Add Check Item in PEAP MSCHAP V2 authentication process
Tim Baledorion
timbaledorion at hotmail.com
Mon Aug 29 11:34:56 CEST 2016
Thank you for your answer Alan...And to take time to teach me the right
way to get some help. I sincerely appreciate it.
I will try to rephrase my question according to your advices.
To authenticate host in a network i'm using a Proxy Radius chain. The
first element of this chain is named a Node and has a node identifier.
Host are connecting to the network via NAS and the Radius Server
configured in the NAS is the node radius.
The host and the NAS don't know about the node identifier.
The radius server knows about node identifier.
I have add a node file under /etc/raddb/policy.d/ and invoked it in
/etc/raddb/sites-available/default
node.pre-proxy {
if ("%{request:Packet-Type}" == 'Access-Request') {
update proxy-request {
&NET-NodeID == "ndid-00000001"
}
}
}
but when using PEAP-MSCHAPv2 authentication model the NET-NodeID item
doesn't appear in the Access-Request sent to the inner-tunnel.
Fri Aug 26 16:16:40 2016 : Debug: (2079) Virtual server inner-tunnel
received request
Fri Aug 26 16:16:40 2016 : Debug: (2079) EAP-Message =
0x0242001a01746573744062796f2d6e6574776f726b732e636f6d
Fri Aug 26 16:16:40 2016 : Debug: (2079) FreeRADIUS-Proxied-To = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2079) User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2079) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2079) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:16:40 2016 : Debug: (2079) Called-Station-Id =
"4E-A1-C9-31-3D-06:"
Fri Aug 26 16:16:40 2016 : Debug: (2079) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:16:40 2016 : Debug: (2079) NAS-Port = 0
Fri Aug 26 16:16:40 2016 : Debug: (2079) Calling-Station-Id =
"2A-72-E8-47-76-FE"
Fri Aug 26 16:16:40 2016 : Debug: (2079) Connect-Info = "CONNECT 0Mbps
802.11b"
Fri Aug 26 16:16:40 2016 : Debug: (2079) Acct-Session-Id =
"57B6BC2F-0000000C"
Fri Aug 26 16:16:40 2016 : Debug: (2079) Framed-MTU = 1400
Fri Aug 26 16:16:40 2016 : Debug: (2079) Event-Timestamp = "Aug 26
2016 16:16:40 CEST"
I join the file containing the full authentication log for a request
coming from node with identifier ndid-00000001 in NET-NodeID
Once again thank you for your support. I did my best to answer your
request and give you a better view. Let me know if it is not enough.
Tim
Le 28/08/2016 à 22:59, Alan DeKok a écrit :
> On Aug 28, 2016, at 11:37 AM, Tim Baledorion <timbaledorion at hotmail.com> wrote:
>> Here is my design.
> I would suggest using standard RADIUS vocabulary. And being clear in your descriptions.
>
>> I have a node implementing a Radius Proxy.
> What's a "node"?
>
>> This node is including its identifier in all Radius-Request.
> What is that "identifier?" Is it a RADIUS attribute?
>
> What's a "RADIUS-Request" ?
>
>> Its identifier is returned by the radius proxy chain (that has 3 levels til the end radius server)
> OK...
>
>> A NAS is connected to this node and linked to the radius proxy.
> How is the NAS "linked" to the RADIUS proxy?
>
>> The host are connecting to the NAS using PEAP/MSCHAPv2.
> OK...
>
>> I want the Node Identifier to be a part of the check items for the authentication process but i don't know how to do it.
> Read the debug output as suggested in the FAQ, "man" pages, web pages, and daily on this list.
>
> See what attributes are in the Access-Request. Then... write policies to look for those attributes.
>
> There is tons of documentation, and hundreds of examples of policies that come with the server.
>
>> I don't know if it has to be configured at the client, NAS or RADIUS side.
> RADIUS server policies are configured on the RADIUS server.
>
>> As of today everything works as described above but i haven't find anyway to get the Node Identifier Item in the authentication request.
> Read the debug output as suggested in the FAQ, "man" pages, web pages, and daily on this list.
>
> You will see what is in the packet.
>
>> Don't hesitate to ask for further informations.
> Please ask *good* questions. Right now, it's very hard to know what you want to do, because you've given very unusual explanations for everything.
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
Fri Aug 26 16:16:40 2016 : Debug: (2072) Received Access-Request Id 158 from 192.168.42.103:56100 to 192.168.42.101:1812 length 247
Fri Aug 26 16:16:40 2016 : Debug: (2072) User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2072) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2072) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:16:40 2016 : Debug: (2072) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:16:40 2016 : Debug: (2072) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:16:40 2016 : Debug: (2072) NAS-Port = 0
Fri Aug 26 16:16:40 2016 : Debug: (2072) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:16:40 2016 : Debug: (2072) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:16:40 2016 : Debug: (2072) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:16:40 2016 : Debug: (2072) Framed-MTU = 1400
Fri Aug 26 16:16:40 2016 : Debug: (2072) EAP-Message = 0x023b001a01746573744062796f2d6e6574776f726b732e636f6d
Fri Aug 26 16:16:40 2016 : Debug: (2072) Message-Authenticator = 0x7a4994d8e50438f6d67f545131e69a15
Fri Aug 26 16:16:40 2016 : Debug: (2072) Event-Timestamp = "Aug 26 2016 16:16:40 CEST"
Fri Aug 26 16:16:40 2016 : Debug: (2072) Proxy-State = 0x313938
Fri Aug 26 16:16:40 2016 : Debug: (2072) NET-NodeID = "ndid-00000001"
Fri Aug 26 16:16:40 2016 : Debug: (2072) Proxy-State = 0x313538
Fri Aug 26 16:16:40 2016 : Debug: (2072) session-state: No State attribute
Fri Aug 26 16:16:40 2016 : Debug: (2072) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2072) authorize {
Fri Aug 26 16:16:40 2016 : Debug: (2072) policy filter_username {
Fri Aug 26 16:16:40 2016 : Debug: (2072) if (!&User-Name) {
Fri Aug 26 16:16:40 2016 : Debug: (2072) if (!&User-Name) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2072) if (&User-Name =~ / /) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2072) if (&User-Name =~ / /) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2072) if (&User-Name =~ /@.*@/ ) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2072) if (&User-Name =~ /@.*@/ ) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2072) if (&User-Name =~ /\.\./ ) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2072) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2072) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 1 matches
Fri Aug 26 16:16:40 2016 : Debug: Clearing 1 matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 3 matches
Fri Aug 26 16:16:40 2016 : Debug: (2072) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2072) if (&User-Name =~ /\.$/) {
Fri Aug 26 16:16:40 2016 : Debug: Clearing 3 matches
Fri Aug 26 16:16:40 2016 : Debug: (2072) if (&User-Name =~ /\.$/) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2072) if (&User-Name =~ /@\./) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2072) if (&User-Name =~ /@\./) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2072) } # policy filter_username = notfound
Fri Aug 26 16:16:40 2016 : Debug: (2072) modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2072
Fri Aug 26 16:16:40 2016 : Debug: (2072) modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2072
Fri Aug 26 16:16:40 2016 : Debug: (2072) [preprocess] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2072) modsingle[authorize]: calling chap (rlm_chap) for request 2072
Fri Aug 26 16:16:40 2016 : Debug: (2072) modsingle[authorize]: returned from chap (rlm_chap) for request 2072
Fri Aug 26 16:16:40 2016 : Debug: (2072) [chap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2072) modsingle[authorize]: calling mschap (rlm_mschap) for request 2072
Fri Aug 26 16:16:40 2016 : Debug: (2072) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2072
Fri Aug 26 16:16:40 2016 : Debug: (2072) [mschap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2072) modsingle[authorize]: calling digest (rlm_digest) for request 2072
Fri Aug 26 16:16:40 2016 : Debug: (2072) modsingle[authorize]: returned from digest (rlm_digest) for request 2072
Fri Aug 26 16:16:40 2016 : Debug: (2072) [digest] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2072) modsingle[authorize]: calling suffix (rlm_realm) for request 2072
Fri Aug 26 16:16:40 2016 : Debug: (2072) suffix: Checking for suffix after "@"
Fri Aug 26 16:16:40 2016 : Debug: (2072) suffix: Looking up realm "networks.com" for User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2072) suffix: No such realm "networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2072) modsingle[authorize]: returned from suffix (rlm_realm) for request 2072
Fri Aug 26 16:16:40 2016 : Debug: (2072) [suffix] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2072) modsingle[authorize]: calling eap (rlm_eap) for request 2072
Fri Aug 26 16:16:40 2016 : Debug: (2072) eap: Peer sent EAP Response (code 2) ID 59 length 26
Fri Aug 26 16:16:40 2016 : Debug: (2072) eap: EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
Fri Aug 26 16:16:40 2016 : Debug: (2072) modsingle[authorize]: returned from eap (rlm_eap) for request 2072
Fri Aug 26 16:16:40 2016 : Debug: (2072) [eap] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2072) } # authorize = ok
Fri Aug 26 16:16:40 2016 : Debug: (2072) Found Auth-Type = EAP
Fri Aug 26 16:16:40 2016 : Debug: (2072) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2072) authenticate {
Fri Aug 26 16:16:40 2016 : Debug: (2072) modsingle[authenticate]: calling eap (rlm_eap) for request 2072
Fri Aug 26 16:16:40 2016 : Debug: (2072) eap: Peer sent packet with method EAP Identity (1)
Fri Aug 26 16:16:40 2016 : Debug: (2072) eap: Calling submodule eap_md5 to process data
Fri Aug 26 16:16:40 2016 : Debug: (2072) eap_md5: Issuing MD5 Challenge
Fri Aug 26 16:16:40 2016 : Debug: (2072) eap: Sending EAP Request (code 1) ID 60 length 22
Fri Aug 26 16:16:40 2016 : Debug: (2072) eap: EAP session adding &reply:State = 0x2db65ab02d8a5e1c
Fri Aug 26 16:16:40 2016 : Debug: (2072) modsingle[authenticate]: returned from eap (rlm_eap) for request 2072
Fri Aug 26 16:16:40 2016 : Debug: (2072) [eap] = handled
Fri Aug 26 16:16:40 2016 : Debug: (2072) } # authenticate = handled
Fri Aug 26 16:16:40 2016 : Debug: (2072) Using Post-Auth-Type Challenge
Fri Aug 26 16:16:40 2016 : Debug: (2072) Post-Auth-Type sub-section not found. Ignoring.
Fri Aug 26 16:16:40 2016 : Debug: (2072) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2072) session-state: Nothing to cache
Fri Aug 26 16:16:40 2016 : Debug: (2072) Sent Access-Challenge Id 158 from 192.168.42.101:1812 to 192.168.42.103:56100 length 0
Fri Aug 26 16:16:40 2016 : Debug: (2072) EAP-Message = 0x013c0016041023ed240288d8734fc6ba33cba5eba1b9
Fri Aug 26 16:16:40 2016 : Debug: (2072) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:16:40 2016 : Debug: (2072) State = 0x2db65ab02d8a5e1c14b46e27d539f2bf
Fri Aug 26 16:16:40 2016 : Debug: (2072) Proxy-State = 0x313938
Fri Aug 26 16:16:40 2016 : Debug: (2072) Proxy-State = 0x313538
Fri Aug 26 16:16:40 2016 : Debug: (2072) Finished request
Fri Aug 26 16:16:40 2016 : Debug: Waking up in 4.9 seconds.
Fri Aug 26 16:16:40 2016 : Debug: (2073) Received Access-Request Id 201 from 192.168.42.103:56100 to 192.168.42.101:1812 length 244
Fri Aug 26 16:16:40 2016 : Debug: (2073) User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2073) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2073) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:16:40 2016 : Debug: (2073) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:16:40 2016 : Debug: (2073) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:16:40 2016 : Debug: (2073) NAS-Port = 0
Fri Aug 26 16:16:40 2016 : Debug: (2073) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:16:40 2016 : Debug: (2073) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:16:40 2016 : Debug: (2073) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:16:40 2016 : Debug: (2073) Framed-MTU = 1400
Fri Aug 26 16:16:40 2016 : Debug: (2073) EAP-Message = 0x023c00060319
Fri Aug 26 16:16:40 2016 : Debug: (2073) State = 0x2db65ab02d8a5e1c14b46e27d539f2bf
Fri Aug 26 16:16:40 2016 : Debug: (2073) Message-Authenticator = 0xd0f261b31d633b349cfc40a099e2b376
Fri Aug 26 16:16:40 2016 : Debug: (2073) Event-Timestamp = "Aug 26 2016 16:16:40 CEST"
Fri Aug 26 16:16:40 2016 : Debug: (2073) Proxy-State = 0x313939
Fri Aug 26 16:16:40 2016 : Debug: (2073) NET-NodeID = "ndid-00000001"
Fri Aug 26 16:16:40 2016 : Debug: (2073) Proxy-State = 0x3537
Fri Aug 26 16:16:40 2016 : Debug: (2073) session-state: No cached attributes
Fri Aug 26 16:16:40 2016 : Debug: (2073) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2073) authorize {
Fri Aug 26 16:16:40 2016 : Debug: (2073) policy filter_username {
Fri Aug 26 16:16:40 2016 : Debug: (2073) if (!&User-Name) {
Fri Aug 26 16:16:40 2016 : Debug: (2073) if (!&User-Name) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2073) if (&User-Name =~ / /) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2073) if (&User-Name =~ / /) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2073) if (&User-Name =~ /@.*@/ ) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2073) if (&User-Name =~ /@.*@/ ) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2073) if (&User-Name =~ /\.\./ ) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2073) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2073) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 1 matches
Fri Aug 26 16:16:40 2016 : Debug: Clearing 1 matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 3 matches
Fri Aug 26 16:16:40 2016 : Debug: (2073) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2073) if (&User-Name =~ /\.$/) {
Fri Aug 26 16:16:40 2016 : Debug: Clearing 3 matches
Fri Aug 26 16:16:40 2016 : Debug: (2073) if (&User-Name =~ /\.$/) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2073) if (&User-Name =~ /@\./) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2073) if (&User-Name =~ /@\./) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2073) } # policy filter_username = notfound
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) [preprocess] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authorize]: calling chap (rlm_chap) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authorize]: returned from chap (rlm_chap) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) [chap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authorize]: calling mschap (rlm_mschap) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) [mschap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authorize]: calling digest (rlm_digest) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authorize]: returned from digest (rlm_digest) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) [digest] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authorize]: calling suffix (rlm_realm) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) suffix: Checking for suffix after "@"
Fri Aug 26 16:16:40 2016 : Debug: (2073) suffix: Looking up realm "networks.com" for User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2073) suffix: No such realm "networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authorize]: returned from suffix (rlm_realm) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) [suffix] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authorize]: calling eap (rlm_eap) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) eap: Peer sent EAP Response (code 2) ID 60 length 6
Fri Aug 26 16:16:40 2016 : Debug: (2073) eap: No EAP Start, assuming it's an on-going EAP conversation
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authorize]: returned from eap (rlm_eap) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) [eap] = updated
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authorize]: calling files (rlm_files) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authorize]: returned from files (rlm_files) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) [files] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authorize]: calling ldap (rlm_ldap) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2073) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2073) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2073) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2073) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2073) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2073) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2073) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2073) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2073) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2073) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Info: rlm_ldap (ldap): Closing connection (245): Hit idle_timeout, was idle for 225 seconds
Fri Aug 26 16:16:40 2016 : Debug: rlm_ldap (ldap): You probably need to lower "min"
Fri Aug 26 16:16:40 2016 : Debug: rlm_ldap: Closing libldap handle 0x557a220bdf10
Fri Aug 26 16:16:40 2016 : Info: rlm_ldap (ldap): Closing connection (246): Hit idle_timeout, was idle for 225 seconds
Fri Aug 26 16:16:40 2016 : Debug: rlm_ldap (ldap): You probably need to lower "min"
Fri Aug 26 16:16:40 2016 : Debug: rlm_ldap: Closing libldap handle 0x557a22113560
Fri Aug 26 16:16:40 2016 : Debug: rlm_ldap (ldap): 0 of 0 connections in use. You may need to increase "spare"
Fri Aug 26 16:16:40 2016 : Info: rlm_ldap (ldap): Opening additional connection (247), 1 of 32 pending slots used
Fri Aug 26 16:16:40 2016 : Debug: rlm_ldap (ldap): Connecting to ldap://localhost:389
Fri Aug 26 16:16:40 2016 : Debug: rlm_ldap (ldap): New libldap handle 0x557a22113560
Fri Aug 26 16:16:40 2016 : Debug: rlm_ldap (ldap): Waiting for bind result...
Fri Aug 26 16:16:40 2016 : Debug: rlm_ldap (ldap): Bind successful
Fri Aug 26 16:16:40 2016 : Debug: rlm_ldap (ldap): Reserved connection (247)
Fri Aug 26 16:16:40 2016 : Debug: (2073) ldap: EXPAND TMPL XLAT
Fri Aug 26 16:16:40 2016 : Debug: (uid=%{%{Stripped-User-Name}:-%{User-Name}})
Fri Aug 26 16:16:40 2016 : Debug: Parsed xlat tree:
Fri Aug 26 16:16:40 2016 : Debug: literal --> (uid=
Fri Aug 26 16:16:40 2016 : Debug: if {
Fri Aug 26 16:16:40 2016 : Debug: attribute --> Stripped-User-Name
Fri Aug 26 16:16:40 2016 : Debug: }
Fri Aug 26 16:16:40 2016 : Debug: else {
Fri Aug 26 16:16:40 2016 : Debug: attribute --> User-Name
Fri Aug 26 16:16:40 2016 : Debug: }
Fri Aug 26 16:16:40 2016 : Debug: literal --> )
Fri Aug 26 16:16:40 2016 : Debug: (2073) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
Fri Aug 26 16:16:40 2016 : Debug: (2073) ldap: --> (uid=test at networks.com)
Fri Aug 26 16:16:40 2016 : Debug: (2073) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2073) ldap: Performing search in "uid=lakc192e,ou=auth_servers,tnid=ukjprwp3,ou=tenants,dc=netos" with filter "(uid=test at networks.com)", scope "sub"
Fri Aug 26 16:16:40 2016 : Debug: (2073) ldap: Waiting for search result...
Fri Aug 26 16:16:40 2016 : Debug: (2073) ldap: Search returned no results
Fri Aug 26 16:16:40 2016 : Debug: rlm_ldap (ldap): Released connection (247)
Fri Aug 26 16:16:40 2016 : Info: rlm_ldap (ldap): Need 2 more connections to reach 10 spares
Fri Aug 26 16:16:40 2016 : Info: rlm_ldap (ldap): Opening additional connection (248), 1 of 31 pending slots used
Fri Aug 26 16:16:40 2016 : Debug: rlm_ldap (ldap): Connecting to ldap://localhost:389
Fri Aug 26 16:16:40 2016 : Debug: rlm_ldap (ldap): New libldap handle 0x557a220bdf10
Fri Aug 26 16:16:40 2016 : Debug: rlm_ldap (ldap): Waiting for bind result...
Fri Aug 26 16:16:40 2016 : Debug: rlm_ldap (ldap): Bind successful
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authorize]: returned from ldap (rlm_ldap) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) [ldap] = notfound
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authorize]: calling expiration (rlm_expiration) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authorize]: returned from expiration (rlm_expiration) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) [expiration] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authorize]: calling logintime (rlm_logintime) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authorize]: returned from logintime (rlm_logintime) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) [logintime] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authorize]: calling pap (rlm_pap) for request 2073
Fri Aug 26 16:16:40 2016 : WARNING: (2073) pap: No "known good" password found for the user. Not setting Auth-Type
Fri Aug 26 16:16:40 2016 : WARNING: (2073) pap: Authentication will fail unless a "known good" password is available
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authorize]: returned from pap (rlm_pap) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) [pap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2073) } # authorize = updated
Fri Aug 26 16:16:40 2016 : Debug: (2073) Found Auth-Type = EAP
Fri Aug 26 16:16:40 2016 : Debug: (2073) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2073) authenticate {
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authenticate]: calling eap (rlm_eap) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) eap: Expiring EAP session with state 0x2db65ab02d8a5e1c
Fri Aug 26 16:16:40 2016 : Debug: (2073) eap: Finished EAP session with state 0x2db65ab02d8a5e1c
Fri Aug 26 16:16:40 2016 : Debug: (2073) eap: Previous EAP request found for state 0x2db65ab02d8a5e1c, released from the list
Fri Aug 26 16:16:40 2016 : Debug: (2073) eap: Peer sent packet with method EAP NAK (3)
Fri Aug 26 16:16:40 2016 : Debug: (2073) eap: Found mutually acceptable type PEAP (25)
Fri Aug 26 16:16:40 2016 : Debug: (2073) eap: Calling submodule eap_peap to process data
Fri Aug 26 16:16:40 2016 : Debug: (2073) eap_peap: Initiating new EAP-TLS session
Fri Aug 26 16:16:40 2016 : Debug: (2073) eap_peap: [eaptls start] = request
Fri Aug 26 16:16:40 2016 : Debug: (2073) eap: Sending EAP Request (code 1) ID 61 length 6
Fri Aug 26 16:16:40 2016 : Debug: (2073) eap: EAP session adding &reply:State = 0x2db65ab02c8b431c
Fri Aug 26 16:16:40 2016 : Debug: (2073) modsingle[authenticate]: returned from eap (rlm_eap) for request 2073
Fri Aug 26 16:16:40 2016 : Debug: (2073) [eap] = handled
Fri Aug 26 16:16:40 2016 : Debug: (2073) } # authenticate = handled
Fri Aug 26 16:16:40 2016 : Debug: (2073) Using Post-Auth-Type Challenge
Fri Aug 26 16:16:40 2016 : Debug: (2073) Post-Auth-Type sub-section not found. Ignoring.
Fri Aug 26 16:16:40 2016 : Debug: (2073) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2073) session-state: Nothing to cache
Fri Aug 26 16:16:40 2016 : Debug: (2073) Sent Access-Challenge Id 201 from 192.168.42.101:1812 to 192.168.42.103:56100 length 0
Fri Aug 26 16:16:40 2016 : Debug: (2073) EAP-Message = 0x013d00061920
Fri Aug 26 16:16:40 2016 : Debug: (2073) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:16:40 2016 : Debug: (2073) State = 0x2db65ab02c8b431c14b46e27d539f2bf
Fri Aug 26 16:16:40 2016 : Debug: (2073) Proxy-State = 0x313939
Fri Aug 26 16:16:40 2016 : Debug: (2073) Proxy-State = 0x3537
Fri Aug 26 16:16:40 2016 : Debug: (2073) Finished request
Fri Aug 26 16:16:40 2016 : Debug: Waking up in 4.9 seconds.
Fri Aug 26 16:16:40 2016 : Debug: (2074) Received Access-Request Id 80 from 192.168.42.103:56100 to 192.168.42.101:1812 length 535
Fri Aug 26 16:16:40 2016 : Debug: (2074) User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2074) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2074) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:16:40 2016 : Debug: (2074) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:16:40 2016 : Debug: (2074) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:16:40 2016 : Debug: (2074) NAS-Port = 0
Fri Aug 26 16:16:40 2016 : Debug: (2074) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:16:40 2016 : Debug: (2074) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:16:40 2016 : Debug: (2074) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:16:40 2016 : Debug: (2074) Framed-MTU = 1400
Fri Aug 26 16:16:40 2016 : Debug: (2074) EAP-Message = 0x023d012719800000011d1603010118010001140303b9e4c4dbaaebb5daee091b2febc96702290b0189bf2a0a02187c911772a2ad2c0000acc030c02cc028c024c014c00a00a500a300a1009f006b006a0069006800390038003700360088008700860085c032c02ec02ac026c00fc005009d003d003500
Fri Aug 26 16:16:40 2016 : Debug: (2074) State = 0x2db65ab02c8b431c14b46e27d539f2bf
Fri Aug 26 16:16:40 2016 : Debug: (2074) Message-Authenticator = 0xa6b89ac05c543c09821698d30644156a
Fri Aug 26 16:16:40 2016 : Debug: (2074) Event-Timestamp = "Aug 26 2016 16:16:40 CEST"
Fri Aug 26 16:16:40 2016 : Debug: (2074) Proxy-State = 0x323030
Fri Aug 26 16:16:40 2016 : Debug: (2074) NET-NodeID = "ndid-00000001"
Fri Aug 26 16:16:40 2016 : Debug: (2074) Proxy-State = 0x3532
Fri Aug 26 16:16:40 2016 : Debug: (2074) session-state: No cached attributes
Fri Aug 26 16:16:40 2016 : Debug: (2074) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2074) authorize {
Fri Aug 26 16:16:40 2016 : Debug: (2074) policy filter_username {
Fri Aug 26 16:16:40 2016 : Debug: (2074) if (!&User-Name) {
Fri Aug 26 16:16:40 2016 : Debug: (2074) if (!&User-Name) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2074) if (&User-Name =~ / /) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2074) if (&User-Name =~ / /) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2074) if (&User-Name =~ /@.*@/ ) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2074) if (&User-Name =~ /@.*@/ ) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2074) if (&User-Name =~ /\.\./ ) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2074) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2074) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 1 matches
Fri Aug 26 16:16:40 2016 : Debug: Clearing 1 matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 3 matches
Fri Aug 26 16:16:40 2016 : Debug: (2074) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2074) if (&User-Name =~ /\.$/) {
Fri Aug 26 16:16:40 2016 : Debug: Clearing 3 matches
Fri Aug 26 16:16:40 2016 : Debug: (2074) if (&User-Name =~ /\.$/) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2074) if (&User-Name =~ /@\./) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2074) if (&User-Name =~ /@\./) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2074) } # policy filter_username = notfound
Fri Aug 26 16:16:40 2016 : Debug: (2074) modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2074
Fri Aug 26 16:16:40 2016 : Debug: (2074) modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2074
Fri Aug 26 16:16:40 2016 : Debug: (2074) [preprocess] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2074) modsingle[authorize]: calling chap (rlm_chap) for request 2074
Fri Aug 26 16:16:40 2016 : Debug: (2074) modsingle[authorize]: returned from chap (rlm_chap) for request 2074
Fri Aug 26 16:16:40 2016 : Debug: (2074) [chap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2074) modsingle[authorize]: calling mschap (rlm_mschap) for request 2074
Fri Aug 26 16:16:40 2016 : Debug: (2074) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2074
Fri Aug 26 16:16:40 2016 : Debug: (2074) [mschap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2074) modsingle[authorize]: calling digest (rlm_digest) for request 2074
Fri Aug 26 16:16:40 2016 : Debug: (2074) modsingle[authorize]: returned from digest (rlm_digest) for request 2074
Fri Aug 26 16:16:40 2016 : Debug: (2074) [digest] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2074) modsingle[authorize]: calling suffix (rlm_realm) for request 2074
Fri Aug 26 16:16:40 2016 : Debug: (2074) suffix: Checking for suffix after "@"
Fri Aug 26 16:16:40 2016 : Debug: (2074) suffix: Looking up realm "networks.com" for User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2074) suffix: No such realm "networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2074) modsingle[authorize]: returned from suffix (rlm_realm) for request 2074
Fri Aug 26 16:16:40 2016 : Debug: (2074) [suffix] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2074) modsingle[authorize]: calling eap (rlm_eap) for request 2074
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap: Peer sent EAP Response (code 2) ID 61 length 295
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap: Continuing tunnel setup
Fri Aug 26 16:16:40 2016 : Debug: (2074) modsingle[authorize]: returned from eap (rlm_eap) for request 2074
Fri Aug 26 16:16:40 2016 : Debug: (2074) [eap] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2074) } # authorize = ok
Fri Aug 26 16:16:40 2016 : Debug: (2074) Found Auth-Type = EAP
Fri Aug 26 16:16:40 2016 : Debug: (2074) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2074) authenticate {
Fri Aug 26 16:16:40 2016 : Debug: (2074) modsingle[authenticate]: calling eap (rlm_eap) for request 2074
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap: Expiring EAP session with state 0x2db65ab02c8b431c
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap: Finished EAP session with state 0x2db65ab02c8b431c
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap: Previous EAP request found for state 0x2db65ab02c8b431c, released from the list
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap: Peer sent packet with method EAP PEAP (25)
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap: Calling submodule eap_peap to process data
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: Continuing EAP-TLS
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: Peer sent flags --L
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: Peer indicated complete TLS record size will be 285 bytes
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: Got complete TLS record (285 bytes)
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: [eaptls verify] = length included
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: (other): before/accept initialization
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: TLS_accept: before/accept initialization
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: <<< UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: <<< TLS 1.2 [length 0118]
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: TLS_accept: SSLv3 read client hello A
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: >>> UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: >>> TLS 1.2 [length 005e]
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: TLS_accept: SSLv3 write server hello A
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: >>> UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: >>> TLS 1.2 [length 08d3]
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: TLS_accept: SSLv3 write certificate A
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: >>> UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: >>> TLS 1.2 [length 014d]
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: TLS_accept: SSLv3 write key exchange A
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: >>> UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: >>> TLS 1.2 [length 0004]
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: TLS_accept: SSLv3 write server done A
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: TLS_accept: SSLv3 flush data
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: TLS_accept: SSLv3 read client certificate A
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: TLS_accept: Need to read more data: SSLv3 read client key exchange A
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: TLS_accept: Need to read more data: SSLv3 read client key exchange A
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: In SSL Handshake Phase
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: In SSL Accept mode
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap_peap: [eaptls process] = handled
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap: Sending EAP Request (code 1) ID 62 length 1004
Fri Aug 26 16:16:40 2016 : Debug: (2074) eap: EAP session adding &reply:State = 0x2db65ab02f88431c
Fri Aug 26 16:16:40 2016 : Debug: (2074) modsingle[authenticate]: returned from eap (rlm_eap) for request 2074
Fri Aug 26 16:16:40 2016 : Debug: (2074) [eap] = handled
Fri Aug 26 16:16:40 2016 : Debug: (2074) } # authenticate = handled
Fri Aug 26 16:16:40 2016 : Debug: (2074) Using Post-Auth-Type Challenge
Fri Aug 26 16:16:40 2016 : Debug: (2074) Post-Auth-Type sub-section not found. Ignoring.
