Renaming during Machine Authentication
mjonesmcne
mjones at hpsd48.ab.ca
Fri Jun 3 18:21:00 CEST 2011
Here is the rest of the debug
Waking up in 3.3 seconds.
rad_recv: Access-Request packet from host 10.152.0.100 port 32819, id=114,
length=198
User-Name = "host/TEST-11501.hpsd48.ab.ca"
NAS-IP-Address = 10.152.0.100
NAS-Port = 1
NAS-Identifier = "10.152.0.100"
NAS-Port-Type = Wireless-802.11
Calling-Station-Id = "00265EE9B2CA"
Called-Station-Id = "000B86611894"
Service-Type = Login-User
Framed-MTU = 1100
EAP-Message = 0x020600061900
State = 0xaf0b06b8ab0d1f13414e4025002a7e0a
Aruba-Essid-Name = "HPSD_RAD2"
Aruba-Location-Id = "Tech 01"
Message-Authenticator = 0x39806663461b05b46cf3125e79491f35
# Executing section authorize from file /etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "host/TEST-11501.hpsd48.ab.ca", looking up
realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 6 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] ACK handshake is finished
[peap] eaptls_verify returned 3
[peap] eaptls_process returned 3
[peap] EAPTLS_SUCCESS
[peap] Session established. Decoding tunneled attributes.
[peap] Peap state TUNNEL ESTABLISHED
++[eap] returns handled
Sending Access-Challenge of id 114 to 10.152.0.100 port 32819
EAP-Message =
0x01070020190017030100154b001c00411832b717df4ad0a3453ea7f54a7477c6
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xaf0b06b8aa0c1f13414e4025002a7e0a
Finished request 14.
Going to the next request
Waking up in 3.3 seconds.
rad_recv: Access-Request packet from host 10.152.0.100 port 32819, id=115,
length=248
User-Name = "host/TEST-11501.hpsd48.ab.ca"
NAS-IP-Address = 10.152.0.100
NAS-Port = 1
NAS-Identifier = "10.152.0.100"
NAS-Port-Type = Wireless-802.11
Calling-Station-Id = "00265EE9B2CA"
Called-Station-Id = "000B86611894"
Service-Type = Login-User
Framed-MTU = 1100
EAP-Message =
0x020700381900170301002d801b74be448ec8e8a1fd0bf61c7419611e41c0204edf3ec539b25c8f86becf0c98758d6c769df73dac4be09a7b
State = 0xaf0b06b8aa0c1f13414e4025002a7e0a
Aruba-Essid-Name = "HPSD_RAD2"
Aruba-Location-Id = "Tech 01"
Message-Authenticator = 0x76eadd506811e5fbaaa9bd651c72cfa5
# Executing section authorize from file /etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "host/TEST-11501.hpsd48.ab.ca", looking up
realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 7 length 56
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established. Decoding tunneled attributes.
[peap] Peap state WAITING FOR INNER IDENTITY
[peap] Identity - host/TEST-11501.hpsd48.ab.ca
[peap] Got inner identity 'host/TEST-11501.hpsd48.ab.ca'
[peap] Setting default EAP type for tunneled EAP session.
[peap] Got tunneled request
EAP-Message =
0x0207002101686f73742f544553542d31313530312e6870736434382e61622e6361
server {
PEAP: Setting User-Name to host/TEST-11501.hpsd48.ab.ca
Sending tunneled request
EAP-Message =
0x0207002101686f73742f544553542d31313530312e6870736434382e61622e6361
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "host/TEST-11501.hpsd48.ab.ca"
server inner-tunnel {
# Executing section authorize from file
/etc/raddb/sites-enabled/inner-tunnel
+- entering group authorize {...}
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "host/TEST-11501.hpsd48.ab.ca", looking up
realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[ntdomain] No '\' in User-Name = "host/TEST-11501.hpsd48.ab.ca", looking up
realm NULL
[ntdomain] No such realm "NULL"
++[ntdomain] returns noop
++[control] returns noop
[eap] EAP packet type response id 7 length 33
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /etc/raddb/sites-enabled/inner-tunnel
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type mschapv2
rlm_eap_mschapv2: Issuing Challenge
++[eap] returns handled
} # server inner-tunnel
[peap] Got tunneled reply code 11
EAP-Message =
0x010800361a0108003110220f374aa19eb0c598b341bacd23b48e686f73742f544553542d31313530312e6870736434382e61622e6361
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xdff71f9adfff05115ad48af9ef7a1fd6
[peap] Got tunneled reply RADIUS code 11
EAP-Message =
0x010800361a0108003110220f374aa19eb0c598b341bacd23b48e686f73742f544553542d31313530312e6870736434382e61622e6361
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xdff71f9adfff05115ad48af9ef7a1fd6
[peap] Got tunneled Access-Challenge
++[eap] returns handled
Sending Access-Challenge of id 115 to 10.152.0.100 port 32819
EAP-Message =
0x0108004d190017030100425ef5a87c0a89a3105bf08c246ea2b5f9d4f8990c41a5470ac8a417f2cd1fc7185c7532f146e5a5fa1e72281909ecd7d165106e810b1ce29ff074c729c9d8cd61e309
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xaf0b06b8a9031f13414e4025002a7e0a
Finished request 15.
