FreeRADIUS - Google LDAP - Error in debug mode - Regarding
P.Thirunavukkarasu
drthiruna at tanuvas.org.in
Fri Oct 22 14:43:35 CEST 2021
Hi,
Thank you.
> It all depends on what you want. But it's 2021... 32-bit systems aren't
> very relevant.
>
Yes. I agree.
>
> > I am having a few doubts? Can you plz guide me?
> > Windows clients failed to authenticate in FreeRADIUS. But in debug mode
> no
> > error messages were noticed.
>
> <sigh> If you're not going to post the debug output, I don't know why
> you're asking questions here. You've been told REPEATEDLY to do this.
>
I am really sorry. The debug output given below...
Wndows clients not able to connect with the RADIUS (EAP-TTLS-PAP - Google
LDAP)
(0) Received Access-Request Id 106 from 172.16.20.210:60597 to
172.16.11.30:1812 length 241
(0) User-Name = "bvm21001 at tanuvas.org.in"
(0) NAS-IP-Address = 172.16.20.210
(0) NAS-Port = 0
(0) NAS-Identifier = "172.16.20.23"
(0) NAS-Port-Type = Wireless-802.11
(0) Calling-Station-Id = "88532ed4f90e"
(0) Called-Station-Id = "fc7ff1c60940"
(0) Service-Type = Framed-User
(0) Framed-MTU = 1100
(0) EAP-Message =
0x0201001c0162766d32313030314074616e757661732e6f72672e696e
(0) Aruba-Essid-Name = "TANUVAS"
(0) Aruba-Location-Id = "Pharmacology_Lab"
(0) Aruba-AP-Group = "MVC_AcademicAP_VC"
(0) Aruba-Device-Type = "NOFP"
(0) Message-Authenticator = 0x25f25cd80a7b44ca01746810ccc24170
(0) # Executing section authorize from file /etc/raddb/sites-enabled/default
(0) authorize {
(0) policy filter_username {
(0) if (&User-Name) {
(0) if (&User-Name) -> TRUE
(0) if (&User-Name) {
(0) if (&User-Name =~ / /) {
(0) if (&User-Name =~ / /) -> FALSE
(0) if (&User-Name =~ /@[^@]*@/ ) {
(0) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(0) if (&User-Name =~ /\.\./ ) {
(0) if (&User-Name =~ /\.\./ ) -> FALSE
(0) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(0) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) ->
FALSE
(0) if (&User-Name =~ /\.$/) {
(0) if (&User-Name =~ /\.$/) -> FALSE
(0) if (&User-Name =~ /@\./) {
(0) if (&User-Name =~ /@\./) -> FALSE
(0) } # if (&User-Name) = notfound
(0) } # policy filter_username = notfound
(0) [preprocess] = ok
(0) [chap] = noop
(0) [mschap] = noop
(0) [digest] = noop
(0) suffix: Checking for suffix after "@"
(0) suffix: Looking up realm "tanuvas.org.in" for User-Name = "
bvm21001 at tanuvas.org.in"
(0) suffix: Found realm "tanuvas.org.in"
(0) suffix: Adding Stripped-User-Name = "bvm21001"
(0) suffix: Adding Realm = "tanuvas.org.in"
(0) suffix: Authentication realm is LOCAL
(0) [suffix] = ok
(0) eap: Peer sent EAP Response (code 2) ID 1 length 28
(0) eap: EAP-Identity reply, returning 'ok' so we can short-circuit the
rest of authorize
(0) [eap] = ok
(0) } # authorize = ok
(0) Found Auth-Type = eap
(0) # Executing group from file /etc/raddb/sites-enabled/default
(0) authenticate {
(0) eap: Peer sent packet with method EAP Identity (1)
(0) eap: Calling submodule eap_ttls to process data
(0) eap_ttls: Initiating new EAP-TLS session
(0) eap_ttls: [eaptls start] = request
(0) eap: Sending EAP Request (code 1) ID 2 length 6
(0) eap: EAP session adding &reply:State = 0xb2d76114b2d57423
(0) [eap] = handled
(0) } # authenticate = handled
(0) Using Post-Auth-Type Challenge
(0) # Executing group from file /etc/raddb/sites-enabled/default
(0) Challenge { ... } # empty sub-section is ignored
(0) Sent Access-Challenge Id 106 from 172.16.11.30:1812 to
172.16.20.210:60597 length 0
(0) EAP-Message = 0x010200061520
(0) Message-Authenticator = 0x00000000000000000000000000000000
(0) State = 0xb2d76114b2d57423e9cf89ec8f3764aa
(0) Finished request
Waking up in 4.9 seconds.
