf0556645716030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x4be46e334eec7713b03b4dc635d63d43
Finished request 5.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 192.168.10.10 port 32768, id=81, length=527
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020801401980000001361603010106100001020100019d360f4941b8770c18698fb107abe5914e6ac5e368dded8a54d641d4c176ce15630b09c6c5853d5aae7b9ebfab06d126927696c4afd28354e88e9553ad0e263f97577f137e64b772d988f7a742510bab509c05fe8d92e1a8ef5a5852fbe8d5e3d27d082fa74a01f64d1eb95a9a9b3bea9e0e3cced10c835e445ce3d4469d25bb2973d54e5040f26070a857526e9c9a4673d7283abffc544d1c319794ef92d36e34a97501cd7deeb3b3b603cd2684c4c5ded374515a953828247f3521268db92bc0edfa8f52960c86f907c262b30ce7feb1d7b141d8e9dd9e3a32037f040d06dcb30614bada8c6b
EAP-Message = 0xbd9db73112696068cc65059202668b6cc293a4c85231194c1403010001011603010020bc4a477eec0ce505456dd296aa2cd5434e2222f22ba4af18aa4808db33555972
State = 0x4be46e334eec7713b03b4dc635d63d43
Message-Authenticator = 0x249f3aee701ea70237910d6b197144b3
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "tu-dortmund.de" for User-Name = "testuser at tu-dortmund.de"
[suffix] Found realm "tu-dortmund.de"
[suffix] Adding Realm = "tu-dortmund.de"
[suffix] Proxying request from user testuser to realm tu-dortmund.de
[suffix] Preparing to proxy authentication request to realm "tu-dortmund.de"
++[suffix] returns updated
[eap] Request is supposed to be proxied to Realm tu-dortmund.de. Not doing EAP.
++[eap] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
WARNING: Empty section. Using default return values.
Sending Access-Request of id 232 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020801401980000001361603010106100001020100019d360f4941b8770c18698fb107abe5914e6ac5e368dded8a54d641d4c176ce15630b09c6c5853d5aae7b9ebfab06d126927696c4afd28354e88e9553ad0e263f97577f137e64b772d988f7a742510bab509c05fe8d92e1a8ef5a5852fbe8d5e3d27d082fa74a01f64d1eb95a9a9b3bea9e0e3cced10c835e445ce3d4469d25bb2973d54e5040f26070a857526e9c9a4673d7283abffc544d1c319794ef92d36e34a97501cd7deeb3b3b603cd2684c4c5ded374515a953828247f3521268db92bc0edfa8f52960c86f907c262b30ce7feb1d7b141d8e9dd9e3a32037f040d06dcb30614bada8c6b
EAP-Message = 0xbd9db73112696068cc65059202668b6cc293a4c85231194c1403010001011603010020bc4a477eec0ce505456dd296aa2cd5434e2222f22ba4af18aa4808db33555972
State = 0x4be46e334eec7713b03b4dc635d63d43
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3831
Proxying request 6 to home server 129.217.131.42 port 1812
Sending Access-Request of id 232 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020801401980000001361603010106100001020100019d360f4941b8770c18698fb107abe5914e6ac5e368dded8a54d641d4c176ce15630b09c6c5853d5aae7b9ebfab06d126927696c4afd28354e88e9553ad0e263f97577f137e64b772d988f7a742510bab509c05fe8d92e1a8ef5a5852fbe8d5e3d27d082fa74a01f64d1eb95a9a9b3bea9e0e3cced10c835e445ce3d4469d25bb2973d54e5040f26070a857526e9c9a4673d7283abffc544d1c319794ef92d36e34a97501cd7deeb3b3b603cd2684c4c5ded374515a953828247f3521268db92bc0edfa8f52960c86f907c262b30ce7feb1d7b141d8e9dd9e3a32037f040d06dcb30614bada8c6b
EAP-Message = 0xbd9db73112696068cc65059202668b6cc293a4c85231194c1403010001011603010020bc4a477eec0ce505456dd296aa2cd5434e2222f22ba4af18aa4808db33555972
State = 0x4be46e334eec7713b03b4dc635d63d43
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3831
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Access-Challenge packet from host 129.217.131.42 port 1812, id=232, length=111
EAP-Message = 0x0109003119001403010001011603010020a30eaf6dbab8adfec84d629581223822b444a1b6f541a5c35e2341aed8c33845
Message-Authenticator = 0x2b8fb3a8efa22a30fd23c351ed8108c2
State = 0x4be46e334ded7713b03b4dc635d63d43
Proxy-State = 0x3831
+- entering group post-proxy {...}
[post_proxy_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d -> /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d expands to /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] expand: %t -> Fri Nov 12 09:43:24 2010
++[post_proxy_log] returns ok
[eap] No pre-existing handler found
++[eap] returns noop
Sending Access-Challenge of id 81 to 192.168.10.10 port 32768
EAP-Message = 0x0109003119001403010001011603010020a30eaf6dbab8adfec84d629581223822b444a1b6f541a5c35e2341aed8c33845
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x4be46e334ded7713b03b4dc635d63d43
Finished request 6.
