EAP problem
marco perugini
m.perugini at 4it.it
Thu Aug 2 11:51:08 CEST 2012
i'm sorry, i though it was the right one..
Il 01/08/12 17.59, Alan DeKok ha scritto:
> marco perugini wrote:
>> hi list!
>> i think we found same issue as david: something fails in eap-ttls. my
>> supplicant is a huawei wimax cpe [that obviously works great on my other
>> radius server but not the new one...]. we noticed some commit about ttls
>> so we built master branch from git in the afternoon but still we have
>> this problem; are we wrong about new eap-ttls configuration section? you
>> can find my "radiusd -Xxx" as attachment.
>
> Could you grab the latest version from "master"? I added a patch to
> print out the contents of the tunnel. This lets me know *what* is in
> the tunnel, so I know how to fix it.
>
> Thanks.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
-------------- next part --------------
Thu Aug 2 11:43:58 2012 : Info: FreeRADIUS Version 3.0.0, for host x86_64-unknown-linux-gnu, built on Aug 1 2012 at 18:40:57
Thu Aug 2 11:43:58 2012 : Info: Copyright (C) 1999-2012 The FreeRADIUS server project and contributors.
Thu Aug 2 11:43:58 2012 : Info: There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
Thu Aug 2 11:43:58 2012 : Info: PARTICULAR PURPOSE.
Thu Aug 2 11:43:58 2012 : Info: You may redistribute copies of FreeRADIUS under the terms of the
Thu Aug 2 11:43:58 2012 : Info: GNU General Public License v2.
Thu Aug 2 11:43:58 2012 : Info:
Thu Aug 2 11:43:58 2012 : Info: Starting - reading configuration files ...
........
........
........
Thu Aug 2 11:43:58 2012 : Debug: Listening on authentication address 172.20.22.10 port 1812
Thu Aug 2 11:43:58 2012 : Debug: Listening on accounting address 172.20.22.10 port 1813
Thu Aug 2 11:43:58 2012 : Debug: Opening new proxy address 172.20.22.10 port 1814
Thu Aug 2 11:43:58 2012 : Debug: Listening on proxy address 172.20.22.10 port 1814
Thu Aug 2 11:43:58 2012 : Debug: No trigger subsection: ignoring trigger server.start
Thu Aug 2 11:43:58 2012 : Info: Ready to process requests.
rad_recv: Access-Request packet from host 172.20.22.20 port 1814, id=62, length=245
Code: 1
Id: 62
Length: 245
Vector: eca82b0f2bce517d60b5476885021c5a
Data: 3d 06 00 00 00 1b
06 06 00 00 00 02
1a 0f 000060b5 (24757) 23 09 00 01 06 00 00 00 63
1a 15 000060b5 (24757) 2e 0f 00 30 30 30 30 32 30 30 36 30 31 30 30
1a 0e 000060b5 (24757) 01 08 00 01 05 31 2e 31
50 12 5e 5a 0b 82 88 79 df 02 88 0e a9 15 f8 22 10 24
1a 0c 000060b5 (24757) 01 06 00 02 03 02
1a 0c 000060b5 (24757) 01 06 00 03 03 01
04 06 c0 a8 62 c9
1f 0e 32 30 32 62 63 31 36 38 64 63 39 64
01 14 74 65 73 74 5f 64 68 63 70 40 74 65 73 74 2e 63
6f 6d
37 06 50 1a 4b f1
20 0c 49 54 52 5f 41 53 4e 2d 47 57
4f 19 02 8b 00 17 01 74 65 73 74 5f 64 68 63 70 40 74
65 73 74 2e 63 6f 6d
1a 09 000060b5 (24757) 01 03 01
1a 0d 000060b5 (24757) 03 07 00 10 0e 00 00
1a 0c 000060b5 (24757) 01 06 00 04 03 01
21 04 33 32
NAS-Port-Type = Wireless-802.16
Service-Type = Framed-User
WiMAX-Available-In-Client = 99
WiMAX-BS-Id = 0x303030303230303630313030
WiMAX-Release = "1.1"
Message-Authenticator = 0x5e5a0b828879df02880ea915f8221024
WiMAX-Accounting-Capabilities = Flow-Based
WiMAX-Hotlining-Capabilities = Hotline-Profile-Id
NAS-IP-Address = 192.168.98.201
Calling-Station-Id = "202bc168dc9d"
User-Name = "test_dhcp at test.com"
Event-Timestamp = "Aug 2 2012 11:44:17 CEST"
NAS-Identifier = "ITR_ASN-GW"
EAP-Message = 0x028b001701746573745f6468637040746573742e636f6d
WiMAX-GMT-Timezone-offset = 269352960
WiMAX-Idle-Mode-Notification-Cap = Supported
Proxy-State = 0x3332
Thu Aug 2 11:44:00 2012 : Info: (0) # Executing section authorize from file /etc/raddb/sites-enabled/default
Thu Aug 2 11:44:00 2012 : Info: (0) group authorize {
Thu Aug 2 11:44:00 2012 : Info: (0) - entering group authorize {...}
Thu Aug 2 11:44:00 2012 : Info: (0) [preprocess] = ok
Thu Aug 2 11:44:00 2012 : Info: (0) [chap] = noop
Thu Aug 2 11:44:00 2012 : Info: (0) [mschap] = noop
Thu Aug 2 11:44:00 2012 : Info: (0) suffix : Looking up realm "test.com" for User-Name = "test_dhcp at test.com"
Thu Aug 2 11:44:00 2012 : Info: (0) suffix : Found realm "test.com"
Thu Aug 2 11:44:00 2012 : Info: (0) suffix : Adding Stripped-User-Name = "test_dhcp"
Thu Aug 2 11:44:00 2012 : Info: (0) suffix : Adding Realm = "test.com"
Thu Aug 2 11:44:00 2012 : Info: (0) suffix : Authentication realm is LOCAL.
Thu Aug 2 11:44:00 2012 : Info: (0) [suffix] = ok
Thu Aug 2 11:44:00 2012 : Info: (0) eap : EAP packet type response id 139 length 23
Thu Aug 2 11:44:00 2012 : Info: (0) eap : EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
Thu Aug 2 11:44:00 2012 : Info: (0) [eap] = ok
Thu Aug 2 11:44:00 2012 : Info: (0) Found Auth-Type = EAP
Thu Aug 2 11:44:00 2012 : Info: (0) # Executing group from file /etc/raddb/sites-enabled/default
Thu Aug 2 11:44:00 2012 : Info: (0) group authenticate {
Thu Aug 2 11:44:00 2012 : Info: (0) - entering group authenticate {...}
Thu Aug 2 11:44:00 2012 : Info: (0) eap : EAP Identity
Thu Aug 2 11:44:00 2012 : Info: (0) eap : processing type ttls
Thu Aug 2 11:44:00 2012 : Info: (0) ttls : Flushing SSL sessions (of #0)
Thu Aug 2 11:44:00 2012 : Info: (0) ttls : Initiate
Thu Aug 2 11:44:00 2012 : Info: (0) ttls : Start returned 1
Thu Aug 2 11:44:00 2012 : Info: (0) [eap] = handled
Sending Access-Challenge of id 62 to 172.20.22.20 port 1814
EAP-Message = 0x018c00061520
4f 08 01 8c 00 06 15 20
Message-Authenticator = 0x00000000000000000000000000000000
50 12 ...
State = 0x24b58ee524399b133f64a76207b0b4c9
18 12 24 b5 8e e5 24 39 9b 13 3f 64 a7 62 07 b0 b4 c9
Proxy-State = 0x3332
21 04 33 32
Code: 11
Id: 62
Length: 68
Vector: 28df198e39f9d810dba4ffab96091d4f
Data: 4f 08 01 8c 00 06 15 20
50 12 6d 66 64 22 75 f2 13 22 c7 bd 7b c4 e9 eb 2e 69
18 12 24 b5 8e e5 24 39 9b 13 3f 64 a7 62 07 b0 b4 c9
21 04 33 32
Thu Aug 2 11:44:00 2012 : Info: (0) Finished request 0.
Thu Aug 2 11:44:00 2012 : Debug: Waking up in 0.3 seconds.
rad_recv: Access-Request packet from host 172.20.22.20 port 1814, id=9, length=326
Code: 1
Id: 9
Length: 326
Vector: 1a902dd92f46945289e9fde388faae61
Data: 3d 06 00 00 00 1b
06 06 00 00 00 02
1a 0f 000060b5 (24757) 23 09 00 01 06 00 00 00 63
1a 15 000060b5 (24757) 2e 0f 00 30 30 30 30 32 30 30 36 30 31 30 30
1a 0e 000060b5 (24757) 01 08 00 01 05 31 2e 31
18 12 24 b5 8e e5 24 39 9b 13 3f 64 a7 62 07 b0 b4 c9
50 12 c1 d7 fb b3 e8 98 c8 93 e8 53 85 fd 59 bf 50 f2
1a 0c 000060b5 (24757) 01 06 00 02 03 02
1a 0c 000060b5 (24757) 01 06 00 03 03 01
04 06 c0 a8 62 c9
1f 0e 32 30 32 62 63 31 36 38 64 63 39 64
01 14 74 65 73 74 5f 64 68 63 70 40 74 65 73 74 2e 63
6f 6d
37 06 50 1a 4b f1
20 0c 49 54 52 5f 41 53 4e 2d 47 57
4f 58 02 8c 00 56 15 80 00 00 00 4c 16 03 01 00 47 01
00 00 43 03 01 00 02 38 12 d0 73 5f ba a5 3e 0f
78 65 73 bd 5b 45 c2 16 46 15 6c 73 5c e6 e2 97
27 c1 50 2f bc 00 00 1c 00 2f 00 35 00 0a 00 05
00 04 00 39 00 38 00 16 00 13 00 33 00 32 00 09
00 15 00 12 01 00
1a 09 000060b5 (24757) 01 03 01
1a 0d 000060b5 (24757) 03 07 00 10 0e 00 00
1a 0c 000060b5 (24757) 01 06 00 04 03 01
21 04 35 39
NAS-Port-Type = Wireless-802.16
Service-Type = Framed-User
WiMAX-Available-In-Client = 99
WiMAX-BS-Id = 0x303030303230303630313030
WiMAX-Release = "1.1"
State = 0x24b58ee524399b133f64a76207b0b4c9
Message-Authenticator = 0xc1d7fbb3e898c893e85385fd59bf50f2
WiMAX-Accounting-Capabilities = Flow-Based
WiMAX-Hotlining-Capabilities = Hotline-Profile-Id
NAS-IP-Address = 192.168.98.201
Calling-Station-Id = "202bc168dc9d"
User-Name = "test_dhcp at test.com"
Event-Timestamp = "Aug 2 2012 11:44:17 CEST"
NAS-Identifier = "ITR_ASN-GW"
EAP-Message = 0x028c005615800000004c160301004701000043030100023812d0735fbaa53e0f786573bd5b45c21646156c735ce6e29727c1502fbc00001c002f0035000a000500040039003800160013003300320009001500120100
WiMAX-GMT-Timezone-offset = 269352960
WiMAX-Idle-Mode-Notification-Cap = Supported
Proxy-State = 0x3539
Thu Aug 2 11:44:00 2012 : Info: (1) # Executing section authorize from file /etc/raddb/sites-enabled/default
Thu Aug 2 11:44:00 2012 : Info: (1) group authorize {
Thu Aug 2 11:44:00 2012 : Info: (1) - entering group authorize {...}
Thu Aug 2 11:44:00 2012 : Info: (1) [preprocess] = ok
Thu Aug 2 11:44:00 2012 : Info: (1) [chap] = noop
Thu Aug 2 11:44:00 2012 : Info: (1) [mschap] = noop
Thu Aug 2 11:44:00 2012 : Info: (1) suffix : Looking up realm "test.com" for User-Name = "test_dhcp at test.com"
Thu Aug 2 11:44:00 2012 : Info: (1) suffix : Found realm "test.com"
Thu Aug 2 11:44:00 2012 : Info: (1) suffix : Adding Stripped-User-Name = "test_dhcp"
Thu Aug 2 11:44:00 2012 : Info: (1) suffix : Adding Realm = "test.com"
Thu Aug 2 11:44:00 2012 : Info: (1) suffix : Authentication realm is LOCAL.