(1) Received Access-Request Id 107 from 172.16.20.210:60597 to
172.16.11.30:1812 length 388
(1) User-Name = "bvm21001 at tanuvas.org.in"
(1) NAS-IP-Address = 172.16.20.210
(1) NAS-Port = 0
(1) NAS-Identifier = "172.16.20.23"
(1) NAS-Port-Type = Wireless-802.11
(1) Calling-Station-Id = "88532ed4f90e"
(1) Called-Station-Id = "fc7ff1c60940"
(1) Service-Type = Framed-User
(1) Framed-MTU = 1100
(1) EAP-Message =
0x0202009d158000000093160303008e0100008a03036172b1c1de6237ab11952c07b4ca81e5fa8609a023bd3650c048ac9a4e95a77800002ac02cc02bc030c02f009f009ec024c023c028c027c00ac009c014c013009d009c003d003c0035002f000a01000037000a00080006001d00170018000b000201
(1) State = 0xb2d76114b2d57423e9cf89ec8f3764aa
(1) Aruba-Essid-Name = "TANUVAS"
(1) Aruba-Location-Id = "Pharmacology_Lab"
(1) Aruba-AP-Group = "MVC_AcademicAP_VC"
(1) Aruba-Device-Type = "NOFP"
(1) Message-Authenticator = 0xb7e83c01a82c07dbcba01d4023917228
(1) session-state: No cached attributes
(1) # Executing section authorize from file /etc/raddb/sites-enabled/default
(1) authorize {
(1) policy filter_username {
(1) if (&User-Name) {
(1) if (&User-Name) -> TRUE
(1) if (&User-Name) {
(1) if (&User-Name =~ / /) {
(1) if (&User-Name =~ / /) -> FALSE
(1) if (&User-Name =~ /@[^@]*@/ ) {
(1) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(1) if (&User-Name =~ /\.\./ ) {
(1) if (&User-Name =~ /\.\./ ) -> FALSE
(1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) ->
FALSE
(1) if (&User-Name =~ /\.$/) {
(1) if (&User-Name =~ /\.$/) -> FALSE
(1) if (&User-Name =~ /@\./) {
(1) if (&User-Name =~ /@\./) -> FALSE
(1) } # if (&User-Name) = notfound
(1) } # policy filter_username = notfound
(1) [preprocess] = ok
(1) [chap] = noop
(1) [mschap] = noop
(1) [digest] = noop
(1) suffix: Checking for suffix after "@"
(1) suffix: Looking up realm "tanuvas.org.in" for User-Name = "
bvm21001 at tanuvas.org.in"
(1) suffix: Found realm "tanuvas.org.in"
(1) suffix: Adding Stripped-User-Name = "bvm21001"
(1) suffix: Adding Realm = "tanuvas.org.in"
(1) suffix: Authentication realm is LOCAL
(1) [suffix] = ok
(1) eap: Peer sent EAP Response (code 2) ID 2 length 157
(1) eap: Continuing tunnel setup
(1) [eap] = ok
(1) } # authorize = ok
(1) Found Auth-Type = eap
(1) # Executing group from file /etc/raddb/sites-enabled/default
(1) authenticate {
(1) eap: Expiring EAP session with state 0xb2d76114b2d57423
(1) eap: Finished EAP session with state 0xb2d76114b2d57423
(1) eap: Previous EAP request found for state 0xb2d76114b2d57423, released
from the list
(1) eap: Peer sent packet with method EAP TTLS (21)
(1) eap: Calling submodule eap_ttls to process data
(1) eap_ttls: Authenticate
(1) eap_ttls: Continuing EAP-TLS
(1) eap_ttls: Peer indicated complete TLS record size will be 147 bytes
(1) eap_ttls: Got complete TLS record (147 bytes)
(1) eap_ttls: [eaptls verify] = length included
(1) eap_ttls: (other): before/accept initialization
(1) eap_ttls: TLS_accept: before/accept initialization
(1) eap_ttls: <<< recv TLS 1.2 [length 008e]
(1) eap_ttls: TLS_accept: SSLv3 read client hello A
(1) eap_ttls: >>> send TLS 1.2 [length 0039]
(1) eap_ttls: TLS_accept: SSLv3 write server hello A
(1) eap_ttls: >>> send TLS 1.2 [length 08d3]
(1) eap_ttls: TLS_accept: SSLv3 write certificate A
