Authentication issue
Ryan Sinclair
Ryan.Sinclair at EnovateMedical.com
Tue Jul 10 23:30:12 CEST 2018
Afternoon all,
Looking for a little guidance on an issue we're seeing with a wifi module that we can't seem to get to authenticate to the RADIUS server (default setup on Ubuntu). We get to the Access-Challenge but then nothing and eventually the session just errors out and says it did not finish. Output from debug below.
BEGIN----
rad_recv: Access-Request packet from host 10.10.128.122 port 47803, id=88, length=255
User-Name = "WATENOVAT01"
NAS-IP-Address = 10.10.128.122
Called-Station-Id = "02-18-4A-8D-3D-97:AHSMwmD"
NAS-Port-Type = Wireless-802.11
Service-Type = Framed-User
Calling-Station-Id = "00-1E-C0-6C-FB-0B"
Connect-Info = "CONNECT 54.00 Mbps, 802.11g, RSSI: 57, Channel: 1"
Acct-Session-Id = "EDBDA43598F12EF9"
Acct-Multi-Session-Id = "837FBA629412F692"
WLAN-Pairwise-Cipher = 1027076
WLAN-Group-Cipher = 1027076
WLAN-AKM-Suite = 1027073
Vendor-29671-Attr-1 = 0x424357
Framed-MTU = 1400
EAP-Message = 0x02db001001574154454e4f5641543031
Message-Authenticator = 0xad101bd76294451942d4c1cb39f4dd5e
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+group authorize {
++[preprocess] = ok
++[chap] = noop
++[mschap] = noop
++[digest] = noop
[suffix] No '@' in User-Name = "WATENOVAT01", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] = noop
[eap] EAP packet type response id 219 length 16
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] = updated
[files] users: Matched entry WATENOVAT01 at line 1
++[files] = ok
++[expiration] = noop
++[logintime] = noop
[pap] WARNING: Auth-Type already set. Not setting to PAP
++[pap] = noop
+} # group authorize = updated
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+group authenticate {
[eap] EAP Identity
[eap] processing type md5
rlm_eap_md5: Issuing Challenge
++[eap] = handled
+} # group authenticate = handled
Sending Access-Challenge of id 88 to 10.10.128.122 port 47803
EAP-Message = 0x01dc00160410432880d91d2b837246de218eef6e8d47
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x7b85dc127b59d8c1271c8cde542b7f71
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.10.128.122 port 47803, id=89, length=263
User-Name = "WATENOVAT01"
NAS-IP-Address = 10.10.128.122
Called-Station-Id = "02-18-4A-8D-3D-97:AHSMwmD"
NAS-Port-Type = Wireless-802.11
Service-Type = Framed-User
Calling-Station-Id = "00-1E-C0-6C-FB-0B"
Connect-Info = "CONNECT 54.00 Mbps, 802.11g, RSSI: 57, Channel: 1"
Acct-Session-Id = "EDBDA43598F12EF9"
Acct-Multi-Session-Id = "837FBA629412F692"
WLAN-Pairwise-Cipher = 1027076
WLAN-Group-Cipher = 1027076
WLAN-AKM-Suite = 1027073
Vendor-29671-Attr-1 = 0x424357
Framed-MTU = 1400
EAP-Message = 0x02dc00060319
State = 0x7b85dc127b59d8c1271c8cde542b7f71
Message-Authenticator = 0x15e7f8766ac76afc0990807b6cb3075d
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+group authorize {
++[preprocess] = ok
++[chap] = noop
++[mschap] = noop
++[digest] = noop
[suffix] No '@' in User-Name = "WATENOVAT01", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] = noop
[eap] EAP packet type response id 220 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] = updated
[files] users: Matched entry WATENOVAT01 at line 1
++[files] = ok
++[expiration] = noop
++[logintime] = noop
[pap] WARNING: Auth-Type already set. Not setting to PAP
++[pap] = noop
+} # group authorize = updated
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+group authenticate {
[eap] Request found, released from the list
[eap] EAP NAK
[eap] EAP-NAK asked for EAP-Type/peap
[eap] processing type tls
[tls] Initiate
[tls] Start returned 1
++[eap] = handled
+} # group authenticate = handled
Sending Access-Challenge of id 89 to 10.10.128.122 port 47803
EAP-Message = 0x01dd00061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x7b85dc127a58c5c1271c8cde542b7f71
