Resume failing on system reboot
Joshua
mrl0lz at gmail.com
Fri Nov 14 00:39:50 CET 2014
Using freeradius 2.2.4_2 with an LDAP backend serving WPA enterprise wifi
clients. I have an issue that I've been stuck on for days. Auth works just
fine, but if say a user restarts his OS X Yosemite laptop on reboot it will
report loss of network and fail to connect. Looking at radiusd.logs I see
an endless loop of Access-Challenge responses but never an accept. Some
time later it starts to work when trying to reconnect.
What am I missing here? Below is the error and my configuration:
##### ERROR
##### ERROR
rad_recv: Access-Request packet from host 10.1.0.6 port 39552, id=173,
length=155
User-Name = "user1"
NAS-IP-Address = 10.1.0.6
NAS-Port = 0
Called-Station-Id = "68-86-A7-FF-D0-02:RANDOMSSID"
Calling-Station-Id = "3C-15-C2-B7-DC-80"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11a"
EAP-Message = 0x0203000a01726c616e67
Message-Authenticator = 0xfda339f6e3f3854c5203dd14e0c5c9fc
Info: # Executing section authorize from file
/opt/local/etc/raddb/sites-enabled/default
Info: +group authorize {
Info: ++[preprocess] = ok
Info: ++[mschap] = noop
Info: [ntdomain] No '\' in User-Name = "user1", looking up realm NULL
Info: [ntdomain] No such realm "NULL"
Info: ++[ntdomain] = noop
Info: [eap] EAP packet type response id 3 length 10
Info: [eap] No EAP Start, assuming it's an on-going EAP conversation
Info: ++[eap] = updated
Info: ++[expiration] = noop
Info: ++[logintime] = noop
Info: +} # group authorize = updated
Info: Found Auth-Type = EAP
Info: # Executing group from file
/opt/local/etc/raddb/sites-enabled/default
Info: +group authenticate {
Info: [eap] EAP Identity
Info: [eap] processing type tls
Info: [tls] Flushing SSL sessions (of #0)
Info: [tls] Initiate
Info: [tls] Start returned 1
Info: ++[eap] = handled
Info: +} # group authenticate = handled
Sending Access-Challenge of id 173 to 10.1.0.6 port 39552
EAP-Message = 0x010400061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x652be819652ff13421bf66d7088d793f
Info: Finished request 0.
Debug: Going to the next request
Debug: Waking up in 4.9 seconds.
Thu Nov 13 15:31:49 2014 : Info: Cleaning up request 0 ID 173 with
timestamp +60
Thu Nov 13 15:31:49 2014 : Debug: WARNING:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Thu Nov 13 15:31:49 2014 : Debug: WARNING: !! EAP session for state
0x652be819652ff134 did not finish!
Thu Nov 13 15:31:49 2014 : Debug: WARNING: !! Please read
http://wiki.freeradius.org/guide/Certificate_Compatibility
Thu Nov 13 15:31:49 2014 : Debug: WARNING:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Thu Nov 13 15:31:49 2014 : Info: Ready to process requests.
rad_recv: Access-Request packet from host 10.1.0.6 port 39552, id=171,
length=155
User-Name = "user1"
NAS-IP-Address = 10.1.0.6
NAS-Port = 0
Called-Station-Id = "68-86-A7-FF-D0-02:f"
Calling-Station-Id = "3C-15-C2-B7-DC-80"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11a"
EAP-Message = 0x0200000a01726c616e67
Message-Authenticator = 0x5713a7f5bda1676ee08343c46dcd5e6f
Info: # Executing section authorize from file
/opt/local/etc/raddb/sites-enabled/default
Info: +group authorize {
Info: ++[preprocess] = ok
Info: ++[mschap] = noop
Info: [ntdomain] No '\' in User-Name = "user1", looking up realm NULL
Info: [ntdomain] No such realm "NULL"
Info: ++[ntdomain] = noop
Info: [eap] EAP packet type response id 0 length 10
Info: [eap] No EAP Start, assuming it's an on-going EAP conversation
Info: ++[eap] = updated
Info: ++[expiration] = noop
Info: ++[logintime] = noop
Info: +} # group authorize = updated
Info: Found Auth-Type = EAP
Info: # Executing group from file
/opt/local/etc/raddb/sites-enabled/default
Info: +group authenticate {
Info: [eap] EAP Identity
Info: [eap] processing type tls
Info: [tls] Initiate
Info: [tls] Start returned 1
Info: ++[eap] = handled
Info: +} # group authenticate = handled
Sending Access-Challenge of id 171 to 10.1.0.6 port 39552
EAP-Message = 0x010100061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xac737dcfac726477626749b4614c2b4e
Info: Finished request 1.