(1) eap_ttls: >>> send TLS 1.2 [length 014d]
(1) eap_ttls: TLS_accept: SSLv3 write key exchange A
(1) eap_ttls: >>> send TLS 1.2 [length 0004]
(1) eap_ttls: TLS_accept: SSLv3 write server done A
(1) eap_ttls: TLS_accept: SSLv3 flush data
(1) eap_ttls: TLS_accept: SSLv3 read client certificate A
(1) eap_ttls: TLS_accept: Need to read more data: SSLv3 read client key
exchange A
(1) eap_ttls: TLS_accept: Need to read more data: SSLv3 read client key
exchange A
(1) eap_ttls: In SSL Handshake Phase
(1) eap_ttls: In SSL Accept mode
(1) eap_ttls: [eaptls process] = handled
(1) eap: Sending EAP Request (code 1) ID 3 length 1004
(1) eap: EAP session adding &reply:State = 0xb2d76114b3d47423
(1) [eap] = handled
(1) } # authenticate = handled
(1) Using Post-Auth-Type Challenge
(1) # Executing group from file /etc/raddb/sites-enabled/default
(1) Challenge { ... } # empty sub-section is ignored
(1) Sent Access-Challenge Id 107 from 172.16.11.30:1812 to
172.16.20.210:60597 length 0
(1) EAP-Message =
0x010303ec15c000000a7116030300390200003503035f6f25a42f9336d338a50ac4c8a0bbc37752fed4552a18121600267be828bd0400c03000000dff01000100000b00040300010216030308d30b0008cf0008cc0003de308203da308202c2a003020102020101300d06092a864886f70d01010b050030
(1) Message-Authenticator = 0x00000000000000000000000000000000
(1) State = 0xb2d76114b3d47423e9cf89ec8f3764aa
(1) Finished request
Waking up in 4.9 seconds.
(2) Received Access-Request Id 108 from 172.16.20.210:60597 to
172.16.11.30:1812 length 237
(2) User-Name = "bvm21001 at tanuvas.org.in"
(2) NAS-IP-Address = 172.16.20.210
(2) NAS-Port = 0
(2) NAS-Identifier = "172.16.20.23"
(2) NAS-Port-Type = Wireless-802.11
(2) Calling-Station-Id = "88532ed4f90e"
(2) Called-Station-Id = "fc7ff1c60940"
(2) Service-Type = Framed-User
(2) Framed-MTU = 1100
(2) EAP-Message = 0x020300061500
(2) State = 0xb2d76114b3d47423e9cf89ec8f3764aa
(2) Aruba-Essid-Name = "TANUVAS"
(2) Aruba-Location-Id = "Pharmacology_Lab"
(2) Aruba-AP-Group = "MVC_AcademicAP_VC"
(2) Aruba-Device-Type = "NOFP"
(2) Message-Authenticator = 0x1541d27a89bad69d36646fe6f9210e86
(2) session-state: No cached attributes
(2) # Executing section authorize from file /etc/raddb/sites-enabled/default
(2) authorize {
(2) policy filter_username {
(2) if (&User-Name) {
(2) if (&User-Name) -> TRUE
(2) if (&User-Name) {
(2) if (&User-Name =~ / /) {
(2) if (&User-Name =~ / /) -> FALSE
(2) if (&User-Name =~ /@[^@]*@/ ) {
(2) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(2) if (&User-Name =~ /\.\./ ) {
(2) if (&User-Name =~ /\.\./ ) -> FALSE
(2) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(2) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) ->
FALSE
(2) if (&User-Name =~ /\.$/) {
(2) if (&User-Name =~ /\.$/) -> FALSE
(2) if (&User-Name =~ /@\./) {
(2) if (&User-Name =~ /@\./) -> FALSE
(2) } # if (&User-Name) = notfound
(2) } # policy filter_username = notfound
(2) [preprocess] = ok
(2) [chap] = noop
(2) [mschap] = noop
(2) [digest] = noop
(2) suffix: Checking for suffix after "@"
(2) suffix: Looking up realm "tanuvas.org.in" for User-Name = "
bvm21001 at tanuvas.org.in"
(2) suffix: Found realm "tanuvas.org.in"
(2) suffix: Adding Stripped-User-Name = "bvm21001"
(2) suffix: Adding Realm = "tanuvas.org.in"
(2) suffix: Authentication realm is LOCAL
