Windows 7 EAP-TLS WIred Auth

Christ Schlacta lists at aarcane.org
Sun Feb 13 23:37:53 CET 2011


I'm trying to authenticate a wired client (Switch supports radius) and 
I'm getting the following output (or similar):




rad_recv: Access-Request packet from host 10.0.0.13 port 1024, id=161, 
length=136
         User-Name = "izanami"
         Called-Station-Id = "30-46-9a-16-00-bc"
         Calling-Station-Id = "bc-ae-c5-91-67-a3"
         NAS-Identifier = "30-46-9a-16-00-ba"
         NAS-Port = 12
         Framed-MTU = 1500
         NAS-Port-Type = Ethernet
         EAP-Message = 0x0201000c01697a616e616d69
         Message-Authenticator = 0xa794e968adbaf0f9398574107af8a2fb
? Evaluating (User-Name == bubbles) -> FALSE
+- entering group authorize {...}
++[preprocess] returns ok
[eap] EAP packet type response id 1 length 12
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
   [ldap] Entering ldap_groupcmp()
[files]         expand: ou=RadHosts,dc=aarcane,dc=info -> 
ou=RadHosts,dc=aarcane,dc=info
[files]         expand: (cn=%{User-Name}) -> (cn=izanami)
   [ldap] ldap_get_conn: Checking Id: 0
   [ldap] ldap_get_conn: Got Id: 0
   [ldap] performing search in ou=RadHosts,dc=aarcane,dc=info, with 
filter (cn=izanami)
   [ldap] ldap_release_conn: Release Id: 0
[files]         expand: 
(&(objectClass=GroupOfNames)(member=%{control:Ldap-UserDN})) -> 
(&(objectClass=GroupOfNames)(member=cn\3dizanami\2cou\3dRadHosts\2cdc\3daarcane\2cdc\3dinfo))
   [ldap] ldap_get_conn: Checking Id: 0
   [ldap] ldap_get_conn: Got Id: 0
   [ldap] performing search in ou=RadHosts,dc=aarcane,dc=info, with 
filter 
(&(cn=WifiDisabled)(&(objectClass=GroupOfNames)(member=cn\3dizanami\2cou\3dRadHosts\2cdc\3daarcane\2cdc\3dinfo)))
   [ldap] object not found
   [ldap] ldap_release_conn: Release Id: 0
   [ldap] ldap_get_conn: Checking Id: 0
   [ldap] ldap_get_conn: Got Id: 0
   [ldap] performing search in 
cn=izanami,ou=RadHosts,dc=aarcane,dc=info, with filter (objectclass=*)
rlm_ldap::groupcmp: Group WifiDisabled not found or user not a member
   [ldap] ldap_release_conn: Release Id: 0
[files] users: Matched entry DEFAULT at line 205
++[files] returns ok
[ldap] performing user authorization for izanami
[ldap]  expand: (cn=%{User-Name}) -> (cn=izanami)
[ldap]  expand: ou=RadHosts,dc=aarcane,dc=info -> 
ou=RadHosts,dc=aarcane,dc=info
   [ldap] ldap_get_conn: Checking Id: 0
   [ldap] ldap_get_conn: Got Id: 0
   [ldap] performing search in ou=RadHosts,dc=aarcane,dc=info, with 
filter (cn=izanami)
[ldap] No default NMAS login sequence
[ldap] looking for check items in directory...
   [ldap] macAddress -> Calling-Station-Id == "bc-ae-c5-91-67-a3"
[ldap] looking for reply items in directory...
WARNING: No "known good" password was found in LDAP.  Are you sure that 
the user is configured correctly?