Going to the next request
Waking up in 3.3 seconds.
rad_recv: Access-Request packet from host 10.152.0.100 port 32819, id=116,
length=302
User-Name = "host/TEST-11501.hpsd48.ab.ca"
NAS-IP-Address = 10.152.0.100
NAS-Port = 1
NAS-Identifier = "10.152.0.100"
NAS-Port-Type = Wireless-802.11
Calling-Station-Id = "00265EE9B2CA"
Called-Station-Id = "000B86611894"
Service-Type = Login-User
Framed-MTU = 1100
EAP-Message =
0x0208006e190017030100631163c930bb03d723a3c5143fcee6ce082aa6f00527213d8a73b60c459b3389d075c7b996a57cacefcbb9e334fe5daa6ffe65302162975fa7278d6bbda91168fd2feebfb195f81b9c86f8aabd245aebd7f460f11f77b59f2ae5fd01705424599959124f
State = 0xaf0b06b8a9031f13414e4025002a7e0a
Aruba-Essid-Name = "HPSD_RAD2"
Aruba-Location-Id = "Tech 01"
Message-Authenticator = 0xddfda2824f60dccbb3557bb433925a59
# Executing section authorize from file /etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "host/TEST-11501.hpsd48.ab.ca", looking up
realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 8 length 110
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established. Decoding tunneled attributes.
[peap] Peap state phase2
[peap] EAP type mschapv2
[peap] Got tunneled request
EAP-Message =
0x020800571a0208005231fd1a7399db6c1b2c5c96bc7c05ab8c640000000000000000ecc35bcd4fa61e28c30c0bfd3a037d19e5c407a645b6b72a00686f73742f544553542d31313530312e6870736434382e61622e6361
server {
PEAP: Setting User-Name to host/TEST-11501.hpsd48.ab.ca
Sending tunneled request
EAP-Message =
0x020800571a0208005231fd1a7399db6c1b2c5c96bc7c05ab8c640000000000000000ecc35bcd4fa61e28c30c0bfd3a037d19e5c407a645b6b72a00686f73742f544553542d31313530312e6870736434382e61622e6361
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "host/TEST-11501.hpsd48.ab.ca"
State = 0xdff71f9adfff05115ad48af9ef7a1fd6
server inner-tunnel {
# Executing section authorize from file
/etc/raddb/sites-enabled/inner-tunnel
+- entering group authorize {...}
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "host/TEST-11501.hpsd48.ab.ca", looking up
realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[ntdomain] No '\' in User-Name = "host/TEST-11501.hpsd48.ab.ca", looking up
realm NULL
[ntdomain] No such realm "NULL"
++[ntdomain] returns noop
++[control] returns noop
[eap] EAP packet type response id 8 length 87
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /etc/raddb/sites-enabled/inner-tunnel
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/mschapv2
[eap] processing type mschapv2
[mschapv2] # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
[mschapv2] +- entering group MS-CHAP {...}
[mschap] No Cleartext-Password configured. Cannot create LM-Password.
[mschap] No Cleartext-Password configured. Cannot create NT-Password.
[mschap] Creating challenge hash with username: host/TEST-11501.hpsd48.ab.ca
[mschap] Told to do MS-CHAPv2 for host/TEST-11501.hpsd48.ab.ca with
NT-Password
[mschap] FAILED: No NT/LM-Password. Cannot perform authentication.
[mschap] FAILED: MS-CHAP2-Response is incorrect
++[mschap] returns reject
[eap] Freeing handler
++[eap] returns reject
Failed to authenticate the user.
} # server inner-tunnel
[peap] Got tunneled reply code 3
MS-CHAP-Error = "\010E=691 R=1"
EAP-Message = 0x04080004
Message-Authenticator = 0x00000000000000000000000000000000
[peap] Got tunneled reply RADIUS code 3
MS-CHAP-Error = "\010E=691 R=1"
EAP-Message = 0x04080004
Message-Authenticator = 0x00000000000000000000000000000000
[peap] Tunneled authentication was rejected.
[peap] FAILURE
++[eap] returns handled
Sending Access-Challenge of id 116 to 10.152.0.100 port 32819
EAP-Message =
0x010900261900170301001bf6ec223e7d7181a93f75f4a26254ad4f18df3930289d171931ccee
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xaf0b06b8a8021f13414e4025002a7e0a
Finished request 16.