Thu Aug 2 11:44:00 2012 : Info: (1) [suffix] = ok
Thu Aug 2 11:44:00 2012 : Info: (1) eap : EAP packet type response id 140 length 86
Thu Aug 2 11:44:00 2012 : Info: (1) eap : Continuing tunnel setup.
Thu Aug 2 11:44:00 2012 : Info: (1) [eap] = ok
Thu Aug 2 11:44:00 2012 : Info: (1) Found Auth-Type = EAP
Thu Aug 2 11:44:00 2012 : Info: (1) # Executing group from file /etc/raddb/sites-enabled/default
Thu Aug 2 11:44:00 2012 : Info: (1) group authenticate {
Thu Aug 2 11:44:00 2012 : Info: (1) - entering group authenticate {...}
Thu Aug 2 11:44:00 2012 : Info: (1) eap : Request found, released from the list
Thu Aug 2 11:44:00 2012 : Info: (1) eap : EAP/ttls
Thu Aug 2 11:44:00 2012 : Info: (1) eap : processing type ttls
Thu Aug 2 11:44:00 2012 : Info: (1) ttls : Authenticate
Thu Aug 2 11:44:00 2012 : Info: (1) ttls : processing EAP-TLS
Thu Aug 2 11:44:00 2012 : Debug: TLS Length 76
Thu Aug 2 11:44:00 2012 : Info: (1) ttls : Length Included
Thu Aug 2 11:44:00 2012 : Info: (1) ttls : eaptls_verify returned 11
Thu Aug 2 11:44:00 2012 : Info: (1) ttls : (other): before/accept initialization
Thu Aug 2 11:44:00 2012 : Info: (1) ttls : TLS_accept: before/accept initialization
Thu Aug 2 11:44:00 2012 : Info: (1) ttls : <<< TLS 1.0 Handshake [length 0047], ClientHello
Thu Aug 2 11:44:00 2012 : Info: (1) ttls : TLS_accept: SSLv3 read client hello A
Thu Aug 2 11:44:00 2012 : Info: (1) ttls : >>> TLS 1.0 Handshake [length 004a], ServerHello
Thu Aug 2 11:44:00 2012 : Info: (1) ttls : TLS_accept: SSLv3 write server hello A
Thu Aug 2 11:44:00 2012 : Info: (1) ttls : >>> TLS 1.0 Handshake [length 0a53], Certificate
Thu Aug 2 11:44:00 2012 : Info: (1) ttls : TLS_accept: SSLv3 write certificate A
Thu Aug 2 11:44:00 2012 : Info: (1) ttls : >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
Thu Aug 2 11:44:00 2012 : Info: (1) ttls : TLS_accept: SSLv3 write server done A
Thu Aug 2 11:44:00 2012 : Info: (1) ttls : TLS_accept: SSLv3 flush data
Thu Aug 2 11:44:00 2012 : Info: (1) ttls : TLS_accept: Need to read more data: SSLv3 read client certificate A
Thu Aug 2 11:44:00 2012 : Debug: In SSL Handshake Phase
Thu Aug 2 11:44:00 2012 : Debug: In SSL Accept mode
Thu Aug 2 11:44:00 2012 : Info: (1) ttls : eaptls_process returned 13
Thu Aug 2 11:44:00 2012 : Info: (1) [eap] = handled
Sending Access-Challenge of id 9 to 172.20.22.20 port 1814
EAP-Message = 0x018d03ec15c000000ab0160301004a020000460301501a4be0dab96a39d40f9c1addbcf3096f9cbe39e57791d15cf6433467f359ae20565df607042e9d7e0c0a64dae1b7a455956137cab8ab12f885919fe11a92d305002f001603010a530b000a4f000a4c00054e3082054a30820432a003020102020101300d06092a864886f70d01010505003081ac310b3009060355040613024954310b3009060355040813024d49310f300d060355040713064d696c616e6f31173015060355040a130e526574656c697420532e702e412e311b3019060355040b1312526574656c6974204e6574776f726b696e67312830260603550403131f526574656c6974
4f ff 01 8d 03 ec 15 c0 00 00 0a b0 16 03 01 00 4a 02
00 00 46 03 01 50 1a 4b e0 da b9 6a 39 d4 0f 9c
1a dd bc f3 09 6f 9c be 39 e5 77 91 d1 5c f6 43
34 67 f3 59 ae 20 56 5d f6 07 04 2e 9d 7e 0c 0a
64 da e1 b7 a4 55 95 61 37 ca b8 ab 12 f8 85 91
9f e1 1a 92 d3 05 00 2f 00 16 03 01 0a 53 0b 00
0a 4f 00 0a 4c 00 05 4e 30 82 05 4a 30 82 04 32
a0 03 02 01 02 02 01 01 30 0d 06 09 2a 86 48 86
f7 0d 01 01 05 05 00 30 81 ac 31 0b 30 09 06 03
55 04 06 13 02 49 54 31 0b 30 09 06 03 55 04 08
13 02 4d 49 31 0f 30 0d 06 03 55 04 07 13 06 4d
69 6c 61 6e 6f 31 17 30 15 06 03 55 04 0a 13 0e
52 65 74 65 6c 69 74 20 53 2e 70 2e 41 2e 31 1b
30 19 06 03 55 04 0b 13 12 52 65 74 65 6c 69 74
20 4e 65 74 77 6f 72 6b 69 6e 67 31 28 30 26 06
03 55 04 03 13 1f 52 65 74 65 6c 69 74
EAP-Message = 0x2043657274696669636174696f6e20417574686f72697479311f301d06092a864886f70d010901161061646d696e40726574656c69742e6974301e170d3039303331363134323730395a170d3139303331343134323730395a3081a2310b3009060355040613024954310b3009060355040813024d49310f300d060355040713064d696c616e6f31173015060355040a130e526574656c697420532e702e412e311b3019060355040b1312526574656c6974204e6574776f726b696e67311e301c0603550403131563736e6c33312e63736e2e726574656c69742e6974311f301d06092a864886f70d010901161061646d696e40726574656c69742e69
4f ff 20 43 65 72 74 69 66 69 63 61 74 69 6f 6e 20 41
75 74 68 6f 72 69 74 79 31 1f 30 1d 06 09 2a 86
48 86 f7 0d 01 09 01 16 10 61 64 6d 69 6e 40 72
65 74 65 6c 69 74 2e 69 74 30 1e 17 0d 30 39 30
33 31 36 31 34 32 37 30 39 5a 17 0d 31 39 30 33
31 34 31 34 32 37 30 39 5a 30 81 a2 31 0b 30 09
06 03 55 04 06 13 02 49 54 31 0b 30 09 06 03 55
04 08 13 02 4d 49 31 0f 30 0d 06 03 55 04 07 13
06 4d 69 6c 61 6e 6f 31 17 30 15 06 03 55 04 0a
13 0e 52 65 74 65 6c 69 74 20 53 2e 70 2e 41 2e
31 1b 30 19 06 03 55 04 0b 13 12 52 65 74 65 6c
69 74 20 4e 65 74 77 6f 72 6b 69 6e 67 31 1e 30
1c 06 03 55 04 03 13 15 63 73 6e 6c 33 31 2e 63
73 6e 2e 72 65 74 65 6c 69 74 2e 69 74 31 1f 30
1d 06 09 2a 86 48 86 f7 0d 01 09 01 16 10 61 64
6d 69 6e 40 72 65 74 65 6c 69 74 2e 69
EAP-Message = 0x7430820122300d06092a864886f70d01010105000382010f003082010a0282010100f1b783397e740af5228e340a80df90c8f161b1baf5984f5e0f5f54fc8795b0e065b07057e2ab483d2f71f2114854eaeed9aaa9c203a6636302d66162bd38724bffe3404cfa5fa21ae57ca359ad755ea1f56a3db387176d09208b7a4149ad6f668c8f579e376973b8372a9191aeca79c9dddbb2e15d3ac34d2acb317351ac3154799bc1c5675ee53ea75a1f2455edc369ce5bc75a41b9a84f386ffdb563d664157ea05961b78bbb8a62684260a394fd5db87d20baa9ee65965aba67b86ce9faf082cdc5ee838c0f1af7fbb6f7e14167c8496d6bd81f321664be8171
4f ff 74 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01
01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01
01 00 f1 b7 83 39 7e 74 0a f5 22 8e 34 0a 80 df
90 c8 f1 61 b1 ba f5 98 4f 5e 0f 5f 54 fc 87 95
b0 e0 65 b0 70 57 e2 ab 48 3d 2f 71 f2 11 48 54
ea ee d9 aa a9 c2 03 a6 63 63 02 d6 61 62 bd 38
72 4b ff e3 40 4c fa 5f a2 1a e5 7c a3 59 ad 75
5e a1 f5 6a 3d b3 87 17 6d 09 20 8b 7a 41 49 ad
6f 66 8c 8f 57 9e 37 69 73 b8 37 2a 91 91 ae ca
79 c9 dd db b2 e1 5d 3a c3 4d 2a cb 31 73 51 ac
31 54 79 9b c1 c5 67 5e e5 3e a7 5a 1f 24 55 ed
c3 69 ce 5b c7 5a 41 b9 a8 4f 38 6f fd b5 63 d6
64 15 7e a0 59 61 b7 8b bb 8a 62 68 42 60 a3 94
fd 5d b8 7d 20 ba a9 ee 65 96 5a ba 67 b8 6c e9
fa f0 82 cd c5 ee 83 8c 0f 1a f7 fb b6 f7 e1 41
67 c8 49 6d 6b d8 1f 32 16 64 be 81 71
EAP-Message = 0xb9d5750d861fce6cbe5b7e89fc82ec0dd05f607e589de31868f24c4eaa5cfdb01e3e0fc6690203010001a382017d3082017930090603551d1304023000301106096086480186f8420101040403020640303406096086480186f842010d04271625456173792d5253412047656e65726174656420536572766572204365727469666963617465301d0603551d0e04160414e1d906bbe96bedf6f02ed11801a6933b1b25348c3081e10603551d230481d93081d68014f6840cec87e99637cb020d7495c9435bb0da72e9a181b2a481af3081ac310b3009060355040613024954310b3009060355040813024d49310f300d0603550407
4f f7 b9 d5 75 0d 86 1f ce 6c be 5b 7e 89 fc 82 ec 0d
d0 5f 60 7e 58 9d e3 18 68 f2 4c 4e aa 5c fd b0
1e 3e 0f c6 69 02 03 01 00 01 a3 82 01 7d 30 82
01 79 30 09 06 03 55 1d 13 04 02 30 00 30 11 06
09 60 86 48 01 86 f8 42 01 01 04 04 03 02 06 40
30 34 06 09 60 86 48 01 86 f8 42 01 0d 04 27 16
25 45 61 73 79 2d 52 53 41 20 47 65 6e 65 72 61
74 65 64 20 53 65 72 76 65 72 20 43 65 72 74 69
66 69 63 61 74 65 30 1d 06 03 55 1d 0e 04 16 04
14 e1 d9 06 bb e9 6b ed f6 f0 2e d1 18 01 a6 93
3b 1b 25 34 8c 30 81 e1 06 03 55 1d 23 04 81 d9
30 81 d6 80 14 f6 84 0c ec 87 e9 96 37 cb 02 0d
74 95 c9 43 5b b0 da 72 e9 a1 81 b2 a4 81 af 30
81 ac 31 0b 30 09 06 03 55 04 06 13 02 49 54 31
0b 30 09 06 03 55 04 08 13 02 4d 49 31 0f 30 0d
06 03 55 04 07
Message-Authenticator = 0x00000000000000000000000000000000
50 12 ...
