Wi-Fi MAC OSX occascionally fails
Doug Berman
dougberman at gmail.com
Wed Feb 10 00:22:15 CET 2016
Thanks, John. I didn't think to look at my MAC logs. I took a look syslog
which is where I think the secure.log has ended up. They are below, any
clues from the Mac side?
Feb 9 18:13:37 dougs-MacBook-Pro kernel[0]:
IO80211AWDLPeerManager::setAwdlOperatingMode Setting the AWDL operation
mode from AUTO to SUSPENDED
Feb 9 18:13:37 dougs-MacBook-Pro kernel[0]:
IO80211AWDLPeerManager::setAwdlSuspendedMode() Suspending AWDL,
enterQuietMode(true)
Feb 9 18:13:37 dougs-MacBook-Pro WiFiAgent[517]: [EAPOLControl.c:180]
EAPOLControlAuthInfoIsValid(): Ignoring
SaveCredentialsOnSuccessfulAuthentication since no credentials were
specified
Feb 9 18:13:37 dougs-MacBook-Pro kernel[0]: vmnet: bridge-en0: interface
en is coming UP
Feb 9 18:13:37 --- last message repeated 1 time ---
Feb 9 18:13:37 dougs-MacBook-Pro kernel[0]: vmnet: bridge-en0: interface
en is sending notification 0x14
Feb 9 18:13:37 dougs-MacBook-Pro kernel[0]: AirPort: Link Down on en0.
Reason 8 (Disassociated because station leaving).
Feb 9 18:13:37 dougs-MacBook-Pro kernel[0]: vmnet: bridge-en0: interface
en is going DOWN
Feb 9 18:13:37 dougs-MacBook-Pro kernel[0]: en0: channel changed to 1
Feb 9 18:13:37 dougs-MacBook-Pro kernel[0]:
en0::IO80211Interface::postMessage bssid changed
Feb 9 18:13:37 dougs-MacBook-Pro kernel[0]: en0: channel changed to 1
Feb 9 18:13:37 --- last message repeated 1 time ---
Feb 9 18:13:37 dougs-MacBook-Pro kernel[0]: vmnet: bridge-en0: interface
en is sending notification 0x14
Feb 9 18:13:37 dougs-MacBook-Pro kernel[0]: AirPort: Link Up on en0
Feb 9 18:13:37 dougs-MacBook-Pro kernel[0]: vmnet: bridge-en0: interface
en is coming UP
Feb 9 18:13:37 dougs-MacBook-Pro kernel[0]: en0: BSSID changed to
0e:18:d6:9b:fe:a9
Feb 9 18:13:37 dougs-MacBook-Pro kernel[0]: en0: channel changed to 1
Feb 9 18:13:37 dougs-MacBook-Pro kernel[0]:
en0::IO80211Interface::postMessage bssid changed
Feb 9 18:13:38 dougs-MacBook-Pro mDNSResponder[90]:
mDNS_DeregisterInterface: Frequent transitions for interface en0
(192.168.1.159)
Feb 9 18:13:38 dougs-MacBook-Pro mDNSResponder[90]:
mDNS_RegisterInterface: Frequent transitions for interface en0
(FE80:0000:0000:0000:AEBC:32FF:FE86:B073)
Feb 9 18:13:38 dougs-MacBook-Pro configd[52]: LINKLOCAL en0: parent has no
IP
Feb 9 18:13:38 dougs-MacBook-Pro mDNSResponder[90]:
mDNS_RegisterInterface: Frequent transitions for interface en0
(FE80:0000:0000:0000:AEBC:32FF:FE86:B073)
Feb 9 18:13:38 dougs-MacBook-Pro eapolclient[43283]: en0 START uid 501 gid
20
Feb 9 18:13:38 dougs-MacBook-Pro kernel[0]: Unexpected payload found for
message 9, dataLen 0
Feb 9 18:13:38 dougs-MacBook-Pro configd[52]: network changed:
v4(en0-:192.168.1.159) DNS-
Feb 9 18:13:38 dougs-MacBook-Pro UserEventAgent[44]: Captive:
CNPluginHandler en0: Inactive
Feb 9 18:13:38 dougs-MacBook-Pro vmnet-bridge[17522]: Dynamic store changed
Feb 9 18:13:38 dougs-MacBook-Pro vmnet-bridge[17522]: Failed to read
SCproperties for key: State:/Network/Global/IPv4
Feb 9 18:13:38 dougs-MacBook-Pro kernel[0]: vmnet: VMNetDisconnect: called
for port bridge102.
Feb 9 18:13:38 dougs-MacBook-Pro kernel[0]: vmnet: bridge-en0: filter
detached
Feb 9 18:13:38 dougs-MacBook-Pro kernel[0]: vmnet: bridge-en0: down
Feb 9 18:13:38 dougs-MacBook-Pro kernel[0]: vmnet: bridge-en0: detached
Feb 9 18:13:38 dougs-MacBook-Pro kernel[0]: vmnet: Freeing hub 0.
Feb 9 18:13:38 dougs-MacBook-Pro vmnet-bridge[17522]: Stopping bridge for:
en0
Feb 9 18:13:38 dougs-MacBook-Pro symptomsd[209]: -[NetworkAnalyticsEngine
_writeJournalRecord:fromCellFingerprint:key:atLOI:ofKind:lqm:isFaulty:]
Hashing of the primary key failed. Dropping the journal record.
Feb 9 18:13:38 --- last message repeated 1 time ---
Feb 9 18:13:38 dougs-MacBook-Pro eapolclient[43283]: en0: 802.1X User Mode
Feb 9 18:13:38 dougs-MacBook-Pro Microsoft Outlook[37080]: Stream
0x81188c90 is sending an event before being opened
Feb 9 18:13:38 --- last message repeated 1 time ---
Feb 9 18:13:38 dougs-MacBook-Pro Microsoft Outlook[37080]: Stream
0x81169060 is sending an event before being opened
Feb 9 18:13:38 --- last message repeated 1 time ---
Feb 9 18:13:38 dougs-MacBook-Pro networkd[162]: -[NETClientConnection
effectiveBundleID] using process name apsd as bundle ID (this is expected
for daemons without bundle ID
Feb 9 18:13:38 dougs-MacBook-Pro Microsoft Outlook[37080]:
dnssd_clientstub DNSServiceProcessResult undefined for
kDNSServiceFlagsShareConnection subordinate DNSServiceRef 0x7d9dfe00
Feb 9 18:13:38 dougs-MacBook-Pro Microsoft Outlook[37080]: Stream
0x7c9f6bc0 is sending an event before being opened
Feb 9 18:13:38 --- last message repeated 1 time ---
Feb 9 18:13:38 dougs-MacBook-Pro Microsoft Outlook[37080]: Stream
0x811adc20 is sending an event before being opened
Feb 9 18:13:38 --- last message repeated 1 time ---
Feb 9 18:13:38 dougs-MacBook-Pro networkd[162]: -[NETClientConnection
effectiveBundleID] using process name apsd as bundle ID (this is expected
for daemons without bundle ID
Feb 9 18:13:38 --- last message repeated 2 times ---
Feb 9 18:13:38 dougs-MacBook-Pro Google Drive[531]:
mod_SCNetworkReachabilityCallBack
Feb 9 18:13:38 --- last message repeated 1 time ---
Feb 9 18:13:38 dougs-MacBook-Pro networkd[162]: -[NETClientConnection
effectiveBundleID] using process name apsd as bundle ID (this is expected
for daemons without bundle ID
Feb 9 18:13:38 dougs-MacBook-Pro eapolclient[43283]: en0 EAP-PEAP:
successfully authenticated
Feb 9 18:13:38 dougs-MacBook-Pro com.apple.WebKit.WebContent[40474]:
[18:13:38.445] <<<< CRABS >>>> crabsFlumeHostUnavailable: [0x7f9eb285bcd0]
Byte flume reports host unavailable.
Feb 9 18:13:38 dougs-MacBook-Pro com.apple.WebKit.WebContent[40474]:
[18:13:38.445] <<<< CRABS >>>> crabsFlumeHostUnavailable: [0x7f9eb2882950]
Byte flume reports host unavailable.
Feb 9 18:13:38 dougs-MacBook-Pro networkd[162]: -[NETClientConnection
effectiveBundleID] using process name apsd as bundle ID (this is expected
for daemons without bundle ID
Feb 9 18:13:38 dougs-MacBook-Pro com.apple.WebKit.WebContent[40474]:
[18:13:38.449] <<<< CRABS >>>> crabsFlumeHostUnavailable: [0x7f9eb06e4c30]
Byte flume reports host unavailable.
Feb 9 18:13:38 dougs-MacBook-Pro com.apple.WebKit.WebContent[40474]:
[18:13:38.450] <<<< CRABS >>>> crabsFlumeHostUnavailable: [0x7f9eb29c2b80]
Byte flume reports host unavailable.
Feb 9 18:13:38 dougs-MacBook-Pro networkd[162]: -[NETClientConnection
effectiveBundleID] using process name apsd as bundle ID (this is expected
for daemons without bundle ID
Feb 9 18:13:38 --- last message repeated 1 time ---
Feb 9 18:13:38 dougs-MacBook-Pro kernel[0]: AirPort: RSN handshake
complete on en0
Feb 9 18:13:38 dougs-MacBook-Pro symptomsd[209]: -[NetworkAnalyticsEngine
_writeJournalRecord:fromCellFingerprint:key:atLOI:ofKind:lqm:isFaulty:]
Hashing of the primary key failed. Dropping the journal record.
