Hi, I tried to get freeradius to work with PEAP. I got LEAP working but I want to use PEAP because it is more secure. It seems I have some problems with the certs. I tried it with the demo certs included in the tar.gz and also with the certs made with the cert.sh in the scripts dir. I installed the cacert.pem on the client PC (it is w2k sp4 with a cisco Aironet card). The access point is a Cisco 1231. I attached a text file with the debugging information.
This e-mail may contain privileged or confidential information and is intended only for use by the addressee. If you are not the addressee, we request you not to use the contents or to disclose it in any manner to third parties, and to inform us immediately by reply email and delete the email from your system. Ahrend denies any responsibility for damages resulting from the use of e-mail.
Mon Oct 18 16:19:39 2004 : Info: Starting - reading configuration files ... Mon Oct 18 16:19:39 2004 : Debug: reread_config: reading radiusd.conf Mon Oct 18 16:19:39 2004 : Debug: Config: including file: /usr/local/etc/raddb/clients.conf Mon Oct 18 16:19:39 2004 : Debug: Config: including file: /usr/local/etc/raddb/snmp.conf Mon Oct 18 16:19:39 2004 : Debug: Config: including file: /usr/local/etc/raddb/eap.conf Mon Oct 18 16:19:39 2004 : Debug: main: prefix = "/usr" Mon Oct 18 16:19:39 2004 : Debug: main: localstatedir = "/var" Mon Oct 18 16:19:39 2004 : Debug: main: logdir = "/var/log/radius" Mon Oct 18 16:19:39 2004 : Debug: main: libdir = "/usr/lib" Mon Oct 18 16:19:39 2004 : Debug: main: radacctdir = "/var/log/radius/radacct" Mon Oct 18 16:19:39 2004 : Debug: main: hostname_lookups = no Mon Oct 18 16:19:39 2004 : Debug: main: max_request_time = 30 Mon Oct 18 16:19:39 2004 : Debug: main: cleanup_delay = 5 Mon Oct 18 16:19:39 2004 : Debug: main: max_requests = 1024 Mon Oct 18 16:19:39 2004 : Debug: main: delete_blocked_requests = 0 Mon Oct 18 16:19:39 2004 : Debug: main: port = 0 Mon Oct 18 16:19:39 2004 : Debug: main: allow_core_dumps = no Mon Oct 18 16:19:39 2004 : Debug: main: log_stripped_names = no Mon Oct 18 16:19:39 2004 : Debug: main: log_file = "/var/log/radius/radius.log" Mon Oct 18 16:19:39 2004 : Debug: main: log_destination = "files" Mon Oct 18 16:19:39 2004 : Debug: main: log_auth = no Mon Oct 18 16:19:39 2004 : Debug: main: log_auth_badpass = no Mon Oct 18 16:19:39 2004 : Debug: main: log_auth_goodpass = no Mon Oct 18 16:19:39 2004 : Debug: main: pidfile = "/var/run/radiusd/radiusd.pid" Mon Oct 18 16:19:39 2004 : Debug: main: user = "radiusd" Mon Oct 18 16:19:39 2004 : Debug: main: group = "radiusd" Mon Oct 18 16:19:39 2004 : Debug: main: usercollide = no Mon Oct 18 16:19:39 2004 : Debug: main: lower_user = "no" Mon Oct 18 16:19:39 2004 : Debug: main: lower_pass = "no" Mon Oct 18 16:19:39 2004 : Debug: main: nospace_user = "no" Mon Oct 18 16:19:39 2004 : Debug: main: nospace_pass = "no" Mon Oct 18 16:19:39 2004 : Debug: main: checkrad = "/usr/sbin/checkrad" Mon Oct 18 16:19:39 2004 : Debug: main: debug_level = 0 Mon Oct 18 16:19:39 2004 : Debug: main: proxy_requests = no Mon Oct 18 16:19:39 2004 : Debug: security: max_attributes = 200 Mon Oct 18 16:19:39 2004 : Debug: security: reject_delay = 1 Mon Oct 18 16:19:39 2004 : Debug: security: status_server = no Mon Oct 18 16:19:39 2004 : Debug: read_config_files: reading dictionary Mon Oct 18 16:19:39 2004 : Debug: read_config_files: reading naslist Mon Oct 18 16:19:39 2004 : Info: Using deprecated naslist file. Support for this will go away soon. Mon Oct 18 16:19:39 2004 : Debug: read_config_files: reading clients Mon Oct 18 16:19:39 2004 : Debug: read_config_files: reading realms Mon Oct 18 16:19:39 2004 : Debug: radiusd: entering modules setup Mon Oct 18 16:19:39 2004 : Debug: Module: Library search path is /usr/lib Mon Oct 18 16:19:39 2004 : Debug: Module: Loaded exec Mon Oct 18 16:19:39 2004 : Debug: exec: wait = yes Mon Oct 18 16:19:39 2004 : Debug: exec: program = "(null)" Mon Oct 18 16:19:39 2004 : Debug: exec: input_pairs = "request" Mon Oct 18 16:19:39 2004 : Debug: exec: output_pairs = "(null)" Mon Oct 18 16:19:39 2004 : Debug: exec: packet_type = "(null)" Mon Oct 18 16:19:39 2004 : Info: rlm_exec: Wait=yes but no output defined. Did you mean output=none? Mon Oct 18 16:19:39 2004 : Debug: Module: Instantiated exec (exec) Mon Oct 18 16:19:39 2004 : Debug: Module: Loaded expr Mon Oct 18 16:19:39 2004 : Debug: Module: Instantiated expr (expr) Mon Oct 18 16:19:39 2004 : Debug: Module: Loaded PAP Mon Oct 18 16:19:39 2004 : Debug: pap: encryption_scheme = "crypt" Mon Oct 18 16:19:39 2004 : Debug: Module: Instantiated pap (pap) Mon Oct 18 16:19:39 2004 : Debug: Module: Loaded CHAP Mon Oct 18 16:19:39 2004 : Debug: Module: Instantiated chap (chap) Mon Oct 18 16:19:39 2004 : Debug: Module: Loaded MS-CHAP Mon Oct 18 16:19:39 2004 : Debug: mschap: use_mppe = yes Mon Oct 18 16:19:39 2004 : Debug: mschap: require_encryption = no Mon Oct 18 16:19:39 2004 : Debug: mschap: require_strong = no Mon Oct 18 16:19:39 2004 : Debug: mschap: with_ntdomain_hack = yes Mon Oct 18 16:19:39 2004 : Debug: mschap: passwd = "(null)" Mon Oct 18 16:19:39 2004 : Debug: mschap: authtype = "MS-CHAP" Mon Oct 18 16:19:39 2004 : Debug: mschap: ntlm_auth = "/usr/local/samba/bin/ntlm_auth --request-nt-key --username=%{Stripped-User-Name:-%{User-Name:-None}} --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}" Mon Oct 18 16:19:39 2004 : Debug: Module: Instantiated mschap (mschap) Mon Oct 18 16:19:39 2004 : Debug: Module: Loaded System Mon Oct 18 16:19:39 2004 : Debug: unix: cache = no Mon Oct 18 16:19:39 2004 : Debug: unix: passwd = "(null)" Mon Oct 18 16:19:39 2004 : Debug: unix: shadow = "/etc/shadow" Mon Oct 18 16:19:39 2004 : Debug: unix: group = "(null)" Mon Oct 18 16:19:39 2004 : Debug: unix: radwtmp = "/var/log/radius/radwtmp" Mon Oct 18 16:19:39 2004 : Debug: unix: usegroup = no Mon Oct 18 16:19:39 2004 : Debug: unix: cache_reload = 600 Mon Oct 18 16:19:39 2004 : Debug: Module: Instantiated unix (unix) Mon Oct 18 16:19:39 2004 : Debug: Module: Loaded eap Mon Oct 18 16:19:39 2004 : Debug: eap: default_eap_type = "peap" Mon Oct 18 16:19:39 2004 : Debug: eap: timer_expire = 60 Mon Oct 18 16:19:39 2004 : Debug: eap: ignore_unknown_eap_types = no Mon Oct 18 16:19:39 2004 : Debug: eap: cisco_accounting_username_bug = no Mon Oct 18 16:19:39 2004 : Debug: rlm_eap: Loaded and initialized type md5 Mon Oct 18 16:19:39 2004 : Debug: rlm_eap: Loaded and initialized type leap Mon Oct 18 16:19:39 2004 : Debug: gtc: challenge = "Password: " Mon Oct 18 16:19:39 2004 : Debug: gtc: auth_type = "PAP" Mon Oct 18 16:19:39 2004 : Debug: rlm_eap: Loaded and initialized type gtc Mon Oct 18 16:19:39 2004 : Debug: tls: rsa_key_exchange = no Mon Oct 18 16:19:39 2004 : Debug: tls: dh_key_exchange = yes Mon Oct 18 16:19:39 2004 : Debug: tls: rsa_key_length = 512 Mon Oct 18 16:19:39 2004 : Debug: tls: dh_key_length = 512 Mon Oct 18 16:19:39 2004 : Debug: tls: verify_depth = 0 Mon Oct 18 16:19:39 2004 : Debug: tls: CA_path = "(null)" Mon Oct 18 16:19:39 2004 : Debug: tls: pem_file_type = yes Mon Oct 18 16:19:39 2004 : Debug: tls: private_key_file = "/usr/local/etc/raddb/certs/cert-srv.pem" Mon Oct 18 16:19:39 2004 : Debug: tls: certificate_file = "/usr/local/etc/raddb/certs/cert-srv.pem" Mon Oct 18 16:19:39 2004 : Debug: tls: CA_file = "/usr/local/etc/raddb/certs/demoCA/cacert.pem" Mon Oct 18 16:19:39 2004 : Debug: tls: private_key_password = "whatever" Mon Oct 18 16:19:39 2004 : Debug: tls: dh_file = "/usr/local/etc/raddb/certs/dh" Mon Oct 18 16:19:39 2004 : Debug: tls: random_file = "/usr/local/etc/raddb/certs/random" Mon Oct 18 16:19:39 2004 : Debug: tls: fragment_size = 1024 Mon Oct 18 16:19:39 2004 : Debug: tls: include_length = yes Mon Oct 18 16:19:39 2004 : Debug: tls: check_crl = no Mon Oct 18 16:19:39 2004 : Debug: tls: check_cert_cn = "(null)" Mon Oct 18 16:19:39 2004 : Debug: rlm_eap: Loaded and initialized type tls Mon Oct 18 16:19:39 2004 : Debug: peap: default_eap_type = "mschapv2" Mon Oct 18 16:19:39 2004 : Debug: peap: copy_request_to_tunnel = no Mon Oct 18 16:19:39 2004 : Debug: peap: use_tunneled_reply = no Mon Oct 18 16:19:39 2004 : Debug: peap: proxy_tunneled_request_as_eap = yes Mon Oct 18 16:19:39 2004 : Debug: rlm_eap: Loaded and initialized type peap Mon Oct 18 16:19:39 2004 : Debug: mschapv2: with_ntdomain_hack = no Mon Oct 18 16:19:39 2004 : Debug: rlm_eap: Loaded and initialized type mschapv2 Mon Oct 18 16:19:39 2004 : Debug: Module: Instantiated eap (eap) Mon Oct 18 16:19:39 2004 : Debug: Module: Loaded preprocess Mon Oct 18 16:19:39 2004 : Debug: preprocess: huntgroups = "/usr/local/etc/raddb/huntgroups" Mon Oct 18 16:19:39 2004 : Debug: preprocess: hints = "/usr/local/etc/raddb/hints" Mon Oct 18 16:19:39 2004 : Debug: preprocess: with_ascend_hack = no Mon Oct 18 16:19:39 2004 : Debug: preprocess: ascend_channels_per_line = 23 Mon Oct 18 16:19:39 2004 : Debug: preprocess: with_ntdomain_hack = no Mon Oct 18 16:19:39 2004 : Debug: preprocess: with_specialix_jetstream_hack = no Mon Oct 18 16:19:39 2004 : Debug: preprocess: with_cisco_vsa_hack = no Mon Oct 18 16:19:39 2004 : Debug: Module: Instantiated preprocess (preprocess) Mon Oct 18 16:19:39 2004 : Debug: Module: Loaded realm Mon Oct 18 16:19:39 2004 : Debug: realm: format = "prefix" Mon Oct 18 16:19:39 2004 : Debug: realm: delimiter = "\" Mon Oct 18 16:19:39 2004 : Debug: realm: ignore_default = no Mon Oct 18 16:19:39 2004 : Debug: realm: ignore_null = no Mon Oct 18 16:19:39 2004 : Debug: Module: Instantiated realm (ntdomain) Mon Oct 18 16:19:39 2004 : Debug: Module: Loaded files Mon Oct 18 16:19:39 2004 : Debug: files: usersfile = "/usr/local/etc/raddb/users" Mon Oct 18 16:19:39 2004 : Debug: files: acctusersfile = "/usr/local/etc/raddb/acct_users" Mon Oct 18 16:19:39 2004 : Debug: files: preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users" Mon Oct 18 16:19:39 2004 : Debug: files: compat = "no" Mon Oct 18 16:19:39 2004 : Debug: Module: Instantiated files (files) Mon Oct 18 16:19:39 2004 : Debug: Module: Loaded Acct-Unique-Session-Id Mon Oct 18 16:19:39 2004 : Debug: acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port" Mon Oct 18 16:19:39 2004 : Debug: Module: Instantiated acct_unique (acct_unique) Mon Oct 18 16:19:39 2004 : Debug: realm: format = "suffix" Mon Oct 18 16:19:39 2004 : Debug: realm: delimiter = "@" Mon Oct 18 16:19:39 2004 : Debug: realm: ignore_default = no Mon Oct 18 16:19:39 2004 : Debug: realm: ignore_null = no Mon Oct 18 16:19:39 2004 : Debug: Module: Instantiated realm (suffix) Mon Oct 18 16:19:39 2004 : Debug: Module: Loaded detail Mon Oct 18 16:19:39 2004 : Debug: detail: detailfile = "/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d" Mon Oct 18 16:19:39 2004 : Debug: detail: detailperm = 384 Mon Oct 18 16:19:39 2004 : Debug: detail: dirperm = 493 Mon Oct 18 16:19:39 2004 : Debug: detail: locking = no Mon Oct 18 16:19:39 2004 : Debug: Module: Instantiated detail (detail) Mon Oct 18 16:19:39 2004 : Debug: Module: Loaded radutmp Mon Oct 18 16:19:39 2004 : Debug: radutmp: filename = "/var/log/radius/radutmp" Mon Oct 18 16:19:39 2004 : Debug: radutmp: username = "%{User-Name}" Mon Oct 18 16:19:39 2004 : Debug: radutmp: case_sensitive = yes Mon Oct 18 16:19:39 2004 : Debug: radutmp: check_with_nas = yes Mon Oct 18 16:19:39 2004 : Debug: radutmp: perm = 384 Mon Oct 18 16:19:39 2004 : Debug: radutmp: callerid = yes Mon Oct 18 16:19:39 2004 : Debug: Module: Instantiated radutmp (radutmp) Mon Oct 18 16:19:39 2004 : Debug: Listening on authentication *:1812 Mon Oct 18 16:19:39 2004 : Debug: Listening on accounting *:1813 Mon Oct 18 16:19:39 2004 : Info: Ready to process requests. rad_recv: Access-Request packet from host 150.50.20.242:21647, id=159, length=149 User-Name = "tblom" Framed-MTU = 1400 Called-Station-Id = "0011.2068.9050" Calling-Station-Id = "0040.96a4.0c50" Message-Authenticator = 0xe2a2fe33f48d1d326f4f6d8e8b5fbc9b EAP-Message = 0x0202000a0174626c6f6d NAS-Port-Type = Wireless-802.11 NAS-Port = 423 State = 0x228c584906fa426a62be74589f5f6348 Service-Type = Framed-User NAS-IP-Address = 150.50.20.242 NAS-Identifier = "nl-nwg-ap2" Mon Oct 18 16:19:43 2004 : Debug: Processing the authorize section of radiusd.conf Mon Oct 18 16:19:43 2004 : Debug: modcall: entering group authorize for request 0 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling preprocess (rlm_preprocess) for request 0 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 0 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "preprocess" returns ok for request 0 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling chap (rlm_chap) for request 0 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from chap (rlm_chap) for request 0 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "chap" returns noop for request 0 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling mschap (rlm_mschap) for request 0 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from mschap (rlm_mschap) for request 0 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "mschap" returns noop for request 0 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling ntdomain (rlm_realm) for request 0 Mon Oct 18 16:19:43 2004 : Debug: rlm_realm: No '\' in User-Name = "tblom", looking up realm NULL Mon Oct 18 16:19:43 2004 : Debug: rlm_realm: No such realm "NULL" Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from ntdomain (rlm_realm) for request 0 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "ntdomain" returns noop for request 0 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling eap (rlm_eap) for request 0 Mon Oct 18 16:19:43 2004 : Debug: rlm_eap: EAP packet type response id 2 length 10 Mon Oct 18 16:19:43 2004 : Debug: rlm_eap: No EAP Start, assuming it's an on-going EAP conversation Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from eap (rlm_eap) for request 0 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "eap" returns updated for request 0 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling files (rlm_files) for request 0 Mon Oct 18 16:19:43 2004 : Debug: users: Matched DEFAULT at 152 Mon Oct 18 16:19:43 2004 : Debug: users: Matched DEFAULT at 171 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from files (rlm_files) for request 0 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "files" returns ok for request 0 Mon Oct 18 16:19:43 2004 : Debug: modcall: group authorize returns updated for request 0 Mon Oct 18 16:19:43 2004 : Debug: rad_check_password: Found Auth-Type EAP Mon Oct 18 16:19:43 2004 : Debug: auth: type "EAP" Mon Oct 18 16:19:43 2004 : Debug: Processing the authenticate section of radiusd.conf Mon Oct 18 16:19:43 2004 : Debug: modcall: entering group authenticate for request 0 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authenticate]: calling eap (rlm_eap) for request 0 Mon Oct 18 16:19:43 2004 : Debug: rlm_eap: EAP Identity Mon Oct 18 16:19:43 2004 : Debug: rlm_eap: processing type tls Mon Oct 18 16:19:43 2004 : Debug: rlm_eap_tls: Initiate Mon Oct 18 16:19:43 2004 : Debug: rlm_eap_tls: Start returned 1 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authenticate]: returned from eap (rlm_eap) for request 0 Mon Oct 18 16:19:43 2004 : Debug: modcall[authenticate]: module "eap" returns handled for request 0 Mon Oct 18 16:19:43 2004 : Debug: modcall: group authenticate returns handled for request 0 Sending