Fri Aug 26 16:16:40 2016 : Debug: (2074) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2074) session-state: Nothing to cache
Fri Aug 26 16:16:40 2016 : Debug: (2074) Sent Access-Challenge Id 80 from 192.168.42.101:1812 to 192.168.42.103:56100 length 0
Fri Aug 26 16:16:40 2016 : Debug: (2074) EAP-Message = 0x013e03ec19c000000a96160303005e0200005a03038c68239155a36daee99d617f8729f93a0fdca18392907f26d6ced9261189c84f20625697f73fe0ff3715df2ddc1750990742091c88ab9fdbb0f19f97c35418c1afc030000012ff01000100000b000403000102000f00010116030308d30b0008cf00
Fri Aug 26 16:16:40 2016 : Debug: (2074) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:16:40 2016 : Debug: (2074) State = 0x2db65ab02f88431c14b46e27d539f2bf
Fri Aug 26 16:16:40 2016 : Debug: (2074) Proxy-State = 0x323030
Fri Aug 26 16:16:40 2016 : Debug: (2074) Proxy-State = 0x3532
Fri Aug 26 16:16:40 2016 : Debug: (2074) Finished request
Fri Aug 26 16:16:40 2016 : Debug: Waking up in 4.9 seconds.
Fri Aug 26 16:16:40 2016 : Debug: (2075) Received Access-Request Id 31 from 192.168.42.103:56100 to 192.168.42.101:1812 length 245
Fri Aug 26 16:16:40 2016 : Debug: (2075) User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2075) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2075) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:16:40 2016 : Debug: (2075) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:16:40 2016 : Debug: (2075) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:16:40 2016 : Debug: (2075) NAS-Port = 0
Fri Aug 26 16:16:40 2016 : Debug: (2075) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:16:40 2016 : Debug: (2075) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:16:40 2016 : Debug: (2075) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:16:40 2016 : Debug: (2075) Framed-MTU = 1400
Fri Aug 26 16:16:40 2016 : Debug: (2075) EAP-Message = 0x023e00061900
Fri Aug 26 16:16:40 2016 : Debug: (2075) State = 0x2db65ab02f88431c14b46e27d539f2bf
Fri Aug 26 16:16:40 2016 : Debug: (2075) Message-Authenticator = 0x6a6751e679dca3b224e587b6bdc16072
Fri Aug 26 16:16:40 2016 : Debug: (2075) Event-Timestamp = "Aug 26 2016 16:16:40 CEST"
Fri Aug 26 16:16:40 2016 : Debug: (2075) Proxy-State = 0x323031
Fri Aug 26 16:16:40 2016 : Debug: (2075) NET-NodeID = "ndid-00000001"
Fri Aug 26 16:16:40 2016 : Debug: (2075) Proxy-State = 0x323331
Fri Aug 26 16:16:40 2016 : Debug: (2075) session-state: No cached attributes
Fri Aug 26 16:16:40 2016 : Debug: (2075) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2075) authorize {
Fri Aug 26 16:16:40 2016 : Debug: (2075) policy filter_username {
Fri Aug 26 16:16:40 2016 : Debug: (2075) if (!&User-Name) {
Fri Aug 26 16:16:40 2016 : Debug: (2075) if (!&User-Name) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2075) if (&User-Name =~ / /) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2075) if (&User-Name =~ / /) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2075) if (&User-Name =~ /@.*@/ ) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2075) if (&User-Name =~ /@.*@/ ) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2075) if (&User-Name =~ /\.\./ ) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2075) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2075) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 1 matches
Fri Aug 26 16:16:40 2016 : Debug: Clearing 1 matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 3 matches
Fri Aug 26 16:16:40 2016 : Debug: (2075) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2075) if (&User-Name =~ /\.$/) {
Fri Aug 26 16:16:40 2016 : Debug: Clearing 3 matches
Fri Aug 26 16:16:40 2016 : Debug: (2075) if (&User-Name =~ /\.$/) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2075) if (&User-Name =~ /@\./) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2075) if (&User-Name =~ /@\./) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2075) } # policy filter_username = notfound
Fri Aug 26 16:16:40 2016 : Debug: (2075) modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2075
Fri Aug 26 16:16:40 2016 : Debug: (2075) modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2075
Fri Aug 26 16:16:40 2016 : Debug: (2075) [preprocess] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2075) modsingle[authorize]: calling chap (rlm_chap) for request 2075
Fri Aug 26 16:16:40 2016 : Debug: (2075) modsingle[authorize]: returned from chap (rlm_chap) for request 2075
Fri Aug 26 16:16:40 2016 : Debug: (2075) [chap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2075) modsingle[authorize]: calling mschap (rlm_mschap) for request 2075
Fri Aug 26 16:16:40 2016 : Debug: (2075) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2075
Fri Aug 26 16:16:40 2016 : Debug: (2075) [mschap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2075) modsingle[authorize]: calling digest (rlm_digest) for request 2075
Fri Aug 26 16:16:40 2016 : Debug: (2075) modsingle[authorize]: returned from digest (rlm_digest) for request 2075
Fri Aug 26 16:16:40 2016 : Debug: (2075) [digest] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2075) modsingle[authorize]: calling suffix (rlm_realm) for request 2075
Fri Aug 26 16:16:40 2016 : Debug: (2075) suffix: Checking for suffix after "@"
Fri Aug 26 16:16:40 2016 : Debug: (2075) suffix: Looking up realm "networks.com" for User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2075) suffix: No such realm "networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2075) modsingle[authorize]: returned from suffix (rlm_realm) for request 2075
Fri Aug 26 16:16:40 2016 : Debug: (2075) [suffix] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2075) modsingle[authorize]: calling eap (rlm_eap) for request 2075
Fri Aug 26 16:16:40 2016 : Debug: (2075) eap: Peer sent EAP Response (code 2) ID 62 length 6
Fri Aug 26 16:16:40 2016 : Debug: (2075) eap: Continuing tunnel setup
Fri Aug 26 16:16:40 2016 : Debug: (2075) modsingle[authorize]: returned from eap (rlm_eap) for request 2075
Fri Aug 26 16:16:40 2016 : Debug: (2075) [eap] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2075) } # authorize = ok
Fri Aug 26 16:16:40 2016 : Debug: (2075) Found Auth-Type = EAP
Fri Aug 26 16:16:40 2016 : Debug: (2075) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2075) authenticate {
Fri Aug 26 16:16:40 2016 : Debug: (2075) modsingle[authenticate]: calling eap (rlm_eap) for request 2075
Fri Aug 26 16:16:40 2016 : Debug: (2075) eap: Expiring EAP session with state 0x2db65ab02f88431c
Fri Aug 26 16:16:40 2016 : Debug: (2075) eap: Finished EAP session with state 0x2db65ab02f88431c
Fri Aug 26 16:16:40 2016 : Debug: (2075) eap: Previous EAP request found for state 0x2db65ab02f88431c, released from the list
Fri Aug 26 16:16:40 2016 : Debug: (2075) eap: Peer sent packet with method EAP PEAP (25)
Fri Aug 26 16:16:40 2016 : Debug: (2075) eap: Calling submodule eap_peap to process data
Fri Aug 26 16:16:40 2016 : Debug: (2075) eap_peap: Continuing EAP-TLS
Fri Aug 26 16:16:40 2016 : Debug: (2075) eap_peap: Peer sent flags ---
Fri Aug 26 16:16:40 2016 : Debug: (2075) eap_peap: Peer ACKed our handshake fragment
Fri Aug 26 16:16:40 2016 : Debug: (2075) eap_peap: [eaptls verify] = request
Fri Aug 26 16:16:40 2016 : Debug: (2075) eap_peap: [eaptls process] = handled
Fri Aug 26 16:16:40 2016 : Debug: (2075) eap: Sending EAP Request (code 1) ID 63 length 1000
Fri Aug 26 16:16:40 2016 : Debug: (2075) eap: EAP session adding &reply:State = 0x2db65ab02e89431c
Fri Aug 26 16:16:40 2016 : Debug: (2075) modsingle[authenticate]: returned from eap (rlm_eap) for request 2075
Fri Aug 26 16:16:40 2016 : Debug: (2075) [eap] = handled
Fri Aug 26 16:16:40 2016 : Debug: (2075) } # authenticate = handled
Fri Aug 26 16:16:40 2016 : Debug: (2075) Using Post-Auth-Type Challenge
Fri Aug 26 16:16:40 2016 : Debug: (2075) Post-Auth-Type sub-section not found. Ignoring.
Fri Aug 26 16:16:40 2016 : Debug: (2075) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2075) session-state: Nothing to cache
Fri Aug 26 16:16:40 2016 : Debug: (2075) Sent Access-Challenge Id 31 from 192.168.42.101:1812 to 192.168.42.103:56100 length 0
Fri Aug 26 16:16:40 2016 : Debug: (2075) EAP-Message = 0x013f03e819406e2c60847a14529a5f98e7f1bf52f2d26ec514453677352a8d68a5302b0361fe4a7e16c5647984b3f69dc5a2f30d1de20669ed19427408514d9cc5c87907b21503e44e9b8f8fdb08c2b76a59168ae1e46613f67abfac342e29b19c095fd044a369df5742aff224c7ec2c19d1ebaa0004e8
Fri Aug 26 16:16:40 2016 : Debug: (2075) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:16:40 2016 : Debug: (2075) State = 0x2db65ab02e89431c14b46e27d539f2bf
Fri Aug 26 16:16:40 2016 : Debug: (2075) Proxy-State = 0x323031
Fri Aug 26 16:16:40 2016 : Debug: (2075) Proxy-State = 0x323331
Fri Aug 26 16:16:40 2016 : Debug: (2075) Finished request
Fri Aug 26 16:16:40 2016 : Debug: Waking up in 4.9 seconds.
Fri Aug 26 16:16:40 2016 : Debug: (2076) Received Access-Request Id 21 from 192.168.42.103:56100 to 192.168.42.101:1812 length 244
Fri Aug 26 16:16:40 2016 : Debug: (2076) User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2076) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2076) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:16:40 2016 : Debug: (2076) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:16:40 2016 : Debug: (2076) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:16:40 2016 : Debug: (2076) NAS-Port = 0
Fri Aug 26 16:16:40 2016 : Debug: (2076) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:16:40 2016 : Debug: (2076) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:16:40 2016 : Debug: (2076) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:16:40 2016 : Debug: (2076) Framed-MTU = 1400
Fri Aug 26 16:16:40 2016 : Debug: (2076) EAP-Message = 0x023f00061900
Fri Aug 26 16:16:40 2016 : Debug: (2076) State = 0x2db65ab02e89431c14b46e27d539f2bf
Fri Aug 26 16:16:40 2016 : Debug: (2076) Message-Authenticator = 0x63a5d815660a7a81d41b4fb9fa35138a
Fri Aug 26 16:16:40 2016 : Debug: (2076) Event-Timestamp = "Aug 26 2016 16:16:40 CEST"
Fri Aug 26 16:16:40 2016 : Debug: (2076) Proxy-State = 0x323032
Fri Aug 26 16:16:40 2016 : Debug: (2076) NET-NodeID = "ndid-00000001"
Fri Aug 26 16:16:40 2016 : Debug: (2076) Proxy-State = 0x3336
Fri Aug 26 16:16:40 2016 : Debug: (2076) session-state: No cached attributes
Fri Aug 26 16:16:40 2016 : Debug: (2076) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2076) authorize {
Fri Aug 26 16:16:40 2016 : Debug: (2076) policy filter_username {
Fri Aug 26 16:16:40 2016 : Debug: (2076) if (!&User-Name) {
Fri Aug 26 16:16:40 2016 : Debug: (2076) if (!&User-Name) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2076) if (&User-Name =~ / /) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2076) if (&User-Name =~ / /) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2076) if (&User-Name =~ /@.*@/ ) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2076) if (&User-Name =~ /@.*@/ ) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2076) if (&User-Name =~ /\.\./ ) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2076) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2076) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 1 matches
Fri Aug 26 16:16:40 2016 : Debug: Clearing 1 matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 3 matches
Fri Aug 26 16:16:40 2016 : Debug: (2076) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2076) if (&User-Name =~ /\.$/) {
Fri Aug 26 16:16:40 2016 : Debug: Clearing 3 matches
Fri Aug 26 16:16:40 2016 : Debug: (2076) if (&User-Name =~ /\.$/) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2076) if (&User-Name =~ /@\./) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2076) if (&User-Name =~ /@\./) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2076) } # policy filter_username = notfound
Fri Aug 26 16:16:40 2016 : Debug: (2076) modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2076
Fri Aug 26 16:16:40 2016 : Debug: (2076) modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2076
Fri Aug 26 16:16:40 2016 : Debug: (2076) [preprocess] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2076) modsingle[authorize]: calling chap (rlm_chap) for request 2076
Fri Aug 26 16:16:40 2016 : Debug: (2076) modsingle[authorize]: returned from chap (rlm_chap) for request 2076
Fri Aug 26 16:16:40 2016 : Debug: (2076) [chap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2076) modsingle[authorize]: calling mschap (rlm_mschap) for request 2076
Fri Aug 26 16:16:40 2016 : Debug: (2076) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2076
Fri Aug 26 16:16:40 2016 : Debug: (2076) [mschap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2076) modsingle[authorize]: calling digest (rlm_digest) for request 2076
Fri Aug 26 16:16:40 2016 : Debug: (2076) modsingle[authorize]: returned from digest (rlm_digest) for request 2076
Fri Aug 26 16:16:40 2016 : Debug: (2076) [digest] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2076) modsingle[authorize]: calling suffix (rlm_realm) for request 2076
Fri Aug 26 16:16:40 2016 : Debug: (2076) suffix: Checking for suffix after "@"
Fri Aug 26 16:16:40 2016 : Debug: (2076) suffix: Looking up realm "networks.com" for User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2076) suffix: No such realm "networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2076) modsingle[authorize]: returned from suffix (rlm_realm) for request 2076
Fri Aug 26 16:16:40 2016 : Debug: (2076) [suffix] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2076) modsingle[authorize]: calling eap (rlm_eap) for request 2076
Fri Aug 26 16:16:40 2016 : Debug: (2076) eap: Peer sent EAP Response (code 2) ID 63 length 6
Fri Aug 26 16:16:40 2016 : Debug: (2076) eap: Continuing tunnel setup
Fri Aug 26 16:16:40 2016 : Debug: (2076) modsingle[authorize]: returned from eap (rlm_eap) for request 2076
Fri Aug 26 16:16:40 2016 : Debug: (2076) [eap] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2076) } # authorize = ok
Fri Aug 26 16:16:40 2016 : Debug: (2076) Found Auth-Type = EAP
Fri Aug 26 16:16:40 2016 : Debug: (2076) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2076) authenticate {
Fri Aug 26 16:16:40 2016 : Debug: (2076) modsingle[authenticate]: calling eap (rlm_eap) for request 2076
Fri Aug 26 16:16:40 2016 : Debug: (2076) eap: Expiring EAP session with state 0x2db65ab02e89431c
Fri Aug 26 16:16:40 2016 : Debug: (2076) eap: Finished EAP session with state 0x2db65ab02e89431c
Fri Aug 26 16:16:40 2016 : Debug: (2076) eap: Previous EAP request found for state 0x2db65ab02e89431c, released from the list
Fri Aug 26 16:16:40 2016 : Debug: (2076) eap: Peer sent packet with method EAP PEAP (25)
Fri Aug 26 16:16:40 2016 : Debug: (2076) eap: Calling submodule eap_peap to process data
Fri Aug 26 16:16:40 2016 : Debug: (2076) eap_peap: Continuing EAP-TLS
Fri Aug 26 16:16:40 2016 : Debug: (2076) eap_peap: Peer sent flags ---
Fri Aug 26 16:16:40 2016 : Debug: (2076) eap_peap: Peer ACKed our handshake fragment
Fri Aug 26 16:16:40 2016 : Debug: (2076) eap_peap: [eaptls verify] = request
Fri Aug 26 16:16:40 2016 : Debug: (2076) eap_peap: [eaptls process] = handled
Fri Aug 26 16:16:40 2016 : Debug: (2076) eap: Sending EAP Request (code 1) ID 64 length 728
Fri Aug 26 16:16:40 2016 : Debug: (2076) eap: EAP session adding &reply:State = 0x2db65ab029f6431c
Fri Aug 26 16:16:40 2016 : Debug: (2076) modsingle[authenticate]: returned from eap (rlm_eap) for request 2076
Fri Aug 26 16:16:40 2016 : Debug: (2076) [eap] = handled
Fri Aug 26 16:16:40 2016 : Debug: (2076) } # authenticate = handled
Fri Aug 26 16:16:40 2016 : Debug: (2076) Using Post-Auth-Type Challenge
Fri Aug 26 16:16:40 2016 : Debug: (2076) Post-Auth-Type sub-section not found. Ignoring.
Fri Aug 26 16:16:40 2016 : Debug: (2076) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2076) session-state: Nothing to cache
Fri Aug 26 16:16:40 2016 : Debug: (2076) Sent Access-Challenge Id 21 from 192.168.42.101:1812 to 192.168.42.103:56100 length 0
Fri Aug 26 16:16:40 2016 : Debug: (2076) EAP-Message = 0x014002d81900696361746520417574686f72697479820900c80c6a04cc34a5b8300f0603551d130101ff040530030101ff30360603551d1f042f302d302ba029a0278625687474703a2f2f7777772e6578616d706c652e6f72672f6578616d706c655f63612e63726c300d06092a864886f70d01010b05
Fri Aug 26 16:16:40 2016 : Debug: (2076) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:16:40 2016 : Debug: (2076) State = 0x2db65ab029f6431c14b46e27d539f2bf
Fri Aug 26 16:16:40 2016 : Debug: (2076) Proxy-State = 0x323032
Fri Aug 26 16:16:40 2016 : Debug: (2076) Proxy-State = 0x3336
Fri Aug 26 16:16:40 2016 : Debug: (2076) Finished request
Fri Aug 26 16:16:40 2016 : Debug: Waking up in 4.9 seconds.
Fri Aug 26 16:16:40 2016 : Debug: (2077) Received Access-Request Id 4 from 192.168.42.103:56100 to 192.168.42.101:1812 length 374
Fri Aug 26 16:16:40 2016 : Debug: (2077) User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2077) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2077) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:16:40 2016 : Debug: (2077) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:16:40 2016 : Debug: (2077) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:16:40 2016 : Debug: (2077) NAS-Port = 0
Fri Aug 26 16:16:40 2016 : Debug: (2077) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:16:40 2016 : Debug: (2077) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:16:40 2016 : Debug: (2077) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:16:40 2016 : Debug: (2077) Framed-MTU = 1400
Fri Aug 26 16:16:40 2016 : Debug: (2077) EAP-Message = 0x0240008819800000007e16030300461000004241042603cacebb06f2acaf3fdc75a139b2f703bc4a182c13b71e28dafbcebab04d9c4139d0c5e0eaad4945bc2396e1ad0b09b02d9800e70ddf8d2cf96c54d2cc1b7a1403030001011603030028c5a0f3d7fa65d0fbe6e99855326f836711fb4e80da7339
Fri Aug 26 16:16:40 2016 : Debug: (2077) State = 0x2db65ab029f6431c14b46e27d539f2bf
Fri Aug 26 16:16:40 2016 : Debug: (2077) Message-Authenticator = 0x0baf020b2d42b1cea7e8a3a592b3598d
Fri Aug 26 16:16:40 2016 : Debug: (2077) Event-Timestamp = "Aug 26 2016 16:16:40 CEST"
Fri Aug 26 16:16:40 2016 : Debug: (2077) Proxy-State = 0x323033
Fri Aug 26 16:16:40 2016 : Debug: (2077) NET-NodeID = "ndid-00000001"
Fri Aug 26 16:16:40 2016 : Debug: (2077) Proxy-State = 0x3936
Fri Aug 26 16:16:40 2016 : Debug: (2077) session-state: No cached attributes
Fri Aug 26 16:16:40 2016 : Debug: (2077) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2077) authorize {
Fri Aug 26 16:16:40 2016 : Debug: (2077) policy filter_username {
Fri Aug 26 16:16:40 2016 : Debug: (2077) if (!&User-Name) {
Fri Aug 26 16:16:40 2016 : Debug: (2077) if (!&User-Name) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2077) if (&User-Name =~ / /) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2077) if (&User-Name =~ / /) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2077) if (&User-Name =~ /@.*@/ ) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2077) if (&User-Name =~ /@.*@/ ) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2077) if (&User-Name =~ /\.\./ ) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2077) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2077) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 1 matches
Fri Aug 26 16:16:40 2016 : Debug: Clearing 1 matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 3 matches
Fri Aug 26 16:16:40 2016 : Debug: (2077) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2077) if (&User-Name =~ /\.$/) {
Fri Aug 26 16:16:40 2016 : Debug: Clearing 3 matches
Fri Aug 26 16:16:40 2016 : Debug: (2077) if (&User-Name =~ /\.$/) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2077) if (&User-Name =~ /@\./) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2077) if (&User-Name =~ /@\./) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2077) } # policy filter_username = notfound
Fri Aug 26 16:16:40 2016 : Debug: (2077) modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2077
Fri Aug 26 16:16:40 2016 : Debug: (2077) modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2077
Fri Aug 26 16:16:40 2016 : Debug: (2077) [preprocess] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2077) modsingle[authorize]: calling chap (rlm_chap) for request 2077
Fri Aug 26 16:16:40 2016 : Debug: (2077) modsingle[authorize]: returned from chap (rlm_chap) for request 2077
Fri Aug 26 16:16:40 2016 : Debug: (2077) [chap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2077) modsingle[authorize]: calling mschap (rlm_mschap) for request 2077
Fri Aug 26 16:16:40 2016 : Debug: (2077) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2077
Fri Aug 26 16:16:40 2016 : Debug: (2077) [mschap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2077) modsingle[authorize]: calling digest (rlm_digest) for request 2077
Fri Aug 26 16:16:40 2016 : Debug: (2077) modsingle[authorize]: returned from digest (rlm_digest) for request 2077
Fri Aug 26 16:16:40 2016 : Debug: (2077) [digest] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2077) modsingle[authorize]: calling suffix (rlm_realm) for request 2077
Fri Aug 26 16:16:40 2016 : Debug: (2077) suffix: Checking for suffix after "@"
Fri Aug 26 16:16:40 2016 : Debug: (2077) suffix: Looking up realm "networks.com" for User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2077) suffix: No such realm "networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2077) modsingle[authorize]: returned from suffix (rlm_realm) for request 2077
Fri Aug 26 16:16:40 2016 : Debug: (2077) [suffix] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2077) modsingle[authorize]: calling eap (rlm_eap) for request 2077
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap: Peer sent EAP Response (code 2) ID 64 length 136
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap: Continuing tunnel setup
Fri Aug 26 16:16:40 2016 : Debug: (2077) modsingle[authorize]: returned from eap (rlm_eap) for request 2077
Fri Aug 26 16:16:40 2016 : Debug: (2077) [eap] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2077) } # authorize = ok
Fri Aug 26 16:16:40 2016 : Debug: (2077) Found Auth-Type = EAP
Fri Aug 26 16:16:40 2016 : Debug: (2077) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2077) authenticate {
Fri Aug 26 16:16:40 2016 : Debug: (2077) modsingle[authenticate]: calling eap (rlm_eap) for request 2077
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap: Expiring EAP session with state 0x2db65ab029f6431c
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap: Finished EAP session with state 0x2db65ab029f6431c
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap: Previous EAP request found for state 0x2db65ab029f6431c, released from the list
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap: Peer sent packet with method EAP PEAP (25)
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap: Calling submodule eap_peap to process data
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: Continuing EAP-TLS
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: Peer sent flags --L
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: Peer indicated complete TLS record size will be 126 bytes
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: Got complete TLS record (126 bytes)
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: [eaptls verify] = length included
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: <<< UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: <<< TLS 1.2 [length 0046]
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: TLS_accept: SSLv3 read client key exchange A
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: TLS_accept: SSLv3 read certificate verify A
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: <<< UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: <<< TLS 1.2 [length 0001]
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: <<< UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: <<< TLS 1.2 [length 0010]
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: TLS_accept: SSLv3 read finished A
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: >>> UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: >>> TLS 1.2 [length 0001]
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: TLS_accept: SSLv3 write change cipher spec A
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: >>> UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: >>> TLS 1.2 [length 0010]
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: TLS_accept: SSLv3 write finished A
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: TLS_accept: SSLv3 flush data
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: (other): SSL negotiation finished successfully
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: SSL Connection Established
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap_peap: [eaptls process] = handled
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap: Sending EAP Request (code 1) ID 65 length 57
Fri Aug 26 16:16:40 2016 : Debug: (2077) eap: EAP session adding &reply:State = 0x2db65ab028f7431c
Fri Aug 26 16:16:40 2016 : Debug: (2077) modsingle[authenticate]: returned from eap (rlm_eap) for request 2077
Fri Aug 26 16:16:40 2016 : Debug: (2077) [eap] = handled
Fri Aug 26 16:16:40 2016 : Debug: (2077) } # authenticate = handled
Fri Aug 26 16:16:40 2016 : Debug: (2077) Using Post-Auth-Type Challenge
Fri Aug 26 16:16:40 2016 : Debug: (2077) Post-Auth-Type sub-section not found. Ignoring.
Fri Aug 26 16:16:40 2016 : Debug: (2077) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2077) session-state: Nothing to cache
Fri Aug 26 16:16:40 2016 : Debug: (2077) Sent Access-Challenge Id 4 from 192.168.42.101:1812 to 192.168.42.103:56100 length 0
Fri Aug 26 16:16:40 2016 : Debug: (2077) EAP-Message = 0x0141003919001403030001011603030028f5e04c8b21ca273f1880a0ddbe8a6e5acde1dfd6edbb9ed3f210e6bcbd71335565ae3ec8cf23d79a
Fri Aug 26 16:16:40 2016 : Debug: (2077) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:16:40 2016 : Debug: (2077) State = 0x2db65ab028f7431c14b46e27d539f2bf
Fri Aug 26 16:16:40 2016 : Debug: (2077) Proxy-State = 0x323033
Fri Aug 26 16:16:40 2016 : Debug: (2077) Proxy-State = 0x3936
Fri Aug 26 16:16:40 2016 : Debug: (2077) Finished request
Fri Aug 26 16:16:40 2016 : Debug: Waking up in 4.9 seconds.
Fri Aug 26 16:16:40 2016 : Debug: (2078) Received Access-Request Id 8 from 192.168.42.103:56100 to 192.168.42.101:1812 length 245
Fri Aug 26 16:16:40 2016 : Debug: (2078) User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2078) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2078) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:16:40 2016 : Debug: (2078) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:16:40 2016 : Debug: (2078) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:16:40 2016 : Debug: (2078) NAS-Port = 0
Fri Aug 26 16:16:40 2016 : Debug: (2078) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:16:40 2016 : Debug: (2078) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:16:40 2016 : Debug: (2078) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:16:40 2016 : Debug: (2078) Framed-MTU = 1400
Fri Aug 26 16:16:40 2016 : Debug: (2078) EAP-Message = 0x024100061900
Fri Aug 26 16:16:40 2016 : Debug: (2078) State = 0x2db65ab028f7431c14b46e27d539f2bf
Fri Aug 26 16:16:40 2016 : Debug: (2078) Message-Authenticator = 0x22a60e30abb5d07b17e2dab46e0d8b79
Fri Aug 26 16:16:40 2016 : Debug: (2078) Event-Timestamp = "Aug 26 2016 16:16:40 CEST"
Fri Aug 26 16:16:40 2016 : Debug: (2078) Proxy-State = 0x323034
Fri Aug 26 16:16:40 2016 : Debug: (2078) NET-NodeID = "ndid-00000001"
Fri Aug 26 16:16:40 2016 : Debug: (2078) Proxy-State = 0x323131
Fri Aug 26 16:16:40 2016 : Debug: (2078) session-state: No cached attributes
Fri Aug 26 16:16:40 2016 : Debug: (2078) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2078) authorize {
Fri Aug 26 16:16:40 2016 : Debug: (2078) policy filter_username {
Fri Aug 26 16:16:40 2016 : Debug: (2078) if (!&User-Name) {
Fri Aug 26 16:16:40 2016 : Debug: (2078) if (!&User-Name) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2078) if (&User-Name =~ / /) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2078) if (&User-Name =~ / /) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2078) if (&User-Name =~ /@.*@/ ) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2078) if (&User-Name =~ /@.*@/ ) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2078) if (&User-Name =~ /\.\./ ) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2078) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2078) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 1 matches
Fri Aug 26 16:16:40 2016 : Debug: Clearing 1 matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 3 matches
Fri Aug 26 16:16:40 2016 : Debug: (2078) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2078) if (&User-Name =~ /\.$/) {
Fri Aug 26 16:16:40 2016 : Debug: Clearing 3 matches
Fri Aug 26 16:16:40 2016 : Debug: (2078) if (&User-Name =~ /\.$/) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2078) if (&User-Name =~ /@\./) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2078) if (&User-Name =~ /@\./) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2078) } # policy filter_username = notfound
Fri Aug 26 16:16:40 2016 : Debug: (2078) modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2078
Fri Aug 26 16:16:40 2016 : Debug: (2078) modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2078
Fri Aug 26 16:16:40 2016 : Debug: (2078) [preprocess] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2078) modsingle[authorize]: calling chap (rlm_chap) for request 2078
Fri Aug 26 16:16:40 2016 : Debug: (2078) modsingle[authorize]: returned from chap (rlm_chap) for request 2078
Fri Aug 26 16:16:40 2016 : Debug: (2078) [chap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2078) modsingle[authorize]: calling mschap (rlm_mschap) for request 2078
Fri Aug 26 16:16:40 2016 : Debug: (2078) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2078
Fri Aug 26 16:16:40 2016 : Debug: (2078) [mschap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2078) modsingle[authorize]: calling digest (rlm_digest) for request 2078
Fri Aug 26 16:16:40 2016 : Debug: (2078) modsingle[authorize]: returned from digest (rlm_digest) for request 2078
Fri Aug 26 16:16:40 2016 : Debug: (2078) [digest] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2078) modsingle[authorize]: calling suffix (rlm_realm) for request 2078
Fri Aug 26 16:16:40 2016 : Debug: (2078) suffix: Checking for suffix after "@"
Fri Aug 26 16:16:40 2016 : Debug: (2078) suffix: Looking up realm "networks.com" for User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2078) suffix: No such realm "networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2078) modsingle[authorize]: returned from suffix (rlm_realm) for request 2078
Fri Aug 26 16:16:40 2016 : Debug: (2078) [suffix] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2078) modsingle[authorize]: calling eap (rlm_eap) for request 2078
Fri Aug 26 16:16:40 2016 : Debug: (2078) eap: Peer sent EAP Response (code 2) ID 65 length 6
Fri Aug 26 16:16:40 2016 : Debug: (2078) eap: Continuing tunnel setup
Fri Aug 26 16:16:40 2016 : Debug: (2078) modsingle[authorize]: returned from eap (rlm_eap) for request 2078
Fri Aug 26 16:16:40 2016 : Debug: (2078) [eap] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2078) } # authorize = ok
Fri Aug 26 16:16:40 2016 : Debug: (2078) Found Auth-Type = EAP
Fri Aug 26 16:16:40 2016 : Debug: (2078) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2078) authenticate {
Fri Aug 26 16:16:40 2016 : Debug: (2078) modsingle[authenticate]: calling eap (rlm_eap) for request 2078
Fri Aug 26 16:16:40 2016 : Debug: (2078) eap: Expiring EAP session with state 0x2db65ab028f7431c
Fri Aug 26 16:16:40 2016 : Debug: (2078) eap: Finished EAP session with state 0x2db65ab028f7431c
Fri Aug 26 16:16:40 2016 : Debug: (2078) eap: Previous EAP request found for state 0x2db65ab028f7431c, released from the list
Fri Aug 26 16:16:40 2016 : Debug: (2078) eap: Peer sent packet with method EAP PEAP (25)
Fri Aug 26 16:16:40 2016 : Debug: (2078) eap: Calling submodule eap_peap to process data
Fri Aug 26 16:16:40 2016 : Debug: (2078) eap_peap: Continuing EAP-TLS
Fri Aug 26 16:16:40 2016 : Debug: (2078) eap_peap: Peer sent flags ---
Fri Aug 26 16:16:40 2016 : Debug: (2078) eap_peap: Peer ACKed our handshake fragment. handshake is finished
Fri Aug 26 16:16:40 2016 : Debug: (2078) eap_peap: [eaptls verify] = success
Fri Aug 26 16:16:40 2016 : Debug: (2078) eap_peap: [eaptls process] = success
Fri Aug 26 16:16:40 2016 : Debug: (2078) eap_peap: Session established. Decoding tunneled attributes
Fri Aug 26 16:16:40 2016 : Debug: (2078) eap_peap: PEAP state TUNNEL ESTABLISHED
Fri Aug 26 16:16:40 2016 : Debug: >>> UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:16:40 2016 : Debug: (2078) eap: Sending EAP Request (code 1) ID 66 length 40
Fri Aug 26 16:16:40 2016 : Debug: (2078) eap: EAP session adding &reply:State = 0x2db65ab02bf4431c
Fri Aug 26 16:16:40 2016 : Debug: (2078) modsingle[authenticate]: returned from eap (rlm_eap) for request 2078
Fri Aug 26 16:16:40 2016 : Debug: (2078) [eap] = handled
Fri Aug 26 16:16:40 2016 : Debug: (2078) } # authenticate = handled
Fri Aug 26 16:16:40 2016 : Debug: (2078) Using Post-Auth-Type Challenge
Fri Aug 26 16:16:40 2016 : Debug: (2078) Post-Auth-Type sub-section not found. Ignoring.