Going to the next request
Waking up in 3.3 seconds.
rad_recv: Access-Request packet from host 10.152.0.100 port 32819, id=117,
length=230
User-Name = "host/TEST-11501.hpsd48.ab.ca"
NAS-IP-Address = 10.152.0.100
NAS-Port = 1
NAS-Identifier = "10.152.0.100"
NAS-Port-Type = Wireless-802.11
Calling-Station-Id = "00265EE9B2CA"
Called-Station-Id = "000B86611894"
Service-Type = Login-User
Framed-MTU = 1100
EAP-Message =
0x020900261900170301001b906645443f39afc09080a4a678ca79b9dc210aa4f63d8b4fed2563
State = 0xaf0b06b8a8021f13414e4025002a7e0a
Aruba-Essid-Name = "HPSD_RAD2"
Aruba-Location-Id = "Tech 01"
Message-Authenticator = 0x4513566759242c90b364904f4b5131dd
# Executing section authorize from file /etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "host/TEST-11501.hpsd48.ab.ca", looking up
realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 9 length 38
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established. Decoding tunneled attributes.
[peap] Peap state send tlv failure
[peap] Received EAP-TLV response.
[peap] The users session was previously rejected: returning reject (again.)
[peap] *** This means you need to read the PREVIOUS messages in the debug
output
[peap] *** to find out the reason why the user was rejected.
[peap] *** Look for "reject" or "fail". Those earlier messages will tell
you.
[peap] *** what went wrong, and how to fix the problem.
[eap] Handler failed in EAP/peap
[eap] Failed in EAP select
++[eap] returns invalid
Failed to authenticate the user.
Using Post-Auth-Type Reject
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} ->
host/TEST-11501.hpsd48.ab.ca
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 17 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 17
Sending Access-Reject of id 117 to 10.152.0.100 port 32819
EAP-Message = 0x04090004
Message-Authenticator = 0x00000000000000000000000000000000
Waking up in 2.3 seconds.
rad_recv: Access-Request packet from host 10.152.0.100 port 32819, id=118,
length=207
User-Name = "host/TEST-11501.hpsd48.ab.ca"
NAS-IP-Address = 10.152.0.100
NAS-Port = 1
NAS-Identifier = "10.152.0.100"
NAS-Port-Type = Wireless-802.11
Calling-Station-Id = "00265EE9B2CA"
Called-Station-Id = "000B86611894"
Service-Type = Login-User
Framed-MTU = 1100
EAP-Message =
0x0201002101686f73742f544553542d31313530312e6870736434382e61622e6361
Aruba-Essid-Name = "HPSD_RAD2"
Aruba-Location-Id = "Tech 01"
Message-Authenticator = 0x3079a4568eb504dec1712dd4b53b8d02
# Executing section authorize from file /etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "host/TEST-11501.hpsd48.ab.ca", looking up
realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 1 length 33
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
[ldap] performing user authorization for host/TEST-11501.hpsd48.ab.ca
[ldap] expand: (uid=%{mschap:User-Name:-%{User-Name}}) -> (uid=TEST-11501$)
[ldap] expand: o=hpsd_48 -> o=hpsd_48
[ldap] ldap_get_conn: Checking Id: 0
[ldap] ldap_get_conn: Got Id: 0
[ldap] performing search in o=hpsd_48, with filter (uid=TEST-11501$)
[ldap] Added the eDirectory password xxxx in check items as
Cleartext-Password
[ldap] looking for check items in directory...
[ldap] looking for reply items in directory...
[ldap] user host/TEST-11501.hpsd48.ab.ca authorized to use remote access
[ldap] ldap_release_conn: Release Id: 0
++[ldap] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING: Auth-Type already set. Not setting to PAP
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type tls
[tls] Initiate
[tls] Start returned 1
++[eap] returns handled
Sending Access-Challenge of id 118 to 10.152.0.100 port 32819
EAP-Message = 0x010200061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x29d0da4429d2c35a7379c61a78aa62d0
Finished request 18.
Going to the next request
Waking up in 1.9 seconds.