Going to the next request
Waking up in 4.8 seconds.
rad_recv: Access-Request packet from host 192.168.10.10 port 32768, id=82, length=211
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020900061900
State = 0x4be46e334ded7713b03b4dc635d63d43
Message-Authenticator = 0xd30055acf6440f25eb19636d02eb0048
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "tu-dortmund.de" for User-Name = "testuser at tu-dortmund.de"
[suffix] Found realm "tu-dortmund.de"
[suffix] Adding Realm = "tu-dortmund.de"
[suffix] Proxying request from user testuser to realm tu-dortmund.de
[suffix] Preparing to proxy authentication request to realm "tu-dortmund.de"
++[suffix] returns updated
[eap] Request is supposed to be proxied to Realm tu-dortmund.de. Not doing EAP.
++[eap] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
WARNING: Empty section. Using default return values.
Sending Access-Request of id 166 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020900061900
State = 0x4be46e334ded7713b03b4dc635d63d43
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3832
Proxying request 7 to home server 129.217.131.42 port 1812
Sending Access-Request of id 166 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020900061900
State = 0x4be46e334ded7713b03b4dc635d63d43
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3832
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Access-Challenge packet from host 129.217.131.42 port 1812, id=166, length=94
EAP-Message = 0x010a00201900170301001566e16e2aaa53d594db6c36a28a90b77e2e9bba9b5e
Message-Authenticator = 0x8f738e3e610d79dc29fd66a5e5564995
State = 0x4be46e334cee7713b03b4dc635d63d43
Proxy-State = 0x3832
+- entering group post-proxy {...}
[post_proxy_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d -> /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d expands to /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] expand: %t -> Fri Nov 12 09:43:24 2010
++[post_proxy_log] returns ok
[eap] No pre-existing handler found
++[eap] returns noop
Sending Access-Challenge of id 82 to 192.168.10.10 port 32768
EAP-Message = 0x010a00201900170301001566e16e2aaa53d594db6c36a28a90b77e2e9bba9b5e
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x4be46e334cee7713b03b4dc635d63d43
Finished request 7.
Going to the next request
Waking up in 4.7 seconds.
rad_recv: Access-Request packet from host 192.168.10.10 port 32768, id=83, length=256
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020a0033190017030100285bd3713441fa7b64ed389f4d6050b81c745fafe0c2b6103d414e5cdcd2c70d872428cd24bf9e7289
State = 0x4be46e334cee7713b03b4dc635d63d43
Message-Authenticator = 0x25a8b28e31c980eef12fdd86badc4bed
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "tu-dortmund.de" for User-Name = "testuser at tu-dortmund.de"
[suffix] Found realm "tu-dortmund.de"
[suffix] Adding Realm = "tu-dortmund.de"
[suffix] Proxying request from user testuser to realm tu-dortmund.de
[suffix] Preparing to proxy authentication request to realm "tu-dortmund.de"
++[suffix] returns updated
[eap] Request is supposed to be proxied to Realm tu-dortmund.de. Not doing EAP.
++[eap] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
WARNING: Empty section. Using default return values.
