iOS mysterious issues on Freeradius 3.0.14

Igor Sousa igorvolt at gmail.com
Thu Mar 23 20:46:43 CET 2017


<quote author='Alan DeKok-2'>
On Mar 22, 2017, at 7:39 AM, Igor Sousa <igorvolt at gmail.com> wrote:
>  PLEASE follow the instructions, and use "radiusd -X".  Doing "-Xx" just
makes the debug output harder to read.
</quote>
Quoted from:
http://freeradius.1045715.n5.nabble.com/iOS-mysterious-issues-on-Freeradius-3-0-14-tp5744970p5744971.html

I'm so sorry. I used use "radiusd -Xx" because I like see timestamp, but it
turns debug output harder to read and I agree with you. Now, I get two
debug's output where the first when Iphone can't connect to network and
second when I reboot the same Iphone and it can connect to the same network
(same AP device too).

PS: The certificate was generated during freeradius install. I think that
certificate isn't problem because tunneled authentication was successful

Glad to your help,
Igor Sousa

Debug outputs


IPHONE CANNOT CONNECT TO WIFI NETWORK
(19) Received Access-Request Id 0 from 10.41.17.64:1086 to 10.41.110.86:1812
length 210
(19)   Message-Authenticator = 0xaff68abbae7d1c7ec3845b6e82d7820b
(19)   Service-Type = Framed-User
(19)   User-Name = "userTest"
(19)   Framed-MTU = 1488
(19)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(19)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(19)   NAS-Identifier = "3Com Access Point 7760"
(19)   NAS-Port-Type = Wireless-802.11
(19)   Connect-Info = "CONNECT 54Mbps 802.11g"
(19)   EAP-Message = 0x02000010013031383239353036333832
(19)   NAS-IP-Address = 10.41.17.64
(19)   NAS-Port = 1
(19)   NAS-Port-Id = "STA port # 1"
(19) # Executing section authorize from file
/etc/raddb/sites-enabled/default
(19)   authorize {
(19)     [preprocess] = ok
(19) eap: Peer sent EAP Response (code 2) ID 0 length 16
(19) eap: EAP-Identity reply, returning 'ok' so we can short-circuit the
rest of authorize
(19)     [eap] = ok
(19)   } # authorize = ok
(19) Found Auth-Type = eap
(19) # Executing group from file /etc/raddb/sites-enabled/default
(19)   authenticate {
(19) eap: Peer sent packet with method EAP Identity (1)
(19) eap: Calling submodule eap_peap to process data
(19) eap_peap: Initiating new EAP-TLS session
(19) eap_peap: [eaptls start] = request
(19) eap: Sending EAP Request (code 1) ID 1 length 6
(19) eap: EAP session adding &reply:State = 0x82e4cb1b82e5d244
(19)     [eap] = handled
(19)   } # authenticate = handled
(19) Using Post-Auth-Type Challenge
(19) Post-Auth-Type sub-section not found.  Ignoring.
(19) # Executing group from file /etc/raddb/sites-enabled/default
(19) Sent Access-Challenge Id 0 from 10.41.110.86:1812 to 10.41.17.64:1086
length 0
(19)   EAP-Message = 0x010100061920
(19)   Message-Authenticator = 0x00000000000000000000000000000000
(19)   State = 0x82e4cb1b82e5d244ae1bb12a174a7e27
(19) Finished request
Waking up in 1.0 seconds.
(20) Received Access-Request Id 1 from 10.41.17.64:1086 to 10.41.110.86:1812
length 339
(20)   Message-Authenticator = 0x06ed06a6edcefe165e317699f3ab93bf
(20)   Service-Type = Framed-User
(20)   User-Name = "userTest"
(20)   Framed-MTU = 1488
(20)   State = 0x82e4cb1b82e5d244ae1bb12a174a7e27
(20)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(20)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(20)   NAS-Identifier = "3Com Access Point 7760"
(20)   NAS-Port-Type = Wireless-802.11
(20)   Connect-Info = "CONNECT 54Mbps 802.11g"
(20)   EAP-Message =
0x0201007f19800000007516030100700100006c030158d2b994740bc0e95df6bd9e51c89c348c9061a2001932506837a83a2b96e1f800002000ffc024c023c00ac009c008c028c027c014c013c012003d003c0035002f000a01000023000a00080006001700180019000b00020100000500050100000000
(20)   NAS-IP-Address = 10.41.17.64
(20)   NAS-Port = 1
(20)   NAS-Port-Id = "STA port # 1"
(20) session-state: No cached attributes
(20) # Executing section authorize from file
/etc/raddb/sites-enabled/default
(20)   authorize {
(20)     [preprocess] = ok
(20) eap: Peer sent EAP Response (code 2) ID 1 length 127
(20) eap: Continuing tunnel setup
(20)     [eap] = ok
(20)   } # authorize = ok
(20) Found Auth-Type = eap
(20) # Executing group from file /etc/raddb/sites-enabled/default
(20)   authenticate {
(20) eap: Expiring EAP session with state 0xfaf55ea1f2e347c8
(20) eap: Finished EAP session with state 0x82e4cb1b82e5d244
(20) eap: Previous EAP request found for state 0x82e4cb1b82e5d244, released
from the list
(20) eap: Peer sent packet with method EAP PEAP (25)
(20) eap: Calling submodule eap_peap to process data
(20) eap_peap: Continuing EAP-TLS
(20) eap_peap: Peer indicated complete TLS record size will be 117 bytes
(20) eap_peap: Got complete TLS record (117 bytes)
(20) eap_peap: [eaptls verify] = length included
(20) eap_peap: (other): before SSL initialization
(20) eap_peap: TLS_accept: before SSL initialization
(20) eap_peap: TLS_accept: before SSL initialization
(20) eap_peap: <<< recv TLS 1.2  [length 0070]
(20) eap_peap: TLS_accept: SSLv3/TLS read client hello
(20) eap_peap: >>> send TLS 1.0 Handshake [length 005d], ServerHello
(20) eap_peap: TLS_accept: SSLv3/TLS write server hello
(20) eap_peap: >>> send TLS 1.0 Handshake [length 08d3], Certificate
(20) eap_peap: TLS_accept: SSLv3/TLS write certificate
(20) eap_peap: >>> send TLS 1.0 Handshake [length 014b], ServerKeyExchange
(20) eap_peap: TLS_accept: SSLv3/TLS write key exchange
(20) eap_peap: >>> send TLS 1.0 Handshake [length 0004], ServerHelloDone
(20) eap_peap: TLS_accept: SSLv3/TLS write server done
(20) eap_peap: TLS_accept: Need to read more data: SSLv3/TLS write server
done
(20) eap_peap: In SSL Handshake Phase
(20) eap_peap: In SSL Accept mode
(20) eap_peap: [eaptls process] = handled
(20) eap: Sending EAP Request (code 1) ID 2 length 1004
(20) eap: EAP session adding &reply:State = 0x82e4cb1b83e6d244
(20)     [eap] = handled
(20)   } # authenticate = handled
(20) Using Post-Auth-Type Challenge
(20) Post-Auth-Type sub-section not found.  Ignoring.
(20) # Executing group from file /etc/raddb/sites-enabled/default
(20) Sent Access-Challenge Id 1 from 10.41.110.86:1812 to 10.41.17.64:1086
length 0
(20)   EAP-Message =
0x010203ec19c000000a93160301005d02000059030137ff0e7945d630b967660ce9dfe075ed12322d81c073d418449d657776955cef20ad6b30ad91ec1d4a1cb29d7bcca8c64ffca1d37b284636e0af73a499a87943b5c014000011ff01000100000b0004030001020017000016030108d30b0008cf0008
(20)   Message-Authenticator = 0x00000000000000000000000000000000
(20)   State = 0x82e4cb1b83e6d244ae1bb12a174a7e27
(20) Finished request
Waking up in 1.0 seconds.
(21) Received Access-Request Id 2 from 10.41.17.64:1086 to 10.41.110.86:1812
length 218
(21)   Message-Authenticator = 0x9e08ee72ba04c092cc95e8dc3c2b126d
(21)   Service-Type = Framed-User
(21)   User-Name = "userTest"
(21)   Framed-MTU = 1488
(21)   State = 0x82e4cb1b83e6d244ae1bb12a174a7e27
(21)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(21)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(21)   NAS-Identifier = "3Com Access Point 7760"
(21)   NAS-Port-Type = Wireless-802.11
(21)   Connect-Info = "CONNECT 54Mbps 802.11g"
(21)   EAP-Message = 0x020200061900
(21)   NAS-IP-Address = 10.41.17.64
(21)   NAS-Port = 1
(21)   NAS-Port-Id = "STA port # 1"
(21) session-state: No cached attributes
(21) # Executing section authorize from file
/etc/raddb/sites-enabled/default
(21)   authorize {
(21)     [preprocess] = ok
(21) eap: Peer sent EAP Response (code 2) ID 2 length 6
(21) eap: Continuing tunnel setup
(21)     [eap] = ok
(21)   } # authorize = ok
(21) Found Auth-Type = eap
(21) # Executing group from file /etc/raddb/sites-enabled/default
(21)   authenticate {
(21) eap: Expiring EAP session with state 0xfaf55ea1f2e347c8
(21) eap: Finished EAP session with state 0x82e4cb1b83e6d244
(21) eap: Previous EAP request found for state 0x82e4cb1b83e6d244, released
from the list
(21) eap: Peer sent packet with method EAP PEAP (25)
(21) eap: Calling submodule eap_peap to process data
(21) eap_peap: Continuing EAP-TLS
(21) eap_peap: Peer ACKed our handshake fragment
(21) eap_peap: [eaptls verify] = request
(21) eap_peap: [eaptls process] = handled
(21) eap: Sending EAP Request (code 1) ID 3 length 1000
(21) eap: EAP session adding &reply:State = 0x82e4cb1b80e7d244
(21)     [eap] = handled
(21)   } # authenticate = handled
(21) Using Post-Auth-Type Challenge
(21) Post-Auth-Type sub-section not found.  Ignoring.
(21) # Executing group from file /etc/raddb/sites-enabled/default
(21) Sent Access-Challenge Id 2 from 10.41.110.86:1812 to 10.41.17.64:1086
length 0
(21)   EAP-Message =
0x010303e81940b2c16fe1b0d484179f9cdaaba928edbe85ea947176542ea9646d2f16b8803f26bf43aa9d60ff2c5d4d9ec84c4c511d64d81b360765cd88159cbe3831e7f63102d7e95becbf76520288a093eefd7080eb3f1c6936e347b508b9916d3e4e10615ad52b4601565fedd7e976bdf1ec0004e830
(21)   Message-Authenticator = 0x00000000000000000000000000000000
(21)   State = 0x82e4cb1b80e7d244ae1bb12a174a7e27
(21) Finished request
Waking up in 1.0 seconds.
(22) Received Access-Request Id 3 from 10.41.17.64:1086 to 10.41.110.86:1812
length 218
(22)   Message-Authenticator = 0x0e187ddb9e28534049f07abe7b3a792a
(22)   Service-Type = Framed-User
(22)   User-Name = "userTest"
(22)   Framed-MTU = 1488
(22)   State = 0x82e4cb1b80e7d244ae1bb12a174a7e27
(22)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(22)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(22)   NAS-Identifier = "3Com Access Point 7760"
(22)   NAS-Port-Type = Wireless-802.11
(22)   Connect-Info = "CONNECT 54Mbps 802.11g"
(22)   EAP-Message = 0x020300061900
(22)   NAS-IP-Address = 10.41.17.64
(22)   NAS-Port = 1
(22)   NAS-Port-Id = "STA port # 1"
(22) session-state: No cached attributes
(22) # Executing section authorize from file
/etc/raddb/sites-enabled/default
(22)   authorize {
(22)     [preprocess] = ok
(22) eap: Peer sent EAP Response (code 2) ID 3 length 6
(22) eap: Continuing tunnel setup
(22)     [eap] = ok
(22)   } # authorize = ok
(22) Found Auth-Type = eap
(22) # Executing group from file /etc/raddb/sites-enabled/default
(22)   authenticate {
(22) eap: Expiring EAP session with state 0xfaf55ea1f2e347c8
(22) eap: Finished EAP session with state 0x82e4cb1b80e7d244
(22) eap: Previous EAP request found for state 0x82e4cb1b80e7d244, released
from the list
(22) eap: Peer sent packet with method EAP PEAP (25)
(22) eap: Calling submodule eap_peap to process data
(22) eap_peap: Continuing EAP-TLS
(22) eap_peap: Peer ACKed our handshake fragment
(22) eap_peap: [eaptls verify] = request
(22) eap_peap: [eaptls process] = handled
(22) eap: Sending EAP Request (code 1) ID 4 length 725
(22) eap: EAP session adding &reply:State = 0x82e4cb1b81e0d244
(22)     [eap] = handled
(22)   } # authenticate = handled
(22) Using Post-Auth-Type Challenge
(22) Post-Auth-Type sub-section not found.  Ignoring.