(2) [suffix] = ok
(2) eap: Peer sent EAP Response (code 2) ID 3 length 6
(2) eap: Continuing tunnel setup
(2) [eap] = ok
(2) } # authorize = ok
(2) Found Auth-Type = eap
(2) # Executing group from file /etc/raddb/sites-enabled/default
(2) authenticate {
(2) eap: Expiring EAP session with state 0xb2d76114b3d47423
(2) eap: Finished EAP session with state 0xb2d76114b3d47423
(2) eap: Previous EAP request found for state 0xb2d76114b3d47423, released
from the list
(2) eap: Peer sent packet with method EAP TTLS (21)
(2) eap: Calling submodule eap_ttls to process data
(2) eap_ttls: Authenticate
(2) eap_ttls: Continuing EAP-TLS
(2) eap_ttls: Peer ACKed our handshake fragment
(2) eap_ttls: [eaptls verify] = request
(2) eap_ttls: [eaptls process] = handled
(2) eap: Sending EAP Request (code 1) ID 4 length 1004
(2) eap: EAP session adding &reply:State = 0xb2d76114b0d37423
(2) [eap] = handled
(2) } # authenticate = handled
(2) Using Post-Auth-Type Challenge
(2) # Executing group from file /etc/raddb/sites-enabled/default
(2) Challenge { ... } # empty sub-section is ignored
(2) Sent Access-Challenge Id 108 from 172.16.11.30:1812 to
172.16.20.210:60597 length 0
(2) EAP-Message =
0x010403ec15c000000a7142b8b19395e52171dc162108c03cf4d3c86f234b0c449e6420d67d2afaf6ecaaf7243de135762948b1a4e615dd53e61291902ddf244638e87863c1d26fbc85617b15f483cc747b54470004e8308204e4308203cca003020102020900e3736d6d4f9383f6300d06092a864886f7
(2) Message-Authenticator = 0x00000000000000000000000000000000
(2) State = 0xb2d76114b0d37423e9cf89ec8f3764aa
(2) Finished request
Waking up in 4.9 seconds.
(3) Received Access-Request Id 109 from 172.16.20.210:60597 to
172.16.11.30:1812 length 237
(3) User-Name = "bvm21001 at tanuvas.org.in"
(3) NAS-IP-Address = 172.16.20.210
(3) NAS-Port = 0
(3) NAS-Identifier = "172.16.20.23"
(3) NAS-Port-Type = Wireless-802.11
(3) Calling-Station-Id = "88532ed4f90e"
(3) Called-Station-Id = "fc7ff1c60940"
(3) Service-Type = Framed-User
(3) Framed-MTU = 1100
(3) EAP-Message = 0x020400061500
(3) State = 0xb2d76114b0d37423e9cf89ec8f3764aa
(3) Aruba-Essid-Name = "TANUVAS"
(3) Aruba-Location-Id = "Pharmacology_Lab"
(3) Aruba-AP-Group = "MVC_AcademicAP_VC"
(3) Aruba-Device-Type = "NOFP"
(3) Message-Authenticator = 0x6e8f0c64848306003ba35541e847afbc
(3) session-state: No cached attributes
(3) # Executing section authorize from file /etc/raddb/sites-enabled/default
(3) authorize {
(3) policy filter_username {
(3) if (&User-Name) {
(3) if (&User-Name) -> TRUE
(3) if (&User-Name) {
(3) if (&User-Name =~ / /) {
(3) if (&User-Name =~ / /) -> FALSE
(3) if (&User-Name =~ /@[^@]*@/ ) {
(3) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(3) if (&User-Name =~ /\.\./ ) {
(3) if (&User-Name =~ /\.\./ ) -> FALSE
(3) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(3) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) ->
FALSE
(3) if (&User-Name =~ /\.$/) {
(3) if (&User-Name =~ /\.$/) -> FALSE
(3) if (&User-Name =~ /@\./) {
(3) if (&User-Name =~ /@\./) -> FALSE
(3) } # if (&User-Name) = notfound
(3) } # policy filter_username = notfound
(3) [preprocess] = ok
(3) [chap] = noop
(3) [mschap] = noop
(3) [digest] = noop
(3) suffix: Checking for suffix after "@"
(3) suffix: Looking up realm "tanuvas.org.in" for User-Name = "