Fri Aug 26 16:16:40 2016 : Debug: (2078) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2078) session-state: Nothing to cache
Fri Aug 26 16:16:40 2016 : Debug: (2078) Sent Access-Challenge Id 8 from 192.168.42.101:1812 to 192.168.42.103:56100 length 0
Fri Aug 26 16:16:40 2016 : Debug: (2078) EAP-Message = 0x014200281900170303001df5e04c8b21ca2740fcc6590b365a4a7c74e4788e8c0e9a371159c642bd
Fri Aug 26 16:16:40 2016 : Debug: (2078) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:16:40 2016 : Debug: (2078) State = 0x2db65ab02bf4431c14b46e27d539f2bf
Fri Aug 26 16:16:40 2016 : Debug: (2078) Proxy-State = 0x323034
Fri Aug 26 16:16:40 2016 : Debug: (2078) Proxy-State = 0x323131
Fri Aug 26 16:16:40 2016 : Debug: (2078) Finished request
Fri Aug 26 16:16:40 2016 : Debug: Waking up in 4.9 seconds.
Fri Aug 26 16:16:40 2016 : Debug: (2079) Received Access-Request Id 62 from 192.168.42.103:56100 to 192.168.42.101:1812 length 296
Fri Aug 26 16:16:40 2016 : Debug: (2079) User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2079) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2079) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:16:40 2016 : Debug: (2079) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:16:40 2016 : Debug: (2079) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:16:40 2016 : Debug: (2079) NAS-Port = 0
Fri Aug 26 16:16:40 2016 : Debug: (2079) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:16:40 2016 : Debug: (2079) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:16:40 2016 : Debug: (2079) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:16:40 2016 : Debug: (2079) Framed-MTU = 1400
Fri Aug 26 16:16:40 2016 : Debug: (2079) EAP-Message = 0x024200391900170303002ec5a0f3d7fa65d0fca5cee239338142223e3cc27f9aaed0f0c588a154e76a18b51a9d030c130925c900ace89c0802
Fri Aug 26 16:16:40 2016 : Debug: (2079) State = 0x2db65ab02bf4431c14b46e27d539f2bf
Fri Aug 26 16:16:40 2016 : Debug: (2079) Message-Authenticator = 0x1cbd5774264cf048c18b3190490f42c9
Fri Aug 26 16:16:40 2016 : Debug: (2079) Event-Timestamp = "Aug 26 2016 16:16:40 CEST"
Fri Aug 26 16:16:40 2016 : Debug: (2079) Proxy-State = 0x323035
Fri Aug 26 16:16:40 2016 : Debug: (2079) NET-NodeID = "ndid-00000001"
Fri Aug 26 16:16:40 2016 : Debug: (2079) Proxy-State = 0x313330
Fri Aug 26 16:16:40 2016 : Debug: (2079) session-state: No cached attributes
Fri Aug 26 16:16:40 2016 : Debug: (2079) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2079) authorize {
Fri Aug 26 16:16:40 2016 : Debug: (2079) policy filter_username {
Fri Aug 26 16:16:40 2016 : Debug: (2079) if (!&User-Name) {
Fri Aug 26 16:16:40 2016 : Debug: (2079) if (!&User-Name) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2079) if (&User-Name =~ / /) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2079) if (&User-Name =~ / /) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2079) if (&User-Name =~ /@.*@/ ) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2079) if (&User-Name =~ /@.*@/ ) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2079) if (&User-Name =~ /\.\./ ) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2079) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2079) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 1 matches
Fri Aug 26 16:16:40 2016 : Debug: Clearing 1 matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 3 matches
Fri Aug 26 16:16:40 2016 : Debug: (2079) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2079) if (&User-Name =~ /\.$/) {
Fri Aug 26 16:16:40 2016 : Debug: Clearing 3 matches
Fri Aug 26 16:16:40 2016 : Debug: (2079) if (&User-Name =~ /\.$/) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2079) if (&User-Name =~ /@\./) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2079) if (&User-Name =~ /@\./) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2079) } # policy filter_username = notfound
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) [preprocess] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authorize]: calling chap (rlm_chap) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authorize]: returned from chap (rlm_chap) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) [chap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authorize]: calling mschap (rlm_mschap) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) [mschap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authorize]: calling digest (rlm_digest) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authorize]: returned from digest (rlm_digest) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) [digest] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authorize]: calling suffix (rlm_realm) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) suffix: Checking for suffix after "@"
Fri Aug 26 16:16:40 2016 : Debug: (2079) suffix: Looking up realm "networks.com" for User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2079) suffix: No such realm "networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authorize]: returned from suffix (rlm_realm) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) [suffix] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authorize]: calling eap (rlm_eap) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap: Peer sent EAP Response (code 2) ID 66 length 57
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap: Continuing tunnel setup
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authorize]: returned from eap (rlm_eap) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) [eap] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2079) } # authorize = ok
Fri Aug 26 16:16:40 2016 : Debug: (2079) Found Auth-Type = EAP
Fri Aug 26 16:16:40 2016 : Debug: (2079) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2079) authenticate {
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authenticate]: calling eap (rlm_eap) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap: Expiring EAP session with state 0x2db65ab02bf4431c
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap: Finished EAP session with state 0x2db65ab02bf4431c
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap: Previous EAP request found for state 0x2db65ab02bf4431c, released from the list
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap: Peer sent packet with method EAP PEAP (25)
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap: Calling submodule eap_peap to process data
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: Continuing EAP-TLS
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: Peer sent flags ---
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: [eaptls verify] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: Done initial handshake
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: <<< UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: [eaptls process] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: Session established. Decoding tunneled attributes
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: PEAP state WAITING FOR INNER IDENTITY
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: Identity - test at networks.com
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: Got inner identity 'test at networks.com'
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: Setting default EAP type for tunneled EAP session
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: Got tunneled request
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: EAP-Message = 0x0242001a01746573744062796f2d6e6574776f726b732e636f6d
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: Setting User-Name to test at networks.com
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: Sending tunneled request to inner-tunnel
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: EAP-Message = 0x0242001a01746573744062796f2d6e6574776f726b732e636f6d
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: NAS-Identifier = "ap.example.com"
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: NAS-Port = 0
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: Framed-MTU = 1400
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: Event-Timestamp = "Aug 26 2016 16:16:40 CEST"
Fri Aug 26 16:16:40 2016 : Debug: (2079) Virtual server inner-tunnel received request
Fri Aug 26 16:16:40 2016 : Debug: (2079) EAP-Message = 0x0242001a01746573744062796f2d6e6574776f726b732e636f6d
Fri Aug 26 16:16:40 2016 : Debug: (2079) FreeRADIUS-Proxied-To = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2079) User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2079) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2079) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:16:40 2016 : Debug: (2079) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:16:40 2016 : Debug: (2079) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:16:40 2016 : Debug: (2079) NAS-Port = 0
Fri Aug 26 16:16:40 2016 : Debug: (2079) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:16:40 2016 : Debug: (2079) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:16:40 2016 : Debug: (2079) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:16:40 2016 : Debug: (2079) Framed-MTU = 1400
Fri Aug 26 16:16:40 2016 : Debug: (2079) Event-Timestamp = "Aug 26 2016 16:16:40 CEST"
Fri Aug 26 16:16:40 2016 : Debug: (2079) server inner-tunnel {
Fri Aug 26 16:16:40 2016 : Debug: (2079) session-state: No State attribute
Fri Aug 26 16:16:40 2016 : Debug: (2079) # Executing section authorize from file /etc/raddb/sites-enabled/inner-tunnel
Fri Aug 26 16:16:40 2016 : Debug: (2079) authorize {
Fri Aug 26 16:16:40 2016 : Debug: (2079) policy split_username_nai {
Fri Aug 26 16:16:40 2016 : Debug: (2079) if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 4 matches
Fri Aug 26 16:16:40 2016 : Debug: (2079) if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) -> TRUE
Fri Aug 26 16:16:40 2016 : Debug: (2079) if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) {
Fri Aug 26 16:16:40 2016 : Debug: (2079) update request {
Fri Aug 26 16:16:40 2016 : Debug: (2079) 1/4 Found: test (5)
Fri Aug 26 16:16:40 2016 : Debug: (2079) EXPAND %{1}
Fri Aug 26 16:16:40 2016 : Debug: (2079) --> test
Fri Aug 26 16:16:40 2016 : Debug: (2079) &Stripped-User-Name := test
Fri Aug 26 16:16:40 2016 : Debug: (2079) 3/4 Found: networks.com (17)
Fri Aug 26 16:16:40 2016 : Debug: (2079) EXPAND %{3}
Fri Aug 26 16:16:40 2016 : Debug: (2079) --> networks.com
Fri Aug 26 16:16:40 2016 : Debug: (2079) &Stripped-User-Domain = networks.com
Fri Aug 26 16:16:40 2016 : Debug: (2079) } # update request = noop
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authorize]: calling updated (rlm_always) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authorize]: returned from updated (rlm_always) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) [updated] = updated
Fri Aug 26 16:16:40 2016 : Debug: (2079) } # if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) = updated
Fri Aug 26 16:16:40 2016 : Debug: (2079) ... skipping else for request 2079: Preceding "if" was taken
Fri Aug 26 16:16:40 2016 : Debug: (2079) } # policy split_username_nai = updated
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authorize]: calling chap (rlm_chap) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authorize]: returned from chap (rlm_chap) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) [chap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authorize]: calling mschap (rlm_mschap) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) [mschap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authorize]: calling suffix (rlm_realm) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) suffix: Checking for suffix after "@"
Fri Aug 26 16:16:40 2016 : Debug: (2079) suffix: No '@' in User-Name = "test", looking up realm NULL
Fri Aug 26 16:16:40 2016 : Debug: (2079) suffix: No such realm "NULL"
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authorize]: returned from suffix (rlm_realm) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) [suffix] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2079) update control {
Fri Aug 26 16:16:40 2016 : Debug: (2079) &Proxy-To-Realm := LOCAL
Fri Aug 26 16:16:40 2016 : Debug: (2079) } # update control = noop
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authorize]: calling eap (rlm_eap) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap: Peer sent EAP Response (code 2) ID 66 length 26
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap: EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authorize]: returned from eap (rlm_eap) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) [eap] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2079) } # authorize = ok
Fri Aug 26 16:16:40 2016 : Debug: (2079) Found Auth-Type = EAP
Fri Aug 26 16:16:40 2016 : Debug: (2079) # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
Fri Aug 26 16:16:40 2016 : Debug: (2079) authenticate {
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authenticate]: calling eap (rlm_eap) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap: Peer sent packet with method EAP Identity (1)
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap: Calling submodule eap_mschapv2 to process data
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_mschapv2: Issuing Challenge
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap: Sending EAP Request (code 1) ID 67 length 43
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap: EAP session adding &reply:State = 0x58bb2a4558f8306d
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authenticate]: returned from eap (rlm_eap) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) [eap] = handled
Fri Aug 26 16:16:40 2016 : Debug: (2079) } # authenticate = handled
Fri Aug 26 16:16:40 2016 : Debug: (2079) } # server inner-tunnel
Fri Aug 26 16:16:40 2016 : Debug: (2079) Virtual server sending reply
Fri Aug 26 16:16:40 2016 : Debug: (2079) EAP-Message = 0x0143002b1a0143002610d40a26dd3b627df34ae3a19da76aae39667265657261646975732d332e302e3130
Fri Aug 26 16:16:40 2016 : Debug: (2079) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:16:40 2016 : Debug: (2079) State = 0x58bb2a4558f8306daf7d98fbf555a627
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: Got tunneled reply code 11
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: EAP-Message = 0x0143002b1a0143002610d40a26dd3b627df34ae3a19da76aae39667265657261646975732d332e302e3130
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: State = 0x58bb2a4558f8306daf7d98fbf555a627
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: Got tunneled reply RADIUS code 11
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: EAP-Message = 0x0143002b1a0143002610d40a26dd3b627df34ae3a19da76aae39667265657261646975732d332e302e3130
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: State = 0x58bb2a4558f8306daf7d98fbf555a627
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap_peap: Got tunneled Access-Challenge
Fri Aug 26 16:16:40 2016 : Debug: >>> UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap: Sending EAP Request (code 1) ID 67 length 74
Fri Aug 26 16:16:40 2016 : Debug: (2079) eap: EAP session adding &reply:State = 0x2db65ab02af5431c
Fri Aug 26 16:16:40 2016 : Debug: (2079) modsingle[authenticate]: returned from eap (rlm_eap) for request 2079
Fri Aug 26 16:16:40 2016 : Debug: (2079) [eap] = handled
Fri Aug 26 16:16:40 2016 : Debug: (2079) } # authenticate = handled
Fri Aug 26 16:16:40 2016 : Debug: (2079) Using Post-Auth-Type Challenge
Fri Aug 26 16:16:40 2016 : Debug: (2079) Post-Auth-Type sub-section not found. Ignoring.
Fri Aug 26 16:16:40 2016 : Debug: (2079) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2079) session-state: Nothing to cache
Fri Aug 26 16:16:40 2016 : Debug: (2079) Sent Access-Challenge Id 62 from 192.168.42.101:1812 to 192.168.42.103:56100 length 0
Fri Aug 26 16:16:40 2016 : Debug: (2079) EAP-Message = 0x0143004a1900170303003ff5e04c8b21ca27415011e05f85ecb3e55653d3441d7f74ca22090d967d0cbd3918c147bd3c45542a79b46f91ea26548b97047381fc0110f0cf9e2e92da934c
Fri Aug 26 16:16:40 2016 : Debug: (2079) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:16:40 2016 : Debug: (2079) State = 0x2db65ab02af5431c14b46e27d539f2bf
Fri Aug 26 16:16:40 2016 : Debug: (2079) Proxy-State = 0x323035
Fri Aug 26 16:16:40 2016 : Debug: (2079) Proxy-State = 0x313330
Fri Aug 26 16:16:40 2016 : Debug: (2079) Finished request
Fri Aug 26 16:16:40 2016 : Debug: Waking up in 4.9 seconds.
Fri Aug 26 16:16:40 2016 : Debug: (2080) Received Access-Request Id 121 from 192.168.42.103:56100 to 192.168.42.101:1812 length 349
Fri Aug 26 16:16:40 2016 : Debug: (2080) User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2080) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2080) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:16:40 2016 : Debug: (2080) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:16:40 2016 : Debug: (2080) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:16:40 2016 : Debug: (2080) NAS-Port = 0
Fri Aug 26 16:16:40 2016 : Debug: (2080) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:16:40 2016 : Debug: (2080) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:16:40 2016 : Debug: (2080) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:16:40 2016 : Debug: (2080) Framed-MTU = 1400
Fri Aug 26 16:16:40 2016 : Debug: (2080) EAP-Message = 0x0243006f19001703030064c5a0f3d7fa65d0fd889f09f277affc4b3200f856ab5d229bea92f2d0451b36bdabf9d9fc5038a0a359c78e6a5e4038ea7ecfc98b29a22373ddde0366397ded93d7ae74b621bdff1c9ffb4eec31da938dd9b841cd10bb1f639b48504e7b61dacf228054ab
Fri Aug 26 16:16:40 2016 : Debug: (2080) State = 0x2db65ab02af5431c14b46e27d539f2bf
Fri Aug 26 16:16:40 2016 : Debug: (2080) Message-Authenticator = 0xdf0168fee6b17e0e3b5890f456a616de
Fri Aug 26 16:16:40 2016 : Debug: (2080) Event-Timestamp = "Aug 26 2016 16:16:40 CEST"
Fri Aug 26 16:16:40 2016 : Debug: (2080) Proxy-State = 0x323036
Fri Aug 26 16:16:40 2016 : Debug: (2080) NET-NodeID = "ndid-00000001"
Fri Aug 26 16:16:40 2016 : Debug: (2080) Proxy-State = 0x3433
Fri Aug 26 16:16:40 2016 : Debug: (2080) session-state: No cached attributes
Fri Aug 26 16:16:40 2016 : Debug: (2080) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2080) authorize {
Fri Aug 26 16:16:40 2016 : Debug: (2080) policy filter_username {
Fri Aug 26 16:16:40 2016 : Debug: (2080) if (!&User-Name) {
Fri Aug 26 16:16:40 2016 : Debug: (2080) if (!&User-Name) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2080) if (&User-Name =~ / /) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2080) if (&User-Name =~ / /) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2080) if (&User-Name =~ /@.*@/ ) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2080) if (&User-Name =~ /@.*@/ ) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2080) if (&User-Name =~ /\.\./ ) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2080) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2080) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 1 matches
Fri Aug 26 16:16:40 2016 : Debug: Clearing 1 matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 3 matches
Fri Aug 26 16:16:40 2016 : Debug: (2080) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2080) if (&User-Name =~ /\.$/) {
Fri Aug 26 16:16:40 2016 : Debug: Clearing 3 matches
Fri Aug 26 16:16:40 2016 : Debug: (2080) if (&User-Name =~ /\.$/) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2080) if (&User-Name =~ /@\./) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2080) if (&User-Name =~ /@\./) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2080) } # policy filter_username = notfound
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) [preprocess] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: calling chap (rlm_chap) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: returned from chap (rlm_chap) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) [chap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: calling mschap (rlm_mschap) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) [mschap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: calling digest (rlm_digest) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: returned from digest (rlm_digest) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) [digest] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: calling suffix (rlm_realm) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) suffix: Checking for suffix after "@"
Fri Aug 26 16:16:40 2016 : Debug: (2080) suffix: Looking up realm "networks.com" for User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2080) suffix: No such realm "networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: returned from suffix (rlm_realm) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) [suffix] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: calling eap (rlm_eap) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap: Peer sent EAP Response (code 2) ID 67 length 111
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap: Continuing tunnel setup
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: returned from eap (rlm_eap) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) [eap] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2080) } # authorize = ok
Fri Aug 26 16:16:40 2016 : Debug: (2080) Found Auth-Type = EAP
Fri Aug 26 16:16:40 2016 : Debug: (2080) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2080) authenticate {
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authenticate]: calling eap (rlm_eap) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap: Expiring EAP session with state 0x58bb2a4558f8306d
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap: Finished EAP session with state 0x2db65ab02af5431c
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap: Previous EAP request found for state 0x2db65ab02af5431c, released from the list
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap: Peer sent packet with method EAP PEAP (25)
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap: Calling submodule eap_peap to process data
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: Continuing EAP-TLS
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: Peer sent flags ---
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: [eaptls verify] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: Done initial handshake
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: <<< UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: [eaptls process] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: Session established. Decoding tunneled attributes
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: PEAP state phase2
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: EAP method MSCHAPv2 (26)
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: Got tunneled request
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: EAP-Message = 0x024300501a0243004b312db1283d10e61f8cce87514ab4a1b3fe00000000000000007fdb06a793daaa84605ce7447faa3788b287676dd5ac1aa100746573744062796f2d6e6574776f726b732e636f6d
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: Setting User-Name to test at networks.com
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: Sending tunneled request to inner-tunnel
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: EAP-Message = 0x024300501a0243004b312db1283d10e61f8cce87514ab4a1b3fe00000000000000007fdb06a793daaa84605ce7447faa3788b287676dd5ac1aa100746573744062796f2d6e6574776f726b732e636f6d
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: State = 0x58bb2a4558f8306daf7d98fbf555a627
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: NAS-Identifier = "ap.example.com"
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: NAS-Port = 0
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: Framed-MTU = 1400
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: Event-Timestamp = "Aug 26 2016 16:16:40 CEST"
Fri Aug 26 16:16:40 2016 : Debug: (2080) Virtual server inner-tunnel received request
Fri Aug 26 16:16:40 2016 : Debug: (2080) EAP-Message = 0x024300501a0243004b312db1283d10e61f8cce87514ab4a1b3fe00000000000000007fdb06a793daaa84605ce7447faa3788b287676dd5ac1aa100746573744062796f2d6e6574776f726b732e636f6d
Fri Aug 26 16:16:40 2016 : Debug: (2080) FreeRADIUS-Proxied-To = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2080) User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2080) State = 0x58bb2a4558f8306daf7d98fbf555a627
Fri Aug 26 16:16:40 2016 : Debug: (2080) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2080) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:16:40 2016 : Debug: (2080) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:16:40 2016 : Debug: (2080) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:16:40 2016 : Debug: (2080) NAS-Port = 0
Fri Aug 26 16:16:40 2016 : Debug: (2080) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:16:40 2016 : Debug: (2080) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:16:40 2016 : Debug: (2080) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:16:40 2016 : Debug: (2080) Framed-MTU = 1400
Fri Aug 26 16:16:40 2016 : Debug: (2080) Event-Timestamp = "Aug 26 2016 16:16:40 CEST"
Fri Aug 26 16:16:40 2016 : Debug: (2080) server inner-tunnel {
Fri Aug 26 16:16:40 2016 : Debug: (2080) session-state: No cached attributes
Fri Aug 26 16:16:40 2016 : Debug: (2080) # Executing section authorize from file /etc/raddb/sites-enabled/inner-tunnel
Fri Aug 26 16:16:40 2016 : Debug: (2080) authorize {
Fri Aug 26 16:16:40 2016 : Debug: (2080) policy split_username_nai {
Fri Aug 26 16:16:40 2016 : Debug: (2080) if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 4 matches
Fri Aug 26 16:16:40 2016 : Debug: (2080) if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) -> TRUE
Fri Aug 26 16:16:40 2016 : Debug: (2080) if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) {
Fri Aug 26 16:16:40 2016 : Debug: (2080) update request {
Fri Aug 26 16:16:40 2016 : Debug: (2080) 1/4 Found: test (5)
Fri Aug 26 16:16:40 2016 : Debug: (2080) EXPAND %{1}
Fri Aug 26 16:16:40 2016 : Debug: (2080) --> test
Fri Aug 26 16:16:40 2016 : Debug: (2080) &Stripped-User-Name := test
Fri Aug 26 16:16:40 2016 : Debug: (2080) 3/4 Found: networks.com (17)
Fri Aug 26 16:16:40 2016 : Debug: (2080) EXPAND %{3}
Fri Aug 26 16:16:40 2016 : Debug: (2080) --> networks.com
Fri Aug 26 16:16:40 2016 : Debug: (2080) &Stripped-User-Domain = networks.com
Fri Aug 26 16:16:40 2016 : Debug: (2080) } # update request = noop
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: calling updated (rlm_always) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: returned from updated (rlm_always) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) [updated] = updated
Fri Aug 26 16:16:40 2016 : Debug: (2080) } # if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) = updated
Fri Aug 26 16:16:40 2016 : Debug: (2080) ... skipping else for request 2080: Preceding "if" was taken
Fri Aug 26 16:16:40 2016 : Debug: (2080) } # policy split_username_nai = updated
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: calling chap (rlm_chap) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: returned from chap (rlm_chap) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) [chap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: calling mschap (rlm_mschap) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) [mschap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: calling suffix (rlm_realm) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) suffix: Checking for suffix after "@"
Fri Aug 26 16:16:40 2016 : Debug: (2080) suffix: No '@' in User-Name = "test", looking up realm NULL
Fri Aug 26 16:16:40 2016 : Debug: (2080) suffix: No such realm "NULL"
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: returned from suffix (rlm_realm) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) [suffix] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2080) update control {
Fri Aug 26 16:16:40 2016 : Debug: (2080) &Proxy-To-Realm := LOCAL
Fri Aug 26 16:16:40 2016 : Debug: (2080) } # update control = noop
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: calling eap (rlm_eap) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap: Peer sent EAP Response (code 2) ID 67 length 80
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap: No EAP Start, assuming it's an on-going EAP conversation
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: returned from eap (rlm_eap) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) [eap] = updated
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: calling files (rlm_files) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: returned from files (rlm_files) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) [files] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: calling ldap (rlm_ldap) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: rlm_ldap (ldap): Reserved connection (247)
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: EXPAND TMPL XLAT
Fri Aug 26 16:16:40 2016 : Debug: (uid=%{%{Stripped-User-Name}:-%{User-Name}})
Fri Aug 26 16:16:40 2016 : Debug: Parsed xlat tree:
Fri Aug 26 16:16:40 2016 : Debug: literal --> (uid=
Fri Aug 26 16:16:40 2016 : Debug: if {
Fri Aug 26 16:16:40 2016 : Debug: attribute --> Stripped-User-Name
Fri Aug 26 16:16:40 2016 : Debug: }
Fri Aug 26 16:16:40 2016 : Debug: else {
Fri Aug 26 16:16:40 2016 : Debug: attribute --> User-Name
Fri Aug 26 16:16:40 2016 : Debug: }
Fri Aug 26 16:16:40 2016 : Debug: literal --> )
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: --> (uid=test)
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: Performing search in "uid=lakc192e,ou=auth_servers,tnid=ukjprwp3,ou=tenants,dc=netos" with filter "(uid=test)", scope "sub"
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: Waiting for search result...
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: User object found at DN "uid=test,ou=People,uid=lakc192e,ou=auth_servers,tnid=ukjprwp3,ou=tenants,dc=netos"
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: Processing user attributes
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: Attribute "userPassword" not found in LDAP object
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: control:NT-Password := 0x3345363738423236364431443434394535333145393242454333334236443237
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: control:LM-Password := 0x3244353534353037374437423744324143434639313535453345374442343533
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: control:NET-NodeID += 'ndid-00000002'
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: Attribute "radiusTunnelType" not found in LDAP object
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: Attribute "radiusTunnelMediumType" not found in LDAP object
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: Attribute "radiusTunnelPrivategroupId" not found in LDAP object
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: reply:NET-SubnetID := 'snid-00000001'
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: Attribute "radiusControlAttribute" not found in LDAP object
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: Attribute "radiusRequestAttribute" not found in LDAP object
Fri Aug 26 16:16:40 2016 : Debug: (2080) ldap: Attribute "radiusReplyAttribute" not found in LDAP object
Fri Aug 26 16:16:40 2016 : Debug: rlm_ldap (ldap): Released connection (247)
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: returned from ldap (rlm_ldap) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) [ldap] = updated
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: calling expiration (rlm_expiration) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: returned from expiration (rlm_expiration) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) [expiration] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: calling logintime (rlm_logintime) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: returned from logintime (rlm_logintime) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) [logintime] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: calling pap (rlm_pap) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) pap: Normalizing NT-Password from hex encoding, 32 bytes -> 16 bytes
Fri Aug 26 16:16:40 2016 : Debug: (2080) pap: Normalizing LM-Password from hex encoding, 32 bytes -> 16 bytes
Fri Aug 26 16:16:40 2016 : WARNING: (2080) pap: Auth-Type already set. Not setting to PAP
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authorize]: returned from pap (rlm_pap) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) [pap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2080) } # authorize = updated
Fri Aug 26 16:16:40 2016 : Debug: (2080) Found Auth-Type = EAP
Fri Aug 26 16:16:40 2016 : Debug: (2080) # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
Fri Aug 26 16:16:40 2016 : Debug: (2080) authenticate {
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authenticate]: calling eap (rlm_eap) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap: Expiring EAP session with state 0x58bb2a4558f8306d
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap: Finished EAP session with state 0x58bb2a4558f8306d
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap: Previous EAP request found for state 0x58bb2a4558f8306d, released from the list
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap: Peer sent packet with method EAP MSCHAPv2 (26)
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap: Calling submodule eap_mschapv2 to process data
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_mschapv2: # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_mschapv2: Auth-Type MS-CHAP {
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_mschapv2: modsingle[authenticate]: calling mschap (rlm_mschap) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) mschap: Found NT-Password
Fri Aug 26 16:16:40 2016 : Debug: (2080) mschap: Found LM-Password
Fri Aug 26 16:16:40 2016 : Debug: (2080) mschap: Creating challenge hash with username: test at networks.com
Fri Aug 26 16:16:40 2016 : Debug: (2080) mschap: Client is using MS-CHAPv2
Fri Aug 26 16:16:40 2016 : Debug: (2080) mschap: Adding MS-CHAPv2 MPPE keys
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authenticate]: returned from mschap (rlm_mschap) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) [mschap] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2080) } # Auth-Type MS-CHAP = ok
Fri Aug 26 16:16:40 2016 : Debug: (2080) MSCHAP Success
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap: Sending EAP Request (code 1) ID 68 length 51
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap: EAP session adding &reply:State = 0x58bb2a4559ff306d
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authenticate]: returned from eap (rlm_eap) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) [eap] = handled
Fri Aug 26 16:16:40 2016 : Debug: (2080) } # authenticate = handled
Fri Aug 26 16:16:40 2016 : Debug: (2080) } # server inner-tunnel
Fri Aug 26 16:16:40 2016 : Debug: (2080) Virtual server sending reply
Fri Aug 26 16:16:40 2016 : Debug: (2080) NET-SubnetID := "snid-00000001"
Fri Aug 26 16:16:40 2016 : Debug: (2080) EAP-Message = 0x014400331a0343002e533d42334237453035464439463732413544313431353636414538443646423632464536444639324545
Fri Aug 26 16:16:40 2016 : Debug: (2080) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:16:40 2016 : Debug: (2080) State = 0x58bb2a4559ff306daf7d98fbf555a627
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: Got tunneled reply code 11
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: NET-SubnetID := "snid-00000001"
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: EAP-Message = 0x014400331a0343002e533d42334237453035464439463732413544313431353636414538443646423632464536444639324545
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: State = 0x58bb2a4559ff306daf7d98fbf555a627
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: Got tunneled reply RADIUS code 11
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: NET-SubnetID := "snid-00000001"
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: EAP-Message = 0x014400331a0343002e533d42334237453035464439463732413544313431353636414538443646423632464536444639324545
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: State = 0x58bb2a4559ff306daf7d98fbf555a627
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap_peap: Got tunneled Access-Challenge
Fri Aug 26 16:16:40 2016 : Debug: >>> UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap: Sending EAP Request (code 1) ID 68 length 82
Fri Aug 26 16:16:40 2016 : Debug: (2080) eap: EAP session adding &reply:State = 0x2db65ab025f2431c
Fri Aug 26 16:16:40 2016 : Debug: (2080) modsingle[authenticate]: returned from eap (rlm_eap) for request 2080
Fri Aug 26 16:16:40 2016 : Debug: (2080) [eap] = handled
Fri Aug 26 16:16:40 2016 : Debug: (2080) } # authenticate = handled
Fri Aug 26 16:16:40 2016 : Debug: (2080) Using Post-Auth-Type Challenge
Fri Aug 26 16:16:40 2016 : Debug: (2080) Post-Auth-Type sub-section not found. Ignoring.
