bad radtest results with eap/peap mschap
Michel Villeneuve
Michel.Villeneuve at univ-brest.fr
Fri Apr 28 23:06:12 CEST 2017
Hi,
I use freeradius-3.0.12 on centos 7.3 with an openldap 2.4 and a samba
attribute EAP / PEAP authentication MSCHAPV2.
I want to authentificate and authorize users according to their
attribute on the LDAP.
I created an attribute LDAP-Desc mapped with the field
eduPersonPrimaryAffilation on my LDAP.
I want to put user on specific VLAN if they are students, employee .... or
outer people.
For that I use in the inner-tunnel the capabilities to return AVP like
Tunnel-Private-Group-Id with the good value .
It's work very well, for internal and also for external people. I tested
also the realm
value in the default server and I put also the good Tunnel-Private-Group-Id
depending
the value of realm. It's work with device like smartphone, pc ... and
also with the command.
eapol_test -c afile -p1812 -smysecret -r1
Everything seems good but not when I use radtest command
I can't authentificate internal or external people with the test command
radtest
[root at freeradius-3-a test]# radtest 'teststudent' 'a1z2e3r4*' localhost
1812 mysecret
Sent Access-Request Id 154 from 0.0.0.0:54585 to 127.0.0.1:1812 length 81
User-Name = "teststudent"
User-Password = "a1z2e3r4*"
NAS-IP-Address = 195.83.247.135
NAS-Port = 1812
Message-Authenticator = 0x00
Cleartext-Password = "a1z2e3r4*"
Received Access-Reject Id 154 from 127.0.0.1:1812 to 0.0.0.0:0 length 20
(0) -: Expected Access-Accept got Access-Reject
nor
radtest -t mschap 'teststudent' 'a1z2e3r4*' 127.0.0.1:18120 1 mysecret
I got
ot at freeradius-3-a test]# radtest -t mschap 'teststudent' 'secret'
127.0.0.1:18120 1 mysecret
Sent Access-Request Id 129 from 0.0.0.0:34088 to 127.0.0.1:18120 length 137
User-Name = "teststudent"
MS-CHAP-Password = "a1z2e3r4*"
NAS-IP-Address = 195.83.247.135
NAS-Port = 1
Message-Authenticator = 0x00
Cleartext-Password = "secret"
MS-CHAP-Challenge = 0x3a7dd0c59a922170
MS-CHAP-Response =
0x0001000000000000000000000000000000000000000000000000ae872e407e206d5579b1515fbf4e92f594e5c5e66739c6e7
Received Access-Reject Id 129 from 127.0.0.1:18120 to 0.0.0.0:0 length 20
(0) -: Expected Access-Accept got Access-Reject
Perhaps the problem comes from /etc/raddb/mods-enabled/mschap files
and I tried differents values with no good results.
mschap {
with_ntdomain_hack = no
#authtype = MS-CHAP
allow_retry = yes
use_mppe=yes
require_encryption = yes
require_strong = yes
.....
I am not sure about the good values needing for this section.
I would like to have an advice before using this configuration in
production environment.
here a debug with a Successful results
Thanks in advance for you help
PS:
sorry for my english I hope it's comprehensible.
--
Michel Villeneuve
Tel 02 98 01 71 61
-------------- next part --------------
Fri Apr 28 17:24:34 2017 : Debug: Server was built with:
Fri Apr 28 17:24:34 2017 : Debug: accounting : yes
Fri Apr 28 17:24:34 2017 : Debug: authentication : yes
Fri Apr 28 17:24:34 2017 : Debug: ascend-binary-attributes : yes
Fri Apr 28 17:24:34 2017 : Debug: coa : yes
Fri Apr 28 17:24:34 2017 : Debug: control-socket : yes
Fri Apr 28 17:24:34 2017 : Debug: detail : yes
Fri Apr 28 17:24:34 2017 : Debug: dhcp : yes
Fri Apr 28 17:24:34 2017 : Debug: dynamic-clients : yes
Fri Apr 28 17:24:34 2017 : Debug: osfc2 : no
Fri Apr 28 17:24:34 2017 : Debug: proxy : yes
Fri Apr 28 17:24:34 2017 : Debug: regex-pcre : yes
Fri Apr 28 17:24:34 2017 : Debug: regex-posix : no
Fri Apr 28 17:24:34 2017 : Debug: regex-posix-extended : no
Fri Apr 28 17:24:34 2017 : Debug: session-management : yes
Fri Apr 28 17:24:34 2017 : Debug: stats : yes
Fri Apr 28 17:24:34 2017 : Debug: tcp : yes
Fri Apr 28 17:24:34 2017 : Debug: threads : yes
Fri Apr 28 17:24:34 2017 : Debug: tls : yes
Fri Apr 28 17:24:34 2017 : Debug: unlang : yes
Fri Apr 28 17:24:34 2017 : Debug: vmps : yes
Fri Apr 28 17:24:34 2017 : Debug: developer : no
Fri Apr 28 17:24:34 2017 : Debug: Server core libs:
Fri Apr 28 17:24:34 2017 : Debug: freeradius-server : 3.0.12
Fri Apr 28 17:24:34 2017 : Debug: talloc : 2.0.*
Fri Apr 28 17:24:34 2017 : Debug: ssl : 1.0.1e release
Fri Apr 28 17:24:34 2017 : Debug: pcre : 8.32 2012-11-30
Fri Apr 28 17:24:34 2017 : Debug: Endianness:
Fri Apr 28 17:24:34 2017 : Debug: little
Fri Apr 28 17:24:34 2017 : Debug: Compilation flags:
Fri Apr 28 17:24:34 2017 : Debug: cppflags :
Fri Apr 28 17:24:34 2017 : Debug: cflags : -I. -Isrc -include src/freeradius-devel/autoconf.h -include src/freeradius-devel/build.h -include src/freeradius-devel/features.h -include src/freeradius-devel/radpaths.h -fno-strict-aliasing -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic -Wall -std=c99 -D_GNU_SOURCE -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -DOPENSSL_NO_KRB5 -DNDEBUG -DIS_MODULE=1
Fri Apr 28 17:24:34 2017 : Debug: ldflags : -Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld
Fri Apr 28 17:24:34 2017 : Debug: libs : -lcrypto -lssl -ltalloc -lpcre -lnsl -lresolv -ldl -lpthread -lreadline
Fri Apr 28 17:24:34 2017 : Debug:
Fri Apr 28 17:24:34 2017 : Info: FreeRADIUS Version 3.0.12
Fri Apr 28 17:24:34 2017 : Info: Copyright (C) 1999-2016 The FreeRADIUS server project and contributors
Fri Apr 28 17:24:34 2017 : Info: There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
Fri Apr 28 17:24:34 2017 : Info: PARTICULAR PURPOSE
Fri Apr 28 17:24:34 2017 : Info: You may redistribute copies of FreeRADIUS under the terms of the
Fri Apr 28 17:24:34 2017 : Info: GNU General Public License
Fri Apr 28 17:24:34 2017 : Info: For more information about these matters, see the file named COPYRIGHT
Fri Apr 28 17:24:34 2017 : Info: Starting - reading configuration files ...
Fri Apr 28 17:24:34 2017 : Debug: including dictionary file /usr/share/freeradius/dictionary
Fri Apr 28 17:24:34 2017 : Debug: including dictionary file /usr/share/freeradius/dictionary.dhcp
Fri Apr 28 17:24:34 2017 : Debug: including dictionary file /usr/share/freeradius/dictionary.vqp
Fri Apr 28 17:24:34 2017 : Debug: including dictionary file /etc/raddb/dictionary
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/radiusd.conf
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/proxy.conf
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/clients.conf
Fri Apr 28 17:24:34 2017 : Debug: including files in directory /etc/raddb/mods-enabled/
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/chap
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/cache
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/dhcp
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/sradutmp
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/linelog
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/logintime
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/digest
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/detail
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/ntlm_auth
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/unix
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/radutmp
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/ldap
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/soh
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/files
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/replicate
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/expiration
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/attr_filter
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/expr
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/exec
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/cache_eap
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/always
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/date
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/pap
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/realm
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/detail.log
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/unpack
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/eap
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/mschap
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/echo
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/dynamic_clients
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/preprocess
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/passwd
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/utf8
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/mods-enabled/ippool
Fri Apr 28 17:24:34 2017 : Debug: including files in directory /etc/raddb/policy.d/
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/policy.d/cui
Fri Apr 28 17:24:34 2017 : Debug: OPTIMIZING (${policy.cui_require_operator_name} == yes) --> FALSE
Fri Apr 28 17:24:34 2017 : Debug: OPTIMIZING (no == yes) --> FALSE
Fri Apr 28 17:24:34 2017 : Debug: OPTIMIZING (${policy.cui_require_operator_name} == yes) --> FALSE
Fri Apr 28 17:24:34 2017 : Debug: OPTIMIZING (no == yes) --> FALSE
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/policy.d/accounting
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/policy.d/dhcp
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/policy.d/debug
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/policy.d/canonicalization
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/policy.d/operator-name
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/policy.d/control
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/policy.d/eap
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/policy.d/filter
Fri Apr 28 17:24:34 2017 : Debug: including files in directory /etc/raddb/sites-enabled/
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/sites-enabled/default
Fri Apr 28 17:24:34 2017 : Debug: including configuration file /etc/raddb/sites-enabled/inner-tunnel
Fri Apr 28 17:24:34 2017 : Debug: main {
Fri Apr 28 17:24:34 2017 : Debug: security {
Fri Apr 28 17:24:34 2017 : Debug: user = "radiusd"
Fri Apr 28 17:24:34 2017 : Debug: group = "radiusd"
Fri Apr 28 17:24:34 2017 : Debug: allow_core_dumps = no
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/radiusd.conf[464]: The item 'max_attributes' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/radiusd.conf[482]: The item 'reject_delay' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/radiusd.conf[502]: The item 'status_server' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: name = "radiusd"
Fri Apr 28 17:24:34 2017 : Debug: prefix = "/usr"
Fri Apr 28 17:24:34 2017 : Debug: localstatedir = "/var"
Fri Apr 28 17:24:34 2017 : Debug: logdir = "/var/log/radius"
Fri Apr 28 17:24:34 2017 : Debug: run_dir = "/var/run/radiusd"
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/radiusd.conf[54]: The item 'exec_prefix' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/radiusd.conf[67]: The item 'confdir' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/radiusd.conf[107]: The item 'libdir' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/radiusd.conf[118]: The item 'pidfile' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/radiusd.conf[139]: The item 'correct_escapes' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/radiusd.conf[193]: The item 'max_request_time' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/radiusd.conf[212]: The item 'cleanup_delay' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/radiusd.conf[249]: The item 'hostname_lookups' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/radiusd.conf[374]: The item 'checkrad' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/radiusd.conf[523]: The item 'proxy_requests' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: main {
Fri Apr 28 17:24:34 2017 : Debug: name = "radiusd"
Fri Apr 28 17:24:34 2017 : Debug: prefix = "/usr"
Fri Apr 28 17:24:34 2017 : Debug: localstatedir = "/var"
Fri Apr 28 17:24:34 2017 : Debug: sbindir = "/usr/sbin"
Fri Apr 28 17:24:34 2017 : Debug: logdir = "/var/log/radius"
Fri Apr 28 17:24:34 2017 : Debug: run_dir = "/var/run/radiusd"
Fri Apr 28 17:24:34 2017 : Debug: libdir = "/usr/lib64/freeradius"
Fri Apr 28 17:24:34 2017 : Debug: radacctdir = "/var/log/radius/radacct"
Fri Apr 28 17:24:34 2017 : Debug: hostname_lookups = no
Fri Apr 28 17:24:34 2017 : Debug: max_request_time = 30
Fri Apr 28 17:24:34 2017 : Debug: cleanup_delay = 5
Fri Apr 28 17:24:34 2017 : Debug: max_requests = 16384
Fri Apr 28 17:24:34 2017 : Debug: pidfile = "/var/run/radiusd/radiusd.pid"
Fri Apr 28 17:24:34 2017 : Debug: checkrad = "/usr/sbin/checkrad"
Fri Apr 28 17:24:34 2017 : Debug: debug_level = 0
Fri Apr 28 17:24:34 2017 : Debug: proxy_requests = yes
Fri Apr 28 17:24:34 2017 : Debug: log {
Fri Apr 28 17:24:34 2017 : Debug: stripped_names = no
Fri Apr 28 17:24:34 2017 : Debug: auth = yes
Fri Apr 28 17:24:34 2017 : Debug: auth_badpass = yes
Fri Apr 28 17:24:34 2017 : Debug: auth_goodpass = yes
Fri Apr 28 17:24:34 2017 : Debug: colourise = yes
Fri Apr 28 17:24:34 2017 : Debug: msg_denied = "You are already logged in - access denied"
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/radiusd.conf[267]: The item 'destination' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/radiusd.conf[284]: The item 'file' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/radiusd.conf[330]: The item 'syslog_facility' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: resources {
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: security {
Fri Apr 28 17:24:34 2017 : Debug: max_attributes = 200
Fri Apr 28 17:24:34 2017 : Debug: reject_delay = 1.000000
Fri Apr 28 17:24:34 2017 : Debug: status_server = yes
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/radiusd.conf[54]: The item 'exec_prefix' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/radiusd.conf[67]: The item 'confdir' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/radiusd.conf[139]: The item 'correct_escapes' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: radiusd: #### Loading Realms and Home Servers ####
Fri Apr 28 17:24:34 2017 : Debug: proxy server {
Fri Apr 28 17:24:34 2017 : Debug: retry_delay = 5
Fri Apr 28 17:24:34 2017 : Debug: retry_count = 3
Fri Apr 28 17:24:34 2017 : Debug: default_fallback = yes
Fri Apr 28 17:24:34 2017 : Debug: dead_time = 120
Fri Apr 28 17:24:34 2017 : Debug: wake_all_if_all_dead = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: home_server localhost {
Fri Apr 28 17:24:34 2017 : Debug: ipaddr = 127.0.0.1
Fri Apr 28 17:24:34 2017 : Debug: port = 1812
Fri Apr 28 17:24:34 2017 : Debug: type = "auth+acct"
Fri Apr 28 17:24:34 2017 : Debug: secret = "mysecret"
Fri Apr 28 17:24:34 2017 : Debug: response_window = 20.000000
Fri Apr 28 17:24:34 2017 : Debug: response_timeouts = 1
Fri Apr 28 17:24:34 2017 : Debug: max_outstanding = 65536
Fri Apr 28 17:24:34 2017 : Debug: zombie_period = 40
Fri Apr 28 17:24:34 2017 : Debug: status_check = "status-server"
Fri Apr 28 17:24:34 2017 : Debug: ping_interval = 30
Fri Apr 28 17:24:34 2017 : Debug: check_interval = 30
Fri Apr 28 17:24:34 2017 : Debug: check_timeout = 4
Fri Apr 28 17:24:34 2017 : Debug: num_answers_to_alive = 3
Fri Apr 28 17:24:34 2017 : Debug: revive_interval = 120
Fri Apr 28 17:24:34 2017 : Debug: limit {
Fri Apr 28 17:24:34 2017 : Debug: max_connections = 16
Fri Apr 28 17:24:34 2017 : Debug: max_requests = 0
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 0
Fri Apr 28 17:24:34 2017 : Debug: idle_timeout = 0
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: coa {
Fri Apr 28 17:24:34 2017 : Debug: irt = 2
Fri Apr 28 17:24:34 2017 : Debug: mrt = 16
Fri Apr 28 17:24:34 2017 : Debug: mrc = 5
Fri Apr 28 17:24:34 2017 : Debug: mrd = 30
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: home_server rad1.eduroam.fr {
Fri Apr 28 17:24:34 2017 : Debug: ipaddr = 193.49.160.187
Fri Apr 28 17:24:34 2017 : Debug: port = 1812
Fri Apr 28 17:24:34 2017 : Debug: type = "auth"
Fri Apr 28 17:24:34 2017 : Debug: secret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
Fri Apr 28 17:24:34 2017 : Debug: response_window = 30.000000
Fri Apr 28 17:24:34 2017 : Debug: response_timeouts = 1
Fri Apr 28 17:24:34 2017 : Debug: max_outstanding = 65536
Fri Apr 28 17:24:34 2017 : Debug: zombie_period = 40
Fri Apr 28 17:24:34 2017 : Debug: status_check = "none"
Fri Apr 28 17:24:34 2017 : Debug: ping_interval = 30
Fri Apr 28 17:24:34 2017 : Debug: check_timeout = 4
Fri Apr 28 17:24:34 2017 : Debug: num_answers_to_alive = 3
Fri Apr 28 17:24:34 2017 : Debug: revive_interval = 300
Fri Apr 28 17:24:34 2017 : Debug: limit {
Fri Apr 28 17:24:34 2017 : Debug: max_connections = 16
Fri Apr 28 17:24:34 2017 : Debug: max_requests = 0
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 0
Fri Apr 28 17:24:34 2017 : Debug: idle_timeout = 0
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: coa {
Fri Apr 28 17:24:34 2017 : Debug: irt = 2
Fri Apr 28 17:24:34 2017 : Debug: mrt = 16
Fri Apr 28 17:24:34 2017 : Debug: mrc = 5
Fri Apr 28 17:24:34 2017 : Debug: mrd = 30
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/proxy.conf[767]: The item 'authhost' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/proxy.conf[768]: The item 'accthost' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/proxy.conf[770]: The item 'nostrip' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: home_server rad2.eduroam.fr {
Fri Apr 28 17:24:34 2017 : Debug: ipaddr = 193.49.159.82
Fri Apr 28 17:24:34 2017 : Debug: port = 1812
Fri Apr 28 17:24:34 2017 : Debug: type = "auth"
Fri Apr 28 17:24:34 2017 : Debug: secret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
Fri Apr 28 17:24:34 2017 : Debug: response_window = 30.000000
Fri Apr 28 17:24:34 2017 : Debug: response_timeouts = 1
Fri Apr 28 17:24:34 2017 : Debug: max_outstanding = 65536
Fri Apr 28 17:24:34 2017 : Debug: zombie_period = 40
Fri Apr 28 17:24:34 2017 : Debug: status_check = "none"
Fri Apr 28 17:24:34 2017 : Debug: ping_interval = 30
Fri Apr 28 17:24:34 2017 : Debug: check_timeout = 4
Fri Apr 28 17:24:34 2017 : Debug: num_answers_to_alive = 3
Fri Apr 28 17:24:34 2017 : Debug: revive_interval = 300
Fri Apr 28 17:24:34 2017 : Debug: limit {
Fri Apr 28 17:24:34 2017 : Debug: max_connections = 16
Fri Apr 28 17:24:34 2017 : Debug: max_requests = 0
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 0
Fri Apr 28 17:24:34 2017 : Debug: idle_timeout = 0
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: coa {
Fri Apr 28 17:24:34 2017 : Debug: irt = 2
Fri Apr 28 17:24:34 2017 : Debug: mrt = 16
Fri Apr 28 17:24:34 2017 : Debug: mrc = 5
Fri Apr 28 17:24:34 2017 : Debug: mrd = 30
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/proxy.conf[777]: The item 'authhost' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/proxy.conf[778]: The item 'accthost' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/proxy.conf[780]: The item 'nostrip' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: realm NULL {
Fri Apr 28 17:24:34 2017 : Debug: authhost = LOCAL
Fri Apr 28 17:24:34 2017 : Debug: accthost = LOCAL
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: realm univ-brest.fr {
Fri Apr 28 17:24:34 2017 : Debug: authhost = LOCAL
Fri Apr 28 17:24:34 2017 : Debug: accthost = LOCAL
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: realm LOCAL {
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: home_server_pool pool-eduroam-fr {
Fri Apr 28 17:24:34 2017 : Debug: type = fail-over
Fri Apr 28 17:24:34 2017 : Debug: home_server = rad1.eduroam.fr
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: realm DEFAULT {
Fri Apr 28 17:24:34 2017 : Debug: auth_pool = pool-eduroam-fr
Fri Apr 28 17:24:34 2017 : Debug: nostrip
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: home_server_pool my_auth_failover {
Fri Apr 28 17:24:34 2017 : Debug: type = fail-over
Fri Apr 28 17:24:34 2017 : Debug: home_server = localhost
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: radiusd: #### Loading Clients ####
Fri Apr 28 17:24:34 2017 : Debug: client localhost {
Fri Apr 28 17:24:34 2017 : Debug: ipaddr = 127.0.0.1
Fri Apr 28 17:24:34 2017 : Debug: require_message_authenticator = no
Fri Apr 28 17:24:34 2017 : Debug: secret = "mysecret"
Fri Apr 28 17:24:34 2017 : Debug: nas_type = "other"
Fri Apr 28 17:24:34 2017 : Debug: proto = "*"
Fri Apr 28 17:24:34 2017 : Debug: limit {
Fri Apr 28 17:24:34 2017 : Debug: max_connections = 16
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 0
Fri Apr 28 17:24:34 2017 : Debug: idle_timeout = 30
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Adding client 127.0.0.1/32 (127.0.0.1) to prefix tree 32
Fri Apr 28 17:24:34 2017 : Debug: client localhost_ipv6 {
Fri Apr 28 17:24:34 2017 : Debug: ipv6addr = ::1
Fri Apr 28 17:24:34 2017 : Debug: require_message_authenticator = no
Fri Apr 28 17:24:34 2017 : Debug: secret = "testing123"
Fri Apr 28 17:24:34 2017 : Debug: limit {
Fri Apr 28 17:24:34 2017 : Debug: max_connections = 16
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 0
Fri Apr 28 17:24:34 2017 : Debug: idle_timeout = 30
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Adding client ::1/128 (::1) to prefix tree 128
Fri Apr 28 17:24:34 2017 : Debug: client private-network-1 {
Fri Apr 28 17:24:34 2017 : Debug: ipaddr = 172.30.10.0/24
Fri Apr 28 17:24:34 2017 : Debug: require_message_authenticator = no
Fri Apr 28 17:24:34 2017 : Debug: secret = "mysecret"
Fri Apr 28 17:24:34 2017 : Debug: limit {
Fri Apr 28 17:24:34 2017 : Debug: max_connections = 16
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 0
Fri Apr 28 17:24:34 2017 : Debug: idle_timeout = 30
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Adding client 172.30.10.0/24 (172.30.10.0) to prefix tree 24
Fri Apr 28 17:24:34 2017 : Debug: client 172.19.11.253 {
Fri Apr 28 17:24:34 2017 : Debug: require_message_authenticator = no
Fri Apr 28 17:24:34 2017 : Debug: secret = "mysecret"
Fri Apr 28 17:24:34 2017 : Debug: limit {
Fri Apr 28 17:24:34 2017 : Debug: max_connections = 16
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 0
Fri Apr 28 17:24:34 2017 : Debug: idle_timeout = 30
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Warning: No 'ipaddr' or 'ipv4addr' or 'ipv6addr' field found in client 172.19.11.253. Please fix your configuration
Fri Apr 28 17:24:34 2017 : Warning: Support for old-style clients will be removed in a future release
Fri Apr 28 17:24:34 2017 : Debug: Adding client 172.19.11.253/32 (172.19.11.253) to prefix tree 32
Fri Apr 28 17:24:34 2017 : Debug: client 172.19.19.253 {
Fri Apr 28 17:24:34 2017 : Debug: require_message_authenticator = no
Fri Apr 28 17:24:34 2017 : Debug: secret = "mysecret"
Fri Apr 28 17:24:34 2017 : Debug: limit {
Fri Apr 28 17:24:34 2017 : Debug: max_connections = 16
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 0
Fri Apr 28 17:24:34 2017 : Debug: idle_timeout = 30
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Warning: No 'ipaddr' or 'ipv4addr' or 'ipv6addr' field found in client 172.19.19.253. Please fix your configuration
Fri Apr 28 17:24:34 2017 : Warning: Support for old-style clients will be removed in a future release
Fri Apr 28 17:24:34 2017 : Debug: Adding client 172.19.19.253/32 (172.19.19.253) to prefix tree 32
Fri Apr 28 17:24:34 2017 : Debug: client 172.30.1.2 {
Fri Apr 28 17:24:34 2017 : Debug: require_message_authenticator = no
Fri Apr 28 17:24:34 2017 : Debug: secret = "mysecret"
Fri Apr 28 17:24:34 2017 : Debug: shortname = "wlc1"
Fri Apr 28 17:24:34 2017 : Debug: limit {
Fri Apr 28 17:24:34 2017 : Debug: max_connections = 16
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 0
Fri Apr 28 17:24:34 2017 : Debug: idle_timeout = 30
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Warning: No 'ipaddr' or 'ipv4addr' or 'ipv6addr' field found in client 172.30.1.2. Please fix your configuration
Fri Apr 28 17:24:34 2017 : Warning: Support for old-style clients will be removed in a future release
Fri Apr 28 17:24:34 2017 : Debug: Adding client 172.30.1.2/32 (172.30.1.2) to prefix tree 32
Fri Apr 28 17:24:34 2017 : Debug: client 172.30.1.4 {
Fri Apr 28 17:24:34 2017 : Debug: require_message_authenticator = no
Fri Apr 28 17:24:34 2017 : Debug: secret = "mysecret"
Fri Apr 28 17:24:34 2017 : Debug: shortname = "wlc2"
Fri Apr 28 17:24:34 2017 : Debug: limit {
Fri Apr 28 17:24:34 2017 : Debug: max_connections = 16
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 0
Fri Apr 28 17:24:34 2017 : Debug: idle_timeout = 30
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Warning: No 'ipaddr' or 'ipv4addr' or 'ipv6addr' field found in client 172.30.1.4. Please fix your configuration
Fri Apr 28 17:24:34 2017 : Warning: Support for old-style clients will be removed in a future release
Fri Apr 28 17:24:34 2017 : Debug: Adding client 172.30.1.4/32 (172.30.1.4) to prefix tree 32
Fri Apr 28 17:24:34 2017 : Debug: client 172.30.1.10 {
Fri Apr 28 17:24:34 2017 : Debug: require_message_authenticator = no
Fri Apr 28 17:24:34 2017 : Debug: secret = "mysecret"
Fri Apr 28 17:24:34 2017 : Debug: shortname = "wism2"
Fri Apr 28 17:24:34 2017 : Debug: limit {
Fri Apr 28 17:24:34 2017 : Debug: max_connections = 16
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 0
Fri Apr 28 17:24:34 2017 : Debug: idle_timeout = 30
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Warning: No 'ipaddr' or 'ipv4addr' or 'ipv6addr' field found in client 172.30.1.10. Please fix your configuration
Fri Apr 28 17:24:34 2017 : Warning: Support for old-style clients will be removed in a future release
Fri Apr 28 17:24:34 2017 : Debug: Adding client 172.30.1.10/32 (172.30.1.10) to prefix tree 32
Fri Apr 28 17:24:34 2017 : Debug: client 172.30.1.11 {
Fri Apr 28 17:24:34 2017 : Debug: require_message_authenticator = no
Fri Apr 28 17:24:34 2017 : Debug: secret = "mysecret"
Fri Apr 28 17:24:34 2017 : Debug: shortname = "wism2"
Fri Apr 28 17:24:34 2017 : Debug: limit {
Fri Apr 28 17:24:34 2017 : Debug: max_connections = 16
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 0
Fri Apr 28 17:24:34 2017 : Debug: idle_timeout = 30
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Warning: No 'ipaddr' or 'ipv4addr' or 'ipv6addr' field found in client 172.30.1.11. Please fix your configuration
Fri Apr 28 17:24:34 2017 : Warning: Support for old-style clients will be removed in a future release
Fri Apr 28 17:24:34 2017 : Debug: Adding client 172.30.1.11/32 (172.30.1.11) to prefix tree 32
Fri Apr 28 17:24:34 2017 : Debug: client 172.30.1.12 {
Fri Apr 28 17:24:34 2017 : Debug: require_message_authenticator = no
Fri Apr 28 17:24:34 2017 : Debug: secret = "mysecret"
Fri Apr 28 17:24:34 2017 : Debug: shortname = "wism2"
Fri Apr 28 17:24:34 2017 : Debug: limit {
Fri Apr 28 17:24:34 2017 : Debug: max_connections = 16
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 0
Fri Apr 28 17:24:34 2017 : Debug: idle_timeout = 30
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Warning: No 'ipaddr' or 'ipv4addr' or 'ipv6addr' field found in client 172.30.1.12. Please fix your configuration
Fri Apr 28 17:24:34 2017 : Warning: Support for old-style clients will be removed in a future release
Fri Apr 28 17:24:34 2017 : Debug: Adding client 172.30.1.12/32 (172.30.1.12) to prefix tree 32
Fri Apr 28 17:24:34 2017 : Debug: client 193.49.160.187 {
Fri Apr 28 17:24:34 2017 : Debug: ipaddr = 193.49.160.187
Fri Apr 28 17:24:34 2017 : Debug: require_message_authenticator = no
Fri Apr 28 17:24:34 2017 : Debug: secret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
Fri Apr 28 17:24:34 2017 : Debug: shortname = "rad1.eduroam.fr"
Fri Apr 28 17:24:34 2017 : Debug: limit {
Fri Apr 28 17:24:34 2017 : Debug: max_connections = 16
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 0
Fri Apr 28 17:24:34 2017 : Debug: idle_timeout = 30
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Adding client 193.49.160.187/32 (193.49.160.187) to prefix tree 32
Fri Apr 28 17:24:34 2017 : Debug: client 193.49.159.82 {
Fri Apr 28 17:24:34 2017 : Debug: ipaddr = 193.49.159.82
Fri Apr 28 17:24:34 2017 : Debug: require_message_authenticator = no
Fri Apr 28 17:24:34 2017 : Debug: secret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
Fri Apr 28 17:24:34 2017 : Debug: shortname = "rad2.eduroam.fr"
Fri Apr 28 17:24:34 2017 : Debug: limit {
Fri Apr 28 17:24:34 2017 : Debug: max_connections = 16
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 0
Fri Apr 28 17:24:34 2017 : Debug: idle_timeout = 30
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Adding client 193.49.159.82/32 (193.49.159.82) to prefix tree 32
Fri Apr 28 17:24:34 2017 : Debug: client 195.220.94.130 {
Fri Apr 28 17:24:34 2017 : Debug: ipaddr = 195.220.94.130
Fri Apr 28 17:24:34 2017 : Debug: require_message_authenticator = no
Fri Apr 28 17:24:34 2017 : Debug: secret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
Fri Apr 28 17:24:34 2017 : Debug: shortname = "radtest.cru.fr"
Fri Apr 28 17:24:34 2017 : Debug: limit {
Fri Apr 28 17:24:34 2017 : Debug: max_connections = 16
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 0
Fri Apr 28 17:24:34 2017 : Debug: idle_timeout = 30
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Adding client 195.220.94.130/32 (195.220.94.130) to prefix tree 32
Fri Apr 28 17:24:34 2017 : Debug: client 129.20.254.3 {
Fri Apr 28 17:24:34 2017 : Debug: require_message_authenticator = no
Fri Apr 28 17:24:34 2017 : Debug: secret = "xxxxxxxxxxxxxxxxxxxxxx"
Fri Apr 28 17:24:34 2017 : Debug: shortname = "proxy-rad-point-etude"
Fri Apr 28 17:24:34 2017 : Debug: limit {
Fri Apr 28 17:24:34 2017 : Debug: max_connections = 16
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 0
Fri Apr 28 17:24:34 2017 : Debug: idle_timeout = 30
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Warning: No 'ipaddr' or 'ipv4addr' or 'ipv6addr' field found in client 129.20.254.3. Please fix your configuration
Fri Apr 28 17:24:34 2017 : Warning: Support for old-style clients will be removed in a future release
Fri Apr 28 17:24:34 2017 : Debug: Adding client 129.20.254.3/32 (129.20.254.3) to prefix tree 32
Fri Apr 28 17:24:34 2017 : Info: Debugger not attached
Fri Apr 28 17:24:34 2017 : Debug: # Creating Auth-Type = eap
Fri Apr 28 17:24:34 2017 : Debug: # Creating Auth-Type = MS-CHAP
Fri Apr 28 17:24:34 2017 : Debug: # Creating Auth-Type = PAP
Fri Apr 28 17:24:34 2017 : Debug: # Creating Auth-Type = CHAP
Fri Apr 28 17:24:34 2017 : Debug: radiusd: #### Instantiating modules ####
Fri Apr 28 17:24:34 2017 : Debug: modules {
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_chap, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_chap
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "chap" from file /etc/raddb/mods-enabled/chap
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_cache, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_cache
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "cache" from file /etc/raddb/mods-enabled/cache
Fri Apr 28 17:24:34 2017 : Debug: cache {
Fri Apr 28 17:24:34 2017 : Debug: driver = "rlm_cache_rbtree"
Fri Apr 28 17:24:34 2017 : Debug: key = "%{User-Name}"
Fri Apr 28 17:24:34 2017 : Debug: ttl = 10
Fri Apr 28 17:24:34 2017 : Debug: max_entries = 0
Fri Apr 28 17:24:34 2017 : Debug: epoch = 0
Fri Apr 28 17:24:34 2017 : Debug: add_stats = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_dhcp, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_dhcp
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "dhcp" from file /etc/raddb/mods-enabled/dhcp
Fri Apr 28 17:24:34 2017 : Debug: Adding values for DHCP-Parameter-Request-List
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 1 DHCP-Subnet-Mask
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 2 DHCP-Time-Offset
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 3 DHCP-Router-Address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 4 DHCP-Time-Server
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 5 DHCP-IEN-116-Name-Server
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 6 DHCP-Domain-Name-Server
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 7 DHCP-Log-Server
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 8 DHCP-Quotes-Server
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 9 DHCP-LPR-Server
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 10 DHCP-Impress-Server
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 11 DHCP-RLP-Server
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 12 DHCP-Hostname
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 13 DHCP-Boot-File-Size
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 14 DHCP-Merit-Dump-File
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 15 DHCP-Domain-Name
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 16 DHCP-Swap-Server
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 17 DHCP-Root-Path
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 18 DHCP-Bootp-Extensions-Path
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 19 DHCP-IP-Forward-Enable
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 20 DHCP-Source-Route-Enable
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 21 DHCP-Policy-Filter
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 22 DHCP-Max-Datagram-Reassembly-Size
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 23 DHCP-Default-IP-TTL
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 24 DHCP-Path-MTU-Aging-Timeout
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 25 DHCP-Path-MTU-Plateau-Table
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 26 DHCP-Interface-MTU-Size
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 27 DHCP-All-Subnets-Are-Local
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 28 DHCP-Broadcast-Address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 29 DHCP-Perform-Mask-Discovery
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 30 DHCP-Provide-Mask-To-Others
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 31 DHCP-Perform-Router-Discovery
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 32 DHCP-Router-Solicitation-Address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 33 DHCP-Static-Routes
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 34 DHCP-Trailer-Encapsulation
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 35 DHCP-ARP-Cache-Timeout
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 36 DHCP-Ethernet-Encapsulation
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 37 DHCP-Default-TCP-TTL
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 38 DHCP-Keep-Alive-Interval
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 39 DHCP-Keep-Alive-Garbage
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 40 DHCP-NIS-Domain-Name
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 41 DHCP-NIS-Servers
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 42 DHCP-NTP-Servers
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 43 DHCP-Vendor
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 44 DHCP-NETBIOS-Name-Servers
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 45 DHCP-NETBIOS-Dgm-Dist-Servers
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 46 DHCP-NETBIOS-Node-Type
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 47 DHCP-NETBIOS
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 48 DHCP-X-Window-Font-Server
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 49 DHCP-X-Window-Display-Mgr
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 50 DHCP-Requested-IP-Address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 51 DHCP-IP-Address-Lease-Time
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 52 DHCP-Overload
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 53 DHCP-Message-Type
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 54 DHCP-DHCP-Server-Identifier
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 55 DHCP-Parameter-Request-List
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 56 DHCP-DHCP-Error-Message
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 57 DHCP-DHCP-Maximum-Msg-Size
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 58 DHCP-Renewal-Time
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 59 DHCP-Rebinding-Time
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 60 DHCP-Vendor-Class-Identifier
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 61 DHCP-Client-Identifier
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 62 DHCP-Netware-Domain-Name
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 63 DHCP-Netware-Sub-Options
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 64 DHCP-NIS-Client-Domain-Name
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 65 DHCP-NIS-Server-Address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 66 DHCP-TFTP-Server-Name
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 67 DHCP-Boot-File-Name
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 68 DHCP-Home-Agent-Address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 69 DHCP-SMTP-Server-Address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 70 DHCP-POP3-Server-Address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 71 DHCP-NNTP-Server-Address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 72 DHCP-WWW-Server-Address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 73 DHCP-Finger-Server-Address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 74 DHCP-IRC-Server-Address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 75 DHCP-StreetTalk-Server-Address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 76 DHCP-STDA-Server-Address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 77 DHCP-User-Class
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 78 DHCP-Directory-Agent
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 79 DHCP-Service-Scope
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 80 DHCP-Rapid-Commit
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 81 DHCP-Client-FQDN
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 82 DHCP-Relay-Agent-Information
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 83 DHCP-iSNS
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 84
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 85 DHCP-NDS-Servers
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 86 DHCP-NDS-Tree-Name
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 87 DHCP-NDS-Context
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 88 DHCP-BCMS-Server-IPv4-FQDN
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 89 DHCP-BCMS-Server-IPv4-Address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 90 DHCP-Authentication
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 91 DHCP-Client-Last-Txn-Time
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 92 DHCP-associated-ip
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 93 DHCP-Client-System
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 94 DHCP-Client-NDI
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 95 DHCP-LDAP
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 96
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 97 DHCP-UUID/GUID
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 98 DHCP-User-Auth
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 99 DHCP-GeoConf-Civic
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 100 DHCP-Timezone-Posix
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 101 DHCP-Timezone-Database
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 102
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 103
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 104
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 105
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 106
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 107
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 108
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 109
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 110
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 111
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 112 DHCP-Netinfo-Address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 113 DHCP-Netinfo-Tag
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 114 DHCP-URL
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 115
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 116 DHCP-Auto-Config
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 117 DHCP-Name-Service-Search
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 118 DHCP-Subnet-Selection-Option
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 119 DHCP-Domain-Search
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 120 DHCP-SIP-Servers-DHCP-Option
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 121 DHCP-Classless-Static-Route
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 122 DHCP-CCC
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 123 DHCP-GeoConf-Option
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 124 DHCP-V-I-Vendor-Class
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 125 DHCP-V-I-Vendor-Specific
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 126
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 127
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 128 DHCP-TFTP-Server-IP-Address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 129 DHCP-Call-Server-IP-address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 130 DHCP-Vendor-Discrimination-Str
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 131 DHCP-Remote-Stats-Svr-IP-Address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 132 DHCP-IEEE-802.1P-VLAN-ID
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 133 DHCP-IEEE-802.1Q-L2-Priority
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 134 DHCP-Diffserv-Code-Point
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 135 DHCP-HTTP-Proxy
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 136 DHCP-PANA-Agent
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 137 DHCP-LoST-Server
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 138 DHCP-CAPWAP-AC-IPv4-Address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 139 DHCP-MoS-IPv4-Address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 140 DHCP-MoS-IPv4-FQDN
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 141 DHCP-SIP-UA-Configuration-Service-Domains
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 142 DHCP-ANDSF-IPv4-Address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 143 DHCP-ANDSF-IPv6-Address
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 144
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 145
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 146
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 147
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 148
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 149
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 150 DHCP-TFTP-Server-IPv4-Address
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 151 DHCP-Query-Status-Code
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 152 DHCP-Query-Server-Base-Time
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 153 DHCP-Query-Start-Time-Of-State
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 154 DHCP-Query-Start-Time
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 155 DHCP-Query-End-Time
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 156 DHCP-State
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 157 DHCP-Data-Source
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 158 DHCP-PCP-IPv4-Server-Address
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 159
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 160
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 161
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 162
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 163
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 164
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 165
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 166
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 167
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 168
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 169
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 170
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 171
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 172
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 173
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 174
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 175
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 176
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 177
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 178
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 179
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 180
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 181