(22) # Executing group from file /etc/raddb/sites-enabled/default
(22) Sent Access-Challenge Id 3 from 10.41.110.86:1812 to 10.41.17.64:1086
length 0
(22)   EAP-Message =
0x010402d519006361746520417574686f72697479820900f29e29fc64450db1300f0603551d130101ff040530030101ff30360603551d1f042f302d302ba029a0278625687474703a2f2f7777772e6578616d706c652e6f72672f6578616d706c655f63612e63726c300d06092a864886f70d01010b0500
(22)   Message-Authenticator = 0x00000000000000000000000000000000
(22)   State = 0x82e4cb1b81e0d244ae1bb12a174a7e27
(22) Finished request
Waking up in 1.0 seconds.
(23) Received Access-Request Id 4 from 10.41.17.64:1086 to 10.41.110.86:1812
length 356
(23)   Message-Authenticator = 0xc77ca6450207ee96bc701c3e80013fa2
(23)   Service-Type = Framed-User
(23)   User-Name = "userTest"
(23)   Framed-MTU = 1488
(23)   State = 0x82e4cb1b81e0d244ae1bb12a174a7e27
(23)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(23)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(23)   NAS-Identifier = "3Com Access Point 7760"
(23)   NAS-Port-Type = Wireless-802.11
(23)   Connect-Info = "CONNECT 54Mbps 802.11g"
(23)   EAP-Message =
0x020400901980000000861603010046100000424104fc94c086c80412f32f419d7f1071bd4863294987aebe7139a5d92849080b9c602c5a61b8f8b8e65d7b8f08d5b4f75c942d77f7b0bfba1eb3c64cd9a4f24c9d4114030100010116030100304daead77f0532e3562ea1b4b112348d124a28151794774
(23)   NAS-IP-Address = 10.41.17.64
(23)   NAS-Port = 1
(23)   NAS-Port-Id = "STA port # 1"
(23) session-state: No cached attributes
(23) # Executing section authorize from file
/etc/raddb/sites-enabled/default
(23)   authorize {
(23)     [preprocess] = ok
(23) eap: Peer sent EAP Response (code 2) ID 4 length 144
(23) eap: Continuing tunnel setup
(23)     [eap] = ok
(23)   } # authorize = ok
(23) Found Auth-Type = eap
(23) # Executing group from file /etc/raddb/sites-enabled/default
(23)   authenticate {
(23) eap: Expiring EAP session with state 0xfaf55ea1f2e347c8
(23) eap: Finished EAP session with state 0x82e4cb1b81e0d244
(23) eap: Previous EAP request found for state 0x82e4cb1b81e0d244, released
from the list
(23) eap: Peer sent packet with method EAP PEAP (25)
(23) eap: Calling submodule eap_peap to process data
(23) eap_peap: Continuing EAP-TLS
(23) eap_peap: Peer indicated complete TLS record size will be 134 bytes
(23) eap_peap: Got complete TLS record (134 bytes)
(23) eap_peap: [eaptls verify] = length included
(23) eap_peap: TLS_accept: SSLv3/TLS write server done
(23) eap_peap: <<< recv TLS 1.0 Handshake [length 0046], ClientKeyExchange
(23) eap_peap: TLS_accept: SSLv3/TLS read client key exchange
(23) eap_peap: TLS_accept: SSLv3/TLS read change cipher spec
(23) eap_peap: <<< recv TLS 1.0 Handshake [length 0010], Finished
(23) eap_peap: TLS_accept: SSLv3/TLS read finished
(23) eap_peap: >>> send TLS 1.0 ChangeCipherSpec [length 0001]
(23) eap_peap: TLS_accept: SSLv3/TLS write change cipher spec
(23) eap_peap: >>> send TLS 1.0 Handshake [length 0010], Finished
(23) eap_peap: TLS_accept: SSLv3/TLS write finished
(23) eap_peap: (other): SSL negotiation finished successfully
(23) eap_peap: SSL Connection Established
(23) eap_peap: [eaptls process] = handled
(23) eap: Sending EAP Request (code 1) ID 5 length 65
(23) eap: EAP session adding &reply:State = 0x82e4cb1b86e1d244
(23)     [eap] = handled
(23)   } # authenticate = handled
(23) Using Post-Auth-Type Challenge
(23) Post-Auth-Type sub-section not found.  Ignoring.
(23) # Executing group from file /etc/raddb/sites-enabled/default
(23) Sent Access-Challenge Id 4 from 10.41.110.86:1812 to 10.41.17.64:1086
length 0
(23)   EAP-Message =
0x010500411900140301000101160301003092e53f04b9660df09297508db8e8fb3b4ad05e7b6ae5ec5d0120facf25d35fd262b1706180c33f72e235b2c3f3724cd9
(23)   Message-Authenticator = 0x00000000000000000000000000000000
(23)   State = 0x82e4cb1b86e1d244ae1bb12a174a7e27
(23) Finished request
Waking up in 1.0 seconds.
(24) Received Access-Request Id 5 from 10.41.17.64:1086 to 10.41.110.86:1812
length 218
(24)   Message-Authenticator = 0x7b0940b6625998f02f43527bb1725e77
(24)   Service-Type = Framed-User
(24)   User-Name = "userTest"
(24)   Framed-MTU = 1488
(24)   State = 0x82e4cb1b86e1d244ae1bb12a174a7e27
(24)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(24)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(24)   NAS-Identifier = "3Com Access Point 7760"
(24)   NAS-Port-Type = Wireless-802.11
(24)   Connect-Info = "CONNECT 54Mbps 802.11g"
(24)   EAP-Message = 0x020500061900
(24)   NAS-IP-Address = 10.41.17.64
(24)   NAS-Port = 1
(24)   NAS-Port-Id = "STA port # 1"
(24) session-state: No cached attributes
(24) # Executing section authorize from file
/etc/raddb/sites-enabled/default
(24)   authorize {
(24)     [preprocess] = ok
(24) eap: Peer sent EAP Response (code 2) ID 5 length 6
(24) eap: Continuing tunnel setup
(24)     [eap] = ok
(24)   } # authorize = ok
(24) Found Auth-Type = eap
(24) # Executing group from file /etc/raddb/sites-enabled/default
(24)   authenticate {
(24) eap: Expiring EAP session with state 0xfaf55ea1f2e347c8
(24) eap: Finished EAP session with state 0x82e4cb1b86e1d244
(24) eap: Previous EAP request found for state 0x82e4cb1b86e1d244, released
from the list
(24) eap: Peer sent packet with method EAP PEAP (25)
(24) eap: Calling submodule eap_peap to process data
(24) eap_peap: Continuing EAP-TLS
(24) eap_peap: Peer ACKed our handshake fragment.  handshake is finished
(24) eap_peap: [eaptls verify] = success
(24) eap_peap: [eaptls process] = success
(24) eap_peap: Session established.  Decoding tunneled attributes
(24) eap_peap: PEAP state TUNNEL ESTABLISHED
(24) eap: Sending EAP Request (code 1) ID 6 length 43
(24) eap: EAP session adding &reply:State = 0x82e4cb1b87e2d244
(24)     [eap] = handled
(24)   } # authenticate = handled
(24) Using Post-Auth-Type Challenge
(24) Post-Auth-Type sub-section not found.  Ignoring.
(24) # Executing group from file /etc/raddb/sites-enabled/default
(24) Sent Access-Challenge Id 5 from 10.41.110.86:1812 to 10.41.17.64:1086
length 0
(24)   EAP-Message =
0x0106002b19001703010020afa714d51b4477ae4fc0c892baab98cb04bd0762d895080477d237e60fdae1cb
(24)   Message-Authenticator = 0x00000000000000000000000000000000
(24)   State = 0x82e4cb1b87e2d244ae1bb12a174a7e27
(24) Finished request
Waking up in 0.9 seconds.
(25) Received Access-Request Id 6 from 10.41.17.64:1086 to 10.41.110.86:1812
length 271
(25)   Message-Authenticator = 0xdec0a89429f16c15bc1dc8a9a9a272c1
(25)   Service-Type = Framed-User
(25)   User-Name = "userTest"
(25)   Framed-MTU = 1488
(25)   State = 0x82e4cb1b87e2d244ae1bb12a174a7e27
(25)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(25)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(25)   NAS-Identifier = "3Com Access Point 7760"
(25)   NAS-Port-Type = Wireless-802.11
(25)   Connect-Info = "CONNECT 54Mbps 802.11g"
(25)   EAP-Message =
0x0206003b19001703010030657aea9089cf393fccfa7cce8b305fa7c1265fa8174415a9b45527c898b1b5178cb30fa0081511f2f971c4f46af30621
(25)   NAS-IP-Address = 10.41.17.64
(25)   NAS-Port = 1
(25)   NAS-Port-Id = "STA port # 1"
(25) session-state: No cached attributes
(25) # Executing section authorize from file
/etc/raddb/sites-enabled/default
(25)   authorize {
(25)     [preprocess] = ok
(25) eap: Peer sent EAP Response (code 2) ID 6 length 59
(25) eap: Continuing tunnel setup
(25)     [eap] = ok
(25)   } # authorize = ok
(25) Found Auth-Type = eap
(25) # Executing group from file /etc/raddb/sites-enabled/default
(25)   authenticate {
(25) eap: Expiring EAP session with state 0xfaf55ea1f2e347c8
(25) eap: Finished EAP session with state 0x82e4cb1b87e2d244
(25) eap: Previous EAP request found for state 0x82e4cb1b87e2d244, released
from the list
(25) eap: Peer sent packet with method EAP PEAP (25)
(25) eap: Calling submodule eap_peap to process data
(25) eap_peap: Continuing EAP-TLS
(25) eap_peap: [eaptls verify] = ok
(25) eap_peap: Done initial handshake
(25) eap_peap: [eaptls process] = ok
(25) eap_peap: Session established.  Decoding tunneled attributes
(25) eap_peap: PEAP state WAITING FOR INNER IDENTITY
(25) eap_peap: Identity - userTest
(25) eap_peap: Got inner identity 'userTest'
(25) eap_peap: Setting default EAP type for tunneled EAP session
(25) eap_peap: Got tunneled request
(25) eap_peap:   EAP-Message = 0x02060010013031383239353036333832
(25) eap_peap: Setting User-Name to userTest
(25) eap_peap: Sending tunneled request to inner-tunnel
(25) eap_peap:   EAP-Message = 0x02060010013031383239353036333832
(25) eap_peap:   FreeRADIUS-Proxied-To = 127.0.0.1
(25) eap_peap:   User-Name = "userTest"
(25) eap_peap:   Service-Type = Framed-User
(25) eap_peap:   Framed-MTU = 1488
(25) eap_peap:   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(25) eap_peap:   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(25) eap_peap:   NAS-Identifier = "3Com Access Point 7760"
(25) eap_peap:   NAS-Port-Type = Wireless-802.11
(25) eap_peap:   Connect-Info = "CONNECT 54Mbps 802.11g"
(25) eap_peap:   NAS-IP-Address = 10.41.17.64
(25) eap_peap:   NAS-Port = 1
(25) eap_peap:   NAS-Port-Id = "STA port # 1"
(25) eap_peap:   Event-Timestamp = "Mar 22 2017 14:51:08 -03"
(25) Virtual server inner-tunnel received request
(25)   EAP-Message = 0x02060010013031383239353036333832
(25)   FreeRADIUS-Proxied-To = 127.0.0.1
(25)   User-Name = "userTest"
(25)   Service-Type = Framed-User
(25)   Framed-MTU = 1488
(25)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(25)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(25)   NAS-Identifier = "3Com Access Point 7760"
(25)   NAS-Port-Type = Wireless-802.11
(25)   Connect-Info = "CONNECT 54Mbps 802.11g"
(25)   NAS-IP-Address = 10.41.17.64
(25)   NAS-Port = 1
(25)   NAS-Port-Id = "STA port # 1"
(25)   Event-Timestamp = "Mar 22 2017 14:51:08 -03"
(25) WARNING: Outer and inner identities are the same.  User privacy is
compromised.