Debug: Going to the next request
Debug: Waking up in 4.9 seconds.
Info: Cleaning up request 1 ID 171 with timestamp +74
Debug: WARNING:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Debug: WARNING: !! EAP session for state 0xac737dcfac726477 did not finish!
Debug: WARNING: !! Please read
http://wiki.freeradius.org/guide/Certificate_Compatibility
Debug: WARNING:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Info: Ready to process requests.
rad_recv: Access-Request packet from host 10.1.0.6 port 39552, id=172,
length=155
User-Name = "user1"
NAS-IP-Address = 10.1.0.6
NAS-Port = 0
Called-Station-Id = "68-86-A7-FF-D0-02:RANDOMSSID"
Calling-Station-Id = "3C-15-C2-B7-DC-80"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11a"
EAP-Message = 0x0201000a01726c616e67
Message-Authenticator = 0x5a371b7db7a108196d1e06bf7805e0a3
Info: # Executing section authorize from file
/opt/local/etc/raddb/sites-enabled/default
Info: +group authorize {
Info: ++[preprocess] = ok
Info: ++[mschap] = noop
Info: [ntdomain] No '\' in User-Name = "user1", looking up realm NULL
Info: [ntdomain] No such realm "NULL"
Info: ++[ntdomain] = noop
Info: [eap] EAP packet type response id 1 length 10
Info: [eap] No EAP Start, assuming it's an on-going EAP conversation
Info: ++[eap] = updated
Info: ++[expiration] = noop
Info: ++[logintime] = noop
Info: +} # group authorize = updated
Info: Found Auth-Type = EAP
Info: # Executing group from file
/opt/local/etc/raddb/sites-enabled/default
Info: +group authenticate {
Info: [eap] EAP Identity
Info: [eap] processing type tls
Info: [tls] Initiate
Info: [tls] Start returned 1
Info: ++[eap] = handled
Info: +} # group authenticate = handled
Sending Access-Challenge of id 172 to 10.1.0.6 port 39552
EAP-Message = 0x010200061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xd3dbfc2fd3d9e5d577e0b0bda6fe6517
Info: Finished request 2.
##### CONFIGURATION
##### CONFIGURATION
Debug: main {
Debug: allow_core_dumps = no
Debug: }
Debug: including dictionary file /opt/local/etc/raddb/dictionary
Debug: main {
Debug: name = "radiusd"
Debug: prefix = "/opt/local"
Debug: localstatedir = "/opt/local/var"
Debug: sbindir = "/opt/local/sbin"
Debug: logdir = "/opt/local/var/log/radius"
Debug: run_dir = "/opt/local/var/run/radiusd"
Debug: libdir = "/opt/local/lib"
Debug: radacctdir = "/opt/local/var/log/radius/radacct"
Debug: hostname_lookups = no
Debug: max_request_time = 30
Debug: cleanup_delay = 5
Debug: max_requests = 1024
Debug: pidfile = "/opt/local/var/run/radiusd/radiusd.pid"
Debug: checkrad = "/opt/local/sbin/checkrad"
Debug: debug_level = 0
Debug: proxy_requests = yes
Debug: log {
Debug: stripped_names = no
Debug: auth = no
Debug: auth_badpass = no
Debug: auth_goodpass = no
Debug: }
Debug: security {
Debug: max_attributes = 200
Debug: reject_delay = 1
Debug: status_server = yes
Debug: }
Debug: }
Debug: radiusd: #### Loading Realms and Home Servers ####
Debug: proxy server {
Debug: retry_delay = 5
Debug: retry_count = 3
Debug: default_fallback = no
Debug: dead_time = 120
Debug: wake_all_if_all_dead = no
Debug: }
Debug: home_server localhost {
Debug: ipaddr = 127.0.0.1
Debug: port = 1812
Debug: type = "auth"
Debug: secret = "testing123"
Debug: response_window = 20