Fri Aug 26 16:16:40 2016 : Debug: (2080) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2080) session-state: Nothing to cache
Fri Aug 26 16:16:40 2016 : Debug: (2080) Sent Access-Challenge Id 121 from 192.168.42.101:1812 to 192.168.42.103:56100 length 0
Fri Aug 26 16:16:40 2016 : Debug: (2080) EAP-Message = 0x0144005219001703030047f5e04c8b21ca2742ac98d9ec12b8ec3fd62a98600121ef6b8a735637669d4ff5de54b3b306efd837ac2b4f26f7ff548d101b39a6d8f3da64b809c3772c882b4081186c69d79c3a
Fri Aug 26 16:16:40 2016 : Debug: (2080) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:16:40 2016 : Debug: (2080) State = 0x2db65ab025f2431c14b46e27d539f2bf
Fri Aug 26 16:16:40 2016 : Debug: (2080) Proxy-State = 0x323036
Fri Aug 26 16:16:40 2016 : Debug: (2080) Proxy-State = 0x3433
Fri Aug 26 16:16:40 2016 : Debug: (2080) Finished request
Fri Aug 26 16:16:40 2016 : Debug: Waking up in 4.9 seconds.
Fri Aug 26 16:16:40 2016 : Debug: (2081) Received Access-Request Id 187 from 192.168.42.103:56100 to 192.168.42.101:1812 length 276
Fri Aug 26 16:16:40 2016 : Debug: (2081) User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2081) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2081) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:16:40 2016 : Debug: (2081) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:16:40 2016 : Debug: (2081) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:16:40 2016 : Debug: (2081) NAS-Port = 0
Fri Aug 26 16:16:40 2016 : Debug: (2081) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:16:40 2016 : Debug: (2081) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:16:40 2016 : Debug: (2081) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:16:40 2016 : Debug: (2081) Framed-MTU = 1400
Fri Aug 26 16:16:40 2016 : Debug: (2081) EAP-Message = 0x024400251900170303001ac5a0f3d7fa65d0fefa1506e0c44886a1967d38f73f6e2e5f4ced
Fri Aug 26 16:16:40 2016 : Debug: (2081) State = 0x2db65ab025f2431c14b46e27d539f2bf
Fri Aug 26 16:16:40 2016 : Debug: (2081) Message-Authenticator = 0x707ec2bc0c48cef5791c2c47806e8036
Fri Aug 26 16:16:40 2016 : Debug: (2081) Event-Timestamp = "Aug 26 2016 16:16:40 CEST"
Fri Aug 26 16:16:40 2016 : Debug: (2081) Proxy-State = 0x323037
Fri Aug 26 16:16:40 2016 : Debug: (2081) NET-NodeID = "ndid-00000001"
Fri Aug 26 16:16:40 2016 : Debug: (2081) Proxy-State = 0x313132
Fri Aug 26 16:16:40 2016 : Debug: (2081) session-state: No cached attributes
Fri Aug 26 16:16:40 2016 : Debug: (2081) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2081) authorize {
Fri Aug 26 16:16:40 2016 : Debug: (2081) policy filter_username {
Fri Aug 26 16:16:40 2016 : Debug: (2081) if (!&User-Name) {
Fri Aug 26 16:16:40 2016 : Debug: (2081) if (!&User-Name) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2081) if (&User-Name =~ / /) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2081) if (&User-Name =~ / /) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2081) if (&User-Name =~ /@.*@/ ) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2081) if (&User-Name =~ /@.*@/ ) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2081) if (&User-Name =~ /\.\./ ) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2081) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2081) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 1 matches
Fri Aug 26 16:16:40 2016 : Debug: Clearing 1 matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 3 matches
Fri Aug 26 16:16:40 2016 : Debug: (2081) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2081) if (&User-Name =~ /\.$/) {
Fri Aug 26 16:16:40 2016 : Debug: Clearing 3 matches
Fri Aug 26 16:16:40 2016 : Debug: (2081) if (&User-Name =~ /\.$/) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2081) if (&User-Name =~ /@\./) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2081) if (&User-Name =~ /@\./) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2081) } # policy filter_username = notfound
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) [preprocess] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: calling chap (rlm_chap) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: returned from chap (rlm_chap) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) [chap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: calling mschap (rlm_mschap) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) [mschap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: calling digest (rlm_digest) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: returned from digest (rlm_digest) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) [digest] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: calling suffix (rlm_realm) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) suffix: Checking for suffix after "@"
Fri Aug 26 16:16:40 2016 : Debug: (2081) suffix: Looking up realm "networks.com" for User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2081) suffix: No such realm "networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: returned from suffix (rlm_realm) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) [suffix] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: calling eap (rlm_eap) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap: Peer sent EAP Response (code 2) ID 68 length 37
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap: Continuing tunnel setup
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: returned from eap (rlm_eap) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) [eap] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2081) } # authorize = ok
Fri Aug 26 16:16:40 2016 : Debug: (2081) Found Auth-Type = EAP
Fri Aug 26 16:16:40 2016 : Debug: (2081) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2081) authenticate {
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authenticate]: calling eap (rlm_eap) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap: Expiring EAP session with state 0x58bb2a4559ff306d
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap: Finished EAP session with state 0x2db65ab025f2431c
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap: Previous EAP request found for state 0x2db65ab025f2431c, released from the list
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap: Peer sent packet with method EAP PEAP (25)
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap: Calling submodule eap_peap to process data
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: Continuing EAP-TLS
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: Peer sent flags ---
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: [eaptls verify] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: Done initial handshake
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: <<< UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: [eaptls process] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: Session established. Decoding tunneled attributes
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: PEAP state phase2
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: EAP method MSCHAPv2 (26)
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: Got tunneled request
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: EAP-Message = 0x024400061a03
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: Setting User-Name to test at networks.com
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: Sending tunneled request to inner-tunnel
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: EAP-Message = 0x024400061a03
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: State = 0x58bb2a4559ff306daf7d98fbf555a627
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: NAS-Identifier = "ap.example.com"
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: NAS-Port = 0
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: Framed-MTU = 1400
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: Event-Timestamp = "Aug 26 2016 16:16:40 CEST"
Fri Aug 26 16:16:40 2016 : Debug: (2081) Virtual server inner-tunnel received request
Fri Aug 26 16:16:40 2016 : Debug: (2081) EAP-Message = 0x024400061a03
Fri Aug 26 16:16:40 2016 : Debug: (2081) FreeRADIUS-Proxied-To = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2081) User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2081) State = 0x58bb2a4559ff306daf7d98fbf555a627
Fri Aug 26 16:16:40 2016 : Debug: (2081) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2081) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:16:40 2016 : Debug: (2081) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:16:40 2016 : Debug: (2081) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:16:40 2016 : Debug: (2081) NAS-Port = 0
Fri Aug 26 16:16:40 2016 : Debug: (2081) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:16:40 2016 : Debug: (2081) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:16:40 2016 : Debug: (2081) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:16:40 2016 : Debug: (2081) Framed-MTU = 1400
Fri Aug 26 16:16:40 2016 : Debug: (2081) Event-Timestamp = "Aug 26 2016 16:16:40 CEST"
Fri Aug 26 16:16:40 2016 : Debug: (2081) server inner-tunnel {
Fri Aug 26 16:16:40 2016 : Debug: (2081) session-state: No cached attributes
Fri Aug 26 16:16:40 2016 : Debug: (2081) # Executing section authorize from file /etc/raddb/sites-enabled/inner-tunnel
Fri Aug 26 16:16:40 2016 : Debug: (2081) authorize {
Fri Aug 26 16:16:40 2016 : Debug: (2081) policy split_username_nai {
Fri Aug 26 16:16:40 2016 : Debug: (2081) if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 4 matches
Fri Aug 26 16:16:40 2016 : Debug: (2081) if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) -> TRUE
Fri Aug 26 16:16:40 2016 : Debug: (2081) if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) {
Fri Aug 26 16:16:40 2016 : Debug: (2081) update request {
Fri Aug 26 16:16:40 2016 : Debug: (2081) 1/4 Found: test (5)
Fri Aug 26 16:16:40 2016 : Debug: (2081) EXPAND %{1}
Fri Aug 26 16:16:40 2016 : Debug: (2081) --> test
Fri Aug 26 16:16:40 2016 : Debug: (2081) &Stripped-User-Name := test
Fri Aug 26 16:16:40 2016 : Debug: (2081) 3/4 Found: networks.com (17)
Fri Aug 26 16:16:40 2016 : Debug: (2081) EXPAND %{3}
Fri Aug 26 16:16:40 2016 : Debug: (2081) --> networks.com
Fri Aug 26 16:16:40 2016 : Debug: (2081) &Stripped-User-Domain = networks.com
Fri Aug 26 16:16:40 2016 : Debug: (2081) } # update request = noop
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: calling updated (rlm_always) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: returned from updated (rlm_always) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) [updated] = updated
Fri Aug 26 16:16:40 2016 : Debug: (2081) } # if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) = updated
Fri Aug 26 16:16:40 2016 : Debug: (2081) ... skipping else for request 2081: Preceding "if" was taken
Fri Aug 26 16:16:40 2016 : Debug: (2081) } # policy split_username_nai = updated
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: calling chap (rlm_chap) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: returned from chap (rlm_chap) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) [chap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: calling mschap (rlm_mschap) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) [mschap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: calling suffix (rlm_realm) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) suffix: Checking for suffix after "@"
Fri Aug 26 16:16:40 2016 : Debug: (2081) suffix: No '@' in User-Name = "test", looking up realm NULL
Fri Aug 26 16:16:40 2016 : Debug: (2081) suffix: No such realm "NULL"
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: returned from suffix (rlm_realm) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) [suffix] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2081) update control {
Fri Aug 26 16:16:40 2016 : Debug: (2081) &Proxy-To-Realm := LOCAL
Fri Aug 26 16:16:40 2016 : Debug: (2081) } # update control = noop
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: calling eap (rlm_eap) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap: Peer sent EAP Response (code 2) ID 68 length 6
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap: No EAP Start, assuming it's an on-going EAP conversation
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: returned from eap (rlm_eap) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) [eap] = updated
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: calling files (rlm_files) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: returned from files (rlm_files) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) [files] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: calling ldap (rlm_ldap) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: rlm_ldap (ldap): Reserved connection (248)
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: EXPAND TMPL XLAT
Fri Aug 26 16:16:40 2016 : Debug: (uid=%{%{Stripped-User-Name}:-%{User-Name}})
Fri Aug 26 16:16:40 2016 : Debug: Parsed xlat tree:
Fri Aug 26 16:16:40 2016 : Debug: literal --> (uid=
Fri Aug 26 16:16:40 2016 : Debug: if {
Fri Aug 26 16:16:40 2016 : Debug: attribute --> Stripped-User-Name
Fri Aug 26 16:16:40 2016 : Debug: }
Fri Aug 26 16:16:40 2016 : Debug: else {
Fri Aug 26 16:16:40 2016 : Debug: attribute --> User-Name
Fri Aug 26 16:16:40 2016 : Debug: }
Fri Aug 26 16:16:40 2016 : Debug: literal --> )
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: --> (uid=test)
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: Performing search in "uid=lakc192e,ou=auth_servers,tnid=ukjprwp3,ou=tenants,dc=netos" with filter "(uid=test)", scope "sub"
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: Waiting for search result...
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: User object found at DN "uid=test,ou=People,uid=lakc192e,ou=auth_servers,tnid=ukjprwp3,ou=tenants,dc=netos"
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: Processing user attributes
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: Attribute "userPassword" not found in LDAP object
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: control:NT-Password := 0x3345363738423236364431443434394535333145393242454333334236443237
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: control:LM-Password := 0x3244353534353037374437423744324143434639313535453345374442343533
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: control:NET-NodeID += 'ndid-00000002'
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: Attribute "radiusTunnelType" not found in LDAP object
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: Attribute "radiusTunnelMediumType" not found in LDAP object
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: Attribute "radiusTunnelPrivategroupId" not found in LDAP object
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: reply:NET-SubnetID := 'snid-00000001'
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: Attribute "radiusControlAttribute" not found in LDAP object
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: Attribute "radiusRequestAttribute" not found in LDAP object
Fri Aug 26 16:16:40 2016 : Debug: (2081) ldap: Attribute "radiusReplyAttribute" not found in LDAP object
Fri Aug 26 16:16:40 2016 : Debug: rlm_ldap (ldap): Released connection (248)
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: returned from ldap (rlm_ldap) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) [ldap] = updated
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: calling expiration (rlm_expiration) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: returned from expiration (rlm_expiration) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) [expiration] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: calling logintime (rlm_logintime) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: returned from logintime (rlm_logintime) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) [logintime] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: calling pap (rlm_pap) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) pap: Normalizing NT-Password from hex encoding, 32 bytes -> 16 bytes
Fri Aug 26 16:16:40 2016 : Debug: (2081) pap: Normalizing LM-Password from hex encoding, 32 bytes -> 16 bytes
Fri Aug 26 16:16:40 2016 : WARNING: (2081) pap: Auth-Type already set. Not setting to PAP
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authorize]: returned from pap (rlm_pap) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) [pap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2081) } # authorize = updated
Fri Aug 26 16:16:40 2016 : Debug: (2081) Found Auth-Type = EAP
Fri Aug 26 16:16:40 2016 : Debug: (2081) # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
Fri Aug 26 16:16:40 2016 : Debug: (2081) authenticate {
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authenticate]: calling eap (rlm_eap) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap: Expiring EAP session with state 0x58bb2a4559ff306d
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap: Finished EAP session with state 0x58bb2a4559ff306d
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap: Previous EAP request found for state 0x58bb2a4559ff306d, released from the list
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap: Peer sent packet with method EAP MSCHAPv2 (26)
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap: Calling submodule eap_mschapv2 to process data
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap: Sending EAP Success (code 3) ID 68 length 4
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap: Freeing handler
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authenticate]: returned from eap (rlm_eap) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) [eap] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2081) } # authenticate = ok
Fri Aug 26 16:16:40 2016 : Debug: (2081) # Executing section post-auth from file /etc/raddb/sites-enabled/inner-tunnel
Fri Aug 26 16:16:40 2016 : Debug: (2081) post-auth {
Fri Aug 26 16:16:40 2016 : Debug: (2081) update reply {
Fri Aug 26 16:16:40 2016 : Debug: (2081) No attributes updated
Fri Aug 26 16:16:40 2016 : Debug: (2081) No attributes updated
Fri Aug 26 16:16:40 2016 : Debug: (2081) } # update reply = noop
Fri Aug 26 16:16:40 2016 : Debug: (2081) } # post-auth = noop
Fri Aug 26 16:16:40 2016 : Debug: (2081) } # server inner-tunnel
Fri Aug 26 16:16:40 2016 : Debug: (2081) Virtual server sending reply
Fri Aug 26 16:16:40 2016 : Debug: (2081) NET-SubnetID := "snid-00000001"
Fri Aug 26 16:16:40 2016 : Debug: (2081) MS-MPPE-Encryption-Policy = Encryption-Allowed
Fri Aug 26 16:16:40 2016 : Debug: (2081) MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
Fri Aug 26 16:16:40 2016 : Debug: (2081) MS-MPPE-Send-Key = 0x417dfb736e1d502902446a14bf5840a7
Fri Aug 26 16:16:40 2016 : Debug: (2081) MS-MPPE-Recv-Key = 0x25c3cdff1c19f2ed2a2072c4654c1b10
Fri Aug 26 16:16:40 2016 : Debug: (2081) EAP-Message = 0x03440004
Fri Aug 26 16:16:40 2016 : Debug: (2081) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:16:40 2016 : Debug: (2081) Stripped-User-Name := "test"
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: Got tunneled reply code 2
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: NET-SubnetID := "snid-00000001"
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: MS-MPPE-Encryption-Policy = Encryption-Allowed
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: MS-MPPE-Send-Key = 0x417dfb736e1d502902446a14bf5840a7
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: MS-MPPE-Recv-Key = 0x25c3cdff1c19f2ed2a2072c4654c1b10
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: EAP-Message = 0x03440004
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: Stripped-User-Name := "test"
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: Got tunneled reply RADIUS code 2
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: NET-SubnetID := "snid-00000001"
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: MS-MPPE-Encryption-Policy = Encryption-Allowed
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: MS-MPPE-Send-Key = 0x417dfb736e1d502902446a14bf5840a7
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: MS-MPPE-Recv-Key = 0x25c3cdff1c19f2ed2a2072c4654c1b10
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: EAP-Message = 0x03440004
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: Stripped-User-Name := "test"
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: Tunneled authentication was successful
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: SUCCESS
Fri Aug 26 16:16:40 2016 : Debug: >>> UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap_peap: Saving tunneled attributes for later
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap: Sending EAP Request (code 1) ID 69 length 46
Fri Aug 26 16:16:40 2016 : Debug: (2081) eap: EAP session adding &reply:State = 0x2db65ab024f3431c
Fri Aug 26 16:16:40 2016 : Debug: (2081) modsingle[authenticate]: returned from eap (rlm_eap) for request 2081
Fri Aug 26 16:16:40 2016 : Debug: (2081) [eap] = handled
Fri Aug 26 16:16:40 2016 : Debug: (2081) } # authenticate = handled
Fri Aug 26 16:16:40 2016 : Debug: (2081) Using Post-Auth-Type Challenge
Fri Aug 26 16:16:40 2016 : Debug: (2081) Post-Auth-Type sub-section not found. Ignoring.
Fri Aug 26 16:16:40 2016 : Debug: (2081) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2081) session-state: Nothing to cache
Fri Aug 26 16:16:40 2016 : Debug: (2081) Sent Access-Challenge Id 187 from 192.168.42.101:1812 to 192.168.42.103:56100 length 0
Fri Aug 26 16:16:40 2016 : Debug: (2081) EAP-Message = 0x0145002e19001703030023f5e04c8b21ca2743aab0c85030f2e5c73788a6abacf5c58245492222ff7fc42b83f983
Fri Aug 26 16:16:40 2016 : Debug: (2081) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:16:40 2016 : Debug: (2081) State = 0x2db65ab024f3431c14b46e27d539f2bf
Fri Aug 26 16:16:40 2016 : Debug: (2081) Proxy-State = 0x323037
Fri Aug 26 16:16:40 2016 : Debug: (2081) Proxy-State = 0x313132
Fri Aug 26 16:16:40 2016 : Debug: (2081) Finished request
Fri Aug 26 16:16:40 2016 : Debug: Waking up in 4.9 seconds.
Fri Aug 26 16:16:40 2016 : Debug: (2082) Received Access-Request Id 33 from 192.168.42.103:56100 to 192.168.42.101:1812 length 285
Fri Aug 26 16:16:40 2016 : Debug: (2082) User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2082) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:16:40 2016 : Debug: (2082) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:16:40 2016 : Debug: (2082) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:16:40 2016 : Debug: (2082) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:16:40 2016 : Debug: (2082) NAS-Port = 0
Fri Aug 26 16:16:40 2016 : Debug: (2082) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:16:40 2016 : Debug: (2082) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:16:40 2016 : Debug: (2082) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:16:40 2016 : Debug: (2082) Framed-MTU = 1400
Fri Aug 26 16:16:40 2016 : Debug: (2082) EAP-Message = 0x0245002e19001703030023c5a0f3d7fa65d0ff72df268858a3f263fa21267e1155cd4fbede5927d06e10b3cd0251
Fri Aug 26 16:16:40 2016 : Debug: (2082) State = 0x2db65ab024f3431c14b46e27d539f2bf
Fri Aug 26 16:16:40 2016 : Debug: (2082) Message-Authenticator = 0x288e48d83e3d9d620043fc69e53b7279
Fri Aug 26 16:16:40 2016 : Debug: (2082) Event-Timestamp = "Aug 26 2016 16:16:40 CEST"
Fri Aug 26 16:16:40 2016 : Debug: (2082) Proxy-State = 0x323038
Fri Aug 26 16:16:40 2016 : Debug: (2082) NET-NodeID = "ndid-00000001"
Fri Aug 26 16:16:40 2016 : Debug: (2082) Proxy-State = 0x313235
Fri Aug 26 16:16:40 2016 : Debug: (2082) session-state: No cached attributes
Fri Aug 26 16:16:40 2016 : Debug: (2082) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2082) authorize {
Fri Aug 26 16:16:40 2016 : Debug: (2082) policy filter_username {
Fri Aug 26 16:16:40 2016 : Debug: (2082) if (!&User-Name) {
Fri Aug 26 16:16:40 2016 : Debug: (2082) if (!&User-Name) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2082) if (&User-Name =~ / /) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2082) if (&User-Name =~ / /) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2082) if (&User-Name =~ /@.*@/ ) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2082) if (&User-Name =~ /@.*@/ ) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2082) if (&User-Name =~ /\.\./ ) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2082) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2082) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 1 matches
Fri Aug 26 16:16:40 2016 : Debug: Clearing 1 matches
Fri Aug 26 16:16:40 2016 : Debug: Adding 3 matches
Fri Aug 26 16:16:40 2016 : Debug: (2082) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2082) if (&User-Name =~ /\.$/) {
Fri Aug 26 16:16:40 2016 : Debug: Clearing 3 matches
Fri Aug 26 16:16:40 2016 : Debug: (2082) if (&User-Name =~ /\.$/) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2082) if (&User-Name =~ /@\./) {
Fri Aug 26 16:16:40 2016 : Debug: No matches
Fri Aug 26 16:16:40 2016 : Debug: (2082) if (&User-Name =~ /@\./) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2082) } # policy filter_username = notfound
Fri Aug 26 16:16:40 2016 : Debug: (2082) modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2082
Fri Aug 26 16:16:40 2016 : Debug: (2082) modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2082
Fri Aug 26 16:16:40 2016 : Debug: (2082) [preprocess] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2082) modsingle[authorize]: calling chap (rlm_chap) for request 2082
Fri Aug 26 16:16:40 2016 : Debug: (2082) modsingle[authorize]: returned from chap (rlm_chap) for request 2082
Fri Aug 26 16:16:40 2016 : Debug: (2082) [chap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2082) modsingle[authorize]: calling mschap (rlm_mschap) for request 2082
Fri Aug 26 16:16:40 2016 : Debug: (2082) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2082
Fri Aug 26 16:16:40 2016 : Debug: (2082) [mschap] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2082) modsingle[authorize]: calling digest (rlm_digest) for request 2082
Fri Aug 26 16:16:40 2016 : Debug: (2082) modsingle[authorize]: returned from digest (rlm_digest) for request 2082
Fri Aug 26 16:16:40 2016 : Debug: (2082) [digest] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2082) modsingle[authorize]: calling suffix (rlm_realm) for request 2082
Fri Aug 26 16:16:40 2016 : Debug: (2082) suffix: Checking for suffix after "@"
Fri Aug 26 16:16:40 2016 : Debug: (2082) suffix: Looking up realm "networks.com" for User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2082) suffix: No such realm "networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2082) modsingle[authorize]: returned from suffix (rlm_realm) for request 2082
Fri Aug 26 16:16:40 2016 : Debug: (2082) [suffix] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2082) modsingle[authorize]: calling eap (rlm_eap) for request 2082
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap: Peer sent EAP Response (code 2) ID 69 length 46
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap: Continuing tunnel setup
Fri Aug 26 16:16:40 2016 : Debug: (2082) modsingle[authorize]: returned from eap (rlm_eap) for request 2082
Fri Aug 26 16:16:40 2016 : Debug: (2082) [eap] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2082) } # authorize = ok
Fri Aug 26 16:16:40 2016 : Debug: (2082) Found Auth-Type = EAP
Fri Aug 26 16:16:40 2016 : Debug: (2082) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2082) authenticate {
Fri Aug 26 16:16:40 2016 : Debug: (2082) modsingle[authenticate]: calling eap (rlm_eap) for request 2082
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap: Expiring EAP session with state 0x2db65ab024f3431c
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap: Finished EAP session with state 0x2db65ab024f3431c
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap: Previous EAP request found for state 0x2db65ab024f3431c, released from the list
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap: Peer sent packet with method EAP PEAP (25)
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap: Calling submodule eap_peap to process data
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap_peap: Continuing EAP-TLS
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap_peap: Peer sent flags ---
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap_peap: [eaptls verify] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap_peap: Done initial handshake
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap_peap: <<< UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap_peap: [eaptls process] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap_peap: Session established. Decoding tunneled attributes
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap_peap: PEAP state send tlv success
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap_peap: Received EAP-TLV response
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap_peap: Success
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap_peap: Using saved attributes from the original Access-Accept
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap_peap: NET-SubnetID := "snid-00000001"
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap_peap: Stripped-User-Name := "test"
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap_peap: No information to cache: session caching will be disabled for session 625697f73fe0ff3715df2ddc1750990742091c88ab9fdbb0f19f97c35418c1af
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap: Sending EAP Success (code 3) ID 69 length 4
Fri Aug 26 16:16:40 2016 : Debug: (2082) eap: Freeing handler
Fri Aug 26 16:16:40 2016 : Debug: (2082) modsingle[authenticate]: returned from eap (rlm_eap) for request 2082
Fri Aug 26 16:16:40 2016 : Debug: (2082) [eap] = ok
Fri Aug 26 16:16:40 2016 : Debug: (2082) } # authenticate = ok
Fri Aug 26 16:16:40 2016 : Debug: (2082) # Executing section post-auth from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:16:40 2016 : Debug: (2082) post-auth {
Fri Aug 26 16:16:40 2016 : Debug: (2082) update {
Fri Aug 26 16:16:40 2016 : Debug: (2082) No attributes updated
Fri Aug 26 16:16:40 2016 : Debug: (2082) } # update = noop
Fri Aug 26 16:16:40 2016 : Debug: (2082) update reply {
Fri Aug 26 16:16:40 2016 : Debug: (2082) &reply:NET-TenantID += 'tnid-00000001'
Fri Aug 26 16:16:40 2016 : Debug: (2082) &reply:NET-NodeID += &request:NET-NodeID -> 'ndid-00000001'
Fri Aug 26 16:16:40 2016 : Debug: (2082) &reply:Acct-Interim-Interval += 300
Fri Aug 26 16:16:40 2016 : Debug: (2082) } # update reply = noop
Fri Aug 26 16:16:40 2016 : Debug: (2082) modsingle[post-auth]: calling exec (rlm_exec) for request 2082
Fri Aug 26 16:16:40 2016 : Debug: (2082) modsingle[post-auth]: returned from exec (rlm_exec) for request 2082
Fri Aug 26 16:16:40 2016 : Debug: (2082) [exec] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2082) policy remove_reply_message_if_eap {
Fri Aug 26 16:16:40 2016 : Debug: (2082) if (&reply:EAP-Message && &reply:Reply-Message) {
Fri Aug 26 16:16:40 2016 : Debug: (2082) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE
Fri Aug 26 16:16:40 2016 : Debug: (2082) else {
Fri Aug 26 16:16:40 2016 : Debug: (2082) modsingle[post-auth]: calling noop (rlm_always) for request 2082
Fri Aug 26 16:16:40 2016 : Debug: (2082) modsingle[post-auth]: returned from noop (rlm_always) for request 2082
Fri Aug 26 16:16:40 2016 : Debug: (2082) [noop] = noop
Fri Aug 26 16:16:40 2016 : Debug: (2082) } # else = noop
Fri Aug 26 16:16:40 2016 : Debug: (2082) } # policy remove_reply_message_if_eap = noop
Fri Aug 26 16:16:40 2016 : Debug: (2082) } # post-auth = noop
Fri Aug 26 16:16:40 2016 : Debug: (2082) Sent Access-Accept Id 33 from 192.168.42.101:1812 to 192.168.42.103:56100 length 0
Fri Aug 26 16:16:40 2016 : Debug: (2082) NET-SubnetID := "snid-00000001"
Fri Aug 26 16:16:40 2016 : Debug: (2082) MS-MPPE-Recv-Key = 0xaa1687d515c71bf386398910180ebd098e92e802225ec1f94a7029a8d2920943
Fri Aug 26 16:16:40 2016 : Debug: (2082) MS-MPPE-Send-Key = 0xc3f4d83f8a8fd5563a914be10852386710612b855af4511be89df6b98fa2bf6e
Fri Aug 26 16:16:40 2016 : Debug: (2082) EAP-Message = 0x03450004
Fri Aug 26 16:16:40 2016 : Debug: (2082) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:16:40 2016 : Debug: (2082) User-Name = "test at networks.com"
Fri Aug 26 16:16:40 2016 : Debug: (2082) Proxy-State = 0x323038
Fri Aug 26 16:16:40 2016 : Debug: (2082) Proxy-State = 0x313235
Fri Aug 26 16:16:40 2016 : Debug: (2082) NET-TenantID += "tnid-00000001"
Fri Aug 26 16:16:40 2016 : Debug: (2082) NET-NodeID += "ndid-00000001"
Fri Aug 26 16:16:40 2016 : Debug: (2082) Acct-Interim-Interval += 300
Fri Aug 26 16:16:40 2016 : Debug: (2082) Finished request
Fri Aug 26 16:16:40 2016 : Debug: Waking up in 4.9 seconds.
