------ Output from CVS version (functional)
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /project/radiusbeta/etc/raddb/proxy.conf
Config: including file: /project/radiusbeta/etc/raddb/clients.conf
Config: including file: /project/radiusbeta/etc/raddb/snmp.conf
Config: including file: /project/radiusbeta/etc/raddb/sql.conf
main: prefix = "/project/radiusbeta"
main: localstatedir = "/project/radiusbeta/var"
main: logdir = "/project/radiusbeta/var/log/radius"
main: libdir = "/project/radiusbeta/lib"
main: radacctdir = "/project/radiusbeta/var/log/radius/radacct"
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = "/project/radiusbeta/var/log/radius/radius.log"
main: log_auth = yes
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile = "/project/radiusbeta/var/run/radiusd/radiusd.pid"
main: user = "(null)"
main: group = "(null)"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: checkrad = "/project/radiusbeta/sbin/checkrad"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = yes
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will go away soon.
read_config_files: reading clients
Using deprecated clients file. Support for this will go away soon.
read_config_files: reading realms
Using deprecated realms file. Support for this will go away soon.
radiusd: entering modules setup
Module: Library search path is /project/radiusbeta/lib
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = "crypt"
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: passwd = "(null)"
mschap: authtype = "MS-CHAP"
Module: Instantiated mschap (mschap)
Module: Loaded System
unix: cache = no
unix: passwd = "(null)"
unix: shadow = "(null)"
unix: group = "(null)"
unix: radwtmp = "/project/radiusbeta/var/log/radius/radwtmp"
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
eap: default_eap_type = "peap"
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
tls: rsa_key_exchange = no
tls: dh_key_exchange = yes
tls: rsa_key_length = 512
tls: dh_key_length = 512
tls: verify_depth = 0
tls: CA_path = "(null)"
tls: pem_file_type = yes
tls: private_key_file = "/project/radiusbeta/etc/raddb/certs/cert-srv.pem"
tls: certificate_file = "/project/radiusbeta/etc/raddb/certs/cert-srv.pem"
tls: CA_file = "/project/radiusbeta/etc/raddb/certs/demoCA/cacert.pem"
tls: private_key_password = "whatever"
tls: dh_file = "/project/radiusbeta/etc/raddb/certs/dh"
tls: random_file = "/project/radiusbeta/etc/raddb/certs/random"
tls: fragment_size = 1024
tls: include_length = yes
tls: check_crl = no
rlm_eap: Loaded and initialized type tls
peap: default_eap_type = "mschapv2"
peap: copy_request_to_tunnel = no
peap: use_tunneled_reply = no
rlm_eap: Loaded and initialized type peap
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
preprocess: huntgroups = "/project/radiusbeta/etc/raddb/huntgroups"
preprocess: hints = "/project/radiusbeta/etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded detail
detail: detailfile =
"/project/radiusbeta/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (auth_log)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
Module: Instantiated realm (suffix)
Module: Loaded files
files: usersfile = "/project/radiusbeta/etc/raddb/users"
files: acctusersfile = "/project/radiusbeta/etc/raddb/acct_users"
files: preproxy_usersfile = "/project/radiusbeta/etc/raddb/preproxy_users"
files: compat = "no"
Module: Instantiated files (files)
Module: Loaded Acct-Unique-Session-Id
acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address,
NAS-Port-Id"
Module: Instantiated acct_unique (acct_unique)
detail: detailfile =
"/project/radiusbeta/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename = "/project/radiusbeta/var/log/radius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: case_sensitive = yes
radutmp: check_with_nas = yes
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
detail: detailfile =
"/project/radiusbeta/var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (reply_log)
Listening on IP address *, ports 1812/udp and 1813/udp, with proxy on 1814/udp.