Access-Challenge of id 159 to 150.50.20.242:21647 Framed-IP-Address = 255.255.255.254 Framed-MTU = 576 Service-Type = Framed-User EAP-Message = 0x010300061920 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xa40e086b97b14cbf880dbdcc7e53e9fb Mon Oct 18 16:19:43 2004 : Debug: Finished request 0 Mon Oct 18 16:19:43 2004 : Debug: Going to the next request Mon Oct 18 16:19:43 2004 : Debug: --- Walking the entire request list --- Mon Oct 18 16:19:43 2004 : Debug: Waking up in 6 seconds... rad_recv: Access-Request packet from host 150.50.20.242:21647, id=160, length=245 User-Name = "tblom" Framed-MTU = 1400 Called-Station-Id = "0011.2068.9050" Calling-Station-Id = "0040.96a4.0c50" Message-Authenticator = 0x17bd8dbd9b9586b0bc77556a456ba5bf EAP-Message = 0x0203006a198000000060160301005b0100005703014173b82b5fd603d6c2e934958631db0f3133631caf286c3b7823230daf559fb300003000390038003500160013000a00330032002f0066000500040065006400630062006000150012000900140011000800030100 NAS-Port-Type = Wireless-802.11 NAS-Port = 423 State = 0xa40e086b97b14cbf880dbdcc7e53e9fb Service-Type = Framed-User NAS-IP-Address = 150.50.20.242 NAS-Identifier = "nl-nwg-ap2" Mon Oct 18 16:19:43 2004 : Debug: Processing the authorize section of radiusd.conf Mon Oct 18 16:19:43 2004 : Debug: modcall: entering group authorize for request 1 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling preprocess (rlm_preprocess) for request 1 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 1 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "preprocess" returns ok for request 1 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling chap (rlm_chap) for request 1 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from chap (rlm_chap) for request 1 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "chap" returns noop for request 1 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling mschap (rlm_mschap) for request 1 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from mschap (rlm_mschap) for request 1 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "mschap" returns noop for request 1 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling ntdomain (rlm_realm) for request 1 Mon Oct 18 16:19:43 2004 : Debug: rlm_realm: No '\' in User-Name = "tblom", looking up realm NULL Mon Oct 18 16:19:43 2004 : Debug: rlm_realm: No such realm "NULL" Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from ntdomain (rlm_realm) for request 1 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "ntdomain" returns noop for request 1 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling eap (rlm_eap) for request 1 Mon Oct 18 16:19:43 2004 : Debug: rlm_eap: EAP packet type response id 3 length 106 Mon Oct 18 16:19:43 2004 : Debug: rlm_eap: No EAP Start, assuming it's an on-going EAP conversation Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from eap (rlm_eap) for request 1 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "eap" returns updated for request 1 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling files (rlm_files) for request 1 Mon Oct 18 16:19:43 2004 : Debug: users: Matched DEFAULT at 152 Mon Oct 18 16:19:43 2004 : Debug: users: Matched DEFAULT at 171 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from files (rlm_files) for request 1 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "files" returns ok for request 1 Mon Oct 18 16:19:43 2004 : Debug: modcall: group authorize returns updated for request 1 Mon Oct 18 16:19:43 2004 : Debug: rad_check_password: Found Auth-Type EAP Mon Oct 18 16:19:43 2004 : Debug: auth: type "EAP" Mon Oct 18 16:19:43 2004 : Debug: Processing the authenticate section of radiusd.conf Mon Oct 18 16:19:43 2004 : Debug: modcall: entering group authenticate for request 1 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authenticate]: calling eap (rlm_eap) for request 1 Mon Oct 18 16:19:43 2004 : Debug: rlm_eap: Request found, released from the list Mon Oct 18 16:19:43 2004 : Debug: rlm_eap: EAP/peap Mon Oct 18 16:19:43 2004 : Debug: rlm_eap: processing type peap Mon Oct 18 16:19:43 2004 : Debug: rlm_eap_peap: Authenticate Mon Oct 18 16:19:43 2004 : Debug: rlm_eap_tls: processing TLS Mon Oct 18 16:19:43 2004 : Info: rlm_eap_tls: Length Included Mon Oct 18 16:19:43 2004 : Debug: eaptls_verify returned 11 Mon Oct 18 16:19:43 2004 : Info: (other): before/accept initialization Mon Oct 18 16:19:43 2004 : Info: TLS_accept: before/accept initialization Mon Oct 18 16:19:43 2004 : Debug: rlm_eap_tls: <<< TLS 1.0 Handshake [length 005b], ClientHello Mon Oct 18 16:19:43 2004 : Info: TLS_accept: SSLv3 read client hello A Mon Oct 18 16:19:43 2004 : Debug: rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello Mon Oct 18 16:19:43 2004 : Info: TLS_accept: SSLv3 write server hello A Mon Oct 18 16:19:43 2004 : Debug: rlm_eap_tls: >>> TLS 1.0 Handshake [length 0630], Certificate Mon Oct 18 16:19:43 2004 : Info: TLS_accept: SSLv3 write certificate A Mon Oct 18 16:19:43 2004 : Debug: rlm_eap_tls: >>> TLS 1.0 Handshake [length 010d], ServerKeyExchange Mon Oct 18 16:19:43 2004 : Info: TLS_accept: SSLv3 write key exchange A Mon Oct 