Fri Aug 26 16:16:45 2016 : Debug: (2072) Cleaning up request packet ID 158 with timestamp +2573934
Fri Aug 26 16:16:45 2016 : Debug: (2073) Cleaning up request packet ID 201 with timestamp +2573934
Fri Aug 26 16:16:45 2016 : Debug: (2074) Cleaning up request packet ID 80 with timestamp +2573934
Fri Aug 26 16:16:45 2016 : Debug: (2075) Cleaning up request packet ID 31 with timestamp +2573934
Fri Aug 26 16:16:45 2016 : Debug: (2076) Cleaning up request packet ID 21 with timestamp +2573934
Fri Aug 26 16:16:45 2016 : Debug: (2077) Cleaning up request packet ID 4 with timestamp +2573934
Fri Aug 26 16:16:45 2016 : Debug: (2078) Cleaning up request packet ID 8 with timestamp +2573934
Fri Aug 26 16:16:45 2016 : Debug: (2079) Cleaning up request packet ID 62 with timestamp +2573934
Fri Aug 26 16:16:45 2016 : Debug: (2080) Cleaning up request packet ID 121 with timestamp +2573934
Fri Aug 26 16:16:45 2016 : Debug: (2081) Cleaning up request packet ID 187 with timestamp +2573934
Fri Aug 26 16:16:45 2016 : Debug: (2082) Cleaning up request packet ID 33 with timestamp +2573934
Fri Aug 26 16:16:45 2016 : Info: Ready to process requests
Fri Aug 26 16:17:16 2016 : Debug: (2083) Received Access-Request Id 96 from 192.168.42.103:56100 to 192.168.42.101:1812 length 247
Fri Aug 26 16:17:16 2016 : Debug: (2083) User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2083) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2083) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:17:16 2016 : Debug: (2083) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:17:16 2016 : Debug: (2083) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:17:16 2016 : Debug: (2083) NAS-Port = 0
Fri Aug 26 16:17:16 2016 : Debug: (2083) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:17:16 2016 : Debug: (2083) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:17:16 2016 : Debug: (2083) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:17:16 2016 : Debug: (2083) Framed-MTU = 1400
Fri Aug 26 16:17:16 2016 : Debug: (2083) EAP-Message = 0x02fc001a01746573744062796f2d6e6574776f726b732e636f6d
Fri Aug 26 16:17:16 2016 : Debug: (2083) Message-Authenticator = 0x1ea2d1a39fe97a313fec09279826524b
Fri Aug 26 16:17:16 2016 : Debug: (2083) Event-Timestamp = "Aug 26 2016 16:17:16 CEST"
Fri Aug 26 16:17:16 2016 : Debug: (2083) Proxy-State = 0x323039
Fri Aug 26 16:17:16 2016 : Debug: (2083) NET-NodeID = "ndid-00000001"
Fri Aug 26 16:17:16 2016 : Debug: (2083) Proxy-State = 0x313634
Fri Aug 26 16:17:16 2016 : Debug: (2083) session-state: No State attribute
Fri Aug 26 16:17:16 2016 : Debug: (2083) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2083) authorize {
Fri Aug 26 16:17:16 2016 : Debug: (2083) policy filter_username {
Fri Aug 26 16:17:16 2016 : Debug: (2083) if (!&User-Name) {
Fri Aug 26 16:17:16 2016 : Debug: (2083) if (!&User-Name) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2083) if (&User-Name =~ / /) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2083) if (&User-Name =~ / /) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2083) if (&User-Name =~ /@.*@/ ) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2083) if (&User-Name =~ /@.*@/ ) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2083) if (&User-Name =~ /\.\./ ) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2083) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2083) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 1 matches
Fri Aug 26 16:17:16 2016 : Debug: Clearing 1 matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 3 matches
Fri Aug 26 16:17:16 2016 : Debug: (2083) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2083) if (&User-Name =~ /\.$/) {
Fri Aug 26 16:17:16 2016 : Debug: Clearing 3 matches
Fri Aug 26 16:17:16 2016 : Debug: (2083) if (&User-Name =~ /\.$/) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2083) if (&User-Name =~ /@\./) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2083) if (&User-Name =~ /@\./) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2083) } # policy filter_username = notfound
Fri Aug 26 16:17:16 2016 : Debug: (2083) modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2083
Fri Aug 26 16:17:16 2016 : Debug: (2083) modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2083
Fri Aug 26 16:17:16 2016 : Debug: (2083) [preprocess] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2083) modsingle[authorize]: calling chap (rlm_chap) for request 2083
Fri Aug 26 16:17:16 2016 : Debug: (2083) modsingle[authorize]: returned from chap (rlm_chap) for request 2083
Fri Aug 26 16:17:16 2016 : Debug: (2083) [chap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2083) modsingle[authorize]: calling mschap (rlm_mschap) for request 2083
Fri Aug 26 16:17:16 2016 : Debug: (2083) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2083
Fri Aug 26 16:17:16 2016 : Debug: (2083) [mschap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2083) modsingle[authorize]: calling digest (rlm_digest) for request 2083
Fri Aug 26 16:17:16 2016 : Debug: (2083) modsingle[authorize]: returned from digest (rlm_digest) for request 2083
Fri Aug 26 16:17:16 2016 : Debug: (2083) [digest] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2083) modsingle[authorize]: calling suffix (rlm_realm) for request 2083
Fri Aug 26 16:17:16 2016 : Debug: (2083) suffix: Checking for suffix after "@"
Fri Aug 26 16:17:16 2016 : Debug: (2083) suffix: Looking up realm "networks.com" for User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2083) suffix: No such realm "networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2083) modsingle[authorize]: returned from suffix (rlm_realm) for request 2083
Fri Aug 26 16:17:16 2016 : Debug: (2083) [suffix] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2083) modsingle[authorize]: calling eap (rlm_eap) for request 2083
Fri Aug 26 16:17:16 2016 : Debug: (2083) eap: Peer sent EAP Response (code 2) ID 252 length 26
Fri Aug 26 16:17:16 2016 : Debug: (2083) eap: EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
Fri Aug 26 16:17:16 2016 : Debug: (2083) modsingle[authorize]: returned from eap (rlm_eap) for request 2083
Fri Aug 26 16:17:16 2016 : Debug: (2083) [eap] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2083) } # authorize = ok
Fri Aug 26 16:17:16 2016 : Debug: (2083) Found Auth-Type = EAP
Fri Aug 26 16:17:16 2016 : Debug: (2083) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2083) authenticate {
Fri Aug 26 16:17:16 2016 : Debug: (2083) modsingle[authenticate]: calling eap (rlm_eap) for request 2083
Fri Aug 26 16:17:16 2016 : Debug: (2083) eap: Peer sent packet with method EAP Identity (1)
Fri Aug 26 16:17:16 2016 : Debug: (2083) eap: Calling submodule eap_md5 to process data
Fri Aug 26 16:17:16 2016 : Debug: (2083) eap_md5: Issuing MD5 Challenge
Fri Aug 26 16:17:16 2016 : Debug: (2083) eap: Sending EAP Request (code 1) ID 253 length 22
Fri Aug 26 16:17:16 2016 : Debug: (2083) eap: EAP session adding &reply:State = 0x8468d6d08495d242
Fri Aug 26 16:17:16 2016 : Debug: (2083) modsingle[authenticate]: returned from eap (rlm_eap) for request 2083
Fri Aug 26 16:17:16 2016 : Debug: (2083) [eap] = handled
Fri Aug 26 16:17:16 2016 : Debug: (2083) } # authenticate = handled
Fri Aug 26 16:17:16 2016 : Debug: (2083) Using Post-Auth-Type Challenge
Fri Aug 26 16:17:16 2016 : Debug: (2083) Post-Auth-Type sub-section not found. Ignoring.
Fri Aug 26 16:17:16 2016 : Debug: (2083) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2083) session-state: Nothing to cache
Fri Aug 26 16:17:16 2016 : Debug: (2083) Sent Access-Challenge Id 96 from 192.168.42.101:1812 to 192.168.42.103:56100 length 0
Fri Aug 26 16:17:16 2016 : Debug: (2083) EAP-Message = 0x01fd00160410166f64d3912de4ff6be584bd2c33d93a
Fri Aug 26 16:17:16 2016 : Debug: (2083) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:17:16 2016 : Debug: (2083) State = 0x8468d6d08495d24286ff6b75b100a9a2
Fri Aug 26 16:17:16 2016 : Debug: (2083) Proxy-State = 0x323039
Fri Aug 26 16:17:16 2016 : Debug: (2083) Proxy-State = 0x313634
Fri Aug 26 16:17:16 2016 : Debug: (2083) Finished request
Fri Aug 26 16:17:16 2016 : Debug: Waking up in 4.9 seconds.
Fri Aug 26 16:17:16 2016 : Debug: (2084) Received Access-Request Id 135 from 192.168.42.103:56100 to 192.168.42.101:1812 length 244
Fri Aug 26 16:17:16 2016 : Debug: (2084) User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2084) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2084) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:17:16 2016 : Debug: (2084) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:17:16 2016 : Debug: (2084) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:17:16 2016 : Debug: (2084) NAS-Port = 0
Fri Aug 26 16:17:16 2016 : Debug: (2084) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:17:16 2016 : Debug: (2084) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:17:16 2016 : Debug: (2084) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:17:16 2016 : Debug: (2084) Framed-MTU = 1400
Fri Aug 26 16:17:16 2016 : Debug: (2084) EAP-Message = 0x02fd00060319
Fri Aug 26 16:17:16 2016 : Debug: (2084) State = 0x8468d6d08495d24286ff6b75b100a9a2
Fri Aug 26 16:17:16 2016 : Debug: (2084) Message-Authenticator = 0x5761f202b7a2c64c9a19516e31324e34
Fri Aug 26 16:17:16 2016 : Debug: (2084) Event-Timestamp = "Aug 26 2016 16:17:16 CEST"
Fri Aug 26 16:17:16 2016 : Debug: (2084) Proxy-State = 0x323130
Fri Aug 26 16:17:16 2016 : Debug: (2084) NET-NodeID = "ndid-00000001"
Fri Aug 26 16:17:16 2016 : Debug: (2084) Proxy-State = 0x3335
Fri Aug 26 16:17:16 2016 : Debug: (2084) session-state: No cached attributes
Fri Aug 26 16:17:16 2016 : Debug: (2084) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2084) authorize {
Fri Aug 26 16:17:16 2016 : Debug: (2084) policy filter_username {
Fri Aug 26 16:17:16 2016 : Debug: (2084) if (!&User-Name) {
Fri Aug 26 16:17:16 2016 : Debug: (2084) if (!&User-Name) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2084) if (&User-Name =~ / /) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2084) if (&User-Name =~ / /) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2084) if (&User-Name =~ /@.*@/ ) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2084) if (&User-Name =~ /@.*@/ ) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2084) if (&User-Name =~ /\.\./ ) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2084) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2084) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 1 matches
Fri Aug 26 16:17:16 2016 : Debug: Clearing 1 matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 3 matches
Fri Aug 26 16:17:16 2016 : Debug: (2084) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2084) if (&User-Name =~ /\.$/) {
Fri Aug 26 16:17:16 2016 : Debug: Clearing 3 matches
Fri Aug 26 16:17:16 2016 : Debug: (2084) if (&User-Name =~ /\.$/) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2084) if (&User-Name =~ /@\./) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2084) if (&User-Name =~ /@\./) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2084) } # policy filter_username = notfound
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) [preprocess] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authorize]: calling chap (rlm_chap) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authorize]: returned from chap (rlm_chap) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) [chap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authorize]: calling mschap (rlm_mschap) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) [mschap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authorize]: calling digest (rlm_digest) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authorize]: returned from digest (rlm_digest) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) [digest] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authorize]: calling suffix (rlm_realm) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) suffix: Checking for suffix after "@"
Fri Aug 26 16:17:16 2016 : Debug: (2084) suffix: Looking up realm "networks.com" for User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2084) suffix: No such realm "networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authorize]: returned from suffix (rlm_realm) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) [suffix] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authorize]: calling eap (rlm_eap) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) eap: Peer sent EAP Response (code 2) ID 253 length 6
Fri Aug 26 16:17:16 2016 : Debug: (2084) eap: No EAP Start, assuming it's an on-going EAP conversation
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authorize]: returned from eap (rlm_eap) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) [eap] = updated
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authorize]: calling files (rlm_files) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authorize]: returned from files (rlm_files) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) [files] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authorize]: calling ldap (rlm_ldap) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2084) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2084) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2084) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2084) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2084) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2084) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2084) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2084) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2084) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2084) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: rlm_ldap (ldap): Reserved connection (247)
Fri Aug 26 16:17:16 2016 : Debug: (2084) ldap: EXPAND TMPL XLAT
Fri Aug 26 16:17:16 2016 : Debug: (uid=%{%{Stripped-User-Name}:-%{User-Name}})
Fri Aug 26 16:17:16 2016 : Debug: Parsed xlat tree:
Fri Aug 26 16:17:16 2016 : Debug: literal --> (uid=
Fri Aug 26 16:17:16 2016 : Debug: if {
Fri Aug 26 16:17:16 2016 : Debug: attribute --> Stripped-User-Name
Fri Aug 26 16:17:16 2016 : Debug: }
Fri Aug 26 16:17:16 2016 : Debug: else {
Fri Aug 26 16:17:16 2016 : Debug: attribute --> User-Name
Fri Aug 26 16:17:16 2016 : Debug: }
Fri Aug 26 16:17:16 2016 : Debug: literal --> )
Fri Aug 26 16:17:16 2016 : Debug: (2084) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
Fri Aug 26 16:17:16 2016 : Debug: (2084) ldap: --> (uid=test at networks.com)
Fri Aug 26 16:17:16 2016 : Debug: (2084) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2084) ldap: Performing search in "uid=lakc192e,ou=auth_servers,tnid=ukjprwp3,ou=tenants,dc=netos" with filter "(uid=test at networks.com)", scope "sub"
Fri Aug 26 16:17:16 2016 : Debug: (2084) ldap: Waiting for search result...
Fri Aug 26 16:17:16 2016 : Debug: (2084) ldap: Search returned no results
Fri Aug 26 16:17:16 2016 : Debug: rlm_ldap (ldap): Released connection (247)
Fri Aug 26 16:17:16 2016 : Info: rlm_ldap (ldap): Need 1 more connections to reach 10 spares
Fri Aug 26 16:17:16 2016 : Info: rlm_ldap (ldap): Opening additional connection (249), 1 of 30 pending slots used
Fri Aug 26 16:17:16 2016 : Debug: rlm_ldap (ldap): Connecting to ldap://localhost:389
Fri Aug 26 16:17:16 2016 : Debug: rlm_ldap (ldap): New libldap handle 0x557a220c16d0
Fri Aug 26 16:17:16 2016 : Debug: rlm_ldap (ldap): Waiting for bind result...
Fri Aug 26 16:17:16 2016 : Debug: rlm_ldap (ldap): Bind successful
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authorize]: returned from ldap (rlm_ldap) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) [ldap] = notfound
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authorize]: calling expiration (rlm_expiration) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authorize]: returned from expiration (rlm_expiration) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) [expiration] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authorize]: calling logintime (rlm_logintime) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authorize]: returned from logintime (rlm_logintime) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) [logintime] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authorize]: calling pap (rlm_pap) for request 2084
Fri Aug 26 16:17:16 2016 : WARNING: (2084) pap: No "known good" password found for the user. Not setting Auth-Type
Fri Aug 26 16:17:16 2016 : WARNING: (2084) pap: Authentication will fail unless a "known good" password is available
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authorize]: returned from pap (rlm_pap) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) [pap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2084) } # authorize = updated
Fri Aug 26 16:17:16 2016 : Debug: (2084) Found Auth-Type = EAP
Fri Aug 26 16:17:16 2016 : Debug: (2084) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2084) authenticate {
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authenticate]: calling eap (rlm_eap) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) eap: Expiring EAP session with state 0x8468d6d08495d242
Fri Aug 26 16:17:16 2016 : Debug: (2084) eap: Finished EAP session with state 0x8468d6d08495d242
Fri Aug 26 16:17:16 2016 : Debug: (2084) eap: Previous EAP request found for state 0x8468d6d08495d242, released from the list
Fri Aug 26 16:17:16 2016 : Debug: (2084) eap: Peer sent packet with method EAP NAK (3)
Fri Aug 26 16:17:16 2016 : Debug: (2084) eap: Found mutually acceptable type PEAP (25)
Fri Aug 26 16:17:16 2016 : Debug: (2084) eap: Calling submodule eap_peap to process data
Fri Aug 26 16:17:16 2016 : Debug: (2084) eap_peap: Initiating new EAP-TLS session
Fri Aug 26 16:17:16 2016 : Debug: (2084) eap_peap: [eaptls start] = request
Fri Aug 26 16:17:16 2016 : Debug: (2084) eap: Sending EAP Request (code 1) ID 254 length 6
Fri Aug 26 16:17:16 2016 : Debug: (2084) eap: EAP session adding &reply:State = 0x8468d6d08596cf42
Fri Aug 26 16:17:16 2016 : Debug: (2084) modsingle[authenticate]: returned from eap (rlm_eap) for request 2084
Fri Aug 26 16:17:16 2016 : Debug: (2084) [eap] = handled
Fri Aug 26 16:17:16 2016 : Debug: (2084) } # authenticate = handled
Fri Aug 26 16:17:16 2016 : Debug: (2084) Using Post-Auth-Type Challenge
Fri Aug 26 16:17:16 2016 : Debug: (2084) Post-Auth-Type sub-section not found. Ignoring.
Fri Aug 26 16:17:16 2016 : Debug: (2084) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2084) session-state: Nothing to cache
Fri Aug 26 16:17:16 2016 : Debug: (2084) Sent Access-Challenge Id 135 from 192.168.42.101:1812 to 192.168.42.103:56100 length 0
Fri Aug 26 16:17:16 2016 : Debug: (2084) EAP-Message = 0x01fe00061920
Fri Aug 26 16:17:16 2016 : Debug: (2084) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:17:16 2016 : Debug: (2084) State = 0x8468d6d08596cf4286ff6b75b100a9a2
Fri Aug 26 16:17:16 2016 : Debug: (2084) Proxy-State = 0x323130
Fri Aug 26 16:17:16 2016 : Debug: (2084) Proxy-State = 0x3335
Fri Aug 26 16:17:16 2016 : Debug: (2084) Finished request
Fri Aug 26 16:17:16 2016 : Debug: Waking up in 4.9 seconds.
Fri Aug 26 16:17:16 2016 : Debug: (2085) Received Access-Request Id 46 from 192.168.42.103:56100 to 192.168.42.101:1812 length 536
Fri Aug 26 16:17:16 2016 : Debug: (2085) User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2085) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2085) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:17:16 2016 : Debug: (2085) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:17:16 2016 : Debug: (2085) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:17:16 2016 : Debug: (2085) NAS-Port = 0
Fri Aug 26 16:17:16 2016 : Debug: (2085) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:17:16 2016 : Debug: (2085) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:17:16 2016 : Debug: (2085) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:17:16 2016 : Debug: (2085) Framed-MTU = 1400
Fri Aug 26 16:17:16 2016 : Debug: (2085) EAP-Message = 0x02fe012719800000011d1603010118010001140303e00a6f802c9d61ae7a8618e85accbf3ae1a8920b384a325215b675983004a7330000acc030c02cc028c024c014c00a00a500a300a1009f006b006a0069006800390038003700360088008700860085c032c02ec02ac026c00fc005009d003d003500
Fri Aug 26 16:17:16 2016 : Debug: (2085) State = 0x8468d6d08596cf4286ff6b75b100a9a2
Fri Aug 26 16:17:16 2016 : Debug: (2085) Message-Authenticator = 0xe423044b3c3aa5215911722827c97881
Fri Aug 26 16:17:16 2016 : Debug: (2085) Event-Timestamp = "Aug 26 2016 16:17:16 CEST"
Fri Aug 26 16:17:16 2016 : Debug: (2085) Proxy-State = 0x323131
Fri Aug 26 16:17:16 2016 : Debug: (2085) NET-NodeID = "ndid-00000001"
Fri Aug 26 16:17:16 2016 : Debug: (2085) Proxy-State = 0x323435
Fri Aug 26 16:17:16 2016 : Debug: (2085) session-state: No cached attributes
Fri Aug 26 16:17:16 2016 : Debug: (2085) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2085) authorize {
Fri Aug 26 16:17:16 2016 : Debug: (2085) policy filter_username {
Fri Aug 26 16:17:16 2016 : Debug: (2085) if (!&User-Name) {
Fri Aug 26 16:17:16 2016 : Debug: (2085) if (!&User-Name) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2085) if (&User-Name =~ / /) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2085) if (&User-Name =~ / /) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2085) if (&User-Name =~ /@.*@/ ) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2085) if (&User-Name =~ /@.*@/ ) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2085) if (&User-Name =~ /\.\./ ) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2085) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2085) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 1 matches
Fri Aug 26 16:17:16 2016 : Debug: Clearing 1 matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 3 matches
Fri Aug 26 16:17:16 2016 : Debug: (2085) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2085) if (&User-Name =~ /\.$/) {
Fri Aug 26 16:17:16 2016 : Debug: Clearing 3 matches
Fri Aug 26 16:17:16 2016 : Debug: (2085) if (&User-Name =~ /\.$/) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2085) if (&User-Name =~ /@\./) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2085) if (&User-Name =~ /@\./) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2085) } # policy filter_username = notfound
Fri Aug 26 16:17:16 2016 : Debug: (2085) modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2085
Fri Aug 26 16:17:16 2016 : Debug: (2085) modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2085
Fri Aug 26 16:17:16 2016 : Debug: (2085) [preprocess] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2085) modsingle[authorize]: calling chap (rlm_chap) for request 2085
Fri Aug 26 16:17:16 2016 : Debug: (2085) modsingle[authorize]: returned from chap (rlm_chap) for request 2085
Fri Aug 26 16:17:16 2016 : Debug: (2085) [chap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2085) modsingle[authorize]: calling mschap (rlm_mschap) for request 2085
Fri Aug 26 16:17:16 2016 : Debug: (2085) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2085
Fri Aug 26 16:17:16 2016 : Debug: (2085) [mschap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2085) modsingle[authorize]: calling digest (rlm_digest) for request 2085
Fri Aug 26 16:17:16 2016 : Debug: (2085) modsingle[authorize]: returned from digest (rlm_digest) for request 2085
Fri Aug 26 16:17:16 2016 : Debug: (2085) [digest] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2085) modsingle[authorize]: calling suffix (rlm_realm) for request 2085
Fri Aug 26 16:17:16 2016 : Debug: (2085) suffix: Checking for suffix after "@"
Fri Aug 26 16:17:16 2016 : Debug: (2085) suffix: Looking up realm "networks.com" for User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2085) suffix: No such realm "networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2085) modsingle[authorize]: returned from suffix (rlm_realm) for request 2085
Fri Aug 26 16:17:16 2016 : Debug: (2085) [suffix] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2085) modsingle[authorize]: calling eap (rlm_eap) for request 2085
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap: Peer sent EAP Response (code 2) ID 254 length 295
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap: Continuing tunnel setup
Fri Aug 26 16:17:16 2016 : Debug: (2085) modsingle[authorize]: returned from eap (rlm_eap) for request 2085
Fri Aug 26 16:17:16 2016 : Debug: (2085) [eap] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2085) } # authorize = ok
Fri Aug 26 16:17:16 2016 : Debug: (2085) Found Auth-Type = EAP
Fri Aug 26 16:17:16 2016 : Debug: (2085) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2085) authenticate {
Fri Aug 26 16:17:16 2016 : Debug: (2085) modsingle[authenticate]: calling eap (rlm_eap) for request 2085
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap: Expiring EAP session with state 0x8468d6d08596cf42
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap: Finished EAP session with state 0x8468d6d08596cf42
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap: Previous EAP request found for state 0x8468d6d08596cf42, released from the list
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap: Peer sent packet with method EAP PEAP (25)
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap: Calling submodule eap_peap to process data
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: Continuing EAP-TLS
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: Peer sent flags --L
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: Peer indicated complete TLS record size will be 285 bytes
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: Got complete TLS record (285 bytes)
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: [eaptls verify] = length included
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: (other): before/accept initialization
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: TLS_accept: before/accept initialization
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: <<< UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: <<< TLS 1.2 [length 0118]
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: TLS_accept: SSLv3 read client hello A
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: >>> UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: >>> TLS 1.2 [length 005e]
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: TLS_accept: SSLv3 write server hello A
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: >>> UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: >>> TLS 1.2 [length 08d3]
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: TLS_accept: SSLv3 write certificate A
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: >>> UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: >>> TLS 1.2 [length 014d]
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: TLS_accept: SSLv3 write key exchange A
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: >>> UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: >>> TLS 1.2 [length 0004]
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: TLS_accept: SSLv3 write server done A
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: TLS_accept: SSLv3 flush data
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: TLS_accept: SSLv3 read client certificate A
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: TLS_accept: Need to read more data: SSLv3 read client key exchange A
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: TLS_accept: Need to read more data: SSLv3 read client key exchange A
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: In SSL Handshake Phase
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: In SSL Accept mode
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap_peap: [eaptls process] = handled
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap: Sending EAP Request (code 1) ID 255 length 1004
Fri Aug 26 16:17:16 2016 : Debug: (2085) eap: EAP session adding &reply:State = 0x8468d6d08697cf42
Fri Aug 26 16:17:16 2016 : Debug: (2085) modsingle[authenticate]: returned from eap (rlm_eap) for request 2085
Fri Aug 26 16:17:16 2016 : Debug: (2085) [eap] = handled
Fri Aug 26 16:17:16 2016 : Debug: (2085) } # authenticate = handled
Fri Aug 26 16:17:16 2016 : Debug: (2085) Using Post-Auth-Type Challenge
Fri Aug 26 16:17:16 2016 : Debug: (2085) Post-Auth-Type sub-section not found. Ignoring.
Fri Aug 26 16:17:16 2016 : Debug: (2085) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2085) session-state: Nothing to cache
Fri Aug 26 16:17:16 2016 : Debug: (2085) Sent Access-Challenge Id 46 from 192.168.42.101:1812 to 192.168.42.103:56100 length 0
Fri Aug 26 16:17:16 2016 : Debug: (2085) EAP-Message = 0x01ff03ec19c000000a96160303005e0200005a0303e63e58f544c7356047fb35547fd6ebdbb5fd81a0954ad9ab09c1d6a5c70731732025beaa9d353fa6b8b0a2db475c960520eaac3a4be9e2c1b320cf7a924c3c2482c030000012ff01000100000b000403000102000f00010116030308d30b0008cf00
Fri Aug 26 16:17:16 2016 : Debug: (2085) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:17:16 2016 : Debug: (2085) State = 0x8468d6d08697cf4286ff6b75b100a9a2
Fri Aug 26 16:17:16 2016 : Debug: (2085) Proxy-State = 0x323131
Fri Aug 26 16:17:16 2016 : Debug: (2085) Proxy-State = 0x323435
Fri Aug 26 16:17:16 2016 : Debug: (2085) Finished request
Fri Aug 26 16:17:16 2016 : Debug: Waking up in 4.9 seconds.
