iOS mysterious issues on Freeradius 3.0.14
Igor Sousa
igorvolt at gmail.com
Thu Mar 23 20:46:43 CET 2017
<quote author='Alan DeKok-2'>
On Mar 22, 2017, at 7:39 AM, Igor Sousa <igorvolt at gmail.com> wrote:
> PLEASE follow the instructions, and use "radiusd -X". Doing "-Xx" just
makes the debug output harder to read.
</quote>
Quoted from:
http://freeradius.1045715.n5.nabble.com/iOS-mysterious-issues-on-Freeradius-3-0-14-tp5744970p5744971.html
I'm so sorry. I used use "radiusd -Xx" because I like see timestamp, but it
turns debug output harder to read and I agree with you. Now, I get two
debug's output where the first when Iphone can't connect to network and
second when I reboot the same Iphone and it can connect to the same network
(same AP device too).
PS: The certificate was generated during freeradius install. I think that
certificate isn't problem because tunneled authentication was successful
Glad to your help,
Igor Sousa
Debug outputs
IPHONE CANNOT CONNECT TO WIFI NETWORK
(19) Received Access-Request Id 0 from 10.41.17.64:1086 to 10.41.110.86:1812
length 210
(19) Message-Authenticator = 0xaff68abbae7d1c7ec3845b6e82d7820b
(19) Service-Type = Framed-User
(19) User-Name = "userTest"
(19) Framed-MTU = 1488
(19) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(19) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(19) NAS-Identifier = "3Com Access Point 7760"
(19) NAS-Port-Type = Wireless-802.11
(19) Connect-Info = "CONNECT 54Mbps 802.11g"
(19) EAP-Message = 0x02000010013031383239353036333832
(19) NAS-IP-Address = 10.41.17.64
(19) NAS-Port = 1
(19) NAS-Port-Id = "STA port # 1"
(19) # Executing section authorize from file
/etc/raddb/sites-enabled/default
(19) authorize {
(19) [preprocess] = ok
(19) eap: Peer sent EAP Response (code 2) ID 0 length 16
(19) eap: EAP-Identity reply, returning 'ok' so we can short-circuit the
rest of authorize
(19) [eap] = ok
(19) } # authorize = ok
(19) Found Auth-Type = eap
(19) # Executing group from file /etc/raddb/sites-enabled/default
(19) authenticate {
(19) eap: Peer sent packet with method EAP Identity (1)
(19) eap: Calling submodule eap_peap to process data
(19) eap_peap: Initiating new EAP-TLS session
(19) eap_peap: [eaptls start] = request
(19) eap: Sending EAP Request (code 1) ID 1 length 6
(19) eap: EAP session adding &reply:State = 0x82e4cb1b82e5d244
(19) [eap] = handled
(19) } # authenticate = handled
(19) Using Post-Auth-Type Challenge
(19) Post-Auth-Type sub-section not found. Ignoring.
(19) # Executing group from file /etc/raddb/sites-enabled/default
(19) Sent Access-Challenge Id 0 from 10.41.110.86:1812 to 10.41.17.64:1086
length 0
(19) EAP-Message = 0x010100061920
(19) Message-Authenticator = 0x00000000000000000000000000000000
(19) State = 0x82e4cb1b82e5d244ae1bb12a174a7e27
(19) Finished request
Waking up in 1.0 seconds.
(20) Received Access-Request Id 1 from 10.41.17.64:1086 to 10.41.110.86:1812
length 339
(20) Message-Authenticator = 0x06ed06a6edcefe165e317699f3ab93bf
(20) Service-Type = Framed-User
(20) User-Name = "userTest"
(20) Framed-MTU = 1488
(20) State = 0x82e4cb1b82e5d244ae1bb12a174a7e27
(20) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(20) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(20) NAS-Identifier = "3Com Access Point 7760"
(20) NAS-Port-Type = Wireless-802.11
(20) Connect-Info = "CONNECT 54Mbps 802.11g"
(20) EAP-Message =
0x0201007f19800000007516030100700100006c030158d2b994740bc0e95df6bd9e51c89c348c9061a2001932506837a83a2b96e1f800002000ffc024c023c00ac009c008c028c027c014c013c012003d003c0035002f000a01000023000a00080006001700180019000b00020100000500050100000000
(20) NAS-IP-Address = 10.41.17.64
(20) NAS-Port = 1
(20) NAS-Port-Id = "STA port # 1"
(20) session-state: No cached attributes
(20) # Executing section authorize from file
/etc/raddb/sites-enabled/default
(20) authorize {
(20) [preprocess] = ok
(20) eap: Peer sent EAP Response (code 2) ID 1 length 127
(20) eap: Continuing tunnel setup
(20) [eap] = ok
(20) } # authorize = ok
(20) Found Auth-Type = eap
(20) # Executing group from file /etc/raddb/sites-enabled/default
(20) authenticate {
(20) eap: Expiring EAP session with state 0xfaf55ea1f2e347c8
(20) eap: Finished EAP session with state 0x82e4cb1b82e5d244
(20) eap: Previous EAP request found for state 0x82e4cb1b82e5d244, released
from the list
(20) eap: Peer sent packet with method EAP PEAP (25)
(20) eap: Calling submodule eap_peap to process data
(20) eap_peap: Continuing EAP-TLS
(20) eap_peap: Peer indicated complete TLS record size will be 117 bytes
(20) eap_peap: Got complete TLS record (117 bytes)
(20) eap_peap: [eaptls verify] = length included
(20) eap_peap: (other): before SSL initialization
(20) eap_peap: TLS_accept: before SSL initialization
(20) eap_peap: TLS_accept: before SSL initialization
(20) eap_peap: <<< recv TLS 1.2 [length 0070]
(20) eap_peap: TLS_accept: SSLv3/TLS read client hello
(20) eap_peap: >>> send TLS 1.0 Handshake [length 005d], ServerHello
(20) eap_peap: TLS_accept: SSLv3/TLS write server hello
(20) eap_peap: >>> send TLS 1.0 Handshake [length 08d3], Certificate
(20) eap_peap: TLS_accept: SSLv3/TLS write certificate
(20) eap_peap: >>> send TLS 1.0 Handshake [length 014b], ServerKeyExchange
(20) eap_peap: TLS_accept: SSLv3/TLS write key exchange
(20) eap_peap: >>> send TLS 1.0 Handshake [length 0004], ServerHelloDone
(20) eap_peap: TLS_accept: SSLv3/TLS write server done
(20) eap_peap: TLS_accept: Need to read more data: SSLv3/TLS write server
done
(20) eap_peap: In SSL Handshake Phase
(20) eap_peap: In SSL Accept mode
(20) eap_peap: [eaptls process] = handled
(20) eap: Sending EAP Request (code 1) ID 2 length 1004
(20) eap: EAP session adding &reply:State = 0x82e4cb1b83e6d244
(20) [eap] = handled
(20) } # authenticate = handled
(20) Using Post-Auth-Type Challenge
(20) Post-Auth-Type sub-section not found. Ignoring.
(20) # Executing group from file /etc/raddb/sites-enabled/default
(20) Sent Access-Challenge Id 1 from 10.41.110.86:1812 to 10.41.17.64:1086
length 0
(20) EAP-Message =
0x010203ec19c000000a93160301005d02000059030137ff0e7945d630b967660ce9dfe075ed12322d81c073d418449d657776955cef20ad6b30ad91ec1d4a1cb29d7bcca8c64ffca1d37b284636e0af73a499a87943b5c014000011ff01000100000b0004030001020017000016030108d30b0008cf0008
(20) Message-Authenticator = 0x00000000000000000000000000000000
(20) State = 0x82e4cb1b83e6d244ae1bb12a174a7e27
(20) Finished request
Waking up in 1.0 seconds.
(21) Received Access-Request Id 2 from 10.41.17.64:1086 to 10.41.110.86:1812
length 218
(21) Message-Authenticator = 0x9e08ee72ba04c092cc95e8dc3c2b126d
(21) Service-Type = Framed-User
(21) User-Name = "userTest"
(21) Framed-MTU = 1488
(21) State = 0x82e4cb1b83e6d244ae1bb12a174a7e27
(21) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(21) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(21) NAS-Identifier = "3Com Access Point 7760"
(21) NAS-Port-Type = Wireless-802.11
(21) Connect-Info = "CONNECT 54Mbps 802.11g"
(21) EAP-Message = 0x020200061900
(21) NAS-IP-Address = 10.41.17.64
(21) NAS-Port = 1
(21) NAS-Port-Id = "STA port # 1"
(21) session-state: No cached attributes
(21) # Executing section authorize from file
/etc/raddb/sites-enabled/default
(21) authorize {
(21) [preprocess] = ok
(21) eap: Peer sent EAP Response (code 2) ID 2 length 6
(21) eap: Continuing tunnel setup
(21) [eap] = ok
(21) } # authorize = ok
(21) Found Auth-Type = eap
(21) # Executing group from file /etc/raddb/sites-enabled/default
(21) authenticate {
(21) eap: Expiring EAP session with state 0xfaf55ea1f2e347c8
(21) eap: Finished EAP session with state 0x82e4cb1b83e6d244
(21) eap: Previous EAP request found for state 0x82e4cb1b83e6d244, released
from the list
(21) eap: Peer sent packet with method EAP PEAP (25)
(21) eap: Calling submodule eap_peap to process data
(21) eap_peap: Continuing EAP-TLS
(21) eap_peap: Peer ACKed our handshake fragment
(21) eap_peap: [eaptls verify] = request
(21) eap_peap: [eaptls process] = handled
(21) eap: Sending EAP Request (code 1) ID 3 length 1000
(21) eap: EAP session adding &reply:State = 0x82e4cb1b80e7d244
(21) [eap] = handled
(21) } # authenticate = handled
(21) Using Post-Auth-Type Challenge
(21) Post-Auth-Type sub-section not found. Ignoring.
(21) # Executing group from file /etc/raddb/sites-enabled/default
(21) Sent Access-Challenge Id 2 from 10.41.110.86:1812 to 10.41.17.64:1086
length 0
(21) EAP-Message =
0x010303e81940b2c16fe1b0d484179f9cdaaba928edbe85ea947176542ea9646d2f16b8803f26bf43aa9d60ff2c5d4d9ec84c4c511d64d81b360765cd88159cbe3831e7f63102d7e95becbf76520288a093eefd7080eb3f1c6936e347b508b9916d3e4e10615ad52b4601565fedd7e976bdf1ec0004e830
(21) Message-Authenticator = 0x00000000000000000000000000000000
(21) State = 0x82e4cb1b80e7d244ae1bb12a174a7e27
(21) Finished request
Waking up in 1.0 seconds.
(22) Received Access-Request Id 3 from 10.41.17.64:1086 to 10.41.110.86:1812
length 218
(22) Message-Authenticator = 0x0e187ddb9e28534049f07abe7b3a792a
(22) Service-Type = Framed-User
(22) User-Name = "userTest"
(22) Framed-MTU = 1488
(22) State = 0x82e4cb1b80e7d244ae1bb12a174a7e27
(22) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(22) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(22) NAS-Identifier = "3Com Access Point 7760"
(22) NAS-Port-Type = Wireless-802.11
(22) Connect-Info = "CONNECT 54Mbps 802.11g"
(22) EAP-Message = 0x020300061900
(22) NAS-IP-Address = 10.41.17.64
(22) NAS-Port = 1
(22) NAS-Port-Id = "STA port # 1"
(22) session-state: No cached attributes
(22) # Executing section authorize from file
/etc/raddb/sites-enabled/default
(22) authorize {
(22) [preprocess] = ok
(22) eap: Peer sent EAP Response (code 2) ID 3 length 6
(22) eap: Continuing tunnel setup
(22) [eap] = ok
(22) } # authorize = ok
(22) Found Auth-Type = eap
(22) # Executing group from file /etc/raddb/sites-enabled/default
(22) authenticate {
(22) eap: Expiring EAP session with state 0xfaf55ea1f2e347c8
(22) eap: Finished EAP session with state 0x82e4cb1b80e7d244
(22) eap: Previous EAP request found for state 0x82e4cb1b80e7d244, released
from the list
(22) eap: Peer sent packet with method EAP PEAP (25)
(22) eap: Calling submodule eap_peap to process data
(22) eap_peap: Continuing EAP-TLS
(22) eap_peap: Peer ACKed our handshake fragment
(22) eap_peap: [eaptls verify] = request
(22) eap_peap: [eaptls process] = handled
(22) eap: Sending EAP Request (code 1) ID 4 length 725
(22) eap: EAP session adding &reply:State = 0x82e4cb1b81e0d244
(22) [eap] = handled
(22) } # authenticate = handled
(22) Using Post-Auth-Type Challenge
(22) Post-Auth-Type sub-section not found. Ignoring.