18 16:19:43 2004 : Debug: rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone Mon Oct 18 16:19:43 2004 : Info: TLS_accept: SSLv3 write server done A Mon Oct 18 16:19:43 2004 : Info: TLS_accept: SSLv3 flush data Mon Oct 18 16:19:43 2004 : Error: TLS_accept:error in SSLv3 read client certificate A Mon Oct 18 16:19:43 2004 : Debug: In SSL Handshake Phase Mon Oct 18 16:19:43 2004 : Debug: In SSL Accept mode Mon Oct 18 16:19:43 2004 : Debug: eaptls_process returned 13 Mon Oct 18 16:19:43 2004 : Debug: rlm_eap_peap: EAPTLS_HANDLED Mon Oct 18 16:19:43 2004 : Debug: modsingle[authenticate]: returned from eap (rlm_eap) for request 1 Mon Oct 18 16:19:43 2004 : Debug: modcall[authenticate]: module "eap" returns handled for request 1 Mon Oct 18 16:19:43 2004 : Debug: modcall: group authenticate returns handled for request 1 Sending Access-Challenge of id 160 to 150.50.20.242:21647 Framed-IP-Address = 255.255.255.254 Framed-MTU = 576 Service-Type = Framed-User EAP-Message = 0x0104040a19c00000079f160301004a0200004603014173d0ffc4a599cc489754d3d9f1a1fe434891cea63ddbb802336611b8f4d19a20adb336c1f5470b87136592e2e6de67daf77b316c231a76d6bb151427e41316b400390016030106300b00062c0006290002b1308202ad30820216a003020102020102300d06092a864886f70d0101040500308187310b3009060355040613024e4c3110300e0603550408130755747265636874311330110603550407130a4e69657577656765696e310f300d060355040a1306416872656e64310c300a060355040b1303495453310f300d06035504031306636c69656e743121301f06092a864886f70d010901 EAP-Message = 0x16126e6574776f726b40616872656e642e636f6d301e170d3034313031383133353534315a170d3035313031383133353534315a308197310b3009060355040613024e4c3110300e0603550408130755747265636874311330110603550407130a4e69657577656765696e310f300d060355040a1306416872656e64310c300a060355040b1303495453311f301d0603550403131666726565726164697573312e616872656e642e6e65743121301f06092a864886f70d01090116126e6574776f726b40616872656e642e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100d2d0c7bad121988fff4593063b9ce092bd1e EAP-Message = 0xf52ac4125f1cc42ad1dc1fcfaf3d50c98d3d1fb0a001c33dd71fcba419abe83c8dcb60719f06d716259af6605f81f457cc1710d00c64c02260095c3b56327e02776cfde19077203a001a2795dbd914a6a074157991dd96e6b3a88e12d59a00678b60c85295aa6678d550e1b8aed90203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d010104050003818100c21ff8615b05f7c691fc30167c3dc2cdb72d2859b95f57f1f5cd46bdc941381f69756d1635346009cab90083e2a0cb6273ddf66b12647409ff7bb32f4482fc275ff437df5b26a99011d098a34f447c0d827082f37c87b691e374a3a5ef89 EAP-Message = 0x3b6b26f7ba025cedb2f6e5c616588551c5154e1265da964bbcb9a749da99a1123a5e0003723082036e308202d7a003020102020100300d06092a864886f70d0101040500308187310b3009060355040613024e4c3110300e0603550408130755747265636874311330110603550407130a4e69657577656765696e310f300d060355040a1306416872656e64310c300a060355040b1303495453310f300d06035504031306636c69656e743121301f06092a864886f70d01090116126e6574776f726b40616872656e642e636f6d301e170d3034313031383133353435315a170d3036313031383133353435315a308187310b3009060355040613024e EAP-Message = 0x4c3110300e0603550408130755747265636874311330 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xb7ad9219b7ccb73b0f4d99655e123b49 Mon Oct 18 16:19:43 2004 : Debug: Finished request 1 Mon Oct 18 16:19:43 2004 : Debug: Going to the next request Mon Oct 18 16:19:43 2004 : Debug: Waking up in 6 seconds... rad_recv: Access-Request packet from host 150.50.20.242:21647, id=161, length=145 User-Name = "tblom" Framed-MTU = 1400 Called-Station-Id = "0011.2068.9050" Calling-Station-Id = "0040.96a4.0c50" Message-Authenticator = 0x026a509f9f968e687eb9f74feec6b5e6 EAP-Message = 0x020400061900 NAS-Port-Type = Wireless-802.11 NAS-Port = 423 State = 0xb7ad9219b7ccb73b0f4d99655e123b49 Service-Type = Framed-User NAS-IP-Address = 150.50.20.242 NAS-Identifier = "nl-nwg-ap2" Mon Oct 18 16:19:43 2004 : Debug: Processing the authorize section of radiusd.conf Mon Oct 18 16:19:43 2004 : Debug: modcall: entering group authorize for request 2 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "preprocess" returns ok for request 2 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling chap (rlm_chap) for request 2 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from chap (rlm_chap) for request 2 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "chap" returns noop for request 2 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling mschap (rlm_mschap) for request 2 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from mschap (rlm_mschap) for request 2 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "mschap" returns noop for request 2 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling ntdomain (rlm_realm) for request 2 Mon Oct 18 16:19:43 2004 : Debug: rlm_realm: No '\' in User-Name = "tblom", looking up realm NULL Mon Oct 18 16:19:43 2004 : Debug: rlm_realm: No such realm "NULL" Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from ntdomain (rlm_realm) for request 2 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "ntdomain" returns noop for request 2 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling eap (rlm_eap) for request 2 Mon