Debug: max_outstanding = 65536
Debug: require_message_authenticator = yes
Debug: zombie_period = 40
Debug: status_check = "status-server"
Debug: ping_interval = 30
Debug: check_interval = 30
Debug: num_answers_to_alive = 3
Debug: num_pings_to_alive = 3
Debug: revive_interval = 120
Debug: status_check_timeout = 4
Debug: coa {
Debug: irt = 2
Debug: mrt = 16
Debug: mrc = 5
Debug: mrd = 30
Debug: }
Debug: }
Debug: home_server_pool my_auth_failover {
Debug: type = fail-over
Debug: home_server = localhost
Debug: }
Debug: realm example.com {
Debug: auth_pool = my_auth_failover
Debug: }
Debug: realm LOCAL {
Debug: }
Debug: radiusd: #### Loading Clients ####
Debug: client localhost {
Debug: ipaddr = 127.0.0.1
Debug: require_message_authenticator = no
Debug: secret = "testing123"
Debug: nastype = "other"
Debug: }
Debug: client 10.1.0.5/32 {
Debug: require_message_authenticator = no
Debug: secret = "433natoma"
Debug: shortname = "cisco_ap1"
Debug: }
Debug: client 10.1.0.6/32 {
Debug: require_message_authenticator = no
Debug: secret = "433natoma"
Debug: shortname = "cisco_ap2"
Debug: }
Debug: radiusd: #### Instantiating modules ####
Debug: instantiate {
Debug: (Loaded rlm_exec, checking if it's valid)
Debug: Module: Linked to module rlm_exec
Debug: Module: Instantiating module "exec" from file
/opt/local/etc/raddb/modules/exec
Debug: exec {
Debug: wait = no
Debug: input_pairs = "request"
Debug: shell_escape = yes
Debug: timeout = 10
Debug: }
Debug: (Loaded rlm_expr, checking if it's valid)
Debug: Module: Linked to module rlm_expr
Debug: Module: Instantiating module "expr" from file
/opt/local/etc/raddb/modules/expr
Debug: (Loaded rlm_expiration, checking if it's valid)
Debug: Module: Linked to module rlm_expiration
Debug: Module: Instantiating module "expiration" from file
/opt/local/etc/raddb/modules/expiration
Debug: expiration {
Debug: reply-message = "Password Has Expired "
Debug: }
Debug: (Loaded rlm_logintime, checking if it's valid)
Debug: Module: Linked to module rlm_logintime
Debug: Module: Instantiating module "logintime" from file
/opt/local/etc/raddb/modules/logintime
Debug: logintime {
Debug: reply-message = "You are calling outside your allowed timespan "
Debug: minimum-timeout = 60
Debug: }
Debug: }
Debug: radiusd: #### Loading Virtual Servers ####
Debug: server { # from file /opt/local/etc/raddb/radiusd.conf
Debug: modules {
Debug: Module: Creating Post-Auth-Type = REJECT
Debug: Module: Checking authenticate {...} for more modules to load
Debug: (Loaded rlm_chap, checking if it's valid)
Debug: Module: Linked to module rlm_chap
Debug: Module: Instantiating module "chap" from file
/opt/local/etc/raddb/modules/chap
Debug: (Loaded rlm_mschap, checking if it's valid)
Debug: Module: Linked to module rlm_mschap
Debug: Module: Instantiating module "mschap" from file
/opt/local/etc/raddb/modules/mschap
Debug: mschap {
Debug: use_mppe = yes
Debug: require_encryption = yes
Debug: require_strong = yes
Debug: with_ntdomain_hack = yes
Debug: allow_retry = yes
Debug: use_open_directory = yes
Debug: }
Debug: (Loaded rlm_eap, checking if it's valid)
Debug: Module: Linked to module rlm_eap
Debug: Module: Instantiating module "eap" from file
/opt/local/etc/raddb/eap.conf
Debug: eap {