Finished request 1.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.10.128.122 port 47803, id=90, length=329
User-Name = "WATENOVAT01"
NAS-IP-Address = 10.10.128.122
Called-Station-Id = "02-18-4A-8D-3D-97:AHSMwmD"
NAS-Port-Type = Wireless-802.11
Service-Type = Framed-User
Calling-Station-Id = "00-1E-C0-6C-FB-0B"
Connect-Info = "CONNECT 54.00 Mbps, 802.11g, RSSI: 57, Channel: 1"
Acct-Session-Id = "EDBDA43598F12EF9"
Acct-Multi-Session-Id = "837FBA629412F692"
WLAN-Pairwise-Cipher = 1027076
WLAN-Group-Cipher = 1027076
WLAN-AKM-Suite = 1027073
Vendor-29671-Attr-1 = 0x424357
Framed-MTU = 1400
EAP-Message = 0x02dd004819800000003e160301003901000035030100000001817ce41b057ae4ede29f237477a06811e1443fb62c5d4defb9f7814c000008002f00050004000a0100000400230000
State = 0x7b85dc127a58c5c1271c8cde542b7f71
Message-Authenticator = 0x4b72c60a28cb7368aae176e8e54fcc89
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+group authorize {
++[preprocess] = ok
++[chap] = noop
++[mschap] = noop
++[digest] = noop
[suffix] No '@' in User-Name = "WATENOVAT01", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] = noop
[eap] EAP packet type response id 221 length 72
[eap] Continuing tunnel setup.
++[eap] = ok
+} # group authorize = ok
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+group authenticate {
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
TLS Length 62
[peap] Length Included
[peap] eaptls_verify returned 11
[peap] (other): before/accept initialization
[peap] TLS_accept: before/accept initialization
[peap] <<< Unknown TLS version [length 0005]
[peap] <<< TLS 1.0 Handshake [length 0039], ClientHello
[peap] TLS_accept: unknown state
[peap] >>> Unknown TLS version [length 0005]
[peap] >>> TLS 1.0 Handshake [length 002a], ServerHello
[peap] TLS_accept: unknown state
[peap] >>> Unknown TLS version [length 0005]
[peap] >>> TLS 1.0 Handshake [length 02c0], Certificate
[peap] TLS_accept: unknown state
[peap] >>> Unknown TLS version [length 0005]
[peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
[peap] TLS_accept: unknown state
[peap] TLS_accept: unknown state
[peap] TLS_accept: unknown state
[peap] TLS_accept: Need to read more data: unknown state
[peap] TLS_accept: Need to read more data: unknown state
In SSL Handshake Phase
In SSL Accept mode
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] = handled
+} # group authenticate = handled
Sending Access-Challenge of id 90 to 10.10.128.122 port 47803
EAP-Message = 0x01de03031900160301002a02000026030183cfdd6aa50f0f3abfa737ebce57764a3c8fb4bb8fb89941ac18ea9698155ff400002f0016030102c00b0002bc0002b90002b6308202b23082019aa003020102020900f22226f9b340ee6a300d06092a864886f70d01010b05003011310f300d06035504030c06656d72647331301e170d3138303630383133343334325a170d3238303630353133343334325a3011310f300d06035504030c06656d7264733130820122300d06092a864886f70d01010105000382010f003082010a0282010100b06fb34b4d3edb4340c9af6d74051e10d4727e25125bac166ff388c211eaeb7ef6ad59e2856fed6e4bb98a
EAP-Message = 0xe3f5cb286a75bd28fd1d5bf806f91f252bd17974c0987e4e99447ee481fb2cafa44f633529d358a6933c9b7d1393914cede0d4211ba354d617223eb6a866833218a755dd49c6e4ad5be5a6f682bab73a3ef50e365b3f8cf67e34b34e69003d344ae86042629f844a96b4432d34a66a03337ac4b4337b42662f9ee72f6becc4402a002a970a6557a5b406146625ec45468f233dfb163dcfb064001cc1cf485562a2d1b28a6620d4fbe378d143dddfc8510ccceb0fb52e65f755b990bb83c4afd0a17a49119de609110848c1f40b1226406eb5785a790203010001a30d300b30090603551d1304023000300d06092a864886f70d01010b05000382010100
EAP-Message = 0x54b189ccdf1ef6284e17923457f5166c5394de23b150b0abe6ced4dc1b807ae8ecce775348a252d01631063f1947927d4916263dad5be918070429a3cc34190a7a19c80a9c720d509a6d8a581baec2407c3348ce50e57d0825c71ca292a89ec6b67e8ea1102f5d1b633ab067a66a5567a50be9457f9d72e14a7479273c4ace4b96ed82d62367f03edad46626d5d3c84996c67bf4995cd6f7dbacf50af8a018ac8ca2c7cee6e36bb4d27832c33764a33d2622d08e9857298a69a48a87ccf31fa7c082eb6f63db5527e7e803bd1c4a928d972f2b04f475e6d10066f2c27853a44dbf7a6d8ebc3978d5656f5a7ecbcc8d5e1ff24ed9782abd06ca120fa8bf