Oct 18 16:19:43 2004 : Debug: rlm_eap: EAP packet type response id 4 length 6 Mon Oct 18 16:19:43 2004 : Debug: rlm_eap: No EAP Start, assuming it's an on-going EAP conversation Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from eap (rlm_eap) for request 2 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "eap" returns updated for request 2 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling files (rlm_files) for request 2 Mon Oct 18 16:19:43 2004 : Debug: users: Matched DEFAULT at 152 Mon Oct 18 16:19:43 2004 : Debug: users: Matched DEFAULT at 171 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from files (rlm_files) for request 2 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "files" returns ok for request 2 Mon Oct 18 16:19:43 2004 : Debug: modcall: group authorize returns updated for request 2 Mon Oct 18 16:19:43 2004 : Debug: rad_check_password: Found Auth-Type EAP Mon Oct 18 16:19:43 2004 : Debug: auth: type "EAP" Mon Oct 18 16:19:43 2004 : Debug: Processing the authenticate section of radiusd.conf Mon Oct 18 16:19:43 2004 : Debug: modcall: entering group authenticate for request 2 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authenticate]: calling eap (rlm_eap) for request 2 Mon Oct 18 16:19:43 2004 : Debug: rlm_eap: Request found, released from the list Mon Oct 18 16:19:43 2004 : Debug: rlm_eap: EAP/peap Mon Oct 18 16:19:43 2004 : Debug: rlm_eap: processing type peap Mon Oct 18 16:19:43 2004 : Debug: rlm_eap_peap: Authenticate Mon Oct 18 16:19:43 2004 : Debug: rlm_eap_tls: processing TLS Mon Oct 18 16:19:43 2004 : Info: rlm_eap_tls: Received EAP-TLS ACK message Mon Oct 18 16:19:43 2004 : Debug: rlm_eap_tls: ack handshake fragment handler Mon Oct 18 16:19:43 2004 : Debug: eaptls_verify returned 1 Mon Oct 18 16:19:43 2004 : Debug: eaptls_process returned 13 Mon Oct 18 16:19:43 2004 : Debug: rlm_eap_peap: EAPTLS_HANDLED Mon Oct 18 16:19:43 2004 : Debug: modsingle[authenticate]: returned from eap (rlm_eap) for request 2 Mon Oct 18 16:19:43 2004 : Debug: modcall[authenticate]: module "eap" returns handled for request 2 Mon Oct 18 16:19:43 2004 : Debug: modcall: group authenticate returns handled for request 2 Sending Access-Challenge of id 161 to 150.50.20.242:21647 Framed-IP-Address = 255.255.255.254 Framed-MTU = 576 Service-Type = Framed-User EAP-Message = 0x010503a51900110603550407130a4e69657577656765696e310f300d060355040a1306416872656e64310c300a060355040b1303495453310f300d06035504031306636c69656e743121301f06092a864886f70d01090116126e6574776f726b40616872656e642e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100e15a7c9c16e4668eca34b05bcdacdb5b9b903da9fdc30d6d4df977c2175b0e68fecd186f1dce850c7f4081d751e5ebf9409b5f616d7183904d002b7ef2e8007cad99eaf75f825dec5a46636b61c14a8d3a3bc355c6b69c200d982fa8a5d2795bd43329ac6d96eb4b802f4bf49c7218646cd5c24a2a EAP-Message = 0x1d0371ccd4d47b9e1d7f010203010001a381e73081e4301d0603551d0e04160414e2fcbf2b8a5051d1d1d5c43b48e13e069e1326923081b40603551d230481ac3081a98014e2fcbf2b8a5051d1d1d5c43b48e13e069e132692a1818da4818a308187310b3009060355040613024e4c3110300e0603550408130755747265636874311330110603550407130a4e69657577656765696e310f300d060355040a1306416872656e64310c300a060355040b1303495453310f300d06035504031306636c69656e743121301f06092a864886f70d01090116126e6574776f726b40616872656e642e636f6d820100300c0603551d13040530030101ff300d06 EAP-Message = 0x092a864886f70d0101040500038181004fed64e01afa681f2df75310977ee2037cdb9426043fff92416455d36057d81624b3f025cddff3c47568496799cbd921741b4181a0fc284b424cfa39f86576412bbeba142617de21be88671816c6c1fea144c583030146a07a923b42f25e0dafaffe2e523e2b924d62a4c213603f8c99fd3ecc8f0cb584353be3d6f37edf0cf3160301010d0c0001090040be3f286290c717f0d968717f730fa6fe09d031a45bb75bab3354ef39960f021e06d419ce3da7156882ea93af34b0e922ebcab94227e4ee01ea91adf8263fd15300010200408c5094894279891ab9a9e69987678c4f213edcd7d4e4e1e35e4a242a35 EAP-Message = 0x0cdf75868d13ff879ceace4a9a521b31be235647d91f41b0c3f1450f8d7a172d7e47b70080308d67fa427481eeee79dc185d067b749b48a025784a0a52cf56edffc2772bcf7c3e9d8dcf6e75aa0b98d027cbc008f7ffdd899663bd80269dcc96d8fd2efc7710b964a9a9669854f9ff89c03a0b8abff9d6c7f149d88a306be57edf7ec606e8566403630b7e95e2870d3ad6f859649b10923bc8420dc57454b72d04d1841a2c16030100040e000000 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x08eec8e609c8645d9632a323bab5d8c2 Mon Oct 18 16:19:43 2004 : Debug: Finished request 2 Mon Oct 18 16:19:43 2004 : Debug: Going to the next request Mon Oct 18 16:19:43 2004 : Debug: Waking up in 6 seconds... rad_recv: Access-Request packet from host 150.50.20.242:21647, id=162, length=156 User-Name = "tblom" Framed-MTU = 1400 Called-Station-Id = "0011.2068.9050" Calling-Station-Id = "0040.96a4.0c50" Message-Authenticator = 0xf6591de4ce5e5287efc17d33879fcaa3 EAP-Message = 0x020500111980000000071503010002022a NAS-Port-Type = Wireless-802.11 NAS-Port = 423 State = 0x08eec8e609c8645d9632a323bab5d8c2 Service-Type = Framed-User NAS-IP-Address = 150.50.20.242 NAS-Identifier = "nl-nwg-ap2" Mon Oct 18 16:19:43 2004 : Debug: Processing the authorize section of radiusd.conf Mon Oct 18 16:19:43 2004 : Debug: modcall: entering group