Sending Access-Request of id 140 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020a0033190017030100285bd3713441fa7b64ed389f4d6050b81c745fafe0c2b6103d414e5cdcd2c70d872428cd24bf9e7289
State = 0x4be46e334cee7713b03b4dc635d63d43
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3833
Proxying request 8 to home server 129.217.131.42 port 1812
Sending Access-Request of id 140 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020a0033190017030100285bd3713441fa7b64ed389f4d6050b81c745fafe0c2b6103d414e5cdcd2c70d872428cd24bf9e7289
State = 0x4be46e334cee7713b03b4dc635d63d43
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3833
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Access-Challenge packet from host 129.217.131.42 port 1812, id=140, length=134
EAP-Message = 0x010b00481900170301003dccf156b11ac25773854d021f8008bf2fa0306a91a6a039ea3ef7195cdc00b9dcc1f40db9f3e026f78f6777e42c0d9228f8bb7b6851a615580cfff2d38d
Message-Authenticator = 0x91c0caee42edc6259a606c56a045f54d
State = 0x4be46e3343ef7713b03b4dc635d63d43
Proxy-State = 0x3833
+- entering group post-proxy {...}
[post_proxy_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d -> /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d expands to /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] expand: %t -> Fri Nov 12 09:43:24 2010
++[post_proxy_log] returns ok
[eap] No pre-existing handler found
++[eap] returns noop
Sending Access-Challenge of id 83 to 192.168.10.10 port 32768
EAP-Message = 0x010b00481900170301003dccf156b11ac25773854d021f8008bf2fa0306a91a6a039ea3ef7195cdc00b9dcc1f40db9f3e026f78f6777e42c0d9228f8bb7b6851a615580cfff2d38d
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x4be46e3343ef7713b03b4dc635d63d43
Finished request 8.
Going to the next request
Waking up in 4.7 seconds.
rad_recv: Access-Request packet from host 192.168.10.10 port 32768, id=84, length=310
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020b00691900170301005e3697c3208260750cb1dc678130e848f4fd28ba4f2194687b7bc93baa210f986840c9b36cfa859cf6a4c542ae662a4169bc88008b8259031fb017bfc6dac986766fb4fe11a71bcb88003a91fcd8d77107de9acfc74e20343afd3b0661be92
State = 0x4be46e3343ef7713b03b4dc635d63d43
Message-Authenticator = 0x1ced27069a3ffd58bf719be3eba42060
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "tu-dortmund.de" for User-Name = "testuser at tu-dortmund.de"
[suffix] Found realm "tu-dortmund.de"
[suffix] Adding Realm = "tu-dortmund.de"
[suffix] Proxying request from user testuser to realm tu-dortmund.de
[suffix] Preparing to proxy authentication request to realm "tu-dortmund.de"
++[suffix] returns updated
[eap] Request is supposed to be proxied to Realm tu-dortmund.de. Not doing EAP.
++[eap] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
WARNING: Empty section. Using default return values.
Sending Access-Request of id 143 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020b00691900170301005e3697c3208260750cb1dc678130e848f4fd28ba4f2194687b7bc93baa210f986840c9b36cfa859cf6a4c542ae662a4169bc88008b8259031fb017bfc6dac986766fb4fe11a71bcb88003a91fcd8d77107de9acfc74e20343afd3b0661be92
State = 0x4be46e3343ef7713b03b4dc635d63d43
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3834
Proxying request 9 to home server 129.217.131.42 port 1812
Sending Access-Request of id 143 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020b00691900170301005e3697c3208260750cb1dc678130e848f4fd28ba4f2194687b7bc93baa210f986840c9b36cfa859cf6a4c542ae662a4169bc88008b8259031fb017bfc6dac986766fb4fe11a71bcb88003a91fcd8d77107de9acfc74e20343afd3b0661be92
State = 0x4be46e3343ef7713b03b4dc635d63d43
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3834
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Access-Challenge packet from host 129.217.131.42 port 1812, id=143, length=136
EAP-Message = 0x010c004a1900170301003f78d832a5b4a5bdb8707a2a3b36498bcfa613f90608f1edac8e18ef2c10d13eca7b6f5d2b748a0ddd3be23a6e3af49a012d75c5ab61509b5be297847312466a
Message-Authenticator = 0x8e7d0858d12eaa640eca6fbcb26c3d50
State = 0x4be46e3342e87713b03b4dc635d63d43
Proxy-State = 0x3834
+- entering group post-proxy {...}
[post_proxy_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d -> /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d expands to /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] expand: %t -> Fri Nov 12 09:43:24 2010
++[post_proxy_log] returns ok
[eap] No pre-existing handler found
++[eap] returns noop
Sending Access-Challenge of id 84 to 192.168.10.10 port 32768
EAP-Message = 0x010c004a1900170301003f78d832a5b4a5bdb8707a2a3b36498bcfa613f90608f1edac8e18ef2c10d13eca7b6f5d2b748a0ddd3be23a6e3af49a012d75c5ab61509b5be297847312466a
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x4be46e3342e87713b03b4dc635d63d43
Finished request 9.