[ldap] user izanami authorized to use remote access
   [ldap] ldap_release_conn: Release Id: 0
++[ldap] returns ok
rlm_checkval: Item Name: Calling-Station-Id, Value: bc-ae-c5-91-67-a3
rlm_checkval: Value Name: Calling-Station-Id, Value: bc-ae-c5-91-67-a3
++[checkval] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type tls
[tls] Requiring client certificate
[tls] Initiate
[tls] Start returned 1
++[eap] returns handled
Sending Access-Challenge of id 161 to 10.0.0.13 port 1024
         Service-Type = Administrative-User
         EAP-Message = 0x010200060d20
         Message-Authenticator = 0x00000000000000000000000000000000
         State = 0x5f8b66d45f896b3ed367e3714d4f5e92
Finished request 114.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.0.0.13 port 1024, id=162, 
length=247
         User-Name = "izanami"
         Called-Station-Id = "30-46-9a-16-00-bc"
         Calling-Station-Id = "bc-ae-c5-91-67-a3"
         NAS-Identifier = "30-46-9a-16-00-ba"
         NAS-Port = 12
         Framed-MTU = 1500
         NAS-Port-Type = Ethernet
         State = 0x5f8b66d45f896b3ed367e3714d4f5e92
         EAP-Message = 
0x020200690d800000005f160301005a0100005603014d585bc08003e569e30a71f5a39088d3d8a8ad4ac62ced01cd057f171fb48b59000018002f00350005000ac013c014c009c00a003200380013000401000015ff01000100000a0006000400170018000b00020100
         Message-Authenticator = 0x5e953afa8c6d6fb70318d9ff899a5633
? Evaluating (User-Name == bubbles) -> FALSE
+- entering group authorize {...}
++[preprocess] returns ok
[eap] EAP packet type response id 2 length 105
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
   [ldap] Entering ldap_groupcmp()
[files]         expand: ou=RadHosts,dc=aarcane,dc=info -> 
ou=RadHosts,dc=aarcane,dc=info
[files]         expand: (cn=%{User-Name}) -> (cn=izanami)
   [ldap] ldap_get_conn: Checking Id: 0
   [ldap] ldap_get_conn: Got Id: 0
   [ldap] performing search in ou=RadHosts,dc=aarcane,dc=info, with 
filter (cn=izanami)
   [ldap] ldap_release_conn: Release Id: 0
[files]         expand: 
(&(objectClass=GroupOfNames)(member=%{control:Ldap-UserDN})) -> 
(&(objectClass=GroupOfNames)(member=cn\3dizanami\2cou\3dRadHosts\2cdc\3daarcane\2cdc\3dinfo))
   [ldap] ldap_get_conn: Checking Id: 0
   [ldap] ldap_get_conn: Got Id: 0
   [ldap] performing search in ou=RadHosts,dc=aarcane,dc=info, with 
filter 
(&(cn=WifiDisabled)(&(objectClass=GroupOfNames)(member=cn\3dizanami\2cou\3dRadHosts\2cdc\3daarcane\2cdc\3dinfo)))
   [ldap] object not found
   [ldap] ldap_release_conn: Release Id: 0
   [ldap] ldap_get_conn: Checking Id: 0
   [ldap] ldap_get_conn: Got Id: 0
   [ldap] performing search in 
cn=izanami,ou=RadHosts,dc=aarcane,dc=info, with filter (objectclass=*)
rlm_ldap::groupcmp: Group WifiDisabled not found or user not a member
   [ldap] ldap_release_conn: Release Id: 0
[files] users: Matched entry DEFAULT at line 205
++[files] returns ok
[ldap] performing user authorization for izanami
[ldap]  expand: (cn=%{User-Name}) -> (cn=izanami)
[ldap]  expand: ou=RadHosts,dc=aarcane,dc=info -> 
ou=RadHosts,dc=aarcane,dc=info
   [ldap] ldap_get_conn: Checking Id: 0
   [ldap] ldap_get_conn: Got Id: 0
   [ldap] performing search in ou=RadHosts,dc=aarcane,dc=info, with 
filter (cn=izanami)
[ldap] No default NMAS login sequence
[ldap] looking for check items in directory...
   [ldap] macAddress -> Calling-Station-Id == "bc-ae-c5-91-67-a3"
[ldap] looking for reply items in directory...
WARNING: No "known good" password was found in LDAP.  Are you sure that 
the user is configured correctly?