(22) # Executing group from file /etc/raddb/sites-enabled/default
(22) Sent Access-Challenge Id 3 from 10.41.110.86:1812 to 10.41.17.64:1086
length 0
(22) EAP-Message =
0x010402d519006361746520417574686f72697479820900f29e29fc64450db1300f0603551d130101ff040530030101ff30360603551d1f042f302d302ba029a0278625687474703a2f2f7777772e6578616d706c652e6f72672f6578616d706c655f63612e63726c300d06092a864886f70d01010b0500
(22) Message-Authenticator = 0x00000000000000000000000000000000
(22) State = 0x82e4cb1b81e0d244ae1bb12a174a7e27
(22) Finished request
Waking up in 1.0 seconds.
(23) Received Access-Request Id 4 from 10.41.17.64:1086 to 10.41.110.86:1812
length 356
(23) Message-Authenticator = 0xc77ca6450207ee96bc701c3e80013fa2
(23) Service-Type = Framed-User
(23) User-Name = "userTest"
(23) Framed-MTU = 1488
(23) State = 0x82e4cb1b81e0d244ae1bb12a174a7e27
(23) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(23) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(23) NAS-Identifier = "3Com Access Point 7760"
(23) NAS-Port-Type = Wireless-802.11
(23) Connect-Info = "CONNECT 54Mbps 802.11g"
(23) EAP-Message =
0x020400901980000000861603010046100000424104fc94c086c80412f32f419d7f1071bd4863294987aebe7139a5d92849080b9c602c5a61b8f8b8e65d7b8f08d5b4f75c942d77f7b0bfba1eb3c64cd9a4f24c9d4114030100010116030100304daead77f0532e3562ea1b4b112348d124a28151794774
(23) NAS-IP-Address = 10.41.17.64
(23) NAS-Port = 1
(23) NAS-Port-Id = "STA port # 1"
(23) session-state: No cached attributes
(23) # Executing section authorize from file
/etc/raddb/sites-enabled/default
(23) authorize {
(23) [preprocess] = ok
(23) eap: Peer sent EAP Response (code 2) ID 4 length 144
(23) eap: Continuing tunnel setup
(23) [eap] = ok
(23) } # authorize = ok
(23) Found Auth-Type = eap
(23) # Executing group from file /etc/raddb/sites-enabled/default
(23) authenticate {
(23) eap: Expiring EAP session with state 0xfaf55ea1f2e347c8
(23) eap: Finished EAP session with state 0x82e4cb1b81e0d244
(23) eap: Previous EAP request found for state 0x82e4cb1b81e0d244, released
from the list
(23) eap: Peer sent packet with method EAP PEAP (25)
(23) eap: Calling submodule eap_peap to process data
(23) eap_peap: Continuing EAP-TLS
(23) eap_peap: Peer indicated complete TLS record size will be 134 bytes
(23) eap_peap: Got complete TLS record (134 bytes)
(23) eap_peap: [eaptls verify] = length included
(23) eap_peap: TLS_accept: SSLv3/TLS write server done
(23) eap_peap: <<< recv TLS 1.0 Handshake [length 0046], ClientKeyExchange
(23) eap_peap: TLS_accept: SSLv3/TLS read client key exchange
(23) eap_peap: TLS_accept: SSLv3/TLS read change cipher spec
(23) eap_peap: <<< recv TLS 1.0 Handshake [length 0010], Finished
(23) eap_peap: TLS_accept: SSLv3/TLS read finished
(23) eap_peap: >>> send TLS 1.0 ChangeCipherSpec [length 0001]
(23) eap_peap: TLS_accept: SSLv3/TLS write change cipher spec
(23) eap_peap: >>> send TLS 1.0 Handshake [length 0010], Finished
(23) eap_peap: TLS_accept: SSLv3/TLS write finished
(23) eap_peap: (other): SSL negotiation finished successfully
(23) eap_peap: SSL Connection Established
(23) eap_peap: [eaptls process] = handled
(23) eap: Sending EAP Request (code 1) ID 5 length 65
(23) eap: EAP session adding &reply:State = 0x82e4cb1b86e1d244
(23) [eap] = handled
(23) } # authenticate = handled
(23) Using Post-Auth-Type Challenge
(23) Post-Auth-Type sub-section not found. Ignoring.
(23) # Executing group from file /etc/raddb/sites-enabled/default
(23) Sent Access-Challenge Id 4 from 10.41.110.86:1812 to 10.41.17.64:1086
length 0
(23) EAP-Message =
0x010500411900140301000101160301003092e53f04b9660df09297508db8e8fb3b4ad05e7b6ae5ec5d0120facf25d35fd262b1706180c33f72e235b2c3f3724cd9
(23) Message-Authenticator = 0x00000000000000000000000000000000
(23) State = 0x82e4cb1b86e1d244ae1bb12a174a7e27
(23) Finished request
Waking up in 1.0 seconds.
(24) Received Access-Request Id 5 from 10.41.17.64:1086 to 10.41.110.86:1812
length 218
(24) Message-Authenticator = 0x7b0940b6625998f02f43527bb1725e77
(24) Service-Type = Framed-User
(24) User-Name = "userTest"
(24) Framed-MTU = 1488
(24) State = 0x82e4cb1b86e1d244ae1bb12a174a7e27
(24) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(24) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(24) NAS-Identifier = "3Com Access Point 7760"
(24) NAS-Port-Type = Wireless-802.11
(24) Connect-Info = "CONNECT 54Mbps 802.11g"
(24) EAP-Message = 0x020500061900
(24) NAS-IP-Address = 10.41.17.64
(24) NAS-Port = 1
(24) NAS-Port-Id = "STA port # 1"
(24) session-state: No cached attributes
(24) # Executing section authorize from file
/etc/raddb/sites-enabled/default
(24) authorize {
(24) [preprocess] = ok
(24) eap: Peer sent EAP Response (code 2) ID 5 length 6
(24) eap: Continuing tunnel setup
(24) [eap] = ok
(24) } # authorize = ok
(24) Found Auth-Type = eap
(24) # Executing group from file /etc/raddb/sites-enabled/default
(24) authenticate {
(24) eap: Expiring EAP session with state 0xfaf55ea1f2e347c8
(24) eap: Finished EAP session with state 0x82e4cb1b86e1d244
(24) eap: Previous EAP request found for state 0x82e4cb1b86e1d244, released
from the list
(24) eap: Peer sent packet with method EAP PEAP (25)
(24) eap: Calling submodule eap_peap to process data
(24) eap_peap: Continuing EAP-TLS
(24) eap_peap: Peer ACKed our handshake fragment. handshake is finished
(24) eap_peap: [eaptls verify] = success
(24) eap_peap: [eaptls process] = success
(24) eap_peap: Session established. Decoding tunneled attributes
(24) eap_peap: PEAP state TUNNEL ESTABLISHED
(24) eap: Sending EAP Request (code 1) ID 6 length 43
(24) eap: EAP session adding &reply:State = 0x82e4cb1b87e2d244
(24) [eap] = handled
(24) } # authenticate = handled
(24) Using Post-Auth-Type Challenge
(24) Post-Auth-Type sub-section not found. Ignoring.
(24) # Executing group from file /etc/raddb/sites-enabled/default
(24) Sent Access-Challenge Id 5 from 10.41.110.86:1812 to 10.41.17.64:1086
length 0
(24) EAP-Message =
0x0106002b19001703010020afa714d51b4477ae4fc0c892baab98cb04bd0762d895080477d237e60fdae1cb
(24) Message-Authenticator = 0x00000000000000000000000000000000
(24) State = 0x82e4cb1b87e2d244ae1bb12a174a7e27
(24) Finished request
Waking up in 0.9 seconds.
(25) Received Access-Request Id 6 from 10.41.17.64:1086 to 10.41.110.86:1812
length 271
(25) Message-Authenticator = 0xdec0a89429f16c15bc1dc8a9a9a272c1
(25) Service-Type = Framed-User
(25) User-Name = "userTest"
(25) Framed-MTU = 1488
(25) State = 0x82e4cb1b87e2d244ae1bb12a174a7e27
(25) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(25) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(25) NAS-Identifier = "3Com Access Point 7760"
(25) NAS-Port-Type = Wireless-802.11
(25) Connect-Info = "CONNECT 54Mbps 802.11g"
(25) EAP-Message =
0x0206003b19001703010030657aea9089cf393fccfa7cce8b305fa7c1265fa8174415a9b45527c898b1b5178cb30fa0081511f2f971c4f46af30621
(25) NAS-IP-Address = 10.41.17.64
(25) NAS-Port = 1
(25) NAS-Port-Id = "STA port # 1"
(25) session-state: No cached attributes
(25) # Executing section authorize from file
/etc/raddb/sites-enabled/default
(25) authorize {
(25) [preprocess] = ok
(25) eap: Peer sent EAP Response (code 2) ID 6 length 59
(25) eap: Continuing tunnel setup
(25) [eap] = ok
(25) } # authorize = ok
(25) Found Auth-Type = eap
(25) # Executing group from file /etc/raddb/sites-enabled/default
(25) authenticate {
(25) eap: Expiring EAP session with state 0xfaf55ea1f2e347c8
(25) eap: Finished EAP session with state 0x82e4cb1b87e2d244
(25) eap: Previous EAP request found for state 0x82e4cb1b87e2d244, released
from the list
(25) eap: Peer sent packet with method EAP PEAP (25)
(25) eap: Calling submodule eap_peap to process data
(25) eap_peap: Continuing EAP-TLS
(25) eap_peap: [eaptls verify] = ok
(25) eap_peap: Done initial handshake
(25) eap_peap: [eaptls process] = ok
(25) eap_peap: Session established. Decoding tunneled attributes
(25) eap_peap: PEAP state WAITING FOR INNER IDENTITY
(25) eap_peap: Identity - userTest
(25) eap_peap: Got inner identity 'userTest'
(25) eap_peap: Setting default EAP type for tunneled EAP session
(25) eap_peap: Got tunneled request
(25) eap_peap: EAP-Message = 0x02060010013031383239353036333832
(25) eap_peap: Setting User-Name to userTest
(25) eap_peap: Sending tunneled request to inner-tunnel
(25) eap_peap: EAP-Message = 0x02060010013031383239353036333832
(25) eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
(25) eap_peap: User-Name = "userTest"
(25) eap_peap: Service-Type = Framed-User
(25) eap_peap: Framed-MTU = 1488
(25) eap_peap: Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(25) eap_peap: Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(25) eap_peap: NAS-Identifier = "3Com Access Point 7760"
(25) eap_peap: NAS-Port-Type = Wireless-802.11
(25) eap_peap: Connect-Info = "CONNECT 54Mbps 802.11g"
(25) eap_peap: NAS-IP-Address = 10.41.17.64
(25) eap_peap: NAS-Port = 1
(25) eap_peap: NAS-Port-Id = "STA port # 1"
(25) eap_peap: Event-Timestamp = "Mar 22 2017 14:51:08 -03"
(25) Virtual server inner-tunnel received request
(25) EAP-Message = 0x02060010013031383239353036333832
(25) FreeRADIUS-Proxied-To = 127.0.0.1
(25) User-Name = "userTest"
(25) Service-Type = Framed-User
(25) Framed-MTU = 1488
(25) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(25) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(25) NAS-Identifier = "3Com Access Point 7760"
(25) NAS-Port-Type = Wireless-802.11
(25) Connect-Info = "CONNECT 54Mbps 802.11g"
(25) NAS-IP-Address = 10.41.17.64
(25) NAS-Port = 1
(25) NAS-Port-Id = "STA port # 1"
(25) Event-Timestamp = "Mar 22 2017 14:51:08 -03"
(25) WARNING: Outer and inner identities are the same. User privacy is
compromised.