Debug: default_eap_type = "peap"
Debug: timer_expire = 60
Debug: ignore_unknown_eap_types = no
Debug: cisco_accounting_username_bug = no
Debug: max_sessions = 4096
Debug: }
Debug: Module: Linked to sub-module rlm_eap_md5
Debug: Module: Instantiating eap-md5
Debug: Module: Linked to sub-module rlm_eap_leap
Debug: Module: Instantiating eap-leap
Debug: Module: Linked to sub-module rlm_eap_gtc
Debug: Module: Instantiating eap-gtc
Debug: gtc {
Debug: challenge = "Password: "
Debug: auth_type = "PAP"
Debug: }
Debug: Module: Linked to sub-module rlm_eap_tls
Debug: Module: Instantiating eap-tls
Debug: tls {
Debug: rsa_key_exchange = no
Debug: dh_key_exchange = yes
Debug: rsa_key_length = 512
Debug: dh_key_length = 512
Debug: verify_depth = 0
Debug: CA_path = "/opt/local/etc/raddb/certs"
Debug: pem_file_type = yes
Debug: private_key_file = "/opt/local/etc/raddb/certs/server.pem"
Debug: certificate_file = "/opt/local/etc/raddb/certs/server.pem"
Debug: CA_file = "/opt/local/etc/raddb/certs/ca.pem"
Debug: private_key_password = "whatever"
Debug: dh_file = "/opt/local/etc/raddb/certs/dh"
Debug: fragment_size = 1024
Debug: include_length = yes
Debug: check_crl = no
Debug: cipher_list = "DEFAULT"
Debug: make_cert_command = "/opt/local/etc/raddb/certs/bootstrap"
Debug: ecdh_curve = "prime256v1"
Debug: cache {
Debug: enable = yes
Debug: lifetime = 24
Debug: max_entries = 255
Debug: }
Debug: verify {
Debug: }
Debug: ocsp {
Debug: enable = no
Debug: override_cert_url = yes
Debug: url = "http://127.0.0.1/ocsp/"
Debug: use_nonce = yes
Debug: timeout = 0
Debug: softfail = no
Debug: }
Debug: }
Debug: Module: Linked to sub-module rlm_eap_ttls
Debug: Module: Instantiating eap-ttls
Debug: ttls {
Debug: default_eap_type = "md5"
Debug: copy_request_to_tunnel = no
Debug: use_tunneled_reply = no
Debug: virtual_server = "inner-tunnel"
Debug: include_length = yes
Debug: }
Debug: Module: Linked to sub-module rlm_eap_peap
Debug: Module: Instantiating eap-peap
Debug: peap {
Debug: default_eap_type = "mschapv2"
Debug: copy_request_to_tunnel = no
Debug: use_tunneled_reply = no
Debug: proxy_tunneled_request_as_eap = yes
Debug: virtual_server = "inner-tunnel"
Debug: soh = no
Debug: }
Debug: Module: Linked to sub-module rlm_eap_mschapv2
Debug: Module: Instantiating eap-mschapv2
Debug: mschapv2 {
Debug: with_ntdomain_hack = no
Debug: send_error = no
Debug: }
Debug: Module: Checking authorize {...} for more modules to load
Debug: (Loaded rlm_preprocess, checking if it's valid)
Debug: Module: Linked to module rlm_preprocess
Debug: Module: Instantiating module "preprocess" from file
/opt/local/etc/raddb/modules/preprocess
Debug: preprocess {
Debug: huntgroups = "/opt/local/etc/raddb/huntgroups"
Debug: hints = "/opt/local/etc/raddb/hints"
Debug: with_ascend_hack = no
Debug: ascend_channels_per_line = 23
Debug: with_ntdomain_hack = no
Debug: with_specialix_jetstream_hack = no
Debug: with_cisco_vsa_hack = no
Debug: with_alvarion_vsa_hack = no
Debug: }
Debug: reading pairlist file /opt/local/etc/raddb/huntgroups
Debug: reading pairlist file /opt/local/etc/raddb/hints
Debug: (Loaded rlm_realm, checking if it's valid)
Debug: Module: Linked to module rlm_realm
Debug: Module: Instantiating module "ntdomain" from file