Feb 9 18:13:38 dougs-MacBook-Pro symptomsd[209]:
__73-[NetworkAnalyticsEngine
observeValueForKeyPath:ofObject:change:context:]_block_invoke unexpected
switch value 2
Feb 9 18:13:38 dougs-MacBook-Pro netbiosd[43277]:
network_reachability_changed : network is not reachable, netbiosd is
shutting down
Feb 9 18:13:38 dougs-MacBook-Pro eapolclient[43283]: en0 STOP
Feb 9 18:13:38 dougs-MacBook-Pro kernel[0]: en0: BSSID changed to
0e:18:d6:9b:fe:a9
Feb 9 18:13:38 dougs-MacBook-Pro kernel[0]: en0: channel changed to 1
Feb 9 18:13:39 dougs-MacBook-Pro kernel[0]: en0: BSSID changed to
0e:18:d6:9b:fe:a9
Feb 9 18:13:39 dougs-MacBook-Pro kernel[0]: en0: channel changed to 1
Feb 9 18:13:39 dougs-MacBook-Pro com.apple.xpc.launchd[1]
(com.apple.airport.wps): Service only ran for 1 seconds. Pushing respawn
out by 9 seconds.
Feb 9 18:13:39 dougs-MacBook-Pro kernel[0]: AirPort: Link Down on en0.
Reason 8 (Disassociated because station leaving).
Feb 9 18:13:39 dougs-MacBook-Pro kernel[0]: en0: channel changed to 1
Feb 9 18:13:39 dougs-MacBook-Pro kernel[0]:
en0::IO80211Interface::postMessage bssid changed
Feb 9 18:13:39 dougs-MacBook-Pro mDNSResponder[90]:
mDNS_DeregisterInterface: Frequent transitions for interface en0
(FE80:0000:0000:0000:AEBC:32FF:FE86:B073)
Feb 9 18:13:39 dougs-MacBook-Pro mDNSResponder[90]:
mDNS_RegisterInterface: Frequent transitions for interface en0
(FE80:0000:0000:0000:AEBC:32FF:FE86:B073)
Feb 9 18:13:39 dougs-MacBook-Pro kernel[0]: AirPort: Link Up on en0
Feb 9 18:13:39 dougs-MacBook-Pro kernel[0]: en0: BSSID changed to
0a:18:d6:9b:fe:a9
Feb 9 18:13:39 dougs-MacBook-Pro kernel[0]: en0: channel changed to 1
Feb 9 18:13:39 dougs-MacBook-Pro kernel[0]:
en0::IO80211Interface::postMessage bssid changed
Feb 9 18:13:39 dougs-MacBook-Pro kernel[0]: AirPort: RSN handshake
complete on en0
Feb 9 18:13:39 dougs-MacBook-Pro symptomsd[209]: -[NetworkAnalyticsEngine
_writeJournalRecord:fromCellFingerprint:key:atLOI:ofKind:lqm:isFaulty:]
Hashing of the primary key failed. Dropping the journal record.
Feb 9 18:13:39 dougs-MacBook-Pro kernel[0]: Unexpected payload found for
message 9, dataLen 0
Feb 9 18:13:39 dougs-MacBook-Pro mDNSResponder[90]:
mDNS_DeregisterInterface: Frequent transitions for interface en0
(FE80:0000:0000:0000:AEBC:32FF:FE86:B073)
Feb 9 18:13:39 dougs-MacBook-Pro mDNSResponder[90]:
mDNS_RegisterInterface: Frequent transitions for interface en0
(FE80:0000:0000:0000:AEBC:32FF:FE86:B073)
Feb 9 18:13:40 dougs-MacBook-Pro xpcproxy[43286]: LaunchServices: received
XPC_ERROR_CONNECTION_INTERRUPTED trying to map database
Feb 9 18:13:40 dougs-MacBook-Pro xpcproxy[43286]: LaunchServices: Database
mapping failed with result -10822, retrying
Feb 9 18:13:40 dougs-MacBook-Pro xpcproxy[43286]: LaunchServices: received
XPC_ERROR_CONNECTION_INTERRUPTED trying to map database
Feb 9 18:13:40 dougs-MacBook-Pro xpcproxy[43286]: CFPreferences could not
connect to its daemon.
Preferences using the connection 0x0 will be volatile and will not be
persisted to disk.
Feb 9 18:13:41 dougs-MacBook-Pro xpcproxy[43286]: LaunchServices: received
XPC_ERROR_CONNECTION_INTERRUPTED trying to map database
Feb 9 18:13:41 dougs-MacBook-Pro xpcproxy[43286]: LaunchServices: Database
mapping failed with result -10822, retrying
Feb 9 18:13:41 dougs-MacBook-Pro xpcproxy[43286]: LaunchServices: received
XPC_ERROR_CONNECTION_INTERRUPTED trying to map database
Feb 9 18:13:41 dougs-MacBook-Pro com.apple.xpc.launchd[1]
(2BUA8C4S2C.com.agilebits.onepassword4-helper[43286]): Could not find
and/or execute program specified by service: 149: Could not find a bundle
of the given identifier through LaunchServices:
2BUA8C4S2C.com.agilebits.onepassword4-helper
Feb 9 18:13:41 dougs-MacBook-Pro com.apple.xpc.launchd[1]
(2BUA8C4S2C.com.agilebits.onepassword4-helper): Service only ran for 0
seconds. Pushing respawn out by 10 seconds.
Feb 9 18:13:41 dougs-MacBook-Pro networkd[162]: -[NETClientConnection
effectiveBundleID] using process name apsd as bundle ID (this is expected
for daemons without bundle ID
Feb 9 18:13:42 --- last message repeated 3 times ---
Feb 9 18:13:42 dougs-MacBook-Pro networkd[162]: -[NETClientConnection
effectiveBundleID] using process name CalendarAgent as bundle ID (this is
expected for daemons without bundle ID
Feb 9 18:13:43 --- last message repeated 3 times ---
Feb 9 18:13:43 dougs-MacBook-Pro mDNSResponder[90]:
mDNS_RegisterInterface: Frequent transitions for interface en0
(192.168.1.159)
Feb 9 18:13:43 dougs-MacBook-Pro configd[52]: network changed: DNS*
Feb 9 18:13:43 dougs-MacBook-Pro kernel[0]:
IO80211AWDLPeerManager::setAwdlOperatingMode Setting the AWDL operation
mode from SUSPENDED to AUTO
Feb 9 18:13:43 dougs-MacBook-Pro kernel[0]:
IO80211AWDLPeerManager::setAwdlAutoMode Resuming AWDL
Feb 9 18:13:43 dougs-MacBook-Pro UserEventAgent[44]: Captive:
[CNInfoNetworkActive:1748] en0: SSID 'labouche' making interface primary
(cache indicates network not captive)
Feb 9 18:13:43 dougs-MacBook-Pro UserEventAgent[44]: Captive:
CNPluginHandler en0: Evaluating
Feb 9 18:13:43 dougs-MacBook-Pro configd[52]: network changed:
v4(en0!:192.168.1.159) DNS+ Proxy SMB
Feb 9 18:13:43 dougs-MacBook-Pro UserEventAgent[44]: Captive: en0: Not
probing 'labouche' (cache indicates not captive)
Feb 9 18:13:43 dougs-MacBook-Pro vmnet-bridge[17522]: Dynamic store changed
Feb 9 18:13:43 dougs-MacBook-Pro UserEventAgent[44]: Captive:
CNPluginHandler en0: Authenticated
Feb 9 18:13:43 dougs-MacBook-Pro kernel[0]: vmnet: VNetUserIf_Create:
created userif110.
Feb 9 18:13:43 dougs-MacBook-Pro kernel[0]: vmnet: VMNetConnect: returning
port userif110.
Feb 9 18:13:43 dougs-MacBook-Pro kernel[0]: vmnet: Allocated hub 0.
Feb 9 18:13:43 dougs-MacBook-Pro kernel[0]: vmnet: VMNET_SO_BINDTOHUB:
port: paddr 00:50:56:e1:0b:b5
Feb 9 18:13:43 dougs-MacBook-Pro kernel[0]: vmnet: Hub 0
Feb 9 18:13:43 dougs-MacBook-Pro kernel[0]: vmnet: Port 0
Feb 9 18:13:43 dougs-MacBook-Pro kernel[0]: vmnet: bridge-en0: media 80
devName en family 2
Feb 9 18:13:43 dougs-MacBook-Pro kernel[0]: vmnet: bridge-en0: wireless
interface detected.
Feb 9 18:13:43 dougs-MacBook-Pro kernel[0]: vmnet: bridge-en0: up
Feb 9 18:13:43 dougs-MacBook-Pro kernel[0]: vmnet: bridge-en0: attached
Feb 9 18:13:43 dougs-MacBook-Pro kernel[0]: vmnet: VNetUserIfFree: freeing
userif110.
Feb 9 18:13:43 dougs-MacBook-Pro vmnet-bridge[17522]: Started bridge for
0, en0
Feb 9 18:13:44 dougs-MacBook-Pro Google Drive[531]:
mod_SCNetworkReachabilityCallBack
Feb 9 18:13:44 dougs-MacBook-Pro com.apple.WebKit.WebContent[40474]:
[18:13:44.220] <<<< CRABS >>>> crabsFlumeHostAvailable: [0x7f9eb285bcd0]
Byte flume reports host available again.
Feb 9 18:13:44 dougs-MacBook-Pro symptomsd[209]:
__73-[NetworkAnalyticsEngine
observeValueForKeyPath:ofObject:change:context:]_block_invoke unexpected
switch value 2
Feb 9 18:13:44 dougs-MacBook-Pro com.apple.WebKit.WebContent[40474]:
[18:13:44.226] <<<< CRABS >>>> crabsFlumeHostAvailable: [0x7f9eb2882950]
Byte flume reports host available again.
Feb 9 18:13:44 dougs-MacBook-Pro com.apple.WebKit.WebContent[40474]:
[18:13:44.227] <<<< CRABS >>>> crabsFlumeHostAvailable: [0x7f9eb06e4c30]
Byte flume reports host available again.