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 182
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 183
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 184
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 185
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 186
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 187
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 188
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 189
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 190
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 191
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 192
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 193
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 194
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 195
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 196
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 197
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 198
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 199
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 200
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 201
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 202
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 203
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 204
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 205
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 206
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 207
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 208 DHCP-PXELINUX-Magic
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 209 DHCP-Packet-Format
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 210 DHCP-Path-Prefix
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 211 DHCP-Reboot-Time
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 212 DHCP-6RD
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 213 DHCP-Access-Network-Domain-Name
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 214
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 215
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 216
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 217
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 218
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 219
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 220 DHCP-Virtual-Subnet-Allocation
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 221 DHCP-Virtual-Subnet-Selection
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 222
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 223
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 224 DHCP-Site-specific-0
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 225 DHCP-Site-specific-1
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 226 DHCP-Site-specific-2
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 227 DHCP-Site-specific-3
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 228 DHCP-Site-specific-4
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 229 DHCP-Site-specific-5
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 230 DHCP-Site-specific-6
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 231 DHCP-Site-specific-7
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 232 DHCP-Site-specific-8
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 233 DHCP-Site-specific-9
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 234 DHCP-Site-specific-10
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 235 DHCP-Site-specific-11
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 236 DHCP-Site-specific-12
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 237 DHCP-Site-specific-13
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 238 DHCP-Site-specific-14
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 239 DHCP-Site-specific-15
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 240 DHCP-Site-specific-16
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 241 DHCP-Site-specific-17
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 242 DHCP-Site-specific-18
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 243 DHCP-Site-specific-19
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 244 DHCP-Site-specific-20
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 245 DHCP-Site-specific-21
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 246 DHCP-Site-specific-22
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 247 DHCP-Site-specific-23
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 248 DHCP-Site-specific-24
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 249 DHCP-Site-specific-25
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 250 DHCP-Site-specific-26
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 251 DHCP-Site-specific-27
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 252 DHCP-Site-specific-28
Fri Apr 28 17:24:34 2017 : Debug: Adding DHCP-Parameter-Request-List value 253 DHCP-Site-specific-30
Fri Apr 28 17:24:34 2017 : Debug: No DHCP RFC space attribute at 254
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_radutmp, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_radutmp
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "sradutmp" from file /etc/raddb/mods-enabled/sradutmp
Fri Apr 28 17:24:34 2017 : Debug: radutmp sradutmp {
Fri Apr 28 17:24:34 2017 : Debug: filename = "/var/log/radius/sradutmp"
Fri Apr 28 17:24:34 2017 : Debug: username = "%{User-Name}"
Fri Apr 28 17:24:34 2017 : Debug: case_sensitive = yes
Fri Apr 28 17:24:34 2017 : Debug: check_with_nas = yes
Fri Apr 28 17:24:34 2017 : Debug: permissions = 420
Fri Apr 28 17:24:34 2017 : Debug: caller_id = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_linelog, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_linelog
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "linelog" from file /etc/raddb/mods-enabled/linelog
Fri Apr 28 17:24:34 2017 : Debug: linelog {
Fri Apr 28 17:24:34 2017 : Debug: filename = "/var/log/radius/linelog"
Fri Apr 28 17:24:34 2017 : Debug: escape_filenames = no
Fri Apr 28 17:24:34 2017 : Debug: syslog_severity = "info"
Fri Apr 28 17:24:34 2017 : Debug: permissions = 384
Fri Apr 28 17:24:34 2017 : Debug: format = "This is a log message for %{User-Name}"
Fri Apr 28 17:24:34 2017 : Debug: reference = "messages.%{%{reply:Packet-Type}:-default}"
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "log_accounting" from file /etc/raddb/mods-enabled/linelog
Fri Apr 28 17:24:34 2017 : Debug: linelog log_accounting {
Fri Apr 28 17:24:34 2017 : Debug: filename = "/var/log/radius/linelog-accounting"
Fri Apr 28 17:24:34 2017 : Debug: escape_filenames = no
Fri Apr 28 17:24:34 2017 : Debug: syslog_severity = "info"
Fri Apr 28 17:24:34 2017 : Debug: permissions = 384
Fri Apr 28 17:24:34 2017 : Debug: format = ""
Fri Apr 28 17:24:34 2017 : Debug: reference = "Accounting-Request.%{%{Acct-Status-Type}:-unknown}"
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_logintime, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_logintime
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "logintime" from file /etc/raddb/mods-enabled/logintime
Fri Apr 28 17:24:34 2017 : Debug: logintime {
Fri Apr 28 17:24:34 2017 : Debug: minimum_timeout = 60
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_digest, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_digest
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "digest" from file /etc/raddb/mods-enabled/digest
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_detail, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_detail
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "detail" from file /etc/raddb/mods-enabled/detail
Fri Apr 28 17:24:34 2017 : Debug: detail {
Fri Apr 28 17:24:34 2017 : Debug: filename = "/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d"
Fri Apr 28 17:24:34 2017 : Debug: header = "%t"
Fri Apr 28 17:24:34 2017 : Debug: permissions = 384
Fri Apr 28 17:24:34 2017 : Debug: locking = no
Fri Apr 28 17:24:34 2017 : Debug: escape_filenames = no
Fri Apr 28 17:24:34 2017 : Debug: log_packet_header = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_exec, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_exec
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "ntlm_auth" from file /etc/raddb/mods-enabled/ntlm_auth
Fri Apr 28 17:24:34 2017 : Debug: exec ntlm_auth {
Fri Apr 28 17:24:34 2017 : Debug: wait = yes
Fri Apr 28 17:24:34 2017 : Debug: program = "/path/to/ntlm_auth --request-nt-key --domain=MYDOMAIN --username=%{mschap:User-Name} --password=%{User-Password}"
Fri Apr 28 17:24:34 2017 : Debug: shell_escape = yes
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_unix, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_unix
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "unix" from file /etc/raddb/mods-enabled/unix
Fri Apr 28 17:24:34 2017 : Debug: unix {
Fri Apr 28 17:24:34 2017 : Debug: radwtmp = "/var/log/radius/radwtmp"
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Creating attribute Unix-Group
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "radutmp" from file /etc/raddb/mods-enabled/radutmp
Fri Apr 28 17:24:34 2017 : Debug: radutmp {
Fri Apr 28 17:24:34 2017 : Debug: filename = "/var/log/radius/radutmp"
Fri Apr 28 17:24:34 2017 : Debug: username = "%{User-Name}"
Fri Apr 28 17:24:34 2017 : Debug: case_sensitive = yes
Fri Apr 28 17:24:34 2017 : Debug: check_with_nas = yes
Fri Apr 28 17:24:34 2017 : Debug: permissions = 384
Fri Apr 28 17:24:34 2017 : Debug: caller_id = yes
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_ldap, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_ldap
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "ldap" from file /etc/raddb/mods-enabled/ldap
Fri Apr 28 17:24:34 2017 : Debug: ldap {
Fri Apr 28 17:24:34 2017 : Debug: server = "ldap://annuaireubo.univ-brest.fr"
Fri Apr 28 17:24:34 2017 : Debug: identity = "cn=admin,dc=univ-brest,dc=fr"
Fri Apr 28 17:24:34 2017 : Debug: password = "c1ent!kc"
Fri Apr 28 17:24:34 2017 : Debug: sasl {
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: user {
Fri Apr 28 17:24:34 2017 : Debug: scope = "sub"
Fri Apr 28 17:24:34 2017 : Debug: access_positive = yes
Fri Apr 28 17:24:34 2017 : Debug: sasl {
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: group {
Fri Apr 28 17:24:34 2017 : Debug: filter = "(objectClass=posixGroup)"
Fri Apr 28 17:24:34 2017 : Debug: scope = "sub"
Fri Apr 28 17:24:34 2017 : Debug: name_attribute = "cn"
Fri Apr 28 17:24:34 2017 : Debug: membership_attribute = "memberUid"
Fri Apr 28 17:24:34 2017 : Debug: membership_filter = "(|(&(objectClass=posixGroup)(memberUid=%{%{Stripped-User-Name}:-%{User-Name}})))"
Fri Apr 28 17:24:34 2017 : Debug: cacheable_name = no
Fri Apr 28 17:24:34 2017 : Debug: cacheable_dn = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: client {
Fri Apr 28 17:24:34 2017 : Debug: filter = "(objectClass=radiusClient)"
Fri Apr 28 17:24:34 2017 : Debug: scope = "sub"
Fri Apr 28 17:24:34 2017 : Debug: base_dn = "dc=univ-brest,dc=fr"
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: profile {
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: options {
Fri Apr 28 17:24:34 2017 : Debug: ldap_debug = 40
Fri Apr 28 17:24:34 2017 : Debug: chase_referrals = yes
Fri Apr 28 17:24:34 2017 : Debug: rebind = yes
Fri Apr 28 17:24:34 2017 : Debug: net_timeout = 1
Fri Apr 28 17:24:34 2017 : Debug: res_timeout = 10
Fri Apr 28 17:24:34 2017 : Debug: srv_timelimit = 3
Fri Apr 28 17:24:34 2017 : Debug: idle = 60
Fri Apr 28 17:24:34 2017 : Debug: probes = 3
Fri Apr 28 17:24:34 2017 : Debug: interval = 3
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: tls {
Fri Apr 28 17:24:34 2017 : Debug: start_tls = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/mods-enabled/ldap[34]: The item 'base_dn' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/mods-enabled/ldap[37]: The item 'filter' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/mods-enabled/ldap[38]: The item 'auto_header' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/mods-enabled/ldap[39]: The item 'access_attr_used_for_allow' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/mods-enabled/ldap[40]: The item 'groupname_attribute' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/mods-enabled/ldap[41]: The item 'groupmembership_attribute' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/mods-enabled/ldap[101]: The item 'dictionary_mapping' is defined, but is unused by the configuration
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Creating attribute LDAP-Group
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_soh, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_soh
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "soh" from file /etc/raddb/mods-enabled/soh
Fri Apr 28 17:24:34 2017 : Debug: soh {
Fri Apr 28 17:24:34 2017 : Debug: dhcp = yes
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_files, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_files
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "files" from file /etc/raddb/mods-enabled/files
Fri Apr 28 17:24:34 2017 : Debug: files {
Fri Apr 28 17:24:34 2017 : Debug: filename = "/etc/raddb/mods-config/files/authorize"
Fri Apr 28 17:24:34 2017 : Debug: acctusersfile = "/etc/raddb/mods-config/files/accounting"
Fri Apr 28 17:24:34 2017 : Debug: preproxy_usersfile = "/etc/raddb/mods-config/files/pre-proxy"
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_replicate, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_replicate
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "replicate" from file /etc/raddb/mods-enabled/replicate
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_expiration, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_expiration
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "expiration" from file /etc/raddb/mods-enabled/expiration
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_attr_filter, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_attr_filter
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "attr_filter.post-proxy" from file /etc/raddb/mods-enabled/attr_filter
Fri Apr 28 17:24:34 2017 : Debug: attr_filter attr_filter.post-proxy {
Fri Apr 28 17:24:34 2017 : Debug: filename = "/etc/raddb/mods-config/attr_filter/post-proxy"
Fri Apr 28 17:24:34 2017 : Debug: key = "%{Realm}"
Fri Apr 28 17:24:34 2017 : Debug: relaxed = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "attr_filter.pre-proxy" from file /etc/raddb/mods-enabled/attr_filter
Fri Apr 28 17:24:34 2017 : Debug: attr_filter attr_filter.pre-proxy {
Fri Apr 28 17:24:34 2017 : Debug: filename = "/etc/raddb/mods-config/attr_filter/pre-proxy"
Fri Apr 28 17:24:34 2017 : Debug: key = "%{Realm}"
Fri Apr 28 17:24:34 2017 : Debug: relaxed = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "attr_filter.access_reject" from file /etc/raddb/mods-enabled/attr_filter
Fri Apr 28 17:24:34 2017 : Debug: attr_filter attr_filter.access_reject {
Fri Apr 28 17:24:34 2017 : Debug: filename = "/etc/raddb/mods-config/attr_filter/access_reject"
Fri Apr 28 17:24:34 2017 : Debug: key = "%{User-Name}"
Fri Apr 28 17:24:34 2017 : Debug: relaxed = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "attr_filter.access_challenge" from file /etc/raddb/mods-enabled/attr_filter
Fri Apr 28 17:24:34 2017 : Debug: attr_filter attr_filter.access_challenge {
Fri Apr 28 17:24:34 2017 : Debug: filename = "/etc/raddb/mods-config/attr_filter/access_challenge"
Fri Apr 28 17:24:34 2017 : Debug: key = "%{User-Name}"
Fri Apr 28 17:24:34 2017 : Debug: relaxed = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "attr_filter.accounting_response" from file /etc/raddb/mods-enabled/attr_filter
Fri Apr 28 17:24:34 2017 : Debug: attr_filter attr_filter.accounting_response {
Fri Apr 28 17:24:34 2017 : Debug: filename = "/etc/raddb/mods-config/attr_filter/accounting_response"
Fri Apr 28 17:24:34 2017 : Debug: key = "%{User-Name}"
Fri Apr 28 17:24:34 2017 : Debug: relaxed = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_expr, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_expr
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "expr" from file /etc/raddb/mods-enabled/expr
Fri Apr 28 17:24:34 2017 : Debug: expr {
Fri Apr 28 17:24:34 2017 : Debug: safe_characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /äéöüàâæçèéêëîïôœùûüaÿÄÉÖÜßÀÂÆÇÈÉÊËÎÏÔŒÙÛÜŸ"
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "exec" from file /etc/raddb/mods-enabled/exec
Fri Apr 28 17:24:34 2017 : Debug: exec {
Fri Apr 28 17:24:34 2017 : Debug: wait = no
Fri Apr 28 17:24:34 2017 : Debug: input_pairs = "request"
Fri Apr 28 17:24:34 2017 : Debug: shell_escape = yes
Fri Apr 28 17:24:34 2017 : Debug: timeout = 10
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "cache_eap" from file /etc/raddb/mods-enabled/cache_eap
Fri Apr 28 17:24:34 2017 : Debug: cache cache_eap {
Fri Apr 28 17:24:34 2017 : Debug: driver = "rlm_cache_rbtree"
Fri Apr 28 17:24:34 2017 : Debug: key = "%{%{control:State}:-%{%{reply:State}:-%{State}}}"
Fri Apr 28 17:24:34 2017 : Debug: ttl = 15
Fri Apr 28 17:24:34 2017 : Debug: max_entries = 0
Fri Apr 28 17:24:34 2017 : Debug: epoch = 0
Fri Apr 28 17:24:34 2017 : Debug: add_stats = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_always, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_always
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "reject" from file /etc/raddb/mods-enabled/always
Fri Apr 28 17:24:34 2017 : Debug: always reject {
Fri Apr 28 17:24:34 2017 : Debug: rcode = "reject"
Fri Apr 28 17:24:34 2017 : Debug: simulcount = 0
Fri Apr 28 17:24:34 2017 : Debug: mpp = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "fail" from file /etc/raddb/mods-enabled/always
Fri Apr 28 17:24:34 2017 : Debug: always fail {
Fri Apr 28 17:24:34 2017 : Debug: rcode = "fail"
Fri Apr 28 17:24:34 2017 : Debug: simulcount = 0
Fri Apr 28 17:24:34 2017 : Debug: mpp = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "ok" from file /etc/raddb/mods-enabled/always
Fri Apr 28 17:24:34 2017 : Debug: always ok {
Fri Apr 28 17:24:34 2017 : Debug: rcode = "ok"
Fri Apr 28 17:24:34 2017 : Debug: simulcount = 0
Fri Apr 28 17:24:34 2017 : Debug: mpp = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "handled" from file /etc/raddb/mods-enabled/always
Fri Apr 28 17:24:34 2017 : Debug: always handled {
Fri Apr 28 17:24:34 2017 : Debug: rcode = "handled"
Fri Apr 28 17:24:34 2017 : Debug: simulcount = 0
Fri Apr 28 17:24:34 2017 : Debug: mpp = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "invalid" from file /etc/raddb/mods-enabled/always
Fri Apr 28 17:24:34 2017 : Debug: always invalid {
Fri Apr 28 17:24:34 2017 : Debug: rcode = "invalid"
Fri Apr 28 17:24:34 2017 : Debug: simulcount = 0
Fri Apr 28 17:24:34 2017 : Debug: mpp = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "userlock" from file /etc/raddb/mods-enabled/always
Fri Apr 28 17:24:34 2017 : Debug: always userlock {
Fri Apr 28 17:24:34 2017 : Debug: rcode = "userlock"
Fri Apr 28 17:24:34 2017 : Debug: simulcount = 0
Fri Apr 28 17:24:34 2017 : Debug: mpp = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "notfound" from file /etc/raddb/mods-enabled/always
Fri Apr 28 17:24:34 2017 : Debug: always notfound {
Fri Apr 28 17:24:34 2017 : Debug: rcode = "notfound"
Fri Apr 28 17:24:34 2017 : Debug: simulcount = 0
Fri Apr 28 17:24:34 2017 : Debug: mpp = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "noop" from file /etc/raddb/mods-enabled/always
Fri Apr 28 17:24:34 2017 : Debug: always noop {
Fri Apr 28 17:24:34 2017 : Debug: rcode = "noop"
Fri Apr 28 17:24:34 2017 : Debug: simulcount = 0
Fri Apr 28 17:24:34 2017 : Debug: mpp = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "updated" from file /etc/raddb/mods-enabled/always
Fri Apr 28 17:24:34 2017 : Debug: always updated {
Fri Apr 28 17:24:34 2017 : Debug: rcode = "updated"
Fri Apr 28 17:24:34 2017 : Debug: simulcount = 0
Fri Apr 28 17:24:34 2017 : Debug: mpp = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_date, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_date
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "date" from file /etc/raddb/mods-enabled/date
Fri Apr 28 17:24:34 2017 : Debug: date {
Fri Apr 28 17:24:34 2017 : Debug: format = "%b %e %Y %H:%M:%S %Z"
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_pap, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_pap
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "pap" from file /etc/raddb/mods-enabled/pap
Fri Apr 28 17:24:34 2017 : Debug: pap {
Fri Apr 28 17:24:34 2017 : Debug: normalise = yes
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_realm, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_realm
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "IPASS" from file /etc/raddb/mods-enabled/realm
Fri Apr 28 17:24:34 2017 : Debug: realm IPASS {
Fri Apr 28 17:24:34 2017 : Debug: format = "prefix"
Fri Apr 28 17:24:34 2017 : Debug: delimiter = "/"
Fri Apr 28 17:24:34 2017 : Debug: ignore_default = no
Fri Apr 28 17:24:34 2017 : Debug: ignore_null = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "suffix" from file /etc/raddb/mods-enabled/realm
Fri Apr 28 17:24:34 2017 : Debug: realm suffix {
Fri Apr 28 17:24:34 2017 : Debug: format = "suffix"
Fri Apr 28 17:24:34 2017 : Debug: delimiter = "@"
Fri Apr 28 17:24:34 2017 : Debug: ignore_default = no
Fri Apr 28 17:24:34 2017 : Debug: ignore_null = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "realmpercent" from file /etc/raddb/mods-enabled/realm
Fri Apr 28 17:24:34 2017 : Debug: realm realmpercent {
Fri Apr 28 17:24:34 2017 : Debug: format = "suffix"
Fri Apr 28 17:24:34 2017 : Debug: delimiter = "%"
Fri Apr 28 17:24:34 2017 : Debug: ignore_default = no
Fri Apr 28 17:24:34 2017 : Debug: ignore_null = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "ntdomain" from file /etc/raddb/mods-enabled/realm
Fri Apr 28 17:24:34 2017 : Debug: realm ntdomain {
Fri Apr 28 17:24:34 2017 : Debug: format = "prefix"
Fri Apr 28 17:24:34 2017 : Debug: delimiter = "\\"
Fri Apr 28 17:24:34 2017 : Debug: ignore_default = no
Fri Apr 28 17:24:34 2017 : Debug: ignore_null = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "auth_log" from file /etc/raddb/mods-enabled/detail.log
Fri Apr 28 17:24:34 2017 : Debug: detail auth_log {
Fri Apr 28 17:24:34 2017 : Debug: filename = "/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d"
Fri Apr 28 17:24:34 2017 : Debug: header = "%t"
Fri Apr 28 17:24:34 2017 : Debug: permissions = 384
Fri Apr 28 17:24:34 2017 : Debug: locking = no
Fri Apr 28 17:24:34 2017 : Debug: escape_filenames = no
Fri Apr 28 17:24:34 2017 : Debug: log_packet_header = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "reply_log" from file /etc/raddb/mods-enabled/detail.log
Fri Apr 28 17:24:34 2017 : Debug: detail reply_log {
Fri Apr 28 17:24:34 2017 : Debug: filename = "/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/reply-detail-%Y%m%d"
Fri Apr 28 17:24:34 2017 : Debug: header = "%t"
Fri Apr 28 17:24:34 2017 : Debug: permissions = 384
Fri Apr 28 17:24:34 2017 : Debug: locking = no
Fri Apr 28 17:24:34 2017 : Debug: escape_filenames = no
Fri Apr 28 17:24:34 2017 : Debug: log_packet_header = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "pre_proxy_log" from file /etc/raddb/mods-enabled/detail.log
Fri Apr 28 17:24:34 2017 : Debug: detail pre_proxy_log {
Fri Apr 28 17:24:34 2017 : Debug: filename = "/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/pre-proxy-detail-%Y%m%d"
Fri Apr 28 17:24:34 2017 : Debug: header = "%t"
Fri Apr 28 17:24:34 2017 : Debug: permissions = 384
Fri Apr 28 17:24:34 2017 : Debug: locking = no
Fri Apr 28 17:24:34 2017 : Debug: escape_filenames = no
Fri Apr 28 17:24:34 2017 : Debug: log_packet_header = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "post_proxy_log" from file /etc/raddb/mods-enabled/detail.log
Fri Apr 28 17:24:34 2017 : Debug: detail post_proxy_log {
Fri Apr 28 17:24:34 2017 : Debug: filename = "/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/post-proxy-detail-%Y%m%d"
Fri Apr 28 17:24:34 2017 : Debug: header = "%t"
Fri Apr 28 17:24:34 2017 : Debug: permissions = 384
Fri Apr 28 17:24:34 2017 : Debug: locking = no
Fri Apr 28 17:24:34 2017 : Debug: escape_filenames = no
Fri Apr 28 17:24:34 2017 : Debug: log_packet_header = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_unpack, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_unpack
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "unpack" from file /etc/raddb/mods-enabled/unpack
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_eap, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_eap
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "eap" from file /etc/raddb/mods-enabled/eap
Fri Apr 28 17:24:34 2017 : Debug: eap {
Fri Apr 28 17:24:34 2017 : Debug: default_eap_type = "peap"
Fri Apr 28 17:24:34 2017 : Debug: timer_expire = 60
Fri Apr 28 17:24:34 2017 : Debug: ignore_unknown_eap_types = no
Fri Apr 28 17:24:34 2017 : Debug: cisco_accounting_username_bug = no
Fri Apr 28 17:24:34 2017 : Debug: max_sessions = 16384
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_mschap, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_mschap
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "mschap" from file /etc/raddb/mods-enabled/mschap
Fri Apr 28 17:24:34 2017 : Debug: mschap {
Fri Apr 28 17:24:34 2017 : Debug: use_mppe = yes
Fri Apr 28 17:24:34 2017 : Debug: require_encryption = no
Fri Apr 28 17:24:34 2017 : Debug: require_strong = no
Fri Apr 28 17:24:34 2017 : Debug: with_ntdomain_hack = no
Fri Apr 28 17:24:34 2017 : Debug: passchange {
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: allow_retry = yes
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "echo" from file /etc/raddb/mods-enabled/echo
Fri Apr 28 17:24:34 2017 : Debug: exec echo {
Fri Apr 28 17:24:34 2017 : Debug: wait = yes
Fri Apr 28 17:24:34 2017 : Debug: program = "/bin/echo %{User-Name}"
Fri Apr 28 17:24:34 2017 : Debug: input_pairs = "request"
Fri Apr 28 17:24:34 2017 : Debug: output_pairs = "reply"
Fri Apr 28 17:24:34 2017 : Debug: shell_escape = yes
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_dynamic_clients, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_dynamic_clients
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "dynamic_clients" from file /etc/raddb/mods-enabled/dynamic_clients
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_preprocess, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_preprocess
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "preprocess" from file /etc/raddb/mods-enabled/preprocess
Fri Apr 28 17:24:34 2017 : Debug: preprocess {
Fri Apr 28 17:24:34 2017 : Debug: huntgroups = "/etc/raddb/mods-config/preprocess/huntgroups"
Fri Apr 28 17:24:34 2017 : Debug: hints = "/etc/raddb/mods-config/preprocess/hints"
Fri Apr 28 17:24:34 2017 : Debug: with_ascend_hack = no
Fri Apr 28 17:24:34 2017 : Debug: ascend_channels_per_line = 23
Fri Apr 28 17:24:34 2017 : Debug: with_ntdomain_hack = no
Fri Apr 28 17:24:34 2017 : Debug: with_specialix_jetstream_hack = no
Fri Apr 28 17:24:34 2017 : Debug: with_cisco_vsa_hack = no
Fri Apr 28 17:24:34 2017 : Debug: with_alvarion_vsa_hack = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_passwd, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_passwd
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "etc_passwd" from file /etc/raddb/mods-enabled/passwd
Fri Apr 28 17:24:34 2017 : Debug: passwd etc_passwd {
Fri Apr 28 17:24:34 2017 : Debug: filename = "/etc/passwd"
Fri Apr 28 17:24:34 2017 : Debug: format = "*User-Name:Crypt-Password:"
Fri Apr 28 17:24:34 2017 : Debug: delimiter = ":"
Fri Apr 28 17:24:34 2017 : Debug: ignore_nislike = no
Fri Apr 28 17:24:34 2017 : Debug: ignore_empty = yes
Fri Apr 28 17:24:34 2017 : Debug: allow_multiple_keys = no
Fri Apr 28 17:24:34 2017 : Debug: hash_size = 100
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_utf8, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_utf8
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "utf8" from file /etc/raddb/mods-enabled/utf8
Fri Apr 28 17:24:34 2017 : Debug: Loaded rlm_ippool, checking if it's valid
Fri Apr 28 17:24:34 2017 : Debug: # Loaded module rlm_ippool
Fri Apr 28 17:24:34 2017 : Debug: # Loading module "main_pool" from file /etc/raddb/mods-enabled/ippool
Fri Apr 28 17:24:34 2017 : Debug: ippool main_pool {
Fri Apr 28 17:24:34 2017 : Debug: filename = "/var/lib/radiusd/db.ippool"
Fri Apr 28 17:24:34 2017 : Debug: ip_index = "/var/lib/radiusd/db.ipindex"
Fri Apr 28 17:24:34 2017 : Debug: key = "%{NAS-IP-Address} %{NAS-Port}"
Fri Apr 28 17:24:34 2017 : Debug: range_start = 192.0.2.1
Fri Apr 28 17:24:34 2017 : Debug: range_stop = 192.0.2.254
Fri Apr 28 17:24:34 2017 : Debug: netmask = 255.255.255.0
Fri Apr 28 17:24:34 2017 : Debug: cache_size = 800
Fri Apr 28 17:24:34 2017 : Debug: override = no
Fri Apr 28 17:24:34 2017 : Debug: maximum_timeout = 0
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: instantiate {
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "cache" from file /etc/raddb/mods-enabled/cache
Fri Apr 28 17:24:34 2017 : Debug: rlm_cache (cache): Driver rlm_cache_rbtree (module rlm_cache_rbtree) loaded and linked
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "linelog" from file /etc/raddb/mods-enabled/linelog
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "log_accounting" from file /etc/raddb/mods-enabled/linelog
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "logintime" from file /etc/raddb/mods-enabled/logintime
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "detail" from file /etc/raddb/mods-enabled/detail
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "ldap" from file /etc/raddb/mods-enabled/ldap
Fri Apr 28 17:24:34 2017 : Info: rlm_ldap: libldap vendor: OpenLDAP, version: 20440
Fri Apr 28 17:24:34 2017 : Debug: accounting {
Fri Apr 28 17:24:34 2017 : Debug: reference = "%{tolower:type.%{Acct-Status-Type}}"
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: post-auth {
Fri Apr 28 17:24:34 2017 : Debug: reference = "."
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: rlm_ldap (ldap): Initialising connection pool
Fri Apr 28 17:24:34 2017 : Debug: pool {
Fri Apr 28 17:24:34 2017 : Debug: start = 5
Fri Apr 28 17:24:34 2017 : Debug: min = 3
Fri Apr 28 17:24:34 2017 : Debug: max = 32
Fri Apr 28 17:24:34 2017 : Debug: spare = 10
Fri Apr 28 17:24:34 2017 : Debug: uses = 0
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 0
Fri Apr 28 17:24:34 2017 : Debug: cleanup_interval = 30
Fri Apr 28 17:24:34 2017 : Debug: idle_timeout = 60
Fri Apr 28 17:24:34 2017 : Debug: retry_delay = 30
Fri Apr 28 17:24:34 2017 : Debug: spread = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Info: rlm_ldap (ldap): Opening additional connection (0), 1 of 32 pending slots used
Fri Apr 28 17:24:34 2017 : Debug: rlm_ldap (ldap): Connecting to ldap://annuaireubo.univ-brest.fr:389
Fri Apr 28 17:24:34 2017 : Debug: rlm_ldap (ldap): New libldap handle 0x7f5da703f890
Fri Apr 28 17:24:34 2017 : Debug: rlm_ldap (ldap): Waiting for bind result...
Fri Apr 28 17:24:34 2017 : Debug: rlm_ldap (ldap): Bind successful
Fri Apr 28 17:24:34 2017 : Info: rlm_ldap (ldap): Opening additional connection (1), 1 of 31 pending slots used
Fri Apr 28 17:24:34 2017 : Debug: rlm_ldap (ldap): Connecting to ldap://annuaireubo.univ-brest.fr:389
Fri Apr 28 17:24:34 2017 : Debug: rlm_ldap (ldap): New libldap handle 0x7f5da7059bd0
Fri Apr 28 17:24:34 2017 : Debug: rlm_ldap (ldap): Waiting for bind result...
Fri Apr 28 17:24:34 2017 : Debug: rlm_ldap (ldap): Bind successful
Fri Apr 28 17:24:34 2017 : Info: rlm_ldap (ldap): Opening additional connection (2), 1 of 30 pending slots used
Fri Apr 28 17:24:34 2017 : Debug: rlm_ldap (ldap): Connecting to ldap://annuaireubo.univ-brest.fr:389
Fri Apr 28 17:24:34 2017 : Debug: rlm_ldap (ldap): New libldap handle 0x7f5da705a4a0
Fri Apr 28 17:24:34 2017 : Debug: rlm_ldap (ldap): Waiting for bind result...
Fri Apr 28 17:24:34 2017 : Debug: rlm_ldap (ldap): Bind successful
Fri Apr 28 17:24:34 2017 : Info: rlm_ldap (ldap): Opening additional connection (3), 1 of 29 pending slots used
Fri Apr 28 17:24:34 2017 : Debug: rlm_ldap (ldap): Connecting to ldap://annuaireubo.univ-brest.fr:389
Fri Apr 28 17:24:34 2017 : Debug: rlm_ldap (ldap): New libldap handle 0x7f5da706b050
Fri Apr 28 17:24:34 2017 : Debug: rlm_ldap (ldap): Waiting for bind result...
Fri Apr 28 17:24:34 2017 : Debug: rlm_ldap (ldap): Bind successful
Fri Apr 28 17:24:34 2017 : Info: rlm_ldap (ldap): Opening additional connection (4), 1 of 28 pending slots used
Fri Apr 28 17:24:34 2017 : Debug: rlm_ldap (ldap): Connecting to ldap://annuaireubo.univ-brest.fr:389
Fri Apr 28 17:24:34 2017 : Debug: rlm_ldap (ldap): New libldap handle 0x7f5da706b9d0
Fri Apr 28 17:24:34 2017 : Debug: rlm_ldap (ldap): Waiting for bind result...
Fri Apr 28 17:24:34 2017 : Debug: rlm_ldap (ldap): Bind successful
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "files" from file /etc/raddb/mods-enabled/files
Fri Apr 28 17:24:34 2017 : Debug: reading pairlist file /etc/raddb/mods-config/files/authorize
Fri Apr 28 17:24:34 2017 : Debug: reading pairlist file /etc/raddb/mods-config/files/accounting
Fri Apr 28 17:24:34 2017 : Debug: reading pairlist file /etc/raddb/mods-config/files/pre-proxy
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "expiration" from file /etc/raddb/mods-enabled/expiration
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "attr_filter.post-proxy" from file /etc/raddb/mods-enabled/attr_filter
Fri Apr 28 17:24:34 2017 : Debug: reading pairlist file /etc/raddb/mods-config/attr_filter/post-proxy
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "attr_filter.pre-proxy" from file /etc/raddb/mods-enabled/attr_filter
Fri Apr 28 17:24:34 2017 : Debug: reading pairlist file /etc/raddb/mods-config/attr_filter/pre-proxy
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "attr_filter.access_reject" from file /etc/raddb/mods-enabled/attr_filter
Fri Apr 28 17:24:34 2017 : Debug: reading pairlist file /etc/raddb/mods-config/attr_filter/access_reject
Fri Apr 28 17:24:34 2017 : Warning: [/etc/raddb/mods-config/attr_filter/access_reject]:11 Check item "FreeRADIUS-Response-Delay" found in filter list for realm "DEFAULT".
Fri Apr 28 17:24:34 2017 : Warning: [/etc/raddb/mods-config/attr_filter/access_reject]:11 Check item "FreeRADIUS-Response-Delay-USec" found in filter list for realm "DEFAULT".
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "attr_filter.access_challenge" from file /etc/raddb/mods-enabled/attr_filter
Fri Apr 28 17:24:34 2017 : Debug: reading pairlist file /etc/raddb/mods-config/attr_filter/access_challenge
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "attr_filter.accounting_response" from file /etc/raddb/mods-enabled/attr_filter
Fri Apr 28 17:24:34 2017 : Debug: reading pairlist file /etc/raddb/mods-config/attr_filter/accounting_response
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "cache_eap" from file /etc/raddb/mods-enabled/cache_eap
Fri Apr 28 17:24:34 2017 : Debug: rlm_cache (cache_eap): Driver rlm_cache_rbtree (module rlm_cache_rbtree) loaded and linked
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "reject" from file /etc/raddb/mods-enabled/always
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "fail" from file /etc/raddb/mods-enabled/always
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "ok" from file /etc/raddb/mods-enabled/always
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "handled" from file /etc/raddb/mods-enabled/always
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "invalid" from file /etc/raddb/mods-enabled/always
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "userlock" from file /etc/raddb/mods-enabled/always
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "notfound" from file /etc/raddb/mods-enabled/always
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "noop" from file /etc/raddb/mods-enabled/always
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "updated" from file /etc/raddb/mods-enabled/always
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "pap" from file /etc/raddb/mods-enabled/pap
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "IPASS" from file /etc/raddb/mods-enabled/realm
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "suffix" from file /etc/raddb/mods-enabled/realm
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "realmpercent" from file /etc/raddb/mods-enabled/realm
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "ntdomain" from file /etc/raddb/mods-enabled/realm
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "auth_log" from file /etc/raddb/mods-enabled/detail.log
Fri Apr 28 17:24:34 2017 : Debug: rlm_detail (auth_log): 'User-Password' suppressed, will not appear in detail output
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "reply_log" from file /etc/raddb/mods-enabled/detail.log
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "pre_proxy_log" from file /etc/raddb/mods-enabled/detail.log
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "post_proxy_log" from file /etc/raddb/mods-enabled/detail.log
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "eap" from file /etc/raddb/mods-enabled/eap
Fri Apr 28 17:24:34 2017 : Debug: # Linked to sub-module rlm_eap_tls
Fri Apr 28 17:24:34 2017 : Debug: tls {
Fri Apr 28 17:24:34 2017 : Debug: tls = "tls-common"
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: tls-config tls-common {
Fri Apr 28 17:24:34 2017 : Debug: verify_depth = 0
Fri Apr 28 17:24:34 2017 : Debug: ca_path = "/etc/raddb/certs"
Fri Apr 28 17:24:34 2017 : Debug: pem_file_type = yes
Fri Apr 28 17:24:34 2017 : Debug: private_key_file = "/etc/raddb/certs/2016.wildcard.univ-brest.fr.key"
Fri Apr 28 17:24:34 2017 : Debug: certificate_file = "/etc/raddb/certs/2016.wildcard.univ-brest.fr.pem"
Fri Apr 28 17:24:34 2017 : Debug: ca_file = "/etc/raddb/certs/2016.wildcard.cachain"
Fri Apr 28 17:24:34 2017 : Debug: dh_file = "/etc/raddb/certs/dh"
Fri Apr 28 17:24:34 2017 : Debug: random_file = "/dev/urandom"
Fri Apr 28 17:24:34 2017 : Debug: fragment_size = 1024
Fri Apr 28 17:24:34 2017 : Debug: include_length = yes
Fri Apr 28 17:24:34 2017 : Debug: auto_chain = yes
Fri Apr 28 17:24:34 2017 : Debug: check_crl = no
Fri Apr 28 17:24:34 2017 : Debug: check_all_crl = no
Fri Apr 28 17:24:34 2017 : Debug: cipher_list = "DEFAULT"
Fri Apr 28 17:24:34 2017 : Debug: ecdh_curve = "prime256v1"
Fri Apr 28 17:24:34 2017 : Debug: cache {
Fri Apr 28 17:24:34 2017 : Debug: enable = no
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 24
Fri Apr 28 17:24:34 2017 : Debug: max_entries = 255
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: verify {
Fri Apr 28 17:24:34 2017 : Debug: skip_if_ocsp_ok = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: ocsp {
Fri Apr 28 17:24:34 2017 : Debug: enable = no
Fri Apr 28 17:24:34 2017 : Debug: override_cert_url = yes
Fri Apr 28 17:24:34 2017 : Debug: url = "http://127.0.0.1/ocsp/"
Fri Apr 28 17:24:34 2017 : Debug: use_nonce = yes
Fri Apr 28 17:24:34 2017 : Debug: timeout = 0
Fri Apr 28 17:24:34 2017 : Debug: softfail = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Linked to sub-module rlm_eap_ttls
Fri Apr 28 17:24:34 2017 : Debug: ttls {
Fri Apr 28 17:24:34 2017 : Debug: tls = "tls-common"
Fri Apr 28 17:24:34 2017 : Debug: default_eap_type = "mschapv2"
Fri Apr 28 17:24:34 2017 : Debug: copy_request_to_tunnel = yes
Fri Apr 28 17:24:34 2017 : Debug: use_tunneled_reply = yes
Fri Apr 28 17:24:34 2017 : Debug: virtual_server = "inner-tunnel"
Fri Apr 28 17:24:34 2017 : Debug: include_length = yes
Fri Apr 28 17:24:34 2017 : Debug: require_client_cert = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: tls: Using cached TLS configuration from previous invocation
Fri Apr 28 17:24:34 2017 : Debug: # Linked to sub-module rlm_eap_peap
Fri Apr 28 17:24:34 2017 : Debug: peap {
Fri Apr 28 17:24:34 2017 : Debug: tls = "tls-common"
Fri Apr 28 17:24:34 2017 : Debug: default_eap_type = "mschapv2"
Fri Apr 28 17:24:34 2017 : Debug: copy_request_to_tunnel = yes
Fri Apr 28 17:24:34 2017 : Debug: use_tunneled_reply = yes
Fri Apr 28 17:24:34 2017 : Debug: proxy_tunneled_request_as_eap = yes
Fri Apr 28 17:24:34 2017 : Debug: virtual_server = "inner-tunnel"
Fri Apr 28 17:24:34 2017 : Debug: soh = no
Fri Apr 28 17:24:34 2017 : Debug: require_client_cert = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: tls: Using cached TLS configuration from previous invocation
Fri Apr 28 17:24:34 2017 : Debug: # Linked to sub-module rlm_eap_mschapv2
Fri Apr 28 17:24:34 2017 : Debug: mschapv2 {
Fri Apr 28 17:24:34 2017 : Debug: with_ntdomain_hack = no
Fri Apr 28 17:24:34 2017 : Debug: send_error = no
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "mschap" from file /etc/raddb/mods-enabled/mschap
Fri Apr 28 17:24:34 2017 : Debug: rlm_mschap (mschap): using internal authentication
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "preprocess" from file /etc/raddb/mods-enabled/preprocess
Fri Apr 28 17:24:34 2017 : Debug: reading pairlist file /etc/raddb/mods-config/preprocess/huntgroups
Fri Apr 28 17:24:34 2017 : Debug: reading pairlist file /etc/raddb/mods-config/preprocess/hints
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "etc_passwd" from file /etc/raddb/mods-enabled/passwd
Fri Apr 28 17:24:34 2017 : Debug: rlm_passwd: nfields: 3 keyfield 0(User-Name) listable: no
Fri Apr 28 17:24:34 2017 : Debug: # Instantiating module "main_pool" from file /etc/raddb/mods-enabled/ippool
Fri Apr 28 17:24:34 2017 : Debug: } # modules
Fri Apr 28 17:24:34 2017 : Debug: radiusd: #### Loading Virtual Servers ####
Fri Apr 28 17:24:34 2017 : Debug: server { # from file /etc/raddb/radiusd.conf
Fri Apr 28 17:24:34 2017 : Debug: } # server
Fri Apr 28 17:24:34 2017 : Debug: server default { # from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:24:34 2017 : Debug: # Loading authenticate {...}
Fri Apr 28 17:24:34 2017 : Debug: eap
Fri Apr 28 17:24:34 2017 : Debug: # Loading authorize {...}
Fri Apr 28 17:24:34 2017 : Debug: policy filter_username {
Fri Apr 28 17:24:34 2017 : Debug: if (&User-Name) {
Fri Apr 28 17:24:34 2017 : Debug: if (&User-Name =~ / /) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &Module-Failure-Message += 'Rejected: User-Name contains whitespace'
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: reject
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: if (&User-Name =~ /@[^@]*@/) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &Module-Failure-Message += 'Rejected: Multiple @ in User-Name'
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: reject
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: if (&User-Name =~ /\.\./) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &Module-Failure-Message += 'Rejected: User-Name contains multiple ..s'
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: reject
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: if (&User-Name =~ /@/ && !&User-Name =~ /@(.+)\.(.+)$/) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &Module-Failure-Message += 'Rejected: Realm does not have at least one dot separator'
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: reject
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: if (&User-Name =~ /\.$/) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &Module-Failure-Message += 'Rejected: Realm ends with a dot'
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: reject
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: if (&User-Name =~ /@\./) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &Module-Failure-Message += 'Rejected: Realm begins with a dot'
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: reject
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: policy filter_password {
Fri Apr 28 17:24:34 2017 : Debug: if (&User-Password && !&User-Password == "%{string:User-Password}") {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &Tmp-String-0 := "%{string:User-Password}"
Fri Apr 28 17:24:34 2017 : Debug: &User-Password := "%{string:Tmp-String-0}"
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: preprocess
Fri Apr 28 17:24:34 2017 : Debug: auth_log
Fri Apr 28 17:24:34 2017 : Debug: mschap
Fri Apr 28 17:24:34 2017 : Debug: suffix
Fri Apr 28 17:24:34 2017 : Debug: eap
Fri Apr 28 17:24:34 2017 : Debug: ldap
Fri Apr 28 17:24:34 2017 : Debug: expiration
Fri Apr 28 17:24:34 2017 : Debug: logintime
Fri Apr 28 17:24:34 2017 : Debug: # Loading preacct {...}
Fri Apr 28 17:24:34 2017 : Debug: preprocess
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/policy.d/accounting[36]: Please change attribute reference to '&Tmp-String-9 := ...'