(25) server inner-tunnel {
(25) # Executing section authorize from file
/etc/raddb/sites-enabled/inner-tunnel
(25) authorize {
(25) eap: Peer sent EAP Response (code 2) ID 6 length 16
(25) eap: EAP-Identity reply, returning 'ok' so we can short-circuit the
rest of authorize
(25) [eap] = ok
(25) } # authorize = ok
(25) Found Auth-Type = eap
(25) # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(25) authenticate {
(25) eap: Peer sent packet with method EAP Identity (1)
(25) eap: Calling submodule eap_mschapv2 to process data
(25) eap_mschapv2: Issuing Challenge
(25) eap: Sending EAP Request (code 1) ID 7 length 43
(25) eap: EAP session adding &reply:State = 0xed05353eed022fbe
(25) [eap] = handled
(25) } # authenticate = handled
(25) } # server inner-tunnel
(25) Virtual server sending reply
(25) EAP-Message =
0x0107002b1a01070026109ac249a45bf691de7fc75a3feed0cb60667265657261646975732d332e302e3134
(25) Message-Authenticator = 0x00000000000000000000000000000000
(25) State = 0xed05353eed022fbe5b1d8e8a916c26a0
(25) eap_peap: Got tunneled reply code 11
(25) eap_peap: EAP-Message =
0x0107002b1a01070026109ac249a45bf691de7fc75a3feed0cb60667265657261646975732d332e302e3134
(25) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
(25) eap_peap: State = 0xed05353eed022fbe5b1d8e8a916c26a0
(25) eap_peap: Got tunneled reply RADIUS code 11
(25) eap_peap: EAP-Message =
0x0107002b1a01070026109ac249a45bf691de7fc75a3feed0cb60667265657261646975732d332e302e3134
(25) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
(25) eap_peap: State = 0xed05353eed022fbe5b1d8e8a916c26a0
(25) eap_peap: Got tunneled Access-Challenge
(25) eap: Sending EAP Request (code 1) ID 7 length 75
(25) eap: EAP session adding &reply:State = 0x82e4cb1b84e3d244
(25) [eap] = handled
(25) } # authenticate = handled
(25) Using Post-Auth-Type Challenge
(25) Post-Auth-Type sub-section not found. Ignoring.
(25) # Executing group from file /etc/raddb/sites-enabled/default
(25) Sent Access-Challenge Id 6 from 10.41.110.86:1812 to 10.41.17.64:1086
length 0
(25) EAP-Message =
0x0107004b190017030100400bebb44427586f4cbdcaad23463df25a067c4d45afc5e95fc61702ed797b15c868c9c4e14426bc4990166d0694dc72a2ba6e331ddf04fc1789e72561fe224c6d
(25) Message-Authenticator = 0x00000000000000000000000000000000
(25) State = 0x82e4cb1b84e3d244ae1bb12a174a7e27
(25) Finished request
Waking up in 0.9 seconds.
(26) Received Access-Request Id 7 from 10.41.17.64:1086 to 10.41.110.86:1812
length 319
(26) Message-Authenticator = 0x4840c791be0e158ada74c3f7a5b1becf
(26) Service-Type = Framed-User
(26) User-Name = "userTest"
(26) Framed-MTU = 1488
(26) State = 0x82e4cb1b84e3d244ae1bb12a174a7e27
(26) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(26) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(26) NAS-Identifier = "3Com Access Point 7760"
(26) NAS-Port-Type = Wireless-802.11
(26) Connect-Info = "CONNECT 54Mbps 802.11g"
(26) EAP-Message =
0x0207006b190017030100601e8bbbaa319f1ffc13c3fe11332e7601429bf2a151d6c4d99d3f91e0a79b3b59bc57498e3bf95cdcf978ffd69c15bc6ad68251cc197b0acbc713895da4ea84bb9abc0de37ab3c81c6819b636dae5e12fca59c5704d52cae6fd568351fe2c06d8
(26) NAS-IP-Address = 10.41.17.64
(26) NAS-Port = 1
(26) NAS-Port-Id = "STA port # 1"
(26) session-state: No cached attributes
(26) # Executing section authorize from file
/etc/raddb/sites-enabled/default
(26) authorize {
(26) [preprocess] = ok
(26) eap: Peer sent EAP Response (code 2) ID 7 length 107
(26) eap: Continuing tunnel setup
(26) [eap] = ok
(26) } # authorize = ok
(26) Found Auth-Type = eap
(26) # Executing group from file /etc/raddb/sites-enabled/default
(26) authenticate {
(26) eap: Expiring EAP session with state 0xfaf55ea1f2e347c8
(26) eap: Finished EAP session with state 0x82e4cb1b84e3d244
(26) eap: Previous EAP request found for state 0x82e4cb1b84e3d244, released
from the list
(26) eap: Peer sent packet with method EAP PEAP (25)
(26) eap: Calling submodule eap_peap to process data
(26) eap_peap: Continuing EAP-TLS
(26) eap_peap: [eaptls verify] = ok
(26) eap_peap: Done initial handshake
(26) eap_peap: [eaptls process] = ok
(26) eap_peap: Session established. Decoding tunneled attributes
(26) eap_peap: PEAP state phase2
(26) eap_peap: EAP method MSCHAPv2 (26)
(26) eap_peap: Got tunneled request
(26) eap_peap: EAP-Message =
0x020700461a02070041312878ab53f5a3bfc536df80a0cba47d180000000000000000613251667b283074a5abb46f3f3469403d8ba8a992319ef4003031383239353036333832
(26) eap_peap: Setting User-Name to userTest
(26) eap_peap: Sending tunneled request to inner-tunnel
(26) eap_peap: EAP-Message =
0x020700461a02070041312878ab53f5a3bfc536df80a0cba47d180000000000000000613251667b283074a5abb46f3f3469403d8ba8a992319ef4003031383239353036333832
(26) eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
(26) eap_peap: User-Name = "userTest"
(26) eap_peap: State = 0xed05353eed022fbe5b1d8e8a916c26a0
(26) eap_peap: Service-Type = Framed-User
(26) eap_peap: Framed-MTU = 1488
(26) eap_peap: Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(26) eap_peap: Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(26) eap_peap: NAS-Identifier = "3Com Access Point 7760"
(26) eap_peap: NAS-Port-Type = Wireless-802.11
(26) eap_peap: Connect-Info = "CONNECT 54Mbps 802.11g"
(26) eap_peap: NAS-IP-Address = 10.41.17.64
(26) eap_peap: NAS-Port = 1
(26) eap_peap: NAS-Port-Id = "STA port # 1"
(26) eap_peap: Event-Timestamp = "Mar 22 2017 14:51:08 -03"
(26) Virtual server inner-tunnel received request
(26) EAP-Message =
0x020700461a02070041312878ab53f5a3bfc536df80a0cba47d180000000000000000613251667b283074a5abb46f3f3469403d8ba8a992319ef4003031383239353036333832
(26) FreeRADIUS-Proxied-To = 127.0.0.1
(26) User-Name = "userTest"
(26) State = 0xed05353eed022fbe5b1d8e8a916c26a0
(26) Service-Type = Framed-User
(26) Framed-MTU = 1488
(26) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(26) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(26) NAS-Identifier = "3Com Access Point 7760"
(26) NAS-Port-Type = Wireless-802.11
(26) Connect-Info = "CONNECT 54Mbps 802.11g"
(26) NAS-IP-Address = 10.41.17.64
(26) NAS-Port = 1
(26) NAS-Port-Id = "STA port # 1"
(26) Event-Timestamp = "Mar 22 2017 14:51:08 -03"
(26) WARNING: Outer and inner identities are the same. User privacy is
compromised.
(26) server inner-tunnel {
(26) session-state: No cached attributes
(26) # Executing section authorize from file
/etc/raddb/sites-enabled/inner-tunnel
(26) authorize {
(26) eap: Peer sent EAP Response (code 2) ID 7 length 70
(26) eap: No EAP Start, assuming it's an on-going EAP conversation
(26) [eap] = updated
rlm_ldap (ldap): Reserved connection (4)
(26) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
(26) ldap: --> (uid=userTest)
(26) ldap: Performing search in "ou=people,dc=test,dc=br" with filter
"(uid=userTest)", scope "sub"
(26) ldap: Waiting for search result...
(26) ldap: User object found at DN "uid=userTest,ou=people,dc=test,dc=br"
(26) ldap: Processing user attributes
(26) ldap: control:NT-Password :=
0x3145333941394139324632423038413045363942344435414441374535333332
rlm_ldap (ldap): Released connection (4)
Need 1 more connections to reach 10 spares
rlm_ldap (ldap): Opening additional connection (9), 1 of 23 pending slots
used
rlm_ldap (ldap): Connecting to ldap://10.0.0.2:389
rlm_ldap (ldap): Waiting for bind result...
rlm_ldap (ldap): Bind successful
(26) [ldap] = updated
(26) [expiration] = noop
(26) [logintime] = noop
(26) pap: Normalizing NT-Password from hex encoding, 32 bytes -> 16 bytes
(26) pap: WARNING: Auth-Type already set. Not setting to PAP
(26) [pap] = noop
(26) } # authorize = updated
(26) Found Auth-Type = eap
(26) # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(26) authenticate {
(26) eap: Expiring EAP session with state 0xfaf55ea1f2e347c8
(26) eap: Finished EAP session with state 0xed05353eed022fbe
(26) eap: Previous EAP request found for state 0xed05353eed022fbe, released
from the list
(26) eap: Peer sent packet with method EAP MSCHAPv2 (26)
(26) eap: Calling submodule eap_mschapv2 to process data
(26) eap_mschapv2: # Executing group from file
/etc/raddb/sites-enabled/inner-tunnel
(26) eap_mschapv2: authenticate {
(26) mschap: Found NT-Password
(26) mschap: Creating challenge hash with username: userTest
(26) mschap: Client is using MS-CHAPv2
(26) mschap: Adding MS-CHAPv2 MPPE keys
(26) [mschap] = ok
(26) } # authenticate = ok
(26) MSCHAP Success
(26) eap: Sending EAP Request (code 1) ID 8 length 51
(26) eap: EAP session adding &reply:State = 0xed05353eec0d2fbe
(26) [eap] = handled
(26) } # authenticate = handled
(26) } # server inner-tunnel
(26) Virtual server sending reply
(26) EAP-Message =
0x010800331a0307002e533d38314538303844334446353432374642333142393841314444463533333238304435363930443534
(26) Message-Authenticator = 0x00000000000000000000000000000000
(26) State = 0xed05353eec0d2fbe5b1d8e8a916c26a0
(26) eap_peap: Got tunneled reply code 11
(26) eap_peap: EAP-Message =
0x010800331a0307002e533d38314538303844334446353432374642333142393841314444463533333238304435363930443534
(26) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
(26) eap_peap: State = 0xed05353eec0d2fbe5b1d8e8a916c26a0
(26) eap_peap: Got tunneled reply RADIUS code 11
(26) eap_peap: EAP-Message =
0x010800331a0307002e533d38314538303844334446353432374642333142393841314444463533333238304435363930443534
(26) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
(26) eap_peap: State = 0xed05353eec0d2fbe5b1d8e8a916c26a0
(26) eap_peap: Got tunneled Access-Challenge
(26) eap: Sending EAP Request (code 1) ID 8 length 91
(26) eap: EAP session adding &reply:State = 0x82e4cb1b85ecd244
(26) [eap] = handled
(26) } # authenticate = handled
(26) Using Post-Auth-Type Challenge
(26) Post-Auth-Type sub-section not found. Ignoring.