Fri Aug 26 16:17:16 2016 : Debug: (2086) Received Access-Request Id 239 from 192.168.42.103:56100 to 192.168.42.101:1812 length 245
Fri Aug 26 16:17:16 2016 : Debug: (2086) User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2086) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2086) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:17:16 2016 : Debug: (2086) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:17:16 2016 : Debug: (2086) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:17:16 2016 : Debug: (2086) NAS-Port = 0
Fri Aug 26 16:17:16 2016 : Debug: (2086) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:17:16 2016 : Debug: (2086) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:17:16 2016 : Debug: (2086) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:17:16 2016 : Debug: (2086) Framed-MTU = 1400
Fri Aug 26 16:17:16 2016 : Debug: (2086) EAP-Message = 0x02ff00061900
Fri Aug 26 16:17:16 2016 : Debug: (2086) State = 0x8468d6d08697cf4286ff6b75b100a9a2
Fri Aug 26 16:17:16 2016 : Debug: (2086) Message-Authenticator = 0x6302318859133d3e07f47a363c1f76e4
Fri Aug 26 16:17:16 2016 : Debug: (2086) Event-Timestamp = "Aug 26 2016 16:17:16 CEST"
Fri Aug 26 16:17:16 2016 : Debug: (2086) Proxy-State = 0x323132
Fri Aug 26 16:17:16 2016 : Debug: (2086) NET-NodeID = "ndid-00000001"
Fri Aug 26 16:17:16 2016 : Debug: (2086) Proxy-State = 0x313334
Fri Aug 26 16:17:16 2016 : Debug: (2086) session-state: No cached attributes
Fri Aug 26 16:17:16 2016 : Debug: (2086) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2086) authorize {
Fri Aug 26 16:17:16 2016 : Debug: (2086) policy filter_username {
Fri Aug 26 16:17:16 2016 : Debug: (2086) if (!&User-Name) {
Fri Aug 26 16:17:16 2016 : Debug: (2086) if (!&User-Name) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2086) if (&User-Name =~ / /) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2086) if (&User-Name =~ / /) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2086) if (&User-Name =~ /@.*@/ ) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2086) if (&User-Name =~ /@.*@/ ) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2086) if (&User-Name =~ /\.\./ ) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2086) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2086) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 1 matches
Fri Aug 26 16:17:16 2016 : Debug: Clearing 1 matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 3 matches
Fri Aug 26 16:17:16 2016 : Debug: (2086) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2086) if (&User-Name =~ /\.$/) {
Fri Aug 26 16:17:16 2016 : Debug: Clearing 3 matches
Fri Aug 26 16:17:16 2016 : Debug: (2086) if (&User-Name =~ /\.$/) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2086) if (&User-Name =~ /@\./) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2086) if (&User-Name =~ /@\./) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2086) } # policy filter_username = notfound
Fri Aug 26 16:17:16 2016 : Debug: (2086) modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2086
Fri Aug 26 16:17:16 2016 : Debug: (2086) modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2086
Fri Aug 26 16:17:16 2016 : Debug: (2086) [preprocess] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2086) modsingle[authorize]: calling chap (rlm_chap) for request 2086
Fri Aug 26 16:17:16 2016 : Debug: (2086) modsingle[authorize]: returned from chap (rlm_chap) for request 2086
Fri Aug 26 16:17:16 2016 : Debug: (2086) [chap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2086) modsingle[authorize]: calling mschap (rlm_mschap) for request 2086
Fri Aug 26 16:17:16 2016 : Debug: (2086) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2086
Fri Aug 26 16:17:16 2016 : Debug: (2086) [mschap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2086) modsingle[authorize]: calling digest (rlm_digest) for request 2086
Fri Aug 26 16:17:16 2016 : Debug: (2086) modsingle[authorize]: returned from digest (rlm_digest) for request 2086
Fri Aug 26 16:17:16 2016 : Debug: (2086) [digest] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2086) modsingle[authorize]: calling suffix (rlm_realm) for request 2086
Fri Aug 26 16:17:16 2016 : Debug: (2086) suffix: Checking for suffix after "@"
Fri Aug 26 16:17:16 2016 : Debug: (2086) suffix: Looking up realm "networks.com" for User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2086) suffix: No such realm "networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2086) modsingle[authorize]: returned from suffix (rlm_realm) for request 2086
Fri Aug 26 16:17:16 2016 : Debug: (2086) [suffix] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2086) modsingle[authorize]: calling eap (rlm_eap) for request 2086
Fri Aug 26 16:17:16 2016 : Debug: (2086) eap: Peer sent EAP Response (code 2) ID 255 length 6
Fri Aug 26 16:17:16 2016 : Debug: (2086) eap: Continuing tunnel setup
Fri Aug 26 16:17:16 2016 : Debug: (2086) modsingle[authorize]: returned from eap (rlm_eap) for request 2086
Fri Aug 26 16:17:16 2016 : Debug: (2086) [eap] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2086) } # authorize = ok
Fri Aug 26 16:17:16 2016 : Debug: (2086) Found Auth-Type = EAP
Fri Aug 26 16:17:16 2016 : Debug: (2086) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2086) authenticate {
Fri Aug 26 16:17:16 2016 : Debug: (2086) modsingle[authenticate]: calling eap (rlm_eap) for request 2086
Fri Aug 26 16:17:16 2016 : Debug: (2086) eap: Expiring EAP session with state 0x8468d6d08697cf42
Fri Aug 26 16:17:16 2016 : Debug: (2086) eap: Finished EAP session with state 0x8468d6d08697cf42
Fri Aug 26 16:17:16 2016 : Debug: (2086) eap: Previous EAP request found for state 0x8468d6d08697cf42, released from the list
Fri Aug 26 16:17:16 2016 : Debug: (2086) eap: Peer sent packet with method EAP PEAP (25)
Fri Aug 26 16:17:16 2016 : Debug: (2086) eap: Calling submodule eap_peap to process data
Fri Aug 26 16:17:16 2016 : Debug: (2086) eap_peap: Continuing EAP-TLS
Fri Aug 26 16:17:16 2016 : Debug: (2086) eap_peap: Peer sent flags ---
Fri Aug 26 16:17:16 2016 : Debug: (2086) eap_peap: Peer ACKed our handshake fragment
Fri Aug 26 16:17:16 2016 : Debug: (2086) eap_peap: [eaptls verify] = request
Fri Aug 26 16:17:16 2016 : Debug: (2086) eap_peap: [eaptls process] = handled
Fri Aug 26 16:17:16 2016 : Debug: (2086) eap: Sending EAP Request (code 1) ID 0 length 1000
Fri Aug 26 16:17:16 2016 : Debug: (2086) eap: EAP session adding &reply:State = 0x8468d6d08768cf42
Fri Aug 26 16:17:16 2016 : Debug: (2086) modsingle[authenticate]: returned from eap (rlm_eap) for request 2086
Fri Aug 26 16:17:16 2016 : Debug: (2086) [eap] = handled
Fri Aug 26 16:17:16 2016 : Debug: (2086) } # authenticate = handled
Fri Aug 26 16:17:16 2016 : Debug: (2086) Using Post-Auth-Type Challenge
Fri Aug 26 16:17:16 2016 : Debug: (2086) Post-Auth-Type sub-section not found. Ignoring.
Fri Aug 26 16:17:16 2016 : Debug: (2086) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2086) session-state: Nothing to cache
Fri Aug 26 16:17:16 2016 : Debug: (2086) Sent Access-Challenge Id 239 from 192.168.42.101:1812 to 192.168.42.103:56100 length 0
Fri Aug 26 16:17:16 2016 : Debug: (2086) EAP-Message = 0x010003e819406e2c60847a14529a5f98e7f1bf52f2d26ec514453677352a8d68a5302b0361fe4a7e16c5647984b3f69dc5a2f30d1de20669ed19427408514d9cc5c87907b21503e44e9b8f8fdb08c2b76a59168ae1e46613f67abfac342e29b19c095fd044a369df5742aff224c7ec2c19d1ebaa0004e8
Fri Aug 26 16:17:16 2016 : Debug: (2086) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:17:16 2016 : Debug: (2086) State = 0x8468d6d08768cf4286ff6b75b100a9a2
Fri Aug 26 16:17:16 2016 : Debug: (2086) Proxy-State = 0x323132
Fri Aug 26 16:17:16 2016 : Debug: (2086) Proxy-State = 0x313334
Fri Aug 26 16:17:16 2016 : Debug: (2086) Finished request
Fri Aug 26 16:17:16 2016 : Debug: Waking up in 4.9 seconds.
Fri Aug 26 16:17:16 2016 : Debug: (2087) Received Access-Request Id 197 from 192.168.42.103:56100 to 192.168.42.101:1812 length 245
Fri Aug 26 16:17:16 2016 : Debug: (2087) User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2087) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2087) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:17:16 2016 : Debug: (2087) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:17:16 2016 : Debug: (2087) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:17:16 2016 : Debug: (2087) NAS-Port = 0
Fri Aug 26 16:17:16 2016 : Debug: (2087) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:17:16 2016 : Debug: (2087) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:17:16 2016 : Debug: (2087) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:17:16 2016 : Debug: (2087) Framed-MTU = 1400
Fri Aug 26 16:17:16 2016 : Debug: (2087) EAP-Message = 0x020000061900
Fri Aug 26 16:17:16 2016 : Debug: (2087) State = 0x8468d6d08768cf4286ff6b75b100a9a2
Fri Aug 26 16:17:16 2016 : Debug: (2087) Message-Authenticator = 0x74fae1dfaa1c5454f8a763bb7af6f664
Fri Aug 26 16:17:16 2016 : Debug: (2087) Event-Timestamp = "Aug 26 2016 16:17:16 CEST"
Fri Aug 26 16:17:16 2016 : Debug: (2087) Proxy-State = 0x323133
Fri Aug 26 16:17:16 2016 : Debug: (2087) NET-NodeID = "ndid-00000001"
Fri Aug 26 16:17:16 2016 : Debug: (2087) Proxy-State = 0x313730
Fri Aug 26 16:17:16 2016 : Debug: (2087) session-state: No cached attributes
Fri Aug 26 16:17:16 2016 : Debug: (2087) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2087) authorize {
Fri Aug 26 16:17:16 2016 : Debug: (2087) policy filter_username {
Fri Aug 26 16:17:16 2016 : Debug: (2087) if (!&User-Name) {
Fri Aug 26 16:17:16 2016 : Debug: (2087) if (!&User-Name) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2087) if (&User-Name =~ / /) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2087) if (&User-Name =~ / /) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2087) if (&User-Name =~ /@.*@/ ) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2087) if (&User-Name =~ /@.*@/ ) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2087) if (&User-Name =~ /\.\./ ) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2087) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2087) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 1 matches
Fri Aug 26 16:17:16 2016 : Debug: Clearing 1 matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 3 matches
Fri Aug 26 16:17:16 2016 : Debug: (2087) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2087) if (&User-Name =~ /\.$/) {
Fri Aug 26 16:17:16 2016 : Debug: Clearing 3 matches
Fri Aug 26 16:17:16 2016 : Debug: (2087) if (&User-Name =~ /\.$/) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2087) if (&User-Name =~ /@\./) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2087) if (&User-Name =~ /@\./) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2087) } # policy filter_username = notfound
Fri Aug 26 16:17:16 2016 : Debug: (2087) modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2087
Fri Aug 26 16:17:16 2016 : Debug: (2087) modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2087
Fri Aug 26 16:17:16 2016 : Debug: (2087) [preprocess] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2087) modsingle[authorize]: calling chap (rlm_chap) for request 2087
Fri Aug 26 16:17:16 2016 : Debug: (2087) modsingle[authorize]: returned from chap (rlm_chap) for request 2087
Fri Aug 26 16:17:16 2016 : Debug: (2087) [chap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2087) modsingle[authorize]: calling mschap (rlm_mschap) for request 2087
Fri Aug 26 16:17:16 2016 : Debug: (2087) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2087
Fri Aug 26 16:17:16 2016 : Debug: (2087) [mschap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2087) modsingle[authorize]: calling digest (rlm_digest) for request 2087
Fri Aug 26 16:17:16 2016 : Debug: (2087) modsingle[authorize]: returned from digest (rlm_digest) for request 2087
Fri Aug 26 16:17:16 2016 : Debug: (2087) [digest] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2087) modsingle[authorize]: calling suffix (rlm_realm) for request 2087
Fri Aug 26 16:17:16 2016 : Debug: (2087) suffix: Checking for suffix after "@"
Fri Aug 26 16:17:16 2016 : Debug: (2087) suffix: Looking up realm "networks.com" for User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2087) suffix: No such realm "networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2087) modsingle[authorize]: returned from suffix (rlm_realm) for request 2087
Fri Aug 26 16:17:16 2016 : Debug: (2087) [suffix] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2087) modsingle[authorize]: calling eap (rlm_eap) for request 2087
Fri Aug 26 16:17:16 2016 : Debug: (2087) eap: Peer sent EAP Response (code 2) ID 0 length 6
Fri Aug 26 16:17:16 2016 : Debug: (2087) eap: Continuing tunnel setup
Fri Aug 26 16:17:16 2016 : Debug: (2087) modsingle[authorize]: returned from eap (rlm_eap) for request 2087
Fri Aug 26 16:17:16 2016 : Debug: (2087) [eap] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2087) } # authorize = ok
Fri Aug 26 16:17:16 2016 : Debug: (2087) Found Auth-Type = EAP
Fri Aug 26 16:17:16 2016 : Debug: (2087) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2087) authenticate {
Fri Aug 26 16:17:16 2016 : Debug: (2087) modsingle[authenticate]: calling eap (rlm_eap) for request 2087
Fri Aug 26 16:17:16 2016 : Debug: (2087) eap: Expiring EAP session with state 0x8468d6d08768cf42
Fri Aug 26 16:17:16 2016 : Debug: (2087) eap: Finished EAP session with state 0x8468d6d08768cf42
Fri Aug 26 16:17:16 2016 : Debug: (2087) eap: Previous EAP request found for state 0x8468d6d08768cf42, released from the list
Fri Aug 26 16:17:16 2016 : Debug: (2087) eap: Peer sent packet with method EAP PEAP (25)
Fri Aug 26 16:17:16 2016 : Debug: (2087) eap: Calling submodule eap_peap to process data
Fri Aug 26 16:17:16 2016 : Debug: (2087) eap_peap: Continuing EAP-TLS
Fri Aug 26 16:17:16 2016 : Debug: (2087) eap_peap: Peer sent flags ---
Fri Aug 26 16:17:16 2016 : Debug: (2087) eap_peap: Peer ACKed our handshake fragment
Fri Aug 26 16:17:16 2016 : Debug: (2087) eap_peap: [eaptls verify] = request
Fri Aug 26 16:17:16 2016 : Debug: (2087) eap_peap: [eaptls process] = handled
Fri Aug 26 16:17:16 2016 : Debug: (2087) eap: Sending EAP Request (code 1) ID 1 length 728
Fri Aug 26 16:17:16 2016 : Debug: (2087) eap: EAP session adding &reply:State = 0x8468d6d08069cf42
Fri Aug 26 16:17:16 2016 : Debug: (2087) modsingle[authenticate]: returned from eap (rlm_eap) for request 2087
Fri Aug 26 16:17:16 2016 : Debug: (2087) [eap] = handled
Fri Aug 26 16:17:16 2016 : Debug: (2087) } # authenticate = handled
Fri Aug 26 16:17:16 2016 : Debug: (2087) Using Post-Auth-Type Challenge
Fri Aug 26 16:17:16 2016 : Debug: (2087) Post-Auth-Type sub-section not found. Ignoring.
Fri Aug 26 16:17:16 2016 : Debug: (2087) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2087) session-state: Nothing to cache
Fri Aug 26 16:17:16 2016 : Debug: (2087) Sent Access-Challenge Id 197 from 192.168.42.101:1812 to 192.168.42.103:56100 length 0
Fri Aug 26 16:17:16 2016 : Debug: (2087) EAP-Message = 0x010102d81900696361746520417574686f72697479820900c80c6a04cc34a5b8300f0603551d130101ff040530030101ff30360603551d1f042f302d302ba029a0278625687474703a2f2f7777772e6578616d706c652e6f72672f6578616d706c655f63612e63726c300d06092a864886f70d01010b05
Fri Aug 26 16:17:16 2016 : Debug: (2087) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:17:16 2016 : Debug: (2087) State = 0x8468d6d08069cf4286ff6b75b100a9a2
Fri Aug 26 16:17:16 2016 : Debug: (2087) Proxy-State = 0x323133
Fri Aug 26 16:17:16 2016 : Debug: (2087) Proxy-State = 0x313730
Fri Aug 26 16:17:16 2016 : Debug: (2087) Finished request
Fri Aug 26 16:17:16 2016 : Debug: Waking up in 4.9 seconds.
Fri Aug 26 16:17:16 2016 : Debug: (2088) Received Access-Request Id 95 from 192.168.42.103:56100 to 192.168.42.101:1812 length 374
Fri Aug 26 16:17:16 2016 : Debug: (2088) User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2088) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2088) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:17:16 2016 : Debug: (2088) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:17:16 2016 : Debug: (2088) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:17:16 2016 : Debug: (2088) NAS-Port = 0
Fri Aug 26 16:17:16 2016 : Debug: (2088) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:17:16 2016 : Debug: (2088) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:17:16 2016 : Debug: (2088) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:17:16 2016 : Debug: (2088) Framed-MTU = 1400
Fri Aug 26 16:17:16 2016 : Debug: (2088) EAP-Message = 0x0201008819800000007e16030300461000004241049d79e796dd4963c1dfa92f33d8d4428cd7a2e2f809920b967ceaa6b7ee7134eb7b24396afef69b07d2d7efb30303dfe61f739ad972ed7bd80f34767be1617953140303000101160303002825d9f4db4c92448a6f2baf4745b17e5866cb953fcadaf5
Fri Aug 26 16:17:16 2016 : Debug: (2088) State = 0x8468d6d08069cf4286ff6b75b100a9a2
Fri Aug 26 16:17:16 2016 : Debug: (2088) Message-Authenticator = 0xab3a60c920e2104c58f369ec9d3fc5df
Fri Aug 26 16:17:16 2016 : Debug: (2088) Event-Timestamp = "Aug 26 2016 16:17:16 CEST"
Fri Aug 26 16:17:16 2016 : Debug: (2088) Proxy-State = 0x323134
Fri Aug 26 16:17:16 2016 : Debug: (2088) NET-NodeID = "ndid-00000001"
Fri Aug 26 16:17:16 2016 : Debug: (2088) Proxy-State = 0x3337
Fri Aug 26 16:17:16 2016 : Debug: (2088) session-state: No cached attributes
Fri Aug 26 16:17:16 2016 : Debug: (2088) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2088) authorize {
Fri Aug 26 16:17:16 2016 : Debug: (2088) policy filter_username {
Fri Aug 26 16:17:16 2016 : Debug: (2088) if (!&User-Name) {
Fri Aug 26 16:17:16 2016 : Debug: (2088) if (!&User-Name) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2088) if (&User-Name =~ / /) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2088) if (&User-Name =~ / /) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2088) if (&User-Name =~ /@.*@/ ) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2088) if (&User-Name =~ /@.*@/ ) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2088) if (&User-Name =~ /\.\./ ) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2088) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2088) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 1 matches
Fri Aug 26 16:17:16 2016 : Debug: Clearing 1 matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 3 matches
Fri Aug 26 16:17:16 2016 : Debug: (2088) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2088) if (&User-Name =~ /\.$/) {
Fri Aug 26 16:17:16 2016 : Debug: Clearing 3 matches
Fri Aug 26 16:17:16 2016 : Debug: (2088) if (&User-Name =~ /\.$/) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2088) if (&User-Name =~ /@\./) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2088) if (&User-Name =~ /@\./) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2088) } # policy filter_username = notfound
Fri Aug 26 16:17:16 2016 : Debug: (2088) modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2088
Fri Aug 26 16:17:16 2016 : Debug: (2088) modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2088
Fri Aug 26 16:17:16 2016 : Debug: (2088) [preprocess] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2088) modsingle[authorize]: calling chap (rlm_chap) for request 2088
Fri Aug 26 16:17:16 2016 : Debug: (2088) modsingle[authorize]: returned from chap (rlm_chap) for request 2088
Fri Aug 26 16:17:16 2016 : Debug: (2088) [chap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2088) modsingle[authorize]: calling mschap (rlm_mschap) for request 2088
Fri Aug 26 16:17:16 2016 : Debug: (2088) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2088
Fri Aug 26 16:17:16 2016 : Debug: (2088) [mschap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2088) modsingle[authorize]: calling digest (rlm_digest) for request 2088
Fri Aug 26 16:17:16 2016 : Debug: (2088) modsingle[authorize]: returned from digest (rlm_digest) for request 2088
Fri Aug 26 16:17:16 2016 : Debug: (2088) [digest] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2088) modsingle[authorize]: calling suffix (rlm_realm) for request 2088
Fri Aug 26 16:17:16 2016 : Debug: (2088) suffix: Checking for suffix after "@"
Fri Aug 26 16:17:16 2016 : Debug: (2088) suffix: Looking up realm "networks.com" for User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2088) suffix: No such realm "networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2088) modsingle[authorize]: returned from suffix (rlm_realm) for request 2088
Fri Aug 26 16:17:16 2016 : Debug: (2088) [suffix] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2088) modsingle[authorize]: calling eap (rlm_eap) for request 2088
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap: Peer sent EAP Response (code 2) ID 1 length 136
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap: Continuing tunnel setup
Fri Aug 26 16:17:16 2016 : Debug: (2088) modsingle[authorize]: returned from eap (rlm_eap) for request 2088
Fri Aug 26 16:17:16 2016 : Debug: (2088) [eap] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2088) } # authorize = ok
Fri Aug 26 16:17:16 2016 : Debug: (2088) Found Auth-Type = EAP
Fri Aug 26 16:17:16 2016 : Debug: (2088) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2088) authenticate {
Fri Aug 26 16:17:16 2016 : Debug: (2088) modsingle[authenticate]: calling eap (rlm_eap) for request 2088
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap: Expiring EAP session with state 0x8468d6d08069cf42
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap: Finished EAP session with state 0x8468d6d08069cf42
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap: Previous EAP request found for state 0x8468d6d08069cf42, released from the list
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap: Peer sent packet with method EAP PEAP (25)
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap: Calling submodule eap_peap to process data
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: Continuing EAP-TLS
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: Peer sent flags --L
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: Peer indicated complete TLS record size will be 126 bytes
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: Got complete TLS record (126 bytes)
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: [eaptls verify] = length included
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: <<< UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: <<< TLS 1.2 [length 0046]
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: TLS_accept: SSLv3 read client key exchange A
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: TLS_accept: SSLv3 read certificate verify A
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: <<< UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: <<< TLS 1.2 [length 0001]
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: <<< UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: <<< TLS 1.2 [length 0010]
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: TLS_accept: SSLv3 read finished A
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: >>> UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: >>> TLS 1.2 [length 0001]
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: TLS_accept: SSLv3 write change cipher spec A
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: >>> UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: >>> TLS 1.2 [length 0010]
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: TLS_accept: SSLv3 write finished A
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: TLS_accept: SSLv3 flush data
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: (other): SSL negotiation finished successfully
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: SSL Connection Established
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap_peap: [eaptls process] = handled
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap: Sending EAP Request (code 1) ID 2 length 57
Fri Aug 26 16:17:16 2016 : Debug: (2088) eap: EAP session adding &reply:State = 0x8468d6d0816acf42
Fri Aug 26 16:17:16 2016 : Debug: (2088) modsingle[authenticate]: returned from eap (rlm_eap) for request 2088
Fri Aug 26 16:17:16 2016 : Debug: (2088) [eap] = handled
Fri Aug 26 16:17:16 2016 : Debug: (2088) } # authenticate = handled
Fri Aug 26 16:17:16 2016 : Debug: (2088) Using Post-Auth-Type Challenge
Fri Aug 26 16:17:16 2016 : Debug: (2088) Post-Auth-Type sub-section not found. Ignoring.
Fri Aug 26 16:17:16 2016 : Debug: (2088) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2088) session-state: Nothing to cache
Fri Aug 26 16:17:16 2016 : Debug: (2088) Sent Access-Challenge Id 95 from 192.168.42.101:1812 to 192.168.42.103:56100 length 0
Fri Aug 26 16:17:16 2016 : Debug: (2088) EAP-Message = 0x0102003919001403030001011603030028e484e1616c7c1fa6110af399432f2ed04a6c4ac72cb4401c71dc3d28600b7ed1aaf0837c190d2eb1
Fri Aug 26 16:17:16 2016 : Debug: (2088) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:17:16 2016 : Debug: (2088) State = 0x8468d6d0816acf4286ff6b75b100a9a2
Fri Aug 26 16:17:16 2016 : Debug: (2088) Proxy-State = 0x323134
Fri Aug 26 16:17:16 2016 : Debug: (2088) Proxy-State = 0x3337
Fri Aug 26 16:17:16 2016 : Debug: (2088) Finished request
Fri Aug 26 16:17:16 2016 : Debug: Waking up in 4.9 seconds.
Fri Aug 26 16:17:16 2016 : Debug: (2089) Received Access-Request Id 44 from 192.168.42.103:56100 to 192.168.42.101:1812 length 245
Fri Aug 26 16:17:16 2016 : Debug: (2089) User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2089) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2089) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:17:16 2016 : Debug: (2089) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:17:16 2016 : Debug: (2089) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:17:16 2016 : Debug: (2089) NAS-Port = 0
Fri Aug 26 16:17:16 2016 : Debug: (2089) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:17:16 2016 : Debug: (2089) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:17:16 2016 : Debug: (2089) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:17:16 2016 : Debug: (2089) Framed-MTU = 1400
Fri Aug 26 16:17:16 2016 : Debug: (2089) EAP-Message = 0x020200061900
Fri Aug 26 16:17:16 2016 : Debug: (2089) State = 0x8468d6d0816acf4286ff6b75b100a9a2
Fri Aug 26 16:17:16 2016 : Debug: (2089) Message-Authenticator = 0x66a0a7c20ca627330b83b6daac8de584
Fri Aug 26 16:17:16 2016 : Debug: (2089) Event-Timestamp = "Aug 26 2016 16:17:16 CEST"
Fri Aug 26 16:17:16 2016 : Debug: (2089) Proxy-State = 0x323135
Fri Aug 26 16:17:16 2016 : Debug: (2089) NET-NodeID = "ndid-00000001"
Fri Aug 26 16:17:16 2016 : Debug: (2089) Proxy-State = 0x323532
Fri Aug 26 16:17:16 2016 : Debug: (2089) session-state: No cached attributes
Fri Aug 26 16:17:16 2016 : Debug: (2089) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2089) authorize {
Fri Aug 26 16:17:16 2016 : Debug: (2089) policy filter_username {
Fri Aug 26 16:17:16 2016 : Debug: (2089) if (!&User-Name) {
Fri Aug 26 16:17:16 2016 : Debug: (2089) if (!&User-Name) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2089) if (&User-Name =~ / /) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2089) if (&User-Name =~ / /) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2089) if (&User-Name =~ /@.*@/ ) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2089) if (&User-Name =~ /@.*@/ ) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2089) if (&User-Name =~ /\.\./ ) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2089) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2089) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 1 matches
Fri Aug 26 16:17:16 2016 : Debug: Clearing 1 matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 3 matches
Fri Aug 26 16:17:16 2016 : Debug: (2089) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2089) if (&User-Name =~ /\.$/) {
Fri Aug 26 16:17:16 2016 : Debug: Clearing 3 matches
Fri Aug 26 16:17:16 2016 : Debug: (2089) if (&User-Name =~ /\.$/) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2089) if (&User-Name =~ /@\./) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2089) if (&User-Name =~ /@\./) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2089) } # policy filter_username = notfound
Fri Aug 26 16:17:16 2016 : Debug: (2089) modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2089
Fri Aug 26 16:17:16 2016 : Debug: (2089) modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2089
Fri Aug 26 16:17:16 2016 : Debug: (2089) [preprocess] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2089) modsingle[authorize]: calling chap (rlm_chap) for request 2089
Fri Aug 26 16:17:16 2016 : Debug: (2089) modsingle[authorize]: returned from chap (rlm_chap) for request 2089
Fri Aug 26 16:17:16 2016 : Debug: (2089) [chap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2089) modsingle[authorize]: calling mschap (rlm_mschap) for request 2089
Fri Aug 26 16:17:16 2016 : Debug: (2089) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2089
Fri Aug 26 16:17:16 2016 : Debug: (2089) [mschap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2089) modsingle[authorize]: calling digest (rlm_digest) for request 2089
Fri Aug 26 16:17:16 2016 : Debug: (2089) modsingle[authorize]: returned from digest (rlm_digest) for request 2089
Fri Aug 26 16:17:16 2016 : Debug: (2089) [digest] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2089) modsingle[authorize]: calling suffix (rlm_realm) for request 2089
Fri Aug 26 16:17:16 2016 : Debug: (2089) suffix: Checking for suffix after "@"
Fri Aug 26 16:17:16 2016 : Debug: (2089) suffix: Looking up realm "networks.com" for User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2089) suffix: No such realm "networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2089) modsingle[authorize]: returned from suffix (rlm_realm) for request 2089
Fri Aug 26 16:17:16 2016 : Debug: (2089) [suffix] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2089) modsingle[authorize]: calling eap (rlm_eap) for request 2089
Fri Aug 26 16:17:16 2016 : Debug: (2089) eap: Peer sent EAP Response (code 2) ID 2 length 6
Fri Aug 26 16:17:16 2016 : Debug: (2089) eap: Continuing tunnel setup
Fri Aug 26 16:17:16 2016 : Debug: (2089) modsingle[authorize]: returned from eap (rlm_eap) for request 2089
Fri Aug 26 16:17:16 2016 : Debug: (2089) [eap] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2089) } # authorize = ok
Fri Aug 26 16:17:16 2016 : Debug: (2089) Found Auth-Type = EAP
Fri Aug 26 16:17:16 2016 : Debug: (2089) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2089) authenticate {
Fri Aug 26 16:17:16 2016 : Debug: (2089) modsingle[authenticate]: calling eap (rlm_eap) for request 2089
Fri Aug 26 16:17:16 2016 : Debug: (2089) eap: Expiring EAP session with state 0x8468d6d0816acf42
Fri Aug 26 16:17:16 2016 : Debug: (2089) eap: Finished EAP session with state 0x8468d6d0816acf42
Fri Aug 26 16:17:16 2016 : Debug: (2089) eap: Previous EAP request found for state 0x8468d6d0816acf42, released from the list
Fri Aug 26 16:17:16 2016 : Debug: (2089) eap: Peer sent packet with method EAP PEAP (25)
Fri Aug 26 16:17:16 2016 : Debug: (2089) eap: Calling submodule eap_peap to process data
Fri Aug 26 16:17:16 2016 : Debug: (2089) eap_peap: Continuing EAP-TLS
Fri Aug 26 16:17:16 2016 : Debug: (2089) eap_peap: Peer sent flags ---
Fri Aug 26 16:17:16 2016 : Debug: (2089) eap_peap: Peer ACKed our handshake fragment. handshake is finished
Fri Aug 26 16:17:16 2016 : Debug: (2089) eap_peap: [eaptls verify] = success
Fri Aug 26 16:17:16 2016 : Debug: (2089) eap_peap: [eaptls process] = success
Fri Aug 26 16:17:16 2016 : Debug: (2089) eap_peap: Session established. Decoding tunneled attributes
Fri Aug 26 16:17:16 2016 : Debug: (2089) eap_peap: PEAP state TUNNEL ESTABLISHED
Fri Aug 26 16:17:16 2016 : Debug: >>> UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:17:16 2016 : Debug: (2089) eap: Sending EAP Request (code 1) ID 3 length 40
Fri Aug 26 16:17:16 2016 : Debug: (2089) eap: EAP session adding &reply:State = 0x8468d6d0826bcf42
Fri Aug 26 16:17:16 2016 : Debug: (2089) modsingle[authenticate]: returned from eap (rlm_eap) for request 2089
Fri Aug 26 16:17:16 2016 : Debug: (2089) [eap] = handled
Fri Aug 26 16:17:16 2016 : Debug: (2089) } # authenticate = handled
Fri Aug 26 16:17:16 2016 : Debug: (2089) Using Post-Auth-Type Challenge
Fri Aug 26 16:17:16 2016 : Debug: (2089) Post-Auth-Type sub-section not found. Ignoring.
Fri Aug 26 16:17:16 2016 : Debug: (2089) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2089) session-state: Nothing to cache
Fri Aug 26 16:17:16 2016 : Debug: (2089) Sent Access-Challenge Id 44 from 192.168.42.101:1812 to 192.168.42.103:56100 length 0
Fri Aug 26 16:17:16 2016 : Debug: (2089) EAP-Message = 0x010300281900170303001de484e1616c7c1fa7b3f82da4de3c49fb60bfce48f172606be2b1e3c5fe
Fri Aug 26 16:17:16 2016 : Debug: (2089) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:17:16 2016 : Debug: (2089) State = 0x8468d6d0826bcf4286ff6b75b100a9a2
Fri Aug 26 16:17:16 2016 : Debug: (2089) Proxy-State = 0x323135
Fri Aug 26 16:17:16 2016 : Debug: (2089) Proxy-State = 0x323532
Fri Aug 26 16:17:16 2016 : Debug: (2089) Finished request
Fri Aug 26 16:17:16 2016 : Debug: Waking up in 4.9 seconds.