State = 0x24b58ee525389b133f64a76207b0b4c9
18 12 24 b5 8e e5 25 38 9b 13 3f 64 a7 62 07 b0 b4 c9
Proxy-State = 0x3539
21 04 35 39
Code: 11
Id: 9
Length: 1072
Vector: 7a6dafb58506e4773e292fec10b72515
Data: 4f ff 01 8d 03 ec 15 c0 00 00 0a b0 16 03 01 00 4a 02
00 00 46 03 01 50 1a 4b e0 da b9 6a 39 d4 0f 9c
1a dd bc f3 09 6f 9c be 39 e5 77 91 d1 5c f6 43
34 67 f3 59 ae 20 56 5d f6 07 04 2e 9d 7e 0c 0a
64 da e1 b7 a4 55 95 61 37 ca b8 ab 12 f8 85 91
9f e1 1a 92 d3 05 00 2f 00 16 03 01 0a 53 0b 00
0a 4f 00 0a 4c 00 05 4e 30 82 05 4a 30 82 04 32
a0 03 02 01 02 02 01 01 30 0d 06 09 2a 86 48 86
f7 0d 01 01 05 05 00 30 81 ac 31 0b 30 09 06 03
55 04 06 13 02 49 54 31 0b 30 09 06 03 55 04 08
13 02 4d 49 31 0f 30 0d 06 03 55 04 07 13 06 4d
69 6c 61 6e 6f 31 17 30 15 06 03 55 04 0a 13 0e
52 65 74 65 6c 69 74 20 53 2e 70 2e 41 2e 31 1b
30 19 06 03 55 04 0b 13 12 52 65 74 65 6c 69 74
20 4e 65 74 77 6f 72 6b 69 6e 67 31 28 30 26 06
03 55 04 03 13 1f 52 65 74 65 6c 69 74
4f ff 20 43 65 72 74 69 66 69 63 61 74 69 6f 6e 20 41
75 74 68 6f 72 69 74 79 31 1f 30 1d 06 09 2a 86
48 86 f7 0d 01 09 01 16 10 61 64 6d 69 6e 40 72
65 74 65 6c 69 74 2e 69 74 30 1e 17 0d 30 39 30
33 31 36 31 34 32 37 30 39 5a 17 0d 31 39 30 33
31 34 31 34 32 37 30 39 5a 30 81 a2 31 0b 30 09
06 03 55 04 06 13 02 49 54 31 0b 30 09 06 03 55
04 08 13 02 4d 49 31 0f 30 0d 06 03 55 04 07 13
06 4d 69 6c 61 6e 6f 31 17 30 15 06 03 55 04 0a
13 0e 52 65 74 65 6c 69 74 20 53 2e 70 2e 41 2e
31 1b 30 19 06 03 55 04 0b 13 12 52 65 74 65 6c
69 74 20 4e 65 74 77 6f 72 6b 69 6e 67 31 1e 30
1c 06 03 55 04 03 13 15 63 73 6e 6c 33 31 2e 63
73 6e 2e 72 65 74 65 6c 69 74 2e 69 74 31 1f 30
1d 06 09 2a 86 48 86 f7 0d 01 09 01 16 10 61 64
6d 69 6e 40 72 65 74 65 6c 69 74 2e 69
4f ff 74 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01
01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01
01 00 f1 b7 83 39 7e 74 0a f5 22 8e 34 0a 80 df
90 c8 f1 61 b1 ba f5 98 4f 5e 0f 5f 54 fc 87 95
b0 e0 65 b0 70 57 e2 ab 48 3d 2f 71 f2 11 48 54
ea ee d9 aa a9 c2 03 a6 63 63 02 d6 61 62 bd 38
72 4b ff e3 40 4c fa 5f a2 1a e5 7c a3 59 ad 75
5e a1 f5 6a 3d b3 87 17 6d 09 20 8b 7a 41 49 ad
6f 66 8c 8f 57 9e 37 69 73 b8 37 2a 91 91 ae ca
79 c9 dd db b2 e1 5d 3a c3 4d 2a cb 31 73 51 ac
31 54 79 9b c1 c5 67 5e e5 3e a7 5a 1f 24 55 ed
c3 69 ce 5b c7 5a 41 b9 a8 4f 38 6f fd b5 63 d6
64 15 7e a0 59 61 b7 8b bb 8a 62 68 42 60 a3 94
fd 5d b8 7d 20 ba a9 ee 65 96 5a ba 67 b8 6c e9
fa f0 82 cd c5 ee 83 8c 0f 1a f7 fb b6 f7 e1 41
67 c8 49 6d 6b d8 1f 32 16 64 be 81 71
4f f7 b9 d5 75 0d 86 1f ce 6c be 5b 7e 89 fc 82 ec 0d
d0 5f 60 7e 58 9d e3 18 68 f2 4c 4e aa 5c fd b0
1e 3e 0f c6 69 02 03 01 00 01 a3 82 01 7d 30 82
01 79 30 09 06 03 55 1d 13 04 02 30 00 30 11 06
09 60 86 48 01 86 f8 42 01 01 04 04 03 02 06 40
30 34 06 09 60 86 48 01 86 f8 42 01 0d 04 27 16
25 45 61 73 79 2d 52 53 41 20 47 65 6e 65 72 61
74 65 64 20 53 65 72 76 65 72 20 43 65 72 74 69
66 69 63 61 74 65 30 1d 06 03 55 1d 0e 04 16 04
14 e1 d9 06 bb e9 6b ed f6 f0 2e d1 18 01 a6 93
3b 1b 25 34 8c 30 81 e1 06 03 55 1d 23 04 81 d9
30 81 d6 80 14 f6 84 0c ec 87 e9 96 37 cb 02 0d
74 95 c9 43 5b b0 da 72 e9 a1 81 b2 a4 81 af 30
81 ac 31 0b 30 09 06 03 55 04 06 13 02 49 54 31
0b 30 09 06 03 55 04 08 13 02 4d 49 31 0f 30 0d
06 03 55 04 07
50 12 ed 5e 14 f5 43 28 e2 a9 ac ed e1 b4 5e d0 eb 8e
18 12 24 b5 8e e5 25 38 9b 13 3f 64 a7 62 07 b0 b4 c9
21 04 35 39
Thu Aug 2 11:44:00 2012 : Info: (1) Finished request 1.
Thu Aug 2 11:44:00 2012 : Debug: Waking up in 0.1 seconds.
rad_recv: Access-Request packet from host 172.20.22.20 port 1814, id=175, length=247
Code: 1
Id: 175
Length: 247
Vector: c52f1c2433cac03db515a2b154841589
Data: 3d 06 00 00 00 1b
06 06 00 00 00 02
1a 0f 000060b5 (24757) 23 09 00 01 06 00 00 00 63
1a 15 000060b5 (24757) 2e 0f 00 30 30 30 30 32 30 30 36 30 31 30 30
1a 0e 000060b5 (24757) 01 08 00 01 05 31 2e 31
18 12 24 b5 8e e5 25 38 9b 13 3f 64 a7 62 07 b0 b4 c9
50 12 be 3b 00 da 3b 1e 65 5c e3 d8 98 22 05 76 17 da
1a 0c 000060b5 (24757) 01 06 00 02 03 02
1a 0c 000060b5 (24757) 01 06 00 03 03 01
04 06 c0 a8 62 c9
1f 0e 32 30 32 62 63 31 36 38 64 63 39 64
01 14 74 65 73 74 5f 64 68 63 70 40 74 65 73 74 2e 63
6f 6d
37 06 50 1a 4b f1
20 0c 49 54 52 5f 41 53 4e 2d 47 57
4f 08 02 8d 00 06 15 00
1a 09 000060b5 (24757) 01 03 01
1a 0d 000060b5 (24757) 03 07 00 10 0e 00 00
1a 0c 000060b5 (24757) 01 06 00 04 03 01
21 05 31 31 32
NAS-Port-Type = Wireless-802.16
Service-Type = Framed-User
WiMAX-Available-In-Client = 99
WiMAX-BS-Id = 0x303030303230303630313030
WiMAX-Release = "1.1"
State = 0x24b58ee525389b133f64a76207b0b4c9
Message-Authenticator = 0xbe3b00da3b1e655ce3d89822057617da
WiMAX-Accounting-Capabilities = Flow-Based
WiMAX-Hotlining-Capabilities = Hotline-Profile-Id
NAS-IP-Address = 192.168.98.201
Calling-Station-Id = "202bc168dc9d"
User-Name = "test_dhcp at test.com"
Event-Timestamp = "Aug 2 2012 11:44:17 CEST"
NAS-Identifier = "ITR_ASN-GW"
EAP-Message = 0x028d00061500
WiMAX-GMT-Timezone-offset = 269352960
WiMAX-Idle-Mode-Notification-Cap = Supported
Proxy-State = 0x313132
Thu Aug 2 11:44:00 2012 : Info: (2) # Executing section authorize from file /etc/raddb/sites-enabled/default
Thu Aug 2 11:44:00 2012 : Info: (2) group authorize {
Thu Aug 2 11:44:00 2012 : Info: (2) - entering group authorize {...}
Thu Aug 2 11:44:00 2012 : Info: (2) [preprocess] = ok
Thu Aug 2 11:44:00 2012 : Info: (2) [chap] = noop
Thu Aug 2 11:44:00 2012 : Info: (2) [mschap] = noop
Thu Aug 2 11:44:00 2012 : Info: (2) suffix : Looking up realm "test.com" for User-Name = "test_dhcp at test.com"
Thu Aug 2 11:44:00 2012 : Info: (2) suffix : Found realm "test.com"
Thu Aug 2 11:44:00 2012 : Info: (2) suffix : Adding Stripped-User-Name = "test_dhcp"
Thu Aug 2 11:44:00 2012 : Info: (2) suffix : Adding Realm = "test.com"
Thu Aug 2 11:44:00 2012 : Info: (2) suffix : Authentication realm is LOCAL.
Thu Aug 2 11:44:00 2012 : Info: (2) [suffix] = ok
Thu Aug 2 11:44:00 2012 : Info: (2) eap : EAP packet type response id 141 length 6
Thu Aug 2 11:44:00 2012 : Info: (2) eap : Continuing tunnel setup.