Feb 9 18:13:44 dougs-MacBook-Pro com.apple.WebKit.WebContent[40474]:
[18:13:44.227] <<<< CRABS >>>> crabsFlumeHostAvailable: [0x7f9eb29c2b80]
Byte flume reports host available again.
Feb 9 18:13:44 dougs-MacBook-Pro Google Drive[531]:
mod_SCNetworkReachabilityCallBack
Feb 9 18:13:44 dougs-MacBook-Pro Microsoft Outlook[37080]: Stream
0x8073b1f0 is sending an event before being opened
Feb 9 18:13:46 --- last message repeated 1 time ---
Feb 9 18:13:46 dougs-MacBook-Pro Microsoft Outlook[37080]: Stream
0x7c425d70 is sending an event before being opened
Feb 9 18:13:46 --- last message repeated 1 time ---
Feb 9 18:13:46 dougs-MacBook-Pro Microsoft Outlook[37080]: Stream
0x7cc1edc0 is sending an event before being opened
On Tue, Feb 9, 2016 at 5:56 PM, John Teasley <ollieteasley at gmail.com> wrote:
> Hello,
>
> I am new to the list as well. However, "Sending Access-Accept of id 102 to
> 192.168.1.29 port 56313" shows all is good. Have you tried checking the
> logs on the client and server to see what happens when your connection
> drops? What you posted above shows that you got authorized and
> authenticated to me. I am sure some others on here may be able to help more
> though.
>
> One note, when I was debugging on a linux client I had to check the
> supplicant AND system logs. I am sure you could get some information on the
> MacOSx daemon that handles the supplicant authorize / authentication
> pieces. Watching both server and client at the same time may prove helpful.
>
>
>
> Ollie Teasley
> Linux Administrator
> ISMELL.SHOES, LLC
>
>
> On Tue, Feb 9, 2016 at 4:46 PM, Doug Berman <dougberman at gmail.com> wrote:
>
> > I'm new to freeradius. I have a simple setup on ubuntu 14.04. I don't
> > have SQL and simply have a user configured in the users file. The user
> is
> > me - dougberman. I also have a ubiquiti access point which I've
> configured
> > as a client to the radius server. What's frustrating is sometimes I'm
> able
> > to use 802.1x EAP/PEAP just fine on my MAC and other times, it fails.
> I've
> > looked through the radius debug and I can't find anything that stands out
> > that calls my attention. Snipits for the file "users" and
> "clients.conf"
> > and the debug is below. Any help would be greatly appreciated.
> >
> > users:
> >
> > dougberman Cleartext-Password := "foo123"
> >
> > clients.conf
> >
> > client 192.168.1.29 {
> >
> > secret = network
> >
> > shortname = routergw
> >
> > nastype = other
> >
> > }
> > Please let me know if you have any additional questions.
> >
> > doug at db-dell:~$ sudo freeradius -X
> > [sudo] password for doug:
> > FreeRADIUS Version 2.1.12, for host x86_64-pc-linux-gnu, built on Aug 26
> > 2015 at 14:47:03
> > Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
> > There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
> > PARTICULAR PURPOSE.
> > You may redistribute copies of FreeRADIUS under the terms of the
> > GNU General Public License v2.
> > Starting - reading configuration files ...
> > including configuration file /etc/freeradius/radiusd.conf
> > including configuration file /etc/freeradius/proxy.conf
> > including configuration file /etc/freeradius/clients.conf
> > including files in directory /etc/freeradius/modules/
> > including configuration file /etc/freeradius/modules/smbpasswd
> > including configuration file /etc/freeradius/modules/ippool
> > including configuration file /etc/freeradius/modules/expr
> > including configuration file /etc/freeradius/modules/pap
> > including configuration file /etc/freeradius/modules/passwd
> > including configuration file
> > /etc/freeradius/modules/sqlcounter_expire_on_login
> > including configuration file /etc/freeradius/modules/otp
> > including configuration file /etc/freeradius/modules/expiration
> > including configuration file /etc/freeradius/modules/detail.example.com
> > including configuration file /etc/freeradius/modules/preprocess
> > including configuration file /etc/freeradius/modules/exec
> > including configuration file /etc/freeradius/modules/mac2vlan
> > including configuration file /etc/freeradius/modules/files
> > including configuration file /etc/freeradius/modules/attr_rewrite
> > including configuration file /etc/freeradius/modules/dynamic_clients
> > including configuration file /etc/freeradius/modules/perl
> > including configuration file /etc/freeradius/modules/krb5
> > including configuration file /etc/freeradius/modules/checkval
> > including configuration file /etc/freeradius/modules/etc_group
> > including configuration file /etc/freeradius/modules/mac2ip
> > including configuration file /etc/freeradius/modules/smsotp
> > including configuration file /etc/freeradius/modules/inner-eap
> > including configuration file /etc/freeradius/modules/sradutmp
> > including configuration file /etc/freeradius/modules/always
> > including configuration file /etc/freeradius/modules/detail.log
> > including configuration file /etc/freeradius/modules/attr_filter
> > including configuration file /etc/freeradius/modules/rediswho
> > including configuration file /etc/freeradius/modules/replicate
> > including configuration file /etc/freeradius/modules/cui
> > including configuration file /etc/freeradius/modules/unix
> > including configuration file /etc/freeradius/modules/mschap
> > including configuration file /etc/freeradius/modules/counter
> > including configuration file /etc/freeradius/modules/ntlm_auth
> > including configuration file /etc/freeradius/modules/acct_unique
> > including configuration file /etc/freeradius/modules/linelog
> > including configuration file /etc/freeradius/modules/realm
> > including configuration file /etc/freeradius/modules/pam
> > including configuration file /etc/freeradius/modules/radutmp
> > including configuration file /etc/freeradius/modules/sql_log
> > including configuration file /etc/freeradius/modules/ldap
> > including configuration file /etc/freeradius/modules/redis
> > including configuration file /etc/freeradius/modules/opendirectory
> > including configuration file /etc/freeradius/modules/logintime
> > including configuration file /etc/freeradius/modules/digest
> > including configuration file /etc/freeradius/modules/policy
> > including configuration file /etc/freeradius/modules/detail
> > including configuration file /etc/freeradius/modules/echo
> > including configuration file /etc/freeradius/modules/chap
> > including configuration file /etc/freeradius/modules/wimax
> > including configuration file /etc/freeradius/modules/soh
> > including configuration file /etc/freeradius/eap.conf
> > including configuration file /etc/freeradius/policy.conf
> > including files in directory /etc/freeradius/sites-enabled/
> > including configuration file /etc/freeradius/sites-enabled/inner-tunnel
> > including configuration file /etc/freeradius/sites-enabled/default
> > main {
> > user = "freerad"
> > group = "freerad"
> > allow_core_dumps = no
> > }
> > including dictionary file /etc/freeradius/dictionary
> > main {
> > name = "freeradius"
> > prefix = "/usr"
> > localstatedir = "/var"
> > sbindir = "/usr/sbin"
> > logdir = "/var/log/freeradius"
> > run_dir = "/var/run/freeradius"
> > libdir = "/usr/lib/freeradius"
> > radacctdir = "/var/log/freeradius/radacct"
> > hostname_lookups = no
> > max_request_time = 30
> > cleanup_delay = 5
> > max_requests = 1024
> > pidfile = "/var/run/freeradius/freeradius.pid"
> > checkrad = "/usr/sbin/checkrad"
> > debug_level = 0
> > proxy_requests = yes
> > log {
> > stripped_names = no
> > auth = yes
> > auth_badpass = yes
> > auth_goodpass = yes
> > }
> > security {
> > max_attributes = 200
> > reject_delay = 1
> > status_server = yes
> > }
> > }
> > radiusd: #### Loading Realms and Home Servers ####
> > proxy server {
> > retry_delay = 5
> > retry_count = 3
> > default_fallback = no
> > dead_time = 120
> > wake_all_if_all_dead = no
> > }
> > home_server localhost {
> > ipaddr = 127.0.0.1
> > port = 1812
> > type = "auth"
> > secret = "testing123"
> > response_window = 20
> > max_outstanding = 65536
> > require_message_authenticator = yes
> > zombie_period = 40
> > status_check = "status-server"
> > ping_interval = 30
> > check_interval = 30
> > num_answers_to_alive = 3
> > num_pings_to_alive = 3
> > revive_interval = 120
> > status_check_timeout = 4
> > coa {
> > irt = 2
> > mrt = 16
> > mrc = 5
> > mrd = 30
> > }
> > }
> > home_server_pool my_auth_failover {
> > type = fail-over
> > home_server = localhost
> > }
> > realm example.com {
> > auth_pool = my_auth_failover
> > }
> > realm LOCAL {
> > }
> > radiusd: #### Loading Clients ####
> > client localhost {
> > ipaddr = 127.0.0.1
> > require_message_authenticator = no
> > secret = "testing123"
> > nastype = "other"
> > }
> > client 192.168.1.29 {
> > require_message_authenticator = no
> > secret = "network"
> > shortname = "routergw"
> > nastype = "other"
> > }
> > radiusd: #### Instantiating modules ####
> > instantiate {
> > Module: Linked to module rlm_exec
> > Module: Instantiating module "exec" from file
> /etc/freeradius/modules/exec
> > exec {
> > wait = no
> > input_pairs = "request"
> > shell_escape = yes
> > }
> > Module: Linked to module rlm_expr
> > Module: Instantiating module "expr" from file
> /etc/freeradius/modules/expr
> > Module: Linked to module rlm_expiration
> > Module: Instantiating module "expiration" from file
> > /etc/freeradius/modules/expiration