Ready to process requests.
rad_recv: Access-Request packet from host 129.21.6.215:1812, id=214, length=102
NAS-IP-Address = 129.21.6.215
NAS-Port-Type = Async
User-Name = "aweits"
Service-Type = Framed-User
Framed-MTU = 1500
Calling-Station-Id = "00-08-0d-4c-03-37"
EAP-Message = 0x0200000b01617765697473
Message-Authenticator = 0xaa628f4187f03708bb9b01c4e5a4dc34
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
radius_xlat:
'/project/radiusbeta/var/log/radius/radacct/129.21.6.215/auth-detail-20040816'
rlm_detail:
/project/radiusbeta/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /project/radiusbeta/var/log/radius/radacct/129.21.6.215/auth-detail-20040816
modcall[authorize]: module "auth_log" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
rlm_eap: EAP packet type response id 0 length 11
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 0
rlm_realm: No '@' in User-Name = "aweits", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 0
users: Matched aweits at 83
modcall[authorize]: module "files" returns ok for request 0
modcall: group authorize returns updated for request 0
rad_check_password: Found Auth-Type eap
auth: type "EAP"
modcall: entering group authenticate for request 0
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
modcall[authenticate]: module "eap" returns handled for request 0
modcall: group authenticate returns handled for request 0
Sending Access-Challenge of id 214 to 129.21.6.215:1812
EAP-Message = 0x010100061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x16d14611f38a748149ad9f74865e49f2
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 129.21.6.215:1812, id=215, length=189
NAS-IP-Address = 129.21.6.215
NAS-Port-Type = Async
User-Name = "aweits"
Service-Type = Framed-User
Framed-MTU = 1500
Calling-Station-Id = "00-08-0d-4c-03-37"
State = 0x16d14611f38a748149ad9f74865e49f2
EAP-Message =
0x0201005019800000004616030100410100003d03014120f9f3a64da187ff4fa67999af515ca40bcb7b5e0daee30da091cb37716b6100001600040005000a000900640062000300060013001200630100
Message-Authenticator = 0xfdb085f53aa5ed9312c92f38b7c03012
modcall: entering group authorize for request 1
modcall[authorize]: module "preprocess" returns ok for request 1
radius_xlat:
'/project/radiusbeta/var/log/radius/radacct/129.21.6.215/auth-detail-20040816'
rlm_detail:
/project/radiusbeta/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /project/radiusbeta/var/log/radius/radacct/129.21.6.215/auth-detail-20040816
modcall[authorize]: module "auth_log" returns ok for request 1
modcall[authorize]: module "chap" returns noop for request 1
rlm_eap: EAP packet type response id 1 length 80
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 1
rlm_realm: No '@' in User-Name = "aweits", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 1
users: Matched aweits at 83
modcall[authorize]: module "files" returns ok for request 1
modcall: group authorize returns updated for request 1
rad_check_password: Found Auth-Type eap
auth: type "EAP"
modcall: entering group authenticate for request 1
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
undefined: before/accept initialization
TLS_accept: before/accept initialization
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0041], ClientHello
TLS_accept: SSLv3 read client hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
TLS_accept: SSLv3 write server hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 069a], Certificate
TLS_accept: SSLv3 write certificate A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
TLS_accept: SSLv3 write server done A
TLS_accept: SSLv3 flush data
TLS_accept:error in SSLv3 read client certificate A
In SSL Handshake Phase
In SSL Accept mode
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 1
modcall: group authenticate returns handled for request 1
Sending Access-Challenge of id 215 to 129.21.6.215:1812
EAP-Message =
0x0102040a19c0000006f7160301004a0200004603014120f9f3cfc339132b90490f10d64bd4dd1e3d6940dce172acade71fbfbfcd0a200b8c8eec58f94d84a9425661ea808c4f27134185393d4cfae44abb5f0cab3ff5000400160301069a0b0006960006930002cf308202cb30820234a003020102020102300d06092a864886f70d01010405003081a0310b30090603550406130243413111300f0603550408130850726f76696e63653112301006035504071309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f6e31133011060355040b130a6469736369706c696e65311b301906035504031312436c69656e742063