[ldap] user izanami authorized to use remote access
   [ldap] ldap_release_conn: Release Id: 0
++[ldap] returns ok
rlm_checkval: Item Name: Calling-Station-Id, Value: bc-ae-c5-91-67-a3
rlm_checkval: Value Name: Calling-Station-Id, Value: bc-ae-c5-91-67-a3
++[checkval] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
   TLS Length 95
[tls] Length Included
[tls] eaptls_verify returned 11
[tls]     (other): before/accept initialization
[tls]     TLS_accept: before/accept initialization
[tls] <<< TLS 1.0 Handshake [length 005a], ClientHello
[tls]     TLS_accept: SSLv3 read client hello A
[tls] >>> TLS 1.0 Handshake [length 0031], ServerHello
[tls]     TLS_accept: SSLv3 write server hello A
[tls] >>> TLS 1.0 Handshake [length 08e6], Certificate
[tls]     TLS_accept: SSLv3 write certificate A
[tls] >>> TLS 1.0 Handshake [length 0159], CertificateRequest
[tls]     TLS_accept: SSLv3 write certificate request A
[tls]     TLS_accept: SSLv3 flush data
[tls]     TLS_accept: Need to read more data: SSLv3 read client 
certificate A
In SSL Handshake Phase
In SSL Accept mode
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 162 to 10.0.0.13 port 1024
         Service-Type = Administrative-User
         EAP-Message = 
0x010304000dc000000a7f16030100310200002d03014d585c00e6cff8b49f97e451a451dbfb05893664517f78d8d61b9df37d341f4a00002f000005ff0100010016030108e60b0008e20008df0003d9308203d5308202bda003020102020102300d06092a864886f70d010
10505003081a0310b3009060355040613025553311330110603550408130a43616c69666f726e69613111300f06035504071308416e74656c6f706531183016060355040a130f5363686c616374612046616d696c7931133011060355040b130a4b65795369676e696e67311630140603550403130d53
63686c6163746143657274323122302006092a864886f70d01090116
         EAP-Message = 
0x1361617263616e654061617263616e652e6f7267301e170d3130313030313036323234395a170d3230303932383036323234395a3081a1310b3009060355040613025553311330110603550408130a43616c69666f726e69613111300f06035504071308416e74656c6f7
06531183016060355040a130f5363686c616374612046616d696c79310f300d060355040b1306526164697573311b30190603550403131262697463682e61617263616e652e696e666f3122302006092a864886f70d010901161361617263616e654061617263616e652e6f726730820122300d06092a
864886f70d01010105000382010f003082010a0282010100d13f2aa5
         EAP-Message = 
0xdd8c7a38ec9f91d750c163b7da9723cdb2cfbced8c0a26e53e4ff735f081b7a82f818c7e1b50de1ff316775bd0367397e0587956bb4103dd630a3a6ea26f1839ee7ad53518c0ab515722da1ee20da3d25919566b545bd9fbdae681ff0322c5ff17f59f310cfce44aed048
af285360747fd71fe57085782efef97deefd1dc0d60d696f8effcd4f892a13d0dfb9e5d8f63dd66dca720183b53966e7d08da5e057c2b3d93bb221e9af86c492c6ab20df195061ed3de43e3a8c63aeddc73b73c46df84a36b32df4e0c87c353d17a0adac9afcab37bee40b7fb377bf75bc2e043d2f2fb
4fc05daddceb2873f2c437a89902aeed52bc27169903cbb874d37702
         EAP-Message = 
0x03010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d0101050500038201010002865a9d48b16abe75747906794409983d703a267216dba22b69d3da0bd407de3580985b6c0f9dbe54f7e401e6ea9c7db74a11b50c70902eacd