> > expiration {
> > reply-message = "Password Has Expired "
> > }
> > Module: Linked to module rlm_logintime
> > Module: Instantiating module "logintime" from file
> > /etc/freeradius/modules/logintime
> > logintime {
> > reply-message = "You are calling outside your allowed timespan "
> > minimum-timeout = 60
> > }
> > }
> > radiusd: #### Loading Virtual Servers ####
> > server { # from file /etc/freeradius/radiusd.conf
> > modules {
> > Module: Creating Auth-Type = digest
> > Module: Creating Post-Auth-Type = REJECT
> > Module: Checking authenticate {...} for more modules to load
> > Module: Linked to module rlm_pap
> > Module: Instantiating module "pap" from file /etc/freeradius/modules/pap
> > pap {
> > encryption_scheme = "auto"
> > auto_header = no
> > }
> > Module: Linked to module rlm_chap
> > Module: Instantiating module "chap" from file
> /etc/freeradius/modules/chap
> > Module: Linked to module rlm_mschap
> > Module: Instantiating module "mschap" from file
> > /etc/freeradius/modules/mschap
> > mschap {
> > use_mppe = yes
> > require_encryption = no
> > require_strong = no
> > with_ntdomain_hack = no
> > allow_retry = yes
> > }
> > Module: Linked to module rlm_digest
> > Module: Instantiating module "digest" from file
> > /etc/freeradius/modules/digest
> > Module: Linked to module rlm_unix
> > Module: Instantiating module "unix" from file
> /etc/freeradius/modules/unix
> > unix {
> > radwtmp = "/var/log/freeradius/radwtmp"
> > }
> > Module: Linked to module rlm_eap
> > Module: Instantiating module "eap" from file /etc/freeradius/eap.conf
> > eap {
> > default_eap_type = "md5"
> > timer_expire = 60
> > ignore_unknown_eap_types = no
> > cisco_accounting_username_bug = no
> > max_sessions = 4096
> > }
> > Module: Linked to sub-module rlm_eap_md5
> > Module: Instantiating eap-md5
> > Module: Linked to sub-module rlm_eap_leap
> > Module: Instantiating eap-leap
> > Module: Linked to sub-module rlm_eap_gtc
> > Module: Instantiating eap-gtc
> > gtc {
> > challenge = "Password: "
> > auth_type = "PAP"
> > }
> > Module: Linked to sub-module rlm_eap_tls
> > Module: Instantiating eap-tls
> > tls {
> > rsa_key_exchange = no
> > dh_key_exchange = yes
> > rsa_key_length = 512
> > dh_key_length = 512
> > verify_depth = 0
> > CA_path = "/etc/freeradius/certs"
> > pem_file_type = yes
> > private_key_file = "/etc/freeradius/certs/server.key"
> > certificate_file = "/etc/freeradius/certs/server.pem"
> > CA_file = "/etc/freeradius/certs/ca.pem"
> > private_key_password = "whatever"
> > dh_file = "/etc/freeradius/certs/dh"
> > random_file = "/dev/urandom"
> > fragment_size = 1024
> > include_length = yes
> > check_crl = no
> > cipher_list = "DEFAULT"
> > make_cert_command = "/etc/freeradius/certs/bootstrap"
> > ecdh_curve = "prime256v1"
> > cache {
> > enable = no
> > lifetime = 24
> > max_entries = 255
> > }
> > verify {
> > }
> > ocsp {
> > enable = no
> > override_cert_url = yes
> > url = "http://127.0.0.1/ocsp/"
> > }
> > }
> > Module: Linked to sub-module rlm_eap_ttls
> > Module: Instantiating eap-ttls
> > ttls {
> > default_eap_type = "md5"
> > copy_request_to_tunnel = no
> > use_tunneled_reply = no
> > virtual_server = "inner-tunnel"
> > include_length = yes
> > }
> > Module: Linked to sub-module rlm_eap_peap
> > Module: Instantiating eap-peap
> > peap {
> > default_eap_type = "mschapv2"
> > copy_request_to_tunnel = no
> > use_tunneled_reply = no
> > proxy_tunneled_request_as_eap = yes
> > virtual_server = "inner-tunnel"
> > soh = no
> > }
> > Module: Linked to sub-module rlm_eap_mschapv2
> > Module: Instantiating eap-mschapv2
> > mschapv2 {
> > with_ntdomain_hack = no
> > send_error = no
> > }
> > Module: Checking authorize {...} for more modules to load
> > Module: Linked to module rlm_preprocess
> > Module: Instantiating module "preprocess" from file
> > /etc/freeradius/modules/preprocess
> > preprocess {
> > huntgroups = "/etc/freeradius/huntgroups"
> > hints = "/etc/freeradius/hints"
> > with_ascend_hack = no
> > ascend_channels_per_line = 23
> > with_ntdomain_hack = no
> > with_specialix_jetstream_hack = no
> > with_cisco_vsa_hack = no
> > with_alvarion_vsa_hack = no
> > }
> > Module: Linked to module rlm_realm
> > Module: Instantiating module "suffix" from file
> > /etc/freeradius/modules/realm
> > realm suffix {
> > format = "suffix"
> > delimiter = "@"
> > ignore_default = no
> > ignore_null = no
> > }
> > Module: Linked to module rlm_files
> > Module: Instantiating module "files" from file
> > /etc/freeradius/modules/files
> > files {
> > usersfile = "/etc/freeradius/users"
> > acctusersfile = "/etc/freeradius/acct_users"
> > preproxy_usersfile = "/etc/freeradius/preproxy_users"
> > compat = "no"
> > }
> > Module: Checking preacct {...} for more modules to load
> > Module: Linked to module rlm_acct_unique
> > Module: Instantiating module "acct_unique" from file
> > /etc/freeradius/modules/acct_unique
> > acct_unique {
> > key = "User-Name, Acct-Session-Id, NAS-IP-Address,
> > Client-IP-Address, NAS-Port"
> > }
> > Module: Checking accounting {...} for more modules to load
> > Module: Linked to module rlm_detail
> > Module: Instantiating module "detail" from file
> > /etc/freeradius/modules/detail
> > detail {
> > detailfile =
> >
> >
> "/var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d"
> > header = "%t"
> > detailperm = 384
> > dirperm = 493
> > locking = no
> > log_packet_header = no
> > }
> > Module: Linked to module rlm_radutmp
> > Module: Instantiating module "radutmp" from file
> > /etc/freeradius/modules/radutmp
> > radutmp {
> > filename = "/var/log/freeradius/radutmp"
> > username = "%{User-Name}"
> > case_sensitive = yes
> > check_with_nas = yes
> > perm = 384
> > callerid = yes
> > }
> > Module: Linked to module rlm_attr_filter
> > Module: Instantiating module "attr_filter.accounting_response" from file
> > /etc/freeradius/modules/attr_filter
> > attr_filter attr_filter.accounting_response {
> > attrsfile = "/etc/freeradius/attrs.accounting_response"
> > key = "%{User-Name}"
> > relaxed = no
> > }
> > Module: Checking session {...} for more modules to load
> > Module: Checking post-proxy {...} for more modules to load
> > Module: Checking post-auth {...} for more modules to load
> > Module: Instantiating module "attr_filter.access_reject" from file
> > /etc/freeradius/modules/attr_filter
> > attr_filter attr_filter.access_reject {
> > attrsfile = "/etc/freeradius/attrs.access_reject"
> > key = "%{User-Name}"
> > relaxed = no
> > }
> > } # modules
> > } # server
> > server inner-tunnel { # from file
> > /etc/freeradius/sites-enabled/inner-tunnel
> > modules {
> > Module: Checking authenticate {...} for more modules to load
> > Module: Checking authorize {...} for more modules to load
> > Module: Checking session {...} for more modules to load
> > Module: Checking post-proxy {...} for more modules to load
> > Module: Checking post-auth {...} for more modules to load
> > } # modules
> > } # server
> > radiusd: #### Opening IP addresses and Ports ####
> > listen {
> > type = "auth"
> > ipaddr = *
> > port = 0
> > }
> > listen {
> > type = "acct"
> > ipaddr = *
> > port = 0
> > }
> > listen {
> > type = "auth"
> > ipaddr = 127.0.0.1
> > port = 18120
> > }
> > ... adding new socket proxy address * port 51461
> > Listening on authentication address * port 1812
> > Listening on accounting address * port 1813
> > Listening on authentication address 127.0.0.1 port 18120 as server
> > inner-tunnel
> > Listening on proxy address * port 1814
> > Ready to process requests.
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > rad_recv: Access-Request packet from host 192.168.1.29 port 56313, id=93,
> > length=182
> > User-Name = "dougberman"
> > NAS-IP-Address = 192.168.1.29
> > NAS-Identifier = "0418d69afea9"
> > NAS-Port = 0
> > Called-Station-Id = "0E-18-D6-9B-FE-A9:labouche-secure"
> > Calling-Station-Id = "AC-BC-32-86-B0-73"
> > Framed-MTU = 1400
> > NAS-Port-Type = Wireless-802.11
> > Connect-Info = "CONNECT 0Mbps 802.11b"
> > EAP-Message = 0x0286000f01646f75676265726d616e
> > Message-Authenticator = 0x1b7db57089969456fcff7f264214ac71
> > # Executing section authorize from file
> > /etc/freeradius/sites-enabled/default
> > +- entering group authorize {...}
> > ++[preprocess] returns ok
> > ++[chap] returns noop
> > ++[mschap] returns noop
> > ++[digest] returns noop
> > [suffix] No '@' in User-Name = "dougberman", looking up realm NULL
> > [suffix] No such realm "NULL"
> > ++[suffix] returns noop
> > [eap] EAP packet type response id 134 length 15
> > [eap] No EAP Start, assuming it's an on-going EAP conversation
> > ++[eap] returns updated
> > [files] users: Matched entry dougberman at line 3
> > ++[files] returns ok
> > ++[expiration] returns noop
> > ++[logintime] returns noop
> > [pap] WARNING: Auth-Type already set. Not setting to PAP
> > ++[pap] returns noop
> > Found Auth-Type = EAP
> > # Executing group from file /etc/freeradius/sites-enabled/default
> > +- entering group authenticate {...}
> > [eap] EAP Identity
> > [eap] processing type md5
> > rlm_eap_md5: Issuing Challenge
> > ++[eap] returns handled
> > Sending Access-Challenge of id 93 to 192.168.1.29 port 56313
> > EAP-Message = 0x018700160410a6e7f7cc1f9ae919f16aac7710972bd9
> > Message-Authenticator = 0x00000000000000000000000000000000
> > State = 0x92ddcc5b925ac86dd5e2158f0b41dda7
> > Finished request 0.