EAP-Message =
0x657274696669636174653121301f06092a864886f70d0109011612636c69656e74406578616d706c652e636f6d301e170d3034303831363134303632325a170d3035303831363134303632325a30819c310b30090603550406130243413111300f0603550408130850726f76696e63653112301006035504071309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f6e31133011060355040b130a6469736369706c696e653119301706035504031310526f6f74206365727469666963617465311f301d06092a864886f70d0109011610726f6f74406578616d706c652e636f6d30819f300d06092a864886f70d01010105
EAP-Message =
0x0003818d00308189028181009f68bc11ac17b1c6ea90096566c81ed4e8d388960cdedd53d9dcea5fed862e054ba3849b47324a11cb182dc249bf7958e5c4d93c6a3c870a7abb9fb53e914372e843351b24e2f5e9399297be92de6799971114db2e1c97acbdd47bb528364acfa90719585917456626cf9a771fed4769e20efd3ae1f616d7ee255cafd0b295050203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d0101040500038181003b5b3eddb93c5e37c98756cb8c0e0afbfd335e0a000aeda6b109e3af5b9fb50f8bc784ef99e5fa7e6ed3e7d402be98d73088bde3ca8dc3b9722d8f2a8d664bd2
EAP-Message =
0xdb225921361a811e1b8db8bb21b672b306d46fce242baa1e0dce1c54d06795c183dc8aa8c88bdfd4ef8980968ecfdb6d0e474e8e44d3a534f2020378459301170003be308203ba30820323a003020102020100300d06092a864886f70d01010405003081a0310b30090603550406130243413111300f0603550408130850726f76696e63653112301006035504071309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f6e31133011060355040b130a6469736369706c696e65311b301906035504031312436c69656e742063657274696669636174653121301f06092a864886f70d0109011612636c69656e7440657861
EAP-Message = 0x6d706c652e636f6d301e170d30343038313631343036
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xfddaaba12ec607e56fc82351e7992d78
Finished request 1
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 129.21.6.215:1812, id=216, length=115
NAS-IP-Address = 129.21.6.215
NAS-Port-Type = Async
User-Name = "aweits"
Service-Type = Framed-User
Framed-MTU = 1500
Calling-Station-Id = "00-08-0d-4c-03-37"
State = 0xfddaaba12ec607e56fc82351e7992d78
EAP-Message = 0x020200061900
Message-Authenticator = 0xe65c9a65e0080fce1b8de3fbe8043b61
modcall: entering group authorize for request 2
modcall[authorize]: module "preprocess" returns ok for request 2
radius_xlat:
'/project/radiusbeta/var/log/radius/radacct/129.21.6.215/auth-detail-20040816'
rlm_detail:
/project/radiusbeta/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /project/radiusbeta/var/log/radius/radacct/129.21.6.215/auth-detail-20040816
modcall[authorize]: module "auth_log" returns ok for request 2
modcall[authorize]: module "chap" returns noop for request 2
rlm_eap: EAP packet type response id 2 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 2
rlm_realm: No '@' in User-Name = "aweits", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 2
users: Matched aweits at 83
modcall[authorize]: module "files" returns ok for request 2
modcall: group authorize returns updated for request 2
rad_check_password: Found Auth-Type eap
auth: type "EAP"
modcall: entering group authenticate for request 2
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 2
modcall: group authenticate returns handled for request 2
Sending Access-Challenge of id 216 to 129.21.6.215:1812
EAP-Message =
0x010302fd190031395a170d3036303831363134303631395a3081a0310b30090603550406130243413111300f0603550408130850726f76696e63653112301006035504071309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f6e31133011060355040b130a6469736369706c696e65311b301906035504031312436c69656e742063657274696669636174653121301f06092a864886f70d0109011612636c69656e74406578616d706c652e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100d1df5daa7b1041b7223308fda308eb781b8bdf7fb6bb2fdcab2302802982dc5c393d9549de
EAP-Message =
0x2b1bdee581b42b512a13251565f5aa782bd900bf67c11da874f2abdf5852024e5bb79484823287b0d861ea836da57a3c1fa0daf6fc5802c7f22012be2b416e6575318b1ad678025cfa1503564bdbeac1de773f9e8795358ebfb8a50203010001a38201003081fd301d0603551d0e04160414db1c9581e82842ebf2c2cc0b2cf153aee62fca923081cd0603551d230481c53081c28014db1c9581e82842ebf2c2cc0b2cf153aee62fca92a181a6a481a33081a0310b30090603550406130243413111300f0603550408130850726f76696e63653112301006035504071309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f
