how to map attribute for EAP-SIM/EAP-AKA on Freeradius version4?

MJ Tan mjdir.tan at gmail.com
Thu Apr 6 15:59:12 UTC 2023


Hi Experts,
I am testing EAP-SIM/EAP-AKA on Freeradius version-4 by reading the IMSI,
RAND, SRAND etc. from the rlm_passwd module password file which was working
in Version 3, but I am stuck with some attribute errors in version 4.

I believe that Version-4 has changed the attribute on EAP-SIM/EAP-AKA,
however, I have no idea how to map the attribute to make it works like
version-3.

I was trying to compare the dictionary file attribute between V3 and V4 but
still confusing.
here is a passwd format in v3 --> *"format =
"*User-Name:EAP-Sim-RAND1:EAP-Sim-SRES1:EAP-Sim-KC1:EAP-Sim-RAND2:EAP-Sim-SRES2:EAP-Sim-KC2:EAP-Sim-RAND3:EAP-Sim-SRES3:EAP-Sim-KC3:"*

*Can anyone advise the passwd format in version4?*

#############################################

(0)  default {

(0)    Received Access-Request ID 248 from 10.232.128.52:59140 to
10.200.11.154:1812 via ens160

(0)      User-Name = "1525016105897825 at wlan.mnc001.mcc525.3gppnetwork.org"

(0)      NAS-IP-Address = 10.232.128.52

(0)      NAS-Port = 0

(0)      NAS-Identifier = "10.232.128.52"

(0)      NAS-Port-Type = Wireless-802.11

(0)      Calling-Station-Id = "7e95f933088f"

(0)      Called-Station-Id = "f05c19ca427c"

(0)      Service-Type = Framed-User

(0)      Framed-MTU = 1100

(0)      EAP-Message =
0x02010038013135323530313631303538393738323540776c616e2e6d6e633030312e6d63633532352e336770706e6574776f726b2e6f7267

(0)      Vendor-Specific.Aruba.Essid-Name = "airplay_sim"

(0)      Vendor-Specific.Aruba.Location-Id = "AP325-SG-Home-1"

(0)      Vendor-Specific.Aruba.AP-Group = "SG_SEATH_AOS10"

(0)      Vendor-Specific.Aruba.AP-MAC-Address = "f05c19ca427c"

(0)      Vendor-Specific.Aruba.Device-MAC-Address = "7e95f933088f"

(0)      Message-Authenticator = 0x3fb0a416e7a90a56e60e2f4ab6a93933

(0)      Packet-Type = Access-Request

(0)    Running 'recv Access-Request' from file
/usr/local/etc/radv4/etc/raddb/sites-enabled/test

(0)    recv Access-Request {

(0)      chap (noop)

(0)      mschap (noop)

(0)      digest (noop)

*(0)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-RAND1'*

*(0)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-SRES1'*

*(0)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-KC1'*

*(0)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-RAND2'*

*(0)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-SRES2'*

*(0)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-KC2'*

*(0)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-RAND3'*

*(0)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-SRES3'*

*(0)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-KC3'*

(0)      sim_files (ok)

(0)      eap - Peer sent EAP Response (code 2) ID 1 length 56

(0)      eap - Peer sent EAP-Identity.  Returning 'ok' so we can
short-circuit the rest of authorize

(0)      eap - Setting &control.Auth-Type = eap

(0)      eap (ok)

(0)    } # recv Access-Request (ok)

(0)    default - Running 'authenticate eap' from file
/usr/local/etc/radv4/etc/raddb/sites-enabled/test

(0)    default - authenticate eap {

(0)    eap -   New EAP session started

(0)    eap -   Peer sent packet with EAP method Identity (1)

(0)    eap -   Calling submodule eap_sim

(0)    eap -   subrequest {

(0.0)    eap-sim - Stripping 'hint' byte from Permanent-Identity

(0.0)    eap-sim -   &session-state.Permanent-Identity = "
525016105897825 at wlan.mnc001.mcc525.3gppnetwork.org"