bvm21001 at tanuvas.org.in"
(3) suffix: Found realm "tanuvas.org.in"
(3) suffix: Adding Stripped-User-Name = "bvm21001"
(3) suffix: Adding Realm = "tanuvas.org.in"
(3) suffix: Authentication realm is LOCAL
(3) [suffix] = ok
(3) eap: Peer sent EAP Response (code 2) ID 4 length 6
(3) eap: Continuing tunnel setup
(3) [eap] = ok
(3) } # authorize = ok
(3) Found Auth-Type = eap
(3) # Executing group from file /etc/raddb/sites-enabled/default
(3) authenticate {
(3) eap: Expiring EAP session with state 0xb2d76114b0d37423
(3) eap: Finished EAP session with state 0xb2d76114b0d37423
(3) eap: Previous EAP request found for state 0xb2d76114b0d37423, released
from the list
(3) eap: Peer sent packet with method EAP TTLS (21)
(3) eap: Calling submodule eap_ttls to process data
(3) eap_ttls: Authenticate
(3) eap_ttls: Continuing EAP-TLS
(3) eap_ttls: Peer ACKed our handshake fragment
(3) eap_ttls: [eaptls verify] = request
(3) eap_ttls: [eaptls process] = handled
(3) eap: Sending EAP Request (code 1) ID 5 length 695
(3) eap: EAP session adding &reply:State = 0xb2d76114b1d27423
(3) [eap] = handled
(3) } # authenticate = handled
(3) Using Post-Auth-Type Challenge
(3) # Executing group from file /etc/raddb/sites-enabled/default
(3) Challenge { ... } # empty sub-section is ignored
(3) Sent Access-Challenge Id 109 from 172.16.11.30:1812 to
172.16.20.210:60597 length 0
(3) EAP-Message =
0x010502b7158000000a710530030101ff30360603551d1f042f302d302ba029a0278625687474703a2f2f7777772e6578616d706c652e6f72672f6578616d706c655f63612e63726c300d06092a864886f70d01010b05000382010100916dab332c8f26db01809a0101ebf27503ab3c80c1ec977315a582
(3) Message-Authenticator = 0x00000000000000000000000000000000
(3) State = 0xb2d76114b1d27423e9cf89ec8f3764aa
(3) Finished request
Waking up in 4.9 seconds.
(4) Received Access-Request Id 110 from 172.16.20.210:60597 to
172.16.11.30:1812 length 367
(4) User-Name = "bvm21001 at tanuvas.org.in"
(4) NAS-IP-Address = 172.16.20.210
(4) NAS-Port = 0
(4) NAS-Identifier = "172.16.20.23"
(4) NAS-Port-Type = Wireless-802.11
(4) Calling-Station-Id = "88532ed4f90e"
(4) Called-Station-Id = "fc7ff1c60940"
(4) Service-Type = Framed-User
(4) Framed-MTU = 1100
(4) EAP-Message =
0x0205008815800000007e16030300461000004241040c850e994ce6ddf7e214a2942e86601ee014d2e42fc79a364115af3ba61aa22ba7f1f9b8439471e9b144e304a3f9ba628d2427c17ac9749b488605ee8789ea3f140303000101160303002800000000000000004d9d5e39d56235723fcaf35f8cebd1
(4) State = 0xb2d76114b1d27423e9cf89ec8f3764aa
(4) Aruba-Essid-Name = "TANUVAS"
(4) Aruba-Location-Id = "Pharmacology_Lab"
(4) Aruba-AP-Group = "MVC_AcademicAP_VC"
(4) Aruba-Device-Type = "NOFP"
(4) Message-Authenticator = 0x85863d5c40db14d6342f64bfa6c87687
(4) session-state: No cached attributes
(4) # Executing section authorize from file /etc/raddb/sites-enabled/default
(4) authorize {
(4) policy filter_username {
(4) if (&User-Name) {
(4) if (&User-Name) -> TRUE
(4) if (&User-Name) {
(4) if (&User-Name =~ / /) {
(4) if (&User-Name =~ / /) -> FALSE
(4) if (&User-Name =~ /@[^@]*@/ ) {
(4) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(4) if (&User-Name =~ /\.\./ ) {
(4) if (&User-Name =~ /\.\./ ) -> FALSE
(4) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(4) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) ->