authorize for request 3 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling preprocess (rlm_preprocess) for request 3 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 3 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "preprocess" returns ok for request 3 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling chap (rlm_chap) for request 3 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from chap (rlm_chap) for request 3 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "chap" returns noop for request 3 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling mschap (rlm_mschap) for request 3 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from mschap (rlm_mschap) for request 3 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "mschap" returns noop for request 3 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling ntdomain (rlm_realm) for request 3 Mon Oct 18 16:19:43 2004 : Debug: rlm_realm: No '\' in User-Name = "tblom", looking up realm NULL Mon Oct 18 16:19:43 2004 : Debug: rlm_realm: No such realm "NULL" Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from ntdomain (rlm_realm) for request 3 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "ntdomain" returns noop for request 3 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling eap (rlm_eap) for request 3 Mon Oct 18 16:19:43 2004 : Debug: rlm_eap: EAP packet type response id 5 length 17 Mon Oct 18 16:19:43 2004 : Debug: rlm_eap: No EAP Start, assuming it's an on-going EAP conversation Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from eap (rlm_eap) for request 3 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "eap" returns updated for request 3 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: calling files (rlm_files) for request 3 Mon Oct 18 16:19:43 2004 : Debug: users: Matched DEFAULT at 152 Mon Oct 18 16:19:43 2004 : Debug: users: Matched DEFAULT at 171 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authorize]: returned from files (rlm_files) for request 3 Mon Oct 18 16:19:43 2004 : Debug: modcall[authorize]: module "files" returns ok for request 3 Mon Oct 18 16:19:43 2004 : Debug: modcall: group authorize returns updated for request 3 Mon Oct 18 16:19:43 2004 : Debug: rad_check_password: Found Auth-Type EAP Mon Oct 18 16:19:43 2004 : Debug: auth: type "EAP" Mon Oct 18 16:19:43 2004 : Debug: Processing the authenticate section of radiusd.conf Mon Oct 18 16:19:43 2004 : Debug: modcall: entering group authenticate for request 3 Mon Oct 18 16:19:43 2004 : Debug: modsingle[authenticate]: calling eap (rlm_eap) for request 3 Mon Oct 18 16:19:43 2004 : Debug: rlm_eap: Request found, released from the list Mon Oct 18 16:19:43 2004 : Debug: rlm_eap: EAP/peap Mon Oct 18 16:19:43 2004 : Debug: rlm_eap: processing type peap Mon Oct 18 16:19:43 2004 : Debug: rlm_eap_peap: Authenticate Mon Oct 18 16:19:43 2004 : Debug: rlm_eap_tls: processing TLS Mon Oct 18 16:19:43 2004 : Info: rlm_eap_tls: Length Included Mon Oct 18 16:19:43 2004 : Debug: eaptls_verify returned 11 Mon Oct 18 16:19:43 2004 : Debug: rlm_eap_tls: <<< TLS 1.0 Alert [length 0002], fatal bad_certificate Mon Oct 18 16:19:43 2004 : Error: TLS Alert read:fatal:bad certificate Mon Oct 18 16:19:43 2004 : Error: TLS_accept:failed in SSLv3 read client certificate A Mon Oct 18 16:19:43 2004 : Error: rlm_eap_tls: SSL_read failed in a system call (-1), TLS session fails. Mon Oct 18 16:19:43 2004 : Debug: In SSL Handshake Phase Mon Oct 18 16:19:43 2004 : Debug: In SSL Accept mode Mon Oct 18 16:19:43 2004 : Error: rlm_eap_tls: BIO_read failed in a system call (-1), TLS session fails. Mon Oct 18 16:19:43 2004 : Debug: eaptls_process returned 13 Mon Oct 18 16:19:43 2004 : Debug: rlm_eap_peap: EAPTLS_HANDLED Mon Oct 18 16:19:43 2004 : Debug: rlm_eap: Freeing handler Mon Oct 18 16:19:43 2004 : Debug: modsingle[authenticate]: returned from eap (rlm_eap) for request 3 Mon Oct 18 16:19:43 2004 : Debug: modcall[authenticate]: module "eap" returns reject for request 3 Mon Oct 18 16:19:43 2004 : Debug: modcall: group authenticate returns reject for request 3 Mon Oct 18 16:19:43 2004 : Debug: auth: Failed to validate the user. Mon Oct 18 16:19:43 2004 : Debug: Delaying request 3 for 1 seconds Mon Oct 18 16:19:43 2004 : Debug: Finished request 3 Mon Oct 18 16:19:43 2004 : Debug: Going to the next request Mon Oct 18 16:19:43 2004 : Debug: Waking up in 6 seconds... rad_recv: Access-Request packet from host 150.50.20.242:21647, id=162, length=156 Sending Access-Reject of id 162 to 150.50.20.242:21647 EAP-Message = 0x04050004 Message-Authenticator = 0x00000000000000000000000000000000 Mon Oct 18 16:19:48 2004 : Debug: --- Walking the entire request list --- Mon Oct 18 16:19:48 2004 : Debug: Waking up in 1 seconds... Mon Oct 18 16:19:49 2004 : Debug: --- Walking the entire request list --- Mon Oct 18 16:19:49 2004 : Debug: Cleaning up request 0 ID 159 with timestamp 4173d0ff Mon Oct 18 16:19:49 2004 : Debug: Cleaning up request 1 ID 160 with timestamp 4173d0ff Mon Oct 18 16:19:49 2004 : Debug: Cleaning up request 2 ID 161 with timestamp 4173d0ff Mon Oct 18 16:19:49 2004 : Debug: Cleaning