Fri Apr 28 17:24:34 2017 : Debug: policy acct_unique {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &Tmp-String-9 := "ai:"
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: if ("%{hex:&Class}" =~ /^%{hex:&Tmp-String-9}/ && "%{string:&Class}" =~ /^ai:([0-9a-f]{32})/) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &Acct-Unique-Session-Id := "%{md5:%{1},%{Acct-Session-ID}}"
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: else {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &Acct-Unique-Session-Id := "%{md5:%{User-Name},%{Acct-Session-ID},%{%{NAS-IPv6-Address}:-%{NAS-IP-Address}},%{NAS-Identifier},%{NAS-Port-ID},%{NAS-Port}}"
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: suffix
Fri Apr 28 17:24:34 2017 : Debug: # Loading accounting {...}
Fri Apr 28 17:24:34 2017 : Debug: detail
Fri Apr 28 17:24:34 2017 : Debug: unix
Fri Apr 28 17:24:34 2017 : Debug: exec
Fri Apr 28 17:24:34 2017 : Debug: attr_filter.accounting_response
Fri Apr 28 17:24:34 2017 : Debug: # Loading post-proxy {...}
Fri Apr 28 17:24:34 2017 : Debug: eap
Fri Apr 28 17:24:34 2017 : Debug: if (&User-Name =~ /^(.+)@(.+)$/) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &proxy-reply:Realm := "%{2}"
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: # Loading post-auth {...}
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &reply[*] += &session-state[*]
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: if ("%{%{Stripped-User-Name}:-%{User-Name}}" == testemploye) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &reply:Tunnel-Private-Group-Id := 144
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: if (!&reply:Realm == "univ-brest.fr") {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &reply:Tunnel-Private-Group-Id := 143
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: reply_log
Fri Apr 28 17:24:34 2017 : Debug: exec
Fri Apr 28 17:24:34 2017 : Debug: policy remove_reply_message_if_eap {
Fri Apr 28 17:24:34 2017 : Debug: if (&reply:EAP-Message && &reply:Reply-Message) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &reply:Reply-Message !* ANY
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: else {
Fri Apr 28 17:24:34 2017 : Debug: noop
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: } # server default
Fri Apr 28 17:24:34 2017 : Debug: server inner-tunnel { # from file /etc/raddb/sites-enabled/inner-tunnel
Fri Apr 28 17:24:34 2017 : Debug: # Loading authenticate {...}
Fri Apr 28 17:24:34 2017 : Debug: eap
Fri Apr 28 17:24:34 2017 : Debug: # Loading authorize {...}
Fri Apr 28 17:24:34 2017 : Debug: policy filter_username {
Fri Apr 28 17:24:34 2017 : Debug: if (&User-Name) {
Fri Apr 28 17:24:34 2017 : Debug: if (&User-Name =~ / /) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &Module-Failure-Message += 'Rejected: User-Name contains whitespace'
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: reject
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: if (&User-Name =~ /@[^@]*@/) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &Module-Failure-Message += 'Rejected: Multiple @ in User-Name'
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: reject
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: if (&User-Name =~ /\.\./) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &Module-Failure-Message += 'Rejected: User-Name contains multiple ..s'
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: reject
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: if (&User-Name =~ /@/ && !&User-Name =~ /@(.+)\.(.+)$/) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &Module-Failure-Message += 'Rejected: Realm does not have at least one dot separator'
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: reject
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: if (&User-Name =~ /\.$/) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &Module-Failure-Message += 'Rejected: Realm ends with a dot'
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: reject
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: if (&User-Name =~ /@\./) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &Module-Failure-Message += 'Rejected: Realm begins with a dot'
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: reject
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/policy.d/filter[117]: Please change attribute reference to '&Module-Failure-Message = ...'
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/policy.d/filter[135]: Please change attribute reference to '&Outer-Realm-Name = ...'
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/policy.d/filter[147]: Please change attribute reference to '&Module-Failure-Message = ...'
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/policy.d/filter[162]: Please change attribute reference to '&Module-Failure-Message = ...'
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/policy.d/filter[172]: Please change attribute reference to '&Inner-Realm-Name = ...'
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/policy.d/filter[190]: Please change attribute reference to '&Module-Failure-Message = ...'
Fri Apr 28 17:24:34 2017 : Debug: policy filter_inner_identity {
Fri Apr 28 17:24:34 2017 : Debug: if (!&outer.request:User-Name || !&User-Name) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &Module-Failure-Message = "User-Name is required for tunneled authentication"
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: reject
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: if (!&outer.request:User-Name == &User-Name) {
Fri Apr 28 17:24:34 2017 : Debug: if (&outer.request:User-Name =~ /@([^@]+)$/) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &Outer-Realm-Name = "%{1}"
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: if (!&outer.request:User-Name =~ /^(anon|@)/) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &Module-Failure-Message = "User-Name is not anonymized"
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: reject
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: elsif (!&outer.request:User-Name =~ /^anon/) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &Module-Failure-Message = "User-Name is not anonymized"
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: reject
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: if (&User-Name =~ /@([^@]+)$/) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &Inner-Realm-Name = "%{1}"
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: if (&Outer-Realm-Name && !&Inner-Realm-Name == &Outer-Realm-Name && !&Inner-Realm-Name =~ /\.%{Outer-Realm-Name}$/) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &Module-Failure-Message = "Inner realm '%{Inner-Realm-Name}' and outer realm '%{Outer-Realm-Name}' are not from the same domain."
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: reject
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: mschap
Fri Apr 28 17:24:34 2017 : Debug: suffix
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &control:Proxy-To-Realm := LOCAL
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: eap
Fri Apr 28 17:24:34 2017 : Debug: ldap
Fri Apr 28 17:24:34 2017 : Debug: expiration
Fri Apr 28 17:24:34 2017 : Debug: logintime
Fri Apr 28 17:24:34 2017 : Debug: pap
Fri Apr 28 17:24:34 2017 : Debug: # Loading session {...}
Fri Apr 28 17:24:34 2017 : Debug: radutmp
Fri Apr 28 17:24:34 2017 : Debug: # Loading post-proxy {...}
Fri Apr 28 17:24:34 2017 : Debug: post_proxy_log
Fri Apr 28 17:24:34 2017 : Debug: attr_filter.post-proxy
Fri Apr 28 17:24:34 2017 : Debug: eap
Fri Apr 28 17:24:34 2017 : Debug: # Loading post-auth {...}
Fri Apr 28 17:24:34 2017 : Debug: reply_log
Fri Apr 28 17:24:34 2017 : Debug: ldap
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &outer.session-state[*] += &reply[*]
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/sites-enabled/inner-tunnel[354]: Please change attribute reference to '&MS-MPPE-Encryption-Policy !* ...'
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/sites-enabled/inner-tunnel[355]: Please change attribute reference to '&MS-MPPE-Encryption-Types !* ...'
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/sites-enabled/inner-tunnel[356]: Please change attribute reference to '&MS-MPPE-Send-Key !* ...'
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/sites-enabled/inner-tunnel[357]: Please change attribute reference to '&MS-MPPE-Recv-Key !* ...'
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/sites-enabled/inner-tunnel[358]: Please change attribute reference to '&Message-Authenticator !* ...'
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/sites-enabled/inner-tunnel[359]: Please change attribute reference to '&EAP-Message !* ...'
Fri Apr 28 17:24:34 2017 : Warning: /etc/raddb/sites-enabled/inner-tunnel[360]: Please change attribute reference to '&Proxy-State !* ...'
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &outer.session-state:MS-MPPE-Encryption-Policy !* ANY
Fri Apr 28 17:24:34 2017 : Debug: &outer.session-state:MS-MPPE-Encryption-Types !* ANY
Fri Apr 28 17:24:34 2017 : Debug: &outer.session-state:MS-MPPE-Send-Key !* ANY
Fri Apr 28 17:24:34 2017 : Debug: &outer.session-state:MS-MPPE-Recv-Key !* ANY
Fri Apr 28 17:24:34 2017 : Debug: &outer.session-state:Message-Authenticator !* ANY
Fri Apr 28 17:24:34 2017 : Debug: &outer.session-state:EAP-Message !* ANY
Fri Apr 28 17:24:34 2017 : Debug: &outer.session-state:Proxy-State !* ANY
Fri Apr 28 17:24:34 2017 : Debug: &outer.session-state:LDAP-Desc := &reply:LDAP-Desc
Fri Apr 28 17:24:34 2017 : Debug: &outer.session-state:Realm := &User-Name
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: if (&User-Name =~ /^(.+)@(.+)$/) {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &outer.session-state:Realm := "%{2}"
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: if (&outer.session-state:LDAP-Desc == "employee") {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &outer.session-state:Tunnel-Private-Group-Id := 142
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: elsif (&outer.session-state:LDAP-Desc == "affiliate") {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &outer.session-state:Tunnel-Private-Group-Id := 142
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: elsif (&outer.session-state:LDAP-Desc == "student") {
Fri Apr 28 17:24:34 2017 : Debug: update {
Fri Apr 28 17:24:34 2017 : Debug: &outer.session-state:Tunnel-Private-Group-Id := 132
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: } # server inner-tunnel
Fri Apr 28 17:24:34 2017 : Debug: radiusd: #### Opening IP addresses and Ports ####
Fri Apr 28 17:24:34 2017 : Debug: listen {
Fri Apr 28 17:24:34 2017 : Debug: type = "auth"
Fri Apr 28 17:24:34 2017 : Debug: ipaddr = *
Fri Apr 28 17:24:34 2017 : Debug: port = 0
Fri Apr 28 17:24:34 2017 : Debug: limit {
Fri Apr 28 17:24:34 2017 : Debug: max_connections = 16
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 0
Fri Apr 28 17:24:34 2017 : Debug: idle_timeout = 30
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: listen {
Fri Apr 28 17:24:34 2017 : Debug: type = "acct"
Fri Apr 28 17:24:34 2017 : Debug: ipaddr = *
Fri Apr 28 17:24:34 2017 : Debug: port = 0
Fri Apr 28 17:24:34 2017 : Debug: limit {
Fri Apr 28 17:24:34 2017 : Debug: max_connections = 16
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 0
Fri Apr 28 17:24:34 2017 : Debug: idle_timeout = 30
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: listen {
Fri Apr 28 17:24:34 2017 : Debug: type = "auth"
Fri Apr 28 17:24:34 2017 : Debug: ipv6addr = ::
Fri Apr 28 17:24:34 2017 : Debug: port = 0
Fri Apr 28 17:24:34 2017 : Debug: limit {
Fri Apr 28 17:24:34 2017 : Debug: max_connections = 16
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 0
Fri Apr 28 17:24:34 2017 : Debug: idle_timeout = 30
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: listen {
Fri Apr 28 17:24:34 2017 : Debug: type = "acct"
Fri Apr 28 17:24:34 2017 : Debug: ipv6addr = ::
Fri Apr 28 17:24:34 2017 : Debug: port = 0
Fri Apr 28 17:24:34 2017 : Debug: limit {
Fri Apr 28 17:24:34 2017 : Debug: max_connections = 16
Fri Apr 28 17:24:34 2017 : Debug: lifetime = 0
Fri Apr 28 17:24:34 2017 : Debug: idle_timeout = 30
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: listen {
Fri Apr 28 17:24:34 2017 : Debug: type = "auth"
Fri Apr 28 17:24:34 2017 : Debug: ipaddr = 127.0.0.1
Fri Apr 28 17:24:34 2017 : Debug: port = 18120
Fri Apr 28 17:24:34 2017 : Debug: }
Fri Apr 28 17:24:34 2017 : Debug: Listening on auth address * port 1812 bound to server default
Fri Apr 28 17:24:34 2017 : Debug: Listening on acct address * port 1813 bound to server default
Fri Apr 28 17:24:34 2017 : Debug: Listening on auth address :: port 1812 bound to server default
Fri Apr 28 17:24:34 2017 : Debug: Listening on acct address :: port 1813 bound to server default
Fri Apr 28 17:24:34 2017 : Debug: Listening on auth address 127.0.0.1 port 18120 bound to server inner-tunnel
Fri Apr 28 17:24:34 2017 : Debug: Opened new proxy socket 'proxy address * port 42534'
Fri Apr 28 17:24:34 2017 : Debug: Listening on proxy address * port 42534
Fri Apr 28 17:24:34 2017 : Debug: Opened new proxy socket 'proxy address :: port 33210'
Fri Apr 28 17:24:34 2017 : Debug: Listening on proxy address :: port 33210
Fri Apr 28 17:24:34 2017 : Info: Ready to process requests
Fri Apr 28 17:25:07 2017 : Debug: (0) Received Access-Request Id 249 from 172.19.11.253:32770 to 195.83.247.135:1812 length 242
Fri Apr 28 17:25:07 2017 : Debug: (0) User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (0) Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:07 2017 : Debug: (0) Location-Capable = Civix-Location
Fri Apr 28 17:25:07 2017 : Debug: (0) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:07 2017 : Debug: (0) Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:07 2017 : Debug: (0) NAS-Port = 13
Fri Apr 28 17:25:07 2017 : Debug: (0) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:07 2017 : Debug: (0) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:07 2017 : Debug: (0) NAS-Identifier = "wism2"
Fri Apr 28 17:25:07 2017 : Debug: (0) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:07 2017 : Debug: (0) Service-Type = Framed-User
Fri Apr 28 17:25:07 2017 : Debug: (0) Framed-MTU = 1300
Fri Apr 28 17:25:07 2017 : Debug: (0) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:07 2017 : Debug: (0) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:07 2017 : Debug: (0) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:07 2017 : Debug: (0) Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:07 2017 : Debug: (0) EAP-Message = 0x02010010017465737473747564656e74
Fri Apr 28 17:25:07 2017 : Debug: (0) Message-Authenticator = 0x14b271422f4e1b204bd9742bdd5b8ff3
Fri Apr 28 17:25:07 2017 : Debug: (0) session-state: No State attribute
Fri Apr 28 17:25:07 2017 : Debug: (0) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (0) authorize {
Fri Apr 28 17:25:07 2017 : Debug: (0) policy filter_username {
Fri Apr 28 17:25:07 2017 : Debug: (0) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (0) if (&User-Name) -> TRUE
Fri Apr 28 17:25:07 2017 : Debug: (0) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (0) if (&User-Name =~ / /) {
Fri Apr 28 17:25:07 2017 : Debug: (0) if (&User-Name =~ / /) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (0) if (&User-Name =~ /@[^@]*@/ ) {
Fri Apr 28 17:25:07 2017 : Debug: (0) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (0) if (&User-Name =~ /\.\./ ) {
Fri Apr 28 17:25:07 2017 : Debug: (0) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (0) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Apr 28 17:25:07 2017 : Debug: (0) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (0) if (&User-Name =~ /\.$/) {
Fri Apr 28 17:25:07 2017 : Debug: (0) if (&User-Name =~ /\.$/) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (0) if (&User-Name =~ /@\./) {
Fri Apr 28 17:25:07 2017 : Debug: (0) if (&User-Name =~ /@\./) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (0) } # if (&User-Name) = notfound
Fri Apr 28 17:25:07 2017 : Debug: (0) } # policy filter_username = notfound
Fri Apr 28 17:25:07 2017 : Debug: (0) policy filter_password {
Fri Apr 28 17:25:07 2017 : Debug: (0) if (&User-Password && (&User-Password != "%{string:User-Password}")) {
Fri Apr 28 17:25:07 2017 : Debug: (0) if (&User-Password && (&User-Password != "%{string:User-Password}")) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (0) } # policy filter_password = notfound
Fri Apr 28 17:25:07 2017 : Debug: (0) modsingle[authorize]: calling preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (0) modsingle[authorize]: returned from preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (0) [preprocess] = ok
Fri Apr 28 17:25:07 2017 : Debug: (0) modsingle[authorize]: calling auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: literal --> /var/log/radius/radacct/
Fri Apr 28 17:25:07 2017 : Debug: if {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IP-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: else {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IPv6-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: literal --> /auth-detail-
Fri Apr 28 17:25:07 2017 : Debug: percent --> Y
Fri Apr 28 17:25:07 2017 : Debug: percent --> m
Fri Apr 28 17:25:07 2017 : Debug: percent --> d
Fri Apr 28 17:25:07 2017 : Debug: (0) auth_log: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: (0) auth_log: --> /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: (0) auth_log: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: %t
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: percent --> t
Fri Apr 28 17:25:07 2017 : Debug: (0) auth_log: EXPAND %t
Fri Apr 28 17:25:07 2017 : Debug: (0) auth_log: --> Fri Apr 28 17:25:07 2017
Fri Apr 28 17:25:07 2017 : Debug: (0) modsingle[authorize]: returned from auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: (0) [auth_log] = ok
Fri Apr 28 17:25:07 2017 : Debug: (0) modsingle[authorize]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (0) modsingle[authorize]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (0) [mschap] = noop
Fri Apr 28 17:25:07 2017 : Debug: (0) modsingle[authorize]: calling suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (0) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:07 2017 : Debug: (0) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:07 2017 : Debug: (0) suffix: Found realm "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (0) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (0) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (0) suffix: Authentication realm is LOCAL
Fri Apr 28 17:25:07 2017 : Debug: (0) modsingle[authorize]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (0) [suffix] = ok
Fri Apr 28 17:25:07 2017 : Debug: (0) modsingle[authorize]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (0) eap: Peer sent EAP Response (code 2) ID 1 length 16
Fri Apr 28 17:25:07 2017 : Debug: (0) eap: EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
Fri Apr 28 17:25:07 2017 : Debug: (0) modsingle[authorize]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (0) [eap] = ok
Fri Apr 28 17:25:07 2017 : Debug: (0) } # authorize = ok
Fri Apr 28 17:25:07 2017 : Debug: (0) Found Auth-Type = eap
Fri Apr 28 17:25:07 2017 : Debug: (0) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (0) authenticate {
Fri Apr 28 17:25:07 2017 : Debug: (0) modsingle[authenticate]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (0) eap: Peer sent packet with method EAP Identity (1)
Fri Apr 28 17:25:07 2017 : Debug: (0) eap: Calling submodule eap_peap to process data
Fri Apr 28 17:25:07 2017 : Debug: (0) eap_peap: Initiating new EAP-TLS session
Fri Apr 28 17:25:07 2017 : Debug: (0) eap_peap: [eaptls start] = request
Fri Apr 28 17:25:07 2017 : Debug: (0) eap: Sending EAP Request (code 1) ID 2 length 6
Fri Apr 28 17:25:07 2017 : Debug: (0) eap: EAP session adding &reply:State = 0x1ae03c641ae225f8
Fri Apr 28 17:25:07 2017 : Debug: (0) modsingle[authenticate]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (0) [eap] = handled
Fri Apr 28 17:25:07 2017 : Debug: (0) } # authenticate = handled
Fri Apr 28 17:25:07 2017 : Debug: (0) Using Post-Auth-Type Challenge
Fri Apr 28 17:25:07 2017 : Debug: (0) Post-Auth-Type sub-section not found. Ignoring.
Fri Apr 28 17:25:07 2017 : Debug: (0) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (0) session-state: Nothing to cache
Fri Apr 28 17:25:07 2017 : Debug: (0) Sent Access-Challenge Id 249 from 195.83.247.135:1812 to 172.19.11.253:32770 length 0
Fri Apr 28 17:25:07 2017 : Debug: (0) EAP-Message = 0x010200061920
Fri Apr 28 17:25:07 2017 : Debug: (0) Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:07 2017 : Debug: (0) State = 0x1ae03c641ae225f816741c704e0982d9
Fri Apr 28 17:25:07 2017 : Debug: (0) Finished request
Fri Apr 28 17:25:07 2017 : Debug: Waking up in 4.9 seconds.
Fri Apr 28 17:25:07 2017 : Debug: (1) Received Access-Request Id 250 from 172.19.11.253:32770 to 195.83.247.135:1812 length 408
Fri Apr 28 17:25:07 2017 : Debug: (1) User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (1) Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:07 2017 : Debug: (1) Location-Capable = Civix-Location
Fri Apr 28 17:25:07 2017 : Debug: (1) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:07 2017 : Debug: (1) Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:07 2017 : Debug: (1) NAS-Port = 13
Fri Apr 28 17:25:07 2017 : Debug: (1) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:07 2017 : Debug: (1) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:07 2017 : Debug: (1) NAS-Identifier = "wism2"
Fri Apr 28 17:25:07 2017 : Debug: (1) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:07 2017 : Debug: (1) Service-Type = Framed-User
Fri Apr 28 17:25:07 2017 : Debug: (1) Framed-MTU = 1300
Fri Apr 28 17:25:07 2017 : Debug: (1) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:07 2017 : Debug: (1) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:07 2017 : Debug: (1) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:07 2017 : Debug: (1) Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:07 2017 : Debug: (1) EAP-Message = 0x020200a419800000009a160301009501000091030159035f29fc544e341b719637a261e74308f67e5604019095e9efcc1e389ca53f000056c00ac009c007c008c013c014c011c012c004c005c002c003c00ec00fc00cc00d002f000500040035000a000900030008000600320033003800390016001500
Fri Apr 28 17:25:07 2017 : Debug: (1) State = 0x1ae03c641ae225f816741c704e0982d9
Fri Apr 28 17:25:07 2017 : Debug: (1) Message-Authenticator = 0x7fcb5107b30edff3d7f684328f68ce79
Fri Apr 28 17:25:07 2017 : Debug: (1) session-state: No cached attributes
Fri Apr 28 17:25:07 2017 : Debug: (1) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (1) authorize {
Fri Apr 28 17:25:07 2017 : Debug: (1) policy filter_username {
Fri Apr 28 17:25:07 2017 : Debug: (1) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (1) if (&User-Name) -> TRUE
Fri Apr 28 17:25:07 2017 : Debug: (1) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (1) if (&User-Name =~ / /) {
Fri Apr 28 17:25:07 2017 : Debug: (1) if (&User-Name =~ / /) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (1) if (&User-Name =~ /@[^@]*@/ ) {
Fri Apr 28 17:25:07 2017 : Debug: (1) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (1) if (&User-Name =~ /\.\./ ) {
Fri Apr 28 17:25:07 2017 : Debug: (1) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Apr 28 17:25:07 2017 : Debug: (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (1) if (&User-Name =~ /\.$/) {
Fri Apr 28 17:25:07 2017 : Debug: (1) if (&User-Name =~ /\.$/) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (1) if (&User-Name =~ /@\./) {
Fri Apr 28 17:25:07 2017 : Debug: (1) if (&User-Name =~ /@\./) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (1) } # if (&User-Name) = notfound
Fri Apr 28 17:25:07 2017 : Debug: (1) } # policy filter_username = notfound
Fri Apr 28 17:25:07 2017 : Debug: (1) policy filter_password {
Fri Apr 28 17:25:07 2017 : Debug: (1) if (&User-Password && (&User-Password != "%{string:User-Password}")) {
Fri Apr 28 17:25:07 2017 : Debug: (1) if (&User-Password && (&User-Password != "%{string:User-Password}")) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (1) } # policy filter_password = notfound
Fri Apr 28 17:25:07 2017 : Debug: (1) modsingle[authorize]: calling preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (1) modsingle[authorize]: returned from preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (1) [preprocess] = ok
Fri Apr 28 17:25:07 2017 : Debug: (1) modsingle[authorize]: calling auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: literal --> /var/log/radius/radacct/
Fri Apr 28 17:25:07 2017 : Debug: if {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IP-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: else {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IPv6-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: literal --> /auth-detail-
Fri Apr 28 17:25:07 2017 : Debug: percent --> Y
Fri Apr 28 17:25:07 2017 : Debug: percent --> m
Fri Apr 28 17:25:07 2017 : Debug: percent --> d
Fri Apr 28 17:25:07 2017 : Debug: (1) auth_log: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: (1) auth_log: --> /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: (1) auth_log: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: %t
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: percent --> t
Fri Apr 28 17:25:07 2017 : Debug: (1) auth_log: EXPAND %t
Fri Apr 28 17:25:07 2017 : Debug: (1) auth_log: --> Fri Apr 28 17:25:07 2017
Fri Apr 28 17:25:07 2017 : Debug: (1) modsingle[authorize]: returned from auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: (1) [auth_log] = ok
Fri Apr 28 17:25:07 2017 : Debug: (1) modsingle[authorize]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (1) modsingle[authorize]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (1) [mschap] = noop
Fri Apr 28 17:25:07 2017 : Debug: (1) modsingle[authorize]: calling suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (1) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:07 2017 : Debug: (1) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:07 2017 : Debug: (1) suffix: Found realm "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (1) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (1) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (1) suffix: Authentication realm is LOCAL
Fri Apr 28 17:25:07 2017 : Debug: (1) modsingle[authorize]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (1) [suffix] = ok
Fri Apr 28 17:25:07 2017 : Debug: (1) modsingle[authorize]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (1) eap: Peer sent EAP Response (code 2) ID 2 length 164
Fri Apr 28 17:25:07 2017 : Debug: (1) eap: Continuing tunnel setup
Fri Apr 28 17:25:07 2017 : Debug: (1) modsingle[authorize]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (1) [eap] = ok
Fri Apr 28 17:25:07 2017 : Debug: (1) } # authorize = ok
Fri Apr 28 17:25:07 2017 : Debug: (1) Found Auth-Type = eap
Fri Apr 28 17:25:07 2017 : Debug: (1) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (1) authenticate {
Fri Apr 28 17:25:07 2017 : Debug: (1) modsingle[authenticate]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (1) eap: Expiring EAP session with state 0x1ae03c641ae225f8
Fri Apr 28 17:25:07 2017 : Debug: (1) eap: Finished EAP session with state 0x1ae03c641ae225f8
Fri Apr 28 17:25:07 2017 : Debug: (1) eap: Previous EAP request found for state 0x1ae03c641ae225f8, released from the list
Fri Apr 28 17:25:07 2017 : Debug: (1) eap: Peer sent packet with method EAP PEAP (25)
Fri Apr 28 17:25:07 2017 : Debug: (1) eap: Calling submodule eap_peap to process data
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: Continuing EAP-TLS
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: Peer sent flags --L
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: Peer indicated complete TLS record size will be 154 bytes
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: Got complete TLS record (154 bytes)
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: [eaptls verify] = length included
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: (other): before/accept initialization
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: TLS_accept: before/accept initialization
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: <<< recv TLS 1.0 Handshake [length 0095], ClientHello
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: TLS_accept: SSLv3 read client hello A
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: >>> send TLS 1.0 Handshake [length 0034], ServerHello
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: TLS_accept: SSLv3 write server hello A
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: >>> send TLS 1.0 Handshake [length 0e1c], Certificate
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: TLS_accept: SSLv3 write certificate A
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: >>> send TLS 1.0 Handshake [length 014b], ServerKeyExchange
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: TLS_accept: SSLv3 write key exchange A
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: >>> send TLS 1.0 Handshake [length 0004], ServerHelloDone
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: TLS_accept: SSLv3 write server done A
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: TLS_accept: SSLv3 flush data
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: TLS_accept: Need to read more data: SSLv3 read client certificate A
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: TLS_accept: Need to read more data: SSLv3 read client certificate A
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: In SSL Handshake Phase
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: In SSL Accept mode
Fri Apr 28 17:25:07 2017 : Debug: (1) eap_peap: [eaptls process] = handled
Fri Apr 28 17:25:07 2017 : Debug: (1) eap: Sending EAP Request (code 1) ID 3 length 1004
Fri Apr 28 17:25:07 2017 : Debug: (1) eap: EAP session adding &reply:State = 0x1ae03c641be325f8
Fri Apr 28 17:25:07 2017 : Debug: (1) modsingle[authenticate]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (1) [eap] = handled
Fri Apr 28 17:25:07 2017 : Debug: (1) } # authenticate = handled
Fri Apr 28 17:25:07 2017 : Debug: (1) Using Post-Auth-Type Challenge
Fri Apr 28 17:25:07 2017 : Debug: (1) Post-Auth-Type sub-section not found. Ignoring.
Fri Apr 28 17:25:07 2017 : Debug: (1) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (1) session-state: Nothing to cache
Fri Apr 28 17:25:07 2017 : Debug: (1) Sent Access-Challenge Id 250 from 195.83.247.135:1812 to 172.19.11.253:32770 length 0
Fri Apr 28 17:25:07 2017 : Debug: (1) EAP-Message = 0x010303ec19c000000fb3160301003402000030030159035ed3702937ced05923cd5c23bb807b437263df8ab3c58c60b4810e196b3400c013000008000b0004030001021603010e1c0b000e18000e150005523082054e30820436a00302010202100c4f4721177af78634d1410569d96a44300d06092a86
Fri Apr 28 17:25:07 2017 : Debug: (1) Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:07 2017 : Debug: (1) State = 0x1ae03c641be325f816741c704e0982d9
Fri Apr 28 17:25:07 2017 : Debug: (1) Finished request
Fri Apr 28 17:25:07 2017 : Debug: Waking up in 4.9 seconds.
Fri Apr 28 17:25:07 2017 : Debug: (2) Received Access-Request Id 251 from 172.19.11.253:32770 to 195.83.247.135:1812 length 250
Fri Apr 28 17:25:07 2017 : Debug: (2) User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (2) Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:07 2017 : Debug: (2) Location-Capable = Civix-Location
Fri Apr 28 17:25:07 2017 : Debug: (2) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:07 2017 : Debug: (2) Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:07 2017 : Debug: (2) NAS-Port = 13
Fri Apr 28 17:25:07 2017 : Debug: (2) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:07 2017 : Debug: (2) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:07 2017 : Debug: (2) NAS-Identifier = "wism2"
Fri Apr 28 17:25:07 2017 : Debug: (2) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:07 2017 : Debug: (2) Service-Type = Framed-User
Fri Apr 28 17:25:07 2017 : Debug: (2) Framed-MTU = 1300
Fri Apr 28 17:25:07 2017 : Debug: (2) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:07 2017 : Debug: (2) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:07 2017 : Debug: (2) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:07 2017 : Debug: (2) Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:07 2017 : Debug: (2) EAP-Message = 0x020300061900
Fri Apr 28 17:25:07 2017 : Debug: (2) State = 0x1ae03c641be325f816741c704e0982d9
Fri Apr 28 17:25:07 2017 : Debug: (2) Message-Authenticator = 0x088a03e9f0497212ddcca10f86cca775
Fri Apr 28 17:25:07 2017 : Debug: (2) session-state: No cached attributes
Fri Apr 28 17:25:07 2017 : Debug: (2) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (2) authorize {
Fri Apr 28 17:25:07 2017 : Debug: (2) policy filter_username {
Fri Apr 28 17:25:07 2017 : Debug: (2) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (2) if (&User-Name) -> TRUE
Fri Apr 28 17:25:07 2017 : Debug: (2) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (2) if (&User-Name =~ / /) {
Fri Apr 28 17:25:07 2017 : Debug: (2) if (&User-Name =~ / /) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (2) if (&User-Name =~ /@[^@]*@/ ) {
Fri Apr 28 17:25:07 2017 : Debug: (2) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (2) if (&User-Name =~ /\.\./ ) {
Fri Apr 28 17:25:07 2017 : Debug: (2) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (2) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Apr 28 17:25:07 2017 : Debug: (2) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (2) if (&User-Name =~ /\.$/) {
Fri Apr 28 17:25:07 2017 : Debug: (2) if (&User-Name =~ /\.$/) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (2) if (&User-Name =~ /@\./) {
Fri Apr 28 17:25:07 2017 : Debug: (2) if (&User-Name =~ /@\./) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (2) } # if (&User-Name) = notfound
Fri Apr 28 17:25:07 2017 : Debug: (2) } # policy filter_username = notfound
Fri Apr 28 17:25:07 2017 : Debug: (2) policy filter_password {
Fri Apr 28 17:25:07 2017 : Debug: (2) if (&User-Password && (&User-Password != "%{string:User-Password}")) {
Fri Apr 28 17:25:07 2017 : Debug: (2) if (&User-Password && (&User-Password != "%{string:User-Password}")) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (2) } # policy filter_password = notfound
Fri Apr 28 17:25:07 2017 : Debug: (2) modsingle[authorize]: calling preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (2) modsingle[authorize]: returned from preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (2) [preprocess] = ok
Fri Apr 28 17:25:07 2017 : Debug: (2) modsingle[authorize]: calling auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: literal --> /var/log/radius/radacct/
Fri Apr 28 17:25:07 2017 : Debug: if {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IP-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: else {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IPv6-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: literal --> /auth-detail-
Fri Apr 28 17:25:07 2017 : Debug: percent --> Y
Fri Apr 28 17:25:07 2017 : Debug: percent --> m
Fri Apr 28 17:25:07 2017 : Debug: percent --> d
Fri Apr 28 17:25:07 2017 : Debug: (2) auth_log: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: (2) auth_log: --> /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: (2) auth_log: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: %t
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: percent --> t
Fri Apr 28 17:25:07 2017 : Debug: (2) auth_log: EXPAND %t
Fri Apr 28 17:25:07 2017 : Debug: (2) auth_log: --> Fri Apr 28 17:25:07 2017
Fri Apr 28 17:25:07 2017 : Debug: (2) modsingle[authorize]: returned from auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: (2) [auth_log] = ok
Fri Apr 28 17:25:07 2017 : Debug: (2) modsingle[authorize]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (2) modsingle[authorize]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (2) [mschap] = noop
Fri Apr 28 17:25:07 2017 : Debug: (2) modsingle[authorize]: calling suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (2) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:07 2017 : Debug: (2) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:07 2017 : Debug: (2) suffix: Found realm "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (2) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (2) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (2) suffix: Authentication realm is LOCAL
Fri Apr 28 17:25:07 2017 : Debug: (2) modsingle[authorize]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (2) [suffix] = ok
Fri Apr 28 17:25:07 2017 : Debug: (2) modsingle[authorize]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (2) eap: Peer sent EAP Response (code 2) ID 3 length 6
Fri Apr 28 17:25:07 2017 : Debug: (2) eap: Continuing tunnel setup
Fri Apr 28 17:25:07 2017 : Debug: (2) modsingle[authorize]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (2) [eap] = ok
Fri Apr 28 17:25:07 2017 : Debug: (2) } # authorize = ok
Fri Apr 28 17:25:07 2017 : Debug: (2) Found Auth-Type = eap
Fri Apr 28 17:25:07 2017 : Debug: (2) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (2) authenticate {
Fri Apr 28 17:25:07 2017 : Debug: (2) modsingle[authenticate]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (2) eap: Expiring EAP session with state 0x1ae03c641be325f8
Fri Apr 28 17:25:07 2017 : Debug: (2) eap: Finished EAP session with state 0x1ae03c641be325f8
Fri Apr 28 17:25:07 2017 : Debug: (2) eap: Previous EAP request found for state 0x1ae03c641be325f8, released from the list
Fri Apr 28 17:25:07 2017 : Debug: (2) eap: Peer sent packet with method EAP PEAP (25)
Fri Apr 28 17:25:07 2017 : Debug: (2) eap: Calling submodule eap_peap to process data
Fri Apr 28 17:25:07 2017 : Debug: (2) eap_peap: Continuing EAP-TLS
Fri Apr 28 17:25:07 2017 : Debug: (2) eap_peap: Peer sent flags ---
Fri Apr 28 17:25:07 2017 : Debug: (2) eap_peap: Peer ACKed our handshake fragment
Fri Apr 28 17:25:07 2017 : Debug: (2) eap_peap: [eaptls verify] = request
Fri Apr 28 17:25:07 2017 : Debug: (2) eap_peap: [eaptls process] = handled
Fri Apr 28 17:25:07 2017 : Debug: (2) eap: Sending EAP Request (code 1) ID 4 length 1000
Fri Apr 28 17:25:07 2017 : Debug: (2) eap: EAP session adding &reply:State = 0x1ae03c6418e425f8
Fri Apr 28 17:25:07 2017 : Debug: (2) modsingle[authenticate]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (2) [eap] = handled
Fri Apr 28 17:25:07 2017 : Debug: (2) } # authenticate = handled
Fri Apr 28 17:25:07 2017 : Debug: (2) Using Post-Auth-Type Challenge
Fri Apr 28 17:25:07 2017 : Debug: (2) Post-Auth-Type sub-section not found. Ignoring.
Fri Apr 28 17:25:07 2017 : Debug: (2) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (2) session-state: Nothing to cache
Fri Apr 28 17:25:07 2017 : Debug: (2) Sent Access-Challenge Id 251 from 195.83.247.135:1812 to 172.19.11.253:32770 length 0
Fri Apr 28 17:25:07 2017 : Debug: (2) EAP-Message = 0x010403e8194068747470733a2f2f7777772e64696769636572742e636f6d2f4350533008060667810c010202306e06082b0601050507010104623060302406082b060105050730018618687474703a2f2f6f6373702e64696769636572742e636f6d303806082b06010505073002862c687474703a2f2f
Fri Apr 28 17:25:07 2017 : Debug: (2) Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:07 2017 : Debug: (2) State = 0x1ae03c6418e425f816741c704e0982d9
Fri Apr 28 17:25:07 2017 : Debug: (2) Finished request
Fri Apr 28 17:25:07 2017 : Debug: Waking up in 4.9 seconds.