rad_recv: Access-Request packet from host 10.152.0.100 port 32819, id=119,
length=279
User-Name = "host/TEST-11501.hpsd48.ab.ca"
NAS-IP-Address = 10.152.0.100
NAS-Port = 1
NAS-Identifier = "10.152.0.100"
NAS-Port-Type = Wireless-802.11
Calling-Station-Id = "00265EE9B2CA"
Called-Station-Id = "000B86611894"
Service-Type = Login-User
Framed-MTU = 1100
EAP-Message =
0x0202005719800000004d16030100480100004403014de906db4ca3903f904303e7bc398d558b043af3ab9131895a99c73afb08b2f100001600040005000a0009006400620003000600130012006301000005ff01000100
State = 0x29d0da4429d2c35a7379c61a78aa62d0
Aruba-Essid-Name = "HPSD_RAD2"
Aruba-Location-Id = "Tech 01"
Message-Authenticator = 0x060dab8335726b77ad25c74cf5654e79
# Executing section authorize from file /etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "host/TEST-11501.hpsd48.ab.ca", looking up
realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 2 length 87
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
TLS Length 77
[peap] Length Included
[peap] eaptls_verify returned 11
[peap] (other): before/accept initialization
[peap] TLS_accept: before/accept initialization
[peap] <<< TLS 1.0 Handshake [length 0048], ClientHello
[peap] TLS_accept: SSLv3 read client hello A
[peap] >>> TLS 1.0 Handshake [length 0031], ServerHello
[peap] TLS_accept: SSLv3 write server hello A
[peap] >>> TLS 1.0 Handshake [length 085e], Certificate
[peap] TLS_accept: SSLv3 write certificate A
[peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
[peap] TLS_accept: SSLv3 write server done A
[peap] TLS_accept: SSLv3 flush data
[peap] TLS_accept: Need to read more data: SSLv3 read client certificate
A
In SSL Handshake Phase
In SSL Accept mode
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 119 to 10.152.0.100 port 32819
EAP-Message =
0x0103040019c0000008a216030100310200002d03014de906d73ba63b93c9399f1a39454ce72415a5c96ab5a9addea94e17540cd87a000004000005ff01000100160301085e0b00085a0008570003a6308203a23082028aa003020102020101300d06092a864886f70d0101040500308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c65204365727469666963617465204175
EAP-Message =
0x74686f72697479301e170d3131303231303136333231325a170d3132303231303136333231325a307c310b3009060355040613024652310f300d0603550408130652616469757331153013060355040a130c4578616d706c6520496e632e312330210603550403131a4578616d706c65205365727665722043657274696669636174653120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100c2962fab65858e76d1ddf7925706800d725d67efa3e928fc5b835d1da4e3d5c99cd3ba137db87cd26b5609df9ff9a00d2e26b6569bd5d5
EAP-Message =
0x7906b0ac844bcb0dcdafc47a271d7f4184b8e7c49def18565a1308653df9bf9af520481adbca2724c10912c5a027ebaf413980d610ac6deba96c5648b540eddcd14904c44ccdea22b433302f61cbe597a5d8587cf9cd1265a8eb71cbcd86db81668b26104bde6f85a48915ff0b49db217fddfc14199887a02eea6bab884c45f948e1ac8dfff1b174428ea59679abc877ed9a63d9d45a49e5c9260c8dfea7751f40742a8f4bdc3a159ca21c94180134fa8397913337b28431d3958f736c26766793bb5bb1f3d5b133c30203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d010104050003820101004cec
EAP-Message =
0x45279ca506050661330f4a17d5cadf66ab4afcd673447238a372ab3fa04a4290b7329b34267c54ad822d9f5d52975247bd61560abaa1e6b5c189edf03731340a167f225be1f70bc782ae26ff1599a4f69892b7cbde36cf5a85b6e955b4fa52c512140091a0750b11c5a5aafb2572b582856ae20c7c96d42dc0bf0104467b02d7fcb088f371ee192d529d4fde2233d2f8d7c1825bcf23781cadd11aeabf49cd8ca853b47b5dc74b760d34faf67941eaced3bd06b86b65ff23c247b82527ddd7136397230ad87c477643afe9c748f0cf83eff9b102206276b4d0d682f2e5ed27afa85e45426b25f152b16012918d4c04ce0a8641da60885e3c3197b4e3ed
EAP-Message = 0x860004ab308204a73082038f
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x29d0da4428d3c35a7379c61a78aa62d0
Finished request 19.
Going to the next request
Waking up in 1.9 seconds.
rad_recv: Access-Request packet from host 10.152.0.100 port 32819, id=120,
length=198
User-Name = "host/TEST-11501.hpsd48.ab.ca"
NAS-IP-Address = 10.152.0.100
NAS-Port = 1
NAS-Identifier = "10.152.0.100"
NAS-Port-Type = Wireless-802.11
Calling-Station-Id = "00265EE9B2CA"
Called-Station-Id = "000B86611894"
Service-Type = Login-User
Framed-MTU = 1100
EAP-Message = 0x020300061900
State = 0x29d0da4428d3c35a7379c61a78aa62d0
Aruba-Essid-Name = "HPSD_RAD2"
Aruba-Location-Id = "Tech 01"