(0.0)    eap-sim - recv Identity-Response {

(0.0)    eap-sim -   | debug_attr

*(0.0)    eap-sim -     ERROR: Invalid input: Missing attribute reference*

(0.0)    eap-sim -   | %(debug_attr:{&session-state.})

(0.0)    eap-sim -   if (!&session-state.Tmp-String-0)  {

(0.0)    eap-sim -     &reply.Any-ID-Req := yes

(0.0)    eap-sim -     &session-state.Tmp-String-0 := yes

(0.0)    eap-sim -   } # if (!&session-state.Tmp-String-0)  (noop)

(0.0)    eap-sim -   ok (ok)

(0.0)    eap-sim - } # recv Identity-Response (ok)

(0.0)    eap-sim - New EAP-SIM session

(0.0)    eap-sim - Previous section added &reply.Any-ID-Req = yes, will
request additional identity

(0.0)    eap-sim - Changed state INIT -> SIM-START

(0.0)    eap-sim - send Identity-Request {

(0.0)    eap-sim -   ok (ok)

(0.0)    eap-sim - } # send Identity-Request (ok)

(0.0)    eap.sim - eap-sim (handled)

(0.0)    eap.sim - Encoding attributes

(0.0)    eap.sim -   Version-List = 1

(0.0)    eap.sim -   Any-ID-Req = yes

(0.0)    eap.sim -   Subtype = SIM-Start

(0.0)    eap.sim (handled)

(0)    eap -     subrequest - Resuming execution

(0)    eap -   } # subrequest (noop)

(0)    eap -   Sending EAP Request (code 1) ID 220 length 20

(0)    default -   eap (handled)

(0)    default - } # authenticate eap (handled)

(0)    default - Running 'send Access-Challenge' from file
/usr/local/etc/radv4/etc/raddb/sites-enabled/test

(0)    default - send Access-Challenge {

(0)    attr_filter.access_challenge -   | User-Name

(0)    attr_filter.access_challenge -     | %{User-Name}

(0)    attr_filter.access_challenge -     | -->
1525016105897825 at wlan.mnc001.mcc525.3gppnetwork.org

(0)    attr_filter.access_challenge -      -->
1525016105897825 at wlan.mnc001.mcc525.3gppnetwork.org

(0)    attr_filter.access_challenge -   Matched entry DEFAULT at line 12

(0)    default -   attr_filter.access_challenge (updated)

(0)    default -   handled (handled)

(0)    default - } # send Access-Challenge (handled)

(0)    default (ok)

(0)  } # default (ok)

(0)  Done request

(0)  Sending Access-Challenge ID 248 from 0.0.0.0/0:1812 to
10.232.128.52:59140 length 78 via socket radius_udp server * port 1812

(0)    EAP-Message = 0x01dc0014120a00000d0100000f02000200010000

(0)    Message-Authenticator = 0x00000000000000000000000000000000

(0)    State = 0x0101b1000f8fb7a6b591b1d5c40e716b

(0)    Packet-Type = Access-Challenge

(0)  Finished request

proto_radius_udp - cleaning up request in 5.000000s

proto_radius_udp - Received Access-Request ID 249 length 376 radius_udp
server * port 1812

(1)  default {

(1)    Received Access-Request ID 249 from 10.232.128.52:59140 to
10.200.11.154:1812 via ens160

(1)      User-Name = "1525016105897825 at wlan.mnc001.mcc525.3gppnetwork.org"

(1)      NAS-IP-Address = 10.232.128.52

(1)      NAS-Port = 0

(1)      NAS-Identifier = "10.232.128.52"

(1)      NAS-Port-Type = Wireless-802.11

(1)      Calling-Station-Id = "7e95f933088f"

(1)      Called-Station-Id = "f05c19ca427c"

(1)      Service-Type = Framed-User

(1)      Framed-MTU = 1100

(1)      EAP-Message =
0x02dc0058120a00000e0e00333135323530313631303538393738323540776c616e2e6d6e633030312e6d63633532352e336770706e6574776f726b2e6f72670010010001070500009f6d20ac890376a2b4f9d5ff806975c1