> > Going to the next request
> > Waking up in 4.9 seconds.
> > rad_recv: Access-Request packet from host 192.168.1.29 port 56313, id=94,
> > length=193
> > User-Name = "dougberman"
> > NAS-IP-Address = 192.168.1.29
> > NAS-Identifier = "0418d69afea9"
> > NAS-Port = 0
> > Called-Station-Id = "0E-18-D6-9B-FE-A9:labouche-secure"
> > Calling-Station-Id = "AC-BC-32-86-B0-73"
> > Framed-MTU = 1400
> > NAS-Port-Type = Wireless-802.11
> > Connect-Info = "CONNECT 0Mbps 802.11b"
> > EAP-Message = 0x028700080319152b
> > State = 0x92ddcc5b925ac86dd5e2158f0b41dda7
> > Message-Authenticator = 0x3d6957c95c9c9ba03aa0574e37d2019c
> > # Executing section authorize from file
> > /etc/freeradius/sites-enabled/default
> > +- entering group authorize {...}
> > ++[preprocess] returns ok
> > ++[chap] returns noop
> > ++[mschap] returns noop
> > ++[digest] returns noop
> > [suffix] No '@' in User-Name = "dougberman", looking up realm NULL
> > [suffix] No such realm "NULL"
> > ++[suffix] returns noop
> > [eap] EAP packet type response id 135 length 8
> > [eap] No EAP Start, assuming it's an on-going EAP conversation
> > ++[eap] returns updated
> > [files] users: Matched entry dougberman at line 3
> > ++[files] returns ok
> > ++[expiration] returns noop
> > ++[logintime] returns noop
> > [pap] WARNING: Auth-Type already set. Not setting to PAP
> > ++[pap] returns noop
> > Found Auth-Type = EAP
> > # Executing group from file /etc/freeradius/sites-enabled/default
> > +- entering group authenticate {...}
> > [eap] Request found, released from the list
> > [eap] EAP NAK
> > [eap] EAP-NAK asked for EAP-Type/peap
> > [eap] processing type tls
> > [tls] Initiate
> > [tls] Start returned 1
> > ++[eap] returns handled
> > Sending Access-Challenge of id 94 to 192.168.1.29 port 56313
> > EAP-Message = 0x018800061920
> > Message-Authenticator = 0x00000000000000000000000000000000
> > State = 0x92ddcc5b9355d56dd5e2158f0b41dda7
> > Finished request 1.
> > Going to the next request
> > Waking up in 4.9 seconds.
> > rad_recv: Access-Request packet from host 192.168.1.29 port 56313, id=95,
> > length=316
> > User-Name = "dougberman"
> > NAS-IP-Address = 192.168.1.29
> > NAS-Identifier = "0418d69afea9"
> > NAS-Port = 0
> > Called-Station-Id = "0E-18-D6-9B-FE-A9:labouche-secure"
> > Calling-Station-Id = "AC-BC-32-86-B0-73"
> > Framed-MTU = 1400
> > NAS-Port-Type = Wireless-802.11
> > Connect-Info = "CONNECT 0Mbps 802.11b"
> > EAP-Message =
> >
> >
> 0x02880083198000000079160301007401000070030156ba68815990fdf76fe5ebc053ed7757fbde10eeeedd069c792855e3fc6abc2f00002800ffc024c023c00ac009c008c028c027c014c013c012003d003c0035002f000ac007c011000500040100001f000a00080006001700180019000b0002010000050005010000000000120000
> > State = 0x92ddcc5b9355d56dd5e2158f0b41dda7
> > Message-Authenticator = 0x40f21a53503b308c46cb0d395acff087
> > # Executing section authorize from file
> > /etc/freeradius/sites-enabled/default
> > +- entering group authorize {...}
> > ++[preprocess] returns ok
> > ++[chap] returns noop
> > ++[mschap] returns noop
> > ++[digest] returns noop
> > [suffix] No '@' in User-Name = "dougberman", looking up realm NULL
> > [suffix] No such realm "NULL"
> > ++[suffix] returns noop
> > [eap] EAP packet type response id 136 length 131
> > [eap] Continuing tunnel setup.
> > ++[eap] returns ok
> > Found Auth-Type = EAP
> > # Executing group from file /etc/freeradius/sites-enabled/default
> > +- entering group authenticate {...}
> > [eap] Request found, released from the list
> > [eap] EAP/peap
> > [eap] processing type peap
> > [peap] processing EAP-TLS
> > TLS Length 121
> > [peap] Length Included
> > [peap] eaptls_verify returned 11
> > [peap] (other): before/accept initialization
> > [peap] TLS_accept: before/accept initialization
> > [peap] <<< TLS 1.0 Handshake [length 0074], ClientHello
> > [peap] TLS_accept: SSLv3 read client hello A
> > [peap] >>> TLS 1.0 Handshake [length 0039], ServerHello
> > [peap] TLS_accept: SSLv3 write server hello A
> > [peap] >>> TLS 1.0 Handshake [length 02c2], Certificate
> > [peap] TLS_accept: SSLv3 write certificate A
> > [peap] >>> TLS 1.0 Handshake [length 014b], ServerKeyExchange
> > [peap] TLS_accept: SSLv3 write key exchange A
> > [peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
> > [peap] TLS_accept: SSLv3 write server done A
> > [peap] TLS_accept: SSLv3 flush data
> > [peap] TLS_accept: Need to read more data: SSLv3 read client
> > certificate A
> > In SSL Handshake Phase
> > In SSL Accept mode
> > [peap] eaptls_process returned 13
> > [peap] EAPTLS_HANDLED
> > ++[eap] returns handled
> > Sending Access-Challenge of id 95 to 192.168.1.29 port 56313
> > EAP-Message =
> >
> >
> 0x0189040019c00000045e16030100390200003503013ebf7047410d7a1859b5bbbf2a9d9888ce6e37c03ba9f1614c3bb95e24f1484d00c01400000dff01000100000b00040300010216030102c20b0002be0002bb0002b8308202b43082019ca003020102020900b793aee3ac33bc49300d06092a864886f70d01010b050030123110300e0603550403130764622d64656c6c301e170d3136303230323136353033355a170d3236303133303136353033355a30123110300e0603550403130764622d64656c6c30820122300d06092a864886f70d01010105000382010f003082010a0282010100a3869b5f162e1e131968dc8d564b1d234e592c42f841
> > EAP-Message =
> >
> >
> 0xa1241e96afe0db33d6d261b72bc407b2644f64812dba426bbbb6b3231f94a6cddbd263def9ce4e1a43f2a6c264cb9d1b3b4d9f2eace7afc4c2cf1e4c55e307e888b87e55003c404005a0c1a8b58fb034a59d7588206f9b280f5b0174dd53b9d5b8f8227936f640d73af94d8bf255316ba21199b9a01a45b33639cfa1c1f5145fc139819c84376523c6959ae1d6eccad8aa74a7fef8550fca94758e9f6e1a822b93439edcc4655baef7d39725f7378a4d8456581a45628523a8310467e66fb7cde362cabb555c9ef8807421e87adf51b3fb850ee59e23dc0d15fa956ed25af53b6bd8a3b703c431601aad0203010001a30d300b30090603551d13040230
> > EAP-Message =
> >
> >
> 0x00300d06092a864886f70d01010b050003820101006dbcd92c80fb31226b1e11ba78acdbfe58ef27a40611e499d4e6bbe5b1bda08cadd47e713fa241ca04627c7b7e4d47704f57af194b910b99d72202d070e26e1cb36107b6d92615758f8c0202fb8a77c92e3654299280c99f26c4dc0216849ffce1062fe9a346d91a04489642f9172d6fcb10bae6f2616bccebb43a00e72d3dbbd519cd0c0a4028eb7a316be8a2777459784bdc6085c3ca16aa635c04e0af7f73060016ce702081b5633f2d3204f0c3ddc35afb0159d6658ac5446a970fa89a090983e361df96e61d39550455483d1514b861ec58e826e508944aea60afb69463aabcce9787295042
> > EAP-Message =
> >
> >
> 0xd8b7e3f8a0d0318c55eee88732d1368ef2e6bc69c6ce6351160301014b0c00014703001741040884dfbcda7aeb9916409f3bec34b77584692af6d8d300907b4b79520e0bc4f8c97ad01ceea451d317bc57f48c22cb559c9aa94ddb890830c7355b5dd52dcb9b01002e7f7507025b5ab68f95c1f13cb6a007148404af7c5b9ead6cf1ef3548ebc99f69cd53b61590fbfd42f89369a909680c394c5a40bf756975d1f6d653190435dc34dee4b29704293006d600fb7c67015129e05deab4796a06100aea38c739152b9b8c5dabf734ce8f474cdeabfe63e42032f0ac74fbe2d8a09c17ad55b14b7cd2d9ed043ee42f26ae7e5b28fb5869e6d576ddb54d94
> > EAP-Message = 0x2260d3c985a4fbc2debb2686
> > Message-Authenticator = 0x00000000000000000000000000000000
> > State = 0x92ddcc5b9054d56dd5e2158f0b41dda7
> > Finished request 2.