Thu Aug 2 11:44:00 2012 : Info: (2) [eap] = ok
Thu Aug 2 11:44:00 2012 : Info: (2) Found Auth-Type = EAP
Thu Aug 2 11:44:00 2012 : Info: (2) # Executing group from file /etc/raddb/sites-enabled/default
Thu Aug 2 11:44:00 2012 : Info: (2) group authenticate {
Thu Aug 2 11:44:00 2012 : Info: (2) - entering group authenticate {...}
Thu Aug 2 11:44:00 2012 : Info: (2) eap : Request found, released from the list
Thu Aug 2 11:44:00 2012 : Info: (2) eap : EAP/ttls
Thu Aug 2 11:44:00 2012 : Info: (2) eap : processing type ttls
Thu Aug 2 11:44:00 2012 : Info: (2) ttls : Authenticate
Thu Aug 2 11:44:00 2012 : Info: (2) ttls : processing EAP-TLS
Thu Aug 2 11:44:00 2012 : Info: (2) ttls : Received TLS ACK
Thu Aug 2 11:44:00 2012 : Info: (2) ttls : Received TLS ACK
Thu Aug 2 11:44:00 2012 : Info: (2) ttls : ACK handshake fragment handler
Thu Aug 2 11:44:00 2012 : Info: (2) ttls : eaptls_verify returned 1
Thu Aug 2 11:44:00 2012 : Info: (2) ttls : eaptls_process returned 13
Thu Aug 2 11:44:00 2012 : Info: (2) [eap] = handled
Sending Access-Challenge of id 175 to 172.20.22.20 port 1814
EAP-Message = 0x018e03ec15c000000ab013064d696c616e6f31173015060355040a130e526574656c697420532e702e412e311b3019060355040b1312526574656c6974204e6574776f726b696e67312830260603550403131f526574656c69742043657274696669636174696f6e20417574686f72697479311f301d06092a864886f70d010901161061646d696e40726574656c69742e69748209009d1393ce43f4866330130603551d25040c300a06082b06010505070301300b0603551d0f0404030205a0300d06092a864886f70d010105050003820101000a3284106b517878ed608c9845f13db7cc78598772d16cfe8bf1d23272819dd64f79e61cc7c110e146
4f ff 01 8e 03 ec 15 c0 00 00 0a b0 13 06 4d 69 6c 61
6e 6f 31 17 30 15 06 03 55 04 0a 13 0e 52 65 74
65 6c 69 74 20 53 2e 70 2e 41 2e 31 1b 30 19 06
03 55 04 0b 13 12 52 65 74 65 6c 69 74 20 4e 65
74 77 6f 72 6b 69 6e 67 31 28 30 26 06 03 55 04
03 13 1f 52 65 74 65 6c 69 74 20 43 65 72 74 69
66 69 63 61 74 69 6f 6e 20 41 75 74 68 6f 72 69
74 79 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01 09
01 16 10 61 64 6d 69 6e 40 72 65 74 65 6c 69 74
2e 69 74 82 09 00 9d 13 93 ce 43 f4 86 63 30 13
06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05
07 03 01 30 0b 06 03 55 1d 0f 04 04 03 02 05 a0
30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03
82 01 01 00 0a 32 84 10 6b 51 78 78 ed 60 8c 98
45 f1 3d b7 cc 78 59 87 72 d1 6c fe 8b f1 d2 32
72 81 9d d6 4f 79 e6 1c c7 c1 10 e1 46
EAP-Message = 0xdfd5f63cc5b69e737a76d144d935d0bb0652bd3be9f4b6e419d128c1a8ad60e78cf9d238a48b520efc7c8e871c1059d1e88665401b8bae1ae7168543f3018ef425350a30dee047189e294e2205ca57a0ec1591ef92da9e312efd44feeabf4d8c1ffa92e8d7a507571b118ad060b3fb36117a0887e51821ed6f940e0e78dbaac7573e88bc9c18dd5eb0a16f41e35891b6d1d13fe136b7b5898560b321242137ed28fa79df88a89ba3ebf3277ffe8ce98ac8e26132da110bf1f67e47bd1f04b8d66a436fc998692ec40fa39b6e6c690450c5bfbe6617fa9e0004f8308204f4308203dca0030201020209009d1393ce43f48663300d06092a864886f70d01
4f ff df d5 f6 3c c5 b6 9e 73 7a 76 d1 44 d9 35 d0 bb
06 52 bd 3b e9 f4 b6 e4 19 d1 28 c1 a8 ad 60 e7
8c f9 d2 38 a4 8b 52 0e fc 7c 8e 87 1c 10 59 d1
e8 86 65 40 1b 8b ae 1a e7 16 85 43 f3 01 8e f4
25 35 0a 30 de e0 47 18 9e 29 4e 22 05 ca 57 a0
ec 15 91 ef 92 da 9e 31 2e fd 44 fe ea bf 4d 8c
1f fa 92 e8 d7 a5 07 57 1b 11 8a d0 60 b3 fb 36
11 7a 08 87 e5 18 21 ed 6f 94 0e 0e 78 db aa c7
57 3e 88 bc 9c 18 dd 5e b0 a1 6f 41 e3 58 91 b6
d1 d1 3f e1 36 b7 b5 89 85 60 b3 21 24 21 37 ed
28 fa 79 df 88 a8 9b a3 eb f3 27 7f fe 8c e9 8a
c8 e2 61 32 da 11 0b f1 f6 7e 47 bd 1f 04 b8 d6
6a 43 6f c9 98 69 2e c4 0f a3 9b 6e 6c 69 04 50
c5 bf be 66 17 fa 9e 00 04 f8 30 82 04 f4 30 82
03 dc a0 03 02 01 02 02 09 00 9d 13 93 ce 43 f4
86 63 30 0d 06 09 2a 86 48 86 f7 0d 01
EAP-Message = 0x010505003081ac310b3009060355040613024954310b3009060355040813024d49310f300d060355040713064d696c616e6f31173015060355040a130e526574656c697420532e702e412e311b3019060355040b1312526574656c6974204e6574776f726b696e67312830260603550403131f526574656c69742043657274696669636174696f6e20417574686f72697479311f301d06092a864886f70d010901161061646d696e40726574656c69742e6974301e170d3039303331363134323633325a170d3139303331343134323633325a3081ac310b3009060355040613024954310b3009060355040813024d49310f300d060355040713064d69
4f ff 01 05 05 00 30 81 ac 31 0b 30 09 06 03 55 04 06
13 02 49 54 31 0b 30 09 06 03 55 04 08 13 02 4d
49 31 0f 30 0d 06 03 55 04 07 13 06 4d 69 6c 61
6e 6f 31 17 30 15 06 03 55 04 0a 13 0e 52 65 74
65 6c 69 74 20 53 2e 70 2e 41 2e 31 1b 30 19 06
03 55 04 0b 13 12 52 65 74 65 6c 69 74 20 4e 65
74 77 6f 72 6b 69 6e 67 31 28 30 26 06 03 55 04
03 13 1f 52 65 74 65 6c 69 74 20 43 65 72 74 69
66 69 63 61 74 69 6f 6e 20 41 75 74 68 6f 72 69
74 79 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01 09
01 16 10 61 64 6d 69 6e 40 72 65 74 65 6c 69 74
2e 69 74 30 1e 17 0d 30 39 30 33 31 36 31 34 32
36 33 32 5a 17 0d 31 39 30 33 31 34 31 34 32 36
33 32 5a 30 81 ac 31 0b 30 09 06 03 55 04 06 13
02 49 54 31 0b 30 09 06 03 55 04 08 13 02 4d 49
31 0f 30 0d 06 03 55 04 07 13 06 4d 69
EAP-Message = 0x6c616e6f31173015060355040a130e526574656c697420532e702e412e311b3019060355040b1312526574656c6974204e6574776f726b696e67312830260603550403131f526574656c69742043657274696669636174696f6e20417574686f72697479311f301d06092a864886f70d010901161061646d696e40726574656c69742e697430820122300d06092a864886f70d01010105000382010f003082010a0282010100d49d4e9df67bf0340167476e7e73cace9b447a5811de6690b1a6210f4d6936b7a7611f23d00d22e46cf0713e3e899f41f0339ef521274d0324f258144a5575e3bc41c03167cf984824b060c23f850e
4f f7 6c 61 6e 6f 31 17 30 15 06 03 55 04 0a 13 0e 52
65 74 65 6c 69 74 20 53 2e 70 2e 41 2e 31 1b 30
19 06 03 55 04 0b 13 12 52 65 74 65 6c 69 74 20
4e 65 74 77 6f 72 6b 69 6e 67 31 28 30 26 06 03
55 04 03 13 1f 52 65 74 65 6c 69 74 20 43 65 72
74 69 66 69 63 61 74 69 6f 6e 20 41 75 74 68 6f
72 69 74 79 31 1f 30 1d 06 09 2a 86 48 86 f7 0d
01 09 01 16 10 61 64 6d 69 6e 40 72 65 74 65 6c
69 74 2e 69 74 30 82 01 22 30 0d 06 09 2a 86 48
86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01
0a 02 82 01 01 00 d4 9d 4e 9d f6 7b f0 34 01 67
47 6e 7e 73 ca ce 9b 44 7a 58 11 de 66 90 b1 a6
21 0f 4d 69 36 b7 a7 61 1f 23 d0 0d 22 e4 6c f0
71 3e 3e 89 9f 41 f0 33 9e f5 21 27 4d 03 24 f2
58 14 4a 55 75 e3 bc 41 c0 31 67 cf 98 48 24 b0
60 c2 3f 85 0e
Message-Authenticator = 0x00000000000000000000000000000000
50 12 ...