9067dc197fbf99d8dc57404a262bf9ae266e4b8ebd18cf8c9803f8114f695a9e22f5699d6604835a2addf0e634110d290e4a92e7040fa0699750af78dcfaac3d6957dd31481d48f7179e9bae452f608bbcffab59e136d6fc32811b3110d42148d155673840419e7561fb926292b3b5de638ddde7bb79a
09cf2e266712dc87c25cd6f6a55a03f2a52c3b730ef5a0380f4d7da3
         EAP-Message = 0xf356d5f85403d6b92d4e0de3
         Message-Authenticator = 0x00000000000000000000000000000000
         State = 0x5f8b66d45e886b3ed367e3714d4f5e92
Finished request 115.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.0.0.13 port 1024, id=163, 
length=148
         User-Name = "izanami"
         Called-Station-Id = "30-46-9a-16-00-bc"
         Calling-Station-Id = "bc-ae-c5-91-67-a3"
         NAS-Identifier = "30-46-9a-16-00-ba"
         NAS-Port = 12
         Framed-MTU = 1500
         NAS-Port-Type = Ethernet
         State = 0x5f8b66d45e886b3ed367e3714d4f5e92
         EAP-Message = 0x020300060d00
         Message-Authenticator = 0x7790a68d39849d52b1e1e59b31ecb08a
? Evaluating (User-Name == bubbles) -> FALSE
+- entering group authorize {...}
++[preprocess] returns ok
[eap] EAP packet type response id 3 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
   [ldap] Entering ldap_groupcmp()
[files]         expand: ou=RadHosts,dc=aarcane,dc=info -> 
ou=RadHosts,dc=aarcane,dc=info
[files]         expand: (cn=%{User-Name}) -> (cn=izanami)
   [ldap] ldap_get_conn: Checking Id: 0
   [ldap] ldap_get_conn: Got Id: 0
   [ldap] performing search in ou=RadHosts,dc=aarcane,dc=info, with 
filter (cn=izanami)
   [ldap] ldap_release_conn: Release Id: 0
[files]         expand: 
(&(objectClass=GroupOfNames)(member=%{control:Ldap-UserDN})) -> 
(&(objectClass=GroupOfNames)(member=cn\3dizanami\2cou\3dRadHosts\2cdc\3daarcane\2cdc\3dinfo))
   [ldap] ldap_get_conn: Checking Id: 0
   [ldap] ldap_get_conn: Got Id: 0
   [ldap] performing search in ou=RadHosts,dc=aarcane,dc=info, with 
filter 
(&(cn=WifiDisabled)(&(objectClass=GroupOfNames)(member=cn\3dizanami\2cou\3dRadHosts\2cdc\3daarcane\2cdc\3dinfo)))
   [ldap] object not found
   [ldap] ldap_release_conn: Release Id: 0
   [ldap] ldap_get_conn: Checking Id: 0
   [ldap] ldap_get_conn: Got Id: 0
   [ldap] performing search in 
cn=izanami,ou=RadHosts,dc=aarcane,dc=info, with filter (objectclass=*)
rlm_ldap::groupcmp: Group WifiDisabled not found or user not a member
   [ldap] ldap_release_conn: Release Id: 0
[files] users: Matched entry DEFAULT at line 205
++[files] returns ok
[ldap] performing user authorization for izanami
[ldap]  expand: (cn=%{User-Name}) -> (cn=izanami)
[ldap]  expand: ou=RadHosts,dc=aarcane,dc=info -> 
ou=RadHosts,dc=aarcane,dc=info
   [ldap] ldap_get_conn: Checking Id: 0
   [ldap] ldap_get_conn: Got Id: 0
   [ldap] performing search in ou=RadHosts,dc=aarcane,dc=info, with 
filter (cn=izanami)
[ldap] No default NMAS login sequence
[ldap] looking for check items in directory...
   [ldap] macAddress -> Calling-Station-Id == "bc-ae-c5-91-67-a3"
[ldap] looking for reply items in directory...
WARNING: No "known good" password was found in LDAP.  Are you sure that 
the user is configured correctly?