(25) server inner-tunnel {
(25)   # Executing section authorize from file
/etc/raddb/sites-enabled/inner-tunnel
(25)     authorize {
(25) eap: Peer sent EAP Response (code 2) ID 6 length 16
(25) eap: EAP-Identity reply, returning 'ok' so we can short-circuit the
rest of authorize
(25)       [eap] = ok
(25)     } # authorize = ok
(25)   Found Auth-Type = eap
(25)   # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(25)     authenticate {
(25) eap: Peer sent packet with method EAP Identity (1)
(25) eap: Calling submodule eap_mschapv2 to process data
(25) eap_mschapv2: Issuing Challenge
(25) eap: Sending EAP Request (code 1) ID 7 length 43
(25) eap: EAP session adding &reply:State = 0xed05353eed022fbe
(25)       [eap] = handled
(25)     } # authenticate = handled
(25) } # server inner-tunnel
(25) Virtual server sending reply
(25)   EAP-Message =
0x0107002b1a01070026109ac249a45bf691de7fc75a3feed0cb60667265657261646975732d332e302e3134
(25)   Message-Authenticator = 0x00000000000000000000000000000000
(25)   State = 0xed05353eed022fbe5b1d8e8a916c26a0
(25) eap_peap: Got tunneled reply code 11
(25) eap_peap:   EAP-Message =
0x0107002b1a01070026109ac249a45bf691de7fc75a3feed0cb60667265657261646975732d332e302e3134
(25) eap_peap:   Message-Authenticator = 0x00000000000000000000000000000000
(25) eap_peap:   State = 0xed05353eed022fbe5b1d8e8a916c26a0
(25) eap_peap: Got tunneled reply RADIUS code 11
(25) eap_peap:   EAP-Message =
0x0107002b1a01070026109ac249a45bf691de7fc75a3feed0cb60667265657261646975732d332e302e3134
(25) eap_peap:   Message-Authenticator = 0x00000000000000000000000000000000
(25) eap_peap:   State = 0xed05353eed022fbe5b1d8e8a916c26a0
(25) eap_peap: Got tunneled Access-Challenge
(25) eap: Sending EAP Request (code 1) ID 7 length 75
(25) eap: EAP session adding &reply:State = 0x82e4cb1b84e3d244
(25)     [eap] = handled
(25)   } # authenticate = handled
(25) Using Post-Auth-Type Challenge
(25) Post-Auth-Type sub-section not found.  Ignoring.
(25) # Executing group from file /etc/raddb/sites-enabled/default
(25) Sent Access-Challenge Id 6 from 10.41.110.86:1812 to 10.41.17.64:1086
length 0
(25)   EAP-Message =
0x0107004b190017030100400bebb44427586f4cbdcaad23463df25a067c4d45afc5e95fc61702ed797b15c868c9c4e14426bc4990166d0694dc72a2ba6e331ddf04fc1789e72561fe224c6d
(25)   Message-Authenticator = 0x00000000000000000000000000000000
(25)   State = 0x82e4cb1b84e3d244ae1bb12a174a7e27
(25) Finished request
Waking up in 0.9 seconds.
(26) Received Access-Request Id 7 from 10.41.17.64:1086 to 10.41.110.86:1812
length 319
(26)   Message-Authenticator = 0x4840c791be0e158ada74c3f7a5b1becf
(26)   Service-Type = Framed-User
(26)   User-Name = "userTest"
(26)   Framed-MTU = 1488
(26)   State = 0x82e4cb1b84e3d244ae1bb12a174a7e27
(26)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(26)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(26)   NAS-Identifier = "3Com Access Point 7760"
(26)   NAS-Port-Type = Wireless-802.11
(26)   Connect-Info = "CONNECT 54Mbps 802.11g"
(26)   EAP-Message =
0x0207006b190017030100601e8bbbaa319f1ffc13c3fe11332e7601429bf2a151d6c4d99d3f91e0a79b3b59bc57498e3bf95cdcf978ffd69c15bc6ad68251cc197b0acbc713895da4ea84bb9abc0de37ab3c81c6819b636dae5e12fca59c5704d52cae6fd568351fe2c06d8
(26)   NAS-IP-Address = 10.41.17.64
(26)   NAS-Port = 1
(26)   NAS-Port-Id = "STA port # 1"
(26) session-state: No cached attributes
(26) # Executing section authorize from file
/etc/raddb/sites-enabled/default
(26)   authorize {
(26)     [preprocess] = ok
(26) eap: Peer sent EAP Response (code 2) ID 7 length 107
(26) eap: Continuing tunnel setup
(26)     [eap] = ok
(26)   } # authorize = ok
(26) Found Auth-Type = eap
(26) # Executing group from file /etc/raddb/sites-enabled/default
(26)   authenticate {
(26) eap: Expiring EAP session with state 0xfaf55ea1f2e347c8
(26) eap: Finished EAP session with state 0x82e4cb1b84e3d244
(26) eap: Previous EAP request found for state 0x82e4cb1b84e3d244, released
from the list
(26) eap: Peer sent packet with method EAP PEAP (25)
(26) eap: Calling submodule eap_peap to process data
(26) eap_peap: Continuing EAP-TLS
(26) eap_peap: [eaptls verify] = ok
(26) eap_peap: Done initial handshake
(26) eap_peap: [eaptls process] = ok
(26) eap_peap: Session established.  Decoding tunneled attributes
(26) eap_peap: PEAP state phase2
(26) eap_peap: EAP method MSCHAPv2 (26)
(26) eap_peap: Got tunneled request
(26) eap_peap:   EAP-Message =
0x020700461a02070041312878ab53f5a3bfc536df80a0cba47d180000000000000000613251667b283074a5abb46f3f3469403d8ba8a992319ef4003031383239353036333832
(26) eap_peap: Setting User-Name to userTest
(26) eap_peap: Sending tunneled request to inner-tunnel
(26) eap_peap:   EAP-Message =
0x020700461a02070041312878ab53f5a3bfc536df80a0cba47d180000000000000000613251667b283074a5abb46f3f3469403d8ba8a992319ef4003031383239353036333832
(26) eap_peap:   FreeRADIUS-Proxied-To = 127.0.0.1
(26) eap_peap:   User-Name = "userTest"
(26) eap_peap:   State = 0xed05353eed022fbe5b1d8e8a916c26a0
(26) eap_peap:   Service-Type = Framed-User
(26) eap_peap:   Framed-MTU = 1488
(26) eap_peap:   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(26) eap_peap:   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(26) eap_peap:   NAS-Identifier = "3Com Access Point 7760"
(26) eap_peap:   NAS-Port-Type = Wireless-802.11
(26) eap_peap:   Connect-Info = "CONNECT 54Mbps 802.11g"
(26) eap_peap:   NAS-IP-Address = 10.41.17.64
(26) eap_peap:   NAS-Port = 1
(26) eap_peap:   NAS-Port-Id = "STA port # 1"
(26) eap_peap:   Event-Timestamp = "Mar 22 2017 14:51:08 -03"
(26) Virtual server inner-tunnel received request
(26)   EAP-Message =
0x020700461a02070041312878ab53f5a3bfc536df80a0cba47d180000000000000000613251667b283074a5abb46f3f3469403d8ba8a992319ef4003031383239353036333832
(26)   FreeRADIUS-Proxied-To = 127.0.0.1
(26)   User-Name = "userTest"
(26)   State = 0xed05353eed022fbe5b1d8e8a916c26a0
(26)   Service-Type = Framed-User
(26)   Framed-MTU = 1488
(26)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(26)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(26)   NAS-Identifier = "3Com Access Point 7760"
(26)   NAS-Port-Type = Wireless-802.11
(26)   Connect-Info = "CONNECT 54Mbps 802.11g"
(26)   NAS-IP-Address = 10.41.17.64
(26)   NAS-Port = 1
(26)   NAS-Port-Id = "STA port # 1"
(26)   Event-Timestamp = "Mar 22 2017 14:51:08 -03"
(26) WARNING: Outer and inner identities are the same.  User privacy is
compromised.
(26) server inner-tunnel {
(26)   session-state: No cached attributes
(26)   # Executing section authorize from file
/etc/raddb/sites-enabled/inner-tunnel
(26)     authorize {
(26) eap: Peer sent EAP Response (code 2) ID 7 length 70
(26) eap: No EAP Start, assuming it's an on-going EAP conversation
(26)       [eap] = updated
rlm_ldap (ldap): Reserved connection (4)
(26) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
(26) ldap:    --> (uid=userTest)
(26) ldap: Performing search in "ou=people,dc=test,dc=br" with filter
"(uid=userTest)", scope "sub"
(26) ldap: Waiting for search result...
(26) ldap: User object found at DN "uid=userTest,ou=people,dc=test,dc=br"
(26) ldap: Processing user attributes
(26) ldap: control:NT-Password :=
0x3145333941394139324632423038413045363942344435414441374535333332
rlm_ldap (ldap): Released connection (4)
Need 1 more connections to reach 10 spares
rlm_ldap (ldap): Opening additional connection (9), 1 of 23 pending slots
used
rlm_ldap (ldap): Connecting to ldap://10.0.0.2:389
rlm_ldap (ldap): Waiting for bind result...
rlm_ldap (ldap): Bind successful
(26)       [ldap] = updated
(26)       [expiration] = noop
(26)       [logintime] = noop
(26) pap: Normalizing NT-Password from hex encoding, 32 bytes -> 16 bytes
(26) pap: WARNING: Auth-Type already set.  Not setting to PAP
(26)       [pap] = noop
(26)     } # authorize = updated
(26)   Found Auth-Type = eap
(26)   # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(26)     authenticate {
(26) eap: Expiring EAP session with state 0xfaf55ea1f2e347c8
(26) eap: Finished EAP session with state 0xed05353eed022fbe
(26) eap: Previous EAP request found for state 0xed05353eed022fbe, released
from the list
(26) eap: Peer sent packet with method EAP MSCHAPv2 (26)
(26) eap: Calling submodule eap_mschapv2 to process data
(26) eap_mschapv2: # Executing group from file
/etc/raddb/sites-enabled/inner-tunnel
(26) eap_mschapv2:   authenticate {
(26) mschap: Found NT-Password
(26) mschap: Creating challenge hash with username: userTest
(26) mschap: Client is using MS-CHAPv2
(26) mschap: Adding MS-CHAPv2 MPPE keys
(26)     [mschap] = ok
(26)   } # authenticate = ok
(26) MSCHAP Success
(26) eap: Sending EAP Request (code 1) ID 8 length 51
(26) eap: EAP session adding &reply:State = 0xed05353eec0d2fbe
(26)       [eap] = handled
(26)     } # authenticate = handled
(26) } # server inner-tunnel
(26) Virtual server sending reply
(26)   EAP-Message =
0x010800331a0307002e533d38314538303844334446353432374642333142393841314444463533333238304435363930443534
(26)   Message-Authenticator = 0x00000000000000000000000000000000
(26)   State = 0xed05353eec0d2fbe5b1d8e8a916c26a0
(26) eap_peap: Got tunneled reply code 11
(26) eap_peap:   EAP-Message =
0x010800331a0307002e533d38314538303844334446353432374642333142393841314444463533333238304435363930443534
(26) eap_peap:   Message-Authenticator = 0x00000000000000000000000000000000
(26) eap_peap:   State = 0xed05353eec0d2fbe5b1d8e8a916c26a0
(26) eap_peap: Got tunneled reply RADIUS code 11
(26) eap_peap:   EAP-Message =
0x010800331a0307002e533d38314538303844334446353432374642333142393841314444463533333238304435363930443534
(26) eap_peap:   Message-Authenticator = 0x00000000000000000000000000000000
(26) eap_peap:   State = 0xed05353eec0d2fbe5b1d8e8a916c26a0
(26) eap_peap: Got tunneled Access-Challenge
(26) eap: Sending EAP Request (code 1) ID 8 length 91
(26) eap: EAP session adding &reply:State = 0x82e4cb1b85ecd244
(26)     [eap] = handled
(26)   } # authenticate = handled
(26) Using Post-Auth-Type Challenge
(26) Post-Auth-Type sub-section not found.  Ignoring.