State = 0x24b58ee5263b9b133f64a76207b0b4c9
18 12 24 b5 8e e5 26 3b 9b 13 3f 64 a7 62 07 b0 b4 c9
Proxy-State = 0x313132
21 05 31 31 32
Code: 11
Id: 175
Length: 1073
Vector: cbc6b255ba077d4a8d3dbd53964572c1
Data: 4f ff 01 8e 03 ec 15 c0 00 00 0a b0 13 06 4d 69 6c 61
6e 6f 31 17 30 15 06 03 55 04 0a 13 0e 52 65 74
65 6c 69 74 20 53 2e 70 2e 41 2e 31 1b 30 19 06
03 55 04 0b 13 12 52 65 74 65 6c 69 74 20 4e 65
74 77 6f 72 6b 69 6e 67 31 28 30 26 06 03 55 04
03 13 1f 52 65 74 65 6c 69 74 20 43 65 72 74 69
66 69 63 61 74 69 6f 6e 20 41 75 74 68 6f 72 69
74 79 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01 09
01 16 10 61 64 6d 69 6e 40 72 65 74 65 6c 69 74
2e 69 74 82 09 00 9d 13 93 ce 43 f4 86 63 30 13
06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05
07 03 01 30 0b 06 03 55 1d 0f 04 04 03 02 05 a0
30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03
82 01 01 00 0a 32 84 10 6b 51 78 78 ed 60 8c 98
45 f1 3d b7 cc 78 59 87 72 d1 6c fe 8b f1 d2 32
72 81 9d d6 4f 79 e6 1c c7 c1 10 e1 46
4f ff df d5 f6 3c c5 b6 9e 73 7a 76 d1 44 d9 35 d0 bb
06 52 bd 3b e9 f4 b6 e4 19 d1 28 c1 a8 ad 60 e7
8c f9 d2 38 a4 8b 52 0e fc 7c 8e 87 1c 10 59 d1
e8 86 65 40 1b 8b ae 1a e7 16 85 43 f3 01 8e f4
25 35 0a 30 de e0 47 18 9e 29 4e 22 05 ca 57 a0
ec 15 91 ef 92 da 9e 31 2e fd 44 fe ea bf 4d 8c
1f fa 92 e8 d7 a5 07 57 1b 11 8a d0 60 b3 fb 36
11 7a 08 87 e5 18 21 ed 6f 94 0e 0e 78 db aa c7
57 3e 88 bc 9c 18 dd 5e b0 a1 6f 41 e3 58 91 b6
d1 d1 3f e1 36 b7 b5 89 85 60 b3 21 24 21 37 ed
28 fa 79 df 88 a8 9b a3 eb f3 27 7f fe 8c e9 8a
c8 e2 61 32 da 11 0b f1 f6 7e 47 bd 1f 04 b8 d6
6a 43 6f c9 98 69 2e c4 0f a3 9b 6e 6c 69 04 50
c5 bf be 66 17 fa 9e 00 04 f8 30 82 04 f4 30 82
03 dc a0 03 02 01 02 02 09 00 9d 13 93 ce 43 f4
86 63 30 0d 06 09 2a 86 48 86 f7 0d 01
4f ff 01 05 05 00 30 81 ac 31 0b 30 09 06 03 55 04 06
13 02 49 54 31 0b 30 09 06 03 55 04 08 13 02 4d
49 31 0f 30 0d 06 03 55 04 07 13 06 4d 69 6c 61
6e 6f 31 17 30 15 06 03 55 04 0a 13 0e 52 65 74
65 6c 69 74 20 53 2e 70 2e 41 2e 31 1b 30 19 06
03 55 04 0b 13 12 52 65 74 65 6c 69 74 20 4e 65
74 77 6f 72 6b 69 6e 67 31 28 30 26 06 03 55 04
03 13 1f 52 65 74 65 6c 69 74 20 43 65 72 74 69
66 69 63 61 74 69 6f 6e 20 41 75 74 68 6f 72 69
74 79 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01 09
01 16 10 61 64 6d 69 6e 40 72 65 74 65 6c 69 74
2e 69 74 30 1e 17 0d 30 39 30 33 31 36 31 34 32
36 33 32 5a 17 0d 31 39 30 33 31 34 31 34 32 36
33 32 5a 30 81 ac 31 0b 30 09 06 03 55 04 06 13
02 49 54 31 0b 30 09 06 03 55 04 08 13 02 4d 49
31 0f 30 0d 06 03 55 04 07 13 06 4d 69
4f f7 6c 61 6e 6f 31 17 30 15 06 03 55 04 0a 13 0e 52
65 74 65 6c 69 74 20 53 2e 70 2e 41 2e 31 1b 30
19 06 03 55 04 0b 13 12 52 65 74 65 6c 69 74 20
4e 65 74 77 6f 72 6b 69 6e 67 31 28 30 26 06 03
55 04 03 13 1f 52 65 74 65 6c 69 74 20 43 65 72
74 69 66 69 63 61 74 69 6f 6e 20 41 75 74 68 6f
72 69 74 79 31 1f 30 1d 06 09 2a 86 48 86 f7 0d
01 09 01 16 10 61 64 6d 69 6e 40 72 65 74 65 6c
69 74 2e 69 74 30 82 01 22 30 0d 06 09 2a 86 48
86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01
0a 02 82 01 01 00 d4 9d 4e 9d f6 7b f0 34 01 67
47 6e 7e 73 ca ce 9b 44 7a 58 11 de 66 90 b1 a6
21 0f 4d 69 36 b7 a7 61 1f 23 d0 0d 22 e4 6c f0
71 3e 3e 89 9f 41 f0 33 9e f5 21 27 4d 03 24 f2
58 14 4a 55 75 e3 bc 41 c0 31 67 cf 98 48 24 b0
60 c2 3f 85 0e
50 12 b5 39 01 4f 6d b7 87 77 c2 68 65 13 1a 90 cf 02
18 12 24 b5 8e e5 26 3b 9b 13 3f 64 a7 62 07 b0 b4 c9
21 05 31 31 32
Thu Aug 2 11:44:00 2012 : Info: (2) Finished request 2.
Thu Aug 2 11:44:00 2012 : Debug: Waking up in 0.1 seconds.
rad_recv: Access-Request packet from host 172.20.22.20 port 1814, id=249, length=247
Code: 1
Id: 249
Length: 247
Vector: 6b146d307e2896b41b134626883bf6c1
Data: 3d 06 00 00 00 1b
06 06 00 00 00 02
1a 0f 000060b5 (24757) 23 09 00 01 06 00 00 00 63
1a 15 000060b5 (24757) 2e 0f 00 30 30 30 30 32 30 30 36 30 31 30 30
1a 0e 000060b5 (24757) 01 08 00 01 05 31 2e 31
18 12 24 b5 8e e5 26 3b 9b 13 3f 64 a7 62 07 b0 b4 c9
50 12 b4 7d b3 c1 ae bb 6b ac ad a8 8c 48 b8 e5 56 be
1a 0c 000060b5 (24757) 01 06 00 02 03 02
1a 0c 000060b5 (24757) 01 06 00 03 03 01
04 06 c0 a8 62 c9
1f 0e 32 30 32 62 63 31 36 38 64 63 39 64
01 14 74 65 73 74 5f 64 68 63 70 40 74 65 73 74 2e 63
6f 6d
37 06 50 1a 4b f1
20 0c 49 54 52 5f 41 53 4e 2d 47 57
4f 08 02 8e 00 06 15 00
1a 09 000060b5 (24757) 01 03 01
1a 0d 000060b5 (24757) 03 07 00 10 0e 00 00
1a 0c 000060b5 (24757) 01 06 00 04 03 01
21 05 31 37 30
NAS-Port-Type = Wireless-802.16
Service-Type = Framed-User
WiMAX-Available-In-Client = 99
WiMAX-BS-Id = 0x303030303230303630313030
WiMAX-Release = "1.1"
State = 0x24b58ee5263b9b133f64a76207b0b4c9
Message-Authenticator = 0xb47db3c1aebb6bacada88c48b8e556be
WiMAX-Accounting-Capabilities = Flow-Based
WiMAX-Hotlining-Capabilities = Hotline-Profile-Id
NAS-IP-Address = 192.168.98.201
Calling-Station-Id = "202bc168dc9d"
User-Name = "test_dhcp at test.com"
Event-Timestamp = "Aug 2 2012 11:44:17 CEST"
NAS-Identifier = "ITR_ASN-GW"
EAP-Message = 0x028e00061500
WiMAX-GMT-Timezone-offset = 269352960
WiMAX-Idle-Mode-Notification-Cap = Supported
Proxy-State = 0x313730
Thu Aug 2 11:44:00 2012 : Info: (3) # Executing section authorize from file /etc/raddb/sites-enabled/default
Thu Aug 2 11:44:00 2012 : Info: (3) group authorize {
Thu Aug 2 11:44:00 2012 : Info: (3) - entering group authorize {...}
Thu Aug 2 11:44:00 2012 : Info: (3) [preprocess] = ok
Thu Aug 2 11:44:00 2012 : Info: (3) [chap] = noop
Thu Aug 2 11:44:00 2012 : Info: (3) [mschap] = noop
Thu Aug 2 11:44:00 2012 : Info: (3) suffix : Looking up realm "test.com" for User-Name = "test_dhcp at test.com"
Thu Aug 2 11:44:00 2012 : Info: (3) suffix : Found realm "test.com"
Thu Aug 2 11:44:00 2012 : Info: (3) suffix : Adding Stripped-User-Name = "test_dhcp"
Thu Aug 2 11:44:00 2012 : Info: (3) suffix : Adding Realm = "test.com"
Thu Aug 2 11:44:00 2012 : Info: (3) suffix : Authentication realm is LOCAL.
Thu Aug 2 11:44:00 2012 : Info: (3) [suffix] = ok
Thu Aug 2 11:44:00 2012 : Info: (3) eap : EAP packet type response id 142 length 6
Thu Aug 2 11:44:00 2012 : Info: (3) eap : Continuing tunnel setup.
Thu Aug 2 11:44:00 2012 : Info: (3) [eap] = ok
Thu Aug 2 11:44:00 2012 : Info: (3) Found Auth-Type = EAP
Thu Aug 2 11:44:00 2012 : Info: (3) # Executing group from file /etc/raddb/sites-enabled/default
Thu Aug 2 11:44:00 2012 : Info: (3) group authenticate {
Thu Aug 2 11:44:00 2012 : Info: (3) - entering group authenticate {...}
Thu Aug 2 11:44:00 2012 : Info: (3) eap : Request found, released from the list
Thu Aug 2 11:44:00 2012 : Info: (3) eap : EAP/ttls
Thu Aug 2 11:44:00 2012 : Info: (3) eap : processing type ttls
Thu Aug 2 11:44:00 2012 : Info: (3) ttls : Authenticate
Thu Aug 2 11:44:00 2012 : Info: (3) ttls : processing EAP-TLS
Thu Aug 2 11:44:00 2012 : Info: (3) ttls : Received TLS ACK
Thu Aug 2 11:44:00 2012 : Info: (3) ttls : Received TLS ACK
Thu Aug 2 11:44:00 2012 : Info: (3) ttls : ACK handshake fragment handler
Thu Aug 2 11:44:00 2012 : Info: (3) ttls : eaptls_verify returned 1