[ldap] user izanami authorized to use remote access
   [ldap] ldap_release_conn: Release Id: 0
++[ldap] returns ok
rlm_checkval: Item Name: Calling-Station-Id, Value: bc-ae-c5-91-67-a3
rlm_checkval: Value Name: Calling-Station-Id, Value: bc-ae-c5-91-67-a3
++[checkval] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] Received TLS ACK
[tls] ACK handshake fragment handler
[tls] eaptls_verify returned 1
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 163 to 10.0.0.13 port 1024
         Service-Type = Administrative-User
         EAP-Message = 
0x010404000dc000000a7f38fc6ef9babf007ebc8baaecb8d24a949a66715812f29a52b2fe5bd28d8b461b80d90ae2196386cf000500308204fc308203e4a003020102020101300d06092a864886f70d01010505003081a0310b30090603550406130255533113301106035
50408130a43616c69666f726e69613111300f06035504071308416e74656c6f706531183016060355040a130f5363686c616374612046616d696c7931133011060355040b130a4b65795369676e696e67311630140603550403130d5363686c6163746143657274323122302006092a864886f70d0109
01161361617263616e654061617263616e652e6f7267301e170d3130
         EAP-Message = 
0x313030313036323031335a170d3230303932383036323031335a3081a0310b3009060355040613025553311330110603550408130a43616c69666f726e69613111300f06035504071308416e74656c6f706531183016060355040a130f5363686c616374612046616d696
c7931133011060355040b130a4b65795369676e696e67311630140603550403130d5363686c6163746143657274323122302006092a864886f70d010901161361617263616e654061617263616e652e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100b6d7b0
404f4a62f7e492dcf6eb1421622d43bdc1084f8743450ad979174001
         EAP-Message = 
0xac0b8c4fa1ff0389a3e6e9bcdc9665efc61ceaca24081db9d16c9b66885aac53ba5cc6d583bde3ad08ad2aafcaea00dcbe2ad554b02e73fe317f22358cf988e23a2e32ef20cbcd910fe949bb3105f6dd47349dc03593294f5d89e8296b7415abdc393fa5515789d7f0bb6
5353fdc62ee1eedf4cf909322f92cbc44fff472dddb5fab8e4d42bc7cd010e6d75f71cd791c93bbfa94d5ee8079596d818ab89017c676da5768d35847fa7ebc3840c25281a31b33d9ae84a88dfc0938c582197eace610b483bd72d5bbda623c7819b191e07957a97d931230e0e740ef9ab08cbbda5ed1
0203010001a382013d30820139301d0603551d0e04160414ee354cff
         EAP-Message = 
0xfc743aa29a50944370d137d26c018d843081cd0603551d230481c53081c28014ee354cfffc743aa29a50944370d137d26c018d84a181a6a481a33081a0310b3009060355040613025553311330110603550408130a43616c69666f726e69613111300f060355040713084
16e74656c6f706531183016060355040a130f5363686c616374612046616d696c7931133011060355040b130a4b65795369676e696e67311630140603550403130d5363686c6163746143657274323122302006092a864886f70d010901161361617263616e654061617263616e652e6f726782010130
3a0603551d1f04333031302fa02da02b8629687474703a2f2f736368
         EAP-Message = 0x6c6163746163657274322e61
         Message-Authenticator = 0x00000000000000000000000000000000
         State = 0x5f8b66d45d8f6b3ed367e3714d4f5e92
Finished request 116.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.0.0.13 port 1024, id=164, 
length=148
         User-Name = "izanami"
         Called-Station-Id = "30-46-9a-16-00-bc"
         Calling-Station-Id = "bc-ae-c5-91-67-a3"
         NAS-Identifier = "30-46-9a-16-00-ba"
         NAS-Port = 12
         Framed-MTU = 1500
         NAS-Port-Type = Ethernet
         State = 0x5f8b66d45d8f6b3ed367e3714d4f5e92
         EAP-Message = 0x020400060d00
         Message-Authenticator = 0x9957fee5996873676a87b72783ac9256
? Evaluating (User-Name == bubbles) -> FALSE
+- entering group authorize {...}
++[preprocess] returns ok
[eap] EAP packet type response id 4 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
   [ldap] Entering ldap_groupcmp()
[files]         expand: ou=RadHosts,dc=aarcane,dc=info -> 
ou=RadHosts,dc=aarcane,dc=info
[files]         expand: (cn=%{User-Name}) -> (cn=izanami)
   [ldap] ldap_get_conn: Checking Id: 0
   [ldap] ldap_get_conn: Got Id: 0
   [ldap] performing search in ou=RadHosts,dc=aarcane,dc=info, with 
filter (cn=izanami)
   [ldap] ldap_release_conn: Release Id: 0
[files]         expand: 
(&(objectClass=GroupOfNames)(member=%{control:Ldap-UserDN})) -> 
(&(objectClass=GroupOfNames)(member=cn\3dizanami\2cou\3dRadHosts\2cdc\3daarcane\2cdc\3dinfo))
   [ldap] ldap_get_conn: Checking Id: 0
   [ldap] ldap_get_conn: Got Id: 0
   [ldap] performing search in ou=RadHosts,dc=aarcane,dc=info, with 
filter 
(&(cn=WifiDisabled)(&(objectClass=GroupOfNames)(member=cn\3dizanami\2cou\3dRadHosts\2cdc\3daarcane\2cdc\3dinfo)))
   [ldap] object not found
   [ldap] ldap_release_conn: Release Id: 0
   [ldap] ldap_get_conn: Checking Id: 0
   [ldap] ldap_get_conn: Got Id: 0
   [ldap] performing search in 
cn=izanami,ou=RadHosts,dc=aarcane,dc=info, with filter (objectclass=*)
rlm_ldap::groupcmp: Group WifiDisabled not found or user not a member
   [ldap] ldap_release_conn: Release Id: 0
[files] users: Matched entry DEFAULT at line 205
++[files] returns ok
[ldap] performing user authorization for izanami
[ldap]  expand: (cn=%{User-Name}) -> (cn=izanami)
[ldap]  expand: ou=RadHosts,dc=aarcane,dc=info -> 
ou=RadHosts,dc=aarcane,dc=info
   [ldap] ldap_get_conn: Checking Id: 0
   [ldap] ldap_get_conn: Got Id: 0
   [ldap] performing search in ou=RadHosts,dc=aarcane,dc=info, with 
filter (cn=izanami)
[ldap] No default NMAS login sequence
[ldap] looking for check items in directory...