up request 3 ID 162 with timestamp 4173d0ff Mon Oct 18 16:19:49 2004 : Debug: Nothing to do. Sleeping until we see a request. rad_recv: Access-Request packet from host 150.50.20.242:21647, id=163, length=131 User-Name = "tblom" Framed-MTU = 1400 Called-Station-Id = "0011.2068.9050" Calling-Station-Id = "0040.96a4.0c50" Message-Authenticator = 0x2d98b322f32b1cd879e65e2fbddf2d3e EAP-Message = 0x0201000a0174626c6f6d NAS-Port-Type = Wireless-802.11 NAS-Port = 424 Service-Type = Framed-User NAS-IP-Address = 150.50.20.242 NAS-Identifier = "nl-nwg-ap2" Mon Oct 18 16:19:51 2004 : Debug: Processing the authorize section of radiusd.conf Mon Oct 18 16:19:51 2004 : Debug: modcall: entering group authorize for request 4 Mon Oct 18 16:19:51 2004 : Debug: modsingle[authorize]: calling preprocess (rlm_preprocess) for request 4 Mon Oct 18 16:19:51 2004 : Debug: modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 4 Mon Oct 18 16:19:51 2004 : Debug: modcall[authorize]: module "preprocess" returns ok for request 4 Mon Oct 18 16:19:51 2004 : Debug: modsingle[authorize]: calling chap (rlm_chap) for request 4 Mon Oct 18 16:19:51 2004 : Debug: modsingle[authorize]: returned from chap (rlm_chap) for request 4 Mon Oct 18 16:19:51 2004 : Debug: modcall[authorize]: module "chap" returns noop for request 4 Mon Oct 18 16:19:51 2004 : Debug: modsingle[authorize]: calling mschap (rlm_mschap) for request 4 Mon Oct 18 16:19:51 2004 : Debug: modsingle[authorize]: returned from mschap (rlm_mschap) for request 4 Mon Oct 18 16:19:51 2004 : Debug: modcall[authorize]: module "mschap" returns noop for request 4 Mon Oct 18 16:19:51 2004 : Debug: modsingle[authorize]: calling ntdomain (rlm_realm) for request 4 Mon Oct 18 16:19:51 2004 : Debug: rlm_realm: No '\' in User-Name = "tblom", looking up realm NULL Mon Oct 18 16:19:51 2004 : Debug: rlm_realm: No such realm "NULL" Mon Oct 18 16:19:51 2004 : Debug: modsingle[authorize]: returned from ntdomain (rlm_realm) for request 4 Mon Oct 18 16:19:51 2004 : Debug: modcall[authorize]: module "ntdomain" returns noop for request 4 Mon Oct 18 16:19:51 2004 : Debug: modsingle[authorize]: calling eap (rlm_eap) for request 4 Mon Oct 18 16:19:51 2004 : Debug: rlm_eap: EAP packet type response id 1 length 10 Mon Oct 18 16:19:51 2004 : Debug: rlm_eap: No EAP Start, assuming it's an on-going EAP conversation Mon Oct 18 16:19:51 2004 : Debug: modsingle[authorize]: returned from eap (rlm_eap) for request 4 Mon Oct 18 16:19:51 2004 : Debug: modcall[authorize]: module "eap" returns updated for request 4 Mon Oct 18 16:19:51 2004 : Debug: modsingle[authorize]: calling files (rlm_files) for request 4 Mon Oct 18 16:19:51 2004 : Debug: users: Matched DEFAULT at 152 Mon Oct 18 16:19:51 2004 : Debug: users: Matched DEFAULT at 171 Mon Oct 18 16:19:51 2004 : Debug: modsingle[authorize]: returned from files (rlm_files) for request 4 Mon Oct 18 16:19:51 2004 : Debug: modcall[authorize]: module "files" returns ok for request 4 Mon Oct 18 16:19:51 2004 : Debug: modcall: group authorize returns updated for request 4 Mon Oct 18 16:19:51 2004 : Debug: rad_check_password: Found Auth-Type EAP Mon Oct 18 16:19:51 2004 : Debug: auth: type "EAP" Mon Oct 18 16:19:51 2004 : Debug: Processing the authenticate section of radiusd.conf Mon Oct 18 16:19:51 2004 : Debug: modcall: entering group authenticate for request 4 Mon Oct 18 16:19:51 2004 : Debug: modsingle[authenticate]: calling eap (rlm_eap) for request 4 Mon Oct 18 16:19:51 2004 : Debug: rlm_eap: EAP Identity Mon Oct 18 16:19:51 2004 : Debug: rlm_eap: processing type tls Mon Oct 18 16:19:51 2004 : Debug: rlm_eap_tls: Initiate Mon Oct 18 16:19:51 2004 : Debug: rlm_eap_tls: Start returned 1 Mon Oct 18 16:19:51 2004 : Debug: modsingle[authenticate]: returned from eap (rlm_eap) for request 4 Mon Oct 18 16:19:51 2004 : Debug: modcall[authenticate]: module "eap" returns handled for request 4 Mon Oct 18 16:19:51 2004 : Debug: modcall: group authenticate returns handled for request 4 Sending Access-Challenge of id 163 to 150.50.20.242:21647 Framed-IP-Address = 255.255.255.254 Framed-MTU = 576 Service-Type = Framed-User EAP-Message = 0x010200061920 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x5b419bc43023373f6ec41936f940271c Mon Oct 18 16:19:51 2004 : Debug: Finished request 4 Mon Oct 18 16:19:51 2004 : Debug: Going to the next request Mon Oct 18 16:19:51 2004 : Debug: --- Walking the entire request list --- Mon Oct 18 16:19:51 2004 : Debug: Waking up in 6 seconds... rad_recv: Access-Request packet from host 150.50.20.242:21647, id=164, length=245 User-Name = "tblom" Framed-MTU = 1400 Called-Station-Id = "0011.2068.9050" Calling-Station-Id = "0040.96a4.0c50" Message-Authenticator = 0x7c482d7374abd1b8108ee088c70e09a5 EAP-Message = 0x0202006a198000000060160301005b0100005703014173b834c6df8b51805fa191615e4c0d6b5fc127e03e99ae6e8db95138197c5400003000390038003500160013000a00330032002f0066000500040065006400630062006000150012000900140011000800030100 NAS-Port-Type = Wireless-802.11 NAS-Port = 424 State = 0x5b419bc43023373f6ec41936f940271c Service-Type = Framed-User NAS-IP-Address = 150.50.20.242 NAS-Identifier = "nl-nwg-ap2"