(26) # Executing group from file /etc/raddb/sites-enabled/default
(26) Sent Access-Challenge Id 7 from 10.41.110.86:1812 to 10.41.17.64:1086
length 0
(26)   EAP-Message =
0x0108005b19001703010050bf2b1c25d323d4882835f598fcfe8da6173e706e4c1d66b36965789bb836b404e89b5b21fa01ea32c48497cc0de0c17c7d2e5197be5bb9e75fec85fc9d6dce20211bc026bc74a7724da41853c158244e
(26)   Message-Authenticator = 0x00000000000000000000000000000000
(26)   State = 0x82e4cb1b85ecd244ae1bb12a174a7e27
(26) Finished request
(17) Cleaning up request packet ID 20 with timestamp +10
Waking up in 1.8 seconds.
(27) Received Access-Request Id 8 from 10.41.17.64:1086 to 10.41.110.86:1812
length 255
(27)   Message-Authenticator = 0xfa367a6fa8cf063157e227ebc3a6dc7c
(27)   Service-Type = Framed-User
(27)   User-Name = "userTest"
(27)   Framed-MTU = 1488
(27)   State = 0x82e4cb1b85ecd244ae1bb12a174a7e27
(27)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(27)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(27)   NAS-Identifier = "3Com Access Point 7760"
(27)   NAS-Port-Type = Wireless-802.11
(27)   Connect-Info = "CONNECT 54Mbps 802.11g"
(27)   EAP-Message =
0x0208002b19001703010020051c0ad98ab4c77d2d4580c0e7e07c4055a8762345473a564dab19aafc402cb1
(27)   NAS-IP-Address = 10.41.17.64
(27)   NAS-Port = 1
(27)   NAS-Port-Id = "STA port # 1"
(27) session-state: No cached attributes
(27) # Executing section authorize from file
/etc/raddb/sites-enabled/default
(27)   authorize {
(27)     [preprocess] = ok
(27) eap: Peer sent EAP Response (code 2) ID 8 length 43
(27) eap: Continuing tunnel setup
(27)     [eap] = ok
(27)   } # authorize = ok
(27) Found Auth-Type = eap
(27) # Executing group from file /etc/raddb/sites-enabled/default
(27)   authenticate {
(27) eap: Expiring EAP session with state 0xfaf55ea1f2e347c8
(27) eap: Finished EAP session with state 0x82e4cb1b85ecd244
(27) eap: Previous EAP request found for state 0x82e4cb1b85ecd244, released
from the list
(27) eap: Peer sent packet with method EAP PEAP (25)
(27) eap: Calling submodule eap_peap to process data
(27) eap_peap: Continuing EAP-TLS
(27) eap_peap: [eaptls verify] = ok
(27) eap_peap: Done initial handshake
(27) eap_peap: [eaptls process] = ok
(27) eap_peap: Session established.  Decoding tunneled attributes
(27) eap_peap: PEAP state phase2
(27) eap_peap: EAP method MSCHAPv2 (26)
(27) eap_peap: Got tunneled request
(27) eap_peap:   EAP-Message = 0x020800061a03
(27) eap_peap: Setting User-Name to userTest
(27) eap_peap: Sending tunneled request to inner-tunnel
(27) eap_peap:   EAP-Message = 0x020800061a03
(27) eap_peap:   FreeRADIUS-Proxied-To = 127.0.0.1
(27) eap_peap:   User-Name = "userTest"
(27) eap_peap:   State = 0xed05353eec0d2fbe5b1d8e8a916c26a0
(27) eap_peap:   Service-Type = Framed-User
(27) eap_peap:   Framed-MTU = 1488
(27) eap_peap:   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(27) eap_peap:   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(27) eap_peap:   NAS-Identifier = "3Com Access Point 7760"
(27) eap_peap:   NAS-Port-Type = Wireless-802.11
(27) eap_peap:   Connect-Info = "CONNECT 54Mbps 802.11g"
(27) eap_peap:   NAS-IP-Address = 10.41.17.64
(27) eap_peap:   NAS-Port = 1
(27) eap_peap:   NAS-Port-Id = "STA port # 1"
(27) eap_peap:   Event-Timestamp = "Mar 22 2017 14:51:12 -03"
(27) Virtual server inner-tunnel received request
(27)   EAP-Message = 0x020800061a03
(27)   FreeRADIUS-Proxied-To = 127.0.0.1
(27)   User-Name = "userTest"
(27)   State = 0xed05353eec0d2fbe5b1d8e8a916c26a0
(27)   Service-Type = Framed-User
(27)   Framed-MTU = 1488
(27)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(27)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(27)   NAS-Identifier = "3Com Access Point 7760"
(27)   NAS-Port-Type = Wireless-802.11
(27)   Connect-Info = "CONNECT 54Mbps 802.11g"
(27)   NAS-IP-Address = 10.41.17.64
(27)   NAS-Port = 1
(27)   NAS-Port-Id = "STA port # 1"
(27)   Event-Timestamp = "Mar 22 2017 14:51:12 -03"
(27) WARNING: Outer and inner identities are the same.  User privacy is
compromised.
(27) server inner-tunnel {
(27)   session-state: No cached attributes
(27)   # Executing section authorize from file
/etc/raddb/sites-enabled/inner-tunnel
(27)     authorize {
(27) eap: Peer sent EAP Response (code 2) ID 8 length 6
(27) eap: No EAP Start, assuming it's an on-going EAP conversation
(27)       [eap] = updated
rlm_ldap (ldap): Reserved connection (0)
(27) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
(27) ldap:    --> (uid=userTest)
(27) ldap: Performing search in "ou=people,dc=test,dc=br" with filter
"(uid=userTest)", scope "sub"
(27) ldap: Waiting for search result...
(27) ldap: User object found at DN "uid=userTest,ou=people,dc=test,dc=br"
(27) ldap: Processing user attributes
(27) ldap: control:NT-Password :=
0x3145333941394139324632423038413045363942344435414441374535333332
rlm_ldap (ldap): Released connection (0)
(27)       [ldap] = updated
(27)       [expiration] = noop
(27)       [logintime] = noop
(27) pap: Normalizing NT-Password from hex encoding, 32 bytes -> 16 bytes
(27) pap: WARNING: Auth-Type already set.  Not setting to PAP
(27)       [pap] = noop
(27)     } # authorize = updated
(27)   Found Auth-Type = eap
(27)   # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(27)     authenticate {
(27) eap: Expiring EAP session with state 0xfaf55ea1f2e347c8
(27) eap: Finished EAP session with state 0xed05353eec0d2fbe
(27) eap: Previous EAP request found for state 0xed05353eec0d2fbe, released
from the list
(27) eap: Peer sent packet with method EAP MSCHAPv2 (26)
(27) eap: Calling submodule eap_mschapv2 to process data
(27) eap: Sending EAP Success (code 3) ID 8 length 4
(27) eap: Freeing handler
(27)       [eap] = ok
(27)     } # authenticate = ok
(27)   # Executing section post-auth from file
/etc/raddb/sites-enabled/inner-tunnel
(27)     post-auth { ... } # empty sub-section is ignored
(27) } # server inner-tunnel
(27) Virtual server sending reply
(27)   MS-MPPE-Encryption-Policy = Encryption-Allowed
(27)   MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
(27)   MS-MPPE-Send-Key = 0x9753abfe82235c4216a0c1a4a959646f
(27)   MS-MPPE-Recv-Key = 0x757fbfa227358f8e820817a60ccf472c
(27)   EAP-Message = 0x03080004
(27)   Message-Authenticator = 0x00000000000000000000000000000000
(27)   User-Name = "userTest"
(27) eap_peap: Got tunneled reply code 2
(27) eap_peap:   MS-MPPE-Encryption-Policy = Encryption-Allowed
(27) eap_peap:   MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
(27) eap_peap:   MS-MPPE-Send-Key = 0x9753abfe82235c4216a0c1a4a959646f
(27) eap_peap:   MS-MPPE-Recv-Key = 0x757fbfa227358f8e820817a60ccf472c
(27) eap_peap:   EAP-Message = 0x03080004
(27) eap_peap:   Message-Authenticator = 0x00000000000000000000000000000000
(27) eap_peap:   User-Name = "userTest"
(27) eap_peap: Got tunneled reply RADIUS code 2
(27) eap_peap:   MS-MPPE-Encryption-Policy = Encryption-Allowed
(27) eap_peap:   MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
(27) eap_peap:   MS-MPPE-Send-Key = 0x9753abfe82235c4216a0c1a4a959646f
(27) eap_peap:   MS-MPPE-Recv-Key = 0x757fbfa227358f8e820817a60ccf472c
(27) eap_peap:   EAP-Message = 0x03080004
(27) eap_peap:   Message-Authenticator = 0x00000000000000000000000000000000
(27) eap_peap:   User-Name = "userTest"
(27) eap_peap: Tunneled authentication was successful
(27) eap_peap: SUCCESS
(27) eap_peap: Saving tunneled attributes for later
(27) eap: Sending EAP Request (code 1) ID 9 length 43
(27) eap: EAP session adding &reply:State = 0x82e4cb1b8aedd244
(27)     [eap] = handled
(27)   } # authenticate = handled
(27) Using Post-Auth-Type Challenge
(27) Post-Auth-Type sub-section not found.  Ignoring.
(27) # Executing group from file /etc/raddb/sites-enabled/default
(27) Sent Access-Challenge Id 8 from 10.41.110.86:1812 to 10.41.17.64:1086
length 0
(27)   EAP-Message =
0x0109002b190017030100207a38b4c9aef9e5676a7616149de4a7c75be717b173d6106d60fe592bedcf7088
(27)   Message-Authenticator = 0x00000000000000000000000000000000
(27)   State = 0x82e4cb1b8aedd244ae1bb12a174a7e27
(27) Finished request
(19) Cleaning up request packet ID 0 with timestamp +22
(20) Cleaning up request packet ID 1 with timestamp +22
(21) Cleaning up request packet ID 2 with timestamp +22
(22) Cleaning up request packet ID 3 with timestamp +22
(23) Cleaning up request packet ID 4 with timestamp +22
(24) Cleaning up request packet ID 5 with timestamp +22
(25) Cleaning up request packet ID 6 with timestamp +22
Waking up in 4.9 seconds.
(27) Cleaning up request packet ID 8 with timestamp +26
Waking up in 1.8 seconds.
(26) Cleaning up request packet ID 7 with timestamp +22
Ready to process requests


=================================
IPHONE CAN CONNECT TO THE WIFI NETWORK
OBS: I ran again "radiusd -X" to clear and understand where is the first
request, but Iphone can connect everytime when I rebooted it.


Listening on auth address * port 1812 bound to server default
Listening on acct address * port 1813 bound to server default
Listening on auth address :: port 1812 bound to server default
Listening on acct address :: port 1813 bound to server default
Listening on auth address 127.0.0.1 port 18120 bound to server inner-tunnel
Listening on proxy address * port 44713
Listening on proxy address :: port 42886
Ready to process requests
(0) Received Access-Request Id 0 from 10.41.17.64:1090 to 10.41.110.86:1812
length 210
(0)   Message-Authenticator = 0xdcad4806f8bc8cf27df0bfcbcabb5c3f
(0)   Service-Type = Framed-User
(0)   User-Name = "userTest"
(0)   Framed-MTU = 1488
(0)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(0)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(0)   NAS-Identifier = "3Com Access Point 7760"
(0)   NAS-Port-Type = Wireless-802.11
(0)   Connect-Info = "CONNECT 54Mbps 802.11g"
(0)   EAP-Message = 0x02000010013031383239353036333832
(0)   NAS-IP-Address = 10.41.17.64
(0)   NAS-Port = 1
(0)   NAS-Port-Id = "STA port # 1"
(0) # Executing section authorize from file /etc/raddb/sites-enabled/default
(0)   authorize {
(0)     [preprocess] = ok
(0) eap: Peer sent EAP Response (code 2) ID 0 length 16
(0) eap: EAP-Identity reply, returning 'ok' so we can short-circuit the
rest of authorize
(0)     [eap] = ok
(0)   } # authorize = ok
(0) Found Auth-Type = eap
(0) # Executing group from file /etc/raddb/sites-enabled/default
(0)   authenticate {
(0) eap: Peer sent packet with method EAP Identity (1)
(0) eap: Calling submodule eap_peap to process data
(0) eap_peap: Initiating new EAP-TLS session
(0) eap_peap: Flushing SSL sessions (of #0)
(0) eap_peap: [eaptls start] = request
(0) eap: Sending EAP Request (code 1) ID 1 length 6
(0) eap: EAP session adding &reply:State = 0x4f424a324f4353ce
(0)     [eap] = handled
(0)   } # authenticate = handled
(0) Using Post-Auth-Type Challenge
(0) Post-Auth-Type sub-section not found.  Ignoring.