Going to the next request
Waking up in 4.7 seconds.
rad_recv: Access-Request packet from host 192.168.10.10 port 32768, id=85, length=234
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020c001d19001703010012fea63192e80c2cbdace239c25b208955b0c6
State = 0x4be46e3342e87713b03b4dc635d63d43
Message-Authenticator = 0xc99b70ce4fa5aba818706dfac4a558ce
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "tu-dortmund.de" for User-Name = "testuser at tu-dortmund.de"
[suffix] Found realm "tu-dortmund.de"
[suffix] Adding Realm = "tu-dortmund.de"
[suffix] Proxying request from user testuser to realm tu-dortmund.de
[suffix] Preparing to proxy authentication request to realm "tu-dortmund.de"
++[suffix] returns updated
[eap] Request is supposed to be proxied to Realm tu-dortmund.de. Not doing EAP.
++[eap] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
WARNING: Empty section. Using default return values.
Sending Access-Request of id 194 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020c001d19001703010012fea63192e80c2cbdace239c25b208955b0c6
State = 0x4be46e3342e87713b03b4dc635d63d43
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3835
Proxying request 10 to home server 129.217.131.42 port 1812
Sending Access-Request of id 194 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020c001d19001703010012fea63192e80c2cbdace239c25b208955b0c6
State = 0x4be46e3342e87713b03b4dc635d63d43
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3835
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Access-Challenge packet from host 129.217.131.42 port 1812, id=194, length=100
EAP-Message = 0x010d00261900170301001b1ddcd0159af1dc534c48c3355cbb635837708aa7861a593f213787
Message-Authenticator = 0xcf057afde6a540c83c26b8bfe8efbd26
State = 0x4be46e3341e97713b03b4dc635d63d43
Proxy-State = 0x3835
+- entering group post-proxy {...}
[post_proxy_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d -> /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d expands to /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] expand: %t -> Fri Nov 12 09:43:24 2010
++[post_proxy_log] returns ok
[eap] No pre-existing handler found
++[eap] returns noop
Sending Access-Challenge of id 85 to 192.168.10.10 port 32768
EAP-Message = 0x010d00261900170301001b1ddcd0159af1dc534c48c3355cbb635837708aa7861a593f213787
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x4be46e3341e97713b03b4dc635d63d43
Finished request 10.
Going to the next request
Waking up in 4.7 seconds.
rad_recv: Access-Request packet from host 192.168.10.10 port 32768, id=86, length=243
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020d00261900170301001b0d107c58e7ef0b508aeffc40ce389786f302b0fa62f5297d5c99ca
State = 0x4be46e3341e97713b03b4dc635d63d43
Message-Authenticator = 0x92bf72d69329d3e1c3abe7e6f7abbb61
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "tu-dortmund.de" for User-Name = "testuser at tu-dortmund.de"
[suffix] Found realm "tu-dortmund.de"
[suffix] Adding Realm = "tu-dortmund.de"
[suffix] Proxying request from user testuser to realm tu-dortmund.de
[suffix] Preparing to proxy authentication request to realm "tu-dortmund.de"
++[suffix] returns updated
[eap] Request is supposed to be proxied to Realm tu-dortmund.de. Not doing EAP.
++[eap] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
WARNING: Empty section. Using default return values.