(26) # Executing group from file /etc/raddb/sites-enabled/default
(26) Sent Access-Challenge Id 7 from 10.41.110.86:1812 to 10.41.17.64:1086
length 0
(26) EAP-Message =
0x0108005b19001703010050bf2b1c25d323d4882835f598fcfe8da6173e706e4c1d66b36965789bb836b404e89b5b21fa01ea32c48497cc0de0c17c7d2e5197be5bb9e75fec85fc9d6dce20211bc026bc74a7724da41853c158244e
(26) Message-Authenticator = 0x00000000000000000000000000000000
(26) State = 0x82e4cb1b85ecd244ae1bb12a174a7e27
(26) Finished request
(17) Cleaning up request packet ID 20 with timestamp +10
Waking up in 1.8 seconds.
(27) Received Access-Request Id 8 from 10.41.17.64:1086 to 10.41.110.86:1812
length 255
(27) Message-Authenticator = 0xfa367a6fa8cf063157e227ebc3a6dc7c
(27) Service-Type = Framed-User
(27) User-Name = "userTest"
(27) Framed-MTU = 1488
(27) State = 0x82e4cb1b85ecd244ae1bb12a174a7e27
(27) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(27) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(27) NAS-Identifier = "3Com Access Point 7760"
(27) NAS-Port-Type = Wireless-802.11
(27) Connect-Info = "CONNECT 54Mbps 802.11g"
(27) EAP-Message =
0x0208002b19001703010020051c0ad98ab4c77d2d4580c0e7e07c4055a8762345473a564dab19aafc402cb1
(27) NAS-IP-Address = 10.41.17.64
(27) NAS-Port = 1
(27) NAS-Port-Id = "STA port # 1"
(27) session-state: No cached attributes
(27) # Executing section authorize from file
/etc/raddb/sites-enabled/default
(27) authorize {
(27) [preprocess] = ok
(27) eap: Peer sent EAP Response (code 2) ID 8 length 43
(27) eap: Continuing tunnel setup
(27) [eap] = ok
(27) } # authorize = ok
(27) Found Auth-Type = eap
(27) # Executing group from file /etc/raddb/sites-enabled/default
(27) authenticate {
(27) eap: Expiring EAP session with state 0xfaf55ea1f2e347c8
(27) eap: Finished EAP session with state 0x82e4cb1b85ecd244
(27) eap: Previous EAP request found for state 0x82e4cb1b85ecd244, released
from the list
(27) eap: Peer sent packet with method EAP PEAP (25)
(27) eap: Calling submodule eap_peap to process data
(27) eap_peap: Continuing EAP-TLS
(27) eap_peap: [eaptls verify] = ok
(27) eap_peap: Done initial handshake
(27) eap_peap: [eaptls process] = ok
(27) eap_peap: Session established. Decoding tunneled attributes
(27) eap_peap: PEAP state phase2
(27) eap_peap: EAP method MSCHAPv2 (26)
(27) eap_peap: Got tunneled request
(27) eap_peap: EAP-Message = 0x020800061a03
(27) eap_peap: Setting User-Name to userTest
(27) eap_peap: Sending tunneled request to inner-tunnel
(27) eap_peap: EAP-Message = 0x020800061a03
(27) eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
(27) eap_peap: User-Name = "userTest"
(27) eap_peap: State = 0xed05353eec0d2fbe5b1d8e8a916c26a0
(27) eap_peap: Service-Type = Framed-User
(27) eap_peap: Framed-MTU = 1488
(27) eap_peap: Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(27) eap_peap: Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(27) eap_peap: NAS-Identifier = "3Com Access Point 7760"
(27) eap_peap: NAS-Port-Type = Wireless-802.11
(27) eap_peap: Connect-Info = "CONNECT 54Mbps 802.11g"
(27) eap_peap: NAS-IP-Address = 10.41.17.64
(27) eap_peap: NAS-Port = 1
(27) eap_peap: NAS-Port-Id = "STA port # 1"
(27) eap_peap: Event-Timestamp = "Mar 22 2017 14:51:12 -03"
(27) Virtual server inner-tunnel received request
(27) EAP-Message = 0x020800061a03
(27) FreeRADIUS-Proxied-To = 127.0.0.1
(27) User-Name = "userTest"
(27) State = 0xed05353eec0d2fbe5b1d8e8a916c26a0
(27) Service-Type = Framed-User
(27) Framed-MTU = 1488
(27) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(27) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(27) NAS-Identifier = "3Com Access Point 7760"
(27) NAS-Port-Type = Wireless-802.11
(27) Connect-Info = "CONNECT 54Mbps 802.11g"
(27) NAS-IP-Address = 10.41.17.64
(27) NAS-Port = 1
(27) NAS-Port-Id = "STA port # 1"
(27) Event-Timestamp = "Mar 22 2017 14:51:12 -03"
(27) WARNING: Outer and inner identities are the same. User privacy is
compromised.
(27) server inner-tunnel {
(27) session-state: No cached attributes
(27) # Executing section authorize from file
/etc/raddb/sites-enabled/inner-tunnel
(27) authorize {
(27) eap: Peer sent EAP Response (code 2) ID 8 length 6
(27) eap: No EAP Start, assuming it's an on-going EAP conversation
(27) [eap] = updated
rlm_ldap (ldap): Reserved connection (0)
(27) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
(27) ldap: --> (uid=userTest)
(27) ldap: Performing search in "ou=people,dc=test,dc=br" with filter
"(uid=userTest)", scope "sub"
(27) ldap: Waiting for search result...
(27) ldap: User object found at DN "uid=userTest,ou=people,dc=test,dc=br"
(27) ldap: Processing user attributes
(27) ldap: control:NT-Password :=
0x3145333941394139324632423038413045363942344435414441374535333332
rlm_ldap (ldap): Released connection (0)
(27) [ldap] = updated
(27) [expiration] = noop
(27) [logintime] = noop
(27) pap: Normalizing NT-Password from hex encoding, 32 bytes -> 16 bytes
(27) pap: WARNING: Auth-Type already set. Not setting to PAP
(27) [pap] = noop
(27) } # authorize = updated
(27) Found Auth-Type = eap
(27) # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(27) authenticate {
(27) eap: Expiring EAP session with state 0xfaf55ea1f2e347c8
(27) eap: Finished EAP session with state 0xed05353eec0d2fbe
(27) eap: Previous EAP request found for state 0xed05353eec0d2fbe, released
from the list
(27) eap: Peer sent packet with method EAP MSCHAPv2 (26)
(27) eap: Calling submodule eap_mschapv2 to process data
(27) eap: Sending EAP Success (code 3) ID 8 length 4
(27) eap: Freeing handler
(27) [eap] = ok
(27) } # authenticate = ok
(27) # Executing section post-auth from file
/etc/raddb/sites-enabled/inner-tunnel
(27) post-auth { ... } # empty sub-section is ignored
(27) } # server inner-tunnel
(27) Virtual server sending reply
(27) MS-MPPE-Encryption-Policy = Encryption-Allowed
(27) MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
(27) MS-MPPE-Send-Key = 0x9753abfe82235c4216a0c1a4a959646f
(27) MS-MPPE-Recv-Key = 0x757fbfa227358f8e820817a60ccf472c
(27) EAP-Message = 0x03080004
(27) Message-Authenticator = 0x00000000000000000000000000000000
(27) User-Name = "userTest"
(27) eap_peap: Got tunneled reply code 2
(27) eap_peap: MS-MPPE-Encryption-Policy = Encryption-Allowed
(27) eap_peap: MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
(27) eap_peap: MS-MPPE-Send-Key = 0x9753abfe82235c4216a0c1a4a959646f
(27) eap_peap: MS-MPPE-Recv-Key = 0x757fbfa227358f8e820817a60ccf472c
(27) eap_peap: EAP-Message = 0x03080004
(27) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
(27) eap_peap: User-Name = "userTest"
(27) eap_peap: Got tunneled reply RADIUS code 2
(27) eap_peap: MS-MPPE-Encryption-Policy = Encryption-Allowed
(27) eap_peap: MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
(27) eap_peap: MS-MPPE-Send-Key = 0x9753abfe82235c4216a0c1a4a959646f
(27) eap_peap: MS-MPPE-Recv-Key = 0x757fbfa227358f8e820817a60ccf472c
(27) eap_peap: EAP-Message = 0x03080004
(27) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
(27) eap_peap: User-Name = "userTest"
(27) eap_peap: Tunneled authentication was successful
(27) eap_peap: SUCCESS
(27) eap_peap: Saving tunneled attributes for later
(27) eap: Sending EAP Request (code 1) ID 9 length 43
(27) eap: EAP session adding &reply:State = 0x82e4cb1b8aedd244
(27) [eap] = handled
(27) } # authenticate = handled
(27) Using Post-Auth-Type Challenge
(27) Post-Auth-Type sub-section not found. Ignoring.
(27) # Executing group from file /etc/raddb/sites-enabled/default
(27) Sent Access-Challenge Id 8 from 10.41.110.86:1812 to 10.41.17.64:1086
length 0
(27) EAP-Message =
0x0109002b190017030100207a38b4c9aef9e5676a7616149de4a7c75be717b173d6106d60fe592bedcf7088
(27) Message-Authenticator = 0x00000000000000000000000000000000
(27) State = 0x82e4cb1b8aedd244ae1bb12a174a7e27
(27) Finished request
(19) Cleaning up request packet ID 0 with timestamp +22
(20) Cleaning up request packet ID 1 with timestamp +22
(21) Cleaning up request packet ID 2 with timestamp +22
(22) Cleaning up request packet ID 3 with timestamp +22
(23) Cleaning up request packet ID 4 with timestamp +22
(24) Cleaning up request packet ID 5 with timestamp +22
(25) Cleaning up request packet ID 6 with timestamp +22
Waking up in 4.9 seconds.
(27) Cleaning up request packet ID 8 with timestamp +26
Waking up in 1.8 seconds.
(26) Cleaning up request packet ID 7 with timestamp +22
Ready to process requests
=================================
IPHONE CAN CONNECT TO THE WIFI NETWORK
OBS: I ran again "radiusd -X" to clear and understand where is the first
request, but Iphone can connect everytime when I rebooted it.
Listening on auth address * port 1812 bound to server default
Listening on acct address * port 1813 bound to server default
Listening on auth address :: port 1812 bound to server default
Listening on acct address :: port 1813 bound to server default
Listening on auth address 127.0.0.1 port 18120 bound to server inner-tunnel
Listening on proxy address * port 44713
Listening on proxy address :: port 42886
Ready to process requests
(0) Received Access-Request Id 0 from 10.41.17.64:1090 to 10.41.110.86:1812
length 210
(0) Message-Authenticator = 0xdcad4806f8bc8cf27df0bfcbcabb5c3f
(0) Service-Type = Framed-User
(0) User-Name = "userTest"
(0) Framed-MTU = 1488
(0) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(0) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(0) NAS-Identifier = "3Com Access Point 7760"
(0) NAS-Port-Type = Wireless-802.11
(0) Connect-Info = "CONNECT 54Mbps 802.11g"
(0) EAP-Message = 0x02000010013031383239353036333832
(0) NAS-IP-Address = 10.41.17.64
(0) NAS-Port = 1
(0) NAS-Port-Id = "STA port # 1"
(0) # Executing section authorize from file /etc/raddb/sites-enabled/default
(0) authorize {
(0) [preprocess] = ok
(0) eap: Peer sent EAP Response (code 2) ID 0 length 16
(0) eap: EAP-Identity reply, returning 'ok' so we can short-circuit the
rest of authorize
(0) [eap] = ok
(0) } # authorize = ok
(0) Found Auth-Type = eap
(0) # Executing group from file /etc/raddb/sites-enabled/default
(0) authenticate {
(0) eap: Peer sent packet with method EAP Identity (1)
(0) eap: Calling submodule eap_peap to process data
(0) eap_peap: Initiating new EAP-TLS session
(0) eap_peap: Flushing SSL sessions (of #0)
(0) eap_peap: [eaptls start] = request
(0) eap: Sending EAP Request (code 1) ID 1 length 6
(0) eap: EAP session adding &reply:State = 0x4f424a324f4353ce
(0) [eap] = handled
(0) } # authenticate = handled
(0) Using Post-Auth-Type Challenge
(0) Post-Auth-Type sub-section not found. Ignoring.