(1)      State = 0x0101b1000f8fb7a6b591b1d5c40e716b

(1)      Vendor-Specific.Aruba.Essid-Name = "airplay_sim"

(1)      Vendor-Specific.Aruba.Location-Id = "AP325-SG-Home-1"

(1)      Vendor-Specific.Aruba.AP-Group = "SG_SEATH_AOS10"

(1)      Vendor-Specific.Aruba.AP-MAC-Address = "f05c19ca427c"

(1)      Vendor-Specific.Aruba.Device-MAC-Address = "7e95f933088f"

(1)      Message-Authenticator = 0xf44ed74a30d348832167c0fa3992617e

(1)      Packet-Type = Access-Request

(1)    Running 'recv Access-Request' from file
/usr/local/etc/radv4/etc/raddb/sites-enabled/test

(1)    recv Access-Request {

(1)      chap (noop)

(1)      mschap (noop)

(1)      digest (noop)

*(1)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-RAND1'*

*(1)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-SRES1'*

*(1)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-KC1'*

*(1)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-RAND2'*

*(1)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-SRES2'*

*(1)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-KC2'*

*(1)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-RAND3'*

*(1)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-SRES3'*

*(1)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-KC3'*

(1)      sim_files (ok)

(1)      eap - Peer sent EAP Response (code 2) ID 220 length 88

(1)      eap - Continuing on-going EAP conversation

(1)      eap - Setting &control.Auth-Type = eap

(1)      eap (updated)

(1)      policy expiration {

(1)        if (&control.Expiration)  {

(1)          ...

(1)        }

(1)      } # policy expiration (updated)

(1)      logintime (noop)

(1)      pap (noop)

(1)    } # recv Access-Request (updated)

(1)    default - Running 'authenticate eap' from file
/usr/local/etc/radv4/etc/raddb/sites-enabled/test

(1)    default - authenticate eap {

(1)    eap -   Continuing EAP session

(1)    eap -   Peer sent packet with EAP method SIM (18)

(1)    eap -   Calling submodule eap_sim

(1)    eap -   subrequest {

(1.0)    eap.sim - Decoded attributes

(1.0)    eap.sim -   EAP-Identity = "
1525016105897825 at wlan.mnc001.mcc525.3gppnetwork.org"

(1.0)    eap.sim -   EAP-Type = SIM

(1.0)    eap.sim -   Identity = "
1525016105897825 at wlan.mnc001.mcc525.3gppnetwork.org"

(1.0)    eap.sim -   Selected-Version = 1

(1.0)    eap.sim -   Nonce-MT = 0x9f6d20ac890376a2b4f9d5ff806975c1

(1.0)    eap.sim -   Subtype = SIM-Start

(1.0)    eap.sim - Received EAP-Response/SIM-Start

(1.0)    eap-sim - Stripping 'hint' byte from Permanent-Identity

(1.0)    eap-sim -   &session-state.Permanent-Identity = "
525016105897825 at wlan.mnc001.mcc525.3gppnetwork.org"

(1.0)    eap-sim - recv Identity-Response {

(1.0)    eap-sim -   | debug_attr

*(1.0)    eap-sim -     ERROR: Invalid input: Missing attribute reference*

(1.0)    eap-sim -   | %(debug_attr:{&session-state.})

(1.0)    eap-sim -   if (!&session-state.Tmp-String-0)  {

(1.0)    eap-sim -     ...

(1.0)    eap-sim -   }

(1.0)    eap-sim -   ok (ok)

(1.0)    eap-sim - } # recv Identity-Response (ok)

(1.0)    eap-sim - Changed state SIM-START -> SIM-CHALLENGE

(1.0)    eap-sim - send Challenge-Request {

(1.0)    eap-sim -   &control.SIM-Ki := 0x465b5ce8b199b49faa5f0a2ee238a6bc

(1.0)    eap-sim -   &control.SIM-Opc := 0xcd63cb71954a9f4e48a5994e37a02baf

(1.0)    eap-sim -   &control.SIM-SQN := 3

(1.0)    eap-sim -   &reply.Encr-Data.Next-Reauth-Id :=

(1.0)    eap-sim -   &reply.Encr-Data.Next-Pseudonym :=

(1.0)    eap-sim -   ok (ok)