EAP-Message =
0x6e31133011060355040b130a6469736369706c696e65311b301906035504031312436c69656e742063657274696669636174653121301f06092a864886f70d0109011612636c69656e74406578616d706c652e636f6d820100300c0603551d13040530030101ff300d06092a864886f70d010104050003818100ce54500bfe4e7d203c61d52f013c54888dc852a0e14ed323f81fc31ee482946dc859945fe7a96c43899e33afce8c29d1d66fa56f7e8d9b8c1404c1720010ab083bf95ec8c0de86f4028f2873fc84899ed799b66ba1160b19e37fb87ee027eb7daebad4fcd73af6c0ea62019c773558c63b3b7b446c3b5d5c3f56298c57e87cb3160301
EAP-Message = 0x00040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x48544e3a94b53340e3cc0be69e7995ff
Finished request 2
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 129.21.6.215:1812, id=217, length=301
NAS-IP-Address = 129.21.6.215
NAS-Port-Type = Async
User-Name = "aweits"
Service-Type = Framed-User
Framed-MTU = 1500
Calling-Station-Id = "00-08-0d-4c-03-37"
State = 0x48544e3a94b53340e3cc0be69e7995ff
EAP-Message =
0x020300c01980000000b6160301008610000082008018dbf6c339ae345583972b266144c3b44c263a332638c4a9a33d13755ae0b83a67108fe28a54f9172184c37c625a5003858a3b173d67fc5e1fe5a4837eaf3c9e1d5bfe6fffd27ad9b819d1c797da53d38e99ab4fad5323b004fe1f1d1561cea1771c420cfaca246d6ed972939e1797682e43dc253bb14687a514aa17b814b3831403010001011603010020118ac071ba8c631c6e06f4ae04490205ab6e8854b5e9285f7b73b319b1b40d56
Message-Authenticator = 0xb08161a8c0dd322cf0c2068f6e93369f
modcall: entering group authorize for request 3
modcall[authorize]: module "preprocess" returns ok for request 3
radius_xlat:
'/project/radiusbeta/var/log/radius/radacct/129.21.6.215/auth-detail-20040816'
rlm_detail:
/project/radiusbeta/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /project/radiusbeta/var/log/radius/radacct/129.21.6.215/auth-detail-20040816
modcall[authorize]: module "auth_log" returns ok for request 3
modcall[authorize]: module "chap" returns noop for request 3
rlm_eap: EAP packet type response id 3 length 192
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 3
rlm_realm: No '@' in User-Name = "aweits", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 3
users: Matched aweits at 83
modcall[authorize]: module "files" returns ok for request 3
modcall: group authorize returns updated for request 3
rad_check_password: Found Auth-Type eap
auth: type "EAP"
modcall: entering group authenticate for request 3
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
TLS_accept: SSLv3 read client key exchange A
rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001]
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 read finished A
rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001]
TLS_accept: SSLv3 write change cipher spec A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 write finished A
TLS_accept: SSLv3 flush data
undefined: SSL negotiation finished successfully
SSL Connection Established
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 3
modcall: group authenticate returns handled for request 3
Sending Access-Challenge of id 217 to 129.21.6.215:1812
EAP-Message =
0x0104003119001403010001011603010020afc63fc44bd21772b9444fec3c053837d5603d0aaf151f3e8be8d466e19e21d6
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xb5fa46821569451123663db4215835f5
Finished request 3
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 129.21.6.215:1812, id=218, length=115
NAS-IP-Address = 129.21.6.215
NAS-Port-Type = Async
User-Name = "aweits"
Service-Type = Framed-User
Framed-MTU = 1500
Calling-Station-Id = "00-08-0d-4c-03-37"
State = 0xb5fa46821569451123663db4215835f5
EAP-Message = 0x020400061900
Message-Authenticator = 0xe90138d7ff13fd1eac01ca7a20ae9fe5
modcall: entering group authorize for request 4
modcall[authorize]: module "preprocess" returns ok for request 4
radius_xlat:
'/project/radiusbeta/var/log/radius/radacct/129.21.6.215/auth-detail-20040816'
rlm_detail:
/project/radiusbeta/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /project/radiusbeta/var/log/radius/radacct/129.21.6.215/auth-detail-20040816
modcall[authorize]: module "auth_log" returns ok for request 4
modcall[authorize]: module "chap" returns noop for request 4
rlm_eap: EAP packet type response id 4 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 4