   [ldap] macAddress -> Calling-Station-Id == "bc-ae-c5-91-67-a3"
[ldap] looking for reply items in directory...
WARNING: No "known good" password was found in LDAP.  Are you sure that 
the user is configured correctly?
[ldap] user izanami authorized to use remote access
   [ldap] ldap_release_conn: Release Id: 0
++[ldap] returns ok
rlm_checkval: Item Name: Calling-Station-Id, Value: bc-ae-c5-91-67-a3
rlm_checkval: Value Name: Calling-Station-Id, Value: bc-ae-c5-91-67-a3
++[checkval] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] Received TLS ACK
[tls] ACK handshake fragment handler
[tls] eaptls_verify returned 1
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 164 to 10.0.0.13 port 1024
         Service-Type = Administrative-User
         EAP-Message = 
0x0105029d0d8000000a7f617263616e652e696e666f2f63726c2e70656d300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100900fcaecc95e2c10c787b1d65e13dd2f8bdb82ba7d2108bc570282fa2b3b10bdb5fd0200626f2341d484d080596c8004fa64645c74297f8be11406c814141950461a2baaf193f44e3fc243017d07c12293624aab58e7aa641577a36c222a01175c87a1e0c68d1d99e817de8f22cd302634b834023be1e3e50d7bad7de57cf36cb35fc066eb8163f9ebe21fd4b36600250b921643137415dc71ccdfb26318a645cc580e3ba35cd4f7082c1b6f7c520f9cac686881aa2cd4fba20d5039edc1
         EAP-Message = 
0xfec64b116281aad9b24191de543fe5ec9bfaa8e5d94874344b41c80a271a558a659d006d38c68b0bb12fb582c92f5dff5b8c19b76fb7833add0cd91d487a98cca9d616030101590d00015103010240014b00a43081a1310b3009060355040613025553311330110603550408130a43616c69666f726e69613111300f06035504071308416e74656c6f706531183016060355040a130f5363686c616374612046616d696c79310f300d060355040b1306526164697573311b30190603550403131262697463682e61617263616e652e696e666f3122302006092a864886f70d010901161361617263616e654061617263616e652e6f726700a33081a031
         EAP-Message = 
0x0b3009060355040613025553311330110603550408130a43616c69666f726e69613111300f06035504071308416e74656c6f706531183016060355040a130f5363686c616374612046616d696c7931133011060355040b130a4b65795369676e696e67311630140603550403130d5363686c6163746143657274323122302006092a864886f70d010901161361617263616e654061617263616e652e6f72670e000000
         Message-Authenticator = 0x00000000000000000000000000000000
         State = 0x5f8b66d45c8e6b3ed367e3714d4f5e92
Finished request 117.
Going to the next request
Waking up in 4.9 seconds.


it seems to get to the same point (Finished request xxx.) and then 
repeats the entire process four times (the same number of times 
specified in my switch config) then fails to connect.  I'm not sure if 
I'm missing something, or what..  but it should all be fine, as this is 
the same config I use for my wireless config.  I'm certain I've missed 
something obvious, and if you can provide any additional information to 
point me in the right direction, I'd much appreciate it.



More information about the Freeradius-Users mailing list