Message-Authenticator = 0x7a7426cfa0958f6618608192a3cb78ee
# Executing section authorize from file /etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "host/TEST-11501.hpsd48.ab.ca", looking up
realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 3 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] ACK handshake fragment handler
[peap] eaptls_verify returned 1
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 120 to 10.152.0.100 port 32819
EAP-Message =
0x010403fc1940a003020102020900a014abbd42e47192300d06092a864886f70d0101050500308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479301e170d3131303231303136333231325a170d3132303231303136333231325a308193310b3009060355040613024652310f300d0603550408130652616469757331
EAP-Message =
0x12301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f7269747930820122300d06092a864886f70d01010105000382010f003082010a0282010100aad4b906b8f15d9efa212c359bbae114566f2f9b0c75bf45ab4def0f4a617b3fe4e56795ecf32f378d128990b6317f25252528a101362bf9345a0a394dba35688e07e2eae969c4913c3796c1c224aced4e41e9d51f5335e6b9ec030da7c36217b48835b1df864ff9
EAP-Message =
0xd82ada8cda0de980115896e4bd8ec5bab2a6b9111c109dafdb3e07d6ee4a5cebfa21f39e4efeb6a45e8a8cefc278ef3418aa2ccdb710ebe491eda4ed31df9156020958cddc21ce23a5749c9f06eeb098f3894184707af45719ff0d29350defa774ea4dbda2d0c61b7939abb1757a3ee271f1bb8d4b9868bc6289db9516b6a3d7fa5ad8abdbe57b5ce5359c9eb6a6169647d1310a53e40e930203010001a381fb3081f8301d0603551d0e0416041493331cbb1ef41d0e3c45f31449266f0c304c9b193081c80603551d230481c03081bd801493331cbb1ef41d0e3c45f31449266f0c304c9b19a18199a48196308193310b300906035504061302465231
EAP-Message =
0x0f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479820900a014abbd42e47192300c0603551d13040530030101ff300d06092a864886f70d010105050003820101003cf11452f274ea06f722666622248542b6934b4f9aa2e919e20fb227801b1addbd2626d3570f8e4c20db411f132aa313a4e877f352772d0414b67207468978a5727bc5a22843f42390103f
EAP-Message = 0x53c8cb22d3f8f1f7
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x29d0da442bd4c35a7379c61a78aa62d0
Finished request 20.
Going to the next request
Waking up in 1.9 seconds.
rad_recv: Access-Request packet from host 10.152.0.100 port 32819, id=121,
length=198
User-Name = "host/TEST-11501.hpsd48.ab.ca"
NAS-IP-Address = 10.152.0.100
NAS-Port = 1
NAS-Identifier = "10.152.0.100"
NAS-Port-Type = Wireless-802.11
Calling-Station-Id = "00265EE9B2CA"
Called-Station-Id = "000B86611894"
Service-Type = Login-User
Framed-MTU = 1100
EAP-Message = 0x020400061900
State = 0x29d0da442bd4c35a7379c61a78aa62d0
Aruba-Essid-Name = "HPSD_RAD2"
Aruba-Location-Id = "Tech 01"
Message-Authenticator = 0xbf252b738f6dd6c069edff642dcff0a3
# Executing section authorize from file /etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "host/TEST-11501.hpsd48.ab.ca", looking up
realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 4 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] ACK handshake fragment handler
[peap] eaptls_verify returned 1
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 121 to 10.152.0.100 port 32819
EAP-Message =
0x010500bc19004c396c46b788613f2eae5433381f96d583a69217e9b3504b2751ba9b7c98b5795763ec2dca296f1c69e6a6c0814c9723f903ff293ab3d5bd932b98d0e833e3a01ded48b321eb509dd2e61548875967dc1282a4022b615f7360c573c4d1e52b10f16387a6d3ab90066bb454697e5715108aa946fe9208e0c56acbc5ba8277b15393f6d3ce03a2fb07536a1177550c4dbb473cf421ba6fd64330b3ef931207d7af48184e874f2e55130a498d722c16030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x29d0da442ad5c35a7379c61a78aa62d0
Finished request 21.
Going to the next request
Waking up in 1.9 seconds.
rad_recv: Access-Request packet from host 10.152.0.100 port 32819, id=122,
length=514
User-Name = "host/TEST-11501.hpsd48.ab.ca"
NAS-IP-Address = 10.152.0.100
NAS-Port = 1
NAS-Identifier = "10.152.0.100"
NAS-Port-Type = Wireless-802.11
Calling-Station-Id = "00265EE9B2CA"
Called-Station-Id = "000B86611894"
Service-Type = Login-User
Framed-MTU = 1100
EAP-Message =
0x02050140198000000136160301010610000102010074d7e95eee9fd74281d703c3aa7c3e5dff43c1eeba1a2cc9fccdf4eadaf91df4aec03bb4fcd96f04635243700a5feb2a3423993747f86e8b677e6d764888eac01f97d4187f16bbe13493b5aad227a4ba1f49bb198db2442282307bfdc2b52b5eedab35d074391c42c5bf0c7b6853d486b0c4e2c8c2648f27924df70951a0c25b1bd8fe9e5528443cfc0e5ae1134da157d2d7beea23455462e773e70d545febfc7dff19c84f465b995771fdbd461a158dfa38d9ac1c8ab8d97d6c023abcd656d162f1594a4c6f5b791a7a49b7eff9980dd205f044f0476c17d4572a0e548a227f79570e9f0fba3647