(0) # Executing group from file /etc/raddb/sites-enabled/default
(0) Sent Access-Challenge Id 0 from 10.41.110.86:1812 to 10.41.17.64:1090
length 0
(0)   EAP-Message = 0x010100061920
(0)   Message-Authenticator = 0x00000000000000000000000000000000
(0)   State = 0x4f424a324f4353ce43a0ba7c4354ed56
(0) Finished request
Waking up in 4.9 seconds.
(1) Received Access-Request Id 1 from 10.41.17.64:1090 to 10.41.110.86:1812
length 339
(1)   Message-Authenticator = 0xdea1c2b48107147dddcaaddb6be770f0
(1)   Service-Type = Framed-User
(1)   User-Name = "userTest"
(1)   Framed-MTU = 1488
(1)   State = 0x4f424a324f4353ce43a0ba7c4354ed56
(1)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(1)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(1)   NAS-Identifier = "3Com Access Point 7760"
(1)   NAS-Port-Type = Wireless-802.11
(1)   Connect-Info = "CONNECT 54Mbps 802.11g"
(1)   EAP-Message =
0x0201007f19800000007516030100700100006c030158d2baf622703ad19984e484f38f9c0ff088678cca0370b25a5e56693df17d4a00002000ffc024c023c00ac009c008c028c027c014c013c012003d003c0035002f000a01000023000a00080006001700180019000b00020100000500050100000000
(1)   NAS-IP-Address = 10.41.17.64
(1)   NAS-Port = 1
(1)   NAS-Port-Id = "STA port # 1"
(1) session-state: No cached attributes
(1) # Executing section authorize from file /etc/raddb/sites-enabled/default
(1)   authorize {
(1)     [preprocess] = ok
(1) eap: Peer sent EAP Response (code 2) ID 1 length 127
(1) eap: Continuing tunnel setup
(1)     [eap] = ok
(1)   } # authorize = ok
(1) Found Auth-Type = eap
(1) # Executing group from file /etc/raddb/sites-enabled/default
(1)   authenticate {
(1) eap: Expiring EAP session with state 0x4f424a324f4353ce
(1) eap: Finished EAP session with state 0x4f424a324f4353ce
(1) eap: Previous EAP request found for state 0x4f424a324f4353ce, released
from the list
(1) eap: Peer sent packet with method EAP PEAP (25)
(1) eap: Calling submodule eap_peap to process data
(1) eap_peap: Continuing EAP-TLS
(1) eap_peap: Peer indicated complete TLS record size will be 117 bytes
(1) eap_peap: Got complete TLS record (117 bytes)
(1) eap_peap: [eaptls verify] = length included
(1) eap_peap: (other): before SSL initialization
(1) eap_peap: TLS_accept: before SSL initialization
(1) eap_peap: TLS_accept: before SSL initialization
(1) eap_peap: <<< recv TLS 1.2  [length 0070]
(1) eap_peap: TLS_accept: SSLv3/TLS read client hello
(1) eap_peap: >>> send TLS 1.0 Handshake [length 005d], ServerHello
(1) eap_peap: TLS_accept: SSLv3/TLS write server hello
(1) eap_peap: >>> send TLS 1.0 Handshake [length 08d3], Certificate
(1) eap_peap: TLS_accept: SSLv3/TLS write certificate
(1) eap_peap: >>> send TLS 1.0 Handshake [length 014b], ServerKeyExchange
(1) eap_peap: TLS_accept: SSLv3/TLS write key exchange
(1) eap_peap: >>> send TLS 1.0 Handshake [length 0004], ServerHelloDone
(1) eap_peap: TLS_accept: SSLv3/TLS write server done
(1) eap_peap: TLS_accept: Need to read more data: SSLv3/TLS write server
done
(1) eap_peap: In SSL Handshake Phase
(1) eap_peap: In SSL Accept mode
(1) eap_peap: [eaptls process] = handled
(1) eap: Sending EAP Request (code 1) ID 2 length 1004
(1) eap: EAP session adding &reply:State = 0x4f424a324e4053ce
(1)     [eap] = handled
(1)   } # authenticate = handled
(1) Using Post-Auth-Type Challenge
(1) Post-Auth-Type sub-section not found.  Ignoring.
(1) # Executing group from file /etc/raddb/sites-enabled/default
(1) Sent Access-Challenge Id 1 from 10.41.110.86:1812 to 10.41.17.64:1090
length 0
(1)   EAP-Message =
0x010203ec19c000000a93160301005d020000590301a36dd518f829f99eb9d0363fe456ae7cb1723abe53d9b74ce635ba187578a6122069bc2cddecdc894b088e0f0e198964b4b15264826ce476af949a2aeabbc4a531c014000011ff01000100000b0004030001020017000016030108d30b0008cf0008
(1)   Message-Authenticator = 0x00000000000000000000000000000000
(1)   State = 0x4f424a324e4053ce43a0ba7c4354ed56
(1) Finished request
Waking up in 4.9 seconds.
(2) Received Access-Request Id 2 from 10.41.17.64:1090 to 10.41.110.86:1812
length 218
(2)   Message-Authenticator = 0x708523ad3b241d8cb3cd6109c2210206
(2)   Service-Type = Framed-User
(2)   User-Name = "userTest"
(2)   Framed-MTU = 1488
(2)   State = 0x4f424a324e4053ce43a0ba7c4354ed56
(2)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(2)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(2)   NAS-Identifier = "3Com Access Point 7760"
(2)   NAS-Port-Type = Wireless-802.11
(2)   Connect-Info = "CONNECT 54Mbps 802.11g"
(2)   EAP-Message = 0x020200061900
(2)   NAS-IP-Address = 10.41.17.64
(2)   NAS-Port = 1
(2)   NAS-Port-Id = "STA port # 1"
(2) session-state: No cached attributes
(2) # Executing section authorize from file /etc/raddb/sites-enabled/default
(2)   authorize {
(2)     [preprocess] = ok
(2) eap: Peer sent EAP Response (code 2) ID 2 length 6
(2) eap: Continuing tunnel setup
(2)     [eap] = ok
(2)   } # authorize = ok
(2) Found Auth-Type = eap
(2) # Executing group from file /etc/raddb/sites-enabled/default
(2)   authenticate {
(2) eap: Expiring EAP session with state 0x4f424a324e4053ce
(2) eap: Finished EAP session with state 0x4f424a324e4053ce
(2) eap: Previous EAP request found for state 0x4f424a324e4053ce, released
from the list
(2) eap: Peer sent packet with method EAP PEAP (25)
(2) eap: Calling submodule eap_peap to process data
(2) eap_peap: Continuing EAP-TLS
(2) eap_peap: Peer ACKed our handshake fragment
(2) eap_peap: [eaptls verify] = request
(2) eap_peap: [eaptls process] = handled
(2) eap: Sending EAP Request (code 1) ID 3 length 1000
(2) eap: EAP session adding &reply:State = 0x4f424a324d4153ce
(2)     [eap] = handled
(2)   } # authenticate = handled
(2) Using Post-Auth-Type Challenge
(2) Post-Auth-Type sub-section not found.  Ignoring.
(2) # Executing group from file /etc/raddb/sites-enabled/default
(2) Sent Access-Challenge Id 2 from 10.41.110.86:1812 to 10.41.17.64:1090
length 0
(2)   EAP-Message =
0x010303e81940b2c16fe1b0d484179f9cdaaba928edbe85ea947176542ea9646d2f16b8803f26bf43aa9d60ff2c5d4d9ec84c4c511d64d81b360765cd88159cbe3831e7f63102d7e95becbf76520288a093eefd7080eb3f1c6936e347b508b9916d3e4e10615ad52b4601565fedd7e976bdf1ec0004e830
(2)   Message-Authenticator = 0x00000000000000000000000000000000
(2)   State = 0x4f424a324d4153ce43a0ba7c4354ed56
(2) Finished request
Waking up in 4.9 seconds.
(3) Received Access-Request Id 3 from 10.41.17.64:1090 to 10.41.110.86:1812
length 218
(3)   Message-Authenticator = 0x694b1490f6e3cd21dfc9199ca65ad6bb
(3)   Service-Type = Framed-User
(3)   User-Name = "userTest"
(3)   Framed-MTU = 1488
(3)   State = 0x4f424a324d4153ce43a0ba7c4354ed56
(3)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(3)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(3)   NAS-Identifier = "3Com Access Point 7760"
(3)   NAS-Port-Type = Wireless-802.11
(3)   Connect-Info = "CONNECT 54Mbps 802.11g"
(3)   EAP-Message = 0x020300061900
(3)   NAS-IP-Address = 10.41.17.64
(3)   NAS-Port = 1
(3)   NAS-Port-Id = "STA port # 1"
(3) session-state: No cached attributes
(3) # Executing section authorize from file /etc/raddb/sites-enabled/default
(3)   authorize {
(3)     [preprocess] = ok
(3) eap: Peer sent EAP Response (code 2) ID 3 length 6
(3) eap: Continuing tunnel setup
(3)     [eap] = ok
(3)   } # authorize = ok
(3) Found Auth-Type = eap
(3) # Executing group from file /etc/raddb/sites-enabled/default
(3)   authenticate {
(3) eap: Expiring EAP session with state 0x4f424a324d4153ce
(3) eap: Finished EAP session with state 0x4f424a324d4153ce
(3) eap: Previous EAP request found for state 0x4f424a324d4153ce, released
from the list
(3) eap: Peer sent packet with method EAP PEAP (25)
(3) eap: Calling submodule eap_peap to process data
(3) eap_peap: Continuing EAP-TLS
(3) eap_peap: Peer ACKed our handshake fragment
(3) eap_peap: [eaptls verify] = request
(3) eap_peap: [eaptls process] = handled
(3) eap: Sending EAP Request (code 1) ID 4 length 725
(3) eap: EAP session adding &reply:State = 0x4f424a324c4653ce
(3)     [eap] = handled
(3)   } # authenticate = handled
(3) Using Post-Auth-Type Challenge
(3) Post-Auth-Type sub-section not found.  Ignoring.
(3) # Executing group from file /etc/raddb/sites-enabled/default
(3) Sent Access-Challenge Id 3 from 10.41.110.86:1812 to 10.41.17.64:1090
length 0
(3)   EAP-Message =
0x010402d519006361746520417574686f72697479820900f29e29fc64450db1300f0603551d130101ff040530030101ff30360603551d1f042f302d302ba029a0278625687474703a2f2f7777772e6578616d706c652e6f72672f6578616d706c655f63612e63726c300d06092a864886f70d01010b0500
(3)   Message-Authenticator = 0x00000000000000000000000000000000
(3)   State = 0x4f424a324c4653ce43a0ba7c4354ed56
(3) Finished request
Waking up in 4.8 seconds.