EAP-Message = 0x21948916030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x7b85dc12795bc5c1271c8cde542b7f71
Finished request 2.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.10.128.122 port 47803, id=91, length=255
User-Name = "WATENOVAT01"
NAS-IP-Address = 10.10.128.122
Called-Station-Id = "02-18-4A-8D-3D-97:AHSMwmD"
NAS-Port-Type = Wireless-802.11
Service-Type = Framed-User
Calling-Station-Id = "00-1E-C0-6C-FB-0B"
Connect-Info = "CONNECT 54.00 Mbps, 802.11g, RSSI: 56, Channel: 1"
Acct-Session-Id = "103A93CA9F945C99"
Acct-Multi-Session-Id = "FB64B58512B66D42"
WLAN-Pairwise-Cipher = 1027076
WLAN-Group-Cipher = 1027076
WLAN-AKM-Suite = 1027073
Vendor-29671-Attr-1 = 0x424357
Framed-MTU = 1400
EAP-Message = 0x025c001001574154454e4f5641543031
Message-Authenticator = 0xe08641665202ffc7100c4207b5f8bec5
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+group authorize {
++[preprocess] = ok
++[chap] = noop
++[mschap] = noop
++[digest] = noop
[suffix] No '@' in User-Name = "WATENOVAT01", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] = noop
[eap] EAP packet type response id 92 length 16
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] = updated
[files] users: Matched entry WATENOVAT01 at line 1
++[files] = ok
++[expiration] = noop
++[logintime] = noop
[pap] WARNING: Auth-Type already set. Not setting to PAP
++[pap] = noop
+} # group authorize = updated
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+group authenticate {
[eap] EAP Identity
[eap] processing type md5
rlm_eap_md5: Issuing Challenge
++[eap] = handled
+} # group authenticate = handled
Sending Access-Challenge of id 91 to 10.10.128.122 port 47803
EAP-Message = 0x015d001604101d0ceee96b1ae4d80d70ba8b61634fef
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x7be386297bbe82a4fe9b40e370a4c69f
Finished request 3.
Going to the next request
Waking up in 4.7 seconds.
rad_recv: Access-Request packet from host 10.10.128.122 port 47803, id=92, length=263
User-Name = "WATENOVAT01"
NAS-IP-Address = 10.10.128.122
Called-Station-Id = "02-18-4A-8D-3D-97:AHSMwmD"
NAS-Port-Type = Wireless-802.11
Service-Type = Framed-User
Calling-Station-Id = "00-1E-C0-6C-FB-0B"
Connect-Info = "CONNECT 54.00 Mbps, 802.11g, RSSI: 57, Channel: 1"
Acct-Session-Id = "103A93CA9F945C99"
Acct-Multi-Session-Id = "FB64B58512B66D42"
WLAN-Pairwise-Cipher = 1027076
WLAN-Group-Cipher = 1027076
WLAN-AKM-Suite = 1027073
Vendor-29671-Attr-1 = 0x424357
Framed-MTU = 1400
EAP-Message = 0x025d00060319
State = 0x7be386297bbe82a4fe9b40e370a4c69f
Message-Authenticator = 0xbcbe8b61c4739469b2df1f125e7d5338
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+group authorize {
++[preprocess] = ok
++[chap] = noop
++[mschap] = noop
++[digest] = noop
[suffix] No '@' in User-Name = "WATENOVAT01", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] = noop
[eap] EAP packet type response id 93 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] = updated
[files] users: Matched entry WATENOVAT01 at line 1
++[files] = ok
++[expiration] = noop
++[logintime] = noop
[pap] WARNING: Auth-Type already set. Not setting to PAP
++[pap] = noop
+} # group authorize = updated
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+group authenticate {
[eap] Request found, released from the list
[eap] EAP NAK
[eap] EAP-NAK asked for EAP-Type/peap
[eap] processing type tls
[tls] Initiate
[tls] Start returned 1
++[eap] = handled
+} # group authenticate = handled
Sending Access-Challenge of id 92 to 10.10.128.122 port 47803
EAP-Message = 0x015e00061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x7be386297abd9fa4fe9b40e370a4c69f
Finished request 4.