rlm_realm: No '@' in User-Name = "aweits", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 4
users: Matched aweits at 83
modcall[authorize]: module "files" returns ok for request 4
modcall: group authorize returns updated for request 4
rad_check_password: Found Auth-Type eap
auth: type "EAP"
modcall: entering group authenticate for request 4
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake is finished
eaptls_verify returned 3
eaptls_process returned 3
rlm_eap_peap: EAPTLS_SUCCESS
modcall[authenticate]: module "eap" returns handled for request 4
modcall: group authenticate returns handled for request 4
Sending Access-Challenge of id 218 to 129.21.6.215:1812
EAP-Message =
0x0105002019001703010015a6737771d27bb31a55e516baf156946f55456aafad
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x1ac0174ac3adfc3798ec11c331c52660
Finished request 4
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 129.21.6.215:1812, id=219, length=143
NAS-IP-Address = 129.21.6.215
NAS-Port-Type = Async
User-Name = "aweits"
Service-Type = Framed-User
Framed-MTU = 1500
Calling-Station-Id = "00-08-0d-4c-03-37"
State = 0x1ac0174ac3adfc3798ec11c331c52660
EAP-Message =
0x02050022190017030100171a81d3ab1ab13043845ae42f2af5b32da785b3c874b2b4
Message-Authenticator = 0x16d813068232cfa86c94d6fe612fd6dc
modcall: entering group authorize for request 5
modcall[authorize]: module "preprocess" returns ok for request 5
radius_xlat:
'/project/radiusbeta/var/log/radius/radacct/129.21.6.215/auth-detail-20040816'
rlm_detail:
/project/radiusbeta/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /project/radiusbeta/var/log/radius/radacct/129.21.6.215/auth-detail-20040816
modcall[authorize]: module "auth_log" returns ok for request 5
modcall[authorize]: module "chap" returns noop for request 5
rlm_eap: EAP packet type response id 5 length 34
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 5
rlm_realm: No '@' in User-Name = "aweits", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 5
users: Matched aweits at 83
modcall[authorize]: module "files" returns ok for request 5
modcall: group authorize returns updated for request 5
rad_check_password: Found Auth-Type eap
auth: type "EAP"
modcall: entering group authenticate for request 5
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Proceeding to decode tunneled attributes.
rlm_eap_peap: Identity - aweits
rlm_eap_peap: Tunneled data is valid.
PEAP: Got tunneled EAP-Message
EAP-Message = 0x0205000b01617765697473
PEAP: Got tunneled identity of aweits
PEAP: Setting default EAP type for tunneled EAP session.
PEAP: Sending tunneled request
EAP-Message = 0x0205000b01617765697473
Freeradius-Proxied-To = 127.0.0.1
User-Name = "aweits"
modcall: entering group authorize for request 5
modcall[authorize]: module "preprocess" returns ok for request 5
radius_xlat:
'/project/radiusbeta/var/log/radius/radacct/127.0.0.1/auth-detail-20040816'
rlm_detail:
/project/radiusbeta/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /project/radiusbeta/var/log/radius/radacct/127.0.0.1/auth-detail-20040816
modcall[authorize]: module "auth_log" returns ok for request 5
modcall[authorize]: module "chap" returns noop for request 5
rlm_eap: EAP packet type response id 5 length 11
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 5
rlm_realm: No '@' in User-Name = "aweits", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 5
users: Matched aweits at 83
modcall[authorize]: module "files" returns ok for request 5
modcall: group authorize returns updated for request 5
rad_check_password: Found Auth-Type eap
auth: type "EAP"
modcall: entering group authenticate for request 5
rlm_eap: EAP Identity
rlm_eap: processing type mschapv2
rlm_eap_mschapv2: Issuing Challenge
modcall[authenticate]: module "eap" returns handled for request 5
modcall: group authenticate returns handled for request 5
PEAP: Got tunneled reply RADIUS code 11
EAP-Message =
0x010600201a0106001b104a857baa5f289cd9d46836d29c93185b617765697473
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xa817493541136b9ddf56a8725f049726
PEAP: Got tunneled Access-Challenge
modcall[authenticate]: module "eap" returns handled for request 5
modcall: group authenticate returns handled for request 5
Sending Access-Challenge of id 219 to 129.21.6.215:1812
EAP-Message =