EAP-Message =
0x98b7f22d36a71d0685b5d5fafaf98623c53d6dc45fa8cd6f1403010001011603010020a14543890a5dda3193cd901b8a99f172b116b429819b014dd66ca733501f598b
State = 0x29d0da442ad5c35a7379c61a78aa62d0
Aruba-Essid-Name = "HPSD_RAD2"
Aruba-Location-Id = "Tech 01"
Message-Authenticator = 0x22b3c9ec5509579aebcb622ef41a99f9
# Executing section authorize from file /etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "host/TEST-11501.hpsd48.ab.ca", looking up
realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 5 length 253
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
TLS Length 310
[peap] Length Included
[peap] eaptls_verify returned 11
[peap] <<< TLS 1.0 Handshake [length 0106], ClientKeyExchange
[peap] TLS_accept: SSLv3 read client key exchange A
[peap] <<< TLS 1.0 ChangeCipherSpec [length 0001]
[peap] <<< TLS 1.0 Handshake [length 0010], Finished
[peap] TLS_accept: SSLv3 read finished A
[peap] >>> TLS 1.0 ChangeCipherSpec [length 0001]
[peap] TLS_accept: SSLv3 write change cipher spec A
[peap] >>> TLS 1.0 Handshake [length 0010], Finished
[peap] TLS_accept: SSLv3 write finished A
[peap] TLS_accept: SSLv3 flush data
[peap] (other): SSL negotiation finished successfully
SSL Connection Established
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 122 to 10.152.0.100 port 32819
EAP-Message =
0x010600311900140301000101160301002065c36b929321418de0e1096fbb9555584f14371181b00aecd5802aa580f27b9c
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x29d0da442dd6c35a7379c61a78aa62d0
Finished request 22.
Going to the next request
Waking up in 1.9 seconds.
rad_recv: Access-Request packet from host 10.152.0.100 port 32819, id=123,
length=198
User-Name = "host/TEST-11501.hpsd48.ab.ca"
NAS-IP-Address = 10.152.0.100
NAS-Port = 1
NAS-Identifier = "10.152.0.100"
NAS-Port-Type = Wireless-802.11
Calling-Station-Id = "00265EE9B2CA"
Called-Station-Id = "000B86611894"
Service-Type = Login-User
Framed-MTU = 1100
EAP-Message = 0x020600061900
State = 0x29d0da442dd6c35a7379c61a78aa62d0
Aruba-Essid-Name = "HPSD_RAD2"
Aruba-Location-Id = "Tech 01"
Message-Authenticator = 0x22b2a94e6a00270f56a88f4f5755a62a
# Executing section authorize from file /etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "host/TEST-11501.hpsd48.ab.ca", looking up
realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 6 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] ACK handshake is finished
[peap] eaptls_verify returned 3
[peap] eaptls_process returned 3
[peap] EAPTLS_SUCCESS
[peap] Session established. Decoding tunneled attributes.
[peap] Peap state TUNNEL ESTABLISHED
++[eap] returns handled
Sending Access-Challenge of id 123 to 10.152.0.100 port 32819
EAP-Message =
0x0107002019001703010015ccb56467d6b0b54c5477e97ad9751807c835598567
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x29d0da442cd7c35a7379c61a78aa62d0
Finished request 23.
Going to the next request
Waking up in 1.9 seconds.
rad_recv: Access-Request packet from host 10.152.0.100 port 32819, id=124,
length=248
User-Name = "host/TEST-11501.hpsd48.ab.ca"
NAS-IP-Address = 10.152.0.100
NAS-Port = 1
NAS-Identifier = "10.152.0.100"
NAS-Port-Type = Wireless-802.11
Calling-Station-Id = "00265EE9B2CA"
Called-Station-Id = "000B86611894"
Service-Type = Login-User
Framed-MTU = 1100
EAP-Message =
0x020700381900170301002d48cecbbd34d5253b28194dd676fb9010c530bb8c13bdc47e488941a4d19dc7fa726e873a58cc44a35786a88bca
State = 0x29d0da442cd7c35a7379c61a78aa62d0
Aruba-Essid-Name = "HPSD_RAD2"
Aruba-Location-Id = "Tech 01"
Message-Authenticator = 0x1c1b6e63188001569dd59e8dd28f44fa
# Executing section authorize from file /etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "host/TEST-11501.hpsd48.ab.ca", looking up
realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 7 length 56
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established. Decoding tunneled attributes.
[peap] Peap state WAITING FOR INNER IDENTITY
[peap] Identity - host/TEST-11501.hpsd48.ab.ca
[peap] Got inner identity 'host/TEST-11501.hpsd48.ab.ca'
[peap] Setting default EAP type for tunneled EAP session.