> > Going to the next request
> > Waking up in 4.9 seconds.
> > rad_recv: Access-Request packet from host 192.168.1.29 port 56313, id=96,
> > length=191
> > User-Name = "dougberman"
> > NAS-IP-Address = 192.168.1.29
> > NAS-Identifier = "0418d69afea9"
> > NAS-Port = 0
> > Called-Station-Id = "0E-18-D6-9B-FE-A9:labouche-secure"
> > Calling-Station-Id = "AC-BC-32-86-B0-73"
> > Framed-MTU = 1400
> > NAS-Port-Type = Wireless-802.11
> > Connect-Info = "CONNECT 0Mbps 802.11b"
> > EAP-Message = 0x028900061900
> > State = 0x92ddcc5b9054d56dd5e2158f0b41dda7
> > Message-Authenticator = 0x27b924da3c4bc62298b84cf45ee60d4d
> > # Executing section authorize from file
> > /etc/freeradius/sites-enabled/default
> > +- entering group authorize {...}
> > ++[preprocess] returns ok
> > ++[chap] returns noop
> > ++[mschap] returns noop
> > ++[digest] returns noop
> > [suffix] No '@' in User-Name = "dougberman", looking up realm NULL
> > [suffix] No such realm "NULL"
> > ++[suffix] returns noop
> > [eap] EAP packet type response id 137 length 6
> > [eap] Continuing tunnel setup.
> > ++[eap] returns ok
> > Found Auth-Type = EAP
> > # Executing group from file /etc/freeradius/sites-enabled/default
> > +- entering group authenticate {...}
> > [eap] Request found, released from the list
> > [eap] EAP/peap
> > [eap] processing type peap
> > [peap] processing EAP-TLS
> > [peap] Received TLS ACK
> > [peap] ACK handshake fragment handler
> > [peap] eaptls_verify returned 1
> > [peap] eaptls_process returned 13
> > [peap] EAPTLS_HANDLED
> > ++[eap] returns handled
> > Sending Access-Challenge of id 96 to 192.168.1.29 port 56313
> > EAP-Message =
> >
> >
> 0x018a006e1900d0186aabc9c735e04049ca34da2fa6662cc526354aced54cb41bf031aad5d36a846a299ab806fd96afabaa98d38cb74d2e6a91d979835114259e01d9ec687b5baec3220193694db1cdab30bf92501b4d349ad8a1310d81abf63b3b4b1857c016030100040e000000
> > Message-Authenticator = 0x00000000000000000000000000000000
> > State = 0x92ddcc5b9157d56dd5e2158f0b41dda7
> > Finished request 3.
> > Going to the next request
> > Waking up in 4.9 seconds.
> > rad_recv: Access-Request packet from host 192.168.1.29 port 56313, id=97,
> > length=329
> > User-Name = "dougberman"
> > NAS-IP-Address = 192.168.1.29
> > NAS-Identifier = "0418d69afea9"
> > NAS-Port = 0
> > Called-Station-Id = "0E-18-D6-9B-FE-A9:labouche-secure"
> > Calling-Station-Id = "AC-BC-32-86-B0-73"
> > Framed-MTU = 1400
> > NAS-Port-Type = Wireless-802.11
> > Connect-Info = "CONNECT 0Mbps 802.11b"
> > EAP-Message =
> >
> >
> 0x028a00901980000000861603010046100000424104ed317958262830a28c7e9283edbaf1f7c7439d456d2c06cb00a5e5301e69df241e3fa5282eec3182f7e1c1e962b2f0ac489e5828674581cedf4c07ed5ac68995140301000101160301003076d6347b1cbf07357530ccbb54e9b4c471868ff69a5139386b13eb2eb9dcb07eea053e1cfb0b7fbb62bfcebf33a9a72d
> > State = 0x92ddcc5b9157d56dd5e2158f0b41dda7
> > Message-Authenticator = 0xccec4c85154a5cfbc7b753f7d4f6f5c4
> > # Executing section authorize from file
> > /etc/freeradius/sites-enabled/default
> > +- entering group authorize {...}
> > ++[preprocess] returns ok
> > ++[chap] returns noop
> > ++[mschap] returns noop
> > ++[digest] returns noop
> > [suffix] No '@' in User-Name = "dougberman", looking up realm NULL
> > [suffix] No such realm "NULL"
> > ++[suffix] returns noop
> > [eap] EAP packet type response id 138 length 144
> > [eap] Continuing tunnel setup.
> > ++[eap] returns ok
> > Found Auth-Type = EAP
> > # Executing group from file /etc/freeradius/sites-enabled/default
> > +- entering group authenticate {...}
> > [eap] Request found, released from the list
> > [eap] EAP/peap
> > [eap] processing type peap
> > [peap] processing EAP-TLS
> > TLS Length 134
> > [peap] Length Included
> > [peap] eaptls_verify returned 11
> > [peap] <<< TLS 1.0 Handshake [length 0046], ClientKeyExchange
> > [peap] TLS_accept: SSLv3 read client key exchange A
> > [peap] <<< TLS 1.0 ChangeCipherSpec [length 0001]
> > [peap] <<< TLS 1.0 Handshake [length 0010], Finished
> > [peap] TLS_accept: SSLv3 read finished A
> > [peap] >>> TLS 1.0 ChangeCipherSpec [length 0001]
> > [peap] TLS_accept: SSLv3 write change cipher spec A
> > [peap] >>> TLS 1.0 Handshake [length 0010], Finished
> > [peap] TLS_accept: SSLv3 write finished A
> > [peap] TLS_accept: SSLv3 flush data
> > [peap] (other): SSL negotiation finished successfully
> > SSL Connection Established
> > [peap] eaptls_process returned 13
> > [peap] EAPTLS_HANDLED
> > ++[eap] returns handled
> > Sending Access-Challenge of id 97 to 192.168.1.29 port 56313
> > EAP-Message =
> >
> >
> 0x018b00411900140301000101160301003051771428cfdf26c2c47df977b644bbc43c768bfd7c7edeea3e42b9c3befb5e8ad128a499452858b8052b39a413b6e959
> > Message-Authenticator = 0x00000000000000000000000000000000
> > State = 0x92ddcc5b9656d56dd5e2158f0b41dda7
> > Finished request 4.
> > Going to the next request
> > Waking up in 4.8 seconds.
> > rad_recv: Access-Request packet from host 192.168.1.29 port 56313, id=98,
> > length=191
> > User-Name = "dougberman"
> > NAS-IP-Address = 192.168.1.29
> > NAS-Identifier = "0418d69afea9"
> > NAS-Port = 0
> > Called-Station-Id = "0E-18-D6-9B-FE-A9:labouche-secure"
> > Calling-Station-Id = "AC-BC-32-86-B0-73"
> > Framed-MTU = 1400
> > NAS-Port-Type = Wireless-802.11
> > Connect-Info = "CONNECT 0Mbps 802.11b"
> > EAP-Message = 0x028b00061900
> > State = 0x92ddcc5b9656d56dd5e2158f0b41dda7
> > Message-Authenticator = 0x11d4a4db9060a2cdfc52cb51bd1d7a9c
> > # Executing section authorize from file
> > /etc/freeradius/sites-enabled/default
> > +- entering group authorize {...}
> > ++[preprocess] returns ok
> > ++[chap] returns noop
> > ++[mschap] returns noop
> > ++[digest] returns noop
> > [suffix] No '@' in User-Name = "dougberman", looking up realm NULL
> > [suffix] No such realm "NULL"
> > ++[suffix] returns noop
> > [eap] EAP packet type response id 139 length 6
> > [eap] Continuing tunnel setup.
> > ++[eap] returns ok
> > Found Auth-Type = EAP
> > # Executing group from file /etc/freeradius/sites-enabled/default
> > +- entering group authenticate {...}
> > [eap] Request found, released from the list
> > [eap] EAP/peap
> > [eap] processing type peap
> > [peap] processing EAP-TLS
> > [peap] Received TLS ACK
> > [peap] ACK handshake is finished
> > [peap] eaptls_verify returned 3
> > [peap] eaptls_process returned 3
> > [peap] EAPTLS_SUCCESS
> > [peap] Session established. Decoding tunneled attributes.
> > [peap] Peap state TUNNEL ESTABLISHED
> > ++[eap] returns handled
> > Sending Access-Challenge of id 98 to 192.168.1.29 port 56313
> > EAP-Message =
> >
> >
> 0x018c002b19001703010020a923eee39f2cc0b51d1cf16ffa14f000d5698841775ce1d5c2bc8a4f9fbc2885
> > Message-Authenticator = 0x00000000000000000000000000000000
> > State = 0x92ddcc5b9751d56dd5e2158f0b41dda7
> > Finished request 5.
> > Going to the next request
> > Waking up in 4.8 seconds.