Going to the next request
Waking up in 4.7 seconds.
rad_recv: Access-Request packet from host 10.10.128.122 port 47803, id=93, length=329
User-Name = "WATENOVAT01"
NAS-IP-Address = 10.10.128.122
Called-Station-Id = "02-18-4A-8D-3D-97:AHSMwmD"
NAS-Port-Type = Wireless-802.11
Service-Type = Framed-User
Calling-Station-Id = "00-1E-C0-6C-FB-0B"
Connect-Info = "CONNECT 54.00 Mbps, 802.11g, RSSI: 57, Channel: 1"
Acct-Session-Id = "103A93CA9F945C99"
Acct-Multi-Session-Id = "FB64B58512B66D42"
WLAN-Pairwise-Cipher = 1027076
WLAN-Group-Cipher = 1027076
WLAN-AKM-Suite = 1027073
Vendor-29671-Attr-1 = 0x424357
Framed-MTU = 1400
EAP-Message = 0x025e004819800000003e160301003901000035030100000001fba380567c1ebcb1df89ceac8196cc7eb323e387590402db7ab573e3000008002f00050004000a0100000400230000
State = 0x7be386297abd9fa4fe9b40e370a4c69f
Message-Authenticator = 0xe32dd642da8f3fa616bba44fe9c92c60
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+group authorize {
++[preprocess] = ok
++[chap] = noop
++[mschap] = noop
++[digest] = noop
[suffix] No '@' in User-Name = "WATENOVAT01", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] = noop
[eap] EAP packet type response id 94 length 72
[eap] Continuing tunnel setup.
++[eap] = ok
+} # group authorize = ok
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+group authenticate {
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
TLS Length 62
[peap] Length Included
[peap] eaptls_verify returned 11
[peap] (other): before/accept initialization
[peap] TLS_accept: before/accept initialization
[peap] <<< Unknown TLS version [length 0005]
[peap] <<< TLS 1.0 Handshake [length 0039], ClientHello
[peap] TLS_accept: unknown state
[peap] >>> Unknown TLS version [length 0005]
[peap] >>> TLS 1.0 Handshake [length 002a], ServerHello
[peap] TLS_accept: unknown state
[peap] >>> Unknown TLS version [length 0005]
[peap] >>> TLS 1.0 Handshake [length 02c0], Certificate
[peap] TLS_accept: unknown state
[peap] >>> Unknown TLS version [length 0005]
[peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
[peap] TLS_accept: unknown state
[peap] TLS_accept: unknown state
[peap] TLS_accept: unknown state
[peap] TLS_accept: Need to read more data: unknown state
[peap] TLS_accept: Need to read more data: unknown state
In SSL Handshake Phase
In SSL Accept mode
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] = handled
+} # group authenticate = handled
Sending Access-Challenge of id 93 to 10.10.128.122 port 47803
EAP-Message = 0x015f03031900160301002a020000260301574d25fe8f1282db72f69c545250f40312a6a17eba16c18885e5c6f8fb755ade00002f0016030102c00b0002bc0002b90002b6308202b23082019aa003020102020900f22226f9b340ee6a300d06092a864886f70d01010b05003011310f300d06035504030c06656d72647331301e170d3138303630383133343334325a170d3238303630353133343334325a3011310f300d06035504030c06656d7264733130820122300d06092a864886f70d01010105000382010f003082010a0282010100b06fb34b4d3edb4340c9af6d74051e10d4727e25125bac166ff388c211eaeb7ef6ad59e2856fed6e4bb98a