Sending Access-Request of id 168 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020d00261900170301001b0d107c58e7ef0b508aeffc40ce389786f302b0fa62f5297d5c99ca
State = 0x4be46e3341e97713b03b4dc635d63d43
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3836
Proxying request 11 to home server 129.217.131.42 port 1812
Sending Access-Request of id 168 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x020d00261900170301001b0d107c58e7ef0b508aeffc40ce389786f302b0fa62f5297d5c99ca
State = 0x4be46e3341e97713b03b4dc635d63d43
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3836
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Access-Accept packet from host 129.217.131.42 port 1812, id=168, length=174
User-Name = "testuser"
MS-MPPE-Recv-Key = 0xd7a0bda569bd29d6ebf061f901305bd1f89d15a54f215a6d7ca5cea5358b856f
MS-MPPE-Send-Key = 0x7697abbfe601343402ab68a59e10d7cab4c6924f13259464221fe156a727f6cc
EAP-Message = 0x030d0004
Message-Authenticator = 0x99443c67c58187566341d5d3f87dd07c
Proxy-State = 0x3836
+- entering group post-proxy {...}
[post_proxy_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d -> /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d expands to /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] expand: %t -> Fri Nov 12 09:43:24 2010
++[post_proxy_log] returns ok
[eap] No pre-existing handler found
++[eap] returns noop
Found Auth-Type = Accept
Auth-Type = Accept, accepting the user
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 86 to 192.168.10.10 port 32768
User-Name = "testuser"
MS-MPPE-Recv-Key = 0xd7a0bda569bd29d6ebf061f901305bd1f89d15a54f215a6d7ca5cea5358b856f
MS-MPPE-Send-Key = 0x7697abbfe601343402ab68a59e10d7cab4c6924f13259464221fe156a727f6cc
EAP-Message = 0x030d0004
Message-Authenticator = 0x00000000000000000000000000000000
Finished request 11.
Going to the next request
Waking up in 4.6 seconds.
Cleaning up request 0 ID 75 with timestamp +533
Cleaning up request 1 ID 76 with timestamp +533
Cleaning up request 2 ID 77 with timestamp +533
Cleaning up request 3 ID 78 with timestamp +533
Cleaning up request 4 ID 79 with timestamp +533
Cleaning up request 5 ID 80 with timestamp +533
Cleaning up request 6 ID 81 with timestamp +533
Waking up in 0.1 seconds.
Cleaning up request 7 ID 82 with timestamp +533
Cleaning up request 8 ID 83 with timestamp +533
Cleaning up request 9 ID 84 with timestamp +533
Cleaning up request 10 ID 85 with timestamp +533
Cleaning up request 11 ID 86 with timestamp +533
Ready to process requests.
########### ohne post-proxy #########################
2. with postproxy:
############### with post-proxy #########################
rad_recv: Access-Request packet from host 192.168.10.10 port 32768, id=87, length=215
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x0201001c016d68616e626f726e4074752d646f72746d756e642e6465
Message-Authenticator = 0xa90106b2c429dc02a730820cb9acde5a
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "tu-dortmund.de" for User-Name = "testuser at tu-dortmund.de"
[suffix] Found realm "tu-dortmund.de"
[suffix] Adding Realm = "tu-dortmund.de"
[suffix] Proxying request from user testuser to realm tu-dortmund.de
[suffix] Preparing to proxy authentication request to realm "tu-dortmund.de"
++[suffix] returns updated
[eap] Request is supposed to be proxied to Realm tu-dortmund.de. Not doing EAP.
++[eap] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
WARNING: Empty section. Using default return values.
Sending Access-Request of id 64 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x0201001c016d68616e626f726e4074752d646f72746d756e642e6465
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3837
Proxying request 0 to home server 129.217.131.42 port 1812
Sending Access-Request of id 64 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x0201001c016d68616e626f726e4074752d646f72746d756e642e6465
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3837
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Access-Challenge packet from host 129.217.131.42 port 1812, id=64, length=68
EAP-Message = 0x010200061920
Message-Authenticator = 0x91718e38c63c36cfaf6e46c2936ee084
State = 0xd345de34d347c7b9267b650ec61ffd20
Proxy-State = 0x3837
+- entering group post-proxy {...}
[post_proxy_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d -> /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d expands to /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] expand: %t -> Fri Nov 12 09:45:39 2010
++[post_proxy_log] returns ok
[attr_filter.post-proxy] expand: %{Realm} -> tu-dortmund.de
attr_filter: Matched entry tu-dortmund.de at line 103
attr_filter: Matched entry DEFAULT at line 110
++[attr_filter.post-proxy] returns updated
[eap] No pre-existing handler found
++[eap] returns noop
Sending Access-Challenge of id 87 to 192.168.10.10 port 32768
Tunnel-Private-Group-Id:0 := "3503"
Tunnel-Type:0 := VLAN
Tunnel-Medium-Type:0 := IEEE-802
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 0 ID 87 with timestamp +49
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.10.10 port 32768, id=88, length=215
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x0203001c016d68616e626f726e4074752d646f72746d756e642e6465
Message-Authenticator = 0xd096e99454f1f33b867a9a0a0abe86e5
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "tu-dortmund.de" for User-Name = "testuser at tu-dortmund.de"
[suffix] Found realm "tu-dortmund.de"
[suffix] Adding Realm = "tu-dortmund.de"
[suffix] Proxying request from user testuser to realm tu-dortmund.de
[suffix] Preparing to proxy authentication request to realm "tu-dortmund.de"
++[suffix] returns updated
[eap] Request is supposed to be proxied to Realm tu-dortmund.de. Not doing EAP.