(0) # Executing group from file /etc/raddb/sites-enabled/default
(0) Sent Access-Challenge Id 0 from 10.41.110.86:1812 to 10.41.17.64:1090
length 0
(0) EAP-Message = 0x010100061920
(0) Message-Authenticator = 0x00000000000000000000000000000000
(0) State = 0x4f424a324f4353ce43a0ba7c4354ed56
(0) Finished request
Waking up in 4.9 seconds.
(1) Received Access-Request Id 1 from 10.41.17.64:1090 to 10.41.110.86:1812
length 339
(1) Message-Authenticator = 0xdea1c2b48107147dddcaaddb6be770f0
(1) Service-Type = Framed-User
(1) User-Name = "userTest"
(1) Framed-MTU = 1488
(1) State = 0x4f424a324f4353ce43a0ba7c4354ed56
(1) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(1) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(1) NAS-Identifier = "3Com Access Point 7760"
(1) NAS-Port-Type = Wireless-802.11
(1) Connect-Info = "CONNECT 54Mbps 802.11g"
(1) EAP-Message =
0x0201007f19800000007516030100700100006c030158d2baf622703ad19984e484f38f9c0ff088678cca0370b25a5e56693df17d4a00002000ffc024c023c00ac009c008c028c027c014c013c012003d003c0035002f000a01000023000a00080006001700180019000b00020100000500050100000000
(1) NAS-IP-Address = 10.41.17.64
(1) NAS-Port = 1
(1) NAS-Port-Id = "STA port # 1"
(1) session-state: No cached attributes
(1) # Executing section authorize from file /etc/raddb/sites-enabled/default
(1) authorize {
(1) [preprocess] = ok
(1) eap: Peer sent EAP Response (code 2) ID 1 length 127
(1) eap: Continuing tunnel setup
(1) [eap] = ok
(1) } # authorize = ok
(1) Found Auth-Type = eap
(1) # Executing group from file /etc/raddb/sites-enabled/default
(1) authenticate {
(1) eap: Expiring EAP session with state 0x4f424a324f4353ce
(1) eap: Finished EAP session with state 0x4f424a324f4353ce
(1) eap: Previous EAP request found for state 0x4f424a324f4353ce, released
from the list
(1) eap: Peer sent packet with method EAP PEAP (25)
(1) eap: Calling submodule eap_peap to process data
(1) eap_peap: Continuing EAP-TLS
(1) eap_peap: Peer indicated complete TLS record size will be 117 bytes
(1) eap_peap: Got complete TLS record (117 bytes)
(1) eap_peap: [eaptls verify] = length included
(1) eap_peap: (other): before SSL initialization
(1) eap_peap: TLS_accept: before SSL initialization
(1) eap_peap: TLS_accept: before SSL initialization
(1) eap_peap: <<< recv TLS 1.2 [length 0070]
(1) eap_peap: TLS_accept: SSLv3/TLS read client hello
(1) eap_peap: >>> send TLS 1.0 Handshake [length 005d], ServerHello
(1) eap_peap: TLS_accept: SSLv3/TLS write server hello
(1) eap_peap: >>> send TLS 1.0 Handshake [length 08d3], Certificate
(1) eap_peap: TLS_accept: SSLv3/TLS write certificate
(1) eap_peap: >>> send TLS 1.0 Handshake [length 014b], ServerKeyExchange
(1) eap_peap: TLS_accept: SSLv3/TLS write key exchange
(1) eap_peap: >>> send TLS 1.0 Handshake [length 0004], ServerHelloDone
(1) eap_peap: TLS_accept: SSLv3/TLS write server done
(1) eap_peap: TLS_accept: Need to read more data: SSLv3/TLS write server
done
(1) eap_peap: In SSL Handshake Phase
(1) eap_peap: In SSL Accept mode
(1) eap_peap: [eaptls process] = handled
(1) eap: Sending EAP Request (code 1) ID 2 length 1004
(1) eap: EAP session adding &reply:State = 0x4f424a324e4053ce
(1) [eap] = handled
(1) } # authenticate = handled
(1) Using Post-Auth-Type Challenge
(1) Post-Auth-Type sub-section not found. Ignoring.
(1) # Executing group from file /etc/raddb/sites-enabled/default
(1) Sent Access-Challenge Id 1 from 10.41.110.86:1812 to 10.41.17.64:1090
length 0
(1) EAP-Message =
0x010203ec19c000000a93160301005d020000590301a36dd518f829f99eb9d0363fe456ae7cb1723abe53d9b74ce635ba187578a6122069bc2cddecdc894b088e0f0e198964b4b15264826ce476af949a2aeabbc4a531c014000011ff01000100000b0004030001020017000016030108d30b0008cf0008
(1) Message-Authenticator = 0x00000000000000000000000000000000
(1) State = 0x4f424a324e4053ce43a0ba7c4354ed56
(1) Finished request
Waking up in 4.9 seconds.
(2) Received Access-Request Id 2 from 10.41.17.64:1090 to 10.41.110.86:1812
length 218
(2) Message-Authenticator = 0x708523ad3b241d8cb3cd6109c2210206
(2) Service-Type = Framed-User
(2) User-Name = "userTest"
(2) Framed-MTU = 1488
(2) State = 0x4f424a324e4053ce43a0ba7c4354ed56
(2) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(2) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(2) NAS-Identifier = "3Com Access Point 7760"
(2) NAS-Port-Type = Wireless-802.11
(2) Connect-Info = "CONNECT 54Mbps 802.11g"
(2) EAP-Message = 0x020200061900
(2) NAS-IP-Address = 10.41.17.64
(2) NAS-Port = 1
(2) NAS-Port-Id = "STA port # 1"
(2) session-state: No cached attributes
(2) # Executing section authorize from file /etc/raddb/sites-enabled/default
(2) authorize {
(2) [preprocess] = ok
(2) eap: Peer sent EAP Response (code 2) ID 2 length 6
(2) eap: Continuing tunnel setup
(2) [eap] = ok
(2) } # authorize = ok
(2) Found Auth-Type = eap
(2) # Executing group from file /etc/raddb/sites-enabled/default
(2) authenticate {
(2) eap: Expiring EAP session with state 0x4f424a324e4053ce
(2) eap: Finished EAP session with state 0x4f424a324e4053ce
(2) eap: Previous EAP request found for state 0x4f424a324e4053ce, released
from the list
(2) eap: Peer sent packet with method EAP PEAP (25)
(2) eap: Calling submodule eap_peap to process data
(2) eap_peap: Continuing EAP-TLS
(2) eap_peap: Peer ACKed our handshake fragment
(2) eap_peap: [eaptls verify] = request
(2) eap_peap: [eaptls process] = handled
(2) eap: Sending EAP Request (code 1) ID 3 length 1000
(2) eap: EAP session adding &reply:State = 0x4f424a324d4153ce
(2) [eap] = handled
(2) } # authenticate = handled
(2) Using Post-Auth-Type Challenge
(2) Post-Auth-Type sub-section not found. Ignoring.
(2) # Executing group from file /etc/raddb/sites-enabled/default
(2) Sent Access-Challenge Id 2 from 10.41.110.86:1812 to 10.41.17.64:1090
length 0
(2) EAP-Message =
0x010303e81940b2c16fe1b0d484179f9cdaaba928edbe85ea947176542ea9646d2f16b8803f26bf43aa9d60ff2c5d4d9ec84c4c511d64d81b360765cd88159cbe3831e7f63102d7e95becbf76520288a093eefd7080eb3f1c6936e347b508b9916d3e4e10615ad52b4601565fedd7e976bdf1ec0004e830
(2) Message-Authenticator = 0x00000000000000000000000000000000
(2) State = 0x4f424a324d4153ce43a0ba7c4354ed56
(2) Finished request
Waking up in 4.9 seconds.
(3) Received Access-Request Id 3 from 10.41.17.64:1090 to 10.41.110.86:1812
length 218
(3) Message-Authenticator = 0x694b1490f6e3cd21dfc9199ca65ad6bb
(3) Service-Type = Framed-User
(3) User-Name = "userTest"
(3) Framed-MTU = 1488
(3) State = 0x4f424a324d4153ce43a0ba7c4354ed56
(3) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(3) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(3) NAS-Identifier = "3Com Access Point 7760"
(3) NAS-Port-Type = Wireless-802.11
(3) Connect-Info = "CONNECT 54Mbps 802.11g"
(3) EAP-Message = 0x020300061900
(3) NAS-IP-Address = 10.41.17.64
(3) NAS-Port = 1
(3) NAS-Port-Id = "STA port # 1"
(3) session-state: No cached attributes
(3) # Executing section authorize from file /etc/raddb/sites-enabled/default
(3) authorize {
(3) [preprocess] = ok
(3) eap: Peer sent EAP Response (code 2) ID 3 length 6
(3) eap: Continuing tunnel setup
(3) [eap] = ok
(3) } # authorize = ok
(3) Found Auth-Type = eap
(3) # Executing group from file /etc/raddb/sites-enabled/default
(3) authenticate {
(3) eap: Expiring EAP session with state 0x4f424a324d4153ce
(3) eap: Finished EAP session with state 0x4f424a324d4153ce
(3) eap: Previous EAP request found for state 0x4f424a324d4153ce, released
from the list
(3) eap: Peer sent packet with method EAP PEAP (25)
(3) eap: Calling submodule eap_peap to process data
(3) eap_peap: Continuing EAP-TLS
(3) eap_peap: Peer ACKed our handshake fragment
(3) eap_peap: [eaptls verify] = request
(3) eap_peap: [eaptls process] = handled
(3) eap: Sending EAP Request (code 1) ID 4 length 725
(3) eap: EAP session adding &reply:State = 0x4f424a324c4653ce
(3) [eap] = handled
(3) } # authenticate = handled
(3) Using Post-Auth-Type Challenge
(3) Post-Auth-Type sub-section not found. Ignoring.
(3) # Executing group from file /etc/raddb/sites-enabled/default
(3) Sent Access-Challenge Id 3 from 10.41.110.86:1812 to 10.41.17.64:1090
length 0
(3) EAP-Message =
0x010402d519006361746520417574686f72697479820900f29e29fc64450db1300f0603551d130101ff040530030101ff30360603551d1f042f302d302ba029a0278625687474703a2f2f7777772e6578616d706c652e6f72672f6578616d706c655f63612e63726c300d06092a864886f70d01010b0500
(3) Message-Authenticator = 0x00000000000000000000000000000000
(3) State = 0x4f424a324c4653ce43a0ba7c4354ed56
(3) Finished request
Waking up in 4.8 seconds.