EAP-Message = 0xe3f5cb286a75bd28fd1d5bf806f91f252bd17974c0987e4e99447ee481fb2cafa44f633529d358a6933c9b7d1393914cede0d4211ba354d617223eb6a866833218a755dd49c6e4ad5be5a6f682bab73a3ef50e365b3f8cf67e34b34e69003d344ae86042629f844a96b4432d34a66a03337ac4b4337b42662f9ee72f6becc4402a002a970a6557a5b406146625ec45468f233dfb163dcfb064001cc1cf485562a2d1b28a6620d4fbe378d143dddfc8510ccceb0fb52e65f755b990bb83c4afd0a17a49119de609110848c1f40b1226406eb5785a790203010001a30d300b30090603551d1304023000300d06092a864886f70d01010b05000382010100
EAP-Message = 0x54b189ccdf1ef6284e17923457f5166c5394de23b150b0abe6ced4dc1b807ae8ecce775348a252d01631063f1947927d4916263dad5be918070429a3cc34190a7a19c80a9c720d509a6d8a581baec2407c3348ce50e57d0825c71ca292a89ec6b67e8ea1102f5d1b633ab067a66a5567a50be9457f9d72e14a7479273c4ace4b96ed82d62367f03edad46626d5d3c84996c67bf4995cd6f7dbacf50af8a018ac8ca2c7cee6e36bb4d27832c33764a33d2622d08e9857298a69a48a87ccf31fa7c082eb6f63db5527e7e803bd1c4a928d972f2b04f475e6d10066f2c27853a44dbf7a6d8ebc3978d5656f5a7ecbcc8d5e1ff24ed9782abd06ca120fa8bf
EAP-Message = 0x21948916030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x7be3862979bc9fa4fe9b40e370a4c69f
Finished request 5.
Going to the next request
Waking up in 4.7 seconds.
rad_recv: Access-Request packet from host 10.10.128.122 port 47803, id=94, length=255
User-Name = "WATENOVAT01"
NAS-IP-Address = 10.10.128.122
Called-Station-Id = "02-18-4A-8D-3D-97:AHSMwmD"
NAS-Port-Type = Wireless-802.11
Service-Type = Framed-User
Calling-Station-Id = "00-1E-C0-6C-FB-0B"
Connect-Info = "CONNECT 54.00 Mbps, 802.11g, RSSI: 56, Channel: 1"
Acct-Session-Id = "507EF396989770A0"
Acct-Multi-Session-Id = "855C17C049E9B30C"
WLAN-Pairwise-Cipher = 1027076
WLAN-Group-Cipher = 1027076
WLAN-AKM-Suite = 1027073
Vendor-29671-Attr-1 = 0x424357
Framed-MTU = 1400
EAP-Message = 0x0202001001574154454e4f5641543031
Message-Authenticator = 0xb2f2618abdaaa322ddc3e0794b6aa836
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+group authorize {
++[preprocess] = ok
++[chap] = noop
++[mschap] = noop
++[digest] = noop
[suffix] No '@' in User-Name = "WATENOVAT01", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] = noop
[eap] EAP packet type response id 2 length 16
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] = updated
[files] users: Matched entry WATENOVAT01 at line 1
++[files] = ok
++[expiration] = noop
++[logintime] = noop
[pap] WARNING: Auth-Type already set. Not setting to PAP
++[pap] = noop
+} # group authorize = updated
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+group authenticate {
[eap] EAP Identity
[eap] processing type md5
rlm_eap_md5: Issuing Challenge
++[eap] = handled
+} # group authenticate = handled
Sending Access-Challenge of id 94 to 10.10.128.122 port 47803
EAP-Message = 0x010300160410cc5f2922b7c1ce76a330bd8d921a8289
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x3eef75003eec71ccb9abaf49121ea830
Finished request 6.
Going to the next request
Waking up in 4.5 seconds.