(4) Received Access-Request Id 4 from 10.41.17.64:1090 to 10.41.110.86:1812
length 356
(4)   Message-Authenticator = 0x78b058e28b654994f016c8e6d6856262
(4)   Service-Type = Framed-User
(4)   User-Name = "userTest"
(4)   Framed-MTU = 1488
(4)   State = 0x4f424a324c4653ce43a0ba7c4354ed56
(4)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(4)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(4)   NAS-Identifier = "3Com Access Point 7760"
(4)   NAS-Port-Type = Wireless-802.11
(4)   Connect-Info = "CONNECT 54Mbps 802.11g"
(4)   EAP-Message =
0x020400901980000000861603010046100000424104343bd0b5232f0b5e71d7c23886a9010adf7356a99fd44cc2cd7f07bf38ff2cc3c22b73845842ed44f3b0a7537745ab07ff8a5adf41d4580e95f2c49e45d7fdf5140301000101160301003094eb3ac531aaff7dc61a1544092a6491d5bd260cea28aa
(4)   NAS-IP-Address = 10.41.17.64
(4)   NAS-Port = 1
(4)   NAS-Port-Id = "STA port # 1"
(4) session-state: No cached attributes
(4) # Executing section authorize from file /etc/raddb/sites-enabled/default
(4)   authorize {
(4)     [preprocess] = ok
(4) eap: Peer sent EAP Response (code 2) ID 4 length 144
(4) eap: Continuing tunnel setup
(4)     [eap] = ok
(4)   } # authorize = ok
(4) Found Auth-Type = eap
(4) # Executing group from file /etc/raddb/sites-enabled/default
(4)   authenticate {
(4) eap: Expiring EAP session with state 0x4f424a324c4653ce
(4) eap: Finished EAP session with state 0x4f424a324c4653ce
(4) eap: Previous EAP request found for state 0x4f424a324c4653ce, released
from the list
(4) eap: Peer sent packet with method EAP PEAP (25)
(4) eap: Calling submodule eap_peap to process data
(4) eap_peap: Continuing EAP-TLS
(4) eap_peap: Peer indicated complete TLS record size will be 134 bytes
(4) eap_peap: Got complete TLS record (134 bytes)
(4) eap_peap: [eaptls verify] = length included
(4) eap_peap: TLS_accept: SSLv3/TLS write server done
(4) eap_peap: <<< recv TLS 1.0 Handshake [length 0046], ClientKeyExchange
(4) eap_peap: TLS_accept: SSLv3/TLS read client key exchange
(4) eap_peap: TLS_accept: SSLv3/TLS read change cipher spec
(4) eap_peap: <<< recv TLS 1.0 Handshake [length 0010], Finished
(4) eap_peap: TLS_accept: SSLv3/TLS read finished
(4) eap_peap: >>> send TLS 1.0 ChangeCipherSpec [length 0001]
(4) eap_peap: TLS_accept: SSLv3/TLS write change cipher spec
(4) eap_peap: >>> send TLS 1.0 Handshake [length 0010], Finished
(4) eap_peap: TLS_accept: SSLv3/TLS write finished
(4) eap_peap: (other): SSL negotiation finished successfully
(4) eap_peap: SSL Connection Established
(4) eap_peap: [eaptls process] = handled
(4) eap: Sending EAP Request (code 1) ID 5 length 65
(4) eap: EAP session adding &reply:State = 0x4f424a324b4753ce
(4)     [eap] = handled
(4)   } # authenticate = handled
(4) Using Post-Auth-Type Challenge
(4) Post-Auth-Type sub-section not found.  Ignoring.
(4) # Executing group from file /etc/raddb/sites-enabled/default
(4) Sent Access-Challenge Id 4 from 10.41.110.86:1812 to 10.41.17.64:1090
length 0
(4)   EAP-Message =
0x01050041190014030100010116030100305ebd2608873fda32398dd285b4a181b94f12bc58d9f201e22d6dbdb53d406a52ca38c60ba0c717896b1a8901ef563f22
(4)   Message-Authenticator = 0x00000000000000000000000000000000
(4)   State = 0x4f424a324b4753ce43a0ba7c4354ed56
(4) Finished request
Waking up in 4.8 seconds.
(5) Received Access-Request Id 5 from 10.41.17.64:1090 to 10.41.110.86:1812
length 218
(5)   Message-Authenticator = 0x5db7e290140e326df8eab08383d2e765
(5)   Service-Type = Framed-User
(5)   User-Name = "userTest"
(5)   Framed-MTU = 1488
(5)   State = 0x4f424a324b4753ce43a0ba7c4354ed56
(5)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(5)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(5)   NAS-Identifier = "3Com Access Point 7760"
(5)   NAS-Port-Type = Wireless-802.11
(5)   Connect-Info = "CONNECT 54Mbps 802.11g"
(5)   EAP-Message = 0x020500061900
(5)   NAS-IP-Address = 10.41.17.64
(5)   NAS-Port = 1
(5)   NAS-Port-Id = "STA port # 1"
(5) session-state: No cached attributes
(5) # Executing section authorize from file /etc/raddb/sites-enabled/default
(5)   authorize {
(5)     [preprocess] = ok
(5) eap: Peer sent EAP Response (code 2) ID 5 length 6
(5) eap: Continuing tunnel setup
(5)     [eap] = ok
(5)   } # authorize = ok
(5) Found Auth-Type = eap
(5) # Executing group from file /etc/raddb/sites-enabled/default
(5)   authenticate {
(5) eap: Expiring EAP session with state 0x4f424a324b4753ce
(5) eap: Finished EAP session with state 0x4f424a324b4753ce
(5) eap: Previous EAP request found for state 0x4f424a324b4753ce, released
from the list
(5) eap: Peer sent packet with method EAP PEAP (25)
(5) eap: Calling submodule eap_peap to process data
(5) eap_peap: Continuing EAP-TLS
(5) eap_peap: Peer ACKed our handshake fragment.  handshake is finished
(5) eap_peap: [eaptls verify] = success
(5) eap_peap: [eaptls process] = success
(5) eap_peap: Session established.  Decoding tunneled attributes
(5) eap_peap: PEAP state TUNNEL ESTABLISHED
(5) eap: Sending EAP Request (code 1) ID 6 length 43
(5) eap: EAP session adding &reply:State = 0x4f424a324a4453ce
(5)     [eap] = handled
(5)   } # authenticate = handled
(5) Using Post-Auth-Type Challenge
(5) Post-Auth-Type sub-section not found.  Ignoring.
(5) # Executing group from file /etc/raddb/sites-enabled/default
(5) Sent Access-Challenge Id 5 from 10.41.110.86:1812 to 10.41.17.64:1090
length 0
(5)   EAP-Message =
0x0106002b190017030100204fbeb67ecdd80f0d14c8533df8a2921cf85689339ba802443fbb7b4143c6e638
(5)   Message-Authenticator = 0x00000000000000000000000000000000
(5)   State = 0x4f424a324a4453ce43a0ba7c4354ed56
(5) Finished request
Waking up in 4.8 seconds.
(6) Received Access-Request Id 6 from 10.41.17.64:1090 to 10.41.110.86:1812
length 271
(6)   Message-Authenticator = 0xe7b6266a72b2b6fc9b8f7c67f8405d94
(6)   Service-Type = Framed-User
(6)   User-Name = "userTest"
(6)   Framed-MTU = 1488
(6)   State = 0x4f424a324a4453ce43a0ba7c4354ed56
(6)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(6)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(6)   NAS-Identifier = "3Com Access Point 7760"
(6)   NAS-Port-Type = Wireless-802.11
(6)   Connect-Info = "CONNECT 54Mbps 802.11g"
(6)   EAP-Message =
0x0206003b19001703010030b1075bb4e12c13ae0e337bfca6841195aa45827fac9d354863e7706d5e066c1de365265b054e4374f86d3cd8ad7f0a14
(6)   NAS-IP-Address = 10.41.17.64
(6)   NAS-Port = 1
(6)   NAS-Port-Id = "STA port # 1"
(6) session-state: No cached attributes
(6) # Executing section authorize from file /etc/raddb/sites-enabled/default
(6)   authorize {
(6)     [preprocess] = ok
(6) eap: Peer sent EAP Response (code 2) ID 6 length 59
(6) eap: Continuing tunnel setup
(6)     [eap] = ok
(6)   } # authorize = ok
(6) Found Auth-Type = eap
(6) # Executing group from file /etc/raddb/sites-enabled/default
(6)   authenticate {
(6) eap: Expiring EAP session with state 0x4f424a324a4453ce
(6) eap: Finished EAP session with state 0x4f424a324a4453ce
(6) eap: Previous EAP request found for state 0x4f424a324a4453ce, released
from the list
(6) eap: Peer sent packet with method EAP PEAP (25)
(6) eap: Calling submodule eap_peap to process data
(6) eap_peap: Continuing EAP-TLS
(6) eap_peap: [eaptls verify] = ok
(6) eap_peap: Done initial handshake
(6) eap_peap: [eaptls process] = ok
(6) eap_peap: Session established.  Decoding tunneled attributes
(6) eap_peap: PEAP state WAITING FOR INNER IDENTITY
(6) eap_peap: Identity - userTest
(6) eap_peap: Got inner identity 'userTest'
(6) eap_peap: Setting default EAP type for tunneled EAP session
(6) eap_peap: Got tunneled request
(6) eap_peap:   EAP-Message = 0x02060010013031383239353036333832
(6) eap_peap: Setting User-Name to userTest
(6) eap_peap: Sending tunneled request to inner-tunnel
(6) eap_peap:   EAP-Message = 0x02060010013031383239353036333832
(6) eap_peap:   FreeRADIUS-Proxied-To = 127.0.0.1
(6) eap_peap:   User-Name = "userTest"
(6) eap_peap:   Service-Type = Framed-User
(6) eap_peap:   Framed-MTU = 1488
(6) eap_peap:   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(6) eap_peap:   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(6) eap_peap:   NAS-Identifier = "3Com Access Point 7760"
(6) eap_peap:   NAS-Port-Type = Wireless-802.11
(6) eap_peap:   Connect-Info = "CONNECT 54Mbps 802.11g"
(6) eap_peap:   NAS-IP-Address = 10.41.17.64
(6) eap_peap:   NAS-Port = 1
(6) eap_peap:   NAS-Port-Id = "STA port # 1"
(6) eap_peap:   Event-Timestamp = "Mar 22 2017 14:57:02 -03"
(6) Virtual server inner-tunnel received request
(6)   EAP-Message = 0x02060010013031383239353036333832
(6)   FreeRADIUS-Proxied-To = 127.0.0.1
(6)   User-Name = "userTest"
(6)   Service-Type = Framed-User
(6)   Framed-MTU = 1488
(6)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(6)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(6)   NAS-Identifier = "3Com Access Point 7760"
(6)   NAS-Port-Type = Wireless-802.11
(6)   Connect-Info = "CONNECT 54Mbps 802.11g"
(6)   NAS-IP-Address = 10.41.17.64
(6)   NAS-Port = 1
(6)   NAS-Port-Id = "STA port # 1"
(6)   Event-Timestamp = "Mar 22 2017 14:57:02 -03"
(6) WARNING: Outer and inner identities are the same.  User privacy is
compromised.
(6) server inner-tunnel {
(6)   # Executing section authorize from file
/etc/raddb/sites-enabled/inner-tunnel
(6)     authorize {
(6) eap: Peer sent EAP Response (code 2) ID 6 length 16
(6) eap: EAP-Identity reply, returning 'ok' so we can short-circuit the
rest of authorize
(6)       [eap] = ok
(6)     } # authorize = ok
(6)   Found Auth-Type = eap
(6)   # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(6)     authenticate {
(6) eap: Peer sent packet with method EAP Identity (1)
(6) eap: Calling submodule eap_mschapv2 to process data
(6) eap_mschapv2: Issuing Challenge
(6) eap: Sending EAP Request (code 1) ID 7 length 43
(6) eap: EAP session adding &reply:State = 0xf3cd2f37f3ca35ba
(6)       [eap] = handled
(6)     } # authenticate = handled
(6) } # server inner-tunnel
(6) Virtual server sending reply
(6)   EAP-Message =
0x0107002b1a010700261067d8cf1d5c0b22de6dca819f0ed63a21667265657261646975732d332e302e3134
(6)   Message-Authenticator = 0x00000000000000000000000000000000
(6)   State = 0xf3cd2f37f3ca35bae612626d1b2654f3
(6) eap_peap: Got tunneled reply code 11
(6) eap_peap:   EAP-Message =
0x0107002b1a010700261067d8cf1d5c0b22de6dca819f0ed63a21667265657261646975732d332e302e3134
(6) eap_peap:   Message-Authenticator = 0x00000000000000000000000000000000
(6) eap_peap:   State = 0xf3cd2f37f3ca35bae612626d1b2654f3
(6) eap_peap: Got tunneled reply RADIUS code 11
(6) eap_peap:   EAP-Message =
0x0107002b1a010700261067d8cf1d5c0b22de6dca819f0ed63a21667265657261646975732d332e302e3134
(6) eap_peap:   Message-Authenticator = 0x00000000000000000000000000000000
(6) eap_peap:   State = 0xf3cd2f37f3ca35bae612626d1b2654f3
(6) eap_peap: Got tunneled Access-Challenge
(6) eap: Sending EAP Request (code 1) ID 7 length 75
(6) eap: EAP session adding &reply:State = 0x4f424a32494553ce
(6)     [eap] = handled
(6)   } # authenticate = handled
(6) Using Post-Auth-Type Challenge
(6) Post-Auth-Type sub-section not found.  Ignoring.