(4) Received Access-Request Id 4 from 10.41.17.64:1090 to 10.41.110.86:1812
length 356
(4) Message-Authenticator = 0x78b058e28b654994f016c8e6d6856262
(4) Service-Type = Framed-User
(4) User-Name = "userTest"
(4) Framed-MTU = 1488
(4) State = 0x4f424a324c4653ce43a0ba7c4354ed56
(4) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(4) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(4) NAS-Identifier = "3Com Access Point 7760"
(4) NAS-Port-Type = Wireless-802.11
(4) Connect-Info = "CONNECT 54Mbps 802.11g"
(4) EAP-Message =
0x020400901980000000861603010046100000424104343bd0b5232f0b5e71d7c23886a9010adf7356a99fd44cc2cd7f07bf38ff2cc3c22b73845842ed44f3b0a7537745ab07ff8a5adf41d4580e95f2c49e45d7fdf5140301000101160301003094eb3ac531aaff7dc61a1544092a6491d5bd260cea28aa
(4) NAS-IP-Address = 10.41.17.64
(4) NAS-Port = 1
(4) NAS-Port-Id = "STA port # 1"
(4) session-state: No cached attributes
(4) # Executing section authorize from file /etc/raddb/sites-enabled/default
(4) authorize {
(4) [preprocess] = ok
(4) eap: Peer sent EAP Response (code 2) ID 4 length 144
(4) eap: Continuing tunnel setup
(4) [eap] = ok
(4) } # authorize = ok
(4) Found Auth-Type = eap
(4) # Executing group from file /etc/raddb/sites-enabled/default
(4) authenticate {
(4) eap: Expiring EAP session with state 0x4f424a324c4653ce
(4) eap: Finished EAP session with state 0x4f424a324c4653ce
(4) eap: Previous EAP request found for state 0x4f424a324c4653ce, released
from the list
(4) eap: Peer sent packet with method EAP PEAP (25)
(4) eap: Calling submodule eap_peap to process data
(4) eap_peap: Continuing EAP-TLS
(4) eap_peap: Peer indicated complete TLS record size will be 134 bytes
(4) eap_peap: Got complete TLS record (134 bytes)
(4) eap_peap: [eaptls verify] = length included
(4) eap_peap: TLS_accept: SSLv3/TLS write server done
(4) eap_peap: <<< recv TLS 1.0 Handshake [length 0046], ClientKeyExchange
(4) eap_peap: TLS_accept: SSLv3/TLS read client key exchange
(4) eap_peap: TLS_accept: SSLv3/TLS read change cipher spec
(4) eap_peap: <<< recv TLS 1.0 Handshake [length 0010], Finished
(4) eap_peap: TLS_accept: SSLv3/TLS read finished
(4) eap_peap: >>> send TLS 1.0 ChangeCipherSpec [length 0001]
(4) eap_peap: TLS_accept: SSLv3/TLS write change cipher spec
(4) eap_peap: >>> send TLS 1.0 Handshake [length 0010], Finished
(4) eap_peap: TLS_accept: SSLv3/TLS write finished
(4) eap_peap: (other): SSL negotiation finished successfully
(4) eap_peap: SSL Connection Established
(4) eap_peap: [eaptls process] = handled
(4) eap: Sending EAP Request (code 1) ID 5 length 65
(4) eap: EAP session adding &reply:State = 0x4f424a324b4753ce
(4) [eap] = handled
(4) } # authenticate = handled
(4) Using Post-Auth-Type Challenge
(4) Post-Auth-Type sub-section not found. Ignoring.
(4) # Executing group from file /etc/raddb/sites-enabled/default
(4) Sent Access-Challenge Id 4 from 10.41.110.86:1812 to 10.41.17.64:1090
length 0
(4) EAP-Message =
0x01050041190014030100010116030100305ebd2608873fda32398dd285b4a181b94f12bc58d9f201e22d6dbdb53d406a52ca38c60ba0c717896b1a8901ef563f22
(4) Message-Authenticator = 0x00000000000000000000000000000000
(4) State = 0x4f424a324b4753ce43a0ba7c4354ed56
(4) Finished request
Waking up in 4.8 seconds.
(5) Received Access-Request Id 5 from 10.41.17.64:1090 to 10.41.110.86:1812
length 218
(5) Message-Authenticator = 0x5db7e290140e326df8eab08383d2e765
(5) Service-Type = Framed-User
(5) User-Name = "userTest"
(5) Framed-MTU = 1488
(5) State = 0x4f424a324b4753ce43a0ba7c4354ed56
(5) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(5) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(5) NAS-Identifier = "3Com Access Point 7760"
(5) NAS-Port-Type = Wireless-802.11
(5) Connect-Info = "CONNECT 54Mbps 802.11g"
(5) EAP-Message = 0x020500061900
(5) NAS-IP-Address = 10.41.17.64
(5) NAS-Port = 1
(5) NAS-Port-Id = "STA port # 1"
(5) session-state: No cached attributes
(5) # Executing section authorize from file /etc/raddb/sites-enabled/default
(5) authorize {
(5) [preprocess] = ok
(5) eap: Peer sent EAP Response (code 2) ID 5 length 6
(5) eap: Continuing tunnel setup
(5) [eap] = ok
(5) } # authorize = ok
(5) Found Auth-Type = eap
(5) # Executing group from file /etc/raddb/sites-enabled/default
(5) authenticate {
(5) eap: Expiring EAP session with state 0x4f424a324b4753ce
(5) eap: Finished EAP session with state 0x4f424a324b4753ce
(5) eap: Previous EAP request found for state 0x4f424a324b4753ce, released
from the list
(5) eap: Peer sent packet with method EAP PEAP (25)
(5) eap: Calling submodule eap_peap to process data
(5) eap_peap: Continuing EAP-TLS
(5) eap_peap: Peer ACKed our handshake fragment. handshake is finished
(5) eap_peap: [eaptls verify] = success
(5) eap_peap: [eaptls process] = success
(5) eap_peap: Session established. Decoding tunneled attributes
(5) eap_peap: PEAP state TUNNEL ESTABLISHED
(5) eap: Sending EAP Request (code 1) ID 6 length 43
(5) eap: EAP session adding &reply:State = 0x4f424a324a4453ce
(5) [eap] = handled
(5) } # authenticate = handled
(5) Using Post-Auth-Type Challenge
(5) Post-Auth-Type sub-section not found. Ignoring.
(5) # Executing group from file /etc/raddb/sites-enabled/default
(5) Sent Access-Challenge Id 5 from 10.41.110.86:1812 to 10.41.17.64:1090
length 0
(5) EAP-Message =
0x0106002b190017030100204fbeb67ecdd80f0d14c8533df8a2921cf85689339ba802443fbb7b4143c6e638
(5) Message-Authenticator = 0x00000000000000000000000000000000
(5) State = 0x4f424a324a4453ce43a0ba7c4354ed56
(5) Finished request
Waking up in 4.8 seconds.
(6) Received Access-Request Id 6 from 10.41.17.64:1090 to 10.41.110.86:1812
length 271
(6) Message-Authenticator = 0xe7b6266a72b2b6fc9b8f7c67f8405d94
(6) Service-Type = Framed-User
(6) User-Name = "userTest"
(6) Framed-MTU = 1488
(6) State = 0x4f424a324a4453ce43a0ba7c4354ed56
(6) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(6) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(6) NAS-Identifier = "3Com Access Point 7760"
(6) NAS-Port-Type = Wireless-802.11
(6) Connect-Info = "CONNECT 54Mbps 802.11g"
(6) EAP-Message =
0x0206003b19001703010030b1075bb4e12c13ae0e337bfca6841195aa45827fac9d354863e7706d5e066c1de365265b054e4374f86d3cd8ad7f0a14
(6) NAS-IP-Address = 10.41.17.64
(6) NAS-Port = 1
(6) NAS-Port-Id = "STA port # 1"
(6) session-state: No cached attributes
(6) # Executing section authorize from file /etc/raddb/sites-enabled/default
(6) authorize {
(6) [preprocess] = ok
(6) eap: Peer sent EAP Response (code 2) ID 6 length 59
(6) eap: Continuing tunnel setup
(6) [eap] = ok
(6) } # authorize = ok
(6) Found Auth-Type = eap
(6) # Executing group from file /etc/raddb/sites-enabled/default
(6) authenticate {
(6) eap: Expiring EAP session with state 0x4f424a324a4453ce
(6) eap: Finished EAP session with state 0x4f424a324a4453ce
(6) eap: Previous EAP request found for state 0x4f424a324a4453ce, released
from the list
(6) eap: Peer sent packet with method EAP PEAP (25)
(6) eap: Calling submodule eap_peap to process data
(6) eap_peap: Continuing EAP-TLS
(6) eap_peap: [eaptls verify] = ok
(6) eap_peap: Done initial handshake
(6) eap_peap: [eaptls process] = ok
(6) eap_peap: Session established. Decoding tunneled attributes
(6) eap_peap: PEAP state WAITING FOR INNER IDENTITY
(6) eap_peap: Identity - userTest
(6) eap_peap: Got inner identity 'userTest'
(6) eap_peap: Setting default EAP type for tunneled EAP session
(6) eap_peap: Got tunneled request
(6) eap_peap: EAP-Message = 0x02060010013031383239353036333832
(6) eap_peap: Setting User-Name to userTest
(6) eap_peap: Sending tunneled request to inner-tunnel
(6) eap_peap: EAP-Message = 0x02060010013031383239353036333832
(6) eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
(6) eap_peap: User-Name = "userTest"
(6) eap_peap: Service-Type = Framed-User
(6) eap_peap: Framed-MTU = 1488
(6) eap_peap: Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(6) eap_peap: Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(6) eap_peap: NAS-Identifier = "3Com Access Point 7760"
(6) eap_peap: NAS-Port-Type = Wireless-802.11
(6) eap_peap: Connect-Info = "CONNECT 54Mbps 802.11g"
(6) eap_peap: NAS-IP-Address = 10.41.17.64
(6) eap_peap: NAS-Port = 1
(6) eap_peap: NAS-Port-Id = "STA port # 1"
(6) eap_peap: Event-Timestamp = "Mar 22 2017 14:57:02 -03"
(6) Virtual server inner-tunnel received request
(6) EAP-Message = 0x02060010013031383239353036333832
(6) FreeRADIUS-Proxied-To = 127.0.0.1
(6) User-Name = "userTest"
(6) Service-Type = Framed-User
(6) Framed-MTU = 1488
(6) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(6) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(6) NAS-Identifier = "3Com Access Point 7760"
(6) NAS-Port-Type = Wireless-802.11
(6) Connect-Info = "CONNECT 54Mbps 802.11g"
(6) NAS-IP-Address = 10.41.17.64
(6) NAS-Port = 1
(6) NAS-Port-Id = "STA port # 1"
(6) Event-Timestamp = "Mar 22 2017 14:57:02 -03"
(6) WARNING: Outer and inner identities are the same. User privacy is
compromised.
(6) server inner-tunnel {
(6) # Executing section authorize from file
/etc/raddb/sites-enabled/inner-tunnel
(6) authorize {
(6) eap: Peer sent EAP Response (code 2) ID 6 length 16
(6) eap: EAP-Identity reply, returning 'ok' so we can short-circuit the
rest of authorize
(6) [eap] = ok
(6) } # authorize = ok
(6) Found Auth-Type = eap
(6) # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(6) authenticate {
(6) eap: Peer sent packet with method EAP Identity (1)
(6) eap: Calling submodule eap_mschapv2 to process data
(6) eap_mschapv2: Issuing Challenge
(6) eap: Sending EAP Request (code 1) ID 7 length 43
(6) eap: EAP session adding &reply:State = 0xf3cd2f37f3ca35ba
(6) [eap] = handled
(6) } # authenticate = handled
(6) } # server inner-tunnel
(6) Virtual server sending reply
(6) EAP-Message =
0x0107002b1a010700261067d8cf1d5c0b22de6dca819f0ed63a21667265657261646975732d332e302e3134
(6) Message-Authenticator = 0x00000000000000000000000000000000
(6) State = 0xf3cd2f37f3ca35bae612626d1b2654f3
(6) eap_peap: Got tunneled reply code 11
(6) eap_peap: EAP-Message =
0x0107002b1a010700261067d8cf1d5c0b22de6dca819f0ed63a21667265657261646975732d332e302e3134
(6) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
(6) eap_peap: State = 0xf3cd2f37f3ca35bae612626d1b2654f3
(6) eap_peap: Got tunneled reply RADIUS code 11
(6) eap_peap: EAP-Message =
0x0107002b1a010700261067d8cf1d5c0b22de6dca819f0ed63a21667265657261646975732d332e302e3134
(6) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
(6) eap_peap: State = 0xf3cd2f37f3ca35bae612626d1b2654f3
(6) eap_peap: Got tunneled Access-Challenge
(6) eap: Sending EAP Request (code 1) ID 7 length 75
(6) eap: EAP session adding &reply:State = 0x4f424a32494553ce
(6) [eap] = handled
(6) } # authenticate = handled
(6) Using Post-Auth-Type Challenge
(6) Post-Auth-Type sub-section not found. Ignoring.