/opt/local/etc/raddb/modules/realm
Debug: realm ntdomain {
Debug: format = "prefix"
Debug: delimiter = "\"
Debug: ignore_default = no
Debug: ignore_null = no
Debug: }
Debug: Module: Checking preacct {...} for more modules to load
Debug: (Loaded rlm_acct_unique, checking if it's valid)
Debug: Module: Linked to module rlm_acct_unique
Debug: Module: Instantiating module "acct_unique" from file
/opt/local/etc/raddb/modules/acct_unique
Debug: acct_unique {
Debug: key = "User-Name, Acct-Session-Id, NAS-IP-Address,
NAS-Identifier, NAS-Port"
Debug: }
Debug: Module: Instantiating module "suffix" from file
/opt/local/etc/raddb/modules/realm
Debug: realm suffix {
Debug: format = "suffix"
Debug: delimiter = "@"
Debug: ignore_default = no
Debug: ignore_null = no
Debug: }
Debug: (Loaded rlm_files, checking if it's valid)
Debug: Module: Linked to module rlm_files
Debug: Module: Instantiating module "files" from file
/opt/local/etc/raddb/modules/files
Debug: files {
Debug: usersfile = "/opt/local/etc/raddb/users"
Debug: acctusersfile = "/opt/local/etc/raddb/acct_users"
Debug: preproxy_usersfile = "/opt/local/etc/raddb/preproxy_users"
Debug: compat = "no"
Debug: }
Debug: reading pairlist file /opt/local/etc/raddb/users
Debug: reading pairlist file /opt/local/etc/raddb/acct_users
Debug: reading pairlist file /opt/local/etc/raddb/preproxy_users
Debug: Module: Checking accounting {...} for more modules to load
Debug: (Loaded rlm_detail, checking if it's valid)
Debug: Module: Linked to module rlm_detail
Debug: Module: Instantiating module "detail" from file
/opt/local/etc/raddb/modules/detail
Debug: detail {
Debug: detailfile =
"/opt/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d"
Debug: header = "%t"
Debug: detailperm = 384
Debug: dirperm = 493
Debug: locking = no
Debug: log_packet_header = no
Debug: }
Debug: (Loaded rlm_attr_filter, checking if it's valid)
Debug: Module: Linked to module rlm_attr_filter
Debug: Module: Instantiating module "attr_filter.accounting_response"
from file /opt/local/etc/raddb/modules/attr_filter
Debug: attr_filter attr_filter.accounting_response {
Debug: attrsfile = "/opt/local/etc/raddb/attrs.accounting_response"
Debug: key = "%{User-Name}"
Debug: relaxed = no
Debug: }
Debug: reading pairlist file /opt/local/etc/raddb/attrs.accounting_response
Debug: Module: Checking session {...} for more modules to load
Debug: (Loaded rlm_radutmp, checking if it's valid)
Debug: Module: Linked to module rlm_radutmp
Debug: Module: Instantiating module "radutmp" from file
/opt/local/etc/raddb/modules/radutmp
Debug: radutmp {
Debug: filename = "/opt/local/var/log/radius/radutmp"
Debug: username = "%{User-Name}"
Debug: case_sensitive = yes
Debug: check_with_nas = yes
Debug: perm = 384
Debug: callerid = yes
Debug: }
Debug: Module: Checking post-proxy {...} for more modules to load
Debug: Module: Checking post-auth {...} for more modules to load
Debug: Module: Instantiating module "attr_filter.access_reject" from file
/opt/local/etc/raddb/modules/attr_filter
Debug: attr_filter attr_filter.access_reject {
Debug: attrsfile = "/opt/local/etc/raddb/attrs.access_reject"
Debug: key = "%{User-Name}"
Debug: relaxed = no
Debug: }
Debug: reading pairlist file /opt/local/etc/raddb/attrs.access_reject