(6) # Executing group from file /etc/raddb/sites-enabled/default
(6) Sent Access-Challenge Id 6 from 10.41.110.86:1812 to 10.41.17.64:1090
length 0
(6)   EAP-Message =
0x0107004b190017030100407ee01304c4502480e19242c7f750d012d233a5ea2d1d549713c489b9d008af01dc3ade2bce7451513c3505e6521aa348070036f24b83077b93713aeba346e895
(6)   Message-Authenticator = 0x00000000000000000000000000000000
(6)   State = 0x4f424a32494553ce43a0ba7c4354ed56
(6) Finished request
Waking up in 4.7 seconds.
(7) Received Access-Request Id 7 from 10.41.17.64:1090 to 10.41.110.86:1812
length 319
(7)   Message-Authenticator = 0x580b6f53691af232921c599c20c2aa51
(7)   Service-Type = Framed-User
(7)   User-Name = "userTest"
(7)   Framed-MTU = 1488
(7)   State = 0x4f424a32494553ce43a0ba7c4354ed56
(7)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(7)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(7)   NAS-Identifier = "3Com Access Point 7760"
(7)   NAS-Port-Type = Wireless-802.11
(7)   Connect-Info = "CONNECT 54Mbps 802.11g"
(7)   EAP-Message =
0x0207006b19001703010060c669e7ab79aa07c8499bfa9213bcaebc2d5d1e6e3430c227434a92ef9373471f606a32894c516daacea3cce9b586f7ce7c9d84961e2b80c3de6fa40766f4504a26b64e8fcf20c0a2f2e8dc4711e7e678c6d8a9a86ff7df602dc8286f128b7d2a
(7)   NAS-IP-Address = 10.41.17.64
(7)   NAS-Port = 1
(7)   NAS-Port-Id = "STA port # 1"
(7) session-state: No cached attributes
(7) # Executing section authorize from file /etc/raddb/sites-enabled/default
(7)   authorize {
(7)     [preprocess] = ok
(7) eap: Peer sent EAP Response (code 2) ID 7 length 107
(7) eap: Continuing tunnel setup
(7)     [eap] = ok
(7)   } # authorize = ok
(7) Found Auth-Type = eap
(7) # Executing group from file /etc/raddb/sites-enabled/default
(7)   authenticate {
(7) eap: Expiring EAP session with state 0xf3cd2f37f3ca35ba
(7) eap: Finished EAP session with state 0x4f424a32494553ce
(7) eap: Previous EAP request found for state 0x4f424a32494553ce, released
from the list
(7) eap: Peer sent packet with method EAP PEAP (25)
(7) eap: Calling submodule eap_peap to process data
(7) eap_peap: Continuing EAP-TLS
(7) eap_peap: [eaptls verify] = ok
(7) eap_peap: Done initial handshake
(7) eap_peap: [eaptls process] = ok
(7) eap_peap: Session established.  Decoding tunneled attributes
(7) eap_peap: PEAP state phase2
(7) eap_peap: EAP method MSCHAPv2 (26)
(7) eap_peap: Got tunneled request
(7) eap_peap:   EAP-Message =
0x020700461a0207004131e4c34eceb5730484764dfd45bce48ff100000000000000009faa4c5cb899c5231ce4957cf16fc309db17b07a773a6342003031383239353036333832
(7) eap_peap: Setting User-Name to userTest
(7) eap_peap: Sending tunneled request to inner-tunnel
(7) eap_peap:   EAP-Message =
0x020700461a0207004131e4c34eceb5730484764dfd45bce48ff100000000000000009faa4c5cb899c5231ce4957cf16fc309db17b07a773a6342003031383239353036333832
(7) eap_peap:   FreeRADIUS-Proxied-To = 127.0.0.1
(7) eap_peap:   User-Name = "userTest"
(7) eap_peap:   State = 0xf3cd2f37f3ca35bae612626d1b2654f3
(7) eap_peap:   Service-Type = Framed-User
(7) eap_peap:   Framed-MTU = 1488
(7) eap_peap:   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(7) eap_peap:   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(7) eap_peap:   NAS-Identifier = "3Com Access Point 7760"
(7) eap_peap:   NAS-Port-Type = Wireless-802.11
(7) eap_peap:   Connect-Info = "CONNECT 54Mbps 802.11g"
(7) eap_peap:   NAS-IP-Address = 10.41.17.64
(7) eap_peap:   NAS-Port = 1
(7) eap_peap:   NAS-Port-Id = "STA port # 1"
(7) eap_peap:   Event-Timestamp = "Mar 22 2017 14:57:02 -03"
(7) Virtual server inner-tunnel received request
(7)   EAP-Message =
0x020700461a0207004131e4c34eceb5730484764dfd45bce48ff100000000000000009faa4c5cb899c5231ce4957cf16fc309db17b07a773a6342003031383239353036333832
(7)   FreeRADIUS-Proxied-To = 127.0.0.1
(7)   User-Name = "userTest"
(7)   State = 0xf3cd2f37f3ca35bae612626d1b2654f3
(7)   Service-Type = Framed-User
(7)   Framed-MTU = 1488
(7)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(7)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(7)   NAS-Identifier = "3Com Access Point 7760"
(7)   NAS-Port-Type = Wireless-802.11
(7)   Connect-Info = "CONNECT 54Mbps 802.11g"
(7)   NAS-IP-Address = 10.41.17.64
(7)   NAS-Port = 1
(7)   NAS-Port-Id = "STA port # 1"
(7)   Event-Timestamp = "Mar 22 2017 14:57:02 -03"
(7) WARNING: Outer and inner identities are the same.  User privacy is
compromised.
(7) server inner-tunnel {
(7)   session-state: No cached attributes
(7)   # Executing section authorize from file
/etc/raddb/sites-enabled/inner-tunnel
(7)     authorize {
(7) eap: Peer sent EAP Response (code 2) ID 7 length 70
(7) eap: No EAP Start, assuming it's an on-going EAP conversation
(7)       [eap] = updated
rlm_ldap (ldap): Reserved connection (0)
(7) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
(7) ldap:    --> (uid=userTest)
(7) ldap: Performing search in "ou=people,dc=test,dc=br" with filter
"(uid=userTest)", scope "sub"
(7) ldap: Waiting for search result...
(7) ldap: User object found at DN "uid=userTest,ou=people,dc=test,dc=br"
(7) ldap: Processing user attributes
(7) ldap: control:NT-Password :=
0x3145333941394139324632423038413045363942344435414441374535333332
rlm_ldap (ldap): Released connection (0)
Need 5 more connections to reach 10 spares
rlm_ldap (ldap): Opening additional connection (5), 1 of 27 pending slots
used
rlm_ldap (ldap): Connecting to ldap://10.0.0.2:389
rlm_ldap (ldap): Waiting for bind result...
rlm_ldap (ldap): Bind successful
(7)       [ldap] = updated
(7)       [expiration] = noop
(7)       [logintime] = noop
(7) pap: Normalizing NT-Password from hex encoding, 32 bytes -> 16 bytes
(7) pap: WARNING: Auth-Type already set.  Not setting to PAP
(7)       [pap] = noop
(7)     } # authorize = updated
(7)   Found Auth-Type = eap
(7)   # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(7)     authenticate {
(7) eap: Expiring EAP session with state 0xf3cd2f37f3ca35ba
(7) eap: Finished EAP session with state 0xf3cd2f37f3ca35ba
(7) eap: Previous EAP request found for state 0xf3cd2f37f3ca35ba, released
from the list
(7) eap: Peer sent packet with method EAP MSCHAPv2 (26)
(7) eap: Calling submodule eap_mschapv2 to process data
(7) eap_mschapv2: # Executing group from file
/etc/raddb/sites-enabled/inner-tunnel
(7) eap_mschapv2:   authenticate {
(7) mschap: Found NT-Password
(7) mschap: Creating challenge hash with username: userTest
(7) mschap: Client is using MS-CHAPv2
(7) mschap: Adding MS-CHAPv2 MPPE keys
(7)     [mschap] = ok
(7)   } # authenticate = ok
(7) MSCHAP Success
(7) eap: Sending EAP Request (code 1) ID 8 length 51
(7) eap: EAP session adding &reply:State = 0xf3cd2f37f2c535ba
(7)       [eap] = handled
(7)     } # authenticate = handled
(7) } # server inner-tunnel
(7) Virtual server sending reply
(7)   EAP-Message =
0x010800331a0307002e533d36353643383034344335374539324431353934314344333337323737433135443633453939343543
(7)   Message-Authenticator = 0x00000000000000000000000000000000
(7)   State = 0xf3cd2f37f2c535bae612626d1b2654f3
(7) eap_peap: Got tunneled reply code 11
(7) eap_peap:   EAP-Message =
0x010800331a0307002e533d36353643383034344335374539324431353934314344333337323737433135443633453939343543
(7) eap_peap:   Message-Authenticator = 0x00000000000000000000000000000000
(7) eap_peap:   State = 0xf3cd2f37f2c535bae612626d1b2654f3
(7) eap_peap: Got tunneled reply RADIUS code 11
(7) eap_peap:   EAP-Message =
0x010800331a0307002e533d36353643383034344335374539324431353934314344333337323737433135443633453939343543
(7) eap_peap:   Message-Authenticator = 0x00000000000000000000000000000000
(7) eap_peap:   State = 0xf3cd2f37f2c535bae612626d1b2654f3
(7) eap_peap: Got tunneled Access-Challenge
(7) eap: Sending EAP Request (code 1) ID 8 length 91
(7) eap: EAP session adding &reply:State = 0x4f424a32484a53ce
(7)     [eap] = handled
(7)   } # authenticate = handled
(7) Using Post-Auth-Type Challenge
(7) Post-Auth-Type sub-section not found.  Ignoring.
(7) # Executing group from file /etc/raddb/sites-enabled/default
(7) Sent Access-Challenge Id 7 from 10.41.110.86:1812 to 10.41.17.64:1090
length 0
(7)   EAP-Message =
0x0108005b19001703010050ac2f44e2a3ed7acba66a1267f323eb6eae71a2bd254a14b8c51eea8b179c1a0ec40cc59af04ad38b953ba3e697ab8357949e573623914e6e5f3c1f165eddacca08316a41b4bfb822bd25c92ee3130e73
(7)   Message-Authenticator = 0x00000000000000000000000000000000
(7)   State = 0x4f424a32484a53ce43a0ba7c4354ed56
(7) Finished request
Waking up in 1.5 seconds.
Waking up in 1.5 seconds.