[peap] Got tunneled request
EAP-Message =
0x0207002101686f73742f544553542d31313530312e6870736434382e61622e6361
server {
PEAP: Setting User-Name to host/TEST-11501.hpsd48.ab.ca
Sending tunneled request
EAP-Message =
0x0207002101686f73742f544553542d31313530312e6870736434382e61622e6361
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "host/TEST-11501.hpsd48.ab.ca"
server inner-tunnel {
# Executing section authorize from file
/etc/raddb/sites-enabled/inner-tunnel
+- entering group authorize {...}
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "host/TEST-11501.hpsd48.ab.ca", looking up
realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[ntdomain] No '\' in User-Name = "host/TEST-11501.hpsd48.ab.ca", looking up
realm NULL
[ntdomain] No such realm "NULL"
++[ntdomain] returns noop
++[control] returns noop
[eap] EAP packet type response id 7 length 33
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /etc/raddb/sites-enabled/inner-tunnel
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type mschapv2
rlm_eap_mschapv2: Issuing Challenge
++[eap] returns handled
} # server inner-tunnel
[peap] Got tunneled reply code 11
EAP-Message =
0x010800361a01080031100bb281db72ca99c10b76e04212a60721686f73742f544553542d31313530312e6870736434382e61622e6361
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x04a0b3fa04a8a9fd98f0050caec42b47
[peap] Got tunneled reply RADIUS code 11
EAP-Message =
0x010800361a01080031100bb281db72ca99c10b76e04212a60721686f73742f544553542d31313530312e6870736434382e61622e6361
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x04a0b3fa04a8a9fd98f0050caec42b47
[peap] Got tunneled Access-Challenge
++[eap] returns handled
Sending Access-Challenge of id 124 to 10.152.0.100 port 32819
EAP-Message =
0x0108004d19001703010042f0c1c86e64d32ea8aed9ed5b247a786c682e0dd1147f09f7f38a84e22962866feb92d411a6bb3cce29ac674c28dae6183ad8bc850ccd422b730f25fc4211f09bbd9a
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x29d0da442fd8c35a7379c61a78aa62d0
Finished request 24.
Going to the next request
Waking up in 1.9 seconds.
rad_recv: Access-Request packet from host 10.152.0.100 port 32819, id=125,
length=302
User-Name = "host/TEST-11501.hpsd48.ab.ca"
NAS-IP-Address = 10.152.0.100
NAS-Port = 1
NAS-Identifier = "10.152.0.100"
NAS-Port-Type = Wireless-802.11
Calling-Station-Id = "00265EE9B2CA"
Called-Station-Id = "000B86611894"
Service-Type = Login-User
Framed-MTU = 1100
EAP-Message =
0x0208006e1900170301006340fc69efabd3d8f90ac150f75ddf678f3883cd42adb89bda7afbab0a65ba53704c12b81f6103378b6af24eb0afa71b713a158c68b156911a19f9ab018f668ab34d30e6723e54f5427081ef4f8b188f4b7e9955fcce333dd2348dfa921405a4783b51e0
State = 0x29d0da442fd8c35a7379c61a78aa62d0
Aruba-Essid-Name = "HPSD_RAD2"
Aruba-Location-Id = "Tech 01"
Message-Authenticator = 0x44e390f025907d46607bd59ed8e82319
# Executing section authorize from file /etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "host/TEST-11501.hpsd48.ab.ca", looking up
realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 8 length 110
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established. Decoding tunneled attributes.
[peap] Peap state phase2
[peap] EAP type mschapv2
[peap] Got tunneled request
EAP-Message =
0x020800571a020800523116ba5e375232b558ea4bec3f09e0546e0000000000000000485051644aaaccf4feb374d5727dbb181b312a8cace7a5b300686f73742f544553542d31313530312e6870736434382e61622e6361
server {
PEAP: Setting User-Name to host/TEST-11501.hpsd48.ab.ca
Sending tunneled request
EAP-Message =
0x020800571a020800523116ba5e375232b558ea4bec3f09e0546e0000000000000000485051644aaaccf4feb374d5727dbb181b312a8cace7a5b300686f73742f544553542d31313530312e6870736434382e61622e6361
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "host/TEST-11501.hpsd48.ab.ca"
State = 0x04a0b3fa04a8a9fd98f0050caec42b47
server inner-tunnel {
# Executing section authorize from file
/etc/raddb/sites-enabled/inner-tunnel
+- entering group authorize {...}
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "host/TEST-11501.hpsd48.ab.ca", looking up
realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[ntdomain] No '\' in User-Name = "host/TEST-11501.hpsd48.ab.ca", looking up
realm NULL
[ntdomain] No such realm "NULL"
++[ntdomain] returns noop
++[control] returns noop
[eap] EAP packet type response id 8 length 87
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /etc/raddb/sites-enabled/inner-tunnel
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/mschapv2
[eap] processing type mschapv2
[mschapv2] # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
[mschapv2] +- entering group MS-CHAP {...}
[mschap] No Cleartext-Password configured. Cannot create LM-Password.
[mschap] No Cleartext-Password configured. Cannot create NT-Password.
[mschap] Creating challenge hash with username: host/TEST-11501.hpsd48.ab.ca
[mschap] Told to do MS-CHAPv2 for host/TEST-11501.hpsd48.ab.ca with
NT-Password
[mschap] FAILED: No NT/LM-Password. Cannot perform authentication.