(1.0)    eap-sim - } # send Challenge-Request (ok)

(1.0)    eap-sim - Acquiring GSM vector(s)

(1.0)    eap-sim - GSM vector[0]

(1.0)    eap-sim -   KC           : 0xaa398ce1e9795b59

(1.0)    eap-sim -   RAND         : 0xe72d740b34ec86183926485feda798d2

(1.0)    eap-sim -   SRES         : 0x1a3b217a

(1.0)    eap-sim - GSM vector[1]

(1.0)    eap-sim -   KC           : 0xd8a60eaf3b6dc607

(1.0)    eap-sim -   RAND         : 0x3358a1eefe5cef50d636c4619decb183

(1.0)    eap-sim -   SRES         : 0x178e177d

(1.0)    eap-sim - GSM vector[2]

(1.0)    eap-sim -   KC           : 0xc1470a0aca5a6b47

(1.0)    eap-sim -   RAND         : 0x2e911af2fe6c7dc599a031b92b2bd466

(1.0)    eap-sim -   SRES         : 0x20aa55da

(1.0)    eap-sim - store session {

(1.0)    eap_sim_cache -   | eap-aka-sim.Session-ID

(1.0)    eap_sim_cache -     | %{eap-aka-sim.Session-ID}

(1.0)    eap_sim_cache -     | --> 0x3578543934775962337a6c466c5569

(1.0)    eap_sim_cache -      --> 0x3578543934775962337a6c466c5569

(1.0)    eap_sim_cache -   No cache entry found for
"0x3578543934775962337a6c466c5569"

(1.0)    eap_sim_cache -   Creating new cache entry

(1.0)    eap_sim_cache -     &session-State.Encr-Data.Counter :=
&session-State.Encr-Data.Counter -> 0

(1.0)    eap_sim_cache -   Committed entry, TTL 15 seconds

(1.0)    eap-sim -   eap_sim_cache (updated)

(1.0)    eap-sim - } # store session (updated)

(1.0)    eap.sim - eap-sim (handled)

(1.0)    eap.sim - Sending EAP-Request/SIM-Challenge

(1.0)    eap.sim - Encoding attributes

(1.0)    eap.sim -   Encr-Data.Next-Reauth-ID = "5xT94wYb3zlFlUi"

(1.0)    eap.sim -   Encr-Data.Next-Pseudonym = "3NIu7O8CcaYW8Gy"

(1.0)    eap.sim -   RAND = 0xe72d740b34ec86183926485feda798d2

(1.0)    eap.sim -   RAND = 0x3358a1eefe5cef50d636c4619decb183

(1.0)    eap.sim -   RAND = 0x2e911af2fe6c7dc599a031b92b2bd466

(1.0)    eap.sim -   MAC = 0x

(1.0)    eap.sim -   Subtype = SIM-Challenge

(1.0)    eap.sim (handled)

(1)    eap -     subrequest - Resuming execution

(1)    eap -   } # subrequest (noop)

(1)    eap -   Sending EAP Request (code 1) ID 221 length 152

(1)    default -   eap (handled)

(1)    default - } # authenticate eap (handled)

(1)    default - Running 'send Access-Challenge' from file
/usr/local/etc/radv4/etc/raddb/sites-enabled/test

(1)    default - send Access-Challenge {

(1)    attr_filter.access_challenge -   | User-Name

(1)    attr_filter.access_challenge -     | %{User-Name}

(1)    attr_filter.access_challenge -     | -->
1525016105897825 at wlan.mnc001.mcc525.3gppnetwork.org

(1)    attr_filter.access_challenge -      -->
1525016105897825 at wlan.mnc001.mcc525.3gppnetwork.org

(1)    attr_filter.access_challenge -   Matched entry DEFAULT at line 12

(1)    default -   attr_filter.access_challenge (updated)

(1)    default -   handled (handled)

(1)    default - } # send Access-Challenge (handled)

(1)    default (ok)