Fri Apr 28 17:25:07 2017 : Debug: (3) Received Access-Request Id 252 from 172.19.11.253:32770 to 195.83.247.135:1812 length 250
Fri Apr 28 17:25:07 2017 : Debug: (3) User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (3) Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:07 2017 : Debug: (3) Location-Capable = Civix-Location
Fri Apr 28 17:25:07 2017 : Debug: (3) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:07 2017 : Debug: (3) Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:07 2017 : Debug: (3) NAS-Port = 13
Fri Apr 28 17:25:07 2017 : Debug: (3) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:07 2017 : Debug: (3) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:07 2017 : Debug: (3) NAS-Identifier = "wism2"
Fri Apr 28 17:25:07 2017 : Debug: (3) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:07 2017 : Debug: (3) Service-Type = Framed-User
Fri Apr 28 17:25:07 2017 : Debug: (3) Framed-MTU = 1300
Fri Apr 28 17:25:07 2017 : Debug: (3) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:07 2017 : Debug: (3) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:07 2017 : Debug: (3) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:07 2017 : Debug: (3) Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:07 2017 : Debug: (3) EAP-Message = 0x020400061900
Fri Apr 28 17:25:07 2017 : Debug: (3) State = 0x1ae03c6418e425f816741c704e0982d9
Fri Apr 28 17:25:07 2017 : Debug: (3) Message-Authenticator = 0x505fae0d959f87b5c0411b7ec53d56b4
Fri Apr 28 17:25:07 2017 : Debug: (3) session-state: No cached attributes
Fri Apr 28 17:25:07 2017 : Debug: (3) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (3) authorize {
Fri Apr 28 17:25:07 2017 : Debug: (3) policy filter_username {
Fri Apr 28 17:25:07 2017 : Debug: (3) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (3) if (&User-Name) -> TRUE
Fri Apr 28 17:25:07 2017 : Debug: (3) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (3) if (&User-Name =~ / /) {
Fri Apr 28 17:25:07 2017 : Debug: (3) if (&User-Name =~ / /) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (3) if (&User-Name =~ /@[^@]*@/ ) {
Fri Apr 28 17:25:07 2017 : Debug: (3) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (3) if (&User-Name =~ /\.\./ ) {
Fri Apr 28 17:25:07 2017 : Debug: (3) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (3) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Apr 28 17:25:07 2017 : Debug: (3) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (3) if (&User-Name =~ /\.$/) {
Fri Apr 28 17:25:07 2017 : Debug: (3) if (&User-Name =~ /\.$/) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (3) if (&User-Name =~ /@\./) {
Fri Apr 28 17:25:07 2017 : Debug: (3) if (&User-Name =~ /@\./) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (3) } # if (&User-Name) = notfound
Fri Apr 28 17:25:07 2017 : Debug: (3) } # policy filter_username = notfound
Fri Apr 28 17:25:07 2017 : Debug: (3) policy filter_password {
Fri Apr 28 17:25:07 2017 : Debug: (3) if (&User-Password && (&User-Password != "%{string:User-Password}")) {
Fri Apr 28 17:25:07 2017 : Debug: (3) if (&User-Password && (&User-Password != "%{string:User-Password}")) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (3) } # policy filter_password = notfound
Fri Apr 28 17:25:07 2017 : Debug: (3) modsingle[authorize]: calling preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (3) modsingle[authorize]: returned from preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (3) [preprocess] = ok
Fri Apr 28 17:25:07 2017 : Debug: (3) modsingle[authorize]: calling auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: literal --> /var/log/radius/radacct/
Fri Apr 28 17:25:07 2017 : Debug: if {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IP-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: else {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IPv6-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: literal --> /auth-detail-
Fri Apr 28 17:25:07 2017 : Debug: percent --> Y
Fri Apr 28 17:25:07 2017 : Debug: percent --> m
Fri Apr 28 17:25:07 2017 : Debug: percent --> d
Fri Apr 28 17:25:07 2017 : Debug: (3) auth_log: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: (3) auth_log: --> /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: (3) auth_log: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: %t
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: percent --> t
Fri Apr 28 17:25:07 2017 : Debug: (3) auth_log: EXPAND %t
Fri Apr 28 17:25:07 2017 : Debug: (3) auth_log: --> Fri Apr 28 17:25:07 2017
Fri Apr 28 17:25:07 2017 : Debug: (3) modsingle[authorize]: returned from auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: (3) [auth_log] = ok
Fri Apr 28 17:25:07 2017 : Debug: (3) modsingle[authorize]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (3) modsingle[authorize]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (3) [mschap] = noop
Fri Apr 28 17:25:07 2017 : Debug: (3) modsingle[authorize]: calling suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (3) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:07 2017 : Debug: (3) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:07 2017 : Debug: (3) suffix: Found realm "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (3) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (3) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (3) suffix: Authentication realm is LOCAL
Fri Apr 28 17:25:07 2017 : Debug: (3) modsingle[authorize]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (3) [suffix] = ok
Fri Apr 28 17:25:07 2017 : Debug: (3) modsingle[authorize]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (3) eap: Peer sent EAP Response (code 2) ID 4 length 6
Fri Apr 28 17:25:07 2017 : Debug: (3) eap: Continuing tunnel setup
Fri Apr 28 17:25:07 2017 : Debug: (3) modsingle[authorize]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (3) [eap] = ok
Fri Apr 28 17:25:07 2017 : Debug: (3) } # authorize = ok
Fri Apr 28 17:25:07 2017 : Debug: (3) Found Auth-Type = eap
Fri Apr 28 17:25:07 2017 : Debug: (3) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (3) authenticate {
Fri Apr 28 17:25:07 2017 : Debug: (3) modsingle[authenticate]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (3) eap: Expiring EAP session with state 0x1ae03c6418e425f8
Fri Apr 28 17:25:07 2017 : Debug: (3) eap: Finished EAP session with state 0x1ae03c6418e425f8
Fri Apr 28 17:25:07 2017 : Debug: (3) eap: Previous EAP request found for state 0x1ae03c6418e425f8, released from the list
Fri Apr 28 17:25:07 2017 : Debug: (3) eap: Peer sent packet with method EAP PEAP (25)
Fri Apr 28 17:25:07 2017 : Debug: (3) eap: Calling submodule eap_peap to process data
Fri Apr 28 17:25:07 2017 : Debug: (3) eap_peap: Continuing EAP-TLS
Fri Apr 28 17:25:07 2017 : Debug: (3) eap_peap: Peer sent flags ---
Fri Apr 28 17:25:07 2017 : Debug: (3) eap_peap: Peer ACKed our handshake fragment
Fri Apr 28 17:25:07 2017 : Debug: (3) eap_peap: [eaptls verify] = request
Fri Apr 28 17:25:07 2017 : Debug: (3) eap_peap: [eaptls process] = handled
Fri Apr 28 17:25:07 2017 : Debug: (3) eap: Sending EAP Request (code 1) ID 5 length 1000
Fri Apr 28 17:25:07 2017 : Debug: (3) eap: EAP session adding &reply:State = 0x1ae03c6419e525f8
Fri Apr 28 17:25:07 2017 : Debug: (3) modsingle[authenticate]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (3) [eap] = handled
Fri Apr 28 17:25:07 2017 : Debug: (3) } # authenticate = handled
Fri Apr 28 17:25:07 2017 : Debug: (3) Using Post-Auth-Type Challenge
Fri Apr 28 17:25:07 2017 : Debug: (3) Post-Auth-Type sub-section not found. Ignoring.
Fri Apr 28 17:25:07 2017 : Debug: (3) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (3) session-state: Nothing to cache
Fri Apr 28 17:25:07 2017 : Debug: (3) Sent Access-Challenge Id 252 from 195.83.247.135:1812 to 172.19.11.253:32770 length 0
Fri Apr 28 17:25:07 2017 : Debug: (3) EAP-Message = 0x010503e81940722ef471e461b520a0fa26696a0af1ab9f6db7cf250203010001a38201a6308201a230120603551d130101ff040830060101ff020100300e0603551d0f0101ff040403020186307906082b06010505070101046d306b302406082b060105050730018618687474703a2f2f6f6373702e64
Fri Apr 28 17:25:07 2017 : Debug: (3) Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:07 2017 : Debug: (3) State = 0x1ae03c6419e525f816741c704e0982d9
Fri Apr 28 17:25:07 2017 : Debug: (3) Finished request
Fri Apr 28 17:25:07 2017 : Debug: Waking up in 4.9 seconds.
Fri Apr 28 17:25:07 2017 : Debug: (4) Received Access-Request Id 253 from 172.19.11.253:32770 to 195.83.247.135:1812 length 250
Fri Apr 28 17:25:07 2017 : Debug: (4) User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (4) Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:07 2017 : Debug: (4) Location-Capable = Civix-Location
Fri Apr 28 17:25:07 2017 : Debug: (4) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:07 2017 : Debug: (4) Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:07 2017 : Debug: (4) NAS-Port = 13
Fri Apr 28 17:25:07 2017 : Debug: (4) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:07 2017 : Debug: (4) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:07 2017 : Debug: (4) NAS-Identifier = "wism2"
Fri Apr 28 17:25:07 2017 : Debug: (4) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:07 2017 : Debug: (4) Service-Type = Framed-User
Fri Apr 28 17:25:07 2017 : Debug: (4) Framed-MTU = 1300
Fri Apr 28 17:25:07 2017 : Debug: (4) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:07 2017 : Debug: (4) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:07 2017 : Debug: (4) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:07 2017 : Debug: (4) Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:07 2017 : Debug: (4) EAP-Message = 0x020500061900
Fri Apr 28 17:25:07 2017 : Debug: (4) State = 0x1ae03c6419e525f816741c704e0982d9
Fri Apr 28 17:25:07 2017 : Debug: (4) Message-Authenticator = 0x7a94317fda0c2a684ba872d93e1c5e00
Fri Apr 28 17:25:07 2017 : Debug: (4) session-state: No cached attributes
Fri Apr 28 17:25:07 2017 : Debug: (4) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (4) authorize {
Fri Apr 28 17:25:07 2017 : Debug: (4) policy filter_username {
Fri Apr 28 17:25:07 2017 : Debug: (4) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (4) if (&User-Name) -> TRUE
Fri Apr 28 17:25:07 2017 : Debug: (4) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (4) if (&User-Name =~ / /) {
Fri Apr 28 17:25:07 2017 : Debug: (4) if (&User-Name =~ / /) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (4) if (&User-Name =~ /@[^@]*@/ ) {
Fri Apr 28 17:25:07 2017 : Debug: (4) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (4) if (&User-Name =~ /\.\./ ) {
Fri Apr 28 17:25:07 2017 : Debug: (4) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (4) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Apr 28 17:25:07 2017 : Debug: (4) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (4) if (&User-Name =~ /\.$/) {
Fri Apr 28 17:25:07 2017 : Debug: (4) if (&User-Name =~ /\.$/) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (4) if (&User-Name =~ /@\./) {
Fri Apr 28 17:25:07 2017 : Debug: (4) if (&User-Name =~ /@\./) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (4) } # if (&User-Name) = notfound
Fri Apr 28 17:25:07 2017 : Debug: (4) } # policy filter_username = notfound
Fri Apr 28 17:25:07 2017 : Debug: (4) policy filter_password {
Fri Apr 28 17:25:07 2017 : Debug: (4) if (&User-Password && (&User-Password != "%{string:User-Password}")) {
Fri Apr 28 17:25:07 2017 : Debug: (4) if (&User-Password && (&User-Password != "%{string:User-Password}")) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (4) } # policy filter_password = notfound
Fri Apr 28 17:25:07 2017 : Debug: (4) modsingle[authorize]: calling preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (4) modsingle[authorize]: returned from preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (4) [preprocess] = ok
Fri Apr 28 17:25:07 2017 : Debug: (4) modsingle[authorize]: calling auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: literal --> /var/log/radius/radacct/
Fri Apr 28 17:25:07 2017 : Debug: if {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IP-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: else {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IPv6-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: literal --> /auth-detail-
Fri Apr 28 17:25:07 2017 : Debug: percent --> Y
Fri Apr 28 17:25:07 2017 : Debug: percent --> m
Fri Apr 28 17:25:07 2017 : Debug: percent --> d
Fri Apr 28 17:25:07 2017 : Debug: (4) auth_log: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: (4) auth_log: --> /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: (4) auth_log: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: %t
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: percent --> t
Fri Apr 28 17:25:07 2017 : Debug: (4) auth_log: EXPAND %t
Fri Apr 28 17:25:07 2017 : Debug: (4) auth_log: --> Fri Apr 28 17:25:07 2017
Fri Apr 28 17:25:07 2017 : Debug: (4) modsingle[authorize]: returned from auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: (4) [auth_log] = ok
Fri Apr 28 17:25:07 2017 : Debug: (4) modsingle[authorize]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (4) modsingle[authorize]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (4) [mschap] = noop
Fri Apr 28 17:25:07 2017 : Debug: (4) modsingle[authorize]: calling suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (4) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:07 2017 : Debug: (4) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:07 2017 : Debug: (4) suffix: Found realm "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (4) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (4) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (4) suffix: Authentication realm is LOCAL
Fri Apr 28 17:25:07 2017 : Debug: (4) modsingle[authorize]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (4) [suffix] = ok
Fri Apr 28 17:25:07 2017 : Debug: (4) modsingle[authorize]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (4) eap: Peer sent EAP Response (code 2) ID 5 length 6
Fri Apr 28 17:25:07 2017 : Debug: (4) eap: Continuing tunnel setup
Fri Apr 28 17:25:07 2017 : Debug: (4) modsingle[authorize]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (4) [eap] = ok
Fri Apr 28 17:25:07 2017 : Debug: (4) } # authorize = ok
Fri Apr 28 17:25:07 2017 : Debug: (4) Found Auth-Type = eap
Fri Apr 28 17:25:07 2017 : Debug: (4) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (4) authenticate {
Fri Apr 28 17:25:07 2017 : Debug: (4) modsingle[authenticate]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (4) eap: Expiring EAP session with state 0x1ae03c6419e525f8
Fri Apr 28 17:25:07 2017 : Debug: (4) eap: Finished EAP session with state 0x1ae03c6419e525f8
Fri Apr 28 17:25:07 2017 : Debug: (4) eap: Previous EAP request found for state 0x1ae03c6419e525f8, released from the list
Fri Apr 28 17:25:07 2017 : Debug: (4) eap: Peer sent packet with method EAP PEAP (25)
Fri Apr 28 17:25:07 2017 : Debug: (4) eap: Calling submodule eap_peap to process data
Fri Apr 28 17:25:07 2017 : Debug: (4) eap_peap: Continuing EAP-TLS
Fri Apr 28 17:25:07 2017 : Debug: (4) eap_peap: Peer sent flags ---
Fri Apr 28 17:25:07 2017 : Debug: (4) eap_peap: Peer ACKed our handshake fragment
Fri Apr 28 17:25:07 2017 : Debug: (4) eap_peap: [eaptls verify] = request
Fri Apr 28 17:25:07 2017 : Debug: (4) eap_peap: [eaptls process] = handled
Fri Apr 28 17:25:07 2017 : Debug: (4) eap: Sending EAP Request (code 1) ID 6 length 1000
Fri Apr 28 17:25:07 2017 : Debug: (4) eap: EAP session adding &reply:State = 0x1ae03c641ee625f8
Fri Apr 28 17:25:07 2017 : Debug: (4) modsingle[authenticate]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (4) [eap] = handled
Fri Apr 28 17:25:07 2017 : Debug: (4) } # authenticate = handled
Fri Apr 28 17:25:07 2017 : Debug: (4) Using Post-Auth-Type Challenge
Fri Apr 28 17:25:07 2017 : Debug: (4) Post-Auth-Type sub-section not found. Ignoring.
Fri Apr 28 17:25:07 2017 : Debug: (4) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (4) session-state: Nothing to cache
Fri Apr 28 17:25:07 2017 : Debug: (4) Sent Access-Challenge Id 253 from 195.83.247.135:1812 to 172.19.11.253:32770 length 0
Fri Apr 28 17:25:07 2017 : Debug: (4) EAP-Message = 0x010603e819407274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae7
Fri Apr 28 17:25:07 2017 : Debug: (4) Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:07 2017 : Debug: (4) State = 0x1ae03c641ee625f816741c704e0982d9
Fri Apr 28 17:25:07 2017 : Debug: (4) Finished request
Fri Apr 28 17:25:07 2017 : Debug: Waking up in 4.9 seconds.
Fri Apr 28 17:25:07 2017 : Debug: (5) Received Access-Request Id 254 from 172.19.11.253:32770 to 195.83.247.135:1812 length 250
Fri Apr 28 17:25:07 2017 : Debug: (5) User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (5) Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:07 2017 : Debug: (5) Location-Capable = Civix-Location
Fri Apr 28 17:25:07 2017 : Debug: (5) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:07 2017 : Debug: (5) Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:07 2017 : Debug: (5) NAS-Port = 13
Fri Apr 28 17:25:07 2017 : Debug: (5) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:07 2017 : Debug: (5) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:07 2017 : Debug: (5) NAS-Identifier = "wism2"
Fri Apr 28 17:25:07 2017 : Debug: (5) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:07 2017 : Debug: (5) Service-Type = Framed-User
Fri Apr 28 17:25:07 2017 : Debug: (5) Framed-MTU = 1300
Fri Apr 28 17:25:07 2017 : Debug: (5) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:07 2017 : Debug: (5) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:07 2017 : Debug: (5) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:07 2017 : Debug: (5) Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:07 2017 : Debug: (5) EAP-Message = 0x020600061900
Fri Apr 28 17:25:07 2017 : Debug: (5) State = 0x1ae03c641ee625f816741c704e0982d9
Fri Apr 28 17:25:07 2017 : Debug: (5) Message-Authenticator = 0x561a5e15803909f28a39d6a01ccd4a28
Fri Apr 28 17:25:07 2017 : Debug: (5) session-state: No cached attributes
Fri Apr 28 17:25:07 2017 : Debug: (5) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (5) authorize {
Fri Apr 28 17:25:07 2017 : Debug: (5) policy filter_username {
Fri Apr 28 17:25:07 2017 : Debug: (5) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (5) if (&User-Name) -> TRUE
Fri Apr 28 17:25:07 2017 : Debug: (5) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (5) if (&User-Name =~ / /) {
Fri Apr 28 17:25:07 2017 : Debug: (5) if (&User-Name =~ / /) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (5) if (&User-Name =~ /@[^@]*@/ ) {
Fri Apr 28 17:25:07 2017 : Debug: (5) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (5) if (&User-Name =~ /\.\./ ) {
Fri Apr 28 17:25:07 2017 : Debug: (5) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (5) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Apr 28 17:25:07 2017 : Debug: (5) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (5) if (&User-Name =~ /\.$/) {
Fri Apr 28 17:25:07 2017 : Debug: (5) if (&User-Name =~ /\.$/) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (5) if (&User-Name =~ /@\./) {
Fri Apr 28 17:25:07 2017 : Debug: (5) if (&User-Name =~ /@\./) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (5) } # if (&User-Name) = notfound
Fri Apr 28 17:25:07 2017 : Debug: (5) } # policy filter_username = notfound
Fri Apr 28 17:25:07 2017 : Debug: (5) policy filter_password {
Fri Apr 28 17:25:07 2017 : Debug: (5) if (&User-Password && (&User-Password != "%{string:User-Password}")) {
Fri Apr 28 17:25:07 2017 : Debug: (5) if (&User-Password && (&User-Password != "%{string:User-Password}")) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (5) } # policy filter_password = notfound
Fri Apr 28 17:25:07 2017 : Debug: (5) modsingle[authorize]: calling preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (5) modsingle[authorize]: returned from preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (5) [preprocess] = ok
Fri Apr 28 17:25:07 2017 : Debug: (5) modsingle[authorize]: calling auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: literal --> /var/log/radius/radacct/
Fri Apr 28 17:25:07 2017 : Debug: if {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IP-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: else {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IPv6-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: literal --> /auth-detail-
Fri Apr 28 17:25:07 2017 : Debug: percent --> Y
Fri Apr 28 17:25:07 2017 : Debug: percent --> m
Fri Apr 28 17:25:07 2017 : Debug: percent --> d
Fri Apr 28 17:25:07 2017 : Debug: (5) auth_log: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: (5) auth_log: --> /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: (5) auth_log: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: %t
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: percent --> t
Fri Apr 28 17:25:07 2017 : Debug: (5) auth_log: EXPAND %t
Fri Apr 28 17:25:07 2017 : Debug: (5) auth_log: --> Fri Apr 28 17:25:07 2017
Fri Apr 28 17:25:07 2017 : Debug: (5) modsingle[authorize]: returned from auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: (5) [auth_log] = ok
Fri Apr 28 17:25:07 2017 : Debug: (5) modsingle[authorize]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (5) modsingle[authorize]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (5) [mschap] = noop
Fri Apr 28 17:25:07 2017 : Debug: (5) modsingle[authorize]: calling suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (5) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:07 2017 : Debug: (5) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:07 2017 : Debug: (5) suffix: Found realm "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (5) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (5) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (5) suffix: Authentication realm is LOCAL
Fri Apr 28 17:25:07 2017 : Debug: (5) modsingle[authorize]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (5) [suffix] = ok
Fri Apr 28 17:25:07 2017 : Debug: (5) modsingle[authorize]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (5) eap: Peer sent EAP Response (code 2) ID 6 length 6
Fri Apr 28 17:25:07 2017 : Debug: (5) eap: Continuing tunnel setup
Fri Apr 28 17:25:07 2017 : Debug: (5) modsingle[authorize]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (5) [eap] = ok
Fri Apr 28 17:25:07 2017 : Debug: (5) } # authorize = ok
Fri Apr 28 17:25:07 2017 : Debug: (5) Found Auth-Type = eap
Fri Apr 28 17:25:07 2017 : Debug: (5) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (5) authenticate {
Fri Apr 28 17:25:07 2017 : Debug: (5) modsingle[authenticate]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (5) eap: Expiring EAP session with state 0x1ae03c641ee625f8
Fri Apr 28 17:25:07 2017 : Debug: (5) eap: Finished EAP session with state 0x1ae03c641ee625f8
Fri Apr 28 17:25:07 2017 : Debug: (5) eap: Previous EAP request found for state 0x1ae03c641ee625f8, released from the list
Fri Apr 28 17:25:07 2017 : Debug: (5) eap: Peer sent packet with method EAP PEAP (25)
Fri Apr 28 17:25:07 2017 : Debug: (5) eap: Calling submodule eap_peap to process data
Fri Apr 28 17:25:07 2017 : Debug: (5) eap_peap: Continuing EAP-TLS
Fri Apr 28 17:25:07 2017 : Debug: (5) eap_peap: Peer sent flags ---
Fri Apr 28 17:25:07 2017 : Debug: (5) eap_peap: Peer ACKed our handshake fragment
Fri Apr 28 17:25:07 2017 : Debug: (5) eap_peap: [eaptls verify] = request
Fri Apr 28 17:25:07 2017 : Debug: (5) eap_peap: [eaptls process] = handled
Fri Apr 28 17:25:07 2017 : Debug: (5) eap: Sending EAP Request (code 1) ID 7 length 49
Fri Apr 28 17:25:07 2017 : Debug: (5) eap: EAP session adding &reply:State = 0x1ae03c641fe725f8
Fri Apr 28 17:25:07 2017 : Debug: (5) modsingle[authenticate]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (5) [eap] = handled
Fri Apr 28 17:25:07 2017 : Debug: (5) } # authenticate = handled
Fri Apr 28 17:25:07 2017 : Debug: (5) Using Post-Auth-Type Challenge
Fri Apr 28 17:25:07 2017 : Debug: (5) Post-Auth-Type sub-section not found. Ignoring.
Fri Apr 28 17:25:07 2017 : Debug: (5) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (5) session-state: Nothing to cache
Fri Apr 28 17:25:07 2017 : Debug: (5) Sent Access-Challenge Id 254 from 195.83.247.135:1812 to 172.19.11.253:32770 length 0
Fri Apr 28 17:25:07 2017 : Debug: (5) EAP-Message = 0x0107003119005a393575ac71e1b2d29578a7d8a45232c8870492002a7f266ee3cd979fdf9710889516030100040e000000
Fri Apr 28 17:25:07 2017 : Debug: (5) Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:07 2017 : Debug: (5) State = 0x1ae03c641fe725f816741c704e0982d9
Fri Apr 28 17:25:07 2017 : Debug: (5) Finished request
Fri Apr 28 17:25:07 2017 : Debug: Waking up in 4.9 seconds.
Fri Apr 28 17:25:07 2017 : Debug: (6) Received Access-Request Id 255 from 172.19.11.253:32770 to 195.83.247.135:1812 length 388
Fri Apr 28 17:25:07 2017 : Debug: (6) User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (6) Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:07 2017 : Debug: (6) Location-Capable = Civix-Location
Fri Apr 28 17:25:07 2017 : Debug: (6) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:07 2017 : Debug: (6) Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:07 2017 : Debug: (6) NAS-Port = 13
Fri Apr 28 17:25:07 2017 : Debug: (6) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:07 2017 : Debug: (6) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:07 2017 : Debug: (6) NAS-Identifier = "wism2"
Fri Apr 28 17:25:07 2017 : Debug: (6) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:07 2017 : Debug: (6) Service-Type = Framed-User
Fri Apr 28 17:25:07 2017 : Debug: (6) Framed-MTU = 1300
Fri Apr 28 17:25:07 2017 : Debug: (6) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:07 2017 : Debug: (6) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:07 2017 : Debug: (6) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:07 2017 : Debug: (6) Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:07 2017 : Debug: (6) EAP-Message = 0x02070090198000000086160301004610000042410433068564bdc648ed85a3cf6adc1cdabfa5f1a4dd760efe0508f1bbb16a8f52d93dd67bcfba13e28ca76bb86e50c0698d22088766d4eed17b06a952617cb55cf81403010001011603010030fa8aeedc683406f72576582d22d22be6ebdd93f15611fb
Fri Apr 28 17:25:07 2017 : Debug: (6) State = 0x1ae03c641fe725f816741c704e0982d9
Fri Apr 28 17:25:07 2017 : Debug: (6) Message-Authenticator = 0xec8f1a01e1cae84f7684082d83796ae3
Fri Apr 28 17:25:07 2017 : Debug: (6) session-state: No cached attributes
Fri Apr 28 17:25:07 2017 : Debug: (6) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (6) authorize {
Fri Apr 28 17:25:07 2017 : Debug: (6) policy filter_username {
Fri Apr 28 17:25:07 2017 : Debug: (6) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (6) if (&User-Name) -> TRUE
Fri Apr 28 17:25:07 2017 : Debug: (6) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (6) if (&User-Name =~ / /) {
Fri Apr 28 17:25:07 2017 : Debug: (6) if (&User-Name =~ / /) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (6) if (&User-Name =~ /@[^@]*@/ ) {
Fri Apr 28 17:25:07 2017 : Debug: (6) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (6) if (&User-Name =~ /\.\./ ) {
Fri Apr 28 17:25:07 2017 : Debug: (6) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (6) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Apr 28 17:25:07 2017 : Debug: (6) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (6) if (&User-Name =~ /\.$/) {
Fri Apr 28 17:25:07 2017 : Debug: (6) if (&User-Name =~ /\.$/) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (6) if (&User-Name =~ /@\./) {
Fri Apr 28 17:25:07 2017 : Debug: (6) if (&User-Name =~ /@\./) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (6) } # if (&User-Name) = notfound
Fri Apr 28 17:25:07 2017 : Debug: (6) } # policy filter_username = notfound
Fri Apr 28 17:25:07 2017 : Debug: (6) policy filter_password {
Fri Apr 28 17:25:07 2017 : Debug: (6) if (&User-Password && (&User-Password != "%{string:User-Password}")) {
Fri Apr 28 17:25:07 2017 : Debug: (6) if (&User-Password && (&User-Password != "%{string:User-Password}")) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (6) } # policy filter_password = notfound
Fri Apr 28 17:25:07 2017 : Debug: (6) modsingle[authorize]: calling preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (6) modsingle[authorize]: returned from preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (6) [preprocess] = ok
Fri Apr 28 17:25:07 2017 : Debug: (6) modsingle[authorize]: calling auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: literal --> /var/log/radius/radacct/
Fri Apr 28 17:25:07 2017 : Debug: if {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IP-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: else {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IPv6-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: literal --> /auth-detail-
Fri Apr 28 17:25:07 2017 : Debug: percent --> Y
Fri Apr 28 17:25:07 2017 : Debug: percent --> m
Fri Apr 28 17:25:07 2017 : Debug: percent --> d
Fri Apr 28 17:25:07 2017 : Debug: (6) auth_log: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: (6) auth_log: --> /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: (6) auth_log: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: %t
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: percent --> t
Fri Apr 28 17:25:07 2017 : Debug: (6) auth_log: EXPAND %t
Fri Apr 28 17:25:07 2017 : Debug: (6) auth_log: --> Fri Apr 28 17:25:07 2017
Fri Apr 28 17:25:07 2017 : Debug: (6) modsingle[authorize]: returned from auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: (6) [auth_log] = ok
Fri Apr 28 17:25:07 2017 : Debug: (6) modsingle[authorize]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (6) modsingle[authorize]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (6) [mschap] = noop
Fri Apr 28 17:25:07 2017 : Debug: (6) modsingle[authorize]: calling suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (6) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:07 2017 : Debug: (6) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:07 2017 : Debug: (6) suffix: Found realm "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (6) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (6) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (6) suffix: Authentication realm is LOCAL
Fri Apr 28 17:25:07 2017 : Debug: (6) modsingle[authorize]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (6) [suffix] = ok
Fri Apr 28 17:25:07 2017 : Debug: (6) modsingle[authorize]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (6) eap: Peer sent EAP Response (code 2) ID 7 length 144
Fri Apr 28 17:25:07 2017 : Debug: (6) eap: Continuing tunnel setup
Fri Apr 28 17:25:07 2017 : Debug: (6) modsingle[authorize]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (6) [eap] = ok
Fri Apr 28 17:25:07 2017 : Debug: (6) } # authorize = ok
Fri Apr 28 17:25:07 2017 : Debug: (6) Found Auth-Type = eap
Fri Apr 28 17:25:07 2017 : Debug: (6) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (6) authenticate {
Fri Apr 28 17:25:07 2017 : Debug: (6) modsingle[authenticate]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (6) eap: Expiring EAP session with state 0x1ae03c641fe725f8
Fri Apr 28 17:25:07 2017 : Debug: (6) eap: Finished EAP session with state 0x1ae03c641fe725f8
Fri Apr 28 17:25:07 2017 : Debug: (6) eap: Previous EAP request found for state 0x1ae03c641fe725f8, released from the list
Fri Apr 28 17:25:07 2017 : Debug: (6) eap: Peer sent packet with method EAP PEAP (25)
Fri Apr 28 17:25:07 2017 : Debug: (6) eap: Calling submodule eap_peap to process data
Fri Apr 28 17:25:07 2017 : Debug: (6) eap_peap: Continuing EAP-TLS
Fri Apr 28 17:25:07 2017 : Debug: (6) eap_peap: Peer sent flags --L
Fri Apr 28 17:25:07 2017 : Debug: (6) eap_peap: Peer indicated complete TLS record size will be 134 bytes
Fri Apr 28 17:25:07 2017 : Debug: (6) eap_peap: Got complete TLS record (134 bytes)
Fri Apr 28 17:25:07 2017 : Debug: (6) eap_peap: [eaptls verify] = length included
Fri Apr 28 17:25:07 2017 : Debug: (6) eap_peap: <<< recv TLS 1.0 Handshake [length 0046], ClientKeyExchange
Fri Apr 28 17:25:07 2017 : Debug: (6) eap_peap: TLS_accept: SSLv3 read client key exchange A
Fri Apr 28 17:25:07 2017 : Debug: (6) eap_peap: <<< recv TLS 1.0 ChangeCipherSpec [length 0001]
Fri Apr 28 17:25:07 2017 : Debug: (6) eap_peap: <<< recv TLS 1.0 Handshake [length 0010], Finished
Fri Apr 28 17:25:07 2017 : Debug: (6) eap_peap: TLS_accept: SSLv3 read finished A
Fri Apr 28 17:25:07 2017 : Debug: (6) eap_peap: >>> send TLS 1.0 ChangeCipherSpec [length 0001]
Fri Apr 28 17:25:07 2017 : Debug: (6) eap_peap: TLS_accept: SSLv3 write change cipher spec A
Fri Apr 28 17:25:07 2017 : Debug: (6) eap_peap: >>> send TLS 1.0 Handshake [length 0010], Finished
Fri Apr 28 17:25:07 2017 : Debug: (6) eap_peap: TLS_accept: SSLv3 write finished A
Fri Apr 28 17:25:07 2017 : Debug: (6) eap_peap: TLS_accept: SSLv3 flush data
Fri Apr 28 17:25:07 2017 : Debug: (6) eap_peap: (other): SSL negotiation finished successfully
Fri Apr 28 17:25:07 2017 : Debug: (6) eap_peap: SSL Connection Established
Fri Apr 28 17:25:07 2017 : Debug: (6) eap_peap: [eaptls process] = handled
Fri Apr 28 17:25:07 2017 : Debug: (6) eap: Sending EAP Request (code 1) ID 8 length 65
Fri Apr 28 17:25:07 2017 : Debug: (6) eap: EAP session adding &reply:State = 0x1ae03c641ce825f8
Fri Apr 28 17:25:07 2017 : Debug: (6) modsingle[authenticate]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (6) [eap] = handled
Fri Apr 28 17:25:07 2017 : Debug: (6) } # authenticate = handled
Fri Apr 28 17:25:07 2017 : Debug: (6) Using Post-Auth-Type Challenge
Fri Apr 28 17:25:07 2017 : Debug: (6) Post-Auth-Type sub-section not found. Ignoring.
Fri Apr 28 17:25:07 2017 : Debug: (6) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (6) session-state: Nothing to cache
Fri Apr 28 17:25:07 2017 : Debug: (6) Sent Access-Challenge Id 255 from 195.83.247.135:1812 to 172.19.11.253:32770 length 0
Fri Apr 28 17:25:07 2017 : Debug: (6) EAP-Message = 0x0108004119001403010001011603010030ac3c74f8866003f09317caadd5cfe19b4debe920ea6a34cedfa66106bed0d4a3727bab0fdd945575f1840e3e7a478ca0
Fri Apr 28 17:25:07 2017 : Debug: (6) Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:07 2017 : Debug: (6) State = 0x1ae03c641ce825f816741c704e0982d9
Fri Apr 28 17:25:07 2017 : Debug: (6) Finished request
Fri Apr 28 17:25:07 2017 : Debug: Waking up in 4.8 seconds.
Fri Apr 28 17:25:07 2017 : Debug: (7) Received Access-Request Id 0 from 172.19.11.253:32770 to 195.83.247.135:1812 length 242
Fri Apr 28 17:25:07 2017 : Debug: (7) User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (7) Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:07 2017 : Debug: (7) Location-Capable = Civix-Location
Fri Apr 28 17:25:07 2017 : Debug: (7) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:07 2017 : Debug: (7) Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:07 2017 : Debug: (7) NAS-Port = 13
Fri Apr 28 17:25:07 2017 : Debug: (7) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:07 2017 : Debug: (7) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:07 2017 : Debug: (7) NAS-Identifier = "wism2"
Fri Apr 28 17:25:07 2017 : Debug: (7) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:07 2017 : Debug: (7) Service-Type = Framed-User
Fri Apr 28 17:25:07 2017 : Debug: (7) Framed-MTU = 1300
Fri Apr 28 17:25:07 2017 : Debug: (7) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:07 2017 : Debug: (7) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:07 2017 : Debug: (7) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:07 2017 : Debug: (7) Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:07 2017 : Debug: (7) EAP-Message = 0x020a0010017465737473747564656e74
Fri Apr 28 17:25:07 2017 : Debug: (7) Message-Authenticator = 0x6892b29003e849d4bb7bda4a22d348bf
Fri Apr 28 17:25:07 2017 : Debug: (7) session-state: No State attribute
Fri Apr 28 17:25:07 2017 : Debug: (7) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (7) authorize {
Fri Apr 28 17:25:07 2017 : Debug: (7) policy filter_username {
Fri Apr 28 17:25:07 2017 : Debug: (7) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (7) if (&User-Name) -> TRUE
Fri Apr 28 17:25:07 2017 : Debug: (7) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (7) if (&User-Name =~ / /) {
Fri Apr 28 17:25:07 2017 : Debug: (7) if (&User-Name =~ / /) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (7) if (&User-Name =~ /@[^@]*@/ ) {
Fri Apr 28 17:25:07 2017 : Debug: (7) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (7) if (&User-Name =~ /\.\./ ) {
Fri Apr 28 17:25:07 2017 : Debug: (7) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (7) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Apr 28 17:25:07 2017 : Debug: (7) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (7) if (&User-Name =~ /\.$/) {
Fri Apr 28 17:25:07 2017 : Debug: (7) if (&User-Name =~ /\.$/) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (7) if (&User-Name =~ /@\./) {
Fri Apr 28 17:25:07 2017 : Debug: (7) if (&User-Name =~ /@\./) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (7) } # if (&User-Name) = notfound
Fri Apr 28 17:25:07 2017 : Debug: (7) } # policy filter_username = notfound
Fri Apr 28 17:25:07 2017 : Debug: (7) policy filter_password {
Fri Apr 28 17:25:07 2017 : Debug: (7) if (&User-Password && (&User-Password != "%{string:User-Password}")) {
Fri Apr 28 17:25:07 2017 : Debug: (7) if (&User-Password && (&User-Password != "%{string:User-Password}")) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (7) } # policy filter_password = notfound
Fri Apr 28 17:25:07 2017 : Debug: (7) modsingle[authorize]: calling preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (7) modsingle[authorize]: returned from preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (7) [preprocess] = ok
Fri Apr 28 17:25:07 2017 : Debug: (7) modsingle[authorize]: calling auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: literal --> /var/log/radius/radacct/
Fri Apr 28 17:25:07 2017 : Debug: if {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IP-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: else {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IPv6-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: literal --> /auth-detail-
Fri Apr 28 17:25:07 2017 : Debug: percent --> Y
Fri Apr 28 17:25:07 2017 : Debug: percent --> m
Fri Apr 28 17:25:07 2017 : Debug: percent --> d
Fri Apr 28 17:25:07 2017 : Debug: (7) auth_log: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: (7) auth_log: --> /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: (7) auth_log: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: %t
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: percent --> t
Fri Apr 28 17:25:07 2017 : Debug: (7) auth_log: EXPAND %t
Fri Apr 28 17:25:07 2017 : Debug: (7) auth_log: --> Fri Apr 28 17:25:07 2017
Fri Apr 28 17:25:07 2017 : Debug: (7) modsingle[authorize]: returned from auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: (7) [auth_log] = ok
Fri Apr 28 17:25:07 2017 : Debug: (7) modsingle[authorize]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (7) modsingle[authorize]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (7) [mschap] = noop
Fri Apr 28 17:25:07 2017 : Debug: (7) modsingle[authorize]: calling suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (7) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:07 2017 : Debug: (7) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:07 2017 : Debug: (7) suffix: Found realm "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (7) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (7) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (7) suffix: Authentication realm is LOCAL
Fri Apr 28 17:25:07 2017 : Debug: (7) modsingle[authorize]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (7) [suffix] = ok
Fri Apr 28 17:25:07 2017 : Debug: (7) modsingle[authorize]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (7) eap: Peer sent EAP Response (code 2) ID 10 length 16
Fri Apr 28 17:25:07 2017 : Debug: (7) eap: EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
Fri Apr 28 17:25:07 2017 : Debug: (7) modsingle[authorize]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (7) [eap] = ok
Fri Apr 28 17:25:07 2017 : Debug: (7) } # authorize = ok
Fri Apr 28 17:25:07 2017 : Debug: (7) Found Auth-Type = eap
Fri Apr 28 17:25:07 2017 : Debug: (7) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (7) authenticate {
Fri Apr 28 17:25:07 2017 : Debug: (7) modsingle[authenticate]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (7) eap: Peer sent packet with method EAP Identity (1)
Fri Apr 28 17:25:07 2017 : Debug: (7) eap: Calling submodule eap_peap to process data
Fri Apr 28 17:25:07 2017 : Debug: (7) eap_peap: Initiating new EAP-TLS session
Fri Apr 28 17:25:07 2017 : Debug: (7) eap_peap: [eaptls start] = request
Fri Apr 28 17:25:07 2017 : Debug: (7) eap: Sending EAP Request (code 1) ID 11 length 6
Fri Apr 28 17:25:07 2017 : Debug: (7) eap: EAP session adding &reply:State = 0x2c2c301f2c27294f
Fri Apr 28 17:25:07 2017 : Debug: (7) modsingle[authenticate]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (7) [eap] = handled
Fri Apr 28 17:25:07 2017 : Debug: (7) } # authenticate = handled
Fri Apr 28 17:25:07 2017 : Debug: (7) Using Post-Auth-Type Challenge
Fri Apr 28 17:25:07 2017 : Debug: (7) Post-Auth-Type sub-section not found. Ignoring.