Fri Aug 26 16:17:16 2016 : Debug: (2090) Received Access-Request Id 84 from 192.168.42.103:56100 to 192.168.42.101:1812 length 295
Fri Aug 26 16:17:16 2016 : Debug: (2090) User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2090) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2090) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:17:16 2016 : Debug: (2090) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:17:16 2016 : Debug: (2090) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:17:16 2016 : Debug: (2090) NAS-Port = 0
Fri Aug 26 16:17:16 2016 : Debug: (2090) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:17:16 2016 : Debug: (2090) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:17:16 2016 : Debug: (2090) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:17:16 2016 : Debug: (2090) Framed-MTU = 1400
Fri Aug 26 16:17:16 2016 : Debug: (2090) EAP-Message = 0x020300391900170303002e25d9f4db4c92448b8e252cc88dd58a167be74ae45fb5afee9f6e502c9e21539f1c681743724aa321c292d755037a
Fri Aug 26 16:17:16 2016 : Debug: (2090) State = 0x8468d6d0826bcf4286ff6b75b100a9a2
Fri Aug 26 16:17:16 2016 : Debug: (2090) Message-Authenticator = 0x003cf21ade4faf96c7ed16e26ee03f0a
Fri Aug 26 16:17:16 2016 : Debug: (2090) Event-Timestamp = "Aug 26 2016 16:17:16 CEST"
Fri Aug 26 16:17:16 2016 : Debug: (2090) Proxy-State = 0x323136
Fri Aug 26 16:17:16 2016 : Debug: (2090) NET-NodeID = "ndid-00000001"
Fri Aug 26 16:17:16 2016 : Debug: (2090) Proxy-State = 0x3636
Fri Aug 26 16:17:16 2016 : Debug: (2090) session-state: No cached attributes
Fri Aug 26 16:17:16 2016 : Debug: (2090) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2090) authorize {
Fri Aug 26 16:17:16 2016 : Debug: (2090) policy filter_username {
Fri Aug 26 16:17:16 2016 : Debug: (2090) if (!&User-Name) {
Fri Aug 26 16:17:16 2016 : Debug: (2090) if (!&User-Name) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2090) if (&User-Name =~ / /) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2090) if (&User-Name =~ / /) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2090) if (&User-Name =~ /@.*@/ ) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2090) if (&User-Name =~ /@.*@/ ) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2090) if (&User-Name =~ /\.\./ ) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2090) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2090) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 1 matches
Fri Aug 26 16:17:16 2016 : Debug: Clearing 1 matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 3 matches
Fri Aug 26 16:17:16 2016 : Debug: (2090) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2090) if (&User-Name =~ /\.$/) {
Fri Aug 26 16:17:16 2016 : Debug: Clearing 3 matches
Fri Aug 26 16:17:16 2016 : Debug: (2090) if (&User-Name =~ /\.$/) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2090) if (&User-Name =~ /@\./) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2090) if (&User-Name =~ /@\./) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2090) } # policy filter_username = notfound
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) [preprocess] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authorize]: calling chap (rlm_chap) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authorize]: returned from chap (rlm_chap) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) [chap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authorize]: calling mschap (rlm_mschap) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) [mschap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authorize]: calling digest (rlm_digest) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authorize]: returned from digest (rlm_digest) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) [digest] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authorize]: calling suffix (rlm_realm) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) suffix: Checking for suffix after "@"
Fri Aug 26 16:17:16 2016 : Debug: (2090) suffix: Looking up realm "networks.com" for User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2090) suffix: No such realm "networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authorize]: returned from suffix (rlm_realm) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) [suffix] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authorize]: calling eap (rlm_eap) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap: Peer sent EAP Response (code 2) ID 3 length 57
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap: Continuing tunnel setup
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authorize]: returned from eap (rlm_eap) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) [eap] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2090) } # authorize = ok
Fri Aug 26 16:17:16 2016 : Debug: (2090) Found Auth-Type = EAP
Fri Aug 26 16:17:16 2016 : Debug: (2090) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2090) authenticate {
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authenticate]: calling eap (rlm_eap) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap: Expiring EAP session with state 0x8468d6d0826bcf42
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap: Finished EAP session with state 0x8468d6d0826bcf42
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap: Previous EAP request found for state 0x8468d6d0826bcf42, released from the list
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap: Peer sent packet with method EAP PEAP (25)
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap: Calling submodule eap_peap to process data
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: Continuing EAP-TLS
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: Peer sent flags ---
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: [eaptls verify] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: Done initial handshake
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: <<< UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: [eaptls process] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: Session established. Decoding tunneled attributes
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: PEAP state WAITING FOR INNER IDENTITY
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: Identity - test at networks.com
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: Got inner identity 'test at networks.com'
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: Setting default EAP type for tunneled EAP session
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: Got tunneled request
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: EAP-Message = 0x0203001a01746573744062796f2d6e6574776f726b732e636f6d
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: Setting User-Name to test at networks.com
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: Sending tunneled request to inner-tunnel
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: EAP-Message = 0x0203001a01746573744062796f2d6e6574776f726b732e636f6d
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: NAS-Identifier = "ap.example.com"
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: NAS-Port = 0
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: Framed-MTU = 1400
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: Event-Timestamp = "Aug 26 2016 16:17:16 CEST"
Fri Aug 26 16:17:16 2016 : Debug: (2090) Virtual server inner-tunnel received request
Fri Aug 26 16:17:16 2016 : Debug: (2090) EAP-Message = 0x0203001a01746573744062796f2d6e6574776f726b732e636f6d
Fri Aug 26 16:17:16 2016 : Debug: (2090) FreeRADIUS-Proxied-To = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2090) User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2090) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2090) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:17:16 2016 : Debug: (2090) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:17:16 2016 : Debug: (2090) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:17:16 2016 : Debug: (2090) NAS-Port = 0
Fri Aug 26 16:17:16 2016 : Debug: (2090) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:17:16 2016 : Debug: (2090) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:17:16 2016 : Debug: (2090) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:17:16 2016 : Debug: (2090) Framed-MTU = 1400
Fri Aug 26 16:17:16 2016 : Debug: (2090) Event-Timestamp = "Aug 26 2016 16:17:16 CEST"
Fri Aug 26 16:17:16 2016 : Debug: (2090) server inner-tunnel {
Fri Aug 26 16:17:16 2016 : Debug: (2090) session-state: No State attribute
Fri Aug 26 16:17:16 2016 : Debug: (2090) # Executing section authorize from file /etc/raddb/sites-enabled/inner-tunnel
Fri Aug 26 16:17:16 2016 : Debug: (2090) authorize {
Fri Aug 26 16:17:16 2016 : Debug: (2090) policy split_username_nai {
Fri Aug 26 16:17:16 2016 : Debug: (2090) if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 4 matches
Fri Aug 26 16:17:16 2016 : Debug: (2090) if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) -> TRUE
Fri Aug 26 16:17:16 2016 : Debug: (2090) if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) {
Fri Aug 26 16:17:16 2016 : Debug: (2090) update request {
Fri Aug 26 16:17:16 2016 : Debug: (2090) 1/4 Found: test (5)
Fri Aug 26 16:17:16 2016 : Debug: (2090) EXPAND %{1}
Fri Aug 26 16:17:16 2016 : Debug: (2090) --> test
Fri Aug 26 16:17:16 2016 : Debug: (2090) &Stripped-User-Name := test
Fri Aug 26 16:17:16 2016 : Debug: (2090) 3/4 Found: networks.com (17)
Fri Aug 26 16:17:16 2016 : Debug: (2090) EXPAND %{3}
Fri Aug 26 16:17:16 2016 : Debug: (2090) --> networks.com
Fri Aug 26 16:17:16 2016 : Debug: (2090) &Stripped-User-Domain = networks.com
Fri Aug 26 16:17:16 2016 : Debug: (2090) } # update request = noop
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authorize]: calling updated (rlm_always) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authorize]: returned from updated (rlm_always) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) [updated] = updated
Fri Aug 26 16:17:16 2016 : Debug: (2090) } # if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) = updated
Fri Aug 26 16:17:16 2016 : Debug: (2090) ... skipping else for request 2090: Preceding "if" was taken
Fri Aug 26 16:17:16 2016 : Debug: (2090) } # policy split_username_nai = updated
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authorize]: calling chap (rlm_chap) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authorize]: returned from chap (rlm_chap) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) [chap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authorize]: calling mschap (rlm_mschap) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) [mschap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authorize]: calling suffix (rlm_realm) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) suffix: Checking for suffix after "@"
Fri Aug 26 16:17:16 2016 : Debug: (2090) suffix: No '@' in User-Name = "test", looking up realm NULL
Fri Aug 26 16:17:16 2016 : Debug: (2090) suffix: No such realm "NULL"
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authorize]: returned from suffix (rlm_realm) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) [suffix] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2090) update control {
Fri Aug 26 16:17:16 2016 : Debug: (2090) &Proxy-To-Realm := LOCAL
Fri Aug 26 16:17:16 2016 : Debug: (2090) } # update control = noop
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authorize]: calling eap (rlm_eap) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap: Peer sent EAP Response (code 2) ID 3 length 26
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap: EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authorize]: returned from eap (rlm_eap) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) [eap] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2090) } # authorize = ok
Fri Aug 26 16:17:16 2016 : Debug: (2090) Found Auth-Type = EAP
Fri Aug 26 16:17:16 2016 : Debug: (2090) # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
Fri Aug 26 16:17:16 2016 : Debug: (2090) authenticate {
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authenticate]: calling eap (rlm_eap) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap: Peer sent packet with method EAP Identity (1)
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap: Calling submodule eap_mschapv2 to process data
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_mschapv2: Issuing Challenge
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap: Sending EAP Request (code 1) ID 4 length 43
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap: EAP session adding &reply:State = 0xba9f6fe0ba9b75b8
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authenticate]: returned from eap (rlm_eap) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) [eap] = handled
Fri Aug 26 16:17:16 2016 : Debug: (2090) } # authenticate = handled
Fri Aug 26 16:17:16 2016 : Debug: (2090) } # server inner-tunnel
Fri Aug 26 16:17:16 2016 : Debug: (2090) Virtual server sending reply
Fri Aug 26 16:17:16 2016 : Debug: (2090) EAP-Message = 0x0104002b1a0104002610892739deb65194114e2a3a6ed357a300667265657261646975732d332e302e3130
Fri Aug 26 16:17:16 2016 : Debug: (2090) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:17:16 2016 : Debug: (2090) State = 0xba9f6fe0ba9b75b80de2cb7151dfa767
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: Got tunneled reply code 11
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: EAP-Message = 0x0104002b1a0104002610892739deb65194114e2a3a6ed357a300667265657261646975732d332e302e3130
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: State = 0xba9f6fe0ba9b75b80de2cb7151dfa767
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: Got tunneled reply RADIUS code 11
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: EAP-Message = 0x0104002b1a0104002610892739deb65194114e2a3a6ed357a300667265657261646975732d332e302e3130
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: State = 0xba9f6fe0ba9b75b80de2cb7151dfa767
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap_peap: Got tunneled Access-Challenge
Fri Aug 26 16:17:16 2016 : Debug: >>> UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap: Sending EAP Request (code 1) ID 4 length 74
Fri Aug 26 16:17:16 2016 : Debug: (2090) eap: EAP session adding &reply:State = 0x8468d6d0836ccf42
Fri Aug 26 16:17:16 2016 : Debug: (2090) modsingle[authenticate]: returned from eap (rlm_eap) for request 2090
Fri Aug 26 16:17:16 2016 : Debug: (2090) [eap] = handled
Fri Aug 26 16:17:16 2016 : Debug: (2090) } # authenticate = handled
Fri Aug 26 16:17:16 2016 : Debug: (2090) Using Post-Auth-Type Challenge
Fri Aug 26 16:17:16 2016 : Debug: (2090) Post-Auth-Type sub-section not found. Ignoring.
Fri Aug 26 16:17:16 2016 : Debug: (2090) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2090) session-state: Nothing to cache
Fri Aug 26 16:17:16 2016 : Debug: (2090) Sent Access-Challenge Id 84 from 192.168.42.101:1812 to 192.168.42.103:56100 length 0
Fri Aug 26 16:17:16 2016 : Debug: (2090) EAP-Message = 0x0104004a1900170303003fe484e1616c7c1fa89fb11aac266784eaf075131f779029fcc336d243d723861d418d3431a1bd1560253162cdf44ce4b1b5b45b14eaed55f587d47ef523d2f7
Fri Aug 26 16:17:16 2016 : Debug: (2090) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:17:16 2016 : Debug: (2090) State = 0x8468d6d0836ccf4286ff6b75b100a9a2
Fri Aug 26 16:17:16 2016 : Debug: (2090) Proxy-State = 0x323136
Fri Aug 26 16:17:16 2016 : Debug: (2090) Proxy-State = 0x3636
Fri Aug 26 16:17:16 2016 : Debug: (2090) Finished request
Fri Aug 26 16:17:16 2016 : Debug: Waking up in 4.9 seconds.
Fri Aug 26 16:17:16 2016 : Debug: (2091) Received Access-Request Id 64 from 192.168.42.103:56100 to 192.168.42.101:1812 length 350
Fri Aug 26 16:17:16 2016 : Debug: (2091) User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2091) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2091) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:17:16 2016 : Debug: (2091) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:17:16 2016 : Debug: (2091) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:17:16 2016 : Debug: (2091) NAS-Port = 0
Fri Aug 26 16:17:16 2016 : Debug: (2091) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:17:16 2016 : Debug: (2091) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:17:16 2016 : Debug: (2091) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:17:16 2016 : Debug: (2091) Framed-MTU = 1400
Fri Aug 26 16:17:16 2016 : Debug: (2091) EAP-Message = 0x0204006f1900170303006425d9f4db4c92448c4978a882cc4117aaee855e4a3db57deedf019adeb84c85c534d02eab5ce36a728740c4f0827641b009b64878377029868c41c2e1aebf71a3e68cd8a3f0fca7e5f0328df777cea4985acc5f909e8abeba6600e65e16e2c56317f64618
Fri Aug 26 16:17:16 2016 : Debug: (2091) State = 0x8468d6d0836ccf4286ff6b75b100a9a2
Fri Aug 26 16:17:16 2016 : Debug: (2091) Message-Authenticator = 0xbd2ff7000bb27589ed251ad137457191
Fri Aug 26 16:17:16 2016 : Debug: (2091) Event-Timestamp = "Aug 26 2016 16:17:16 CEST"
Fri Aug 26 16:17:16 2016 : Debug: (2091) Proxy-State = 0x323137
Fri Aug 26 16:17:16 2016 : Debug: (2091) NET-NodeID = "ndid-00000001"
Fri Aug 26 16:17:16 2016 : Debug: (2091) Proxy-State = 0x313836
Fri Aug 26 16:17:16 2016 : Debug: (2091) session-state: No cached attributes
Fri Aug 26 16:17:16 2016 : Debug: (2091) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2091) authorize {
Fri Aug 26 16:17:16 2016 : Debug: (2091) policy filter_username {
Fri Aug 26 16:17:16 2016 : Debug: (2091) if (!&User-Name) {
Fri Aug 26 16:17:16 2016 : Debug: (2091) if (!&User-Name) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2091) if (&User-Name =~ / /) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2091) if (&User-Name =~ / /) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2091) if (&User-Name =~ /@.*@/ ) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2091) if (&User-Name =~ /@.*@/ ) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2091) if (&User-Name =~ /\.\./ ) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2091) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2091) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 1 matches
Fri Aug 26 16:17:16 2016 : Debug: Clearing 1 matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 3 matches
Fri Aug 26 16:17:16 2016 : Debug: (2091) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2091) if (&User-Name =~ /\.$/) {
Fri Aug 26 16:17:16 2016 : Debug: Clearing 3 matches
Fri Aug 26 16:17:16 2016 : Debug: (2091) if (&User-Name =~ /\.$/) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2091) if (&User-Name =~ /@\./) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2091) if (&User-Name =~ /@\./) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2091) } # policy filter_username = notfound
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) [preprocess] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: calling chap (rlm_chap) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: returned from chap (rlm_chap) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) [chap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: calling mschap (rlm_mschap) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) [mschap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: calling digest (rlm_digest) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: returned from digest (rlm_digest) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) [digest] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: calling suffix (rlm_realm) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) suffix: Checking for suffix after "@"
Fri Aug 26 16:17:16 2016 : Debug: (2091) suffix: Looking up realm "networks.com" for User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2091) suffix: No such realm "networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: returned from suffix (rlm_realm) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) [suffix] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: calling eap (rlm_eap) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap: Peer sent EAP Response (code 2) ID 4 length 111
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap: Continuing tunnel setup
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: returned from eap (rlm_eap) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) [eap] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2091) } # authorize = ok
Fri Aug 26 16:17:16 2016 : Debug: (2091) Found Auth-Type = EAP
Fri Aug 26 16:17:16 2016 : Debug: (2091) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2091) authenticate {
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authenticate]: calling eap (rlm_eap) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap: Expiring EAP session with state 0xba9f6fe0ba9b75b8
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap: Finished EAP session with state 0x8468d6d0836ccf42
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap: Previous EAP request found for state 0x8468d6d0836ccf42, released from the list
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap: Peer sent packet with method EAP PEAP (25)
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap: Calling submodule eap_peap to process data
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: Continuing EAP-TLS
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: Peer sent flags ---
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: [eaptls verify] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: Done initial handshake
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: <<< UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: [eaptls process] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: Session established. Decoding tunneled attributes
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: PEAP state phase2
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: EAP method MSCHAPv2 (26)
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: Got tunneled request
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: EAP-Message = 0x020400501a0204004b310844f44d16c85ddd8864f81974e72c3900000000000000001dc0ba3112ced7dcdc469ab1a4804cf8fd20324e59ec143100746573744062796f2d6e6574776f726b732e636f6d
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: Setting User-Name to test at networks.com
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: Sending tunneled request to inner-tunnel
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: EAP-Message = 0x020400501a0204004b310844f44d16c85ddd8864f81974e72c3900000000000000001dc0ba3112ced7dcdc469ab1a4804cf8fd20324e59ec143100746573744062796f2d6e6574776f726b732e636f6d
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: State = 0xba9f6fe0ba9b75b80de2cb7151dfa767
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: NAS-Identifier = "ap.example.com"
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: NAS-Port = 0
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: Framed-MTU = 1400
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: Event-Timestamp = "Aug 26 2016 16:17:16 CEST"
Fri Aug 26 16:17:16 2016 : Debug: (2091) Virtual server inner-tunnel received request
Fri Aug 26 16:17:16 2016 : Debug: (2091) EAP-Message = 0x020400501a0204004b310844f44d16c85ddd8864f81974e72c3900000000000000001dc0ba3112ced7dcdc469ab1a4804cf8fd20324e59ec143100746573744062796f2d6e6574776f726b732e636f6d
Fri Aug 26 16:17:16 2016 : Debug: (2091) FreeRADIUS-Proxied-To = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2091) User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2091) State = 0xba9f6fe0ba9b75b80de2cb7151dfa767
Fri Aug 26 16:17:16 2016 : Debug: (2091) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2091) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:17:16 2016 : Debug: (2091) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:17:16 2016 : Debug: (2091) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:17:16 2016 : Debug: (2091) NAS-Port = 0
Fri Aug 26 16:17:16 2016 : Debug: (2091) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:17:16 2016 : Debug: (2091) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:17:16 2016 : Debug: (2091) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:17:16 2016 : Debug: (2091) Framed-MTU = 1400
Fri Aug 26 16:17:16 2016 : Debug: (2091) Event-Timestamp = "Aug 26 2016 16:17:16 CEST"
Fri Aug 26 16:17:16 2016 : Debug: (2091) server inner-tunnel {
Fri Aug 26 16:17:16 2016 : Debug: (2091) session-state: No cached attributes
Fri Aug 26 16:17:16 2016 : Debug: (2091) # Executing section authorize from file /etc/raddb/sites-enabled/inner-tunnel
Fri Aug 26 16:17:16 2016 : Debug: (2091) authorize {
Fri Aug 26 16:17:16 2016 : Debug: (2091) policy split_username_nai {
Fri Aug 26 16:17:16 2016 : Debug: (2091) if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 4 matches
Fri Aug 26 16:17:16 2016 : Debug: (2091) if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) -> TRUE
Fri Aug 26 16:17:16 2016 : Debug: (2091) if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) {
Fri Aug 26 16:17:16 2016 : Debug: (2091) update request {
Fri Aug 26 16:17:16 2016 : Debug: (2091) 1/4 Found: test (5)
Fri Aug 26 16:17:16 2016 : Debug: (2091) EXPAND %{1}
Fri Aug 26 16:17:16 2016 : Debug: (2091) --> test
Fri Aug 26 16:17:16 2016 : Debug: (2091) &Stripped-User-Name := test
Fri Aug 26 16:17:16 2016 : Debug: (2091) 3/4 Found: networks.com (17)
Fri Aug 26 16:17:16 2016 : Debug: (2091) EXPAND %{3}
Fri Aug 26 16:17:16 2016 : Debug: (2091) --> networks.com
Fri Aug 26 16:17:16 2016 : Debug: (2091) &Stripped-User-Domain = networks.com
Fri Aug 26 16:17:16 2016 : Debug: (2091) } # update request = noop
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: calling updated (rlm_always) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: returned from updated (rlm_always) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) [updated] = updated
Fri Aug 26 16:17:16 2016 : Debug: (2091) } # if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) = updated
Fri Aug 26 16:17:16 2016 : Debug: (2091) ... skipping else for request 2091: Preceding "if" was taken
Fri Aug 26 16:17:16 2016 : Debug: (2091) } # policy split_username_nai = updated
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: calling chap (rlm_chap) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: returned from chap (rlm_chap) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) [chap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: calling mschap (rlm_mschap) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) [mschap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: calling suffix (rlm_realm) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) suffix: Checking for suffix after "@"
Fri Aug 26 16:17:16 2016 : Debug: (2091) suffix: No '@' in User-Name = "test", looking up realm NULL
Fri Aug 26 16:17:16 2016 : Debug: (2091) suffix: No such realm "NULL"
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: returned from suffix (rlm_realm) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) [suffix] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2091) update control {
Fri Aug 26 16:17:16 2016 : Debug: (2091) &Proxy-To-Realm := LOCAL
Fri Aug 26 16:17:16 2016 : Debug: (2091) } # update control = noop
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: calling eap (rlm_eap) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap: Peer sent EAP Response (code 2) ID 4 length 80
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap: No EAP Start, assuming it's an on-going EAP conversation
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: returned from eap (rlm_eap) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) [eap] = updated
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: calling files (rlm_files) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: returned from files (rlm_files) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) [files] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: calling ldap (rlm_ldap) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: rlm_ldap (ldap): Reserved connection (248)
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: EXPAND TMPL XLAT
Fri Aug 26 16:17:16 2016 : Debug: (uid=%{%{Stripped-User-Name}:-%{User-Name}})
Fri Aug 26 16:17:16 2016 : Debug: Parsed xlat tree:
Fri Aug 26 16:17:16 2016 : Debug: literal --> (uid=
Fri Aug 26 16:17:16 2016 : Debug: if {
Fri Aug 26 16:17:16 2016 : Debug: attribute --> Stripped-User-Name
Fri Aug 26 16:17:16 2016 : Debug: }
Fri Aug 26 16:17:16 2016 : Debug: else {
Fri Aug 26 16:17:16 2016 : Debug: attribute --> User-Name
Fri Aug 26 16:17:16 2016 : Debug: }
Fri Aug 26 16:17:16 2016 : Debug: literal --> )
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: --> (uid=test)
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: Performing search in "uid=lakc192e,ou=auth_servers,tnid=ukjprwp3,ou=tenants,dc=netos" with filter "(uid=test)", scope "sub"
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: Waiting for search result...
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: User object found at DN "uid=test,ou=People,uid=lakc192e,ou=auth_servers,tnid=ukjprwp3,ou=tenants,dc=netos"
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: Processing user attributes
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: Attribute "userPassword" not found in LDAP object
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: control:NT-Password := 0x3345363738423236364431443434394535333145393242454333334236443237
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: control:LM-Password := 0x3244353534353037374437423744324143434639313535453345374442343533
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: control:NET-NodeID += 'ndid-00000002'
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: Attribute "radiusTunnelType" not found in LDAP object
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: Attribute "radiusTunnelMediumType" not found in LDAP object
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: Attribute "radiusTunnelPrivategroupId" not found in LDAP object
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: reply:NET-SubnetID := 'snid-00000001'
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: Attribute "radiusControlAttribute" not found in LDAP object
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: Attribute "radiusRequestAttribute" not found in LDAP object
Fri Aug 26 16:17:16 2016 : Debug: (2091) ldap: Attribute "radiusReplyAttribute" not found in LDAP object
Fri Aug 26 16:17:16 2016 : Debug: rlm_ldap (ldap): Released connection (248)
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: returned from ldap (rlm_ldap) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) [ldap] = updated
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: calling expiration (rlm_expiration) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: returned from expiration (rlm_expiration) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) [expiration] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: calling logintime (rlm_logintime) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: returned from logintime (rlm_logintime) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) [logintime] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: calling pap (rlm_pap) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) pap: Normalizing NT-Password from hex encoding, 32 bytes -> 16 bytes
Fri Aug 26 16:17:16 2016 : Debug: (2091) pap: Normalizing LM-Password from hex encoding, 32 bytes -> 16 bytes
Fri Aug 26 16:17:16 2016 : WARNING: (2091) pap: Auth-Type already set. Not setting to PAP
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authorize]: returned from pap (rlm_pap) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) [pap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2091) } # authorize = updated
Fri Aug 26 16:17:16 2016 : Debug: (2091) Found Auth-Type = EAP
Fri Aug 26 16:17:16 2016 : Debug: (2091) # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
Fri Aug 26 16:17:16 2016 : Debug: (2091) authenticate {
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authenticate]: calling eap (rlm_eap) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap: Expiring EAP session with state 0xba9f6fe0ba9b75b8
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap: Finished EAP session with state 0xba9f6fe0ba9b75b8
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap: Previous EAP request found for state 0xba9f6fe0ba9b75b8, released from the list
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap: Peer sent packet with method EAP MSCHAPv2 (26)
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap: Calling submodule eap_mschapv2 to process data
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_mschapv2: # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_mschapv2: Auth-Type MS-CHAP {
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_mschapv2: modsingle[authenticate]: calling mschap (rlm_mschap) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) mschap: Found NT-Password
Fri Aug 26 16:17:16 2016 : Debug: (2091) mschap: Found LM-Password
Fri Aug 26 16:17:16 2016 : Debug: (2091) mschap: Creating challenge hash with username: test at networks.com
Fri Aug 26 16:17:16 2016 : Debug: (2091) mschap: Client is using MS-CHAPv2
Fri Aug 26 16:17:16 2016 : Debug: (2091) mschap: Adding MS-CHAPv2 MPPE keys
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authenticate]: returned from mschap (rlm_mschap) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) [mschap] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2091) } # Auth-Type MS-CHAP = ok
Fri Aug 26 16:17:16 2016 : Debug: (2091) MSCHAP Success
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap: Sending EAP Request (code 1) ID 5 length 51
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap: EAP session adding &reply:State = 0xba9f6fe0bb9a75b8
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authenticate]: returned from eap (rlm_eap) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) [eap] = handled
Fri Aug 26 16:17:16 2016 : Debug: (2091) } # authenticate = handled
Fri Aug 26 16:17:16 2016 : Debug: (2091) } # server inner-tunnel
Fri Aug 26 16:17:16 2016 : Debug: (2091) Virtual server sending reply
Fri Aug 26 16:17:16 2016 : Debug: (2091) NET-SubnetID := "snid-00000001"
Fri Aug 26 16:17:16 2016 : Debug: (2091) EAP-Message = 0x010500331a0304002e533d41394146323034333043314539394634443137333246463133373634314430414436413231323342
Fri Aug 26 16:17:16 2016 : Debug: (2091) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:17:16 2016 : Debug: (2091) State = 0xba9f6fe0bb9a75b80de2cb7151dfa767
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: Got tunneled reply code 11
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: NET-SubnetID := "snid-00000001"
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: EAP-Message = 0x010500331a0304002e533d41394146323034333043314539394634443137333246463133373634314430414436413231323342
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: State = 0xba9f6fe0bb9a75b80de2cb7151dfa767
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: Got tunneled reply RADIUS code 11
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: NET-SubnetID := "snid-00000001"
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: EAP-Message = 0x010500331a0304002e533d41394146323034333043314539394634443137333246463133373634314430414436413231323342
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: State = 0xba9f6fe0bb9a75b80de2cb7151dfa767
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap_peap: Got tunneled Access-Challenge
Fri Aug 26 16:17:16 2016 : Debug: >>> UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap: Sending EAP Request (code 1) ID 5 length 82
Fri Aug 26 16:17:16 2016 : Debug: (2091) eap: EAP session adding &reply:State = 0x8468d6d08c6dcf42
Fri Aug 26 16:17:16 2016 : Debug: (2091) modsingle[authenticate]: returned from eap (rlm_eap) for request 2091
Fri Aug 26 16:17:16 2016 : Debug: (2091) [eap] = handled
Fri Aug 26 16:17:16 2016 : Debug: (2091) } # authenticate = handled
Fri Aug 26 16:17:16 2016 : Debug: (2091) Using Post-Auth-Type Challenge
Fri Aug 26 16:17:16 2016 : Debug: (2091) Post-Auth-Type sub-section not found. Ignoring.
Fri Aug 26 16:17:16 2016 : Debug: (2091) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2091) session-state: Nothing to cache
Fri Aug 26 16:17:16 2016 : Debug: (2091) Sent Access-Challenge Id 64 from 192.168.42.101:1812 to 192.168.42.103:56100 length 0
Fri Aug 26 16:17:16 2016 : Debug: (2091) EAP-Message = 0x0105005219001703030047e484e1616c7c1fa911d09d3bd9d73db2a069903f8a58af2c3768584376d1a67cd6cea611d6ea86b4f26215164711f30ead0bec73e6ccc58406149ebb6f9c9990036d8a779f6bef
Fri Aug 26 16:17:16 2016 : Debug: (2091) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:17:16 2016 : Debug: (2091) State = 0x8468d6d08c6dcf4286ff6b75b100a9a2
Fri Aug 26 16:17:16 2016 : Debug: (2091) Proxy-State = 0x323137
Fri Aug 26 16:17:16 2016 : Debug: (2091) Proxy-State = 0x313836
Fri Aug 26 16:17:16 2016 : Debug: (2091) Finished request
Fri Aug 26 16:17:16 2016 : Debug: Waking up in 4.9 seconds.