++[eap] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
WARNING: Empty section. Using default return values.
Sending Access-Request of id 120 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x0203001c016d68616e626f726e4074752d646f72746d756e642e6465
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3838
Proxying request 1 to home server 129.217.131.42 port 1812
Sending Access-Request of id 120 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x0203001c016d68616e626f726e4074752d646f72746d756e642e6465
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3838
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Access-Challenge packet from host 129.217.131.42 port 1812, id=120, length=68
EAP-Message = 0x010400061920
Message-Authenticator = 0x6f3cd5b0b7ab270472f494af7fd081f5
State = 0x55b7adb855b3b45f62385e77c8c4ba50
Proxy-State = 0x3838
+- entering group post-proxy {...}
[post_proxy_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d -> /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d expands to /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] expand: %t -> Fri Nov 12 09:46:09 2010
++[post_proxy_log] returns ok
[attr_filter.post-proxy] expand: %{Realm} -> tu-dortmund.de
attr_filter: Matched entry tu-dortmund.de at line 103
attr_filter: Matched entry DEFAULT at line 110
++[attr_filter.post-proxy] returns updated
[eap] No pre-existing handler found
++[eap] returns noop
Sending Access-Challenge of id 88 to 192.168.10.10 port 32768
Tunnel-Private-Group-Id:0 := "3503"
Tunnel-Type:0 := VLAN
Tunnel-Medium-Type:0 := IEEE-802
Finished request 1.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 1 ID 88 with timestamp +79
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.10.10 port 32768, id=89, length=215
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x0201001c016d68616e626f726e4074752d646f72746d756e642e6465
Message-Authenticator = 0xd9923d4ce88e9564f9d214bbc2a71704
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "tu-dortmund.de" for User-Name = "testuser at tu-dortmund.de"
[suffix] Found realm "tu-dortmund.de"
[suffix] Adding Realm = "tu-dortmund.de"
[suffix] Proxying request from user testuser to realm tu-dortmund.de
[suffix] Preparing to proxy authentication request to realm "tu-dortmund.de"
++[suffix] returns updated
[eap] Request is supposed to be proxied to Realm tu-dortmund.de. Not doing EAP.
++[eap] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
WARNING: Empty section. Using default return values.
Sending Access-Request of id 8 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x0201001c016d68616e626f726e4074752d646f72746d756e642e6465
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3839
Proxying request 2 to home server 129.217.131.42 port 1812
Sending Access-Request of id 8 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x0201001c016d68616e626f726e4074752d646f72746d756e642e6465
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3839
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Access-Challenge packet from host 129.217.131.42 port 1812, id=8, length=68
EAP-Message = 0x010200061920
Message-Authenticator = 0xec57e9bffd69960dcbbf0831e82f355f
State = 0x69c1f83a69c3e1a59ee4e9a8aa25d567
Proxy-State = 0x3839
+- entering group post-proxy {...}
[post_proxy_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d -> /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d expands to /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] expand: %t -> Fri Nov 12 09:46:39 2010
++[post_proxy_log] returns ok
[attr_filter.post-proxy] expand: %{Realm} -> tu-dortmund.de
attr_filter: Matched entry tu-dortmund.de at line 103
attr_filter: Matched entry DEFAULT at line 110
++[attr_filter.post-proxy] returns updated
[eap] No pre-existing handler found
++[eap] returns noop
Sending Access-Challenge of id 89 to 192.168.10.10 port 32768
Tunnel-Private-Group-Id:0 := "3503"
Tunnel-Type:0 := VLAN
Tunnel-Medium-Type:0 := IEEE-802
Finished request 2.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 2 ID 89 with timestamp +109
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.10.10 port 32768, id=90, length=215
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x0203001c016d68616e626f726e4074752d646f72746d756e642e6465
Message-Authenticator = 0xbb2175ea24ba594c7709d3eef6f3a978
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "tu-dortmund.de" for User-Name = "testuser at tu-dortmund.de"
[suffix] Found realm "tu-dortmund.de"
[suffix] Adding Realm = "tu-dortmund.de"
[suffix] Proxying request from user testuser to realm tu-dortmund.de
[suffix] Preparing to proxy authentication request to realm "tu-dortmund.de"
++[suffix] returns updated
[eap] Request is supposed to be proxied to Realm tu-dortmund.de. Not doing EAP.