Fri Apr 28 17:25:07 2017 : Debug: (7) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (7) session-state: Nothing to cache
Fri Apr 28 17:25:07 2017 : Debug: (7) Sent Access-Challenge Id 0 from 195.83.247.135:1812 to 172.19.11.253:32770 length 0
Fri Apr 28 17:25:07 2017 : Debug: (7) EAP-Message = 0x010b00061920
Fri Apr 28 17:25:07 2017 : Debug: (7) Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:07 2017 : Debug: (7) State = 0x2c2c301f2c27294f5eb897255f295017
Fri Apr 28 17:25:07 2017 : Debug: (7) Finished request
Fri Apr 28 17:25:07 2017 : Debug: Waking up in 4.7 seconds.
Fri Apr 28 17:25:07 2017 : Debug: (8) Received Access-Request Id 1 from 172.19.11.253:32770 to 195.83.247.135:1812 length 408
Fri Apr 28 17:25:07 2017 : Debug: (8) User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (8) Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:07 2017 : Debug: (8) Location-Capable = Civix-Location
Fri Apr 28 17:25:07 2017 : Debug: (8) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:07 2017 : Debug: (8) Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:07 2017 : Debug: (8) NAS-Port = 13
Fri Apr 28 17:25:07 2017 : Debug: (8) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:07 2017 : Debug: (8) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:07 2017 : Debug: (8) NAS-Identifier = "wism2"
Fri Apr 28 17:25:07 2017 : Debug: (8) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:07 2017 : Debug: (8) Service-Type = Framed-User
Fri Apr 28 17:25:07 2017 : Debug: (8) Framed-MTU = 1300
Fri Apr 28 17:25:07 2017 : Debug: (8) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:07 2017 : Debug: (8) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:07 2017 : Debug: (8) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:07 2017 : Debug: (8) Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:07 2017 : Debug: (8) EAP-Message = 0x020b00a419800000009a160301009501000091030159035f29978582247822b976d4b17c24f23fe68935072ff49dd535ce09857805000056c00ac009c007c008c013c014c011c012c004c005c002c003c00ec00fc00cc00d002f000500040035000a000900030008000600320033003800390016001500
Fri Apr 28 17:25:07 2017 : Debug: (8) State = 0x2c2c301f2c27294f5eb897255f295017
Fri Apr 28 17:25:07 2017 : Debug: (8) Message-Authenticator = 0x1e510ca7da4131dfa910afe703a49ef7
Fri Apr 28 17:25:07 2017 : Debug: (8) session-state: No cached attributes
Fri Apr 28 17:25:07 2017 : Debug: (8) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (8) authorize {
Fri Apr 28 17:25:07 2017 : Debug: (8) policy filter_username {
Fri Apr 28 17:25:07 2017 : Debug: (8) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (8) if (&User-Name) -> TRUE
Fri Apr 28 17:25:07 2017 : Debug: (8) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (8) if (&User-Name =~ / /) {
Fri Apr 28 17:25:07 2017 : Debug: (8) if (&User-Name =~ / /) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (8) if (&User-Name =~ /@[^@]*@/ ) {
Fri Apr 28 17:25:07 2017 : Debug: (8) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (8) if (&User-Name =~ /\.\./ ) {
Fri Apr 28 17:25:07 2017 : Debug: (8) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (8) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Apr 28 17:25:07 2017 : Debug: (8) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (8) if (&User-Name =~ /\.$/) {
Fri Apr 28 17:25:07 2017 : Debug: (8) if (&User-Name =~ /\.$/) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (8) if (&User-Name =~ /@\./) {
Fri Apr 28 17:25:07 2017 : Debug: (8) if (&User-Name =~ /@\./) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (8) } # if (&User-Name) = notfound
Fri Apr 28 17:25:07 2017 : Debug: (8) } # policy filter_username = notfound
Fri Apr 28 17:25:07 2017 : Debug: (8) policy filter_password {
Fri Apr 28 17:25:07 2017 : Debug: (8) if (&User-Password && (&User-Password != "%{string:User-Password}")) {
Fri Apr 28 17:25:07 2017 : Debug: (8) if (&User-Password && (&User-Password != "%{string:User-Password}")) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (8) } # policy filter_password = notfound
Fri Apr 28 17:25:07 2017 : Debug: (8) modsingle[authorize]: calling preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (8) modsingle[authorize]: returned from preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (8) [preprocess] = ok
Fri Apr 28 17:25:07 2017 : Debug: (8) modsingle[authorize]: calling auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: literal --> /var/log/radius/radacct/
Fri Apr 28 17:25:07 2017 : Debug: if {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IP-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: else {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IPv6-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: literal --> /auth-detail-
Fri Apr 28 17:25:07 2017 : Debug: percent --> Y
Fri Apr 28 17:25:07 2017 : Debug: percent --> m
Fri Apr 28 17:25:07 2017 : Debug: percent --> d
Fri Apr 28 17:25:07 2017 : Debug: (8) auth_log: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: (8) auth_log: --> /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: (8) auth_log: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: %t
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: percent --> t
Fri Apr 28 17:25:07 2017 : Debug: (8) auth_log: EXPAND %t
Fri Apr 28 17:25:07 2017 : Debug: (8) auth_log: --> Fri Apr 28 17:25:07 2017
Fri Apr 28 17:25:07 2017 : Debug: (8) modsingle[authorize]: returned from auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: (8) [auth_log] = ok
Fri Apr 28 17:25:07 2017 : Debug: (8) modsingle[authorize]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (8) modsingle[authorize]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (8) [mschap] = noop
Fri Apr 28 17:25:07 2017 : Debug: (8) modsingle[authorize]: calling suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (8) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:07 2017 : Debug: (8) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:07 2017 : Debug: (8) suffix: Found realm "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (8) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (8) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (8) suffix: Authentication realm is LOCAL
Fri Apr 28 17:25:07 2017 : Debug: (8) modsingle[authorize]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (8) [suffix] = ok
Fri Apr 28 17:25:07 2017 : Debug: (8) modsingle[authorize]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (8) eap: Peer sent EAP Response (code 2) ID 11 length 164
Fri Apr 28 17:25:07 2017 : Debug: (8) eap: Continuing tunnel setup
Fri Apr 28 17:25:07 2017 : Debug: (8) modsingle[authorize]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (8) [eap] = ok
Fri Apr 28 17:25:07 2017 : Debug: (8) } # authorize = ok
Fri Apr 28 17:25:07 2017 : Debug: (8) Found Auth-Type = eap
Fri Apr 28 17:25:07 2017 : Debug: (8) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (8) authenticate {
Fri Apr 28 17:25:07 2017 : Debug: (8) modsingle[authenticate]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (8) eap: Expiring EAP session with state 0x1ae03c641ce825f8
Fri Apr 28 17:25:07 2017 : Debug: (8) eap: Finished EAP session with state 0x2c2c301f2c27294f
Fri Apr 28 17:25:07 2017 : Debug: (8) eap: Previous EAP request found for state 0x2c2c301f2c27294f, released from the list
Fri Apr 28 17:25:07 2017 : Debug: (8) eap: Peer sent packet with method EAP PEAP (25)
Fri Apr 28 17:25:07 2017 : Debug: (8) eap: Calling submodule eap_peap to process data
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: Continuing EAP-TLS
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: Peer sent flags --L
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: Peer indicated complete TLS record size will be 154 bytes
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: Got complete TLS record (154 bytes)
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: [eaptls verify] = length included
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: (other): before/accept initialization
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: TLS_accept: before/accept initialization
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: <<< recv TLS 1.0 Handshake [length 0095], ClientHello
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: TLS_accept: SSLv3 read client hello A
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: >>> send TLS 1.0 Handshake [length 0034], ServerHello
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: TLS_accept: SSLv3 write server hello A
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: >>> send TLS 1.0 Handshake [length 0e1c], Certificate
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: TLS_accept: SSLv3 write certificate A
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: >>> send TLS 1.0 Handshake [length 014b], ServerKeyExchange
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: TLS_accept: SSLv3 write key exchange A
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: >>> send TLS 1.0 Handshake [length 0004], ServerHelloDone
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: TLS_accept: SSLv3 write server done A
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: TLS_accept: SSLv3 flush data
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: TLS_accept: Need to read more data: SSLv3 read client certificate A
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: TLS_accept: Need to read more data: SSLv3 read client certificate A
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: In SSL Handshake Phase
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: In SSL Accept mode
Fri Apr 28 17:25:07 2017 : Debug: (8) eap_peap: [eaptls process] = handled
Fri Apr 28 17:25:07 2017 : Debug: (8) eap: Sending EAP Request (code 1) ID 12 length 1004
Fri Apr 28 17:25:07 2017 : Debug: (8) eap: EAP session adding &reply:State = 0x2c2c301f2d20294f
Fri Apr 28 17:25:07 2017 : Debug: (8) modsingle[authenticate]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (8) [eap] = handled
Fri Apr 28 17:25:07 2017 : Debug: (8) } # authenticate = handled
Fri Apr 28 17:25:07 2017 : Debug: (8) Using Post-Auth-Type Challenge
Fri Apr 28 17:25:07 2017 : Debug: (8) Post-Auth-Type sub-section not found. Ignoring.
Fri Apr 28 17:25:07 2017 : Debug: (8) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (8) session-state: Nothing to cache
Fri Apr 28 17:25:07 2017 : Debug: (8) Sent Access-Challenge Id 1 from 195.83.247.135:1812 to 172.19.11.253:32770 length 0
Fri Apr 28 17:25:07 2017 : Debug: (8) EAP-Message = 0x010c03ec19c000000fb3160301003402000030030159035ed3d5ae628131ae1dc4e2af4af9ed93c09337ffff052cdd95e6ce2bb9a600c013000008000b0004030001021603010e1c0b000e18000e150005523082054e30820436a00302010202100c4f4721177af78634d1410569d96a44300d06092a86
Fri Apr 28 17:25:07 2017 : Debug: (8) Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:07 2017 : Debug: (8) State = 0x2c2c301f2d20294f5eb897255f295017
Fri Apr 28 17:25:07 2017 : Debug: (8) Finished request
Fri Apr 28 17:25:07 2017 : Debug: Waking up in 4.6 seconds.
Fri Apr 28 17:25:07 2017 : Debug: (9) Received Access-Request Id 2 from 172.19.11.253:32770 to 195.83.247.135:1812 length 250
Fri Apr 28 17:25:07 2017 : Debug: (9) User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (9) Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:07 2017 : Debug: (9) Location-Capable = Civix-Location
Fri Apr 28 17:25:07 2017 : Debug: (9) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:07 2017 : Debug: (9) Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:07 2017 : Debug: (9) NAS-Port = 13
Fri Apr 28 17:25:07 2017 : Debug: (9) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:07 2017 : Debug: (9) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:07 2017 : Debug: (9) NAS-Identifier = "wism2"
Fri Apr 28 17:25:07 2017 : Debug: (9) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:07 2017 : Debug: (9) Service-Type = Framed-User
Fri Apr 28 17:25:07 2017 : Debug: (9) Framed-MTU = 1300
Fri Apr 28 17:25:07 2017 : Debug: (9) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:07 2017 : Debug: (9) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:07 2017 : Debug: (9) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:07 2017 : Debug: (9) Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:07 2017 : Debug: (9) EAP-Message = 0x020c00061900
Fri Apr 28 17:25:07 2017 : Debug: (9) State = 0x2c2c301f2d20294f5eb897255f295017
Fri Apr 28 17:25:07 2017 : Debug: (9) Message-Authenticator = 0x38e822364857327584789b75474d0ddf
Fri Apr 28 17:25:07 2017 : Debug: (9) session-state: No cached attributes
Fri Apr 28 17:25:07 2017 : Debug: (9) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (9) authorize {
Fri Apr 28 17:25:07 2017 : Debug: (9) policy filter_username {
Fri Apr 28 17:25:07 2017 : Debug: (9) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (9) if (&User-Name) -> TRUE
Fri Apr 28 17:25:07 2017 : Debug: (9) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (9) if (&User-Name =~ / /) {
Fri Apr 28 17:25:07 2017 : Debug: (9) if (&User-Name =~ / /) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (9) if (&User-Name =~ /@[^@]*@/ ) {
Fri Apr 28 17:25:07 2017 : Debug: (9) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (9) if (&User-Name =~ /\.\./ ) {
Fri Apr 28 17:25:07 2017 : Debug: (9) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (9) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Apr 28 17:25:07 2017 : Debug: (9) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (9) if (&User-Name =~ /\.$/) {
Fri Apr 28 17:25:07 2017 : Debug: (9) if (&User-Name =~ /\.$/) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (9) if (&User-Name =~ /@\./) {
Fri Apr 28 17:25:07 2017 : Debug: (9) if (&User-Name =~ /@\./) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (9) } # if (&User-Name) = notfound
Fri Apr 28 17:25:07 2017 : Debug: (9) } # policy filter_username = notfound
Fri Apr 28 17:25:07 2017 : Debug: (9) policy filter_password {
Fri Apr 28 17:25:07 2017 : Debug: (9) if (&User-Password && (&User-Password != "%{string:User-Password}")) {
Fri Apr 28 17:25:07 2017 : Debug: (9) if (&User-Password && (&User-Password != "%{string:User-Password}")) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (9) } # policy filter_password = notfound
Fri Apr 28 17:25:07 2017 : Debug: (9) modsingle[authorize]: calling preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (9) modsingle[authorize]: returned from preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (9) [preprocess] = ok
Fri Apr 28 17:25:07 2017 : Debug: (9) modsingle[authorize]: calling auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: literal --> /var/log/radius/radacct/
Fri Apr 28 17:25:07 2017 : Debug: if {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IP-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: else {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IPv6-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: literal --> /auth-detail-
Fri Apr 28 17:25:07 2017 : Debug: percent --> Y
Fri Apr 28 17:25:07 2017 : Debug: percent --> m
Fri Apr 28 17:25:07 2017 : Debug: percent --> d
Fri Apr 28 17:25:07 2017 : Debug: (9) auth_log: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: (9) auth_log: --> /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: (9) auth_log: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: %t
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: percent --> t
Fri Apr 28 17:25:07 2017 : Debug: (9) auth_log: EXPAND %t
Fri Apr 28 17:25:07 2017 : Debug: (9) auth_log: --> Fri Apr 28 17:25:07 2017
Fri Apr 28 17:25:07 2017 : Debug: (9) modsingle[authorize]: returned from auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: (9) [auth_log] = ok
Fri Apr 28 17:25:07 2017 : Debug: (9) modsingle[authorize]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (9) modsingle[authorize]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (9) [mschap] = noop
Fri Apr 28 17:25:07 2017 : Debug: (9) modsingle[authorize]: calling suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (9) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:07 2017 : Debug: (9) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:07 2017 : Debug: (9) suffix: Found realm "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (9) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (9) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (9) suffix: Authentication realm is LOCAL
Fri Apr 28 17:25:07 2017 : Debug: (9) modsingle[authorize]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (9) [suffix] = ok
Fri Apr 28 17:25:07 2017 : Debug: (9) modsingle[authorize]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (9) eap: Peer sent EAP Response (code 2) ID 12 length 6
Fri Apr 28 17:25:07 2017 : Debug: (9) eap: Continuing tunnel setup
Fri Apr 28 17:25:07 2017 : Debug: (9) modsingle[authorize]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (9) [eap] = ok
Fri Apr 28 17:25:07 2017 : Debug: (9) } # authorize = ok
Fri Apr 28 17:25:07 2017 : Debug: (9) Found Auth-Type = eap
Fri Apr 28 17:25:07 2017 : Debug: (9) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (9) authenticate {
Fri Apr 28 17:25:07 2017 : Debug: (9) modsingle[authenticate]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (9) eap: Expiring EAP session with state 0x1ae03c641ce825f8
Fri Apr 28 17:25:07 2017 : Debug: (9) eap: Finished EAP session with state 0x2c2c301f2d20294f
Fri Apr 28 17:25:07 2017 : Debug: (9) eap: Previous EAP request found for state 0x2c2c301f2d20294f, released from the list
Fri Apr 28 17:25:07 2017 : Debug: (9) eap: Peer sent packet with method EAP PEAP (25)
Fri Apr 28 17:25:07 2017 : Debug: (9) eap: Calling submodule eap_peap to process data
Fri Apr 28 17:25:07 2017 : Debug: (9) eap_peap: Continuing EAP-TLS
Fri Apr 28 17:25:07 2017 : Debug: (9) eap_peap: Peer sent flags ---
Fri Apr 28 17:25:07 2017 : Debug: (9) eap_peap: Peer ACKed our handshake fragment
Fri Apr 28 17:25:07 2017 : Debug: (9) eap_peap: [eaptls verify] = request
Fri Apr 28 17:25:07 2017 : Debug: (9) eap_peap: [eaptls process] = handled
Fri Apr 28 17:25:07 2017 : Debug: (9) eap: Sending EAP Request (code 1) ID 13 length 1000
Fri Apr 28 17:25:07 2017 : Debug: (9) eap: EAP session adding &reply:State = 0x2c2c301f2e21294f
Fri Apr 28 17:25:07 2017 : Debug: (9) modsingle[authenticate]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (9) [eap] = handled
Fri Apr 28 17:25:07 2017 : Debug: (9) } # authenticate = handled
Fri Apr 28 17:25:07 2017 : Debug: (9) Using Post-Auth-Type Challenge
Fri Apr 28 17:25:07 2017 : Debug: (9) Post-Auth-Type sub-section not found. Ignoring.
Fri Apr 28 17:25:07 2017 : Debug: (9) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (9) session-state: Nothing to cache
Fri Apr 28 17:25:07 2017 : Debug: (9) Sent Access-Challenge Id 2 from 195.83.247.135:1812 to 172.19.11.253:32770 length 0
Fri Apr 28 17:25:07 2017 : Debug: (9) EAP-Message = 0x010d03e8194068747470733a2f2f7777772e64696769636572742e636f6d2f4350533008060667810c010202306e06082b0601050507010104623060302406082b060105050730018618687474703a2f2f6f6373702e64696769636572742e636f6d303806082b06010505073002862c687474703a2f2f
Fri Apr 28 17:25:07 2017 : Debug: (9) Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:07 2017 : Debug: (9) State = 0x2c2c301f2e21294f5eb897255f295017
Fri Apr 28 17:25:07 2017 : Debug: (9) Finished request
Fri Apr 28 17:25:07 2017 : Debug: Waking up in 4.6 seconds.
Fri Apr 28 17:25:07 2017 : Debug: (10) Received Access-Request Id 3 from 172.19.11.253:32770 to 195.83.247.135:1812 length 250
Fri Apr 28 17:25:07 2017 : Debug: (10) User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (10) Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:07 2017 : Debug: (10) Location-Capable = Civix-Location
Fri Apr 28 17:25:07 2017 : Debug: (10) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:07 2017 : Debug: (10) Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:07 2017 : Debug: (10) NAS-Port = 13
Fri Apr 28 17:25:07 2017 : Debug: (10) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:07 2017 : Debug: (10) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:07 2017 : Debug: (10) NAS-Identifier = "wism2"
Fri Apr 28 17:25:07 2017 : Debug: (10) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:07 2017 : Debug: (10) Service-Type = Framed-User
Fri Apr 28 17:25:07 2017 : Debug: (10) Framed-MTU = 1300
Fri Apr 28 17:25:07 2017 : Debug: (10) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:07 2017 : Debug: (10) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:07 2017 : Debug: (10) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:07 2017 : Debug: (10) Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:07 2017 : Debug: (10) EAP-Message = 0x020d00061900
Fri Apr 28 17:25:07 2017 : Debug: (10) State = 0x2c2c301f2e21294f5eb897255f295017
Fri Apr 28 17:25:07 2017 : Debug: (10) Message-Authenticator = 0x764c34207bc1becd15dc0a234629fb91
Fri Apr 28 17:25:07 2017 : Debug: (10) session-state: No cached attributes
Fri Apr 28 17:25:07 2017 : Debug: (10) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (10) authorize {
Fri Apr 28 17:25:07 2017 : Debug: (10) policy filter_username {
Fri Apr 28 17:25:07 2017 : Debug: (10) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (10) if (&User-Name) -> TRUE
Fri Apr 28 17:25:07 2017 : Debug: (10) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (10) if (&User-Name =~ / /) {
Fri Apr 28 17:25:07 2017 : Debug: (10) if (&User-Name =~ / /) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (10) if (&User-Name =~ /@[^@]*@/ ) {
Fri Apr 28 17:25:07 2017 : Debug: (10) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (10) if (&User-Name =~ /\.\./ ) {
Fri Apr 28 17:25:07 2017 : Debug: (10) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (10) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Apr 28 17:25:07 2017 : Debug: (10) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (10) if (&User-Name =~ /\.$/) {
Fri Apr 28 17:25:07 2017 : Debug: (10) if (&User-Name =~ /\.$/) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (10) if (&User-Name =~ /@\./) {
Fri Apr 28 17:25:07 2017 : Debug: (10) if (&User-Name =~ /@\./) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (10) } # if (&User-Name) = notfound
Fri Apr 28 17:25:07 2017 : Debug: (10) } # policy filter_username = notfound
Fri Apr 28 17:25:07 2017 : Debug: (10) policy filter_password {
Fri Apr 28 17:25:07 2017 : Debug: (10) if (&User-Password && (&User-Password != "%{string:User-Password}")) {
Fri Apr 28 17:25:07 2017 : Debug: (10) if (&User-Password && (&User-Password != "%{string:User-Password}")) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (10) } # policy filter_password = notfound
Fri Apr 28 17:25:07 2017 : Debug: (10) modsingle[authorize]: calling preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (10) modsingle[authorize]: returned from preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (10) [preprocess] = ok
Fri Apr 28 17:25:07 2017 : Debug: (10) modsingle[authorize]: calling auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: literal --> /var/log/radius/radacct/
Fri Apr 28 17:25:07 2017 : Debug: if {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IP-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: else {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IPv6-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: literal --> /auth-detail-
Fri Apr 28 17:25:07 2017 : Debug: percent --> Y
Fri Apr 28 17:25:07 2017 : Debug: percent --> m
Fri Apr 28 17:25:07 2017 : Debug: percent --> d
Fri Apr 28 17:25:07 2017 : Debug: (10) auth_log: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: (10) auth_log: --> /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: (10) auth_log: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: %t
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: percent --> t
Fri Apr 28 17:25:07 2017 : Debug: (10) auth_log: EXPAND %t
Fri Apr 28 17:25:07 2017 : Debug: (10) auth_log: --> Fri Apr 28 17:25:07 2017
Fri Apr 28 17:25:07 2017 : Debug: (10) modsingle[authorize]: returned from auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: (10) [auth_log] = ok
Fri Apr 28 17:25:07 2017 : Debug: (10) modsingle[authorize]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (10) modsingle[authorize]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (10) [mschap] = noop
Fri Apr 28 17:25:07 2017 : Debug: (10) modsingle[authorize]: calling suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (10) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:07 2017 : Debug: (10) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:07 2017 : Debug: (10) suffix: Found realm "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (10) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (10) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (10) suffix: Authentication realm is LOCAL
Fri Apr 28 17:25:07 2017 : Debug: (10) modsingle[authorize]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (10) [suffix] = ok
Fri Apr 28 17:25:07 2017 : Debug: (10) modsingle[authorize]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (10) eap: Peer sent EAP Response (code 2) ID 13 length 6
Fri Apr 28 17:25:07 2017 : Debug: (10) eap: Continuing tunnel setup
Fri Apr 28 17:25:07 2017 : Debug: (10) modsingle[authorize]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (10) [eap] = ok
Fri Apr 28 17:25:07 2017 : Debug: (10) } # authorize = ok
Fri Apr 28 17:25:07 2017 : Debug: (10) Found Auth-Type = eap
Fri Apr 28 17:25:07 2017 : Debug: (10) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (10) authenticate {
Fri Apr 28 17:25:07 2017 : Debug: (10) modsingle[authenticate]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (10) eap: Expiring EAP session with state 0x1ae03c641ce825f8
Fri Apr 28 17:25:07 2017 : Debug: (10) eap: Finished EAP session with state 0x2c2c301f2e21294f
Fri Apr 28 17:25:07 2017 : Debug: (10) eap: Previous EAP request found for state 0x2c2c301f2e21294f, released from the list
Fri Apr 28 17:25:07 2017 : Debug: (10) eap: Peer sent packet with method EAP PEAP (25)
Fri Apr 28 17:25:07 2017 : Debug: (10) eap: Calling submodule eap_peap to process data
Fri Apr 28 17:25:07 2017 : Debug: (10) eap_peap: Continuing EAP-TLS
Fri Apr 28 17:25:07 2017 : Debug: (10) eap_peap: Peer sent flags ---
Fri Apr 28 17:25:07 2017 : Debug: (10) eap_peap: Peer ACKed our handshake fragment
Fri Apr 28 17:25:07 2017 : Debug: (10) eap_peap: [eaptls verify] = request
Fri Apr 28 17:25:07 2017 : Debug: (10) eap_peap: [eaptls process] = handled
Fri Apr 28 17:25:07 2017 : Debug: (10) eap: Sending EAP Request (code 1) ID 14 length 1000
Fri Apr 28 17:25:07 2017 : Debug: (10) eap: EAP session adding &reply:State = 0x2c2c301f2f22294f
Fri Apr 28 17:25:07 2017 : Debug: (10) modsingle[authenticate]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (10) [eap] = handled
Fri Apr 28 17:25:07 2017 : Debug: (10) } # authenticate = handled
Fri Apr 28 17:25:07 2017 : Debug: (10) Using Post-Auth-Type Challenge
Fri Apr 28 17:25:07 2017 : Debug: (10) Post-Auth-Type sub-section not found. Ignoring.
Fri Apr 28 17:25:07 2017 : Debug: (10) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (10) session-state: Nothing to cache
Fri Apr 28 17:25:07 2017 : Debug: (10) Sent Access-Challenge Id 3 from 195.83.247.135:1812 to 172.19.11.253:32770 length 0
Fri Apr 28 17:25:07 2017 : Debug: (10) EAP-Message = 0x010e03e81940722ef471e461b520a0fa26696a0af1ab9f6db7cf250203010001a38201a6308201a230120603551d130101ff040830060101ff020100300e0603551d0f0101ff040403020186307906082b06010505070101046d306b302406082b060105050730018618687474703a2f2f6f6373702e64
Fri Apr 28 17:25:07 2017 : Debug: (10) Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:07 2017 : Debug: (10) State = 0x2c2c301f2f22294f5eb897255f295017
Fri Apr 28 17:25:07 2017 : Debug: (10) Finished request
Fri Apr 28 17:25:07 2017 : Debug: Waking up in 4.6 seconds.
Fri Apr 28 17:25:07 2017 : Debug: (11) Received Access-Request Id 4 from 172.19.11.253:32770 to 195.83.247.135:1812 length 250
Fri Apr 28 17:25:07 2017 : Debug: (11) User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (11) Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:07 2017 : Debug: (11) Location-Capable = Civix-Location
Fri Apr 28 17:25:07 2017 : Debug: (11) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:07 2017 : Debug: (11) Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:07 2017 : Debug: (11) NAS-Port = 13
Fri Apr 28 17:25:07 2017 : Debug: (11) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:07 2017 : Debug: (11) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:07 2017 : Debug: (11) NAS-Identifier = "wism2"
Fri Apr 28 17:25:07 2017 : Debug: (11) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:07 2017 : Debug: (11) Service-Type = Framed-User
Fri Apr 28 17:25:07 2017 : Debug: (11) Framed-MTU = 1300
Fri Apr 28 17:25:07 2017 : Debug: (11) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:07 2017 : Debug: (11) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:07 2017 : Debug: (11) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:07 2017 : Debug: (11) Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:07 2017 : Debug: (11) EAP-Message = 0x020e00061900
Fri Apr 28 17:25:07 2017 : Debug: (11) State = 0x2c2c301f2f22294f5eb897255f295017
Fri Apr 28 17:25:07 2017 : Debug: (11) Message-Authenticator = 0xf563e40fa76570570bd50456d8d4629a
Fri Apr 28 17:25:07 2017 : Debug: (11) session-state: No cached attributes
Fri Apr 28 17:25:07 2017 : Debug: (11) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (11) authorize {
Fri Apr 28 17:25:07 2017 : Debug: (11) policy filter_username {
Fri Apr 28 17:25:07 2017 : Debug: (11) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (11) if (&User-Name) -> TRUE
Fri Apr 28 17:25:07 2017 : Debug: (11) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (11) if (&User-Name =~ / /) {
Fri Apr 28 17:25:07 2017 : Debug: (11) if (&User-Name =~ / /) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (11) if (&User-Name =~ /@[^@]*@/ ) {
Fri Apr 28 17:25:07 2017 : Debug: (11) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (11) if (&User-Name =~ /\.\./ ) {
Fri Apr 28 17:25:07 2017 : Debug: (11) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (11) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Apr 28 17:25:07 2017 : Debug: (11) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (11) if (&User-Name =~ /\.$/) {
Fri Apr 28 17:25:07 2017 : Debug: (11) if (&User-Name =~ /\.$/) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (11) if (&User-Name =~ /@\./) {
Fri Apr 28 17:25:07 2017 : Debug: (11) if (&User-Name =~ /@\./) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (11) } # if (&User-Name) = notfound
Fri Apr 28 17:25:07 2017 : Debug: (11) } # policy filter_username = notfound
Fri Apr 28 17:25:07 2017 : Debug: (11) policy filter_password {
Fri Apr 28 17:25:07 2017 : Debug: (11) if (&User-Password && (&User-Password != "%{string:User-Password}")) {
Fri Apr 28 17:25:07 2017 : Debug: (11) if (&User-Password && (&User-Password != "%{string:User-Password}")) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (11) } # policy filter_password = notfound
Fri Apr 28 17:25:07 2017 : Debug: (11) modsingle[authorize]: calling preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (11) modsingle[authorize]: returned from preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (11) [preprocess] = ok
Fri Apr 28 17:25:07 2017 : Debug: (11) modsingle[authorize]: calling auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: literal --> /var/log/radius/radacct/
Fri Apr 28 17:25:07 2017 : Debug: if {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IP-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: else {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IPv6-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: literal --> /auth-detail-
Fri Apr 28 17:25:07 2017 : Debug: percent --> Y
Fri Apr 28 17:25:07 2017 : Debug: percent --> m
Fri Apr 28 17:25:07 2017 : Debug: percent --> d
Fri Apr 28 17:25:07 2017 : Debug: (11) auth_log: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: (11) auth_log: --> /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: (11) auth_log: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: %t
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: percent --> t
Fri Apr 28 17:25:07 2017 : Debug: (11) auth_log: EXPAND %t
Fri Apr 28 17:25:07 2017 : Debug: (11) auth_log: --> Fri Apr 28 17:25:07 2017
Fri Apr 28 17:25:07 2017 : Debug: (11) modsingle[authorize]: returned from auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: (11) [auth_log] = ok
Fri Apr 28 17:25:07 2017 : Debug: (11) modsingle[authorize]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (11) modsingle[authorize]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (11) [mschap] = noop
Fri Apr 28 17:25:07 2017 : Debug: (11) modsingle[authorize]: calling suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (11) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:07 2017 : Debug: (11) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:07 2017 : Debug: (11) suffix: Found realm "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (11) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (11) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (11) suffix: Authentication realm is LOCAL
Fri Apr 28 17:25:07 2017 : Debug: (11) modsingle[authorize]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (11) [suffix] = ok
Fri Apr 28 17:25:07 2017 : Debug: (11) modsingle[authorize]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (11) eap: Peer sent EAP Response (code 2) ID 14 length 6
Fri Apr 28 17:25:07 2017 : Debug: (11) eap: Continuing tunnel setup
Fri Apr 28 17:25:07 2017 : Debug: (11) modsingle[authorize]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (11) [eap] = ok
Fri Apr 28 17:25:07 2017 : Debug: (11) } # authorize = ok
Fri Apr 28 17:25:07 2017 : Debug: (11) Found Auth-Type = eap
Fri Apr 28 17:25:07 2017 : Debug: (11) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (11) authenticate {
Fri Apr 28 17:25:07 2017 : Debug: (11) modsingle[authenticate]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (11) eap: Expiring EAP session with state 0x1ae03c641ce825f8
Fri Apr 28 17:25:07 2017 : Debug: (11) eap: Finished EAP session with state 0x2c2c301f2f22294f
Fri Apr 28 17:25:07 2017 : Debug: (11) eap: Previous EAP request found for state 0x2c2c301f2f22294f, released from the list
Fri Apr 28 17:25:07 2017 : Debug: (11) eap: Peer sent packet with method EAP PEAP (25)
Fri Apr 28 17:25:07 2017 : Debug: (11) eap: Calling submodule eap_peap to process data
Fri Apr 28 17:25:07 2017 : Debug: (11) eap_peap: Continuing EAP-TLS
Fri Apr 28 17:25:07 2017 : Debug: (11) eap_peap: Peer sent flags ---
Fri Apr 28 17:25:07 2017 : Debug: (11) eap_peap: Peer ACKed our handshake fragment
Fri Apr 28 17:25:07 2017 : Debug: (11) eap_peap: [eaptls verify] = request
Fri Apr 28 17:25:07 2017 : Debug: (11) eap_peap: [eaptls process] = handled
Fri Apr 28 17:25:07 2017 : Debug: (11) eap: Sending EAP Request (code 1) ID 15 length 1000
Fri Apr 28 17:25:07 2017 : Debug: (11) eap: EAP session adding &reply:State = 0x2c2c301f2823294f
Fri Apr 28 17:25:07 2017 : Debug: (11) modsingle[authenticate]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (11) [eap] = handled
Fri Apr 28 17:25:07 2017 : Debug: (11) } # authenticate = handled
Fri Apr 28 17:25:07 2017 : Debug: (11) Using Post-Auth-Type Challenge
Fri Apr 28 17:25:07 2017 : Debug: (11) Post-Auth-Type sub-section not found. Ignoring.
Fri Apr 28 17:25:07 2017 : Debug: (11) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (11) session-state: Nothing to cache
Fri Apr 28 17:25:07 2017 : Debug: (11) Sent Access-Challenge Id 4 from 195.83.247.135:1812 to 172.19.11.253:32770 length 0
Fri Apr 28 17:25:07 2017 : Debug: (11) EAP-Message = 0x010f03e819407274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae7
Fri Apr 28 17:25:07 2017 : Debug: (11) Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:07 2017 : Debug: (11) State = 0x2c2c301f2823294f5eb897255f295017
Fri Apr 28 17:25:07 2017 : Debug: (11) Finished request
Fri Apr 28 17:25:07 2017 : Debug: Waking up in 4.6 seconds.
Fri Apr 28 17:25:07 2017 : Debug: (12) Received Access-Request Id 5 from 172.19.11.253:32770 to 195.83.247.135:1812 length 250
Fri Apr 28 17:25:07 2017 : Debug: (12) User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (12) Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:07 2017 : Debug: (12) Location-Capable = Civix-Location
Fri Apr 28 17:25:07 2017 : Debug: (12) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:07 2017 : Debug: (12) Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:07 2017 : Debug: (12) NAS-Port = 13
Fri Apr 28 17:25:07 2017 : Debug: (12) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:07 2017 : Debug: (12) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:07 2017 : Debug: (12) NAS-Identifier = "wism2"
Fri Apr 28 17:25:07 2017 : Debug: (12) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:07 2017 : Debug: (12) Service-Type = Framed-User
Fri Apr 28 17:25:07 2017 : Debug: (12) Framed-MTU = 1300
Fri Apr 28 17:25:07 2017 : Debug: (12) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:07 2017 : Debug: (12) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:07 2017 : Debug: (12) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:07 2017 : Debug: (12) Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:07 2017 : Debug: (12) EAP-Message = 0x020f00061900
Fri Apr 28 17:25:07 2017 : Debug: (12) State = 0x2c2c301f2823294f5eb897255f295017
Fri Apr 28 17:25:07 2017 : Debug: (12) Message-Authenticator = 0x4a6166a8ffdb66b63d7dfcacd24ddd49
Fri Apr 28 17:25:07 2017 : Debug: (12) session-state: No cached attributes
Fri Apr 28 17:25:07 2017 : Debug: (12) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (12) authorize {
Fri Apr 28 17:25:07 2017 : Debug: (12) policy filter_username {
Fri Apr 28 17:25:07 2017 : Debug: (12) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (12) if (&User-Name) -> TRUE
Fri Apr 28 17:25:07 2017 : Debug: (12) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (12) if (&User-Name =~ / /) {
Fri Apr 28 17:25:07 2017 : Debug: (12) if (&User-Name =~ / /) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (12) if (&User-Name =~ /@[^@]*@/ ) {
Fri Apr 28 17:25:07 2017 : Debug: (12) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (12) if (&User-Name =~ /\.\./ ) {
Fri Apr 28 17:25:07 2017 : Debug: (12) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (12) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Apr 28 17:25:07 2017 : Debug: (12) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (12) if (&User-Name =~ /\.$/) {
Fri Apr 28 17:25:07 2017 : Debug: (12) if (&User-Name =~ /\.$/) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (12) if (&User-Name =~ /@\./) {
Fri Apr 28 17:25:07 2017 : Debug: (12) if (&User-Name =~ /@\./) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (12) } # if (&User-Name) = notfound
Fri Apr 28 17:25:07 2017 : Debug: (12) } # policy filter_username = notfound
Fri Apr 28 17:25:07 2017 : Debug: (12) policy filter_password {
Fri Apr 28 17:25:07 2017 : Debug: (12) if (&User-Password && (&User-Password != "%{string:User-Password}")) {
Fri Apr 28 17:25:07 2017 : Debug: (12) if (&User-Password && (&User-Password != "%{string:User-Password}")) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (12) } # policy filter_password = notfound
Fri Apr 28 17:25:07 2017 : Debug: (12) modsingle[authorize]: calling preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (12) modsingle[authorize]: returned from preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (12) [preprocess] = ok
Fri Apr 28 17:25:07 2017 : Debug: (12) modsingle[authorize]: calling auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: literal --> /var/log/radius/radacct/
Fri Apr 28 17:25:07 2017 : Debug: if {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IP-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: else {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IPv6-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: literal --> /auth-detail-
Fri Apr 28 17:25:07 2017 : Debug: percent --> Y
Fri Apr 28 17:25:07 2017 : Debug: percent --> m
Fri Apr 28 17:25:07 2017 : Debug: percent --> d
Fri Apr 28 17:25:07 2017 : Debug: (12) auth_log: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: (12) auth_log: --> /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: (12) auth_log: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: %t
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: percent --> t
Fri Apr 28 17:25:07 2017 : Debug: (12) auth_log: EXPAND %t
Fri Apr 28 17:25:07 2017 : Debug: (12) auth_log: --> Fri Apr 28 17:25:07 2017
Fri Apr 28 17:25:07 2017 : Debug: (12) modsingle[authorize]: returned from auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: (12) [auth_log] = ok
Fri Apr 28 17:25:07 2017 : Debug: (12) modsingle[authorize]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (12) modsingle[authorize]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (12) [mschap] = noop
Fri Apr 28 17:25:07 2017 : Debug: (12) modsingle[authorize]: calling suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (12) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:07 2017 : Debug: (12) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:07 2017 : Debug: (12) suffix: Found realm "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (12) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (12) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (12) suffix: Authentication realm is LOCAL
Fri Apr 28 17:25:07 2017 : Debug: (12) modsingle[authorize]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (12) [suffix] = ok
Fri Apr 28 17:25:07 2017 : Debug: (12) modsingle[authorize]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (12) eap: Peer sent EAP Response (code 2) ID 15 length 6
Fri Apr 28 17:25:07 2017 : Debug: (12) eap: Continuing tunnel setup
Fri Apr 28 17:25:07 2017 : Debug: (12) modsingle[authorize]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (12) [eap] = ok
Fri Apr 28 17:25:07 2017 : Debug: (12) } # authorize = ok
Fri Apr 28 17:25:07 2017 : Debug: (12) Found Auth-Type = eap
Fri Apr 28 17:25:07 2017 : Debug: (12) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (12) authenticate {
Fri Apr 28 17:25:07 2017 : Debug: (12) modsingle[authenticate]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (12) eap: Expiring EAP session with state 0x1ae03c641ce825f8
Fri Apr 28 17:25:07 2017 : Debug: (12) eap: Finished EAP session with state 0x2c2c301f2823294f
Fri Apr 28 17:25:07 2017 : Debug: (12) eap: Previous EAP request found for state 0x2c2c301f2823294f, released from the list
Fri Apr 28 17:25:07 2017 : Debug: (12) eap: Peer sent packet with method EAP PEAP (25)
Fri Apr 28 17:25:07 2017 : Debug: (12) eap: Calling submodule eap_peap to process data
Fri Apr 28 17:25:07 2017 : Debug: (12) eap_peap: Continuing EAP-TLS
Fri Apr 28 17:25:07 2017 : Debug: (12) eap_peap: Peer sent flags ---
Fri Apr 28 17:25:07 2017 : Debug: (12) eap_peap: Peer ACKed our handshake fragment
Fri Apr 28 17:25:07 2017 : Debug: (12) eap_peap: [eaptls verify] = request
Fri Apr 28 17:25:07 2017 : Debug: (12) eap_peap: [eaptls process] = handled
Fri Apr 28 17:25:07 2017 : Debug: (12) eap: Sending EAP Request (code 1) ID 16 length 49
Fri Apr 28 17:25:07 2017 : Debug: (12) eap: EAP session adding &reply:State = 0x2c2c301f293c294f
Fri Apr 28 17:25:07 2017 : Debug: (12) modsingle[authenticate]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (12) [eap] = handled
Fri Apr 28 17:25:07 2017 : Debug: (12) } # authenticate = handled
Fri Apr 28 17:25:07 2017 : Debug: (12) Using Post-Auth-Type Challenge
Fri Apr 28 17:25:07 2017 : Debug: (12) Post-Auth-Type sub-section not found. Ignoring.