0x010600371900170301002c1cbd865804616edb3e6c952c056f5f3cb1a7963364a1738dcc66e5d6ce33be3236e4adbe38f855da8650d829
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x6b3697f5496e95e4a65d3463fe758668
Finished request 5
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 129.21.6.215:1812, id=220, length=197
NAS-IP-Address = 129.21.6.215
NAS-Port-Type = Async
User-Name = "aweits"
Service-Type = Framed-User
Framed-MTU = 1500
Calling-Station-Id = "00-08-0d-4c-03-37"
State = 0x6b3697f5496e95e4a65d3463fe758668
EAP-Message =
0x020600581900170301004de21a9d842ea54c7d28f0c73ad7a1e5abc91ba6b820054d3089ed43151807c0f3d203454f492ba21685ef3bf6adfd2cd0b1621612161f99225df2677fedb35f69808d29e5b1fb22c57a377f3d9a
Message-Authenticator = 0xafd512664fab782c84fc008ca37ad44b
modcall: entering group authorize for request 6
modcall[authorize]: module "preprocess" returns ok for request 6
radius_xlat:
'/project/radiusbeta/var/log/radius/radacct/129.21.6.215/auth-detail-20040816'
rlm_detail:
/project/radiusbeta/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /project/radiusbeta/var/log/radius/radacct/129.21.6.215/auth-detail-20040816
modcall[authorize]: module "auth_log" returns ok for request 6
modcall[authorize]: module "chap" returns noop for request 6
rlm_eap: EAP packet type response id 6 length 88
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 6
rlm_realm: No '@' in User-Name = "aweits", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 6
users: Matched aweits at 83
modcall[authorize]: module "files" returns ok for request 6
modcall: group authorize returns updated for request 6
rad_check_password: Found Auth-Type eap
auth: type "EAP"
modcall: entering group authenticate for request 6
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Proceeding to decode tunneled attributes.
rlm_eap_peap: EAP type 26
rlm_eap_peap: Tunneled data is valid.
PEAP: Got tunneled EAP-Message
EAP-Message =
0x020600411a0206003c319e338e53b4095b38beb5618714ddd1140000000000000000f10301583eeb8b7f0d7c2cabf25f2e5da10cc71a06d15f2100617765697473
PEAP: Adding old state with a8 17
PEAP: Sending tunneled request
EAP-Message =
0x020600411a0206003c319e338e53b4095b38beb5618714ddd1140000000000000000f10301583eeb8b7f0d7c2cabf25f2e5da10cc71a06d15f2100617765697473
Freeradius-Proxied-To = 127.0.0.1
User-Name = "aweits"
State = 0xa817493541136b9ddf56a8725f049726
modcall: entering group authorize for request 6
modcall[authorize]: module "preprocess" returns ok for request 6
radius_xlat:
'/project/radiusbeta/var/log/radius/radacct/127.0.0.1/auth-detail-20040816'
rlm_detail:
/project/radiusbeta/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /project/radiusbeta/var/log/radius/radacct/127.0.0.1/auth-detail-20040816
modcall[authorize]: module "auth_log" returns ok for request 6
modcall[authorize]: module "chap" returns noop for request 6
rlm_eap: EAP packet type response id 6 length 65
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 6
rlm_realm: No '@' in User-Name = "aweits", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 6
users: Matched aweits at 83
modcall[authorize]: module "files" returns ok for request 6
modcall: group authorize returns updated for request 6
rad_check_password: Found Auth-Type eap
auth: type "EAP"
modcall: entering group authenticate for request 6
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - mschapv2
rlm_eap: processing type mschapv2
modcall: entering group Auth-Type for request 6
rlm_mschap: doing MS-CHAPv2 with NT-Password
rlm_mschap: adding MS-CHAPv2 MPPE keys
modcall[authenticate]: module "mschap" returns ok for request 6
modcall: group Auth-Type returns ok for request 6
MSCHAP Success
modcall[authenticate]: module "eap" returns handled for request 6
modcall: group authenticate returns handled for request 6
PEAP: Got tunneled reply RADIUS code 11
MS-CHAP2-Success =
0x00533d35423738303041383538414535304632443635463530463833353143433837434331444142393334
MS-MPPE-Recv-Key = 0x16ae0145ef3cc761b04cb79e740a8f98
MS-MPPE-Send-Key = 0xb14895f3ec3dbb27d7d4007bdf9c5bf4
MS-MPPE-Encryption-Policy = 0x00000001
MS-MPPE-Encryption-Types = 0x00000006
EAP-Message =
0x010700331a0306002e533d35423738303041383538414535304632443635463530463833353143433837434331444142393334
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x34d82a6a8db2419ae09e2557fa4e23b1