Debug: } # modules
Debug: } # server
Debug: server inner-tunnel { # from file
/opt/local/etc/raddb/sites-enabled/inner-tunnel
Debug: modules {
Debug: Module: Checking authenticate {...} for more modules to load
Debug: (Loaded rlm_pap, checking if it's valid)
Debug: Module: Linked to module rlm_pap
Debug: Module: Instantiating module "pap" from file
/opt/local/etc/raddb/modules/pap
Debug: pap {
Debug: encryption_scheme = "auto"
Debug: auto_header = no
Debug: }
Debug: (Loaded rlm_unix, checking if it's valid)
Debug: Module: Linked to module rlm_unix
Debug: Module: Instantiating module "unix" from file
/opt/local/etc/raddb/modules/unix
Debug: unix {
Debug: radwtmp = "/opt/local/var/log/radius/radwtmp"
Debug: }
Debug: Module: Checking authorize {...} for more modules to load
Debug: (Loaded rlm_ldap, checking if it's valid)
Debug: Module: Linked to module rlm_ldap
Debug: Module: Instantiating module "ldap" from file
/opt/local/etc/raddb/modules/ldap
Debug: ldap {
Debug: server = "10.1.0.20"
Debug: port = 389
Debug: password = "ykFeQcvhgWpEgT4nKekgZNmCyz8e"
Debug: expect_password = yes
Debug: identity = "cn=admin,dc=sirono,dc=com"
Debug: net_timeout = 1
Debug: timeout = 4
Debug: timelimit = 3
Debug: max_uses = 0
Debug: tls_mode = no
Debug: start_tls = no
Debug: tls_require_cert = "allow"
Debug: tls {
Debug: start_tls = no
Debug: require_cert = "allow"
Debug: }
Debug: basedn = "ou=people,dc=sirono,dc=com"
Debug: filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})"
Debug: base_filter = "(objectclass=inetOrgPerson)"
Debug: auto_header = no
Debug: access_attr_used_for_allow = yes
Debug: groupname_attribute = "cn"
Debug: groupmembership_filter =
"(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))"
Debug: dictionary_mapping = "/opt/local/etc/raddb/ldap.attrmap"
Debug: ldap_debug = 0
Debug: ldap_connections_number = 5
Debug: compare_check_items = no
Debug: do_xlat = yes
Debug: set_auth_type = no
Debug: keepalive {
Debug: idle = 60
Debug: probes = 3
Debug: interval = 3
Debug: }
Debug: }
Debug: rlm_ldap: Registering ldap_groupcmp for Ldap-Group
Debug: rlm_ldap: Registering ldap_xlat with xlat_name ldap
Debug: rlm_ldap: reading ldap<->radius mappings from file
/opt/local/etc/raddb/ldap.attrmap
Debug: rlm_ldap: LDAP radiusCheckItem mapped to RADIUS $GENERIC$
Debug: rlm_ldap: LDAP radiusReplyItem mapped to RADIUS $GENERIC$
Debug: rlm_ldap: LDAP radiusAuthType mapped to RADIUS Auth-Type
Debug: rlm_ldap: LDAP radiusSimultaneousUse mapped to RADIUS
Simultaneous-Use
Debug: rlm_ldap: LDAP radiusCalledStationId mapped to RADIUS
Called-Station-Id
Debug: rlm_ldap: LDAP radiusCallingStationId mapped to RADIUS
Calling-Station-Id
Debug: rlm_ldap: LDAP lmPassword mapped to RADIUS LM-Password
Debug: rlm_ldap: LDAP ntPassword mapped to RADIUS NT-Password
Debug: rlm_ldap: LDAP sambaLmPassword mapped to RADIUS LM-Password
Debug: rlm_ldap: LDAP sambaNtPassword mapped to RADIUS NT-Password
Debug: rlm_ldap: LDAP dBCSPwd mapped to RADIUS LM-Password
Debug: rlm_ldap: LDAP userPassword mapped to RADIUS Password-With-Header
Debug: rlm_ldap: LDAP acctFlags mapped to RADIUS SMB-Account-CTRL-TEXT
Debug: rlm_ldap: LDAP radiusExpiration mapped to RADIUS Expiration