(6) # Executing group from file /etc/raddb/sites-enabled/default
(6) Sent Access-Challenge Id 6 from 10.41.110.86:1812 to 10.41.17.64:1090
length 0
(6) EAP-Message =
0x0107004b190017030100407ee01304c4502480e19242c7f750d012d233a5ea2d1d549713c489b9d008af01dc3ade2bce7451513c3505e6521aa348070036f24b83077b93713aeba346e895
(6) Message-Authenticator = 0x00000000000000000000000000000000
(6) State = 0x4f424a32494553ce43a0ba7c4354ed56
(6) Finished request
Waking up in 4.7 seconds.
(7) Received Access-Request Id 7 from 10.41.17.64:1090 to 10.41.110.86:1812
length 319
(7) Message-Authenticator = 0x580b6f53691af232921c599c20c2aa51
(7) Service-Type = Framed-User
(7) User-Name = "userTest"
(7) Framed-MTU = 1488
(7) State = 0x4f424a32494553ce43a0ba7c4354ed56
(7) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(7) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(7) NAS-Identifier = "3Com Access Point 7760"
(7) NAS-Port-Type = Wireless-802.11
(7) Connect-Info = "CONNECT 54Mbps 802.11g"
(7) EAP-Message =
0x0207006b19001703010060c669e7ab79aa07c8499bfa9213bcaebc2d5d1e6e3430c227434a92ef9373471f606a32894c516daacea3cce9b586f7ce7c9d84961e2b80c3de6fa40766f4504a26b64e8fcf20c0a2f2e8dc4711e7e678c6d8a9a86ff7df602dc8286f128b7d2a
(7) NAS-IP-Address = 10.41.17.64
(7) NAS-Port = 1
(7) NAS-Port-Id = "STA port # 1"
(7) session-state: No cached attributes
(7) # Executing section authorize from file /etc/raddb/sites-enabled/default
(7) authorize {
(7) [preprocess] = ok
(7) eap: Peer sent EAP Response (code 2) ID 7 length 107
(7) eap: Continuing tunnel setup
(7) [eap] = ok
(7) } # authorize = ok
(7) Found Auth-Type = eap
(7) # Executing group from file /etc/raddb/sites-enabled/default
(7) authenticate {
(7) eap: Expiring EAP session with state 0xf3cd2f37f3ca35ba
(7) eap: Finished EAP session with state 0x4f424a32494553ce
(7) eap: Previous EAP request found for state 0x4f424a32494553ce, released
from the list
(7) eap: Peer sent packet with method EAP PEAP (25)
(7) eap: Calling submodule eap_peap to process data
(7) eap_peap: Continuing EAP-TLS
(7) eap_peap: [eaptls verify] = ok
(7) eap_peap: Done initial handshake
(7) eap_peap: [eaptls process] = ok
(7) eap_peap: Session established. Decoding tunneled attributes
(7) eap_peap: PEAP state phase2
(7) eap_peap: EAP method MSCHAPv2 (26)
(7) eap_peap: Got tunneled request
(7) eap_peap: EAP-Message =
0x020700461a0207004131e4c34eceb5730484764dfd45bce48ff100000000000000009faa4c5cb899c5231ce4957cf16fc309db17b07a773a6342003031383239353036333832
(7) eap_peap: Setting User-Name to userTest
(7) eap_peap: Sending tunneled request to inner-tunnel
(7) eap_peap: EAP-Message =
0x020700461a0207004131e4c34eceb5730484764dfd45bce48ff100000000000000009faa4c5cb899c5231ce4957cf16fc309db17b07a773a6342003031383239353036333832
(7) eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
(7) eap_peap: User-Name = "userTest"
(7) eap_peap: State = 0xf3cd2f37f3ca35bae612626d1b2654f3
(7) eap_peap: Service-Type = Framed-User
(7) eap_peap: Framed-MTU = 1488
(7) eap_peap: Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(7) eap_peap: Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(7) eap_peap: NAS-Identifier = "3Com Access Point 7760"
(7) eap_peap: NAS-Port-Type = Wireless-802.11
(7) eap_peap: Connect-Info = "CONNECT 54Mbps 802.11g"
(7) eap_peap: NAS-IP-Address = 10.41.17.64
(7) eap_peap: NAS-Port = 1
(7) eap_peap: NAS-Port-Id = "STA port # 1"
(7) eap_peap: Event-Timestamp = "Mar 22 2017 14:57:02 -03"
(7) Virtual server inner-tunnel received request
(7) EAP-Message =
0x020700461a0207004131e4c34eceb5730484764dfd45bce48ff100000000000000009faa4c5cb899c5231ce4957cf16fc309db17b07a773a6342003031383239353036333832
(7) FreeRADIUS-Proxied-To = 127.0.0.1
(7) User-Name = "userTest"
(7) State = 0xf3cd2f37f3ca35bae612626d1b2654f3
(7) Service-Type = Framed-User
(7) Framed-MTU = 1488
(7) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(7) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(7) NAS-Identifier = "3Com Access Point 7760"
(7) NAS-Port-Type = Wireless-802.11
(7) Connect-Info = "CONNECT 54Mbps 802.11g"
(7) NAS-IP-Address = 10.41.17.64
(7) NAS-Port = 1
(7) NAS-Port-Id = "STA port # 1"
(7) Event-Timestamp = "Mar 22 2017 14:57:02 -03"
(7) WARNING: Outer and inner identities are the same. User privacy is
compromised.
(7) server inner-tunnel {
(7) session-state: No cached attributes
(7) # Executing section authorize from file
/etc/raddb/sites-enabled/inner-tunnel
(7) authorize {
(7) eap: Peer sent EAP Response (code 2) ID 7 length 70
(7) eap: No EAP Start, assuming it's an on-going EAP conversation
(7) [eap] = updated
rlm_ldap (ldap): Reserved connection (0)
(7) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
(7) ldap: --> (uid=userTest)
(7) ldap: Performing search in "ou=people,dc=test,dc=br" with filter
"(uid=userTest)", scope "sub"
(7) ldap: Waiting for search result...
(7) ldap: User object found at DN "uid=userTest,ou=people,dc=test,dc=br"
(7) ldap: Processing user attributes
(7) ldap: control:NT-Password :=
0x3145333941394139324632423038413045363942344435414441374535333332
rlm_ldap (ldap): Released connection (0)
Need 5 more connections to reach 10 spares
rlm_ldap (ldap): Opening additional connection (5), 1 of 27 pending slots
used
rlm_ldap (ldap): Connecting to ldap://10.0.0.2:389
rlm_ldap (ldap): Waiting for bind result...
rlm_ldap (ldap): Bind successful
(7) [ldap] = updated
(7) [expiration] = noop
(7) [logintime] = noop
(7) pap: Normalizing NT-Password from hex encoding, 32 bytes -> 16 bytes
(7) pap: WARNING: Auth-Type already set. Not setting to PAP
(7) [pap] = noop
(7) } # authorize = updated
(7) Found Auth-Type = eap
(7) # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(7) authenticate {
(7) eap: Expiring EAP session with state 0xf3cd2f37f3ca35ba
(7) eap: Finished EAP session with state 0xf3cd2f37f3ca35ba
(7) eap: Previous EAP request found for state 0xf3cd2f37f3ca35ba, released
from the list
(7) eap: Peer sent packet with method EAP MSCHAPv2 (26)
(7) eap: Calling submodule eap_mschapv2 to process data
(7) eap_mschapv2: # Executing group from file
/etc/raddb/sites-enabled/inner-tunnel
(7) eap_mschapv2: authenticate {
(7) mschap: Found NT-Password
(7) mschap: Creating challenge hash with username: userTest
(7) mschap: Client is using MS-CHAPv2
(7) mschap: Adding MS-CHAPv2 MPPE keys
(7) [mschap] = ok
(7) } # authenticate = ok
(7) MSCHAP Success
(7) eap: Sending EAP Request (code 1) ID 8 length 51
(7) eap: EAP session adding &reply:State = 0xf3cd2f37f2c535ba
(7) [eap] = handled
(7) } # authenticate = handled
(7) } # server inner-tunnel
(7) Virtual server sending reply
(7) EAP-Message =
0x010800331a0307002e533d36353643383034344335374539324431353934314344333337323737433135443633453939343543
(7) Message-Authenticator = 0x00000000000000000000000000000000
(7) State = 0xf3cd2f37f2c535bae612626d1b2654f3
(7) eap_peap: Got tunneled reply code 11
(7) eap_peap: EAP-Message =
0x010800331a0307002e533d36353643383034344335374539324431353934314344333337323737433135443633453939343543
(7) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
(7) eap_peap: State = 0xf3cd2f37f2c535bae612626d1b2654f3
(7) eap_peap: Got tunneled reply RADIUS code 11
(7) eap_peap: EAP-Message =
0x010800331a0307002e533d36353643383034344335374539324431353934314344333337323737433135443633453939343543
(7) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
(7) eap_peap: State = 0xf3cd2f37f2c535bae612626d1b2654f3
(7) eap_peap: Got tunneled Access-Challenge
(7) eap: Sending EAP Request (code 1) ID 8 length 91
(7) eap: EAP session adding &reply:State = 0x4f424a32484a53ce
(7) [eap] = handled
(7) } # authenticate = handled
(7) Using Post-Auth-Type Challenge
(7) Post-Auth-Type sub-section not found. Ignoring.
(7) # Executing group from file /etc/raddb/sites-enabled/default
(7) Sent Access-Challenge Id 7 from 10.41.110.86:1812 to 10.41.17.64:1090
length 0
(7) EAP-Message =
0x0108005b19001703010050ac2f44e2a3ed7acba66a1267f323eb6eae71a2bd254a14b8c51eea8b179c1a0ec40cc59af04ad38b953ba3e697ab8357949e573623914e6e5f3c1f165eddacca08316a41b4bfb822bd25c92ee3130e73
(7) Message-Authenticator = 0x00000000000000000000000000000000
(7) State = 0x4f424a32484a53ce43a0ba7c4354ed56
(7) Finished request
Waking up in 1.5 seconds.
Waking up in 1.5 seconds.