++[eap] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
WARNING: Empty section. Using default return values.
Sending Access-Request of id 123 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x0203001c016d68616e626f726e4074752d646f72746d756e642e6465
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3930
Proxying request 3 to home server 129.217.131.42 port 1812
Sending Access-Request of id 123 to 129.217.131.42 port 1812
User-Name = "testuser at tu-dortmund.de"
Calling-Station-Id = "00-19-d2-cf-e5-50"
Called-Station-Id = "9c-4e-20-c8-7f-20:itmc-test-wpa2"
NAS-Port = 29
NAS-IP-Address = 129.217.152.122
NAS-Identifier = "mh-wlc2"
Airespace-Wlan-Id = 3
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3503"
EAP-Message = 0x0203001c016d68616e626f726e4074752d646f72746d756e642e6465
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x3930
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Access-Challenge packet from host 129.217.131.42 port 1812, id=123, length=68
EAP-Message = 0x010400061920
Message-Authenticator = 0x88d99196dda6c84d2d7b15bdcb15bb27
State = 0xe52019c2e5240004b1028ce4230a6211
Proxy-State = 0x3930
+- entering group post-proxy {...}
[post_proxy_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d -> /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] /var/log/freeradius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d expands to /var/log/freeradius/radacct/192.168.10.10/post-proxy-detail-20101112
[post_proxy_log] expand: %t -> Fri Nov 12 09:47:09 2010
++[post_proxy_log] returns ok
[attr_filter.post-proxy] expand: %{Realm} -> tu-dortmund.de
attr_filter: Matched entry tu-dortmund.de at line 103
attr_filter: Matched entry DEFAULT at line 110
++[attr_filter.post-proxy] returns updated
[eap] No pre-existing handler found
++[eap] returns noop
Sending Access-Challenge of id 90 to 192.168.10.10 port 32768
Tunnel-Private-Group-Id:0 := "3503"
Tunnel-Type:0 := VLAN
Tunnel-Medium-Type:0 := IEEE-802
Finished request 3.
Going to the next request
--
Hans Bornemann
IT & Medien Centrum - TU Dortmund
Tel. 0049 231 7552132
-----Ursprüngliche Nachricht-----
Von: freeradius-users-bounces+hans.bornemann=tu-dortmund.de at lists.freeradius.org [mailto:freeradius-users-bounces+hans.bornemann=tu-dortmund.de at lists.freeradius.org] Im Auftrag von Phil Mayers
Gesendet: Mittwoch, 17. November 2010 14:23
An: freeradius-users at lists.freeradius.org
Betreff: Re: postproxy breaks eap authentication
On 17/11/10 12:31, hans.bornemann at tu-dortmund.de wrote:
> Hi,
>
> I have 2 freeradius server: 1 as proxy server, 1 as authentication
> server. Everything is working fine (Auth. for WPA2, MSCHAPv2 ) until I
> implement the postproxy function:
Post the debugging output, as advised frequently on this list:
radiusd -X | tee log
> post-proxy {
>
> post_proxy_log
>
> #attr_rewrite
>
> attr_filter.post-proxy
You're probably filtering the EAP-Message and other required attributes out
> /etc/freeradius/attrs:
>
> tu-dortmund.de
> Tunnel-Private-Group-ID :=8,
> Fall-Through = Yes
>
> DEFAULT
> Tunnel-Type := VLAN,
> Tunnel-Medium-Type := IEEE-802
This filter is insufficient. Please study the examples - you need at least:
Reply-Message =* ANY,
Proxy-State =* ANY,
EAP-Message =* ANY,
Message-Authenticator =* ANY,
MS-MPPE-Recv-Key =* ANY,
MS-MPPE-Send-Key =* ANY,
MS-CHAP-MPPE-Keys =* ANY,
State =* ANY
...to be sure of EAP working.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list