(1)  } # default (ok)

(1)  Done request

(1)  Sending Access-Challenge ID 249 from 0.0.0.0/0:1812 to
10.232.128.52:59140 length 210 via socket radius_udp server * port 1812

(1)    EAP-Message =
0x01dd0098120b00000b0500009f3cb5a97002c186c2ea1dbb34f1f55d010d0000e72d740b34ec86183926485feda798d23358a1eefe5cef50d636c4619decb1832e911af2fe6c7dc599a031b92b2bd46681050000b682371842b5bdacd12a69d27c43f143820d0000d96237c725f160660f4670be81b1a2a8a59335517b52b39b5ed0dcdcd185e11d02a9a7a8d3f12b82d56234aba8d5e0f1

(1)    Message-Authenticator = 0x00000000000000000000000000000000

(1)    State = 0x0203b10097741f88b591b1d5c40e716b

(1)    Packet-Type = Access-Challenge

(1)  Finished request

proto_radius_udp - cleaning up request in 5.000000s

proto_radius_udp - Received Access-Request ID 250 length 300 radius_udp
server * port 1812

(2)  default {

(2)    Received Access-Request ID 250 from 10.232.128.52:59140 to
10.200.11.154:1812 via ens160

(2)      User-Name = "1525016105897825 at wlan.mnc001.mcc525.3gppnetwork.org"

(2)      NAS-IP-Address = 10.232.128.52

(2)      NAS-Port = 0

(2)      NAS-Identifier = "10.232.128.52"

(2)      NAS-Port-Type = Wireless-802.11

(2)      Calling-Station-Id = "7e95f933088f"

(2)      Called-Station-Id = "f05c19ca427c"

(2)      Service-Type = Framed-User

(2)      Framed-MTU = 1100

(2)      EAP-Message = 0x02dd000c120e000016010000

(2)      State = 0x0203b10097741f88b591b1d5c40e716b

(2)      Vendor-Specific.Aruba.Essid-Name = "airplay_sim"

(2)      Vendor-Specific.Aruba.Location-Id = "AP325-SG-Home-1"

(2)      Vendor-Specific.Aruba.AP-Group = "SG_SEATH_AOS10"

(2)      Vendor-Specific.Aruba.AP-MAC-Address = "f05c19ca427c"

(2)      Vendor-Specific.Aruba.Device-MAC-Address = "7e95f933088f"

(2)      Message-Authenticator = 0xf261d6f34752fc6d83c80cd10389650c

(2)      Packet-Type = Access-Request

(2)    Running 'recv Access-Request' from file
/usr/local/etc/radv4/etc/raddb/sites-enabled/test

(2)    recv Access-Request {

(2)      chap (noop)

(2)      mschap (noop)

(2)      digest (noop)

*(2)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-RAND1'*

*(2)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-SRES1'*

*(2)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-KC1'*

*(2)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-RAND2'*

*(2)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-SRES2'*

*(2)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-KC2'*

*(2)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-RAND3'*

*(2)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-SRES3'*

*(2)      sim_files - ERROR: Ignoring unknown attribute 'EAP-Sim-KC3'*

(2)      sim_files (ok)

(2)      eap - Peer sent EAP Response (code 2) ID 221 length 12

(2)      eap - Continuing on-going EAP conversation

(2)      eap - Setting &control.Auth-Type = eap

(2)      eap (updated)

(2)      policy expiration {

(2)        if (&control.Expiration)  {

(2)          ...

(2)        }

(2)      } # policy expiration (updated)

(2)      logintime (noop)

(2)      pap (noop)

(2)    } # recv Access-Request (updated)

(2)    default - Running 'authenticate eap' from file
/usr/local/etc/radv4/etc/raddb/sites-enabled/test

(2)    default - authenticate eap {

(2)    eap -   Continuing EAP session

(2)    eap -   Peer sent packet with EAP method SIM (18)

(2)    eap -   Calling submodule eap_sim

(2)    eap -   subrequest {

(2.0)    eap.sim - Decoded attributes

(2.0)    eap.sim -   EAP-Identity = "
1525016105897825 at wlan.mnc001.mcc525.3gppnetwork.org"