[mschap] FAILED: MS-CHAP2-Response is incorrect
++[mschap] returns reject
[eap] Freeing handler
++[eap] returns reject
Failed to authenticate the user.
} # server inner-tunnel
[peap] Got tunneled reply code 3
MS-CHAP-Error = "\010E=691 R=1"
EAP-Message = 0x04080004
Message-Authenticator = 0x00000000000000000000000000000000
[peap] Got tunneled reply RADIUS code 3
MS-CHAP-Error = "\010E=691 R=1"
EAP-Message = 0x04080004
Message-Authenticator = 0x00000000000000000000000000000000
[peap] Tunneled authentication was rejected.
[peap] FAILURE
++[eap] returns handled
Sending Access-Challenge of id 125 to 10.152.0.100 port 32819
EAP-Message =
0x010900261900170301001be55c10c14a8b99626e68d81135abe0fb267983cae3140a3f79f036
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x29d0da442ed9c35a7379c61a78aa62d0
Finished request 25.
Going to the next request
Waking up in 1.9 seconds.
rad_recv: Access-Request packet from host 10.152.0.100 port 32819, id=126,
length=230
User-Name = "host/TEST-11501.hpsd48.ab.ca"
NAS-IP-Address = 10.152.0.100
NAS-Port = 1
NAS-Identifier = "10.152.0.100"
NAS-Port-Type = Wireless-802.11
Calling-Station-Id = "00265EE9B2CA"
Called-Station-Id = "000B86611894"
Service-Type = Login-User
Framed-MTU = 1100
EAP-Message =
0x020900261900170301001b5e56eb7f54ff792cf3528485b41854c30fd2491432b132c8482f96
State = 0x29d0da442ed9c35a7379c61a78aa62d0
Aruba-Essid-Name = "HPSD_RAD2"
Aruba-Location-Id = "Tech 01"
Message-Authenticator = 0xbe379e062b1087985d9ec6cc244923a1
# Executing section authorize from file /etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "host/TEST-11501.hpsd48.ab.ca", looking up
realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 9 length 38
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established. Decoding tunneled attributes.
[peap] Peap state send tlv failure
[peap] Received EAP-TLV response.
[peap] The users session was previously rejected: returning reject (again.)
[peap] *** This means you need to read the PREVIOUS messages in the debug
output
[peap] *** to find out the reason why the user was rejected.
[peap] *** Look for "reject" or "fail". Those earlier messages will tell
you.
[peap] *** what went wrong, and how to fix the problem.
[eap] Handler failed in EAP/peap
[eap] Failed in EAP select
++[eap] returns invalid
Failed to authenticate the user.
Using Post-Auth-Type Reject
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} ->
host/TEST-11501.hpsd48.ab.ca
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 26 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 26
Sending Access-Reject of id 126 to 10.152.0.100 port 32819
EAP-Message = 0x04090004
Message-Authenticator = 0x00000000000000000000000000000000
Waking up in 0.9 seconds.
Cleaning up request 0 ID 100 with timestamp +45
Cleaning up request 1 ID 101 with timestamp +45
Cleaning up request 2 ID 102 with timestamp +45
Cleaning up request 3 ID 103 with timestamp +45
Cleaning up request 4 ID 104 with timestamp +45
Cleaning up request 5 ID 105 with timestamp +45
Cleaning up request 6 ID 106 with timestamp +45
Cleaning up request 7 ID 107 with timestamp +45
Waking up in 1.0 seconds.
Cleaning up request 8 ID 108 with timestamp +45
Waking up in 0.3 seconds.
Cleaning up request 9 ID 109 with timestamp +46
Cleaning up request 10 ID 110 with timestamp +46
Cleaning up request 11 ID 111 with timestamp +46
Cleaning up request 12 ID 112 with timestamp +46
Cleaning up request 13 ID 113 with timestamp +46
Cleaning up request 14 ID 114 with timestamp +46
Cleaning up request 15 ID 115 with timestamp +46
Cleaning up request 16 ID 116 with timestamp +46
Waking up in 1.0 seconds.
Cleaning up request 17 ID 117 with timestamp +46
Waking up in 0.3 seconds.
Cleaning up request 18 ID 118 with timestamp +48
Cleaning up request 19 ID 119 with timestamp +48
Cleaning up request 20 ID 120 with timestamp +48
Cleaning up request 21 ID 121 with timestamp +48
Cleaning up request 22 ID 122 with timestamp +48
Cleaning up request 23 ID 123 with timestamp +48
Cleaning up request 24 ID 124 with timestamp +48
Cleaning up request 25 ID 125 with timestamp +48
Waking up in 1.0 seconds.
Cleaning up request 26 ID 126 with timestamp +48
Ready to process requests.
--
View this message in context: http://freeradius.1045715.n5.nabble.com/Renaming-during-Machine-Authentication-tp4394421p4451755.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
More information about the Freeradius-Users
mailing list