rad_recv: Access-Request packet from host 10.10.128.122 port 47803, id=95, length=263
User-Name = "WATENOVAT01"
NAS-IP-Address = 10.10.128.122
Called-Station-Id = "02-18-4A-8D-3D-97:AHSMwmD"
NAS-Port-Type = Wireless-802.11
Service-Type = Framed-User
Calling-Station-Id = "00-1E-C0-6C-FB-0B"
Connect-Info = "CONNECT 54.00 Mbps, 802.11g, RSSI: 57, Channel: 1"
Acct-Session-Id = "507EF396989770A0"
Acct-Multi-Session-Id = "855C17C049E9B30C"
WLAN-Pairwise-Cipher = 1027076
WLAN-Group-Cipher = 1027076
WLAN-AKM-Suite = 1027073
Vendor-29671-Attr-1 = 0x424357
Framed-MTU = 1400
EAP-Message = 0x020300060319
State = 0x3eef75003eec71ccb9abaf49121ea830
Message-Authenticator = 0x50f73eb2f017a3fe5861008dd8401c8f
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+group authorize {
++[preprocess] = ok
++[chap] = noop
++[mschap] = noop
++[digest] = noop
[suffix] No '@' in User-Name = "WATENOVAT01", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] = noop
[eap] EAP packet type response id 3 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] = updated
[files] users: Matched entry WATENOVAT01 at line 1
++[files] = ok
++[expiration] = noop
++[logintime] = noop
[pap] WARNING: Auth-Type already set. Not setting to PAP
++[pap] = noop
+} # group authorize = updated
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+group authenticate {
[eap] Request found, released from the list
[eap] EAP NAK
[eap] EAP-NAK asked for EAP-Type/peap
[eap] processing type tls
[tls] Initiate
[tls] Start returned 1
++[eap] = handled
+} # group authenticate = handled
Sending Access-Challenge of id 95 to 10.10.128.122 port 47803
EAP-Message = 0x010400061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x3eef75003feb6cccb9abaf49121ea830
Finished request 7.
Going to the next request
Waking up in 4.5 seconds.
rad_recv: Access-Request packet from host 10.10.128.122 port 47803, id=96, length=329
User-Name = "WATENOVAT01"
NAS-IP-Address = 10.10.128.122
Called-Station-Id = "02-18-4A-8D-3D-97:AHSMwmD"
NAS-Port-Type = Wireless-802.11
Service-Type = Framed-User
Calling-Station-Id = "00-1E-C0-6C-FB-0B"
Connect-Info = "CONNECT 54.00 Mbps, 802.11g, RSSI: 57, Channel: 1"
Acct-Session-Id = "507EF396989770A0"
Acct-Multi-Session-Id = "855C17C049E9B30C"
WLAN-Pairwise-Cipher = 1027076
WLAN-Group-Cipher = 1027076
WLAN-AKM-Suite = 1027073
Vendor-29671-Attr-1 = 0x424357
Framed-MTU = 1400
EAP-Message = 0x0204004819800000003e1603010039010000350301000000015f888176d6a0110f2bfa55c0b9fd650cfc8f52c7dabc6c09f2e09958000008002f00050004000a0100000400230000
State = 0x3eef75003feb6cccb9abaf49121ea830
Message-Authenticator = 0xa8a43f2bdacc4bcae48ba8b5e794081f
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+group authorize {
++[preprocess] = ok
++[chap] = noop
++[mschap] = noop
++[digest] = noop
[suffix] No '@' in User-Name = "WATENOVAT01", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] = noop
[eap] EAP packet type response id 4 length 72
[eap] Continuing tunnel setup.
++[eap] = ok
+} # group authorize = ok
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+group authenticate {
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
TLS Length 62
[peap] Length Included
[peap] eaptls_verify returned 11
[peap] (other): before/accept initialization
[peap] TLS_accept: before/accept initialization
[peap] <<< Unknown TLS version [length 0005]
[peap] <<< TLS 1.0 Handshake [length 0039], ClientHello
[peap] TLS_accept: unknown state
[peap] >>> Unknown TLS version [length 0005]
[peap] >>> TLS 1.0 Handshake [length 002a], ServerHello
[peap] TLS_accept: unknown state
[peap] >>> Unknown TLS version [length 0005]
[peap] >>> TLS 1.0 Handshake [length 02c0], Certificate
[peap] TLS_accept: unknown state
[peap] >>> Unknown TLS version [length 0005]
[peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
[peap] TLS_accept: unknown state
[peap] TLS_accept: unknown state
[peap] TLS_accept: unknown state
[peap] TLS_accept: Need to read more data: unknown state
[peap] TLS_accept: Need to read more data: unknown state