(2.0)    eap.sim -   EAP-Type = SIM

(2.0)    eap.sim -   Client-Error-Code = Unable-To-Process-Packet

(2.0)    eap.sim -   Subtype = AKA-SIM-Client-Error

(2.0)    eap.sim - Received EAP-Response/AKA-SIM-Client-Error

*(2.0)    eap-sim - ERROR: Peer rejected request with error: 0
(Unable-To-Process-Packet)*

(2.0)    eap-sim - clear session {

(2.0)    eap_sim_cache -   | eap-aka-sim.Session-ID

(2.0)    eap_sim_cache -     | %{eap-aka-sim.Session-ID}

(2.0)    eap_sim_cache -     | --> 0x3578543934775962337a6c466c5569

(2.0)    eap_sim_cache -      --> 0x3578543934775962337a6c466c5569

(2.0)    eap_sim_cache -   Found entry for
"0x3578543934775962337a6c466c5569"

(2.0)    eap_sim_cache -   Expiring cache entry

(2.0)    eap-sim -   eap_sim_cache (ok)

(2.0)    eap-sim - } # clear session (ok)

(2.0)    eap-sim - Changed state SIM-CHALLENGE -> EAP-FAILURE

(2.0)    eap-sim - Sending EAP-Failure

(2.0)    eap.sim - eap-sim (reject)

(2.0)    eap.sim (reject)

(2)    eap -     subrequest - Resuming execution

(2)    eap -   } # subrequest (noop)

(2)    eap -   Sending EAP Failure (code 4) ID 221 length 4

(2)    eap -   Cleaning up EAP session

(2)    default -   eap (reject)

(2)    default - } # authenticate eap (reject)

(2)    default - Failed to authenticate the user

(2)    default - Running 'send Access-Reject' from file
/usr/local/etc/radv4/etc/raddb/sites-enabled/test

(2)    default - send Access-Reject {

(2)    attr_filter.access_reject -   | User-Name

(2)    attr_filter.access_reject -     | %{User-Name}

(2)    attr_filter.access_reject -     | -->
1525016105897825 at wlan.mnc001.mcc525.3gppnetwork.org

(2)    attr_filter.access_reject -      -->
1525016105897825 at wlan.mnc001.mcc525.3gppnetwork.org

(2)    attr_filter.access_reject -   Matched entry DEFAULT at line 11

(2)    default -   attr_filter.access_reject (updated)

(2)    default -   eap (noop)

(2)    default -   policy remove_reply_message_if_eap {

(2)    default -     if (&reply.EAP-Message && &reply.Reply-Message)  {

(2)    default -       ...

(2)    default -     }

(2)    default -     else {

(2)    default -       noop (noop)

(2)    default -     } # else (noop)

(2)    default -   } # policy remove_reply_message_if_eap (noop)

(2)    delay_reject -   | (null)

(2)    delay_reject -     | reply.FreeRADIUS-Response-Delay

(2)    delay_reject -       | %{reply.FreeRADIUS-Response-Delay}

(2)    delay_reject -       | -->

(2)    delay_reject -     | %{%{reply.FreeRADIUS-Response-Delay}:-1}

(2)    delay_reject -     | --> 1

(2)    delay_reject -   Delaying request by ~0.991348969s

(2)    delay_reject -   Delay done

(2)    delay_reject -   delay_reject - Resuming execution

(2)    default -   delay_reject (ok)

(2)    default - } # send Access-Reject (updated)

(2)    default (ok)

(2)  } # default (ok)

(2)  Done request

(2)  Sending Access-Reject ID 250 from 0.0.0.0/0:1812 to
10.232.128.52:59140 length
44 via socket radius_udp server * port 1812

(2)    EAP-Message = 0x04dd0004

(2)    Message-Authenticator = 0x00000000000000000000000000000000

(2)    Packet-Type = Access-Reject

(2)  Finished request

proto_radius_udp - cleaning up request in 5.000000s

#############################################

*-MJ*


More information about the Freeradius-Users mailing list