Fri Apr 28 17:25:07 2017 : Debug: (12) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (12) session-state: Nothing to cache
Fri Apr 28 17:25:07 2017 : Debug: (12) Sent Access-Challenge Id 5 from 195.83.247.135:1812 to 172.19.11.253:32770 length 0
Fri Apr 28 17:25:07 2017 : Debug: (12) EAP-Message = 0x0110003119006c54a2902ee949468dafe82aa742b6b381682d9a668bbaf5debe26d6c1fb6829b22916030100040e000000
Fri Apr 28 17:25:07 2017 : Debug: (12) Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:07 2017 : Debug: (12) State = 0x2c2c301f293c294f5eb897255f295017
Fri Apr 28 17:25:07 2017 : Debug: (12) Finished request
Fri Apr 28 17:25:07 2017 : Debug: Waking up in 4.6 seconds.
Fri Apr 28 17:25:07 2017 : Debug: (13) Received Access-Request Id 6 from 172.19.11.253:32770 to 195.83.247.135:1812 length 388
Fri Apr 28 17:25:07 2017 : Debug: (13) User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (13) Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:07 2017 : Debug: (13) Location-Capable = Civix-Location
Fri Apr 28 17:25:07 2017 : Debug: (13) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:07 2017 : Debug: (13) Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:07 2017 : Debug: (13) NAS-Port = 13
Fri Apr 28 17:25:07 2017 : Debug: (13) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:07 2017 : Debug: (13) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:07 2017 : Debug: (13) NAS-Identifier = "wism2"
Fri Apr 28 17:25:07 2017 : Debug: (13) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:07 2017 : Debug: (13) Service-Type = Framed-User
Fri Apr 28 17:25:07 2017 : Debug: (13) Framed-MTU = 1300
Fri Apr 28 17:25:07 2017 : Debug: (13) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:07 2017 : Debug: (13) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:07 2017 : Debug: (13) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:07 2017 : Debug: (13) Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:07 2017 : Debug: (13) EAP-Message = 0x02100090198000000086160301004610000042410474c4607d1d38a350e2005d00c3e8f4f0fd20422fd58ccd6f86c62b4089a5e8c1978cb01b14b1143ad4685defed36d821a1fa9fc404355becbdc2ae32fddcae721403010001011603010030f76d56cb96eecc8b486e49bdad5337e442746814ea9c3d
Fri Apr 28 17:25:07 2017 : Debug: (13) State = 0x2c2c301f293c294f5eb897255f295017
Fri Apr 28 17:25:07 2017 : Debug: (13) Message-Authenticator = 0x36f402e98cdde8e77941d8d292f7dd03
Fri Apr 28 17:25:07 2017 : Debug: (13) session-state: No cached attributes
Fri Apr 28 17:25:07 2017 : Debug: (13) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (13) authorize {
Fri Apr 28 17:25:07 2017 : Debug: (13) policy filter_username {
Fri Apr 28 17:25:07 2017 : Debug: (13) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (13) if (&User-Name) -> TRUE
Fri Apr 28 17:25:07 2017 : Debug: (13) if (&User-Name) {
Fri Apr 28 17:25:07 2017 : Debug: (13) if (&User-Name =~ / /) {
Fri Apr 28 17:25:07 2017 : Debug: (13) if (&User-Name =~ / /) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (13) if (&User-Name =~ /@[^@]*@/ ) {
Fri Apr 28 17:25:07 2017 : Debug: (13) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (13) if (&User-Name =~ /\.\./ ) {
Fri Apr 28 17:25:07 2017 : Debug: (13) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (13) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Apr 28 17:25:07 2017 : Debug: (13) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (13) if (&User-Name =~ /\.$/) {
Fri Apr 28 17:25:07 2017 : Debug: (13) if (&User-Name =~ /\.$/) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (13) if (&User-Name =~ /@\./) {
Fri Apr 28 17:25:07 2017 : Debug: (13) if (&User-Name =~ /@\./) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (13) } # if (&User-Name) = notfound
Fri Apr 28 17:25:07 2017 : Debug: (13) } # policy filter_username = notfound
Fri Apr 28 17:25:07 2017 : Debug: (13) policy filter_password {
Fri Apr 28 17:25:07 2017 : Debug: (13) if (&User-Password && (&User-Password != "%{string:User-Password}")) {
Fri Apr 28 17:25:07 2017 : Debug: (13) if (&User-Password && (&User-Password != "%{string:User-Password}")) -> FALSE
Fri Apr 28 17:25:07 2017 : Debug: (13) } # policy filter_password = notfound
Fri Apr 28 17:25:07 2017 : Debug: (13) modsingle[authorize]: calling preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (13) modsingle[authorize]: returned from preprocess (rlm_preprocess)
Fri Apr 28 17:25:07 2017 : Debug: (13) [preprocess] = ok
Fri Apr 28 17:25:07 2017 : Debug: (13) modsingle[authorize]: calling auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: literal --> /var/log/radius/radacct/
Fri Apr 28 17:25:07 2017 : Debug: if {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IP-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: else {
Fri Apr 28 17:25:07 2017 : Debug: attribute --> Packet-Src-IPv6-Address
Fri Apr 28 17:25:07 2017 : Debug: }
Fri Apr 28 17:25:07 2017 : Debug: literal --> /auth-detail-
Fri Apr 28 17:25:07 2017 : Debug: percent --> Y
Fri Apr 28 17:25:07 2017 : Debug: percent --> m
Fri Apr 28 17:25:07 2017 : Debug: percent --> d
Fri Apr 28 17:25:07 2017 : Debug: (13) auth_log: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:07 2017 : Debug: (13) auth_log: --> /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: (13) auth_log: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:07 2017 : Debug: %t
Fri Apr 28 17:25:07 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:07 2017 : Debug: percent --> t
Fri Apr 28 17:25:07 2017 : Debug: (13) auth_log: EXPAND %t
Fri Apr 28 17:25:07 2017 : Debug: (13) auth_log: --> Fri Apr 28 17:25:07 2017
Fri Apr 28 17:25:07 2017 : Debug: (13) modsingle[authorize]: returned from auth_log (rlm_detail)
Fri Apr 28 17:25:07 2017 : Debug: (13) [auth_log] = ok
Fri Apr 28 17:25:07 2017 : Debug: (13) modsingle[authorize]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (13) modsingle[authorize]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:07 2017 : Debug: (13) [mschap] = noop
Fri Apr 28 17:25:07 2017 : Debug: (13) modsingle[authorize]: calling suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (13) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:07 2017 : Debug: (13) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:07 2017 : Debug: (13) suffix: Found realm "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (13) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:07 2017 : Debug: (13) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:07 2017 : Debug: (13) suffix: Authentication realm is LOCAL
Fri Apr 28 17:25:07 2017 : Debug: (13) modsingle[authorize]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:07 2017 : Debug: (13) [suffix] = ok
Fri Apr 28 17:25:07 2017 : Debug: (13) modsingle[authorize]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (13) eap: Peer sent EAP Response (code 2) ID 16 length 144
Fri Apr 28 17:25:07 2017 : Debug: (13) eap: Continuing tunnel setup
Fri Apr 28 17:25:07 2017 : Debug: (13) modsingle[authorize]: returned from eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (13) [eap] = ok
Fri Apr 28 17:25:07 2017 : Debug: (13) } # authorize = ok
Fri Apr 28 17:25:07 2017 : Debug: (13) Found Auth-Type = eap
Fri Apr 28 17:25:07 2017 : Debug: (13) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:07 2017 : Debug: (13) authenticate {
Fri Apr 28 17:25:07 2017 : Debug: (13) modsingle[authenticate]: calling eap (rlm_eap)
Fri Apr 28 17:25:07 2017 : Debug: (13) eap: Expiring EAP session with state 0x1ae03c641ce825f8
Fri Apr 28 17:25:07 2017 : Debug: (13) eap: Finished EAP session with state 0x2c2c301f293c294f
Fri Apr 28 17:25:07 2017 : Debug: (13) eap: Previous EAP request found for state 0x2c2c301f293c294f, released from the list
Fri Apr 28 17:25:07 2017 : Debug: (13) eap: Peer sent packet with method EAP PEAP (25)
Fri Apr 28 17:25:07 2017 : Debug: (13) eap: Calling submodule eap_peap to process data
Fri Apr 28 17:25:07 2017 : Debug: (13) eap_peap: Continuing EAP-TLS
Fri Apr 28 17:25:07 2017 : Debug: (13) eap_peap: Peer sent flags --L
Fri Apr 28 17:25:07 2017 : Debug: (13) eap_peap: Peer indicated complete TLS record size will be 134 bytes
Fri Apr 28 17:25:07 2017 : Debug: (13) eap_peap: Got complete TLS record (134 bytes)
Fri Apr 28 17:25:07 2017 : Debug: (13) eap_peap: [eaptls verify] = length included
Fri Apr 28 17:25:07 2017 : Debug: (13) eap_peap: <<< recv TLS 1.0 Handshake [length 0046], ClientKeyExchange
Fri Apr 28 17:25:07 2017 : Debug: (13) eap_peap: TLS_accept: SSLv3 read client key exchange A
Fri Apr 28 17:25:07 2017 : Debug: (13) eap_peap: <<< recv TLS 1.0 ChangeCipherSpec [length 0001]
Fri Apr 28 17:25:08 2017 : Debug: (13) eap_peap: <<< recv TLS 1.0 Handshake [length 0010], Finished
Fri Apr 28 17:25:08 2017 : Debug: (13) eap_peap: TLS_accept: SSLv3 read finished A
Fri Apr 28 17:25:08 2017 : Debug: (13) eap_peap: >>> send TLS 1.0 ChangeCipherSpec [length 0001]
Fri Apr 28 17:25:08 2017 : Debug: (13) eap_peap: TLS_accept: SSLv3 write change cipher spec A
Fri Apr 28 17:25:08 2017 : Debug: (13) eap_peap: >>> send TLS 1.0 Handshake [length 0010], Finished
Fri Apr 28 17:25:08 2017 : Debug: (13) eap_peap: TLS_accept: SSLv3 write finished A
Fri Apr 28 17:25:08 2017 : Debug: (13) eap_peap: TLS_accept: SSLv3 flush data
Fri Apr 28 17:25:08 2017 : Debug: (13) eap_peap: (other): SSL negotiation finished successfully
Fri Apr 28 17:25:08 2017 : Debug: (13) eap_peap: SSL Connection Established
Fri Apr 28 17:25:08 2017 : Debug: (13) eap_peap: [eaptls process] = handled
Fri Apr 28 17:25:08 2017 : Debug: (13) eap: Sending EAP Request (code 1) ID 17 length 65
Fri Apr 28 17:25:08 2017 : Debug: (13) eap: EAP session adding &reply:State = 0x2c2c301f2a3d294f
Fri Apr 28 17:25:08 2017 : Debug: (13) modsingle[authenticate]: returned from eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (13) [eap] = handled
Fri Apr 28 17:25:08 2017 : Debug: (13) } # authenticate = handled
Fri Apr 28 17:25:08 2017 : Debug: (13) Using Post-Auth-Type Challenge
Fri Apr 28 17:25:08 2017 : Debug: (13) Post-Auth-Type sub-section not found. Ignoring.
Fri Apr 28 17:25:08 2017 : Debug: (13) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:08 2017 : Debug: (13) session-state: Nothing to cache
Fri Apr 28 17:25:08 2017 : Debug: (13) Sent Access-Challenge Id 6 from 195.83.247.135:1812 to 172.19.11.253:32770 length 0
Fri Apr 28 17:25:08 2017 : Debug: (13) EAP-Message = 0x01110041190014030100010116030100308ef8bd1bfa599e041438d7c0d5f1c4b2ffe9793d99c4ca4656f1b19baa2bbf521a4c4943ae32a724f70080f1efffe306
Fri Apr 28 17:25:08 2017 : Debug: (13) Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:08 2017 : Debug: (13) State = 0x2c2c301f2a3d294f5eb897255f295017
Fri Apr 28 17:25:08 2017 : Debug: (13) Finished request
Fri Apr 28 17:25:08 2017 : Debug: Waking up in 4.4 seconds.
Fri Apr 28 17:25:08 2017 : Debug: (14) Received Access-Request Id 7 from 172.19.11.253:32770 to 195.83.247.135:1812 length 250
Fri Apr 28 17:25:08 2017 : Debug: (14) User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (14) Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:08 2017 : Debug: (14) Location-Capable = Civix-Location
Fri Apr 28 17:25:08 2017 : Debug: (14) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:08 2017 : Debug: (14) Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:08 2017 : Debug: (14) NAS-Port = 13
Fri Apr 28 17:25:08 2017 : Debug: (14) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:08 2017 : Debug: (14) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:08 2017 : Debug: (14) NAS-Identifier = "wism2"
Fri Apr 28 17:25:08 2017 : Debug: (14) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:08 2017 : Debug: (14) Service-Type = Framed-User
Fri Apr 28 17:25:08 2017 : Debug: (14) Framed-MTU = 1300
Fri Apr 28 17:25:08 2017 : Debug: (14) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:08 2017 : Debug: (14) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:08 2017 : Debug: (14) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (14) Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:08 2017 : Debug: (14) EAP-Message = 0x021100061900
Fri Apr 28 17:25:08 2017 : Debug: (14) State = 0x2c2c301f2a3d294f5eb897255f295017
Fri Apr 28 17:25:08 2017 : Debug: (14) Message-Authenticator = 0x332a4220689d33ee1ba3253002d9b8d3
Fri Apr 28 17:25:08 2017 : Debug: (14) session-state: No cached attributes
Fri Apr 28 17:25:08 2017 : Debug: (14) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:08 2017 : Debug: (14) authorize {
Fri Apr 28 17:25:08 2017 : Debug: (14) policy filter_username {
Fri Apr 28 17:25:08 2017 : Debug: (14) if (&User-Name) {
Fri Apr 28 17:25:08 2017 : Debug: (14) if (&User-Name) -> TRUE
Fri Apr 28 17:25:08 2017 : Debug: (14) if (&User-Name) {
Fri Apr 28 17:25:08 2017 : Debug: (14) if (&User-Name =~ / /) {
Fri Apr 28 17:25:08 2017 : Debug: (14) if (&User-Name =~ / /) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (14) if (&User-Name =~ /@[^@]*@/ ) {
Fri Apr 28 17:25:08 2017 : Debug: (14) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (14) if (&User-Name =~ /\.\./ ) {
Fri Apr 28 17:25:08 2017 : Debug: (14) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (14) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Apr 28 17:25:08 2017 : Debug: (14) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (14) if (&User-Name =~ /\.$/) {
Fri Apr 28 17:25:08 2017 : Debug: (14) if (&User-Name =~ /\.$/) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (14) if (&User-Name =~ /@\./) {
Fri Apr 28 17:25:08 2017 : Debug: (14) if (&User-Name =~ /@\./) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (14) } # if (&User-Name) = notfound
Fri Apr 28 17:25:08 2017 : Debug: (14) } # policy filter_username = notfound
Fri Apr 28 17:25:08 2017 : Debug: (14) policy filter_password {
Fri Apr 28 17:25:08 2017 : Debug: (14) if (&User-Password && (&User-Password != "%{string:User-Password}")) {
Fri Apr 28 17:25:08 2017 : Debug: (14) if (&User-Password && (&User-Password != "%{string:User-Password}")) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (14) } # policy filter_password = notfound
Fri Apr 28 17:25:08 2017 : Debug: (14) modsingle[authorize]: calling preprocess (rlm_preprocess)
Fri Apr 28 17:25:08 2017 : Debug: (14) modsingle[authorize]: returned from preprocess (rlm_preprocess)
Fri Apr 28 17:25:08 2017 : Debug: (14) [preprocess] = ok
Fri Apr 28 17:25:08 2017 : Debug: (14) modsingle[authorize]: calling auth_log (rlm_detail)
Fri Apr 28 17:25:08 2017 : Debug: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:08 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:08 2017 : Debug: literal --> /var/log/radius/radacct/
Fri Apr 28 17:25:08 2017 : Debug: if {
Fri Apr 28 17:25:08 2017 : Debug: attribute --> Packet-Src-IP-Address
Fri Apr 28 17:25:08 2017 : Debug: }
Fri Apr 28 17:25:08 2017 : Debug: else {
Fri Apr 28 17:25:08 2017 : Debug: attribute --> Packet-Src-IPv6-Address
Fri Apr 28 17:25:08 2017 : Debug: }
Fri Apr 28 17:25:08 2017 : Debug: literal --> /auth-detail-
Fri Apr 28 17:25:08 2017 : Debug: percent --> Y
Fri Apr 28 17:25:08 2017 : Debug: percent --> m
Fri Apr 28 17:25:08 2017 : Debug: percent --> d
Fri Apr 28 17:25:08 2017 : Debug: (14) auth_log: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:08 2017 : Debug: (14) auth_log: --> /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:08 2017 : Debug: (14) auth_log: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:08 2017 : Debug: %t
Fri Apr 28 17:25:08 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:08 2017 : Debug: percent --> t
Fri Apr 28 17:25:08 2017 : Debug: (14) auth_log: EXPAND %t
Fri Apr 28 17:25:08 2017 : Debug: (14) auth_log: --> Fri Apr 28 17:25:08 2017
Fri Apr 28 17:25:08 2017 : Debug: (14) modsingle[authorize]: returned from auth_log (rlm_detail)
Fri Apr 28 17:25:08 2017 : Debug: (14) [auth_log] = ok
Fri Apr 28 17:25:08 2017 : Debug: (14) modsingle[authorize]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:08 2017 : Debug: (14) modsingle[authorize]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:08 2017 : Debug: (14) [mschap] = noop
Fri Apr 28 17:25:08 2017 : Debug: (14) modsingle[authorize]: calling suffix (rlm_realm)
Fri Apr 28 17:25:08 2017 : Debug: (14) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:08 2017 : Debug: (14) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:08 2017 : Debug: (14) suffix: Found realm "NULL"
Fri Apr 28 17:25:08 2017 : Debug: (14) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (14) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:08 2017 : Debug: (14) suffix: Authentication realm is LOCAL
Fri Apr 28 17:25:08 2017 : Debug: (14) modsingle[authorize]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:08 2017 : Debug: (14) [suffix] = ok
Fri Apr 28 17:25:08 2017 : Debug: (14) modsingle[authorize]: calling eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (14) eap: Peer sent EAP Response (code 2) ID 17 length 6
Fri Apr 28 17:25:08 2017 : Debug: (14) eap: Continuing tunnel setup
Fri Apr 28 17:25:08 2017 : Debug: (14) modsingle[authorize]: returned from eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (14) [eap] = ok
Fri Apr 28 17:25:08 2017 : Debug: (14) } # authorize = ok
Fri Apr 28 17:25:08 2017 : Debug: (14) Found Auth-Type = eap
Fri Apr 28 17:25:08 2017 : Debug: (14) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:08 2017 : Debug: (14) authenticate {
Fri Apr 28 17:25:08 2017 : Debug: (14) modsingle[authenticate]: calling eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (14) eap: Expiring EAP session with state 0x1ae03c641ce825f8
Fri Apr 28 17:25:08 2017 : Debug: (14) eap: Finished EAP session with state 0x2c2c301f2a3d294f
Fri Apr 28 17:25:08 2017 : Debug: (14) eap: Previous EAP request found for state 0x2c2c301f2a3d294f, released from the list
Fri Apr 28 17:25:08 2017 : Debug: (14) eap: Peer sent packet with method EAP PEAP (25)
Fri Apr 28 17:25:08 2017 : Debug: (14) eap: Calling submodule eap_peap to process data
Fri Apr 28 17:25:08 2017 : Debug: (14) eap_peap: Continuing EAP-TLS
Fri Apr 28 17:25:08 2017 : Debug: (14) eap_peap: Peer sent flags ---
Fri Apr 28 17:25:08 2017 : Debug: (14) eap_peap: Peer ACKed our handshake fragment. handshake is finished
Fri Apr 28 17:25:08 2017 : Debug: (14) eap_peap: [eaptls verify] = success
Fri Apr 28 17:25:08 2017 : Debug: (14) eap_peap: [eaptls process] = success
Fri Apr 28 17:25:08 2017 : Debug: (14) eap_peap: Session established. Decoding tunneled attributes
Fri Apr 28 17:25:08 2017 : Debug: (14) eap_peap: PEAP state TUNNEL ESTABLISHED
Fri Apr 28 17:25:08 2017 : Debug: (14) eap: Sending EAP Request (code 1) ID 18 length 43
Fri Apr 28 17:25:08 2017 : Debug: (14) eap: EAP session adding &reply:State = 0x2c2c301f2b3e294f
Fri Apr 28 17:25:08 2017 : Debug: (14) modsingle[authenticate]: returned from eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (14) [eap] = handled
Fri Apr 28 17:25:08 2017 : Debug: (14) } # authenticate = handled
Fri Apr 28 17:25:08 2017 : Debug: (14) Using Post-Auth-Type Challenge
Fri Apr 28 17:25:08 2017 : Debug: (14) Post-Auth-Type sub-section not found. Ignoring.
Fri Apr 28 17:25:08 2017 : Debug: (14) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:08 2017 : Debug: (14) session-state: Nothing to cache
Fri Apr 28 17:25:08 2017 : Debug: (14) Sent Access-Challenge Id 7 from 195.83.247.135:1812 to 172.19.11.253:32770 length 0
Fri Apr 28 17:25:08 2017 : Debug: (14) EAP-Message = 0x0112002b19001703010020b0e6768b3cc0ca34419922f265edf75f6173b8e5ebca12d19bdfe72e73bcdb29
Fri Apr 28 17:25:08 2017 : Debug: (14) Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:08 2017 : Debug: (14) State = 0x2c2c301f2b3e294f5eb897255f295017
Fri Apr 28 17:25:08 2017 : Debug: (14) Finished request
Fri Apr 28 17:25:08 2017 : Debug: Waking up in 4.3 seconds.
Fri Apr 28 17:25:08 2017 : Debug: (15) Received Access-Request Id 8 from 172.19.11.253:32770 to 195.83.247.135:1812 length 303
Fri Apr 28 17:25:08 2017 : Debug: (15) User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (15) Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:08 2017 : Debug: (15) Location-Capable = Civix-Location
Fri Apr 28 17:25:08 2017 : Debug: (15) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:08 2017 : Debug: (15) Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:08 2017 : Debug: (15) NAS-Port = 13
Fri Apr 28 17:25:08 2017 : Debug: (15) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:08 2017 : Debug: (15) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:08 2017 : Debug: (15) NAS-Identifier = "wism2"
Fri Apr 28 17:25:08 2017 : Debug: (15) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:08 2017 : Debug: (15) Service-Type = Framed-User
Fri Apr 28 17:25:08 2017 : Debug: (15) Framed-MTU = 1300
Fri Apr 28 17:25:08 2017 : Debug: (15) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:08 2017 : Debug: (15) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:08 2017 : Debug: (15) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (15) Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:08 2017 : Debug: (15) EAP-Message = 0x0212003b19001703010030a9b83bd41af35c8c471ad474e93ec8a9db808e90d5960c4aeed841fb37725a4bfe1fa485160a864e54ca6ed4a182e4a7
Fri Apr 28 17:25:08 2017 : Debug: (15) State = 0x2c2c301f2b3e294f5eb897255f295017
Fri Apr 28 17:25:08 2017 : Debug: (15) Message-Authenticator = 0x543d7a47776ca7ef33df6c372d3f905a
Fri Apr 28 17:25:08 2017 : Debug: (15) session-state: No cached attributes
Fri Apr 28 17:25:08 2017 : Debug: (15) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:08 2017 : Debug: (15) authorize {
Fri Apr 28 17:25:08 2017 : Debug: (15) policy filter_username {
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name) {
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name) -> TRUE
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name) {
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name =~ / /) {
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name =~ / /) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name =~ /@[^@]*@/ ) {
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name =~ /\.\./ ) {
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (15) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Apr 28 17:25:08 2017 : Debug: (15) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name =~ /\.$/) {
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name =~ /\.$/) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name =~ /@\./) {
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name =~ /@\./) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (15) } # if (&User-Name) = notfound
Fri Apr 28 17:25:08 2017 : Debug: (15) } # policy filter_username = notfound
Fri Apr 28 17:25:08 2017 : Debug: (15) policy filter_password {
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Password && (&User-Password != "%{string:User-Password}")) {
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Password && (&User-Password != "%{string:User-Password}")) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (15) } # policy filter_password = notfound
Fri Apr 28 17:25:08 2017 : Debug: (15) modsingle[authorize]: calling preprocess (rlm_preprocess)
Fri Apr 28 17:25:08 2017 : Debug: (15) modsingle[authorize]: returned from preprocess (rlm_preprocess)
Fri Apr 28 17:25:08 2017 : Debug: (15) [preprocess] = ok
Fri Apr 28 17:25:08 2017 : Debug: (15) modsingle[authorize]: calling auth_log (rlm_detail)
Fri Apr 28 17:25:08 2017 : Debug: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:08 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:08 2017 : Debug: literal --> /var/log/radius/radacct/
Fri Apr 28 17:25:08 2017 : Debug: if {
Fri Apr 28 17:25:08 2017 : Debug: attribute --> Packet-Src-IP-Address
Fri Apr 28 17:25:08 2017 : Debug: }
Fri Apr 28 17:25:08 2017 : Debug: else {
Fri Apr 28 17:25:08 2017 : Debug: attribute --> Packet-Src-IPv6-Address
Fri Apr 28 17:25:08 2017 : Debug: }
Fri Apr 28 17:25:08 2017 : Debug: literal --> /auth-detail-
Fri Apr 28 17:25:08 2017 : Debug: percent --> Y
Fri Apr 28 17:25:08 2017 : Debug: percent --> m
Fri Apr 28 17:25:08 2017 : Debug: percent --> d
Fri Apr 28 17:25:08 2017 : Debug: (15) auth_log: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:08 2017 : Debug: (15) auth_log: --> /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:08 2017 : Debug: (15) auth_log: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:08 2017 : Debug: %t
Fri Apr 28 17:25:08 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:08 2017 : Debug: percent --> t
Fri Apr 28 17:25:08 2017 : Debug: (15) auth_log: EXPAND %t
Fri Apr 28 17:25:08 2017 : Debug: (15) auth_log: --> Fri Apr 28 17:25:08 2017
Fri Apr 28 17:25:08 2017 : Debug: (15) modsingle[authorize]: returned from auth_log (rlm_detail)
Fri Apr 28 17:25:08 2017 : Debug: (15) [auth_log] = ok
Fri Apr 28 17:25:08 2017 : Debug: (15) modsingle[authorize]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:08 2017 : Debug: (15) modsingle[authorize]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:08 2017 : Debug: (15) [mschap] = noop
Fri Apr 28 17:25:08 2017 : Debug: (15) modsingle[authorize]: calling suffix (rlm_realm)
Fri Apr 28 17:25:08 2017 : Debug: (15) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:08 2017 : Debug: (15) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:08 2017 : Debug: (15) suffix: Found realm "NULL"
Fri Apr 28 17:25:08 2017 : Debug: (15) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (15) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:08 2017 : Debug: (15) suffix: Authentication realm is LOCAL
Fri Apr 28 17:25:08 2017 : Debug: (15) modsingle[authorize]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:08 2017 : Debug: (15) [suffix] = ok
Fri Apr 28 17:25:08 2017 : Debug: (15) modsingle[authorize]: calling eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (15) eap: Peer sent EAP Response (code 2) ID 18 length 59
Fri Apr 28 17:25:08 2017 : Debug: (15) eap: Continuing tunnel setup
Fri Apr 28 17:25:08 2017 : Debug: (15) modsingle[authorize]: returned from eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (15) [eap] = ok
Fri Apr 28 17:25:08 2017 : Debug: (15) } # authorize = ok
Fri Apr 28 17:25:08 2017 : Debug: (15) Found Auth-Type = eap
Fri Apr 28 17:25:08 2017 : Debug: (15) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:08 2017 : Debug: (15) authenticate {
Fri Apr 28 17:25:08 2017 : Debug: (15) modsingle[authenticate]: calling eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (15) eap: Expiring EAP session with state 0x1ae03c641ce825f8
Fri Apr 28 17:25:08 2017 : Debug: (15) eap: Finished EAP session with state 0x2c2c301f2b3e294f
Fri Apr 28 17:25:08 2017 : Debug: (15) eap: Previous EAP request found for state 0x2c2c301f2b3e294f, released from the list
Fri Apr 28 17:25:08 2017 : Debug: (15) eap: Peer sent packet with method EAP PEAP (25)
Fri Apr 28 17:25:08 2017 : Debug: (15) eap: Calling submodule eap_peap to process data
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Continuing EAP-TLS
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Peer sent flags ---
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: [eaptls verify] = ok
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Done initial handshake
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: [eaptls process] = ok
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Session established. Decoding tunneled attributes
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: PEAP state WAITING FOR INNER IDENTITY
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Identity - teststudent
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Got inner identity 'teststudent'
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Setting default EAP type for tunneled EAP session
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Got tunneled request
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: EAP-Message = 0x02120010017465737473747564656e74
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Setting User-Name to teststudent
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Sending tunneled request to inner-tunnel
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: EAP-Message = 0x02120010017465737473747564656e74
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Location-Capable = Civix-Location
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: NAS-Port = 13
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: NAS-Identifier = "wism2"
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Airespace-Wlan-Id = 25
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Service-Type = Framed-User
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Framed-MTU = 1300
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Event-Timestamp = "Apr 28 2017 17:25:08 CEST"
Fri Apr 28 17:25:08 2017 : Debug: (15) Virtual server inner-tunnel received request
Fri Apr 28 17:25:08 2017 : Debug: (15) EAP-Message = 0x02120010017465737473747564656e74
Fri Apr 28 17:25:08 2017 : Debug: (15) FreeRADIUS-Proxied-To = 127.0.0.1
Fri Apr 28 17:25:08 2017 : Debug: (15) User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (15) Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:08 2017 : Debug: (15) Location-Capable = Civix-Location
Fri Apr 28 17:25:08 2017 : Debug: (15) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:08 2017 : Debug: (15) Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:08 2017 : Debug: (15) NAS-Port = 13
Fri Apr 28 17:25:08 2017 : Debug: (15) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:08 2017 : Debug: (15) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:08 2017 : Debug: (15) NAS-Identifier = "wism2"
Fri Apr 28 17:25:08 2017 : Debug: (15) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:08 2017 : Debug: (15) Service-Type = Framed-User
Fri Apr 28 17:25:08 2017 : Debug: (15) Framed-MTU = 1300
Fri Apr 28 17:25:08 2017 : Debug: (15) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:08 2017 : Debug: (15) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:08 2017 : Debug: (15) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (15) Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:08 2017 : Debug: (15) Event-Timestamp = "Apr 28 2017 17:25:08 CEST"
Fri Apr 28 17:25:08 2017 : WARNING: (15) Outer and inner identities are the same. User privacy is compromised.
Fri Apr 28 17:25:08 2017 : Debug: (15) server inner-tunnel {
Fri Apr 28 17:25:08 2017 : Debug: (15) session-state: No State attribute
Fri Apr 28 17:25:08 2017 : Debug: (15) # Executing section authorize from file /etc/raddb/sites-enabled/inner-tunnel
Fri Apr 28 17:25:08 2017 : Debug: (15) authorize {
Fri Apr 28 17:25:08 2017 : Debug: (15) policy filter_username {
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name) {
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name) -> TRUE
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name) {
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name =~ / /) {
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name =~ / /) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name =~ /@[^@]*@/ ) {
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name =~ /\.\./ ) {
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (15) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Apr 28 17:25:08 2017 : Debug: (15) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name =~ /\.$/) {
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name =~ /\.$/) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name =~ /@\./) {
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&User-Name =~ /@\./) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (15) } # if (&User-Name) = notfound
Fri Apr 28 17:25:08 2017 : Debug: (15) } # policy filter_username = notfound
Fri Apr 28 17:25:08 2017 : Debug: (15) policy filter_inner_identity {
Fri Apr 28 17:25:08 2017 : Debug: (15) if (!&outer.request:User-Name || !&User-Name) {
Fri Apr 28 17:25:08 2017 : Debug: (15) if (!&outer.request:User-Name || !&User-Name) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&outer.request:User-Name != &User-Name) {
Fri Apr 28 17:25:08 2017 : Debug: (15) if (&outer.request:User-Name != &User-Name) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (15) } # policy filter_inner_identity = notfound
Fri Apr 28 17:25:08 2017 : Debug: (15) modsingle[authorize]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:08 2017 : Debug: (15) modsingle[authorize]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:08 2017 : Debug: (15) [mschap] = noop
Fri Apr 28 17:25:08 2017 : Debug: (15) modsingle[authorize]: calling suffix (rlm_realm)
Fri Apr 28 17:25:08 2017 : Debug: (15) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:08 2017 : Debug: (15) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:08 2017 : Debug: (15) suffix: Found realm "NULL"
Fri Apr 28 17:25:08 2017 : Debug: (15) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (15) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:08 2017 : Debug: (15) suffix: Authentication realm is LOCAL
Fri Apr 28 17:25:08 2017 : Debug: (15) modsingle[authorize]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:08 2017 : Debug: (15) [suffix] = ok
Fri Apr 28 17:25:08 2017 : Debug: (15) update control {
Fri Apr 28 17:25:08 2017 : Debug: (15) &Proxy-To-Realm := LOCAL
Fri Apr 28 17:25:08 2017 : Debug: (15) } # update control = noop
Fri Apr 28 17:25:08 2017 : Debug: (15) modsingle[authorize]: calling eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (15) eap: Peer sent EAP Response (code 2) ID 18 length 16
Fri Apr 28 17:25:08 2017 : Debug: (15) eap: EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
Fri Apr 28 17:25:08 2017 : Debug: (15) modsingle[authorize]: returned from eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (15) [eap] = ok
Fri Apr 28 17:25:08 2017 : Debug: (15) } # authorize = ok
Fri Apr 28 17:25:08 2017 : Debug: (15) Found Auth-Type = eap
Fri Apr 28 17:25:08 2017 : Debug: (15) # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
Fri Apr 28 17:25:08 2017 : Debug: (15) authenticate {
Fri Apr 28 17:25:08 2017 : Debug: (15) modsingle[authenticate]: calling eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (15) eap: Peer sent packet with method EAP Identity (1)
Fri Apr 28 17:25:08 2017 : Debug: (15) eap: Calling submodule eap_mschapv2 to process data
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_mschapv2: Issuing Challenge
Fri Apr 28 17:25:08 2017 : Debug: (15) eap: Sending EAP Request (code 1) ID 19 length 43
Fri Apr 28 17:25:08 2017 : Debug: (15) eap: EAP session adding &reply:State = 0x82c0f65682d3ec3f
Fri Apr 28 17:25:08 2017 : Debug: (15) modsingle[authenticate]: returned from eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (15) [eap] = handled
Fri Apr 28 17:25:08 2017 : Debug: (15) } # authenticate = handled
Fri Apr 28 17:25:08 2017 : Debug: (15) } # server inner-tunnel
Fri Apr 28 17:25:08 2017 : Debug: (15) Virtual server sending reply
Fri Apr 28 17:25:08 2017 : Debug: (15) EAP-Message = 0x0113002b1a01130026103c4cdcff2b6e9285573ef14f825ddb75667265657261646975732d332e302e3132
Fri Apr 28 17:25:08 2017 : Debug: (15) Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:08 2017 : Debug: (15) State = 0x82c0f65682d3ec3f24395ff96f92b5b9
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Got tunneled reply code 11
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: EAP-Message = 0x0113002b1a01130026103c4cdcff2b6e9285573ef14f825ddb75667265657261646975732d332e302e3132
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: State = 0x82c0f65682d3ec3f24395ff96f92b5b9
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Got tunneled reply RADIUS code 11
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: EAP-Message = 0x0113002b1a01130026103c4cdcff2b6e9285573ef14f825ddb75667265657261646975732d332e302e3132
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: State = 0x82c0f65682d3ec3f24395ff96f92b5b9
Fri Apr 28 17:25:08 2017 : Debug: (15) eap_peap: Got tunneled Access-Challenge
Fri Apr 28 17:25:08 2017 : Debug: (15) eap: Sending EAP Request (code 1) ID 19 length 75
Fri Apr 28 17:25:08 2017 : Debug: (15) eap: EAP session adding &reply:State = 0x2c2c301f243f294f
Fri Apr 28 17:25:08 2017 : Debug: (15) modsingle[authenticate]: returned from eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (15) [eap] = handled
Fri Apr 28 17:25:08 2017 : Debug: (15) } # authenticate = handled
Fri Apr 28 17:25:08 2017 : Debug: (15) Using Post-Auth-Type Challenge
Fri Apr 28 17:25:08 2017 : Debug: (15) Post-Auth-Type sub-section not found. Ignoring.
Fri Apr 28 17:25:08 2017 : Debug: (15) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:08 2017 : Debug: (15) session-state: Nothing to cache
Fri Apr 28 17:25:08 2017 : Debug: (15) Sent Access-Challenge Id 8 from 195.83.247.135:1812 to 172.19.11.253:32770 length 0
Fri Apr 28 17:25:08 2017 : Debug: (15) EAP-Message = 0x0113004b19001703010040d33b23575d93729f252868484c8bef03f958d0ba36d4af0e9e7e5f0946f4349cec96b9d243d7d15f463a15292846ae5d2e854575b98bd10b7a8b94451d5bcd8f
Fri Apr 28 17:25:08 2017 : Debug: (15) Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:08 2017 : Debug: (15) State = 0x2c2c301f243f294f5eb897255f295017
Fri Apr 28 17:25:08 2017 : Debug: (15) Finished request
Fri Apr 28 17:25:08 2017 : Debug: Waking up in 4.3 seconds.