In SSL Handshake Phase
In SSL Accept mode
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] = handled
+} # group authenticate = handled
Sending Access-Challenge of id 96 to 10.10.128.122 port 47803
EAP-Message = 0x010503031900160301002a020000260301b5d489d36ffd9b68f632dd5d44b444dcc8285612eccbc2b1c4fa7d475bc7a56900002f0016030102c00b0002bc0002b90002b6308202b23082019aa003020102020900f22226f9b340ee6a300d06092a864886f70d01010b05003011310f300d06035504030c06656d72647331301e170d3138303630383133343334325a170d3238303630353133343334325a3011310f300d06035504030c06656d7264733130820122300d06092a864886f70d01010105000382010f003082010a0282010100b06fb34b4d3edb4340c9af6d74051e10d4727e25125bac166ff388c211eaeb7ef6ad59e2856fed6e4bb98a
EAP-Message = 0xe3f5cb286a75bd28fd1d5bf806f91f252bd17974c0987e4e99447ee481fb2cafa44f633529d358a6933c9b7d1393914cede0d4211ba354d617223eb6a866833218a755dd49c6e4ad5be5a6f682bab73a3ef50e365b3f8cf67e34b34e69003d344ae86042629f844a96b4432d34a66a03337ac4b4337b42662f9ee72f6becc4402a002a970a6557a5b406146625ec45468f233dfb163dcfb064001cc1cf485562a2d1b28a6620d4fbe378d143dddfc8510ccceb0fb52e65f755b990bb83c4afd0a17a49119de609110848c1f40b1226406eb5785a790203010001a30d300b30090603551d1304023000300d06092a864886f70d01010b05000382010100
EAP-Message = 0x54b189ccdf1ef6284e17923457f5166c5394de23b150b0abe6ced4dc1b807ae8ecce775348a252d01631063f1947927d4916263dad5be918070429a3cc34190a7a19c80a9c720d509a6d8a581baec2407c3348ce50e57d0825c71ca292a89ec6b67e8ea1102f5d1b633ab067a66a5567a50be9457f9d72e14a7479273c4ace4b96ed82d62367f03edad46626d5d3c84996c67bf4995cd6f7dbacf50af8a018ac8ca2c7cee6e36bb4d27832c33764a33d2622d08e9857298a69a48a87ccf31fa7c082eb6f63db5527e7e803bd1c4a928d972f2b04f475e6d10066f2c27853a44dbf7a6d8ebc3978d5656f5a7ecbcc8d5e1ff24ed9782abd06ca120fa8bf
EAP-Message = 0x21948916030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x3eef75003cea6cccb9abaf49121ea830
Finished request 8.
Going to the next request
Waking up in 4.5 seconds.
Cleaning up request 0 ID 88 with timestamp +98
Cleaning up request 1 ID 89 with timestamp +98
Cleaning up request 2 ID 90 with timestamp +98
WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
WARNING: !! EAP session for state 0x7b85dc12795bc5c1 did not finish!
WARNING: !! Please read http://wiki.freeradius.org/guide/Certificate_Compatibility
WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Waking up in 0.2 seconds.
Cleaning up request 3 ID 91 with timestamp +99
Cleaning up request 4 ID 92 with timestamp +99
Cleaning up request 5 ID 93 with timestamp +99
WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
WARNING: !! EAP session for state 0x7be3862979bc9fa4 did not finish!
WARNING: !! Please read http://wiki.freeradius.org/guide/Certificate_Compatibility
WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Waking up in 0.1 seconds.
Cleaning up request 6 ID 94 with timestamp +99
Cleaning up request 7 ID 95 with timestamp +99
Cleaning up request 8 ID 96 with timestamp +99
WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
WARNING: !! EAP session for state 0x3eef75003cea6ccc did not finish!
WARNING: !! Please read http://wiki.freeradius.org/guide/Certificate_Compatibility
WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Ready to process requests.
---END
Ryan Sinclair
IT Supervisor
O: 615 896 1652 ext. 413 | F: 615 896 8906
ryan.sinclair at enovatemedical.com
Enovate Medical | 1152 Park Avenue, Murfreesboro, TN 37129 | www.enovatemedical.com<http://www.enovatemedical.com/>
[rhythm]
Enjoy remote visibility of workstation location and usage, as well as battery forecasting, remote re-boot, and support ticket integration.
To learn more, ask your Enovate Medical representative to schedule a Rhythm demo today.<http://www.enovatemedical.com/enovate-medical-introduces-rhythm/>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 6035 bytes
Desc: image001.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20180710/e987ef3c/attachment-0001.png>
More information about the Freeradius-Users
mailing list