Debug: rlm_ldap: LDAP radiusNASIpAddress mapped to RADIUS NAS-IP-Address
Debug: rlm_ldap: LDAP radiusServiceType mapped to RADIUS Service-Type
Debug: rlm_ldap: LDAP radiusFramedProtocol mapped to RADIUS Framed-Protocol
Debug: rlm_ldap: LDAP radiusFramedIPAddress mapped to RADIUS
Framed-IP-Address
Debug: rlm_ldap: LDAP radiusFramedIPNetmask mapped to RADIUS
Framed-IP-Netmask
Debug: rlm_ldap: LDAP radiusFramedRoute mapped to RADIUS Framed-Route
Debug: rlm_ldap: LDAP radiusFramedRouting mapped to RADIUS Framed-Routing
Debug: rlm_ldap: LDAP radiusFilterId mapped to RADIUS Filter-Id
Debug: rlm_ldap: LDAP radiusFramedMTU mapped to RADIUS Framed-MTU
Debug: rlm_ldap: LDAP radiusFramedCompression mapped to RADIUS
Framed-Compression
Debug: rlm_ldap: LDAP radiusLoginIPHost mapped to RADIUS Login-IP-Host
Debug: rlm_ldap: LDAP radiusLoginService mapped to RADIUS Login-Service
Debug: rlm_ldap: LDAP radiusLoginTCPPort mapped to RADIUS Login-TCP-Port
Debug: rlm_ldap: LDAP radiusCallbackNumber mapped to RADIUS Callback-Number
Debug: rlm_ldap: LDAP radiusCallbackId mapped to RADIUS Callback-Id
Debug: rlm_ldap: LDAP radiusFramedIPXNetwork mapped to RADIUS
Framed-IPX-Network
Debug: rlm_ldap: LDAP radiusClass mapped to RADIUS Class
Debug: rlm_ldap: LDAP radiusSessionTimeout mapped to RADIUS Session-Timeout
Debug: rlm_ldap: LDAP radiusIdleTimeout mapped to RADIUS Idle-Timeout
Debug: rlm_ldap: LDAP radiusTerminationAction mapped to RADIUS
Termination-Action
Debug: rlm_ldap: LDAP radiusLoginLATService mapped to RADIUS
Login-LAT-Service
Debug: rlm_ldap: LDAP radiusLoginLATNode mapped to RADIUS Login-LAT-Node
Debug: rlm_ldap: LDAP radiusLoginLATGroup mapped to RADIUS Login-LAT-Group
Debug: rlm_ldap: LDAP radiusFramedAppleTalkLink mapped to RADIUS
Framed-AppleTalk-Link
Debug: rlm_ldap: LDAP radiusFramedAppleTalkNetwork mapped to RADIUS
Framed-AppleTalk-Network
Debug: rlm_ldap: LDAP radiusFramedAppleTalkZone mapped to RADIUS
Framed-AppleTalk-Zone
Debug: rlm_ldap: LDAP radiusPortLimit mapped to RADIUS Port-Limit
Debug: rlm_ldap: LDAP radiusLoginLATPort mapped to RADIUS Login-LAT-Port
Debug: rlm_ldap: LDAP radiusReplyMessage mapped to RADIUS Reply-Message
Debug: rlm_ldap: LDAP radiusTunnelType mapped to RADIUS Tunnel-Type
Debug: rlm_ldap: LDAP radiusTunnelMediumType mapped to RADIUS
Tunnel-Medium-Type
Debug: rlm_ldap: LDAP radiusTunnelPrivateGroupId mapped to RADIUS
Tunnel-Private-Group-Id
Debug: conns: 0x7fe01ac55ea0
Debug: Module: Checking session {...} for more modules to load
Debug: Module: Checking post-proxy {...} for more modules to load
Debug: Module: Checking post-auth {...} for more modules to load
Debug: } # modules
Debug: } # server
Debug: radiusd: #### Opening IP addresses and Ports ####
Debug: listen {
Debug: type = "auth"
Debug: ipaddr = *
Debug: port = 0
Debug: }
Debug: listen {
Debug: type = "acct"
Debug: ipaddr = *
Debug: port = 0
Debug: }
Debug: listen {
Debug: type = "control"
Debug: listen {
Debug: socket = "/opt/local/var/run/radiusd/radiusd.sock"
Debug: }
Debug: }
Debug: listen {
Debug: type = "auth"
Debug: ipaddr = 127.0.0.1
Debug: port = 18120
Debug: }
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20141113/45c97b2d/attachment-0001.html>
More information about the Freeradius-Users
mailing list