FALSE
(4) if (&User-Name =~ /\.$/) {
(4) if (&User-Name =~ /\.$/) -> FALSE
(4) if (&User-Name =~ /@\./) {
(4) if (&User-Name =~ /@\./) -> FALSE
(4) } # if (&User-Name) = notfound
(4) } # policy filter_username = notfound
(4) [preprocess] = ok
(4) [chap] = noop
(4) [mschap] = noop
(4) [digest] = noop
(4) suffix: Checking for suffix after "@"
(4) suffix: Looking up realm "tanuvas.org.in" for User-Name = "
bvm21001 at tanuvas.org.in"
(4) suffix: Found realm "tanuvas.org.in"
(4) suffix: Adding Stripped-User-Name = "bvm21001"
(4) suffix: Adding Realm = "tanuvas.org.in"
(4) suffix: Authentication realm is LOCAL
(4) [suffix] = ok
(4) eap: Peer sent EAP Response (code 2) ID 5 length 136
(4) eap: Continuing tunnel setup
(4) [eap] = ok
(4) } # authorize = ok
(4) Found Auth-Type = eap
(4) # Executing group from file /etc/raddb/sites-enabled/default
(4) authenticate {
(4) eap: Expiring EAP session with state 0xb2d76114b1d27423
(4) eap: Finished EAP session with state 0xb2d76114b1d27423
(4) eap: Previous EAP request found for state 0xb2d76114b1d27423, released
from the list
(4) eap: Peer sent packet with method EAP TTLS (21)
(4) eap: Calling submodule eap_ttls to process data
(4) eap_ttls: Authenticate
(4) eap_ttls: Continuing EAP-TLS
(4) eap_ttls: Peer indicated complete TLS record size will be 126 bytes
(4) eap_ttls: Got complete TLS record (126 bytes)
(4) eap_ttls: [eaptls verify] = length included
(4) eap_ttls: <<< recv TLS 1.2 [length 0046]
(4) eap_ttls: TLS_accept: SSLv3 read client key exchange A
(4) eap_ttls: TLS_accept: SSLv3 read certificate verify A
(4) eap_ttls: <<< recv TLS 1.2 [length 0001]
(4) eap_ttls: <<< recv TLS 1.2 [length 0010]
(4) eap_ttls: TLS_accept: SSLv3 read finished A
(4) eap_ttls: >>> send TLS 1.2 [length 0001]
(4) eap_ttls: TLS_accept: SSLv3 write change cipher spec A
(4) eap_ttls: >>> send TLS 1.2 [length 0010]
(4) eap_ttls: TLS_accept: SSLv3 write finished A
(4) eap_ttls: TLS_accept: SSLv3 flush data
(4) eap_ttls: (other): SSL negotiation finished successfully
(4) eap_ttls: SSL Connection Established
(4) eap_ttls: [eaptls process] = handled
(4) eap: Sending EAP Request (code 1) ID 6 length 61
(4) eap: EAP session adding &reply:State = 0xb2d76114b6d17423
(4) [eap] = handled
(4) } # authenticate = handled
(4) Using Post-Auth-Type Challenge
(4) # Executing group from file /etc/raddb/sites-enabled/default
(4) Challenge { ... } # empty sub-section is ignored
(4) Sent Access-Challenge Id 110 from 172.16.11.30:1812 to
172.16.20.210:60597 length 0
(4) EAP-Message =
0x0106003d1580000000331403030001011603030028efab9a40ca6b0e1d7a5fe6d7fc0cd2d8f47b16489a1d87bb93f0925dbeb4fb6e4cd62effa8bede08
(4) Message-Authenticator = 0x00000000000000000000000000000000
(4) State = 0xb2d76114b6d17423e9cf89ec8f3764aa
(4) Finished request
Waking up in 4.9 seconds.
(0) Cleaning up request packet ID 106 with timestamp +7
(1) Cleaning up request packet ID 107 with timestamp +7
(2) Cleaning up request packet ID 108 with timestamp +7
(3) Cleaning up request packet ID 109 with timestamp +7
(4) Cleaning up request packet ID 110 with timestamp +7
Even after repeated requests the Windows client shows that as " Can't
connect to this network"
Regards,
Thirunavukkarasu
More information about the Freeradius-Users
mailing list