Fri Apr 28 17:25:08 2017 : Debug: (16) Received Access-Request Id 9 from 172.19.11.253:32770 to 195.83.247.135:1812 length 351
Fri Apr 28 17:25:08 2017 : Debug: (16) User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (16) Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:08 2017 : Debug: (16) Location-Capable = Civix-Location
Fri Apr 28 17:25:08 2017 : Debug: (16) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:08 2017 : Debug: (16) Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:08 2017 : Debug: (16) NAS-Port = 13
Fri Apr 28 17:25:08 2017 : Debug: (16) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:08 2017 : Debug: (16) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:08 2017 : Debug: (16) NAS-Identifier = "wism2"
Fri Apr 28 17:25:08 2017 : Debug: (16) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:08 2017 : Debug: (16) Service-Type = Framed-User
Fri Apr 28 17:25:08 2017 : Debug: (16) Framed-MTU = 1300
Fri Apr 28 17:25:08 2017 : Debug: (16) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:08 2017 : Debug: (16) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:08 2017 : Debug: (16) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (16) Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:08 2017 : Debug: (16) EAP-Message = 0x0213006b19001703010060057da0162d5f392c5d48805c00475d820dd0627e2c0d5d502e406dc92ab73bb58f32f3f1d26c71ed688cda4008bea9603ce5d3373862360a39ae50ae3eb10429649f31dbe571d953ff6daf76e638fc0a2ef0f26b4693292a91b80b802d77fe6e
Fri Apr 28 17:25:08 2017 : Debug: (16) State = 0x2c2c301f243f294f5eb897255f295017
Fri Apr 28 17:25:08 2017 : Debug: (16) Message-Authenticator = 0x6f43bb03732782c9983086a9893dffd3
Fri Apr 28 17:25:08 2017 : Debug: (16) session-state: No cached attributes
Fri Apr 28 17:25:08 2017 : Debug: (16) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:08 2017 : Debug: (16) authorize {
Fri Apr 28 17:25:08 2017 : Debug: (16) policy filter_username {
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name) {
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name) -> TRUE
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name) {
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name =~ / /) {
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name =~ / /) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name =~ /@[^@]*@/ ) {
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name =~ /\.\./ ) {
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (16) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Apr 28 17:25:08 2017 : Debug: (16) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name =~ /\.$/) {
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name =~ /\.$/) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name =~ /@\./) {
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name =~ /@\./) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (16) } # if (&User-Name) = notfound
Fri Apr 28 17:25:08 2017 : Debug: (16) } # policy filter_username = notfound
Fri Apr 28 17:25:08 2017 : Debug: (16) policy filter_password {
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Password && (&User-Password != "%{string:User-Password}")) {
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Password && (&User-Password != "%{string:User-Password}")) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (16) } # policy filter_password = notfound
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: calling preprocess (rlm_preprocess)
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: returned from preprocess (rlm_preprocess)
Fri Apr 28 17:25:08 2017 : Debug: (16) [preprocess] = ok
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: calling auth_log (rlm_detail)
Fri Apr 28 17:25:08 2017 : Debug: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:08 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:08 2017 : Debug: literal --> /var/log/radius/radacct/
Fri Apr 28 17:25:08 2017 : Debug: if {
Fri Apr 28 17:25:08 2017 : Debug: attribute --> Packet-Src-IP-Address
Fri Apr 28 17:25:08 2017 : Debug: }
Fri Apr 28 17:25:08 2017 : Debug: else {
Fri Apr 28 17:25:08 2017 : Debug: attribute --> Packet-Src-IPv6-Address
Fri Apr 28 17:25:08 2017 : Debug: }
Fri Apr 28 17:25:08 2017 : Debug: literal --> /auth-detail-
Fri Apr 28 17:25:08 2017 : Debug: percent --> Y
Fri Apr 28 17:25:08 2017 : Debug: percent --> m
Fri Apr 28 17:25:08 2017 : Debug: percent --> d
Fri Apr 28 17:25:08 2017 : Debug: (16) auth_log: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:08 2017 : Debug: (16) auth_log: --> /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:08 2017 : Debug: (16) auth_log: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:08 2017 : Debug: %t
Fri Apr 28 17:25:08 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:08 2017 : Debug: percent --> t
Fri Apr 28 17:25:08 2017 : Debug: (16) auth_log: EXPAND %t
Fri Apr 28 17:25:08 2017 : Debug: (16) auth_log: --> Fri Apr 28 17:25:08 2017
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: returned from auth_log (rlm_detail)
Fri Apr 28 17:25:08 2017 : Debug: (16) [auth_log] = ok
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:08 2017 : Debug: (16) [mschap] = noop
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: calling suffix (rlm_realm)
Fri Apr 28 17:25:08 2017 : Debug: (16) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:08 2017 : Debug: (16) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:08 2017 : Debug: (16) suffix: Found realm "NULL"
Fri Apr 28 17:25:08 2017 : Debug: (16) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (16) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:08 2017 : Debug: (16) suffix: Authentication realm is LOCAL
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:08 2017 : Debug: (16) [suffix] = ok
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: calling eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (16) eap: Peer sent EAP Response (code 2) ID 19 length 107
Fri Apr 28 17:25:08 2017 : Debug: (16) eap: Continuing tunnel setup
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: returned from eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (16) [eap] = ok
Fri Apr 28 17:25:08 2017 : Debug: (16) } # authorize = ok
Fri Apr 28 17:25:08 2017 : Debug: (16) Found Auth-Type = eap
Fri Apr 28 17:25:08 2017 : Debug: (16) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:08 2017 : Debug: (16) authenticate {
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authenticate]: calling eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (16) eap: Expiring EAP session with state 0x1ae03c641ce825f8
Fri Apr 28 17:25:08 2017 : Debug: (16) eap: Finished EAP session with state 0x2c2c301f243f294f
Fri Apr 28 17:25:08 2017 : Debug: (16) eap: Previous EAP request found for state 0x2c2c301f243f294f, released from the list
Fri Apr 28 17:25:08 2017 : Debug: (16) eap: Peer sent packet with method EAP PEAP (25)
Fri Apr 28 17:25:08 2017 : Debug: (16) eap: Calling submodule eap_peap to process data
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Continuing EAP-TLS
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Peer sent flags ---
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: [eaptls verify] = ok
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Done initial handshake
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: [eaptls process] = ok
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Session established. Decoding tunneled attributes
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: PEAP state phase2
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: EAP method MSCHAPv2 (26)
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Got tunneled request
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: EAP-Message = 0x021300461a02130041319dcfed4e13970943c9beb4be27f904d400000000000000001199a39ae577bf72ea20bf55475321a634b3f3c4ed539af5007465737473747564656e74
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Setting User-Name to teststudent
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Sending tunneled request to inner-tunnel
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: EAP-Message = 0x021300461a02130041319dcfed4e13970943c9beb4be27f904d400000000000000001199a39ae577bf72ea20bf55475321a634b3f3c4ed539af5007465737473747564656e74
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: State = 0x82c0f65682d3ec3f24395ff96f92b5b9
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Location-Capable = Civix-Location
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: NAS-Port = 13
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: NAS-Identifier = "wism2"
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Airespace-Wlan-Id = 25
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Service-Type = Framed-User
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Framed-MTU = 1300
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Event-Timestamp = "Apr 28 2017 17:25:08 CEST"
Fri Apr 28 17:25:08 2017 : Debug: (16) Virtual server inner-tunnel received request
Fri Apr 28 17:25:08 2017 : Debug: (16) EAP-Message = 0x021300461a02130041319dcfed4e13970943c9beb4be27f904d400000000000000001199a39ae577bf72ea20bf55475321a634b3f3c4ed539af5007465737473747564656e74
Fri Apr 28 17:25:08 2017 : Debug: (16) FreeRADIUS-Proxied-To = 127.0.0.1
Fri Apr 28 17:25:08 2017 : Debug: (16) User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (16) State = 0x82c0f65682d3ec3f24395ff96f92b5b9
Fri Apr 28 17:25:08 2017 : Debug: (16) Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:08 2017 : Debug: (16) Location-Capable = Civix-Location
Fri Apr 28 17:25:08 2017 : Debug: (16) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:08 2017 : Debug: (16) Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:08 2017 : Debug: (16) NAS-Port = 13
Fri Apr 28 17:25:08 2017 : Debug: (16) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:08 2017 : Debug: (16) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:08 2017 : Debug: (16) NAS-Identifier = "wism2"
Fri Apr 28 17:25:08 2017 : Debug: (16) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:08 2017 : Debug: (16) Service-Type = Framed-User
Fri Apr 28 17:25:08 2017 : Debug: (16) Framed-MTU = 1300
Fri Apr 28 17:25:08 2017 : Debug: (16) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:08 2017 : Debug: (16) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:08 2017 : Debug: (16) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (16) Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:08 2017 : Debug: (16) Event-Timestamp = "Apr 28 2017 17:25:08 CEST"
Fri Apr 28 17:25:08 2017 : WARNING: (16) Outer and inner identities are the same. User privacy is compromised.
Fri Apr 28 17:25:08 2017 : Debug: (16) server inner-tunnel {
Fri Apr 28 17:25:08 2017 : Debug: (16) session-state: No cached attributes
Fri Apr 28 17:25:08 2017 : Debug: (16) # Executing section authorize from file /etc/raddb/sites-enabled/inner-tunnel
Fri Apr 28 17:25:08 2017 : Debug: (16) authorize {
Fri Apr 28 17:25:08 2017 : Debug: (16) policy filter_username {
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name) {
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name) -> TRUE
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name) {
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name =~ / /) {
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name =~ / /) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name =~ /@[^@]*@/ ) {
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name =~ /\.\./ ) {
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (16) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Apr 28 17:25:08 2017 : Debug: (16) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name =~ /\.$/) {
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name =~ /\.$/) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name =~ /@\./) {
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&User-Name =~ /@\./) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (16) } # if (&User-Name) = notfound
Fri Apr 28 17:25:08 2017 : Debug: (16) } # policy filter_username = notfound
Fri Apr 28 17:25:08 2017 : Debug: (16) policy filter_inner_identity {
Fri Apr 28 17:25:08 2017 : Debug: (16) if (!&outer.request:User-Name || !&User-Name) {
Fri Apr 28 17:25:08 2017 : Debug: (16) if (!&outer.request:User-Name || !&User-Name) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&outer.request:User-Name != &User-Name) {
Fri Apr 28 17:25:08 2017 : Debug: (16) if (&outer.request:User-Name != &User-Name) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (16) } # policy filter_inner_identity = notfound
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:08 2017 : Debug: (16) [mschap] = noop
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: calling suffix (rlm_realm)
Fri Apr 28 17:25:08 2017 : Debug: (16) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:08 2017 : Debug: (16) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:08 2017 : Debug: (16) suffix: Found realm "NULL"
Fri Apr 28 17:25:08 2017 : Debug: (16) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (16) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:08 2017 : Debug: (16) suffix: Authentication realm is LOCAL
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:08 2017 : Debug: (16) [suffix] = ok
Fri Apr 28 17:25:08 2017 : Debug: (16) update control {
Fri Apr 28 17:25:08 2017 : Debug: (16) &Proxy-To-Realm := LOCAL
Fri Apr 28 17:25:08 2017 : Debug: (16) } # update control = noop
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: calling eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (16) eap: Peer sent EAP Response (code 2) ID 19 length 70
Fri Apr 28 17:25:08 2017 : Debug: (16) eap: No EAP Start, assuming it's an on-going EAP conversation
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: returned from eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (16) [eap] = updated
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: calling ldap (rlm_ldap)
Fri Apr 28 17:25:08 2017 : Debug: rlm_ldap (ldap): Reserved connection (0)
Fri Apr 28 17:25:08 2017 : Debug: (uid=%{%{Stripped-User-Name}:-%{User-Name}})
Fri Apr 28 17:25:08 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:08 2017 : Debug: literal --> (uid=
Fri Apr 28 17:25:08 2017 : Debug: if {
Fri Apr 28 17:25:08 2017 : Debug: attribute --> Stripped-User-Name
Fri Apr 28 17:25:08 2017 : Debug: }
Fri Apr 28 17:25:08 2017 : Debug: else {
Fri Apr 28 17:25:08 2017 : Debug: attribute --> User-Name
Fri Apr 28 17:25:08 2017 : Debug: }
Fri Apr 28 17:25:08 2017 : Debug: literal --> )
Fri Apr 28 17:25:08 2017 : Debug: (16) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
Fri Apr 28 17:25:08 2017 : Debug: (16) ldap: --> (uid=teststudent)
Fri Apr 28 17:25:08 2017 : Debug: (16) ldap: Performing search in "ou=people,dc=univ-brest,dc=fr" with filter "(uid=teststudent)", scope "sub"
Fri Apr 28 17:25:08 2017 : Debug: (16) ldap: Waiting for search result...
Fri Apr 28 17:25:08 2017 : Debug: (16) ldap: User object found at DN "uid=teststudent,ou=people,dc=univ-brest,dc=fr"
Fri Apr 28 17:25:08 2017 : Debug: (16) ldap: Processing user attributes
Fri Apr 28 17:25:08 2017 : Debug: (16) ldap: control:Password-With-Header += '{SSHA}lyknn/fnoAaudjDuvYa33Glg4U4W2uB8QHAung=='
Fri Apr 28 17:25:08 2017 : Debug: (16) ldap: control:NT-Password := 0x4142413736453930324638323636364632424244333930363543373634454134
Fri Apr 28 17:25:08 2017 : Debug: (16) ldap: reply:Tunnel-Type := VLAN
Fri Apr 28 17:25:08 2017 : Debug: (16) ldap: reply:Tunnel-Medium-Type := IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (16) ldap: reply:Tunnel-Private-Group-ID := '144'
Fri Apr 28 17:25:08 2017 : Debug: (16) ldap: reply:LDAP-Desc := 'student'
Fri Apr 28 17:25:08 2017 : Debug: (16) ldap: reply:Ldap-Group := 'student'
Fri Apr 28 17:25:08 2017 : Debug: (16) ldap: Attribute "radiusControlAttribute" not found in LDAP object
Fri Apr 28 17:25:08 2017 : Debug: (16) ldap: Attribute "radiusRequestAttribute" not found in LDAP object
Fri Apr 28 17:25:08 2017 : Debug: (16) ldap: Attribute "radiusReplyAttribute" not found in LDAP object
Fri Apr 28 17:25:08 2017 : Debug: rlm_ldap (ldap): Released connection (0)
Fri Apr 28 17:25:08 2017 : Info: rlm_ldap (ldap): Need 5 more connections to reach 10 spares
Fri Apr 28 17:25:08 2017 : Info: rlm_ldap (ldap): Opening additional connection (5), 1 of 27 pending slots used
Fri Apr 28 17:25:08 2017 : Debug: rlm_ldap (ldap): Connecting to ldap://annuaireubo.univ-brest.fr:389
Fri Apr 28 17:25:08 2017 : Debug: rlm_ldap (ldap): New libldap handle 0x7f5da778c9d0
Fri Apr 28 17:25:08 2017 : Debug: rlm_ldap (ldap): Waiting for bind result...
Fri Apr 28 17:25:08 2017 : Debug: rlm_ldap (ldap): Bind successful
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: returned from ldap (rlm_ldap)
Fri Apr 28 17:25:08 2017 : Debug: (16) [ldap] = updated
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: calling expiration (rlm_expiration)
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: returned from expiration (rlm_expiration)
Fri Apr 28 17:25:08 2017 : Debug: (16) [expiration] = noop
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: calling logintime (rlm_logintime)
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: returned from logintime (rlm_logintime)
Fri Apr 28 17:25:08 2017 : Debug: (16) [logintime] = noop
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: calling pap (rlm_pap)
Fri Apr 28 17:25:08 2017 : Debug: (16) pap: Converted: &control:Password-With-Header = '{SSHA}lyknn/fnoAaudjDuvYa33Glg4U4W2uB8QHAung==' -> &control:SSHA1-Password = '0x6c796b6e6e2f666e6f416175646a44757659613333476c673455345732754238514841756e673d3d'
Fri Apr 28 17:25:08 2017 : Debug: (16) pap: Removing &control:Password-With-Header
Fri Apr 28 17:25:08 2017 : Debug: (16) pap: Normalizing NT-Password from hex encoding, 32 bytes -> 16 bytes
Fri Apr 28 17:25:08 2017 : Debug: (16) pap: Normalizing SSHA1-Password from base64 encoding, 40 bytes -> 28 bytes
Fri Apr 28 17:25:08 2017 : WARNING: (16) pap: Auth-Type already set. Not setting to PAP
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authorize]: returned from pap (rlm_pap)
Fri Apr 28 17:25:08 2017 : Debug: (16) [pap] = noop
Fri Apr 28 17:25:08 2017 : Debug: (16) } # authorize = updated
Fri Apr 28 17:25:08 2017 : Debug: (16) Found Auth-Type = eap
Fri Apr 28 17:25:08 2017 : Debug: (16) # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
Fri Apr 28 17:25:08 2017 : Debug: (16) authenticate {
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authenticate]: calling eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (16) eap: Expiring EAP session with state 0x1ae03c641ce825f8
Fri Apr 28 17:25:08 2017 : Debug: (16) eap: Finished EAP session with state 0x82c0f65682d3ec3f
Fri Apr 28 17:25:08 2017 : Debug: (16) eap: Previous EAP request found for state 0x82c0f65682d3ec3f, released from the list
Fri Apr 28 17:25:08 2017 : Debug: (16) eap: Peer sent packet with method EAP MSCHAPv2 (26)
Fri Apr 28 17:25:08 2017 : Debug: (16) eap: Calling submodule eap_mschapv2 to process data
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_mschapv2: # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_mschapv2: Auth-Type MS-CHAP {
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_mschapv2: modsingle[authenticate]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:08 2017 : Debug: (16) mschap: Found NT-Password
Fri Apr 28 17:25:08 2017 : Debug: (16) mschap: Creating challenge hash with username: teststudent
Fri Apr 28 17:25:08 2017 : Debug: (16) mschap: Client is using MS-CHAPv2
Fri Apr 28 17:25:08 2017 : Debug: (16) mschap: Adding MS-CHAPv2 MPPE keys
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authenticate]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:08 2017 : Debug: (16) [mschap] = ok
Fri Apr 28 17:25:08 2017 : Debug: (16) } # Auth-Type MS-CHAP = ok
Fri Apr 28 17:25:08 2017 : Debug: (16) MSCHAP Success
Fri Apr 28 17:25:08 2017 : Debug: (16) eap: Sending EAP Request (code 1) ID 20 length 51
Fri Apr 28 17:25:08 2017 : Debug: (16) eap: EAP session adding &reply:State = 0x82c0f65683d4ec3f
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authenticate]: returned from eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (16) [eap] = handled
Fri Apr 28 17:25:08 2017 : Debug: (16) } # authenticate = handled
Fri Apr 28 17:25:08 2017 : Debug: (16) } # server inner-tunnel
Fri Apr 28 17:25:08 2017 : Debug: (16) Virtual server sending reply
Fri Apr 28 17:25:08 2017 : Debug: (16) Tunnel-Type := VLAN
Fri Apr 28 17:25:08 2017 : Debug: (16) Tunnel-Medium-Type := IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (16) Tunnel-Private-Group-Id := "144"
Fri Apr 28 17:25:08 2017 : Debug: (16) LDAP-Desc := "student"
Fri Apr 28 17:25:08 2017 : Debug: (16) LDAP-Group := "student"
Fri Apr 28 17:25:08 2017 : Debug: (16) EAP-Message = 0x011400331a0313002e533d30443434363530463036373338393938443234343831333241463336414335333438433739333238
Fri Apr 28 17:25:08 2017 : Debug: (16) Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:08 2017 : Debug: (16) State = 0x82c0f65683d4ec3f24395ff96f92b5b9
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Got tunneled reply code 11
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Tunnel-Type := VLAN
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Tunnel-Medium-Type := IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Tunnel-Private-Group-Id := "144"
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: LDAP-Desc := "student"
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: LDAP-Group := "student"
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: EAP-Message = 0x011400331a0313002e533d30443434363530463036373338393938443234343831333241463336414335333438433739333238
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: State = 0x82c0f65683d4ec3f24395ff96f92b5b9
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Got tunneled reply RADIUS code 11
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Tunnel-Type := VLAN
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Tunnel-Medium-Type := IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Tunnel-Private-Group-Id := "144"
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: LDAP-Desc := "student"
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: LDAP-Group := "student"
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: EAP-Message = 0x011400331a0313002e533d30443434363530463036373338393938443234343831333241463336414335333438433739333238
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: State = 0x82c0f65683d4ec3f24395ff96f92b5b9
Fri Apr 28 17:25:08 2017 : Debug: (16) eap_peap: Got tunneled Access-Challenge
Fri Apr 28 17:25:08 2017 : Debug: (16) eap: Sending EAP Request (code 1) ID 20 length 91
Fri Apr 28 17:25:08 2017 : Debug: (16) eap: EAP session adding &reply:State = 0x2c2c301f2538294f
Fri Apr 28 17:25:08 2017 : Debug: (16) modsingle[authenticate]: returned from eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (16) [eap] = handled
Fri Apr 28 17:25:08 2017 : Debug: (16) } # authenticate = handled
Fri Apr 28 17:25:08 2017 : Debug: (16) Using Post-Auth-Type Challenge
Fri Apr 28 17:25:08 2017 : Debug: (16) Post-Auth-Type sub-section not found. Ignoring.
Fri Apr 28 17:25:08 2017 : Debug: (16) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:08 2017 : Debug: (16) session-state: Nothing to cache
Fri Apr 28 17:25:08 2017 : Debug: (16) Sent Access-Challenge Id 9 from 195.83.247.135:1812 to 172.19.11.253:32770 length 0
Fri Apr 28 17:25:08 2017 : Debug: (16) EAP-Message = 0x0114005b1900170301005005191ae65b85949f61d1c4f7fd5be3927496ab5560f06cb312db2f275011febf00b337e4a6fd31492fa07424de3bb56ca8c48555b1b41ed9722949af57d7bd0d3f1a3c30f15e1c48f3511a4b10d6166f
Fri Apr 28 17:25:08 2017 : Debug: (16) Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:08 2017 : Debug: (16) State = 0x2c2c301f2538294f5eb897255f295017
Fri Apr 28 17:25:08 2017 : Debug: (16) Finished request
Fri Apr 28 17:25:08 2017 : Debug: Waking up in 4.3 seconds.
Fri Apr 28 17:25:08 2017 : Debug: (17) Received Access-Request Id 10 from 172.19.11.253:32770 to 195.83.247.135:1812 length 287
Fri Apr 28 17:25:08 2017 : Debug: (17) User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (17) Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:08 2017 : Debug: (17) Location-Capable = Civix-Location
Fri Apr 28 17:25:08 2017 : Debug: (17) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:08 2017 : Debug: (17) Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:08 2017 : Debug: (17) NAS-Port = 13
Fri Apr 28 17:25:08 2017 : Debug: (17) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:08 2017 : Debug: (17) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:08 2017 : Debug: (17) NAS-Identifier = "wism2"
Fri Apr 28 17:25:08 2017 : Debug: (17) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:08 2017 : Debug: (17) Service-Type = Framed-User
Fri Apr 28 17:25:08 2017 : Debug: (17) Framed-MTU = 1300
Fri Apr 28 17:25:08 2017 : Debug: (17) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:08 2017 : Debug: (17) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:08 2017 : Debug: (17) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (17) Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:08 2017 : Debug: (17) EAP-Message = 0x0214002b1900170301002005b6aac3fb441e09b281af59ab2f31132907083fee591a92b4ce53e89cc30bed
Fri Apr 28 17:25:08 2017 : Debug: (17) State = 0x2c2c301f2538294f5eb897255f295017
Fri Apr 28 17:25:08 2017 : Debug: (17) Message-Authenticator = 0xf7dbc3d96a99bf1d837ddc08c40ebebc
Fri Apr 28 17:25:08 2017 : Debug: (17) session-state: No cached attributes
Fri Apr 28 17:25:08 2017 : Debug: (17) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:08 2017 : Debug: (17) authorize {
Fri Apr 28 17:25:08 2017 : Debug: (17) policy filter_username {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name) {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name) -> TRUE
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name) {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name =~ / /) {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name =~ / /) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name =~ /@[^@]*@/ ) {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name =~ /\.\./ ) {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (17) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Apr 28 17:25:08 2017 : Debug: (17) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name =~ /\.$/) {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name =~ /\.$/) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name =~ /@\./) {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name =~ /@\./) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (17) } # if (&User-Name) = notfound
Fri Apr 28 17:25:08 2017 : Debug: (17) } # policy filter_username = notfound
Fri Apr 28 17:25:08 2017 : Debug: (17) policy filter_password {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Password && (&User-Password != "%{string:User-Password}")) {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Password && (&User-Password != "%{string:User-Password}")) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (17) } # policy filter_password = notfound
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: calling preprocess (rlm_preprocess)
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: returned from preprocess (rlm_preprocess)
Fri Apr 28 17:25:08 2017 : Debug: (17) [preprocess] = ok
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: calling auth_log (rlm_detail)
Fri Apr 28 17:25:08 2017 : Debug: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:08 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:08 2017 : Debug: literal --> /var/log/radius/radacct/
Fri Apr 28 17:25:08 2017 : Debug: if {
Fri Apr 28 17:25:08 2017 : Debug: attribute --> Packet-Src-IP-Address
Fri Apr 28 17:25:08 2017 : Debug: }
Fri Apr 28 17:25:08 2017 : Debug: else {
Fri Apr 28 17:25:08 2017 : Debug: attribute --> Packet-Src-IPv6-Address
Fri Apr 28 17:25:08 2017 : Debug: }
Fri Apr 28 17:25:08 2017 : Debug: literal --> /auth-detail-
Fri Apr 28 17:25:08 2017 : Debug: percent --> Y
Fri Apr 28 17:25:08 2017 : Debug: percent --> m
Fri Apr 28 17:25:08 2017 : Debug: percent --> d
Fri Apr 28 17:25:08 2017 : Debug: (17) auth_log: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:08 2017 : Debug: (17) auth_log: --> /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:08 2017 : Debug: (17) auth_log: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:08 2017 : Debug: %t
Fri Apr 28 17:25:08 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:08 2017 : Debug: percent --> t
Fri Apr 28 17:25:08 2017 : Debug: (17) auth_log: EXPAND %t
Fri Apr 28 17:25:08 2017 : Debug: (17) auth_log: --> Fri Apr 28 17:25:08 2017
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: returned from auth_log (rlm_detail)
Fri Apr 28 17:25:08 2017 : Debug: (17) [auth_log] = ok
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:08 2017 : Debug: (17) [mschap] = noop
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: calling suffix (rlm_realm)
Fri Apr 28 17:25:08 2017 : Debug: (17) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:08 2017 : Debug: (17) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:08 2017 : Debug: (17) suffix: Found realm "NULL"
Fri Apr 28 17:25:08 2017 : Debug: (17) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (17) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:08 2017 : Debug: (17) suffix: Authentication realm is LOCAL
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:08 2017 : Debug: (17) [suffix] = ok
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: calling eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (17) eap: Peer sent EAP Response (code 2) ID 20 length 43
Fri Apr 28 17:25:08 2017 : Debug: (17) eap: Continuing tunnel setup
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: returned from eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (17) [eap] = ok
Fri Apr 28 17:25:08 2017 : Debug: (17) } # authorize = ok
Fri Apr 28 17:25:08 2017 : Debug: (17) Found Auth-Type = eap
Fri Apr 28 17:25:08 2017 : Debug: (17) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:08 2017 : Debug: (17) authenticate {
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authenticate]: calling eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (17) eap: Expiring EAP session with state 0x1ae03c641ce825f8
Fri Apr 28 17:25:08 2017 : Debug: (17) eap: Finished EAP session with state 0x2c2c301f2538294f
Fri Apr 28 17:25:08 2017 : Debug: (17) eap: Previous EAP request found for state 0x2c2c301f2538294f, released from the list
Fri Apr 28 17:25:08 2017 : Debug: (17) eap: Peer sent packet with method EAP PEAP (25)
Fri Apr 28 17:25:08 2017 : Debug: (17) eap: Calling submodule eap_peap to process data
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Continuing EAP-TLS
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Peer sent flags ---
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: [eaptls verify] = ok
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Done initial handshake
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: [eaptls process] = ok
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Session established. Decoding tunneled attributes
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: PEAP state phase2
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: EAP method MSCHAPv2 (26)
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Got tunneled request
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: EAP-Message = 0x021400061a03
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Setting User-Name to teststudent
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Sending tunneled request to inner-tunnel
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: EAP-Message = 0x021400061a03
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: State = 0x82c0f65683d4ec3f24395ff96f92b5b9
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Location-Capable = Civix-Location
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: NAS-Port = 13
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: NAS-Identifier = "wism2"
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Airespace-Wlan-Id = 25
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Service-Type = Framed-User
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Framed-MTU = 1300
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Event-Timestamp = "Apr 28 2017 17:25:08 CEST"
Fri Apr 28 17:25:08 2017 : Debug: (17) Virtual server inner-tunnel received request
Fri Apr 28 17:25:08 2017 : Debug: (17) EAP-Message = 0x021400061a03
Fri Apr 28 17:25:08 2017 : Debug: (17) FreeRADIUS-Proxied-To = 127.0.0.1
Fri Apr 28 17:25:08 2017 : Debug: (17) User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (17) State = 0x82c0f65683d4ec3f24395ff96f92b5b9
Fri Apr 28 17:25:08 2017 : Debug: (17) Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:08 2017 : Debug: (17) Location-Capable = Civix-Location
Fri Apr 28 17:25:08 2017 : Debug: (17) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:08 2017 : Debug: (17) Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:08 2017 : Debug: (17) NAS-Port = 13
Fri Apr 28 17:25:08 2017 : Debug: (17) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:08 2017 : Debug: (17) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:08 2017 : Debug: (17) NAS-Identifier = "wism2"
Fri Apr 28 17:25:08 2017 : Debug: (17) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:08 2017 : Debug: (17) Service-Type = Framed-User
Fri Apr 28 17:25:08 2017 : Debug: (17) Framed-MTU = 1300
Fri Apr 28 17:25:08 2017 : Debug: (17) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:08 2017 : Debug: (17) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:08 2017 : Debug: (17) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (17) Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:08 2017 : Debug: (17) Event-Timestamp = "Apr 28 2017 17:25:08 CEST"
Fri Apr 28 17:25:08 2017 : WARNING: (17) Outer and inner identities are the same. User privacy is compromised.
Fri Apr 28 17:25:08 2017 : Debug: (17) server inner-tunnel {
Fri Apr 28 17:25:08 2017 : Debug: (17) session-state: No cached attributes
Fri Apr 28 17:25:08 2017 : Debug: (17) # Executing section authorize from file /etc/raddb/sites-enabled/inner-tunnel
Fri Apr 28 17:25:08 2017 : Debug: (17) authorize {
Fri Apr 28 17:25:08 2017 : Debug: (17) policy filter_username {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name) {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name) -> TRUE
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name) {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name =~ / /) {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name =~ / /) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name =~ /@[^@]*@/ ) {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name =~ /\.\./ ) {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (17) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Apr 28 17:25:08 2017 : Debug: (17) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name =~ /\.$/) {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name =~ /\.$/) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name =~ /@\./) {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name =~ /@\./) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (17) } # if (&User-Name) = notfound
Fri Apr 28 17:25:08 2017 : Debug: (17) } # policy filter_username = notfound
Fri Apr 28 17:25:08 2017 : Debug: (17) policy filter_inner_identity {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (!&outer.request:User-Name || !&User-Name) {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (!&outer.request:User-Name || !&User-Name) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&outer.request:User-Name != &User-Name) {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&outer.request:User-Name != &User-Name) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (17) } # policy filter_inner_identity = notfound
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:08 2017 : Debug: (17) [mschap] = noop
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: calling suffix (rlm_realm)
Fri Apr 28 17:25:08 2017 : Debug: (17) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:08 2017 : Debug: (17) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:08 2017 : Debug: (17) suffix: Found realm "NULL"
Fri Apr 28 17:25:08 2017 : Debug: (17) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (17) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:08 2017 : Debug: (17) suffix: Authentication realm is LOCAL
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:08 2017 : Debug: (17) [suffix] = ok
Fri Apr 28 17:25:08 2017 : Debug: (17) update control {
Fri Apr 28 17:25:08 2017 : Debug: (17) &Proxy-To-Realm := LOCAL
Fri Apr 28 17:25:08 2017 : Debug: (17) } # update control = noop
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: calling eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (17) eap: Peer sent EAP Response (code 2) ID 20 length 6
Fri Apr 28 17:25:08 2017 : Debug: (17) eap: No EAP Start, assuming it's an on-going EAP conversation
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: returned from eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (17) [eap] = updated
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: calling ldap (rlm_ldap)
Fri Apr 28 17:25:08 2017 : Debug: rlm_ldap (ldap): Reserved connection (1)
Fri Apr 28 17:25:08 2017 : Debug: (uid=%{%{Stripped-User-Name}:-%{User-Name}})
Fri Apr 28 17:25:08 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:08 2017 : Debug: literal --> (uid=
Fri Apr 28 17:25:08 2017 : Debug: if {
Fri Apr 28 17:25:08 2017 : Debug: attribute --> Stripped-User-Name
Fri Apr 28 17:25:08 2017 : Debug: }
Fri Apr 28 17:25:08 2017 : Debug: else {
Fri Apr 28 17:25:08 2017 : Debug: attribute --> User-Name
Fri Apr 28 17:25:08 2017 : Debug: }
Fri Apr 28 17:25:08 2017 : Debug: literal --> )
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: --> (uid=teststudent)
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: Performing search in "ou=people,dc=univ-brest,dc=fr" with filter "(uid=teststudent)", scope "sub"
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: Waiting for search result...
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: User object found at DN "uid=teststudent,ou=people,dc=univ-brest,dc=fr"
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: Processing user attributes
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: control:Password-With-Header += '{SSHA}lyknn/fnoAaudjDuvYa33Glg4U4W2uB8QHAung=='
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: control:NT-Password := 0x4142413736453930324638323636364632424244333930363543373634454134
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: reply:Tunnel-Type := VLAN
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: reply:Tunnel-Medium-Type := IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: reply:Tunnel-Private-Group-ID := '144'
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: reply:LDAP-Desc := 'student'
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: reply:Ldap-Group := 'student'
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: Attribute "radiusControlAttribute" not found in LDAP object
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: Attribute "radiusRequestAttribute" not found in LDAP object
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: Attribute "radiusReplyAttribute" not found in LDAP object
Fri Apr 28 17:25:08 2017 : Debug: rlm_ldap (ldap): Released connection (1)
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: returned from ldap (rlm_ldap)
Fri Apr 28 17:25:08 2017 : Debug: (17) [ldap] = updated
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: calling expiration (rlm_expiration)
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: returned from expiration (rlm_expiration)
Fri Apr 28 17:25:08 2017 : Debug: (17) [expiration] = noop
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: calling logintime (rlm_logintime)
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: returned from logintime (rlm_logintime)
Fri Apr 28 17:25:08 2017 : Debug: (17) [logintime] = noop
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: calling pap (rlm_pap)
Fri Apr 28 17:25:08 2017 : Debug: (17) pap: Converted: &control:Password-With-Header = '{SSHA}lyknn/fnoAaudjDuvYa33Glg4U4W2uB8QHAung==' -> &control:SSHA1-Password = '0x6c796b6e6e2f666e6f416175646a44757659613333476c673455345732754238514841756e673d3d'
Fri Apr 28 17:25:08 2017 : Debug: (17) pap: Removing &control:Password-With-Header
Fri Apr 28 17:25:08 2017 : Debug: (17) pap: Normalizing NT-Password from hex encoding, 32 bytes -> 16 bytes
Fri Apr 28 17:25:08 2017 : Debug: (17) pap: Normalizing SSHA1-Password from base64 encoding, 40 bytes -> 28 bytes
Fri Apr 28 17:25:08 2017 : WARNING: (17) pap: Auth-Type already set. Not setting to PAP
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authorize]: returned from pap (rlm_pap)
Fri Apr 28 17:25:08 2017 : Debug: (17) [pap] = noop
Fri Apr 28 17:25:08 2017 : Debug: (17) } # authorize = updated
Fri Apr 28 17:25:08 2017 : Debug: (17) Found Auth-Type = eap
Fri Apr 28 17:25:08 2017 : Debug: (17) # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
Fri Apr 28 17:25:08 2017 : Debug: (17) authenticate {
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authenticate]: calling eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (17) eap: Expiring EAP session with state 0x1ae03c641ce825f8
Fri Apr 28 17:25:08 2017 : Debug: (17) eap: Finished EAP session with state 0x82c0f65683d4ec3f
Fri Apr 28 17:25:08 2017 : Debug: (17) eap: Previous EAP request found for state 0x82c0f65683d4ec3f, released from the list
Fri Apr 28 17:25:08 2017 : Debug: (17) eap: Peer sent packet with method EAP MSCHAPv2 (26)
Fri Apr 28 17:25:08 2017 : Debug: (17) eap: Calling submodule eap_mschapv2 to process data
Fri Apr 28 17:25:08 2017 : Debug: (17) eap: Sending EAP Success (code 3) ID 20 length 4
Fri Apr 28 17:25:08 2017 : Debug: (17) eap: Freeing handler
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authenticate]: returned from eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (17) [eap] = ok
Fri Apr 28 17:25:08 2017 : Debug: (17) } # authenticate = ok
Fri Apr 28 17:25:08 2017 : Debug: (17) # Executing section post-auth from file /etc/raddb/sites-enabled/inner-tunnel
Fri Apr 28 17:25:08 2017 : Debug: (17) post-auth {
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[post-auth]: calling reply_log (rlm_detail)
Fri Apr 28 17:25:08 2017 : Debug: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/reply-detail-%Y%m%d
Fri Apr 28 17:25:08 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:08 2017 : Debug: literal --> /var/log/radius/radacct/
Fri Apr 28 17:25:08 2017 : Debug: if {
Fri Apr 28 17:25:08 2017 : Debug: attribute --> Packet-Src-IP-Address
Fri Apr 28 17:25:08 2017 : Debug: }
Fri Apr 28 17:25:08 2017 : Debug: else {
Fri Apr 28 17:25:08 2017 : Debug: attribute --> Packet-Src-IPv6-Address
Fri Apr 28 17:25:08 2017 : Debug: }
Fri Apr 28 17:25:08 2017 : Debug: literal --> /reply-detail-
Fri Apr 28 17:25:08 2017 : Debug: percent --> Y
Fri Apr 28 17:25:08 2017 : Debug: percent --> m
Fri Apr 28 17:25:08 2017 : Debug: percent --> d
Fri Apr 28 17:25:08 2017 : Debug: (17) reply_log: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/reply-detail-%Y%m%d
Fri Apr 28 17:25:08 2017 : Debug: (17) reply_log: --> /var/log/radius/radacct/172.19.11.253/reply-detail-20170428
Fri Apr 28 17:25:08 2017 : Debug: (17) reply_log: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/reply-detail-%Y%m%d expands to /var/log/radius/radacct/172.19.11.253/reply-detail-20170428
Fri Apr 28 17:25:08 2017 : Debug: %t
Fri Apr 28 17:25:08 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:08 2017 : Debug: percent --> t
Fri Apr 28 17:25:08 2017 : Debug: (17) reply_log: EXPAND %t
Fri Apr 28 17:25:08 2017 : Debug: (17) reply_log: --> Fri Apr 28 17:25:08 2017
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[post-auth]: returned from reply_log (rlm_detail)
Fri Apr 28 17:25:08 2017 : Debug: (17) [reply_log] = ok
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[post-auth]: calling ldap (rlm_ldap)
Fri Apr 28 17:25:08 2017 : Debug: .
Fri Apr 28 17:25:08 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:08 2017 : Debug: literal --> .
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: EXPAND .
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: --> .
Fri Apr 28 17:25:08 2017 : Debug: Authenticated at %S
Fri Apr 28 17:25:08 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:08 2017 : Debug: literal --> Authenticated at
Fri Apr 28 17:25:08 2017 : Debug: percent --> S
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: EXPAND Authenticated at %S
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: --> Authenticated at 2017-04-28 17:25:08
Fri Apr 28 17:25:08 2017 : Debug: rlm_ldap (ldap): Reserved connection (2)
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: Using user DN from request "uid=teststudent,ou=people,dc=univ-brest,dc=fr"
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: Modifying object with DN "uid=teststudent,ou=people,dc=univ-brest,dc=fr"
Fri Apr 28 17:25:08 2017 : Debug: (17) ldap: Waiting for modify result...