Thu Aug 2 11:44:00 2012 : Info: (3) ttls : eaptls_process returned 13
Thu Aug 2 11:44:00 2012 : Info: (3) [eap] = handled
Sending Access-Challenge of id 249 to 172.20.22.20 port 1814
EAP-Message = 0x018f02f6158000000ab06b3f7de87b74c45d6cd9b921aa2a49051a202170d89c4edf05d2f39a328548066fe9ce4aebe08494144cb7377f178f7b9862de098ea9cd7097d8677e72b7284c8298d7bde42d497acfb42ded6e6d533116289a93f3a0567a02ea696229e1191c1404f9f44060c0135013921517e42d4da4c212a0782be22ac96b37cc4fd8061d7eee00ddd5e5d9f793252d517f88257c53255b6dd0a7609d7b5011bd19fa5c7f7e88a676e2a11000af96391d54b670bd1d0203010001a382011530820111301d0603551d0e04160414f6840cec87e99637cb020d7495c9435bb0da72e93081e10603551d230481d93081d68014f6840cec87e9
4f ff 01 8f 02 f6 15 80 00 00 0a b0 6b 3f 7d e8 7b 74
c4 5d 6c d9 b9 21 aa 2a 49 05 1a 20 21 70 d8 9c
4e df 05 d2 f3 9a 32 85 48 06 6f e9 ce 4a eb e0
84 94 14 4c b7 37 7f 17 8f 7b 98 62 de 09 8e a9
cd 70 97 d8 67 7e 72 b7 28 4c 82 98 d7 bd e4 2d
49 7a cf b4 2d ed 6e 6d 53 31 16 28 9a 93 f3 a0
56 7a 02 ea 69 62 29 e1 19 1c 14 04 f9 f4 40 60
c0 13 50 13 92 15 17 e4 2d 4d a4 c2 12 a0 78 2b
e2 2a c9 6b 37 cc 4f d8 06 1d 7e ee 00 dd d5 e5
d9 f7 93 25 2d 51 7f 88 25 7c 53 25 5b 6d d0 a7
60 9d 7b 50 11 bd 19 fa 5c 7f 7e 88 a6 76 e2 a1
10 00 af 96 39 1d 54 b6 70 bd 1d 02 03 01 00 01
a3 82 01 15 30 82 01 11 30 1d 06 03 55 1d 0e 04
16 04 14 f6 84 0c ec 87 e9 96 37 cb 02 0d 74 95
c9 43 5b b0 da 72 e9 30 81 e1 06 03 55 1d 23 04
81 d9 30 81 d6 80 14 f6 84 0c ec 87 e9
EAP-Message = 0x9637cb020d7495c9435bb0da72e9a181b2a481af3081ac310b3009060355040613024954310b3009060355040813024d49310f300d060355040713064d696c616e6f31173015060355040a130e526574656c697420532e702e412e311b3019060355040b1312526574656c6974204e6574776f726b696e67312830260603550403131f526574656c69742043657274696669636174696f6e20417574686f72697479311f301d06092a864886f70d010901161061646d696e40726574656c69742e69748209009d1393ce43f48663300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100c322a6c3f6e96dc1a6da4f6c54
4f ff 96 37 cb 02 0d 74 95 c9 43 5b b0 da 72 e9 a1 81
b2 a4 81 af 30 81 ac 31 0b 30 09 06 03 55 04 06
13 02 49 54 31 0b 30 09 06 03 55 04 08 13 02 4d
49 31 0f 30 0d 06 03 55 04 07 13 06 4d 69 6c 61
6e 6f 31 17 30 15 06 03 55 04 0a 13 0e 52 65 74
65 6c 69 74 20 53 2e 70 2e 41 2e 31 1b 30 19 06
03 55 04 0b 13 12 52 65 74 65 6c 69 74 20 4e 65
74 77 6f 72 6b 69 6e 67 31 28 30 26 06 03 55 04
03 13 1f 52 65 74 65 6c 69 74 20 43 65 72 74 69
66 69 63 61 74 69 6f 6e 20 41 75 74 68 6f 72 69
74 79 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01 09
01 16 10 61 64 6d 69 6e 40 72 65 74 65 6c 69 74
2e 69 74 82 09 00 9d 13 93 ce 43 f4 86 63 30 0c
06 03 55 1d 13 04 05 30 03 01 01 ff 30 0d 06 09
2a 86 48 86 f7 0d 01 01 05 05 00 03 82 01 01 00
c3 22 a6 c3 f6 e9 6d c1 a6 da 4f 6c 54
EAP-Message = 0xec43da8d1d559ed4ce5d26a6cf9e3a7bc1b570d41ad3acc31d40b9c86222fb80b66d98155ac6540a378165e8c4f6631b952193c4c7439db504164307a04c2e8d2367f86ced03b034d71fc642e6ebaf26b0ded11e791a004a1585cdac763940d0230ba99208911ee97b452ab123756b3685389b3842b1dfd093636021dfa5da2098886d700bdc6718844fc84cff028aac3ce028fb36ce217d89e0d566ea1059b8f19a1dc800226de4e1bf17c7ef5379c9683fea7d6ba55b10a1b973dd4e0354fa5439ccdf8a0a04b39a61db4a5ed81e76ecd3b1c972ff07474330916a6d30d7f2934b9095eebb01a1fb4af79b369a92ea9b523c16030100040e000000
4f fe ec 43 da 8d 1d 55 9e d4 ce 5d 26 a6 cf 9e 3a 7b
c1 b5 70 d4 1a d3 ac c3 1d 40 b9 c8 62 22 fb 80
b6 6d 98 15 5a c6 54 0a 37 81 65 e8 c4 f6 63 1b
95 21 93 c4 c7 43 9d b5 04 16 43 07 a0 4c 2e 8d
23 67 f8 6c ed 03 b0 34 d7 1f c6 42 e6 eb af 26
b0 de d1 1e 79 1a 00 4a 15 85 cd ac 76 39 40 d0
23 0b a9 92 08 91 1e e9 7b 45 2a b1 23 75 6b 36
85 38 9b 38 42 b1 df d0 93 63 60 21 df a5 da 20
98 88 6d 70 0b dc 67 18 84 4f c8 4c ff 02 8a ac
3c e0 28 fb 36 ce 21 7d 89 e0 d5 66 ea 10 59 b8
f1 9a 1d c8 00 22 6d e4 e1 bf 17 c7 ef 53 79 c9
68 3f ea 7d 6b a5 5b 10 a1 b9 73 dd 4e 03 54 fa
54 39 cc df 8a 0a 04 b3 9a 61 db 4a 5e d8 1e 76
ec d3 b1 c9 72 ff 07 47 43 30 91 6a 6d 30 d7 f2
93 4b 90 95 ee bb 01 a1 fb 4a f7 9b 36 9a 92 ea
9b 52 3c 16 03 01 00 04 0e 00 00 00
Message-Authenticator = 0x00000000000000000000000000000000
50 12 ...
State = 0x24b58ee5273a9b133f64a76207b0b4c9
18 12 24 b5 8e e5 27 3a 9b 13 3f 64 a7 62 07 b0 b4 c9
Proxy-State = 0x313730
21 05 31 37 30
Code: 11
Id: 249
Length: 825
Vector: b37c9271a418c073442d532d8ed1f747
Data: 4f ff 01 8f 02 f6 15 80 00 00 0a b0 6b 3f 7d e8 7b 74
c4 5d 6c d9 b9 21 aa 2a 49 05 1a 20 21 70 d8 9c
4e df 05 d2 f3 9a 32 85 48 06 6f e9 ce 4a eb e0
84 94 14 4c b7 37 7f 17 8f 7b 98 62 de 09 8e a9
cd 70 97 d8 67 7e 72 b7 28 4c 82 98 d7 bd e4 2d
49 7a cf b4 2d ed 6e 6d 53 31 16 28 9a 93 f3 a0
56 7a 02 ea 69 62 29 e1 19 1c 14 04 f9 f4 40 60
c0 13 50 13 92 15 17 e4 2d 4d a4 c2 12 a0 78 2b
e2 2a c9 6b 37 cc 4f d8 06 1d 7e ee 00 dd d5 e5
d9 f7 93 25 2d 51 7f 88 25 7c 53 25 5b 6d d0 a7
60 9d 7b 50 11 bd 19 fa 5c 7f 7e 88 a6 76 e2 a1
10 00 af 96 39 1d 54 b6 70 bd 1d 02 03 01 00 01
a3 82 01 15 30 82 01 11 30 1d 06 03 55 1d 0e 04
16 04 14 f6 84 0c ec 87 e9 96 37 cb 02 0d 74 95
c9 43 5b b0 da 72 e9 30 81 e1 06 03 55 1d 23 04
81 d9 30 81 d6 80 14 f6 84 0c ec 87 e9
4f ff 96 37 cb 02 0d 74 95 c9 43 5b b0 da 72 e9 a1 81
b2 a4 81 af 30 81 ac 31 0b 30 09 06 03 55 04 06
13 02 49 54 31 0b 30 09 06 03 55 04 08 13 02 4d
49 31 0f 30 0d 06 03 55 04 07 13 06 4d 69 6c 61
6e 6f 31 17 30 15 06 03 55 04 0a 13 0e 52 65 74
65 6c 69 74 20 53 2e 70 2e 41 2e 31 1b 30 19 06
03 55 04 0b 13 12 52 65 74 65 6c 69 74 20 4e 65
74 77 6f 72 6b 69 6e 67 31 28 30 26 06 03 55 04
03 13 1f 52 65 74 65 6c 69 74 20 43 65 72 74 69
66 69 63 61 74 69 6f 6e 20 41 75 74 68 6f 72 69
74 79 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01 09
01 16 10 61 64 6d 69 6e 40 72 65 74 65 6c 69 74
2e 69 74 82 09 00 9d 13 93 ce 43 f4 86 63 30 0c
06 03 55 1d 13 04 05 30 03 01 01 ff 30 0d 06 09
2a 86 48 86 f7 0d 01 01 05 05 00 03 82 01 01 00
c3 22 a6 c3 f6 e9 6d c1 a6 da 4f 6c 54
4f fe ec 43 da 8d 1d 55 9e d4 ce 5d 26 a6 cf 9e 3a 7b
c1 b5 70 d4 1a d3 ac c3 1d 40 b9 c8 62 22 fb 80
b6 6d 98 15 5a c6 54 0a 37 81 65 e8 c4 f6 63 1b
95 21 93 c4 c7 43 9d b5 04 16 43 07 a0 4c 2e 8d
23 67 f8 6c ed 03 b0 34 d7 1f c6 42 e6 eb af 26
b0 de d1 1e 79 1a 00 4a 15 85 cd ac 76 39 40 d0
23 0b a9 92 08 91 1e e9 7b 45 2a b1 23 75 6b 36
85 38 9b 38 42 b1 df d0 93 63 60 21 df a5 da 20
98 88 6d 70 0b dc 67 18 84 4f c8 4c ff 02 8a ac
3c e0 28 fb 36 ce 21 7d 89 e0 d5 66 ea 10 59 b8
f1 9a 1d c8 00 22 6d e4 e1 bf 17 c7 ef 53 79 c9
68 3f ea 7d 6b a5 5b 10 a1 b9 73 dd 4e 03 54 fa
54 39 cc df 8a 0a 04 b3 9a 61 db 4a 5e d8 1e 76
ec d3 b1 c9 72 ff 07 47 43 30 91 6a 6d 30 d7 f2
93 4b 90 95 ee bb 01 a1 fb 4a f7 9b 36 9a 92 ea
9b 52 3c 16 03 01 00 04 0e 00 00 00
50 12 73 5f fa 92 68 5b 8e e8 ae 69 c8 70 72 df 88 aa
18 12 24 b5 8e e5 27 3a 9b 13 3f 64 a7 62 07 b0 b4 c9
21 05 31 37 30
Thu Aug 2 11:44:00 2012 : Info: (3) Finished request 3.
Thu Aug 2 11:44:00 2012 : Debug: Waking up in 0.1 seconds.
Thu Aug 2 11:44:00 2012 : Debug: Waking up in 0.1 seconds.