(8) Received Access-Request Id 8 from 10.41.17.64:1090 to 10.41.110.86:1812
length 255
(8)   Message-Authenticator = 0x7dcc3d33a8e6f5ac1e603cc17197c534
(8)   Service-Type = Framed-User
(8)   User-Name = "userTest"
(8)   Framed-MTU = 1488
(8)   State = 0x4f424a32484a53ce43a0ba7c4354ed56
(8)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(8)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(8)   NAS-Identifier = "3Com Access Point 7760"
(8)   NAS-Port-Type = Wireless-802.11
(8)   Connect-Info = "CONNECT 54Mbps 802.11g"
(8)   EAP-Message =
0x0208002b19001703010020abc7b9d4379a98cc113dd952442471dc9a0a7631401d09e2600bae46ef769ad8
(8)   NAS-IP-Address = 10.41.17.64
(8)   NAS-Port = 1
(8)   NAS-Port-Id = "STA port # 1"
(8) session-state: No cached attributes
(8) # Executing section authorize from file /etc/raddb/sites-enabled/default
(8)   authorize {
(8)     [preprocess] = ok
(8) eap: Peer sent EAP Response (code 2) ID 8 length 43
(8) eap: Continuing tunnel setup
(8)     [eap] = ok
(8)   } # authorize = ok
(8) Found Auth-Type = eap
(8) # Executing group from file /etc/raddb/sites-enabled/default
(8)   authenticate {
(8) eap: Expiring EAP session with state 0xf3cd2f37f2c535ba
(8) eap: Finished EAP session with state 0x4f424a32484a53ce
(8) eap: Previous EAP request found for state 0x4f424a32484a53ce, released
from the list
(8) eap: Peer sent packet with method EAP PEAP (25)
(8) eap: Calling submodule eap_peap to process data
(8) eap_peap: Continuing EAP-TLS
(8) eap_peap: [eaptls verify] = ok
(8) eap_peap: Done initial handshake
(8) eap_peap: [eaptls process] = ok
(8) eap_peap: Session established.  Decoding tunneled attributes
(8) eap_peap: PEAP state phase2
(8) eap_peap: EAP method MSCHAPv2 (26)
(8) eap_peap: Got tunneled request
(8) eap_peap:   EAP-Message = 0x020800061a03
(8) eap_peap: Setting User-Name to userTest
(8) eap_peap: Sending tunneled request to inner-tunnel
(8) eap_peap:   EAP-Message = 0x020800061a03
(8) eap_peap:   FreeRADIUS-Proxied-To = 127.0.0.1
(8) eap_peap:   User-Name = "userTest"
(8) eap_peap:   State = 0xf3cd2f37f2c535bae612626d1b2654f3
(8) eap_peap:   Service-Type = Framed-User
(8) eap_peap:   Framed-MTU = 1488
(8) eap_peap:   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(8) eap_peap:   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(8) eap_peap:   NAS-Identifier = "3Com Access Point 7760"
(8) eap_peap:   NAS-Port-Type = Wireless-802.11
(8) eap_peap:   Connect-Info = "CONNECT 54Mbps 802.11g"
(8) eap_peap:   NAS-IP-Address = 10.41.17.64
(8) eap_peap:   NAS-Port = 1
(8) eap_peap:   NAS-Port-Id = "STA port # 1"
(8) eap_peap:   Event-Timestamp = "Mar 22 2017 14:57:06 -03"
(8) Virtual server inner-tunnel received request
(8)   EAP-Message = 0x020800061a03
(8)   FreeRADIUS-Proxied-To = 127.0.0.1
(8)   User-Name = "userTest"
(8)   State = 0xf3cd2f37f2c535bae612626d1b2654f3
(8)   Service-Type = Framed-User
(8)   Framed-MTU = 1488
(8)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(8)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(8)   NAS-Identifier = "3Com Access Point 7760"
(8)   NAS-Port-Type = Wireless-802.11
(8)   Connect-Info = "CONNECT 54Mbps 802.11g"
(8)   NAS-IP-Address = 10.41.17.64
(8)   NAS-Port = 1
(8)   NAS-Port-Id = "STA port # 1"
(8)   Event-Timestamp = "Mar 22 2017 14:57:06 -03"
(8) WARNING: Outer and inner identities are the same.  User privacy is
compromised.
(8) server inner-tunnel {
(8)   session-state: No cached attributes
(8)   # Executing section authorize from file
/etc/raddb/sites-enabled/inner-tunnel
(8)     authorize {
(8) eap: Peer sent EAP Response (code 2) ID 8 length 6
(8) eap: No EAP Start, assuming it's an on-going EAP conversation
(8)       [eap] = updated
rlm_ldap (ldap): Reserved connection (1)
(8) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
(8) ldap:    --> (uid=userTest)
(8) ldap: Performing search in "ou=people,dc=test,dc=br" with filter
"(uid=userTest)", scope "sub"
(8) ldap: Waiting for search result...
(8) ldap: User object found at DN "uid=userTest,ou=people,dc=test,dc=br"
(8) ldap: Processing user attributes
(8) ldap: control:NT-Password :=
0x3145333941394139324632423038413045363942344435414441374535333332
rlm_ldap (ldap): Released connection (1)
Need 4 more connections to reach 10 spares
rlm_ldap (ldap): Opening additional connection (6), 1 of 26 pending slots
used
rlm_ldap (ldap): Connecting to ldap://10.0.0.2:389
rlm_ldap (ldap): Waiting for bind result...
rlm_ldap (ldap): Bind successful
(8)       [ldap] = updated
(8)       [expiration] = noop
(8)       [logintime] = noop
(8) pap: Normalizing NT-Password from hex encoding, 32 bytes -> 16 bytes
(8) pap: WARNING: Auth-Type already set.  Not setting to PAP
(8)       [pap] = noop
(8)     } # authorize = updated
(8)   Found Auth-Type = eap
(8)   # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(8)     authenticate {
(8) eap: Expiring EAP session with state 0xf3cd2f37f2c535ba
(8) eap: Finished EAP session with state 0xf3cd2f37f2c535ba
(8) eap: Previous EAP request found for state 0xf3cd2f37f2c535ba, released
from the list
(8) eap: Peer sent packet with method EAP MSCHAPv2 (26)
(8) eap: Calling submodule eap_mschapv2 to process data
(8) eap: Sending EAP Success (code 3) ID 8 length 4
(8) eap: Freeing handler
(8)       [eap] = ok
(8)     } # authenticate = ok
(8)   # Executing section post-auth from file
/etc/raddb/sites-enabled/inner-tunnel
(8)     post-auth { ... } # empty sub-section is ignored
(8) } # server inner-tunnel
(8) Virtual server sending reply
(8)   MS-MPPE-Encryption-Policy = Encryption-Allowed
(8)   MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
(8)   MS-MPPE-Send-Key = 0x4aa9e16bdd36625e16a0d830524217af
(8)   MS-MPPE-Recv-Key = 0x0a5d092cf0335597ba092c656391f8ce
(8)   EAP-Message = 0x03080004
(8)   Message-Authenticator = 0x00000000000000000000000000000000
(8)   User-Name = "userTest"
(8) eap_peap: Got tunneled reply code 2
(8) eap_peap:   MS-MPPE-Encryption-Policy = Encryption-Allowed
(8) eap_peap:   MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
(8) eap_peap:   MS-MPPE-Send-Key = 0x4aa9e16bdd36625e16a0d830524217af
(8) eap_peap:   MS-MPPE-Recv-Key = 0x0a5d092cf0335597ba092c656391f8ce
(8) eap_peap:   EAP-Message = 0x03080004
(8) eap_peap:   Message-Authenticator = 0x00000000000000000000000000000000
(8) eap_peap:   User-Name = "userTest"
(8) eap_peap: Got tunneled reply RADIUS code 2
(8) eap_peap:   MS-MPPE-Encryption-Policy = Encryption-Allowed
(8) eap_peap:   MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
(8) eap_peap:   MS-MPPE-Send-Key = 0x4aa9e16bdd36625e16a0d830524217af
(8) eap_peap:   MS-MPPE-Recv-Key = 0x0a5d092cf0335597ba092c656391f8ce
(8) eap_peap:   EAP-Message = 0x03080004
(8) eap_peap:   Message-Authenticator = 0x00000000000000000000000000000000
(8) eap_peap:   User-Name = "userTest"
(8) eap_peap: Tunneled authentication was successful
(8) eap_peap: SUCCESS
(8) eap_peap: Saving tunneled attributes for later
(8) eap: Sending EAP Request (code 1) ID 9 length 43
(8) eap: EAP session adding &reply:State = 0x4f424a32474b53ce
(8)     [eap] = handled
(8)   } # authenticate = handled
(8) Using Post-Auth-Type Challenge
(8) Post-Auth-Type sub-section not found.  Ignoring.
(8) # Executing group from file /etc/raddb/sites-enabled/default
(8) Sent Access-Challenge Id 8 from 10.41.110.86:1812 to 10.41.17.64:1090
length 0
(8)   EAP-Message =
0x0109002b19001703010020eae9a042828d4a49005b266a1f74f0a2bf7014f3c8490968e2346a1102a797f0
(8)   Message-Authenticator = 0x00000000000000000000000000000000
(8)   State = 0x4f424a32474b53ce43a0ba7c4354ed56
(8) Finished request
(0) Cleaning up request packet ID 0 with timestamp +13
(1) Cleaning up request packet ID 1 with timestamp +13
(2) Cleaning up request packet ID 2 with timestamp +13
(3) Cleaning up request packet ID 3 with timestamp +13
(4) Cleaning up request packet ID 4 with timestamp +13
(5) Cleaning up request packet ID 5 with timestamp +13
(6) Cleaning up request packet ID 6 with timestamp +13
Waking up in 6.6 seconds.
(9) Received Access-Request Id 9 from 10.41.17.64:1090 to 10.41.110.86:1812
length 255
(9)   Message-Authenticator = 0x58645e92fdfebfe5a07ee2ca9e76d058
(9)   Service-Type = Framed-User
(9)   User-Name = "userTest"
(9)   Framed-MTU = 1488
(9)   State = 0x4f424a32474b53ce43a0ba7c4354ed56
(9)   Called-Station-Id = "40-01-C6-D8-5C-00:AAA-Teste"
(9)   Calling-Station-Id = "4C-57-CA-E2-E9-8D"
(9)   NAS-Identifier = "3Com Access Point 7760"
(9)   NAS-Port-Type = Wireless-802.11
(9)   Connect-Info = "CONNECT 54Mbps 802.11g"
(9)   EAP-Message =
0x0209002b19001703010020392369a6b70c5ffc43a71c35e3a7fdfedb1358e8be6145c943f3c8f7c084f2aa
(9)   NAS-IP-Address = 10.41.17.64
(9)   NAS-Port = 1
(9)   NAS-Port-Id = "STA port # 1"
(9) session-state: No cached attributes
(9) # Executing section authorize from file /etc/raddb/sites-enabled/default
(9)   authorize {
(9)     [preprocess] = ok
(9) eap: Peer sent EAP Response (code 2) ID 9 length 43
(9) eap: Continuing tunnel setup
(9)     [eap] = ok
(9)   } # authorize = ok
(9) Found Auth-Type = eap
(9) # Executing group from file /etc/raddb/sites-enabled/default
(9)   authenticate {
(9) eap: Expiring EAP session with state 0x4f424a32474b53ce
(9) eap: Finished EAP session with state 0x4f424a32474b53ce
(9) eap: Previous EAP request found for state 0x4f424a32474b53ce, released
from the list
(9) eap: Peer sent packet with method EAP PEAP (25)
(9) eap: Calling submodule eap_peap to process data
(9) eap_peap: Continuing EAP-TLS
(9) eap_peap: [eaptls verify] = ok
(9) eap_peap: Done initial handshake
(9) eap_peap: [eaptls process] = ok
(9) eap_peap: Session established.  Decoding tunneled attributes
(9) eap_peap: PEAP state send tlv success
(9) eap_peap: Received EAP-TLV response
(9) eap_peap: Success
(9) eap_peap: Using saved attributes from the original Access-Accept
(9) eap_peap:   User-Name = "userTest"
(9) eap_peap:     caching User-Name = "userTest"
(9) eap_peap: Failed to find 'persist_dir' in TLS configuration.  Session
will not be cached on disk.
(9) eap: Sending EAP Success (code 3) ID 9 length 4
(9) eap: Freeing handler
(9)     [eap] = ok
(9)   } # authenticate = ok
(9) # Executing section post-auth from file /etc/raddb/sites-enabled/default
(9)   post-auth {
(9)     update {
(9)       No attributes updated
(9)     } # update = noop
(9)     [exec] = noop
(9)     policy remove_reply_message_if_eap {
(9)       if (&reply:EAP-Message && &reply:Reply-Message) {
(9)       if (&reply:EAP-Message && &reply:Reply-Message)  -> FALSE
(9)       else {
(9)         [noop] = noop
(9)       } # else = noop
(9)     } # policy remove_reply_message_if_eap = noop
(9)   } # post-auth = noop
(9) Sent Access-Accept Id 9 from 10.41.110.86:1812 to 10.41.17.64:1090
length 0
(9)   User-Name = "userTest"
(9)   MS-MPPE-Recv-Key =
0x00a4bdf20b6b9a550a36b016997d3bb3bd83c0fdfdbcc0ddd6026d3daa2019bb
(9)   MS-MPPE-Send-Key =
0xaf0e20d1649dba2bd275bae0ce54905287ec784004b438eac1d71335a6a5df64
(9)   EAP-Message = 0x03090004
(9)   Message-Authenticator = 0x00000000000000000000000000000000
(9) Finished request
Waking up in 4.9 seconds.
(9) Cleaning up request packet ID 9 with timestamp +20
Waking up in 1.6 seconds.
(7) Cleaning up request packet ID 7 with timestamp +13
Waking up in 3.3 seconds.


More information about the Freeradius-Users mailing list