Fri Aug 26 16:17:16 2016 : Debug: (2092) Received Access-Request Id 120 from 192.168.42.103:56100 to 192.168.42.101:1812 length 276
Fri Aug 26 16:17:16 2016 : Debug: (2092) User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2092) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2092) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:17:16 2016 : Debug: (2092) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:17:16 2016 : Debug: (2092) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:17:16 2016 : Debug: (2092) NAS-Port = 0
Fri Aug 26 16:17:16 2016 : Debug: (2092) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:17:16 2016 : Debug: (2092) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:17:16 2016 : Debug: (2092) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:17:16 2016 : Debug: (2092) Framed-MTU = 1400
Fri Aug 26 16:17:16 2016 : Debug: (2092) EAP-Message = 0x020500251900170303001a25d9f4db4c92448dcf3e421f5d8b8f3d0d4226c5d98dfb03576e
Fri Aug 26 16:17:16 2016 : Debug: (2092) State = 0x8468d6d08c6dcf4286ff6b75b100a9a2
Fri Aug 26 16:17:16 2016 : Debug: (2092) Message-Authenticator = 0x775a6b6fa8d2ad4cc79e8aaa7ad504b4
Fri Aug 26 16:17:16 2016 : Debug: (2092) Event-Timestamp = "Aug 26 2016 16:17:16 CEST"
Fri Aug 26 16:17:16 2016 : Debug: (2092) Proxy-State = 0x323138
Fri Aug 26 16:17:16 2016 : Debug: (2092) NET-NodeID = "ndid-00000001"
Fri Aug 26 16:17:16 2016 : Debug: (2092) Proxy-State = 0x323332
Fri Aug 26 16:17:16 2016 : Debug: (2092) session-state: No cached attributes
Fri Aug 26 16:17:16 2016 : Debug: (2092) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2092) authorize {
Fri Aug 26 16:17:16 2016 : Debug: (2092) policy filter_username {
Fri Aug 26 16:17:16 2016 : Debug: (2092) if (!&User-Name) {
Fri Aug 26 16:17:16 2016 : Debug: (2092) if (!&User-Name) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2092) if (&User-Name =~ / /) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2092) if (&User-Name =~ / /) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2092) if (&User-Name =~ /@.*@/ ) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2092) if (&User-Name =~ /@.*@/ ) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2092) if (&User-Name =~ /\.\./ ) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2092) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2092) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 1 matches
Fri Aug 26 16:17:16 2016 : Debug: Clearing 1 matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 3 matches
Fri Aug 26 16:17:16 2016 : Debug: (2092) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2092) if (&User-Name =~ /\.$/) {
Fri Aug 26 16:17:16 2016 : Debug: Clearing 3 matches
Fri Aug 26 16:17:16 2016 : Debug: (2092) if (&User-Name =~ /\.$/) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2092) if (&User-Name =~ /@\./) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2092) if (&User-Name =~ /@\./) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2092) } # policy filter_username = notfound
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) [preprocess] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: calling chap (rlm_chap) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: returned from chap (rlm_chap) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) [chap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: calling mschap (rlm_mschap) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) [mschap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: calling digest (rlm_digest) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: returned from digest (rlm_digest) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) [digest] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: calling suffix (rlm_realm) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) suffix: Checking for suffix after "@"
Fri Aug 26 16:17:16 2016 : Debug: (2092) suffix: Looking up realm "networks.com" for User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2092) suffix: No such realm "networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: returned from suffix (rlm_realm) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) [suffix] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: calling eap (rlm_eap) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap: Peer sent EAP Response (code 2) ID 5 length 37
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap: Continuing tunnel setup
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: returned from eap (rlm_eap) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) [eap] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2092) } # authorize = ok
Fri Aug 26 16:17:16 2016 : Debug: (2092) Found Auth-Type = EAP
Fri Aug 26 16:17:16 2016 : Debug: (2092) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2092) authenticate {
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authenticate]: calling eap (rlm_eap) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap: Expiring EAP session with state 0xba9f6fe0bb9a75b8
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap: Finished EAP session with state 0x8468d6d08c6dcf42
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap: Previous EAP request found for state 0x8468d6d08c6dcf42, released from the list
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap: Peer sent packet with method EAP PEAP (25)
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap: Calling submodule eap_peap to process data
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: Continuing EAP-TLS
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: Peer sent flags ---
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: [eaptls verify] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: Done initial handshake
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: <<< UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: [eaptls process] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: Session established. Decoding tunneled attributes
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: PEAP state phase2
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: EAP method MSCHAPv2 (26)
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: Got tunneled request
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: EAP-Message = 0x020500061a03
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: Setting User-Name to test at networks.com
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: Sending tunneled request to inner-tunnel
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: EAP-Message = 0x020500061a03
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: State = 0xba9f6fe0bb9a75b80de2cb7151dfa767
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: NAS-Identifier = "ap.example.com"
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: NAS-Port = 0
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: Framed-MTU = 1400
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: Event-Timestamp = "Aug 26 2016 16:17:16 CEST"
Fri Aug 26 16:17:16 2016 : Debug: (2092) Virtual server inner-tunnel received request
Fri Aug 26 16:17:16 2016 : Debug: (2092) EAP-Message = 0x020500061a03
Fri Aug 26 16:17:16 2016 : Debug: (2092) FreeRADIUS-Proxied-To = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2092) User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2092) State = 0xba9f6fe0bb9a75b80de2cb7151dfa767
Fri Aug 26 16:17:16 2016 : Debug: (2092) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2092) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:17:16 2016 : Debug: (2092) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:17:16 2016 : Debug: (2092) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:17:16 2016 : Debug: (2092) NAS-Port = 0
Fri Aug 26 16:17:16 2016 : Debug: (2092) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:17:16 2016 : Debug: (2092) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:17:16 2016 : Debug: (2092) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:17:16 2016 : Debug: (2092) Framed-MTU = 1400
Fri Aug 26 16:17:16 2016 : Debug: (2092) Event-Timestamp = "Aug 26 2016 16:17:16 CEST"
Fri Aug 26 16:17:16 2016 : Debug: (2092) server inner-tunnel {
Fri Aug 26 16:17:16 2016 : Debug: (2092) session-state: No cached attributes
Fri Aug 26 16:17:16 2016 : Debug: (2092) # Executing section authorize from file /etc/raddb/sites-enabled/inner-tunnel
Fri Aug 26 16:17:16 2016 : Debug: (2092) authorize {
Fri Aug 26 16:17:16 2016 : Debug: (2092) policy split_username_nai {
Fri Aug 26 16:17:16 2016 : Debug: (2092) if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 4 matches
Fri Aug 26 16:17:16 2016 : Debug: (2092) if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) -> TRUE
Fri Aug 26 16:17:16 2016 : Debug: (2092) if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) {
Fri Aug 26 16:17:16 2016 : Debug: (2092) update request {
Fri Aug 26 16:17:16 2016 : Debug: (2092) 1/4 Found: test (5)
Fri Aug 26 16:17:16 2016 : Debug: (2092) EXPAND %{1}
Fri Aug 26 16:17:16 2016 : Debug: (2092) --> test
Fri Aug 26 16:17:16 2016 : Debug: (2092) &Stripped-User-Name := test
Fri Aug 26 16:17:16 2016 : Debug: (2092) 3/4 Found: networks.com (17)
Fri Aug 26 16:17:16 2016 : Debug: (2092) EXPAND %{3}
Fri Aug 26 16:17:16 2016 : Debug: (2092) --> networks.com
Fri Aug 26 16:17:16 2016 : Debug: (2092) &Stripped-User-Domain = networks.com
Fri Aug 26 16:17:16 2016 : Debug: (2092) } # update request = noop
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: calling updated (rlm_always) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: returned from updated (rlm_always) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) [updated] = updated
Fri Aug 26 16:17:16 2016 : Debug: (2092) } # if (&User-Name && (&User-Name =~ /^([^@]*)(@([-[:alnum:]]+\.[-[:alnum:].]+))?$/)) = updated
Fri Aug 26 16:17:16 2016 : Debug: (2092) ... skipping else for request 2092: Preceding "if" was taken
Fri Aug 26 16:17:16 2016 : Debug: (2092) } # policy split_username_nai = updated
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: calling chap (rlm_chap) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: returned from chap (rlm_chap) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) [chap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: calling mschap (rlm_mschap) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) [mschap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: calling suffix (rlm_realm) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) suffix: Checking for suffix after "@"
Fri Aug 26 16:17:16 2016 : Debug: (2092) suffix: No '@' in User-Name = "test", looking up realm NULL
Fri Aug 26 16:17:16 2016 : Debug: (2092) suffix: No such realm "NULL"
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: returned from suffix (rlm_realm) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) [suffix] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2092) update control {
Fri Aug 26 16:17:16 2016 : Debug: (2092) &Proxy-To-Realm := LOCAL
Fri Aug 26 16:17:16 2016 : Debug: (2092) } # update control = noop
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: calling eap (rlm_eap) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap: Peer sent EAP Response (code 2) ID 5 length 6
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap: No EAP Start, assuming it's an on-going EAP conversation
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: returned from eap (rlm_eap) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) [eap] = updated
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: calling files (rlm_files) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: returned from files (rlm_files) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) [files] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: calling ldap (rlm_ldap) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: rlm_ldap (ldap): Reserved connection (247)
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: EXPAND TMPL XLAT
Fri Aug 26 16:17:16 2016 : Debug: (uid=%{%{Stripped-User-Name}:-%{User-Name}})
Fri Aug 26 16:17:16 2016 : Debug: Parsed xlat tree:
Fri Aug 26 16:17:16 2016 : Debug: literal --> (uid=
Fri Aug 26 16:17:16 2016 : Debug: if {
Fri Aug 26 16:17:16 2016 : Debug: attribute --> Stripped-User-Name
Fri Aug 26 16:17:16 2016 : Debug: }
Fri Aug 26 16:17:16 2016 : Debug: else {
Fri Aug 26 16:17:16 2016 : Debug: attribute --> User-Name
Fri Aug 26 16:17:16 2016 : Debug: }
Fri Aug 26 16:17:16 2016 : Debug: literal --> )
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: --> (uid=test)
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: EXPAND TMPL LITERAL
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: Performing search in "uid=lakc192e,ou=auth_servers,tnid=ukjprwp3,ou=tenants,dc=netos" with filter "(uid=test)", scope "sub"
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: Waiting for search result...
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: User object found at DN "uid=test,ou=People,uid=lakc192e,ou=auth_servers,tnid=ukjprwp3,ou=tenants,dc=netos"
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: Processing user attributes
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: Attribute "userPassword" not found in LDAP object
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: control:NT-Password := 0x3345363738423236364431443434394535333145393242454333334236443237
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: control:LM-Password := 0x3244353534353037374437423744324143434639313535453345374442343533
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: control:NET-NodeID += 'ndid-00000002'
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: Attribute "radiusTunnelType" not found in LDAP object
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: Attribute "radiusTunnelMediumType" not found in LDAP object
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: Attribute "radiusTunnelPrivategroupId" not found in LDAP object
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: reply:NET-SubnetID := 'snid-00000001'
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: Attribute "radiusControlAttribute" not found in LDAP object
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: Attribute "radiusRequestAttribute" not found in LDAP object
Fri Aug 26 16:17:16 2016 : Debug: (2092) ldap: Attribute "radiusReplyAttribute" not found in LDAP object
Fri Aug 26 16:17:16 2016 : Debug: rlm_ldap (ldap): Released connection (247)
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: returned from ldap (rlm_ldap) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) [ldap] = updated
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: calling expiration (rlm_expiration) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: returned from expiration (rlm_expiration) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) [expiration] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: calling logintime (rlm_logintime) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: returned from logintime (rlm_logintime) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) [logintime] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: calling pap (rlm_pap) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) pap: Normalizing NT-Password from hex encoding, 32 bytes -> 16 bytes
Fri Aug 26 16:17:16 2016 : Debug: (2092) pap: Normalizing LM-Password from hex encoding, 32 bytes -> 16 bytes
Fri Aug 26 16:17:16 2016 : WARNING: (2092) pap: Auth-Type already set. Not setting to PAP
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authorize]: returned from pap (rlm_pap) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) [pap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2092) } # authorize = updated
Fri Aug 26 16:17:16 2016 : Debug: (2092) Found Auth-Type = EAP
Fri Aug 26 16:17:16 2016 : Debug: (2092) # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
Fri Aug 26 16:17:16 2016 : Debug: (2092) authenticate {
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authenticate]: calling eap (rlm_eap) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap: Expiring EAP session with state 0xba9f6fe0bb9a75b8
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap: Finished EAP session with state 0xba9f6fe0bb9a75b8
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap: Previous EAP request found for state 0xba9f6fe0bb9a75b8, released from the list
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap: Peer sent packet with method EAP MSCHAPv2 (26)
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap: Calling submodule eap_mschapv2 to process data
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap: Sending EAP Success (code 3) ID 5 length 4
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap: Freeing handler
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authenticate]: returned from eap (rlm_eap) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) [eap] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2092) } # authenticate = ok
Fri Aug 26 16:17:16 2016 : Debug: (2092) # Executing section post-auth from file /etc/raddb/sites-enabled/inner-tunnel
Fri Aug 26 16:17:16 2016 : Debug: (2092) post-auth {
Fri Aug 26 16:17:16 2016 : Debug: (2092) update reply {
Fri Aug 26 16:17:16 2016 : Debug: (2092) No attributes updated
Fri Aug 26 16:17:16 2016 : Debug: (2092) No attributes updated
Fri Aug 26 16:17:16 2016 : Debug: (2092) } # update reply = noop
Fri Aug 26 16:17:16 2016 : Debug: (2092) } # post-auth = noop
Fri Aug 26 16:17:16 2016 : Debug: (2092) } # server inner-tunnel
Fri Aug 26 16:17:16 2016 : Debug: (2092) Virtual server sending reply
Fri Aug 26 16:17:16 2016 : Debug: (2092) NET-SubnetID := "snid-00000001"
Fri Aug 26 16:17:16 2016 : Debug: (2092) MS-MPPE-Encryption-Policy = Encryption-Allowed
Fri Aug 26 16:17:16 2016 : Debug: (2092) MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
Fri Aug 26 16:17:16 2016 : Debug: (2092) MS-MPPE-Send-Key = 0x32340215fe5926da71f213a986ad510c
Fri Aug 26 16:17:16 2016 : Debug: (2092) MS-MPPE-Recv-Key = 0xba705619aa34b998194146ced770b6ac
Fri Aug 26 16:17:16 2016 : Debug: (2092) EAP-Message = 0x03050004
Fri Aug 26 16:17:16 2016 : Debug: (2092) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:17:16 2016 : Debug: (2092) Stripped-User-Name := "test"
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: Got tunneled reply code 2
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: NET-SubnetID := "snid-00000001"
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: MS-MPPE-Encryption-Policy = Encryption-Allowed
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: MS-MPPE-Send-Key = 0x32340215fe5926da71f213a986ad510c
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: MS-MPPE-Recv-Key = 0xba705619aa34b998194146ced770b6ac
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: EAP-Message = 0x03050004
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: Stripped-User-Name := "test"
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: Got tunneled reply RADIUS code 2
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: NET-SubnetID := "snid-00000001"
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: MS-MPPE-Encryption-Policy = Encryption-Allowed
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: MS-MPPE-Send-Key = 0x32340215fe5926da71f213a986ad510c
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: MS-MPPE-Recv-Key = 0xba705619aa34b998194146ced770b6ac
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: EAP-Message = 0x03050004
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: Stripped-User-Name := "test"
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: Tunneled authentication was successful
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: SUCCESS
Fri Aug 26 16:17:16 2016 : Debug: >>> UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap_peap: Saving tunneled attributes for later
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap: Sending EAP Request (code 1) ID 6 length 46
Fri Aug 26 16:17:16 2016 : Debug: (2092) eap: EAP session adding &reply:State = 0x8468d6d08d6ecf42
Fri Aug 26 16:17:16 2016 : Debug: (2092) modsingle[authenticate]: returned from eap (rlm_eap) for request 2092
Fri Aug 26 16:17:16 2016 : Debug: (2092) [eap] = handled
Fri Aug 26 16:17:16 2016 : Debug: (2092) } # authenticate = handled
Fri Aug 26 16:17:16 2016 : Debug: (2092) Using Post-Auth-Type Challenge
Fri Aug 26 16:17:16 2016 : Debug: (2092) Post-Auth-Type sub-section not found. Ignoring.
Fri Aug 26 16:17:16 2016 : Debug: (2092) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2092) session-state: Nothing to cache
Fri Aug 26 16:17:16 2016 : Debug: (2092) Sent Access-Challenge Id 120 from 192.168.42.101:1812 to 192.168.42.103:56100 length 0
Fri Aug 26 16:17:16 2016 : Debug: (2092) EAP-Message = 0x0106002e19001703030023e484e1616c7c1faa8cb9c36b8df5f8acc91fa631222638d20a03dc386000b410494cb4
Fri Aug 26 16:17:16 2016 : Debug: (2092) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:17:16 2016 : Debug: (2092) State = 0x8468d6d08d6ecf4286ff6b75b100a9a2
Fri Aug 26 16:17:16 2016 : Debug: (2092) Proxy-State = 0x323138
Fri Aug 26 16:17:16 2016 : Debug: (2092) Proxy-State = 0x323332
Fri Aug 26 16:17:16 2016 : Debug: (2092) Finished request
Fri Aug 26 16:17:16 2016 : Debug: Waking up in 4.9 seconds.
Fri Aug 26 16:17:16 2016 : Debug: (2093) Received Access-Request Id 29 from 192.168.42.103:56100 to 192.168.42.101:1812 length 285
Fri Aug 26 16:17:16 2016 : Debug: (2093) User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2093) NAS-IP-Address = 127.0.0.1
Fri Aug 26 16:17:16 2016 : Debug: (2093) NAS-Identifier = "ap.example.com"
Fri Aug 26 16:17:16 2016 : Debug: (2093) Called-Station-Id = "4E-A1-C9-31-3D-06:"
Fri Aug 26 16:17:16 2016 : Debug: (2093) NAS-Port-Type = Wireless-802.11
Fri Aug 26 16:17:16 2016 : Debug: (2093) NAS-Port = 0
Fri Aug 26 16:17:16 2016 : Debug: (2093) Calling-Station-Id = "2A-72-E8-47-76-FE"
Fri Aug 26 16:17:16 2016 : Debug: (2093) Connect-Info = "CONNECT 0Mbps 802.11b"
Fri Aug 26 16:17:16 2016 : Debug: (2093) Acct-Session-Id = "57B6BC2F-0000000C"
Fri Aug 26 16:17:16 2016 : Debug: (2093) Framed-MTU = 1400
Fri Aug 26 16:17:16 2016 : Debug: (2093) EAP-Message = 0x0206002e1900170303002325d9f4db4c92448ed824319f6034479a64e33f4a61c999568298e202927c73fdf213c3
Fri Aug 26 16:17:16 2016 : Debug: (2093) State = 0x8468d6d08d6ecf4286ff6b75b100a9a2
Fri Aug 26 16:17:16 2016 : Debug: (2093) Message-Authenticator = 0xb0bb00ed344770b9d79182c58a2778ff
Fri Aug 26 16:17:16 2016 : Debug: (2093) Event-Timestamp = "Aug 26 2016 16:17:16 CEST"
Fri Aug 26 16:17:16 2016 : Debug: (2093) Proxy-State = 0x323139
Fri Aug 26 16:17:16 2016 : Debug: (2093) NET-NodeID = "ndid-00000001"
Fri Aug 26 16:17:16 2016 : Debug: (2093) Proxy-State = 0x313338
Fri Aug 26 16:17:16 2016 : Debug: (2093) session-state: No cached attributes
Fri Aug 26 16:17:16 2016 : Debug: (2093) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2093) authorize {
Fri Aug 26 16:17:16 2016 : Debug: (2093) policy filter_username {
Fri Aug 26 16:17:16 2016 : Debug: (2093) if (!&User-Name) {
Fri Aug 26 16:17:16 2016 : Debug: (2093) if (!&User-Name) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2093) if (&User-Name =~ / /) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2093) if (&User-Name =~ / /) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2093) if (&User-Name =~ /@.*@/ ) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2093) if (&User-Name =~ /@.*@/ ) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2093) if (&User-Name =~ /\.\./ ) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2093) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2093) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 1 matches
Fri Aug 26 16:17:16 2016 : Debug: Clearing 1 matches
Fri Aug 26 16:17:16 2016 : Debug: Adding 3 matches
Fri Aug 26 16:17:16 2016 : Debug: (2093) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2093) if (&User-Name =~ /\.$/) {
Fri Aug 26 16:17:16 2016 : Debug: Clearing 3 matches
Fri Aug 26 16:17:16 2016 : Debug: (2093) if (&User-Name =~ /\.$/) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2093) if (&User-Name =~ /@\./) {
Fri Aug 26 16:17:16 2016 : Debug: No matches
Fri Aug 26 16:17:16 2016 : Debug: (2093) if (&User-Name =~ /@\./) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2093) } # policy filter_username = notfound
Fri Aug 26 16:17:16 2016 : Debug: (2093) modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2093
Fri Aug 26 16:17:16 2016 : Debug: (2093) modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2093
Fri Aug 26 16:17:16 2016 : Debug: (2093) [preprocess] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2093) modsingle[authorize]: calling chap (rlm_chap) for request 2093
Fri Aug 26 16:17:16 2016 : Debug: (2093) modsingle[authorize]: returned from chap (rlm_chap) for request 2093
Fri Aug 26 16:17:16 2016 : Debug: (2093) [chap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2093) modsingle[authorize]: calling mschap (rlm_mschap) for request 2093
Fri Aug 26 16:17:16 2016 : Debug: (2093) modsingle[authorize]: returned from mschap (rlm_mschap) for request 2093
Fri Aug 26 16:17:16 2016 : Debug: (2093) [mschap] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2093) modsingle[authorize]: calling digest (rlm_digest) for request 2093
Fri Aug 26 16:17:16 2016 : Debug: (2093) modsingle[authorize]: returned from digest (rlm_digest) for request 2093
Fri Aug 26 16:17:16 2016 : Debug: (2093) [digest] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2093) modsingle[authorize]: calling suffix (rlm_realm) for request 2093
Fri Aug 26 16:17:16 2016 : Debug: (2093) suffix: Checking for suffix after "@"
Fri Aug 26 16:17:16 2016 : Debug: (2093) suffix: Looking up realm "networks.com" for User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2093) suffix: No such realm "networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2093) modsingle[authorize]: returned from suffix (rlm_realm) for request 2093
Fri Aug 26 16:17:16 2016 : Debug: (2093) [suffix] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2093) modsingle[authorize]: calling eap (rlm_eap) for request 2093
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap: Peer sent EAP Response (code 2) ID 6 length 46
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap: Continuing tunnel setup
Fri Aug 26 16:17:16 2016 : Debug: (2093) modsingle[authorize]: returned from eap (rlm_eap) for request 2093
Fri Aug 26 16:17:16 2016 : Debug: (2093) [eap] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2093) } # authorize = ok
Fri Aug 26 16:17:16 2016 : Debug: (2093) Found Auth-Type = EAP
Fri Aug 26 16:17:16 2016 : Debug: (2093) # Executing group from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2093) authenticate {
Fri Aug 26 16:17:16 2016 : Debug: (2093) modsingle[authenticate]: calling eap (rlm_eap) for request 2093
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap: Expiring EAP session with state 0x8468d6d08d6ecf42
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap: Finished EAP session with state 0x8468d6d08d6ecf42
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap: Previous EAP request found for state 0x8468d6d08d6ecf42, released from the list
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap: Peer sent packet with method EAP PEAP (25)
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap: Calling submodule eap_peap to process data
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap_peap: Continuing EAP-TLS
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap_peap: Peer sent flags ---
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap_peap: [eaptls verify] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap_peap: Done initial handshake
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap_peap: <<< UNKNOWN TLS VERSION ?0000? [length 0005]
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap_peap: [eaptls process] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap_peap: Session established. Decoding tunneled attributes
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap_peap: PEAP state send tlv success
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap_peap: Received EAP-TLV response
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap_peap: Success
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap_peap: Using saved attributes from the original Access-Accept
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap_peap: NET-SubnetID := "snid-00000001"
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap_peap: Stripped-User-Name := "test"
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap_peap: No information to cache: session caching will be disabled for session 25beaa9d353fa6b8b0a2db475c960520eaac3a4be9e2c1b320cf7a924c3c2482
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap: Sending EAP Success (code 3) ID 6 length 4
Fri Aug 26 16:17:16 2016 : Debug: (2093) eap: Freeing handler
Fri Aug 26 16:17:16 2016 : Debug: (2093) modsingle[authenticate]: returned from eap (rlm_eap) for request 2093
Fri Aug 26 16:17:16 2016 : Debug: (2093) [eap] = ok
Fri Aug 26 16:17:16 2016 : Debug: (2093) } # authenticate = ok
Fri Aug 26 16:17:16 2016 : Debug: (2093) # Executing section post-auth from file /etc/raddb/sites-enabled/default
Fri Aug 26 16:17:16 2016 : Debug: (2093) post-auth {
Fri Aug 26 16:17:16 2016 : Debug: (2093) update {
Fri Aug 26 16:17:16 2016 : Debug: (2093) No attributes updated
Fri Aug 26 16:17:16 2016 : Debug: (2093) } # update = noop
Fri Aug 26 16:17:16 2016 : Debug: (2093) update reply {
Fri Aug 26 16:17:16 2016 : Debug: (2093) &reply:NET-TenantID += 'tnid-00000001'
Fri Aug 26 16:17:16 2016 : Debug: (2093) &reply:NET-NodeID += &request:NET-NodeID -> 'ndid-00000001'
Fri Aug 26 16:17:16 2016 : Debug: (2093) &reply:Acct-Interim-Interval += 300
Fri Aug 26 16:17:16 2016 : Debug: (2093) } # update reply = noop
Fri Aug 26 16:17:16 2016 : Debug: (2093) modsingle[post-auth]: calling exec (rlm_exec) for request 2093
Fri Aug 26 16:17:16 2016 : Debug: (2093) modsingle[post-auth]: returned from exec (rlm_exec) for request 2093
Fri Aug 26 16:17:16 2016 : Debug: (2093) [exec] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2093) policy remove_reply_message_if_eap {
Fri Aug 26 16:17:16 2016 : Debug: (2093) if (&reply:EAP-Message && &reply:Reply-Message) {
Fri Aug 26 16:17:16 2016 : Debug: (2093) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE
Fri Aug 26 16:17:16 2016 : Debug: (2093) else {
Fri Aug 26 16:17:16 2016 : Debug: (2093) modsingle[post-auth]: calling noop (rlm_always) for request 2093
Fri Aug 26 16:17:16 2016 : Debug: (2093) modsingle[post-auth]: returned from noop (rlm_always) for request 2093
Fri Aug 26 16:17:16 2016 : Debug: (2093) [noop] = noop
Fri Aug 26 16:17:16 2016 : Debug: (2093) } # else = noop
Fri Aug 26 16:17:16 2016 : Debug: (2093) } # policy remove_reply_message_if_eap = noop
Fri Aug 26 16:17:16 2016 : Debug: (2093) } # post-auth = noop
Fri Aug 26 16:17:16 2016 : Debug: (2093) Sent Access-Accept Id 29 from 192.168.42.101:1812 to 192.168.42.103:56100 length 0
Fri Aug 26 16:17:16 2016 : Debug: (2093) NET-SubnetID := "snid-00000001"
Fri Aug 26 16:17:16 2016 : Debug: (2093) MS-MPPE-Recv-Key = 0x55da50ea91485cf5cc06363a5c354203fdadaa90f2923a9fd12f64395eb0cb52
Fri Aug 26 16:17:16 2016 : Debug: (2093) MS-MPPE-Send-Key = 0x6d047fe5b696b29daefd9149368ed762fa7ff94e8caa1d0eafdf53b9706c4183
Fri Aug 26 16:17:16 2016 : Debug: (2093) EAP-Message = 0x03060004
Fri Aug 26 16:17:16 2016 : Debug: (2093) Message-Authenticator = 0x00000000000000000000000000000000
Fri Aug 26 16:17:16 2016 : Debug: (2093) User-Name = "test at networks.com"
Fri Aug 26 16:17:16 2016 : Debug: (2093) Proxy-State = 0x323139
Fri Aug 26 16:17:16 2016 : Debug: (2093) Proxy-State = 0x313338
Fri Aug 26 16:17:16 2016 : Debug: (2093) NET-TenantID += "tnid-00000001"
Fri Aug 26 16:17:16 2016 : Debug: (2093) NET-NodeID += "ndid-00000001"
Fri Aug 26 16:17:16 2016 : Debug: (2093) Acct-Interim-Interval += 300
Fri Aug 26 16:17:16 2016 : Debug: (2093) Finished request
Fri Aug 26 16:17:16 2016 : Debug: Waking up in 4.9 seconds.
Fri Aug 26 16:17:21 2016 : Debug: (2083) Cleaning up request packet ID 96 with timestamp +2573970
Fri Aug 26 16:17:21 2016 : Debug: (2084) Cleaning up request packet ID 135 with timestamp +2573970
Fri Aug 26 16:17:21 2016 : Debug: (2085) Cleaning up request packet ID 46 with timestamp +2573970
Fri Aug 26 16:17:21 2016 : Debug: (2086) Cleaning up request packet ID 239 with timestamp +2573970
Fri Aug 26 16:17:21 2016 : Debug: (2087) Cleaning up request packet ID 197 with timestamp +2573970
Fri Aug 26 16:17:21 2016 : Debug: (2088) Cleaning up request packet ID 95 with timestamp +2573970
Fri Aug 26 16:17:21 2016 : Debug: (2089) Cleaning up request packet ID 44 with timestamp +2573970
Fri Aug 26 16:17:21 2016 : Debug: (2090) Cleaning up request packet ID 84 with timestamp +2573970
Fri Aug 26 16:17:21 2016 : Debug: (2091) Cleaning up request packet ID 64 with timestamp +2573970
Fri Aug 26 16:17:21 2016 : Debug: (2092) Cleaning up request packet ID 120 with timestamp +2573970
Fri Aug 26 16:17:21 2016 : Debug: (2093) Cleaning up request packet ID 29 with timestamp +2573970
Fri Aug 26 16:17:21 2016 : Info: Ready to process requests
More information about the Freeradius-Users
mailing list