> > rad_recv: Access-Request packet from host 192.168.1.29 port 56313, id=99,
> > length=228
> > User-Name = "dougberman"
> > NAS-IP-Address = 192.168.1.29
> > NAS-Identifier = "0418d69afea9"
> > NAS-Port = 0
> > Called-Station-Id = "0E-18-D6-9B-FE-A9:labouche-secure"
> > Calling-Station-Id = "AC-BC-32-86-B0-73"
> > Framed-MTU = 1400
> > NAS-Port-Type = Wireless-802.11
> > Connect-Info = "CONNECT 0Mbps 802.11b"
> > EAP-Message =
> >
> >
> 0x028c002b19001703010020cb258867342bee4a0d40637b5f7b1ecb8816b573d24a41522e0a1cfd83d6d36b
> > State = 0x92ddcc5b9751d56dd5e2158f0b41dda7
> > Message-Authenticator = 0xa819497f034aff31cd5bc5f7a2c4dba5
> > # Executing section authorize from file
> > /etc/freeradius/sites-enabled/default
> > +- entering group authorize {...}
> > ++[preprocess] returns ok
> > ++[chap] returns noop
> > ++[mschap] returns noop
> > ++[digest] returns noop
> > [suffix] No '@' in User-Name = "dougberman", looking up realm NULL
> > [suffix] No such realm "NULL"
> > ++[suffix] returns noop
> > [eap] EAP packet type response id 140 length 43
> > [eap] Continuing tunnel setup.
> > ++[eap] returns ok
> > Found Auth-Type = EAP
> > # Executing group from file /etc/freeradius/sites-enabled/default
> > +- entering group authenticate {...}
> > [eap] Request found, released from the list
> > [eap] EAP/peap
> > [eap] processing type peap
> > [peap] processing EAP-TLS
> > [peap] eaptls_verify returned 7
> > [peap] Done initial handshake
> > [peap] eaptls_process returned 7
> > [peap] EAPTLS_OK
> > [peap] Session established. Decoding tunneled attributes.
> > [peap] Peap state WAITING FOR INNER IDENTITY
> > [peap] Identity - dougberman
> > [peap] Got inner identity 'dougberman'
> > [peap] Setting default EAP type for tunneled EAP session.
> > [peap] Got tunneled request
> > EAP-Message = 0x028c000f01646f75676265726d616e
> > server {
> > [peap] Setting User-Name to dougberman
> > Sending tunneled request
> > EAP-Message = 0x028c000f01646f75676265726d616e
> > FreeRADIUS-Proxied-To = 127.0.0.1
> > User-Name = "dougberman"
> > server inner-tunnel {
> > # Executing section authorize from file
> > /etc/freeradius/sites-enabled/inner-tunnel
> > +- entering group authorize {...}
> > ++[chap] returns noop
> > ++[mschap] returns noop
> > [suffix] No '@' in User-Name = "dougberman", looking up realm NULL
> > [suffix] No such realm "NULL"
> > ++[suffix] returns noop
> > ++[control] returns noop
> > [eap] EAP packet type response id 140 length 15
> > [eap] No EAP Start, assuming it's an on-going EAP conversation
> > ++[eap] returns updated
> > [files] users: Matched entry dougberman at line 3
> > ++[files] returns ok
> > ++[expiration] returns noop
> > ++[logintime] returns noop
> > [pap] WARNING: Auth-Type already set. Not setting to PAP
> > ++[pap] returns noop
> > Found Auth-Type = EAP
> > # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
> > +- entering group authenticate {...}
> > [eap] EAP Identity
> > [eap] processing type mschapv2
> > rlm_eap_mschapv2: Issuing Challenge
> > ++[eap] returns handled
> > } # server inner-tunnel
> > [peap] Got tunneled reply code 11
> > EAP-Message =
> >
> 0x018d00241a018d001f10cf006efe556c46c968d25f3f74e42c4c646f75676265726d616e
> > Message-Authenticator = 0x00000000000000000000000000000000
> > State = 0x5d67d9ca5deac34260158bcb9468438e
> > [peap] Got tunneled reply RADIUS code 11
> > EAP-Message =
> >
> 0x018d00241a018d001f10cf006efe556c46c968d25f3f74e42c4c646f75676265726d616e
> > Message-Authenticator = 0x00000000000000000000000000000000
> > State = 0x5d67d9ca5deac34260158bcb9468438e
> > [peap] Got tunneled Access-Challenge
> > ++[eap] returns handled
> > Sending Access-Challenge of id 99 to 192.168.1.29 port 56313
> > EAP-Message =
> >
> >
> 0x018d004b190017030100403e35c354c1073da27a14fa74c477928588301022d6aa6729b79c2c51db2b89c586ccf0c9150c592bfb9baf3193a83b1ffcb36c7c5ba5cc229517777d3f55aaea
> > Message-Authenticator = 0x00000000000000000000000000000000
> > State = 0x92ddcc5b9450d56dd5e2158f0b41dda7
> > Finished request 6.
> > Going to the next request
> > Waking up in 4.8 seconds.
> > rad_recv: Access-Request packet from host 192.168.1.29 port 56313,
> id=100,
> > length=292
> > User-Name = "dougberman"
> > NAS-IP-Address = 192.168.1.29
> > NAS-Identifier = "0418d69afea9"
> > NAS-Port = 0
> > Called-Station-Id = "0E-18-D6-9B-FE-A9:labouche-secure"
> > Calling-Station-Id = "AC-BC-32-86-B0-73"
> > Framed-MTU = 1400
> > NAS-Port-Type = Wireless-802.11
> > Connect-Info = "CONNECT 0Mbps 802.11b"
> > EAP-Message =
> >
> >
> 0x028d006b19001703010060b70fa486d6bf4f875fa9d7a8eff48b27b87641cb505b84508bee2669019dbbd0922ac4bc2d51e1328401f694e79d98cdf6281c38477138810e2746ab8b4329ded060d04b7629f3cb6f6e9457e4b58aac2428f9bccd602dd3530269fd6b03f42a
> > State = 0x92ddcc5b9450d56dd5e2158f0b41dda7
> > Message-Authenticator = 0xdc449b545b1129a38bfcb7608bae4c17
> > # Executing section authorize from file
> > /etc/freeradius/sites-enabled/default
> > +- entering group authorize {...}
> > ++[preprocess] returns ok
> > ++[chap] returns noop
> > ++[mschap] returns noop
> > ++[digest] returns noop
> > [suffix] No '@' in User-Name = "dougberman", looking up realm NULL
> > [suffix] No such realm "NULL"
> > ++[suffix] returns noop
> > [eap] EAP packet type response id 141 length 107
> > [eap] Continuing tunnel setup.
> > ++[eap] returns ok
> > Found Auth-Type = EAP
> > # Executing group from file /etc/freeradius/sites-enabled/default
> > +- entering group authenticate {...}
> > [eap] Request found, released from the list
> > [eap] EAP/peap
> > [eap] processing type peap
> > [peap] processing EAP-TLS
> > [peap] eaptls_verify returned 7
> > [peap] Done initial handshake
> > [peap] eaptls_process returned 7
> > [peap] EAPTLS_OK
> > [peap] Session established. Decoding tunneled attributes.
> > [peap] Peap state phase2
> > [peap] EAP type mschapv2
> > [peap] Got tunneled request
> > EAP-Message =
> >
> >
> 0x028d00451a028d00403146434a04998e36ab37fc7799f66fb3bd000000000000000066b96f66e2fd852a854bdf7c7f3b83c5d01a4429eded44eb00646f75676265726d616e
> > server {
> > [peap] Setting User-Name to dougberman
> > Sending tunneled request
> > EAP-Message =
> >
> >
> 0x028d00451a028d00403146434a04998e36ab37fc7799f66fb3bd000000000000000066b96f66e2fd852a854bdf7c7f3b83c5d01a4429eded44eb00646f75676265726d616e
> > FreeRADIUS-Proxied-To = 127.0.0.1
> > User-Name = "dougberman"
> > State = 0x5d67d9ca5deac34260158bcb9468438e
> > server inner-tunnel {
> > # Executing section authorize from file
> > /etc/freeradius/sites-enabled/inner-tunnel
> > +- entering group authorize {...}
> > ++[chap] returns noop
> > ++[mschap] returns noop
> > [suffix] No '@' in User-Name = "dougberman", looking up realm NULL
> > [suffix] No such realm "NULL"
> > ++[suffix] returns noop
> > ++[control] returns noop
> > [eap] EAP packet type response id 141 length 69
> > [eap] No EAP Start, assuming it's an on-going EAP conversation
> > ++[eap] returns updated
> > [files] users: Matched entry dougberman at line 3
> > ++[files] returns ok
> > ++[expiration] returns noop
> > ++[logintime] returns noop
> > [pap] WARNING: Auth-Type already set. Not setting to PAP
> > ++[pap] returns noop
> > Found Auth-Type = EAP
> > # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
> > +- entering group authenticate {...}
> > [eap] Request found, released from the list
> > [eap] EAP/mschapv2
> > [eap] processing type mschapv2
> > [mschapv2] # Executing group from file
> > /etc/freeradius/sites-enabled/inner-tunnel
> > [mschapv2] +- entering group MS-CHAP {...}
> > [mschap] Creating challenge hash with username: dougberman
> > [mschap] Told to do MS-CHAPv2 for dougberman with NT-Password
> > [mschap] adding MS-CHAPv2 MPPE keys
> > ++[mschap] returns ok
> > MSCHAP Success
> > ++[eap] returns handled
> > } # server inner-tunnel
> > [peap] Got tunneled reply code 11
> > EAP-Message =
> >
> >
> 0x018e00331a038d002e533d45333641323545464241433739303646333430343941463330393332363636384445374332443933
> > Message-Authenticator = 0x00000000000000000000000000000000
> > State = 0x5d67d9ca5ce9c34260158bcb9468438e
> > [peap] Got tunneled reply RADIUS code 11
> > EAP-Message =
> >
> >
> 0x018e00331a038d002e533d45333641323545464241433739303646333430343941463330393332363636384445374332443933
> > Message-Authenticator = 0x00000000000000000000000000000000
> > State = 0x5d67d9ca5ce9c34260158bcb9468438e
> > [peap] Got tunneled Access-Challenge
> > ++[eap] returns handled
> > Sending Access-Challenge of id 100 to 192.168.1.29 port 56313
> > EAP-Message =
> >
> >
> 0x018e005b1900170301005030ee1789504ddef9c1333bbbc515a4784b2406050e883f87944bfd86e9914bc042b515b70f6cffecc16ae6e5fa393b8aeafc75a806b671e879445bf989d593d173e0fdb136426e1b31adc231b40ddb5d
> > Message-Authenticator = 0x00000000000000000000000000000000
> > State = 0x92ddcc5b9553d56dd5e2158f0b41dda7
> > Finished request 7.