Thu Aug 2 11:44:01 2012 : Debug: Waking up in 4.2 seconds.
rad_recv: Access-Request packet from host 172.20.22.20 port 1814, id=62, length=579
Code: 1
Id: 62
Length: 579
Vector: aa954bda6be42c94d86af7d7602c8a90
Data: 3d 06 00 00 00 1b
06 06 00 00 00 02
1a 0f 000060b5 (24757) 23 09 00 01 06 00 00 00 63
1a 15 000060b5 (24757) 2e 0f 00 30 30 30 30 32 30 30 36 30 31 30 30
1a 0e 000060b5 (24757) 01 08 00 01 05 31 2e 31
18 12 24 b5 8e e5 27 3a 9b 13 3f 64 a7 62 07 b0 b4 c9
50 12 4c e4 fa d4 e1 05 84 68 00 50 c6 7f 6d 8c 7a 10
1a 0c 000060b5 (24757) 01 06 00 02 03 02
1a 0c 000060b5 (24757) 01 06 00 03 03 01
04 06 c0 a8 62 c9
1f 0e 32 30 32 62 63 31 36 38 64 63 39 64
01 14 74 65 73 74 5f 64 68 63 70 40 74 65 73 74 2e 63
6f 6d
37 06 50 1a 4b f2
20 0c 49 54 52 5f 41 53 4e 2d 47 57
4f ff 02 8f 01 50 15 80 00 00 01 46 16 03 01 01 06 10
00 01 02 01 00 d0 ad 42 65 43 54 46 bd 77 92 70
1a f8 4b 8c 12 24 e0 2f d5 ac 68 70 48 52 4b 6b
27 01 33 b5 9a 2d 18 e6 71 63 e3 08 b4 e0 8a 8d
ac b8 b6 51 f0 c0 00 da d3 7b 38 df e6 47 87 b5
2d 32 ad 3f 20 4a 6d a2 8a 23 8e 5c a2 74 fb e5
f6 72 c8 8c 4a 28 24 55 d8 b8 82 c0 ff 6c 5e 81
e8 e7 b6 b0 84 70 ab 2a b7 29 94 a6 b6 df 41 76
39 40 f3 75 42 89 44 dc eb 18 d8 da a4 61 cc 57
40 98 64 56 47 5a f3 5a c7 06 80 80 2f 98 98 20
61 a6 cf 6f 38 9d 7a 19 cd 6b 26 f3 f3 64 8b f9
20 e4 f3 43 29 80 38 0d c4 1c f6 61 b9 a4 c1 a8
e6 c6 0f 36 2f cb cb 49 90 01 1b 8b ad c8 51 34
b5 87 c8 e2 cd d5 51 34 94 22 33 d5 26 21 59 19
e3 35 95 aa ad 33 73 b6 93 da 53 4b db b6 21 34
31 94 46 8e 63 be 47 88 32 b8 fe aa c7
4f 55 ed e8 92 2e 9e 74 c3 dc 4d 70 70 e3 81 04 94 80
12 e9 70 a0 4b d5 61 3f 14 03 01 00 01 01 16 03
01 00 30 c9 da 75 fb 75 82 6e d4 e5 2a eb 12 f4
05 a6 71 a3 e5 21 d9 f5 3f 37 6f 75 0b 78 0c 23
9e 2e 5c 23 33 58 e0 a5 59 bb a0 b6 29 f1 42 2b
99 cb 73
1a 09 000060b5 (24757) 01 03 01
1a 0d 000060b5 (24757) 03 07 00 10 0e 00 00
1a 0c 000060b5 (24757) 01 06 00 04 03 01
21 05 31 33 38
Thu Aug 2 11:44:01 2012 : Info: (0) Cleaning up request packet ID 62 with timestamp +2
NAS-Port-Type = Wireless-802.16
Service-Type = Framed-User
WiMAX-Available-In-Client = 99
WiMAX-BS-Id = 0x303030303230303630313030
WiMAX-Release = "1.1"
State = 0x24b58ee5273a9b133f64a76207b0b4c9
Message-Authenticator = 0x4ce4fad4e10584680050c67f6d8c7a10
WiMAX-Accounting-Capabilities = Flow-Based
WiMAX-Hotlining-Capabilities = Hotline-Profile-Id
NAS-IP-Address = 192.168.98.201
Calling-Station-Id = "202bc168dc9d"
User-Name = "test_dhcp at test.com"
Event-Timestamp = "Aug 2 2012 11:44:18 CEST"
NAS-Identifier = "ITR_ASN-GW"
EAP-Message = 0x028f01501580000001461603010106100001020100d0ad4265435446bd7792701af84b8c1224e02fd5ac687048524b6b270133b59a2d18e67163e308b4e08a8dacb8b651f0c000dad37b38dfe64787b52d32ad3f204a6da28a238e5ca274fbe5f672c88c4a282455d8b882c0ff6c5e81e8e7b6b08470ab2ab72994a6b6df41763940f375428944dceb18d8daa461cc5740986456475af35ac70680802f98982061a6cf6f389d7a19cd6b26f3f3648bf920e4f3432980380dc41cf661b9a4c1a8e6c60f362fcbcb4990011b8badc85134b587c8e2cdd55134942233d526215919e33595aaad3373b693da534bdbb621343194468e63be478832b8feaac7
EAP-Message = 0xede8922e9e74c3dc4d7070e38104948012e970a04bd5613f1403010001011603010030c9da75fb75826ed4e52aeb12f405a671a3e521d9f53f376f750b780c239e2e5c233358e0a559bba0b629f1422b99cb73
WiMAX-GMT-Timezone-offset = 269352960
WiMAX-Idle-Mode-Notification-Cap = Supported
Proxy-State = 0x313338
Thu Aug 2 11:44:01 2012 : Info: (4) # Executing section authorize from file /etc/raddb/sites-enabled/default
Thu Aug 2 11:44:01 2012 : Info: (4) group authorize {
Thu Aug 2 11:44:01 2012 : Info: (4) - entering group authorize {...}
Thu Aug 2 11:44:01 2012 : Info: (4) [preprocess] = ok
Thu Aug 2 11:44:01 2012 : Info: (4) [chap] = noop
Thu Aug 2 11:44:01 2012 : Info: (4) [mschap] = noop
Thu Aug 2 11:44:01 2012 : Info: (4) suffix : Looking up realm "test.com" for User-Name = "test_dhcp at test.com"
Thu Aug 2 11:44:01 2012 : Info: (4) suffix : Found realm "test.com"
Thu Aug 2 11:44:01 2012 : Info: (4) suffix : Adding Stripped-User-Name = "test_dhcp"
Thu Aug 2 11:44:01 2012 : Info: (4) suffix : Adding Realm = "test.com"
Thu Aug 2 11:44:01 2012 : Info: (4) suffix : Authentication realm is LOCAL.
Thu Aug 2 11:44:01 2012 : Info: (4) [suffix] = ok
Thu Aug 2 11:44:01 2012 : Info: (4) eap : EAP packet type response id 143 length 253
Thu Aug 2 11:44:01 2012 : Info: (4) eap : Continuing tunnel setup.
Thu Aug 2 11:44:01 2012 : Info: (4) [eap] = ok
Thu Aug 2 11:44:01 2012 : Info: (4) Found Auth-Type = EAP
Thu Aug 2 11:44:01 2012 : Info: (4) # Executing group from file /etc/raddb/sites-enabled/default
Thu Aug 2 11:44:01 2012 : Info: (4) group authenticate {
Thu Aug 2 11:44:01 2012 : Info: (4) - entering group authenticate {...}
Thu Aug 2 11:44:01 2012 : Info: (4) eap : Request found, released from the list
Thu Aug 2 11:44:01 2012 : Info: (4) eap : EAP/ttls
Thu Aug 2 11:44:01 2012 : Info: (4) eap : processing type ttls
Thu Aug 2 11:44:01 2012 : Info: (4) ttls : Authenticate
Thu Aug 2 11:44:01 2012 : Info: (4) ttls : processing EAP-TLS
Thu Aug 2 11:44:01 2012 : Debug: TLS Length 326
Thu Aug 2 11:44:01 2012 : Info: (4) ttls : Length Included
Thu Aug 2 11:44:01 2012 : Info: (4) ttls : eaptls_verify returned 11
Thu Aug 2 11:44:01 2012 : Info: (4) ttls : <<< TLS 1.0 Handshake [length 0106], ClientKeyExchange
Thu Aug 2 11:44:01 2012 : Info: (4) ttls : TLS_accept: SSLv3 read client key exchange A
Thu Aug 2 11:44:01 2012 : Info: (4) ttls : <<< TLS 1.0 ChangeCipherSpec [length 0001]
Thu Aug 2 11:44:01 2012 : Info: (4) ttls : <<< TLS 1.0 Handshake [length 0010], Finished
Thu Aug 2 11:44:01 2012 : Info: (4) ttls : TLS_accept: SSLv3 read finished A
Thu Aug 2 11:44:01 2012 : Info: (4) ttls : >>> TLS 1.0 ChangeCipherSpec [length 0001]
Thu Aug 2 11:44:01 2012 : Info: (4) ttls : TLS_accept: SSLv3 write change cipher spec A
Thu Aug 2 11:44:01 2012 : Info: (4) ttls : >>> TLS 1.0 Handshake [length 0010], Finished
Thu Aug 2 11:44:01 2012 : Info: (4) ttls : TLS_accept: SSLv3 write finished A
Thu Aug 2 11:44:01 2012 : Info: (4) ttls : TLS_accept: SSLv3 flush data
Thu Aug 2 11:44:01 2012 : Debug: SSL: adding session 565df607042e9d7e0c0a64dae1b7a455956137cab8ab12f885919fe11a92d305 to cache
Thu Aug 2 11:44:01 2012 : Info: (4) ttls : (other): SSL negotiation finished successfully
Thu Aug 2 11:44:01 2012 : Debug: SSL Connection Established
Thu Aug 2 11:44:01 2012 : Info: (4) ttls : eaptls_process returned 13
Thu Aug 2 11:44:01 2012 : Info: (4) [eap] = handled
Sending Access-Challenge of id 62 to 172.20.22.20 port 1814
EAP-Message = 0x0190004515800000003b140301000101160301003084357c84f13c1a7adf8a8659dc8ad749a4a3c19ad75b4e532ffda6661ad817424ea16df5b077e27d3f6c47f7ce4d2217
4f 47 01 90 00 45 15 80 00 00 00 3b 14 03 01 00 01 01
16 03 01 00 30 84 35 7c 84 f1 3c 1a 7a df 8a 86
59 dc 8a d7 49 a4 a3 c1 9a d7 5b 4e 53 2f fd a6
66 1a d8 17 42 4e a1 6d f5 b0 77 e2 7d 3f 6c 47
f7 ce 4d 22 17
Message-Authenticator = 0x00000000000000000000000000000000
50 12 ...
State = 0x24b58ee520259b133f64a76207b0b4c9
18 12 24 b5 8e e5 20 25 9b 13 3f 64 a7 62 07 b0 b4 c9
Proxy-State = 0x313338
21 05 31 33 38
Code: 11
Id: 62
Length: 132
Vector: d2896c1eb2f1d70553eb27e9c8c61408
Data: 4f 47 01 90 00 45 15 80 00 00 00 3b 14 03 01 00 01 01
16 03 01 00 30 84 35 7c 84 f1 3c 1a 7a df 8a 86
59 dc 8a d7 49 a4 a3 c1 9a d7 5b 4e 53 2f fd a6
66 1a d8 17 42 4e a1 6d f5 b0 77 e2 7d 3f 6c 47
f7 ce 4d 22 17
50 12 44 df ef 69 68 3b e3 08 cf c3 7b 45 0d fe 1a 7e
18 12 24 b5 8e e5 20 25 9b 13 3f 64 a7 62 07 b0 b4 c9
21 05 31 33 38
Thu Aug 2 11:44:01 2012 : Info: (4) Finished request 4.