Fri Apr 28 17:25:08 2017 : Debug: rlm_ldap (ldap): Released connection (2)
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[post-auth]: returned from ldap (rlm_ldap)
Fri Apr 28 17:25:08 2017 : Debug: (17) [ldap] = ok
Fri Apr 28 17:25:08 2017 : Debug: (17) update {
Fri Apr 28 17:25:08 2017 : Debug: (17) &outer.session-state::Tunnel-Type += &reply:Tunnel-Type[*] -> VLAN
Fri Apr 28 17:25:08 2017 : Debug: (17) &outer.session-state::Tunnel-Medium-Type += &reply:Tunnel-Medium-Type[*] -> IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (17) &outer.session-state::Tunnel-Private-Group-Id += &reply:Tunnel-Private-Group-Id[*] -> '144'
Fri Apr 28 17:25:08 2017 : Debug: (17) &outer.session-state::LDAP-Desc += &reply:LDAP-Desc[*] -> 'student'
Fri Apr 28 17:25:08 2017 : Debug: (17) &outer.session-state::LDAP-Group += &reply:LDAP-Group[*] -> 'student'
Fri Apr 28 17:25:08 2017 : Debug: (17) &outer.session-state::MS-MPPE-Encryption-Policy += &reply:MS-MPPE-Encryption-Policy[*] -> Encryption-Allowed
Fri Apr 28 17:25:08 2017 : Debug: (17) &outer.session-state::MS-MPPE-Encryption-Types += &reply:MS-MPPE-Encryption-Types[*] -> RC4-40or128-bit-Allowed
Fri Apr 28 17:25:08 2017 : Debug: (17) &outer.session-state::MS-MPPE-Send-Key += &reply:MS-MPPE-Send-Key[*] -> 0x623198217ef51c7608f17f190850f371
Fri Apr 28 17:25:08 2017 : Debug: (17) &outer.session-state::MS-MPPE-Recv-Key += &reply:MS-MPPE-Recv-Key[*] -> 0x5634932d71cb27b8abcec8ab6d7b17ff
Fri Apr 28 17:25:08 2017 : Debug: (17) &outer.session-state::EAP-Message += &reply:EAP-Message[*] -> 0x03140004
Fri Apr 28 17:25:08 2017 : Debug: (17) &outer.session-state::Message-Authenticator += &reply:Message-Authenticator[*] -> 0x00000000000000000000000000000000
Fri Apr 28 17:25:08 2017 : Debug: (17) &outer.session-state::Stripped-User-Name += &reply:Stripped-User-Name[*] -> 'teststudent'
Fri Apr 28 17:25:08 2017 : Debug: (17) } # update = noop
Fri Apr 28 17:25:08 2017 : Debug: (17) update outer.session-state {
Fri Apr 28 17:25:08 2017 : Debug: (17) MS-MPPE-Encryption-Policy !* ANY
Fri Apr 28 17:25:08 2017 : Debug: (17) MS-MPPE-Encryption-Types !* ANY
Fri Apr 28 17:25:08 2017 : Debug: (17) MS-MPPE-Send-Key !* ANY
Fri Apr 28 17:25:08 2017 : Debug: (17) MS-MPPE-Recv-Key !* ANY
Fri Apr 28 17:25:08 2017 : Debug: (17) Message-Authenticator !* ANY
Fri Apr 28 17:25:08 2017 : Debug: (17) EAP-Message !* ANY
Fri Apr 28 17:25:08 2017 : Debug: (17) Proxy-State !* ANY
Fri Apr 28 17:25:08 2017 : Debug: (17) &LDAP-Desc := &reply:LDAP-Desc -> 'student'
Fri Apr 28 17:25:08 2017 : Debug: (17) Overwriting value "student" with "student"
Fri Apr 28 17:25:08 2017 : Debug: (17) &Realm := &User-Name -> 'teststudent'
Fri Apr 28 17:25:08 2017 : Debug: (17) } # update outer.session-state = noop
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name =~ /^(.+)@(.+)$/) {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&User-Name =~ /^(.+)@(.+)$/) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&outer.session-state:LDAP-Desc == "employee") {
Fri Apr 28 17:25:08 2017 : Debug: (17) if (&outer.session-state:LDAP-Desc == "employee") -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (17) elsif ( &outer.session-state:LDAP-Desc == "affiliate") {
Fri Apr 28 17:25:08 2017 : Debug: (17) elsif ( &outer.session-state:LDAP-Desc == "affiliate") -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (17) elsif ( &outer.session-state:LDAP-Desc == "student") {
Fri Apr 28 17:25:08 2017 : Debug: (17) elsif ( &outer.session-state:LDAP-Desc == "student") -> TRUE
Fri Apr 28 17:25:08 2017 : Debug: (17) elsif ( &outer.session-state:LDAP-Desc == "student") {
Fri Apr 28 17:25:08 2017 : Debug: (17) update outer.session-state {
Fri Apr 28 17:25:08 2017 : Debug: (17) &Tunnel-Private-Group-Id := 132
Fri Apr 28 17:25:08 2017 : Debug: (17) Overwriting value "144" with "132"
Fri Apr 28 17:25:08 2017 : Debug: (17) } # update outer.session-state = noop
Fri Apr 28 17:25:08 2017 : Debug: (17) } # elsif ( &outer.session-state:LDAP-Desc == "student") = noop
Fri Apr 28 17:25:08 2017 : Debug: (17) } # post-auth = ok
Fri Apr 28 17:25:08 2017 : Auth: (17) Login OK: [teststudent/<via Auth-Type = eap>] (from client 172.19.11.253 port 13 cli 00-26-bb-10-9a-1a via TLS tunnel)
Fri Apr 28 17:25:08 2017 : Debug: (17) } # server inner-tunnel
Fri Apr 28 17:25:08 2017 : Debug: (17) Virtual server sending reply
Fri Apr 28 17:25:08 2017 : Debug: (17) Tunnel-Type := VLAN
Fri Apr 28 17:25:08 2017 : Debug: (17) Tunnel-Medium-Type := IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (17) Tunnel-Private-Group-Id := "144"
Fri Apr 28 17:25:08 2017 : Debug: (17) LDAP-Desc := "student"
Fri Apr 28 17:25:08 2017 : Debug: (17) LDAP-Group := "student"
Fri Apr 28 17:25:08 2017 : Debug: (17) MS-MPPE-Encryption-Policy = Encryption-Allowed
Fri Apr 28 17:25:08 2017 : Debug: (17) MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
Fri Apr 28 17:25:08 2017 : Debug: (17) MS-MPPE-Send-Key = 0x623198217ef51c7608f17f190850f371
Fri Apr 28 17:25:08 2017 : Debug: (17) MS-MPPE-Recv-Key = 0x5634932d71cb27b8abcec8ab6d7b17ff
Fri Apr 28 17:25:08 2017 : Debug: (17) EAP-Message = 0x03140004
Fri Apr 28 17:25:08 2017 : Debug: (17) Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:08 2017 : Debug: (17) Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Got tunneled reply code 2
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Tunnel-Type := VLAN
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Tunnel-Medium-Type := IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Tunnel-Private-Group-Id := "144"
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: LDAP-Desc := "student"
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: LDAP-Group := "student"
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: MS-MPPE-Encryption-Policy = Encryption-Allowed
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: MS-MPPE-Send-Key = 0x623198217ef51c7608f17f190850f371
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: MS-MPPE-Recv-Key = 0x5634932d71cb27b8abcec8ab6d7b17ff
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: EAP-Message = 0x03140004
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Got tunneled reply RADIUS code 2
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Tunnel-Type := VLAN
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Tunnel-Medium-Type := IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Tunnel-Private-Group-Id := "144"
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: LDAP-Desc := "student"
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: LDAP-Group := "student"
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: MS-MPPE-Encryption-Policy = Encryption-Allowed
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: MS-MPPE-Send-Key = 0x623198217ef51c7608f17f190850f371
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: MS-MPPE-Recv-Key = 0x5634932d71cb27b8abcec8ab6d7b17ff
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: EAP-Message = 0x03140004
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Tunneled authentication was successful
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: SUCCESS
Fri Apr 28 17:25:08 2017 : Debug: (17) eap_peap: Saving tunneled attributes for later
Fri Apr 28 17:25:08 2017 : Debug: (17) eap: Sending EAP Request (code 1) ID 21 length 43
Fri Apr 28 17:25:08 2017 : Debug: (17) eap: EAP session adding &reply:State = 0x2c2c301f2639294f
Fri Apr 28 17:25:08 2017 : Debug: (17) modsingle[authenticate]: returned from eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (17) [eap] = handled
Fri Apr 28 17:25:08 2017 : Debug: (17) } # authenticate = handled
Fri Apr 28 17:25:08 2017 : Debug: (17) Using Post-Auth-Type Challenge
Fri Apr 28 17:25:08 2017 : Debug: (17) Post-Auth-Type sub-section not found. Ignoring.
Fri Apr 28 17:25:08 2017 : Debug: (17) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:08 2017 : Debug: (17) session-state: Saving cached attributes
Fri Apr 28 17:25:08 2017 : Debug: (17) Tunnel-Type += VLAN
Fri Apr 28 17:25:08 2017 : Debug: (17) Tunnel-Medium-Type += IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (17) Tunnel-Private-Group-Id := "132"
Fri Apr 28 17:25:08 2017 : Debug: (17) LDAP-Desc := "student"
Fri Apr 28 17:25:08 2017 : Debug: (17) LDAP-Group += "student"
Fri Apr 28 17:25:08 2017 : Debug: (17) Stripped-User-Name += "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (17) Realm := "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (17) Sent Access-Challenge Id 10 from 195.83.247.135:1812 to 172.19.11.253:32770 length 0
Fri Apr 28 17:25:08 2017 : Debug: (17) EAP-Message = 0x0115002b190017030100200e9ab297c21466201f2aa6e40827ac1fd60275793c1465cf28307bb6fec99e39
Fri Apr 28 17:25:08 2017 : Debug: (17) Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:08 2017 : Debug: (17) State = 0x2c2c301f2639294f5eb897255f295017
Fri Apr 28 17:25:08 2017 : Debug: (17) Finished request
Fri Apr 28 17:25:08 2017 : Debug: Waking up in 4.3 seconds.
Fri Apr 28 17:25:08 2017 : Debug: (18) Received Access-Request Id 11 from 172.19.11.253:32770 to 195.83.247.135:1812 length 287
Fri Apr 28 17:25:08 2017 : Debug: (18) User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (18) Chargeable-User-Identity = 0x00
Fri Apr 28 17:25:08 2017 : Debug: (18) Location-Capable = Civix-Location
Fri Apr 28 17:25:08 2017 : Debug: (18) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:08 2017 : Debug: (18) Called-Station-Id = "68-bd-ab-85-34-b0:exterieurs"
Fri Apr 28 17:25:08 2017 : Debug: (18) NAS-Port = 13
Fri Apr 28 17:25:08 2017 : Debug: (18) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:08 2017 : Debug: (18) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:08 2017 : Debug: (18) NAS-Identifier = "wism2"
Fri Apr 28 17:25:08 2017 : Debug: (18) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:08 2017 : Debug: (18) Service-Type = Framed-User
Fri Apr 28 17:25:08 2017 : Debug: (18) Framed-MTU = 1300
Fri Apr 28 17:25:08 2017 : Debug: (18) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:08 2017 : Debug: (18) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:08 2017 : Debug: (18) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (18) Tunnel-Private-Group-Id:0 = "143"
Fri Apr 28 17:25:08 2017 : Debug: (18) EAP-Message = 0x0215002b190017030100201b85fa9976ee3103730ccda8c03e50ef79d0ced5ac95b67fb1234d11d017ec18
Fri Apr 28 17:25:08 2017 : Debug: (18) State = 0x2c2c301f2639294f5eb897255f295017
Fri Apr 28 17:25:08 2017 : Debug: (18) Message-Authenticator = 0x28bae07242a273f9bb1d186ed2716821
Fri Apr 28 17:25:08 2017 : Debug: (18) Restoring &session-state
Fri Apr 28 17:25:08 2017 : Debug: (18) &session-state:Tunnel-Type += VLAN
Fri Apr 28 17:25:08 2017 : Debug: (18) &session-state:Tunnel-Medium-Type += IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (18) &session-state:Tunnel-Private-Group-Id := "132"
Fri Apr 28 17:25:08 2017 : Debug: (18) &session-state:LDAP-Desc := "student"
Fri Apr 28 17:25:08 2017 : Debug: (18) &session-state:LDAP-Group += "student"
Fri Apr 28 17:25:08 2017 : Debug: (18) &session-state:Stripped-User-Name += "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (18) &session-state:Realm := "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (18) # Executing section authorize from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:08 2017 : Debug: (18) authorize {
Fri Apr 28 17:25:08 2017 : Debug: (18) policy filter_username {
Fri Apr 28 17:25:08 2017 : Debug: (18) if (&User-Name) {
Fri Apr 28 17:25:08 2017 : Debug: (18) if (&User-Name) -> TRUE
Fri Apr 28 17:25:08 2017 : Debug: (18) if (&User-Name) {
Fri Apr 28 17:25:08 2017 : Debug: (18) if (&User-Name =~ / /) {
Fri Apr 28 17:25:08 2017 : Debug: (18) if (&User-Name =~ / /) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (18) if (&User-Name =~ /@[^@]*@/ ) {
Fri Apr 28 17:25:08 2017 : Debug: (18) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (18) if (&User-Name =~ /\.\./ ) {
Fri Apr 28 17:25:08 2017 : Debug: (18) if (&User-Name =~ /\.\./ ) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (18) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
Fri Apr 28 17:25:08 2017 : Debug: (18) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (18) if (&User-Name =~ /\.$/) {
Fri Apr 28 17:25:08 2017 : Debug: (18) if (&User-Name =~ /\.$/) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (18) if (&User-Name =~ /@\./) {
Fri Apr 28 17:25:08 2017 : Debug: (18) if (&User-Name =~ /@\./) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (18) } # if (&User-Name) = notfound
Fri Apr 28 17:25:08 2017 : Debug: (18) } # policy filter_username = notfound
Fri Apr 28 17:25:08 2017 : Debug: (18) policy filter_password {
Fri Apr 28 17:25:08 2017 : Debug: (18) if (&User-Password && (&User-Password != "%{string:User-Password}")) {
Fri Apr 28 17:25:08 2017 : Debug: (18) if (&User-Password && (&User-Password != "%{string:User-Password}")) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (18) } # policy filter_password = notfound
Fri Apr 28 17:25:08 2017 : Debug: (18) modsingle[authorize]: calling preprocess (rlm_preprocess)
Fri Apr 28 17:25:08 2017 : Debug: (18) modsingle[authorize]: returned from preprocess (rlm_preprocess)
Fri Apr 28 17:25:08 2017 : Debug: (18) [preprocess] = ok
Fri Apr 28 17:25:08 2017 : Debug: (18) modsingle[authorize]: calling auth_log (rlm_detail)
Fri Apr 28 17:25:08 2017 : Debug: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:08 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:08 2017 : Debug: literal --> /var/log/radius/radacct/
Fri Apr 28 17:25:08 2017 : Debug: if {
Fri Apr 28 17:25:08 2017 : Debug: attribute --> Packet-Src-IP-Address
Fri Apr 28 17:25:08 2017 : Debug: }
Fri Apr 28 17:25:08 2017 : Debug: else {
Fri Apr 28 17:25:08 2017 : Debug: attribute --> Packet-Src-IPv6-Address
Fri Apr 28 17:25:08 2017 : Debug: }
Fri Apr 28 17:25:08 2017 : Debug: literal --> /auth-detail-
Fri Apr 28 17:25:08 2017 : Debug: percent --> Y
Fri Apr 28 17:25:08 2017 : Debug: percent --> m
Fri Apr 28 17:25:08 2017 : Debug: percent --> d
Fri Apr 28 17:25:08 2017 : Debug: (18) auth_log: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
Fri Apr 28 17:25:08 2017 : Debug: (18) auth_log: --> /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:08 2017 : Debug: (18) auth_log: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/172.19.11.253/auth-detail-20170428
Fri Apr 28 17:25:08 2017 : Debug: %t
Fri Apr 28 17:25:08 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:08 2017 : Debug: percent --> t
Fri Apr 28 17:25:08 2017 : Debug: (18) auth_log: EXPAND %t
Fri Apr 28 17:25:08 2017 : Debug: (18) auth_log: --> Fri Apr 28 17:25:08 2017
Fri Apr 28 17:25:08 2017 : Debug: (18) modsingle[authorize]: returned from auth_log (rlm_detail)
Fri Apr 28 17:25:08 2017 : Debug: (18) [auth_log] = ok
Fri Apr 28 17:25:08 2017 : Debug: (18) modsingle[authorize]: calling mschap (rlm_mschap)
Fri Apr 28 17:25:08 2017 : Debug: (18) modsingle[authorize]: returned from mschap (rlm_mschap)
Fri Apr 28 17:25:08 2017 : Debug: (18) [mschap] = noop
Fri Apr 28 17:25:08 2017 : Debug: (18) modsingle[authorize]: calling suffix (rlm_realm)
Fri Apr 28 17:25:08 2017 : Debug: (18) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:08 2017 : Debug: (18) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:08 2017 : Debug: (18) suffix: Found realm "NULL"
Fri Apr 28 17:25:08 2017 : Debug: (18) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (18) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:08 2017 : Debug: (18) suffix: Authentication realm is LOCAL
Fri Apr 28 17:25:08 2017 : Debug: (18) modsingle[authorize]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:08 2017 : Debug: (18) [suffix] = ok
Fri Apr 28 17:25:08 2017 : Debug: (18) modsingle[authorize]: calling eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (18) eap: Peer sent EAP Response (code 2) ID 21 length 43
Fri Apr 28 17:25:08 2017 : Debug: (18) eap: Continuing tunnel setup
Fri Apr 28 17:25:08 2017 : Debug: (18) modsingle[authorize]: returned from eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (18) [eap] = ok
Fri Apr 28 17:25:08 2017 : Debug: (18) } # authorize = ok
Fri Apr 28 17:25:08 2017 : Debug: (18) Found Auth-Type = eap
Fri Apr 28 17:25:08 2017 : Debug: (18) # Executing group from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:08 2017 : Debug: (18) authenticate {
Fri Apr 28 17:25:08 2017 : Debug: (18) modsingle[authenticate]: calling eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (18) eap: Expiring EAP session with state 0x1ae03c641ce825f8
Fri Apr 28 17:25:08 2017 : Debug: (18) eap: Finished EAP session with state 0x2c2c301f2639294f
Fri Apr 28 17:25:08 2017 : Debug: (18) eap: Previous EAP request found for state 0x2c2c301f2639294f, released from the list
Fri Apr 28 17:25:08 2017 : Debug: (18) eap: Peer sent packet with method EAP PEAP (25)
Fri Apr 28 17:25:08 2017 : Debug: (18) eap: Calling submodule eap_peap to process data
Fri Apr 28 17:25:08 2017 : Debug: (18) eap_peap: Continuing EAP-TLS
Fri Apr 28 17:25:08 2017 : Debug: (18) eap_peap: Peer sent flags ---
Fri Apr 28 17:25:08 2017 : Debug: (18) eap_peap: [eaptls verify] = ok
Fri Apr 28 17:25:08 2017 : Debug: (18) eap_peap: Done initial handshake
Fri Apr 28 17:25:08 2017 : Debug: (18) eap_peap: [eaptls process] = ok
Fri Apr 28 17:25:08 2017 : Debug: (18) eap_peap: Session established. Decoding tunneled attributes
Fri Apr 28 17:25:08 2017 : Debug: (18) eap_peap: PEAP state send tlv success
Fri Apr 28 17:25:08 2017 : Debug: (18) eap_peap: Received EAP-TLV response
Fri Apr 28 17:25:08 2017 : Debug: (18) eap_peap: Success
Fri Apr 28 17:25:08 2017 : Debug: (18) eap_peap: Using saved attributes from the original Access-Accept
Fri Apr 28 17:25:08 2017 : Debug: (18) eap_peap: Tunnel-Type := VLAN
Fri Apr 28 17:25:08 2017 : Debug: (18) eap_peap: Tunnel-Medium-Type := IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (18) eap_peap: Tunnel-Private-Group-Id := "144"
Fri Apr 28 17:25:08 2017 : Debug: (18) eap_peap: LDAP-Desc := "student"
Fri Apr 28 17:25:08 2017 : Debug: (18) eap_peap: LDAP-Group := "student"
Fri Apr 28 17:25:08 2017 : Debug: (18) eap_peap: Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (18) eap: Sending EAP Success (code 3) ID 21 length 4
Fri Apr 28 17:25:08 2017 : Debug: (18) eap: Freeing handler
Fri Apr 28 17:25:08 2017 : Debug: (18) modsingle[authenticate]: returned from eap (rlm_eap)
Fri Apr 28 17:25:08 2017 : Debug: (18) [eap] = ok
Fri Apr 28 17:25:08 2017 : Debug: (18) } # authenticate = ok
Fri Apr 28 17:25:08 2017 : Debug: (18) # Executing section post-auth from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:08 2017 : Debug: (18) post-auth {
Fri Apr 28 17:25:08 2017 : Debug: (18) update {
Fri Apr 28 17:25:08 2017 : Debug: (18) &reply::Tunnel-Type += &session-state:Tunnel-Type[*] -> VLAN
Fri Apr 28 17:25:08 2017 : Debug: (18) &reply::Tunnel-Medium-Type += &session-state:Tunnel-Medium-Type[*] -> IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (18) &reply::Tunnel-Private-Group-Id += &session-state:Tunnel-Private-Group-Id[*] -> '132'
Fri Apr 28 17:25:08 2017 : Debug: (18) &reply::LDAP-Desc += &session-state:LDAP-Desc[*] -> 'student'
Fri Apr 28 17:25:08 2017 : Debug: (18) &reply::LDAP-Group += &session-state:LDAP-Group[*] -> 'student'
Fri Apr 28 17:25:08 2017 : Debug: (18) &reply::Stripped-User-Name += &session-state:Stripped-User-Name[*] -> 'teststudent'
Fri Apr 28 17:25:08 2017 : Debug: (18) &reply::Realm += &session-state:Realm[*] -> 'teststudent'
Fri Apr 28 17:25:08 2017 : Debug: (18) } # update = noop
Fri Apr 28 17:25:08 2017 : Debug: (18) if ( "%{%{Stripped-User-Name}:-%{User-Name}}" == "testemploye") {
Fri Apr 28 17:25:08 2017 : Debug: (18) EXPAND %{%{Stripped-User-Name}:-%{User-Name}}
Fri Apr 28 17:25:08 2017 : Debug: (18) --> teststudent
Fri Apr 28 17:25:08 2017 : Debug: (18) if ( "%{%{Stripped-User-Name}:-%{User-Name}}" == "testemploye") -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (18) if ( &reply:Realm != "univ-brest.fr" ) {
Fri Apr 28 17:25:08 2017 : Debug: (18) if ( &reply:Realm != "univ-brest.fr" ) -> TRUE
Fri Apr 28 17:25:08 2017 : Debug: (18) if ( &reply:Realm != "univ-brest.fr" ) {
Fri Apr 28 17:25:08 2017 : Debug: (18) update {
Fri Apr 28 17:25:08 2017 : Debug: (18) &reply:Tunnel-Private-Group-Id := 143
Fri Apr 28 17:25:08 2017 : Debug: (18) Overwriting value "144" with "143"
Fri Apr 28 17:25:08 2017 : Debug: (18) } # update = noop
Fri Apr 28 17:25:08 2017 : Debug: (18) } # if ( &reply:Realm != "univ-brest.fr" ) = noop
Fri Apr 28 17:25:08 2017 : Debug: (18) modsingle[post-auth]: calling reply_log (rlm_detail)
Fri Apr 28 17:25:08 2017 : Debug: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/reply-detail-%Y%m%d
Fri Apr 28 17:25:08 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:08 2017 : Debug: literal --> /var/log/radius/radacct/
Fri Apr 28 17:25:08 2017 : Debug: if {
Fri Apr 28 17:25:08 2017 : Debug: attribute --> Packet-Src-IP-Address
Fri Apr 28 17:25:08 2017 : Debug: }
Fri Apr 28 17:25:08 2017 : Debug: else {
Fri Apr 28 17:25:08 2017 : Debug: attribute --> Packet-Src-IPv6-Address
Fri Apr 28 17:25:08 2017 : Debug: }
Fri Apr 28 17:25:08 2017 : Debug: literal --> /reply-detail-
Fri Apr 28 17:25:08 2017 : Debug: percent --> Y
Fri Apr 28 17:25:08 2017 : Debug: percent --> m
Fri Apr 28 17:25:08 2017 : Debug: percent --> d
Fri Apr 28 17:25:08 2017 : Debug: (18) reply_log: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/reply-detail-%Y%m%d
Fri Apr 28 17:25:08 2017 : Debug: (18) reply_log: --> /var/log/radius/radacct/172.19.11.253/reply-detail-20170428
Fri Apr 28 17:25:08 2017 : Debug: (18) reply_log: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/reply-detail-%Y%m%d expands to /var/log/radius/radacct/172.19.11.253/reply-detail-20170428
Fri Apr 28 17:25:08 2017 : Debug: %t
Fri Apr 28 17:25:08 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:08 2017 : Debug: percent --> t
Fri Apr 28 17:25:08 2017 : Debug: (18) reply_log: EXPAND %t
Fri Apr 28 17:25:08 2017 : Debug: (18) reply_log: --> Fri Apr 28 17:25:08 2017
Fri Apr 28 17:25:08 2017 : Debug: (18) modsingle[post-auth]: returned from reply_log (rlm_detail)
Fri Apr 28 17:25:08 2017 : Debug: (18) [reply_log] = ok
Fri Apr 28 17:25:08 2017 : Debug: (18) modsingle[post-auth]: calling exec (rlm_exec)
Fri Apr 28 17:25:08 2017 : Debug: (18) modsingle[post-auth]: returned from exec (rlm_exec)
Fri Apr 28 17:25:08 2017 : Debug: (18) [exec] = noop
Fri Apr 28 17:25:08 2017 : Debug: (18) policy remove_reply_message_if_eap {
Fri Apr 28 17:25:08 2017 : Debug: (18) if (&reply:EAP-Message && &reply:Reply-Message) {
Fri Apr 28 17:25:08 2017 : Debug: (18) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (18) else {
Fri Apr 28 17:25:08 2017 : Debug: (18) modsingle[post-auth]: calling noop (rlm_always)
Fri Apr 28 17:25:08 2017 : Debug: (18) modsingle[post-auth]: returned from noop (rlm_always)
Fri Apr 28 17:25:08 2017 : Debug: (18) [noop] = noop
Fri Apr 28 17:25:08 2017 : Debug: (18) } # else = noop
Fri Apr 28 17:25:08 2017 : Debug: (18) } # policy remove_reply_message_if_eap = noop
Fri Apr 28 17:25:08 2017 : Debug: (18) } # post-auth = ok
Fri Apr 28 17:25:08 2017 : Auth: (18) Login OK: [teststudent/<via Auth-Type = eap>] (from client 172.19.11.253 port 13 cli 00-26-bb-10-9a-1a)
Fri Apr 28 17:25:08 2017 : Debug: (18) Sent Access-Accept Id 11 from 195.83.247.135:1812 to 172.19.11.253:32770 length 0
Fri Apr 28 17:25:08 2017 : Debug: (18) Tunnel-Type := VLAN
Fri Apr 28 17:25:08 2017 : Debug: (18) Tunnel-Medium-Type := IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (18) Tunnel-Private-Group-Id := "143"
Fri Apr 28 17:25:08 2017 : Debug: (18) MS-MPPE-Recv-Key = 0x725f58d84ca4b1a0f5c4205b0f106fef1041a26d53bc56736a9286e924db0570
Fri Apr 28 17:25:08 2017 : Debug: (18) MS-MPPE-Send-Key = 0xd4a3c9ec3390a92f18c0c2633c970a5442abe1716e859a8182adce0d23b885de
Fri Apr 28 17:25:08 2017 : Debug: (18) EAP-Message = 0x03150004
Fri Apr 28 17:25:08 2017 : Debug: (18) Message-Authenticator = 0x00000000000000000000000000000000
Fri Apr 28 17:25:08 2017 : Debug: (18) Tunnel-Type += VLAN
Fri Apr 28 17:25:08 2017 : Debug: (18) Tunnel-Medium-Type += IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (18) Tunnel-Private-Group-Id += "132"
Fri Apr 28 17:25:08 2017 : Debug: (18) Finished request
Fri Apr 28 17:25:08 2017 : Debug: Waking up in 4.3 seconds.
Fri Apr 28 17:25:08 2017 : Debug: (19) Received Accounting-Request Id 160 from 172.19.11.253:32770 to 195.83.247.135:1813 length 302
Fri Apr 28 17:25:08 2017 : Debug: (19) User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (19) NAS-Port = 13
Fri Apr 28 17:25:08 2017 : Debug: (19) NAS-IP-Address = 172.19.11.253
Fri Apr 28 17:25:08 2017 : Debug: (19) Framed-IP-Address = 172.28.240.247
Fri Apr 28 17:25:08 2017 : Debug: (19) Framed-IPv6-Prefix = fe80::/64
Fri Apr 28 17:25:08 2017 : Debug: (19) NAS-Identifier = "wism2"
Fri Apr 28 17:25:08 2017 : Debug: (19) Airespace-Wlan-Id = 25
Fri Apr 28 17:25:08 2017 : Debug: (19) Acct-Session-Id = "59035d76/00:26:bb:10:9a:1a/9327318"
Fri Apr 28 17:25:08 2017 : Debug: (19) NAS-Port-Type = Wireless-802.11
Fri Apr 28 17:25:08 2017 : Debug: (19) Cisco-AVPair = "audit-session-id=ac1e010a00bba9fd59035df7"
Fri Apr 28 17:25:08 2017 : Debug: (19) Acct-Authentic = RADIUS
Fri Apr 28 17:25:08 2017 : Debug: (19) Tunnel-Type:0 = VLAN
Fri Apr 28 17:25:08 2017 : Debug: (19) Tunnel-Medium-Type:0 = IEEE-802
Fri Apr 28 17:25:08 2017 : Debug: (19) Tunnel-Private-Group-Id:0 = "132"
Fri Apr 28 17:25:08 2017 : Debug: (19) Event-Timestamp = "Apr 28 2017 17:25:13 CEST"
Fri Apr 28 17:25:08 2017 : Debug: (19) Acct-Status-Type = Interim-Update
Fri Apr 28 17:25:08 2017 : Debug: (19) Acct-Input-Octets = 103104
Fri Apr 28 17:25:08 2017 : Debug: (19) Acct-Input-Gigawords = 0
Fri Apr 28 17:25:08 2017 : Debug: (19) Acct-Output-Octets = 81988
Fri Apr 28 17:25:08 2017 : Debug: (19) Acct-Output-Gigawords = 0
Fri Apr 28 17:25:08 2017 : Debug: (19) Acct-Input-Packets = 770
Fri Apr 28 17:25:08 2017 : Debug: (19) Acct-Output-Packets = 234
Fri Apr 28 17:25:08 2017 : Debug: (19) Acct-Session-Time = 355
Fri Apr 28 17:25:08 2017 : Debug: (19) Acct-Delay-Time = 0
Fri Apr 28 17:25:08 2017 : Debug: (19) Calling-Station-Id = "00-26-bb-10-9a-1a"
Fri Apr 28 17:25:08 2017 : Debug: (19) Called-Station-Id = "6c-20-56-2c-2e-80"
Fri Apr 28 17:25:08 2017 : Debug: (19) # Executing section preacct from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:08 2017 : Debug: (19) preacct {
Fri Apr 28 17:25:08 2017 : Debug: (19) modsingle[preacct]: calling preprocess (rlm_preprocess)
Fri Apr 28 17:25:08 2017 : Debug: (19) modsingle[preacct]: returned from preprocess (rlm_preprocess)
Fri Apr 28 17:25:08 2017 : Debug: (19) [preprocess] = ok
Fri Apr 28 17:25:08 2017 : Debug: (19) policy acct_unique {
Fri Apr 28 17:25:08 2017 : Debug: (19) update request {
Fri Apr 28 17:25:08 2017 : Debug: (19) Tmp-String-9 := "ai:"
Fri Apr 28 17:25:08 2017 : Debug: (19) } # update request = noop
Fri Apr 28 17:25:08 2017 : Debug: (19) if (("%{hex:&Class}" =~ /^%{hex:&Tmp-String-9}/) && ("%{string:&Class}" =~ /^ai:([0-9a-f]{32})/i)) {
Fri Apr 28 17:25:08 2017 : Debug: (19) EXPAND %{hex:&Class}
Fri Apr 28 17:25:08 2017 : Debug: (19) -->
Fri Apr 28 17:25:08 2017 : Debug: (19) EXPAND ^%{hex:&Tmp-String-9}
Fri Apr 28 17:25:08 2017 : Debug: (19) --> ^61693a
Fri Apr 28 17:25:08 2017 : Debug: (19) if (("%{hex:&Class}" =~ /^%{hex:&Tmp-String-9}/) && ("%{string:&Class}" =~ /^ai:([0-9a-f]{32})/i)) -> FALSE
Fri Apr 28 17:25:08 2017 : Debug: (19) else {
Fri Apr 28 17:25:08 2017 : Debug: (19) update request {
Fri Apr 28 17:25:08 2017 : Debug: (19) EXPAND %{md5:%{User-Name},%{Acct-Session-ID},%{%{NAS-IPv6-Address}:-%{NAS-IP-Address}},%{NAS-Identifier},%{NAS-Port-ID},%{NAS-Port}}
Fri Apr 28 17:25:08 2017 : Debug: (19) --> 9ca567e3540b7f463a9273b480565e3d
Fri Apr 28 17:25:08 2017 : Debug: (19) &Acct-Unique-Session-Id := 9ca567e3540b7f463a9273b480565e3d
Fri Apr 28 17:25:08 2017 : Debug: (19) } # update request = noop
Fri Apr 28 17:25:08 2017 : Debug: (19) } # else = noop
Fri Apr 28 17:25:08 2017 : Debug: (19) } # policy acct_unique = noop
Fri Apr 28 17:25:08 2017 : Debug: (19) modsingle[preacct]: calling suffix (rlm_realm)
Fri Apr 28 17:25:08 2017 : Debug: (19) suffix: Checking for suffix after "@"
Fri Apr 28 17:25:08 2017 : Debug: (19) suffix: No '@' in User-Name = "teststudent", looking up realm NULL
Fri Apr 28 17:25:08 2017 : Debug: (19) suffix: Found realm "NULL"
Fri Apr 28 17:25:08 2017 : Debug: (19) suffix: Adding Stripped-User-Name = "teststudent"
Fri Apr 28 17:25:08 2017 : Debug: (19) suffix: Adding Realm = "NULL"
Fri Apr 28 17:25:08 2017 : Debug: (19) suffix: Accounting realm is LOCAL
Fri Apr 28 17:25:08 2017 : Debug: (19) modsingle[preacct]: returned from suffix (rlm_realm)
Fri Apr 28 17:25:08 2017 : Debug: (19) [suffix] = ok
Fri Apr 28 17:25:08 2017 : Debug: (19) } # preacct = ok
Fri Apr 28 17:25:08 2017 : Debug: (19) # Executing section accounting from file /etc/raddb/sites-enabled/default
Fri Apr 28 17:25:08 2017 : Debug: (19) accounting {
Fri Apr 28 17:25:08 2017 : Debug: (19) modsingle[accounting]: calling detail (rlm_detail)
Fri Apr 28 17:25:08 2017 : Debug: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d
Fri Apr 28 17:25:08 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:08 2017 : Debug: literal --> /var/log/radius/radacct/
Fri Apr 28 17:25:08 2017 : Debug: if {
Fri Apr 28 17:25:08 2017 : Debug: attribute --> Packet-Src-IP-Address
Fri Apr 28 17:25:08 2017 : Debug: }
Fri Apr 28 17:25:08 2017 : Debug: else {
Fri Apr 28 17:25:08 2017 : Debug: attribute --> Packet-Src-IPv6-Address
Fri Apr 28 17:25:08 2017 : Debug: }
Fri Apr 28 17:25:08 2017 : Debug: literal --> /detail-
Fri Apr 28 17:25:08 2017 : Debug: percent --> Y
Fri Apr 28 17:25:08 2017 : Debug: percent --> m
Fri Apr 28 17:25:08 2017 : Debug: percent --> d
Fri Apr 28 17:25:08 2017 : Debug: (19) detail: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d
Fri Apr 28 17:25:08 2017 : Debug: (19) detail: --> /var/log/radius/radacct/172.19.11.253/detail-20170428
Fri Apr 28 17:25:08 2017 : Debug: (19) detail: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d expands to /var/log/radius/radacct/172.19.11.253/detail-20170428
Fri Apr 28 17:25:08 2017 : Debug: %t
Fri Apr 28 17:25:08 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:08 2017 : Debug: percent --> t
Fri Apr 28 17:25:08 2017 : Debug: (19) detail: EXPAND %t
Fri Apr 28 17:25:08 2017 : Debug: (19) detail: --> Fri Apr 28 17:25:08 2017
Fri Apr 28 17:25:08 2017 : Debug: (19) modsingle[accounting]: returned from detail (rlm_detail)
Fri Apr 28 17:25:08 2017 : Debug: (19) [detail] = ok
Fri Apr 28 17:25:08 2017 : Debug: (19) modsingle[accounting]: calling unix (rlm_unix)
Fri Apr 28 17:25:08 2017 : Debug: (19) modsingle[accounting]: returned from unix (rlm_unix)
Fri Apr 28 17:25:08 2017 : Debug: (19) [unix] = noop
Fri Apr 28 17:25:08 2017 : Debug: (19) modsingle[accounting]: calling exec (rlm_exec)
Fri Apr 28 17:25:08 2017 : Debug: (19) modsingle[accounting]: returned from exec (rlm_exec)
Fri Apr 28 17:25:08 2017 : Debug: (19) [exec] = noop
Fri Apr 28 17:25:08 2017 : Debug: (19) modsingle[accounting]: calling attr_filter.accounting_response (rlm_attr_filter)
Fri Apr 28 17:25:08 2017 : Debug: %{User-Name}
Fri Apr 28 17:25:08 2017 : Debug: Parsed xlat tree:
Fri Apr 28 17:25:08 2017 : Debug: attribute --> User-Name
Fri Apr 28 17:25:08 2017 : Debug: (19) attr_filter.accounting_response: EXPAND %{User-Name}
Fri Apr 28 17:25:08 2017 : Debug: (19) attr_filter.accounting_response: --> teststudent
Fri Apr 28 17:25:08 2017 : Debug: (19) attr_filter.accounting_response: Matched entry DEFAULT at line 12
Fri Apr 28 17:25:08 2017 : Debug: (19) modsingle[accounting]: returned from attr_filter.accounting_response (rlm_attr_filter)
Fri Apr 28 17:25:08 2017 : Debug: (19) [attr_filter.accounting_response] = updated
Fri Apr 28 17:25:08 2017 : Debug: (19) } # accounting = updated
Fri Apr 28 17:25:08 2017 : Debug: (19) Sent Accounting-Response Id 160 from 195.83.247.135:1813 to 172.19.11.253:32770 length 0
Fri Apr 28 17:25:08 2017 : Debug: (19) Finished request
Fri Apr 28 17:25:08 2017 : Debug: (19) Cleaning up request packet ID 160 with timestamp +34
Fri Apr 28 17:25:08 2017 : Debug: Waking up in 4.3 seconds.
Fri Apr 28 17:25:12 2017 : Debug: (0) Cleaning up request packet ID 249 with timestamp +33
Fri Apr 28 17:25:12 2017 : Debug: (1) Cleaning up request packet ID 250 with timestamp +33
Fri Apr 28 17:25:12 2017 : Debug: (2) Cleaning up request packet ID 251 with timestamp +33
Fri Apr 28 17:25:12 2017 : Debug: (3) Cleaning up request packet ID 252 with timestamp +33
Fri Apr 28 17:25:12 2017 : Debug: (4) Cleaning up request packet ID 253 with timestamp +33
Fri Apr 28 17:25:12 2017 : Debug: (5) Cleaning up request packet ID 254 with timestamp +33
Fri Apr 28 17:25:12 2017 : Debug: Waking up in 0.1 seconds.
Fri Apr 28 17:25:12 2017 : Debug: (6) Cleaning up request packet ID 255 with timestamp +33
Fri Apr 28 17:25:12 2017 : Debug: Waking up in 0.1 seconds.
Fri Apr 28 17:25:12 2017 : Debug: (7) Cleaning up request packet ID 0 with timestamp +33
Fri Apr 28 17:25:12 2017 : Debug: (8) Cleaning up request packet ID 1 with timestamp +33
Fri Apr 28 17:25:12 2017 : Debug: (9) Cleaning up request packet ID 2 with timestamp +33
Fri Apr 28 17:25:12 2017 : Debug: (10) Cleaning up request packet ID 3 with timestamp +33
Fri Apr 28 17:25:12 2017 : Debug: (11) Cleaning up request packet ID 4 with timestamp +33
Fri Apr 28 17:25:12 2017 : Debug: (12) Cleaning up request packet ID 5 with timestamp +33
Fri Apr 28 17:25:12 2017 : Debug: Waking up in 0.2 seconds.
Fri Apr 28 17:25:13 2017 : Debug: (13) Cleaning up request packet ID 6 with timestamp +33
Fri Apr 28 17:25:13 2017 : Debug: (14) Cleaning up request packet ID 7 with timestamp +34
Fri Apr 28 17:25:13 2017 : Debug: (15) Cleaning up request packet ID 8 with timestamp +34
Fri Apr 28 17:25:13 2017 : Debug: (16) Cleaning up request packet ID 9 with timestamp +34
Fri Apr 28 17:25:13 2017 : Debug: (17) Cleaning up request packet ID 10 with timestamp +34
Fri Apr 28 17:25:13 2017 : Debug: (18) Cleaning up request packet ID 11 with timestamp +34
Fri Apr 28 17:25:13 2017 : Info: Ready to process requests
More information about the Freeradius-Users
mailing list