> > Going to the next request
> > Waking up in 4.8 seconds.
> > rad_recv: Access-Request packet from host 192.168.1.29 port 56313,
> id=101,
> > length=228
> > User-Name = "dougberman"
> > NAS-IP-Address = 192.168.1.29
> > NAS-Identifier = "0418d69afea9"
> > NAS-Port = 0
> > Called-Station-Id = "0E-18-D6-9B-FE-A9:labouche-secure"
> > Calling-Station-Id = "AC-BC-32-86-B0-73"
> > Framed-MTU = 1400
> > NAS-Port-Type = Wireless-802.11
> > Connect-Info = "CONNECT 0Mbps 802.11b"
> > EAP-Message =
> >
> >
> 0x028e002b190017030100201be8fd3e17dc6f89b2d40e30b05f30f1f77d27a450388d2c1198ef568e1d8505
> > State = 0x92ddcc5b9553d56dd5e2158f0b41dda7
> > Message-Authenticator = 0x46a8247ff6dca44292a4bd7086ebef15
> > # Executing section authorize from file
> > /etc/freeradius/sites-enabled/default
> > +- entering group authorize {...}
> > ++[preprocess] returns ok
> > ++[chap] returns noop
> > ++[mschap] returns noop
> > ++[digest] returns noop
> > [suffix] No '@' in User-Name = "dougberman", looking up realm NULL
> > [suffix] No such realm "NULL"
> > ++[suffix] returns noop
> > [eap] EAP packet type response id 142 length 43
> > [eap] Continuing tunnel setup.
> > ++[eap] returns ok
> > Found Auth-Type = EAP
> > # Executing group from file /etc/freeradius/sites-enabled/default
> > +- entering group authenticate {...}
> > [eap] Request found, released from the list
> > [eap] EAP/peap
> > [eap] processing type peap
> > [peap] processing EAP-TLS
> > [peap] eaptls_verify returned 7
> > [peap] Done initial handshake
> > [peap] eaptls_process returned 7
> > [peap] EAPTLS_OK
> > [peap] Session established. Decoding tunneled attributes.
> > [peap] Peap state phase2
> > [peap] EAP type mschapv2
> > [peap] Got tunneled request
> > EAP-Message = 0x028e00061a03
> > server {
> > [peap] Setting User-Name to dougberman
> > Sending tunneled request
> > EAP-Message = 0x028e00061a03
> > FreeRADIUS-Proxied-To = 127.0.0.1
> > User-Name = "dougberman"
> > State = 0x5d67d9ca5ce9c34260158bcb9468438e
> > server inner-tunnel {
> > # Executing section authorize from file
> > /etc/freeradius/sites-enabled/inner-tunnel
> > +- entering group authorize {...}
> > ++[chap] returns noop
> > ++[mschap] returns noop
> > [suffix] No '@' in User-Name = "dougberman", looking up realm NULL
> > [suffix] No such realm "NULL"
> > ++[suffix] returns noop
> > ++[control] returns noop
> > [eap] EAP packet type response id 142 length 6
> > [eap] No EAP Start, assuming it's an on-going EAP conversation
> > ++[eap] returns updated
> > [files] users: Matched entry dougberman at line 3
> > ++[files] returns ok
> > ++[expiration] returns noop
> > ++[logintime] returns noop
> > [pap] WARNING: Auth-Type already set. Not setting to PAP
> > ++[pap] returns noop
> > Found Auth-Type = EAP
> > # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
> > +- entering group authenticate {...}
> > [eap] Request found, released from the list
> > [eap] EAP/mschapv2
> > [eap] processing type mschapv2
> > [eap] Freeing handler
> > ++[eap] returns ok
> > Login OK: [dougberman/<via Auth-Type = EAP>] (from client routergw port 0
> > via TLS tunnel)
> > WARNING: Empty post-auth section. Using default return values.
> > # Executing section post-auth from file
> > /etc/freeradius/sites-enabled/inner-tunnel
> > } # server inner-tunnel
> > [peap] Got tunneled reply code 2
> > MS-MPPE-Encryption-Policy = 0x00000001
> > MS-MPPE-Encryption-Types = 0x00000006
> > MS-MPPE-Send-Key = 0xab8f333e7b1793f215315676d210a3f5
> > MS-MPPE-Recv-Key = 0xacc1ef31ff24cb71cf9aaf469356983b
> > EAP-Message = 0x038e0004
> > Message-Authenticator = 0x00000000000000000000000000000000
> > User-Name = "dougberman"
> > [peap] Got tunneled reply RADIUS code 2
> > MS-MPPE-Encryption-Policy = 0x00000001
> > MS-MPPE-Encryption-Types = 0x00000006
> > MS-MPPE-Send-Key = 0xab8f333e7b1793f215315676d210a3f5
> > MS-MPPE-Recv-Key = 0xacc1ef31ff24cb71cf9aaf469356983b
> > EAP-Message = 0x038e0004
> > Message-Authenticator = 0x00000000000000000000000000000000
> > User-Name = "dougberman"
> > [peap] Tunneled authentication was successful.
> > [peap] SUCCESS
> > ++[eap] returns handled
> > Sending Access-Challenge of id 101 to 192.168.1.29 port 56313
> > EAP-Message =
> >
> >
> 0x018f002b19001703010020ab867b4420a3e8381d1fb52ab0437b2b5e0d6ecafe8b94ff523ab58c67518e61
> > Message-Authenticator = 0x00000000000000000000000000000000
> > State = 0x92ddcc5b9a52d56dd5e2158f0b41dda7
> > Finished request 8.
> > Going to the next request
> > Waking up in 4.7 seconds.
> > rad_recv: Access-Request packet from host 192.168.1.29 port 56313,
> id=102,
> > length=228
> > User-Name = "dougberman"
> > NAS-IP-Address = 192.168.1.29
> > NAS-Identifier = "0418d69afea9"
> > NAS-Port = 0
> > Called-Station-Id = "0E-18-D6-9B-FE-A9:labouche-secure"
> > Calling-Station-Id = "AC-BC-32-86-B0-73"
> > Framed-MTU = 1400
> > NAS-Port-Type = Wireless-802.11
> > Connect-Info = "CONNECT 0Mbps 802.11b"
> > EAP-Message =
> >
> >
> 0x028f002b1900170301002098ec17e74b4b916aacfd9f48e67e31dbc65f7338ad6075a4925b3a6f08651023
> > State = 0x92ddcc5b9a52d56dd5e2158f0b41dda7
> > Message-Authenticator = 0xd8837e97e73a64990b77c80afc0e216b
> > # Executing section authorize from file
> > /etc/freeradius/sites-enabled/default
> > +- entering group authorize {...}
> > ++[preprocess] returns ok
> > ++[chap] returns noop
> > ++[mschap] returns noop
> > ++[digest] returns noop
> > [suffix] No '@' in User-Name = "dougberman", looking up realm NULL
> > [suffix] No such realm "NULL"
> > ++[suffix] returns noop
> > [eap] EAP packet type response id 143 length 43
> > [eap] Continuing tunnel setup.
> > ++[eap] returns ok
> > Found Auth-Type = EAP
> > # Executing group from file /etc/freeradius/sites-enabled/default
> > +- entering group authenticate {...}
> > [eap] Request found, released from the list
> > [eap] EAP/peap
> > [eap] processing type peap
> > [peap] processing EAP-TLS
> > [peap] eaptls_verify returned 7
> > [peap] Done initial handshake
> > [peap] eaptls_process returned 7
> > [peap] EAPTLS_OK
> > [peap] Session established. Decoding tunneled attributes.
> > [peap] Peap state send tlv success
> > [peap] Received EAP-TLV response.
> > [peap] Success
> > [eap] Freeing handler
> > ++[eap] returns ok
> > Login OK: [dougberman/<via Auth-Type = EAP>] (from client routergw port 0
> > cli AC-BC-32-86-B0-73)
> > # Executing section post-auth from file
> > /etc/freeradius/sites-enabled/default
> > +- entering group post-auth {...}
> > ++[exec] returns noop
> > Sending Access-Accept of id 102 to 192.168.1.29 port 56313
> > MS-MPPE-Recv-Key =
> > 0xda5ed9ef3092b9a8fb76b36b44aa72c53d6b80932c372a17f6019f83ceb9119e
> > MS-MPPE-Send-Key =
> > 0x67917a24c63ab8ed67f9308f77f21b44fff8686a1ccb03f22baf8b29acb9b2cc
> > EAP-Message = 0x038f0004
> > Message-Authenticator = 0x00000000000000000000000000000000
> > User-Name = "dougberman"
> > Finished request 9.
> > Going to the next request
> > Waking up in 4.7 seconds.
> > Cleaning up request 0 ID 93 with timestamp +9
> > Cleaning up request 1 ID 94 with timestamp +9
> > Cleaning up request 2 ID 95 with timestamp +9
> > Cleaning up request 3 ID 96 with timestamp +9
> > Waking up in 0.1 seconds.
> > Cleaning up request 4 ID 97 with timestamp +9
> > Cleaning up request 5 ID 98 with timestamp +9
> > Cleaning up request 6 ID 99 with timestamp +9
> > Cleaning up request 7 ID 100 with timestamp +9
> > Cleaning up request 8 ID 101 with timestamp +9
> > Cleaning up request 9 ID 102 with timestamp +9
> > Ready to process requests.
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list