(8) Received Access-Request Id 8 from 10.41.17.64:1090 to 10.41.110.86:1812
length 255
(8) Message-Authenticator = 0x7dcc3d33a8e6f5ac1e603cc17197c534
(8) Service-Type = Framed-User
(8) User-Name = "userTest"
(8) Framed-MTU = 1488
(8) State = 0x4f424a32484a53ce43a0ba7c4354ed56
(8) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(8) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(8) NAS-Identifier = "3Com Access Point 7760"
(8) NAS-Port-Type = Wireless-802.11
(8) Connect-Info = "CONNECT 54Mbps 802.11g"
(8) EAP-Message =
0x0208002b19001703010020abc7b9d4379a98cc113dd952442471dc9a0a7631401d09e2600bae46ef769ad8
(8) NAS-IP-Address = 10.41.17.64
(8) NAS-Port = 1
(8) NAS-Port-Id = "STA port # 1"
(8) session-state: No cached attributes
(8) # Executing section authorize from file /etc/raddb/sites-enabled/default
(8) authorize {
(8) [preprocess] = ok
(8) eap: Peer sent EAP Response (code 2) ID 8 length 43
(8) eap: Continuing tunnel setup
(8) [eap] = ok
(8) } # authorize = ok
(8) Found Auth-Type = eap
(8) # Executing group from file /etc/raddb/sites-enabled/default
(8) authenticate {
(8) eap: Expiring EAP session with state 0xf3cd2f37f2c535ba
(8) eap: Finished EAP session with state 0x4f424a32484a53ce
(8) eap: Previous EAP request found for state 0x4f424a32484a53ce, released
from the list
(8) eap: Peer sent packet with method EAP PEAP (25)
(8) eap: Calling submodule eap_peap to process data
(8) eap_peap: Continuing EAP-TLS
(8) eap_peap: [eaptls verify] = ok
(8) eap_peap: Done initial handshake
(8) eap_peap: [eaptls process] = ok
(8) eap_peap: Session established. Decoding tunneled attributes
(8) eap_peap: PEAP state phase2
(8) eap_peap: EAP method MSCHAPv2 (26)
(8) eap_peap: Got tunneled request
(8) eap_peap: EAP-Message = 0x020800061a03
(8) eap_peap: Setting User-Name to userTest
(8) eap_peap: Sending tunneled request to inner-tunnel
(8) eap_peap: EAP-Message = 0x020800061a03
(8) eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
(8) eap_peap: User-Name = "userTest"
(8) eap_peap: State = 0xf3cd2f37f2c535bae612626d1b2654f3
(8) eap_peap: Service-Type = Framed-User
(8) eap_peap: Framed-MTU = 1488
(8) eap_peap: Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(8) eap_peap: Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(8) eap_peap: NAS-Identifier = "3Com Access Point 7760"
(8) eap_peap: NAS-Port-Type = Wireless-802.11
(8) eap_peap: Connect-Info = "CONNECT 54Mbps 802.11g"
(8) eap_peap: NAS-IP-Address = 10.41.17.64
(8) eap_peap: NAS-Port = 1
(8) eap_peap: NAS-Port-Id = "STA port # 1"
(8) eap_peap: Event-Timestamp = "Mar 22 2017 14:57:06 -03"
(8) Virtual server inner-tunnel received request
(8) EAP-Message = 0x020800061a03
(8) FreeRADIUS-Proxied-To = 127.0.0.1
(8) User-Name = "userTest"
(8) State = 0xf3cd2f37f2c535bae612626d1b2654f3
(8) Service-Type = Framed-User
(8) Framed-MTU = 1488
(8) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(8) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(8) NAS-Identifier = "3Com Access Point 7760"
(8) NAS-Port-Type = Wireless-802.11
(8) Connect-Info = "CONNECT 54Mbps 802.11g"
(8) NAS-IP-Address = 10.41.17.64
(8) NAS-Port = 1
(8) NAS-Port-Id = "STA port # 1"
(8) Event-Timestamp = "Mar 22 2017 14:57:06 -03"
(8) WARNING: Outer and inner identities are the same. User privacy is
compromised.
(8) server inner-tunnel {
(8) session-state: No cached attributes
(8) # Executing section authorize from file
/etc/raddb/sites-enabled/inner-tunnel
(8) authorize {
(8) eap: Peer sent EAP Response (code 2) ID 8 length 6
(8) eap: No EAP Start, assuming it's an on-going EAP conversation
(8) [eap] = updated
rlm_ldap (ldap): Reserved connection (1)
(8) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
(8) ldap: --> (uid=userTest)
(8) ldap: Performing search in "ou=people,dc=test,dc=br" with filter
"(uid=userTest)", scope "sub"
(8) ldap: Waiting for search result...
(8) ldap: User object found at DN "uid=userTest,ou=people,dc=test,dc=br"
(8) ldap: Processing user attributes
(8) ldap: control:NT-Password :=
0x3145333941394139324632423038413045363942344435414441374535333332
rlm_ldap (ldap): Released connection (1)
Need 4 more connections to reach 10 spares
rlm_ldap (ldap): Opening additional connection (6), 1 of 26 pending slots
used
rlm_ldap (ldap): Connecting to ldap://10.0.0.2:389
rlm_ldap (ldap): Waiting for bind result...
rlm_ldap (ldap): Bind successful
(8) [ldap] = updated
(8) [expiration] = noop
(8) [logintime] = noop
(8) pap: Normalizing NT-Password from hex encoding, 32 bytes -> 16 bytes
(8) pap: WARNING: Auth-Type already set. Not setting to PAP
(8) [pap] = noop
(8) } # authorize = updated
(8) Found Auth-Type = eap
(8) # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(8) authenticate {
(8) eap: Expiring EAP session with state 0xf3cd2f37f2c535ba
(8) eap: Finished EAP session with state 0xf3cd2f37f2c535ba
(8) eap: Previous EAP request found for state 0xf3cd2f37f2c535ba, released
from the list
(8) eap: Peer sent packet with method EAP MSCHAPv2 (26)
(8) eap: Calling submodule eap_mschapv2 to process data
(8) eap: Sending EAP Success (code 3) ID 8 length 4
(8) eap: Freeing handler
(8) [eap] = ok
(8) } # authenticate = ok
(8) # Executing section post-auth from file
/etc/raddb/sites-enabled/inner-tunnel
(8) post-auth { ... } # empty sub-section is ignored
(8) } # server inner-tunnel
(8) Virtual server sending reply
(8) MS-MPPE-Encryption-Policy = Encryption-Allowed
(8) MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
(8) MS-MPPE-Send-Key = 0x4aa9e16bdd36625e16a0d830524217af
(8) MS-MPPE-Recv-Key = 0x0a5d092cf0335597ba092c656391f8ce
(8) EAP-Message = 0x03080004
(8) Message-Authenticator = 0x00000000000000000000000000000000
(8) User-Name = "userTest"
(8) eap_peap: Got tunneled reply code 2
(8) eap_peap: MS-MPPE-Encryption-Policy = Encryption-Allowed
(8) eap_peap: MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
(8) eap_peap: MS-MPPE-Send-Key = 0x4aa9e16bdd36625e16a0d830524217af
(8) eap_peap: MS-MPPE-Recv-Key = 0x0a5d092cf0335597ba092c656391f8ce
(8) eap_peap: EAP-Message = 0x03080004
(8) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
(8) eap_peap: User-Name = "userTest"
(8) eap_peap: Got tunneled reply RADIUS code 2
(8) eap_peap: MS-MPPE-Encryption-Policy = Encryption-Allowed
(8) eap_peap: MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
(8) eap_peap: MS-MPPE-Send-Key = 0x4aa9e16bdd36625e16a0d830524217af
(8) eap_peap: MS-MPPE-Recv-Key = 0x0a5d092cf0335597ba092c656391f8ce
(8) eap_peap: EAP-Message = 0x03080004
(8) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
(8) eap_peap: User-Name = "userTest"
(8) eap_peap: Tunneled authentication was successful
(8) eap_peap: SUCCESS
(8) eap_peap: Saving tunneled attributes for later
(8) eap: Sending EAP Request (code 1) ID 9 length 43
(8) eap: EAP session adding &reply:State = 0x4f424a32474b53ce
(8) [eap] = handled
(8) } # authenticate = handled
(8) Using Post-Auth-Type Challenge
(8) Post-Auth-Type sub-section not found. Ignoring.
(8) # Executing group from file /etc/raddb/sites-enabled/default
(8) Sent Access-Challenge Id 8 from 10.41.110.86:1812 to 10.41.17.64:1090
length 0
(8) EAP-Message =
0x0109002b19001703010020eae9a042828d4a49005b266a1f74f0a2bf7014f3c8490968e2346a1102a797f0
(8) Message-Authenticator = 0x00000000000000000000000000000000
(8) State = 0x4f424a32474b53ce43a0ba7c4354ed56
(8) Finished request
(0) Cleaning up request packet ID 0 with timestamp +13
(1) Cleaning up request packet ID 1 with timestamp +13
(2) Cleaning up request packet ID 2 with timestamp +13
(3) Cleaning up request packet ID 3 with timestamp +13
(4) Cleaning up request packet ID 4 with timestamp +13
(5) Cleaning up request packet ID 5 with timestamp +13
(6) Cleaning up request packet ID 6 with timestamp +13
Waking up in 6.6 seconds.
(9) Received Access-Request Id 9 from 10.41.17.64:1090 to 10.41.110.86:1812
length 255
(9) Message-Authenticator = 0x58645e92fdfebfe5a07ee2ca9e76d058
(9) Service-Type = Framed-User
(9) User-Name = "userTest"
(9) Framed-MTU = 1488
(9) State = 0x4f424a32474b53ce43a0ba7c4354ed56
(9) Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(9) Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(9) NAS-Identifier = "3Com Access Point 7760"
(9) NAS-Port-Type = Wireless-802.11
(9) Connect-Info = "CONNECT 54Mbps 802.11g"
(9) EAP-Message =
0x0209002b19001703010020392369a6b70c5ffc43a71c35e3a7fdfedb1358e8be6145c943f3c8f7c084f2aa
(9) NAS-IP-Address = 10.41.17.64
(9) NAS-Port = 1
(9) NAS-Port-Id = "STA port # 1"
(9) session-state: No cached attributes
(9) # Executing section authorize from file /etc/raddb/sites-enabled/default
(9) authorize {
(9) [preprocess] = ok
(9) eap: Peer sent EAP Response (code 2) ID 9 length 43
(9) eap: Continuing tunnel setup
(9) [eap] = ok
(9) } # authorize = ok
(9) Found Auth-Type = eap
(9) # Executing group from file /etc/raddb/sites-enabled/default
(9) authenticate {
(9) eap: Expiring EAP session with state 0x4f424a32474b53ce
(9) eap: Finished EAP session with state 0x4f424a32474b53ce
(9) eap: Previous EAP request found for state 0x4f424a32474b53ce, released
from the list
(9) eap: Peer sent packet with method EAP PEAP (25)
(9) eap: Calling submodule eap_peap to process data
(9) eap_peap: Continuing EAP-TLS
(9) eap_peap: [eaptls verify] = ok
(9) eap_peap: Done initial handshake
(9) eap_peap: [eaptls process] = ok
(9) eap_peap: Session established. Decoding tunneled attributes
(9) eap_peap: PEAP state send tlv success
(9) eap_peap: Received EAP-TLV response
(9) eap_peap: Success
(9) eap_peap: Using saved attributes from the original Access-Accept
(9) eap_peap: User-Name = "userTest"
(9) eap_peap: caching User-Name = "userTest"
(9) eap_peap: Failed to find 'persist_dir' in TLS configuration. Session
will not be cached on disk.
(9) eap: Sending EAP Success (code 3) ID 9 length 4
(9) eap: Freeing handler
(9) [eap] = ok
(9) } # authenticate = ok
(9) # Executing section post-auth from file /etc/raddb/sites-enabled/default
(9) post-auth {
(9) update {
(9) No attributes updated
(9) } # update = noop
(9) [exec] = noop
(9) policy remove_reply_message_if_eap {
(9) if (&reply:EAP-Message && &reply:Reply-Message) {
(9) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE
(9) else {
(9) [noop] = noop
(9) } # else = noop
(9) } # policy remove_reply_message_if_eap = noop
(9) } # post-auth = noop
(9) Sent Access-Accept Id 9 from 10.41.110.86:1812 to 10.41.17.64:1090
length 0
(9) User-Name = "userTest"
(9) MS-MPPE-Recv-Key =
0x00a4bdf20b6b9a550a36b016997d3bb3bd83c0fdfdbcc0ddd6026d3daa2019bb
(9) MS-MPPE-Send-Key =
0xaf0e20d1649dba2bd275bae0ce54905287ec784004b438eac1d71335a6a5df64
(9) EAP-Message = 0x03090004
(9) Message-Authenticator = 0x00000000000000000000000000000000
(9) Finished request
Waking up in 4.9 seconds.
(9) Cleaning up request packet ID 9 with timestamp +20
Waking up in 1.6 seconds.
(7) Cleaning up request packet ID 7 with timestamp +13
Waking up in 3.3 seconds.
More information about the Freeradius-Users
mailing list