Thu Aug 2 11:44:01 2012 : Debug: Waking up in 0.3 seconds.
rad_recv: Access-Request packet from host 172.20.22.20 port 1814, id=35, length=437
Code: 1
Id: 35
Length: 437
Vector: b9414d22374262e01a89faf844866eb0
Data: 3d 06 00 00 00 1b
06 06 00 00 00 02
1a 0f 000060b5 (24757) 23 09 00 01 06 00 00 00 63
1a 15 000060b5 (24757) 2e 0f 00 30 30 30 30 32 30 30 36 30 31 30 30
1a 0e 000060b5 (24757) 01 08 00 01 05 31 2e 31
18 12 24 b5 8e e5 20 25 9b 13 3f 64 a7 62 07 b0 b4 c9
50 12 3a c9 ef a8 38 45 77 1c 1e c3 e9 ff 0a 9c 27 90
1a 0c 000060b5 (24757) 01 06 00 02 03 02
1a 0c 000060b5 (24757) 01 06 00 03 03 01
04 06 c0 a8 62 c9
1f 0e 32 30 32 62 63 31 36 38 64 63 39 64
01 14 74 65 73 74 5f 64 68 63 70 40 74 65 73 74 2e 63
6f 6d
37 06 50 1a 4b f2
20 0c 49 54 52 5f 41 53 4e 2d 47 57
4f c6 02 90 00 c4 15 80 00 00 00 ba 17 03 01 00 20 ae
6d ab 2a ba 14 f1 0f 6d fe da 1d 6c dc f6 e5 42
72 4e 11 0f a3 92 44 14 f9 29 4f 90 5a ca f8 17
03 01 00 90 e9 05 8d 95 d0 af 62 23 1b de a6 59
5e 8a 83 1e 32 03 10 0c 1d 20 52 6e 77 df 7a 11
22 66 30 b3 5e e9 e1 fa f7 59 23 94 3e 6d 33 c3
ab c8 1c 27 0f 5e 8c b9 64 1d 9d 00 8d 68 94 02
b4 b9 b8 e5 d6 35 7d d5 26 9f d1 4a 60 7e a7 2a
95 f6 97 67 9b 10 39 85 9a 05 38 e6 9b 40 be 5d
02 46 e9 30 e2 78 dc ce 4d f8 fe 23 5d 6a 77 81
5d 2e 4c 34 19 c7 91 62 70 a6 de 6a 03 61 b5 aa
49 67 24 61 36 16 6e 3c 11 60 be 23 67 fe 4e 53
86 f5 b8 d3
1a 09 000060b5 (24757) 01 03 01
1a 0d 000060b5 (24757) 03 07 00 10 0e 00 00
1a 0c 000060b5 (24757) 01 06 00 04 03 01
21 05 32 33 31
NAS-Port-Type = Wireless-802.16
Service-Type = Framed-User
WiMAX-Available-In-Client = 99
WiMAX-BS-Id = 0x303030303230303630313030
WiMAX-Release = "1.1"
State = 0x24b58ee520259b133f64a76207b0b4c9
Message-Authenticator = 0x3ac9efa83845771c1ec3e9ff0a9c2790
WiMAX-Accounting-Capabilities = Flow-Based
WiMAX-Hotlining-Capabilities = Hotline-Profile-Id
NAS-IP-Address = 192.168.98.201
Calling-Station-Id = "202bc168dc9d"
User-Name = "test_dhcp at test.com"
Event-Timestamp = "Aug 2 2012 11:44:18 CEST"
NAS-Identifier = "ITR_ASN-GW"
EAP-Message = 0x029000c41580000000ba1703010020ae6dab2aba14f10f6dfeda1d6cdcf6e542724e110fa3924414f9294f905acaf81703010090e9058d95d0af62231bdea6595e8a831e3203100c1d20526e77df7a11226630b35ee9e1faf75923943e6d33c3abc81c270f5e8cb9641d9d008d689402b4b9b8e5d6357dd5269fd14a607ea72a95f697679b1039859a0538e69b40be5d0246e930e278dcce4df8fe235d6a77815d2e4c3419c7916270a6de6a0361b5aa4967246136166e3c1160be2367fe4e5386f5b8d3
WiMAX-GMT-Timezone-offset = 269352960
WiMAX-Idle-Mode-Notification-Cap = Supported
Proxy-State = 0x323331
Thu Aug 2 11:44:01 2012 : Info: (5) # Executing section authorize from file /etc/raddb/sites-enabled/default
Thu Aug 2 11:44:01 2012 : Info: (5) group authorize {
Thu Aug 2 11:44:01 2012 : Info: (5) - entering group authorize {...}
Thu Aug 2 11:44:01 2012 : Info: (5) [preprocess] = ok
Thu Aug 2 11:44:01 2012 : Info: (5) [chap] = noop
Thu Aug 2 11:44:01 2012 : Info: (5) [mschap] = noop
Thu Aug 2 11:44:01 2012 : Info: (5) suffix : Looking up realm "test.com" for User-Name = "test_dhcp at test.com"
Thu Aug 2 11:44:01 2012 : Info: (5) suffix : Found realm "test.com"
Thu Aug 2 11:44:01 2012 : Info: (5) suffix : Adding Stripped-User-Name = "test_dhcp"
Thu Aug 2 11:44:01 2012 : Info: (5) suffix : Adding Realm = "test.com"
Thu Aug 2 11:44:01 2012 : Info: (5) suffix : Authentication realm is LOCAL.
Thu Aug 2 11:44:01 2012 : Info: (5) [suffix] = ok
Thu Aug 2 11:44:01 2012 : Info: (5) eap : EAP packet type response id 144 length 196
Thu Aug 2 11:44:01 2012 : Info: (5) eap : Continuing tunnel setup.
Thu Aug 2 11:44:01 2012 : Info: (5) [eap] = ok
Thu Aug 2 11:44:01 2012 : Info: (5) Found Auth-Type = EAP
Thu Aug 2 11:44:01 2012 : Info: (5) # Executing group from file /etc/raddb/sites-enabled/default
Thu Aug 2 11:44:01 2012 : Info: (5) group authenticate {
Thu Aug 2 11:44:01 2012 : Info: (5) - entering group authenticate {...}
Thu Aug 2 11:44:01 2012 : Info: (5) eap : Request found, released from the list
Thu Aug 2 11:44:01 2012 : Info: (5) eap : EAP/ttls
Thu Aug 2 11:44:01 2012 : Info: (5) eap : processing type ttls
Thu Aug 2 11:44:01 2012 : Info: (5) ttls : Authenticate
Thu Aug 2 11:44:01 2012 : Info: (5) ttls : processing EAP-TLS
Thu Aug 2 11:44:01 2012 : Debug: TLS Length 186
Thu Aug 2 11:44:01 2012 : Info: (5) ttls : Length Included
Thu Aug 2 11:44:01 2012 : Info: (5) ttls : eaptls_verify returned 11
Thu Aug 2 11:44:01 2012 : Info: (5) ttls : eaptls_process returned 7
Thu Aug 2 11:44:01 2012 : Info: (5) ttls : Session established. Proceeding to decode tunneled attributes.
TTLS tunnel data in 0000: 00 00 00 01 40 00 00 1a 74 65 73 74 5f 64 68 63
TTLS tunnel data in 0010: 70 40 74 65 73 74 2e 63 6f 6d 00 00 00 00 00 0b
TTLS tunnel data in 0020: c0 00 00 1c 00 00 01 37 0d cb 20 55 0c 34 61 ab
TTLS tunnel data in 0030: 18 90 4d bc d6 a9 64 cf 00 00 00 19 c0 00 00 3e
TTLS tunnel data in 0040: 00 00 01 37 04 00 21 40 23 24 25 5e 26 2a 28 29
TTLS tunnel data in 0050: 5f 2b 3a 33 7c 7e 00 00 00 00 00 00 00 00 ed e5
TTLS tunnel data in 0060: 92 e9 5e 29 bd 6f 26 6a bc d4 20 c7 50 61 4c 03
TTLS tunnel data in 0070: 65 af 37 e9 a9 d7 00 00
Thu Aug 2 11:44:01 2012 : Info: (5) ttls : Tunneled attribute 1 is too short (1 < 12) to contain anything useful.
0000: 00 00 00 01 40 00 00 1a 74 65 73 74 5f 64 68 63
0010: 70 40 74 65 73 74 2e 63 6f 6d 00 00 00 00 00 0b
0020: c0 00 00 1c 00 00 01 37 0d cb 20 55 0c 34 61 ab
0030: 18 90 4d bc d6 a9 64 cf 00 00 00 19 c0 00 00 3e
0040: 00 00 01 37 04 00 21 40 23 24 25 5e 26 2a 28 29
0050: 5f 2b 3a 33 7c 7e 00 00 00 00 00 00 00 00 ed e5
0060: 92 e9 5e 29 bd 6f 26 6a bc d4 20 c7 50 61 4c 03
0070: 65 af 37 e9 a9 d7 00 00
Thu Aug 2 11:44:01 2012 : Debug: SSL: Removing session 565df607042e9d7e0c0a64dae1b7a455956137cab8ab12f885919fe11a92d305 from the cache
Thu Aug 2 11:44:01 2012 : Info: (5) eap : Handler failed in EAP/ttls
Thu Aug 2 11:44:01 2012 : Info: (5) eap : Failed in EAP select
Thu Aug 2 11:44:01 2012 : Info: (5) [eap] = invalid
Thu Aug 2 11:44:01 2012 : Info: (5) Failed to authenticate the user.
Thu Aug 2 11:44:01 2012 : Auth: (5) Login incorrect: [test_dhcp at test.com/<via Auth-Type = EAP>] (from client Retelit-Proxy-Test-VM port 0 cli 202bc168dc9d)
Thu Aug 2 11:44:01 2012 : Info: (5) Using Post-Auth-Type Reject
Thu Aug 2 11:44:01 2012 : Info: (5) # Executing group from file /etc/raddb/sites-enabled/default
Thu Aug 2 11:44:01 2012 : Info: (5) group REJECT {
Thu Aug 2 11:44:01 2012 : Info: (5) - entering group REJECT {...}
Thu Aug 2 11:44:01 2012 : Info: (5) attr_filter.access_reject : expand: %{User-Name} -> test_dhcp at test.com
Thu Aug 2 11:44:01 2012 : Info: (5) attr_filter.access_reject : Matched entry DEFAULT at line 11
Thu Aug 2 11:44:01 2012 : Info: (5) [attr_filter.access_reject] = updated
Thu Aug 2 11:44:01 2012 : Info: (5) Finished request 5.
Thu Aug 2 11:44:01 2012 : Debug: Waking up in 0.1 seconds.
Thu Aug 2 11:44:01 2012 : Debug: Waking up in 0.1 seconds.
Thu Aug 2 11:44:01 2012 : Debug: Waking up in 0.6 seconds.
Thu Aug 2 11:44:02 2012 : Info: (5) Sending delayed reject
Sending Access-Reject of id 35 to 172.20.22.20 port 1814
EAP-Message = 0x04900004
4f 06 04 90 00 04
Message-Authenticator = 0x00000000000000000000000000000000
50 12 ...
Proxy-State = 0x323331
21 05 32 33 31
Code: 3
Id: 35
Length: 49
Vector: 6fca07096438ea877d7c3da9113a2658
Data: 4f 06 04 90 00 04
50 12 d1 ad 42 57 e2 13 5d 3d 11 aa a5 56 34 16 d3 d5
21 05 32 33 31
Thu Aug 2 11:44:02 2012 : Debug: Waking up in 3.1 seconds.
Thu Aug 2 11:44:05 2012 : Info: (1) Cleaning up request packet ID 9 with timestamp +2
Thu Aug 2 11:44:05 2012 : Debug: Waking up in 0.1 seconds.
Thu Aug 2 11:44:05 2012 : Info: (2) Cleaning up request packet ID 175 with timestamp +2
Thu Aug 2 11:44:05 2012 : Debug: Waking up in 0.1 seconds.
Thu Aug 2 11:44:05 2012 : Info: (3) Cleaning up request packet ID 249 with timestamp +2
Thu Aug 2 11:44:05 2012 : Debug: Waking up in 0.4 seconds.
Thu Aug 2 11:44:06 2012 : Info: (4) Cleaning up request packet ID 62 with timestamp +3
Thu Aug 2 11:44:06 2012 : Debug: Waking up in 1.1 seconds.
Thu Aug 2 11:44:07 2012 : Info: (5) Cleaning up request packet ID 35 with timestamp +3
Thu Aug 2 11:44:07 2012 : Info: Ready to process requests.
More information about the Freeradius-Users
mailing list