PEAP: Got tunneled Access-Challenge
modcall[authenticate]: module "eap" returns handled for request 6
modcall: group authenticate returns handled for request 6
Sending Access-Challenge of id 220 to 129.21.6.215:1812
EAP-Message =
0x0107004a1900170301003f1e7493226e15332e414f7f43b61c67f9a8b450dcf8186247847aca56bc456bfcaaf9f2f5d9cd21a146cac48dee6bf46e3f0c6d4d59eabfb02cd0b283843219
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x071dd022a2be0dbe39e87b71aa607220
Finished request 6
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 129.21.6.215:1812, id=221, length=138
NAS-IP-Address = 129.21.6.215
NAS-Port-Type = Async
User-Name = "aweits"
Service-Type = Framed-User
Framed-MTU = 1500
Calling-Station-Id = "00-08-0d-4c-03-37"
State = 0x071dd022a2be0dbe39e87b71aa607220
EAP-Message = 0x0207001d19001703010012ec5cd178e14693eab6c7177dcb10476fa43d
Message-Authenticator = 0x7dabd58fc1b618aca07dc4479578cd62
modcall: entering group authorize for request 7
modcall[authorize]: module "preprocess" returns ok for request 7
radius_xlat:
'/project/radiusbeta/var/log/radius/radacct/129.21.6.215/auth-detail-20040816'
rlm_detail:
/project/radiusbeta/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /project/radiusbeta/var/log/radius/radacct/129.21.6.215/auth-detail-20040816
modcall[authorize]: module "auth_log" returns ok for request 7
modcall[authorize]: module "chap" returns noop for request 7
rlm_eap: EAP packet type response id 7 length 29
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 7
rlm_realm: No '@' in User-Name = "aweits", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 7
users: Matched aweits at 83
modcall[authorize]: module "files" returns ok for request 7
modcall: group authorize returns updated for request 7
rad_check_password: Found Auth-Type eap
auth: type "EAP"
modcall: entering group authenticate for request 7
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Proceeding to decode tunneled attributes.
rlm_eap_peap: EAP type 26
rlm_eap_peap: Tunneled data is valid.
PEAP: Got tunneled EAP-Message
EAP-Message = 0x020700061a03
PEAP: Adding old state with 34 d8
PEAP: Sending tunneled request
EAP-Message = 0x020700061a03
Freeradius-Proxied-To = 127.0.0.1
User-Name = "aweits"
State = 0x34d82a6a8db2419ae09e2557fa4e23b1
modcall: entering group authorize for request 7
modcall[authorize]: module "preprocess" returns ok for request 7
radius_xlat:
'/project/radiusbeta/var/log/radius/radacct/127.0.0.1/auth-detail-20040816'
rlm_detail:
/project/radiusbeta/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /project/radiusbeta/var/log/radius/radacct/127.0.0.1/auth-detail-20040816
modcall[authorize]: module "auth_log" returns ok for request 7
modcall[authorize]: module "chap" returns noop for request 7
rlm_eap: EAP packet type response id 7 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 7
rlm_realm: No '@' in User-Name = "aweits", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 7
users: Matched aweits at 83
modcall[authorize]: module "files" returns ok for request 7
modcall: group authorize returns updated for request 7
rad_check_password: Found Auth-Type eap
auth: type "EAP"
modcall: entering group authenticate for request 7
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - mschapv2
rlm_eap: processing type mschapv2
rlm_eap: Freeing handler
modcall[authenticate]: module "eap" returns ok for request 7
modcall: group authenticate returns ok for request 7
Login OK: [aweits] (from client localhost port 0)
modcall: entering group post-auth for request 7
radius_xlat:
'/project/radiusbeta/var/log/radius/radacct/127.0.0.1/reply-detail-20040816'
rlm_detail:
/project/radiusbeta/var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d
expands to /project/radiusbeta/var/log/radius/radacct/127.0.0.1/reply-detail-20040816
modcall[post-auth]: module "reply_log" returns ok for request 7
modcall: group post-auth returns ok for request 7
PEAP: Got tunneled reply RADIUS code 2
EAP-Message = 0x03070004
Message-Authenticator = 0x00000000000000000000000000000000
User-Name = "aweits"
PEAP: Tunneled authentication was successful.
rlm_eap_peap: SUCCESS
modcall[authenticate]: module "eap" returns handled for request 7
modcall: group authenticate returns handled for request 7
Sending Access-Challenge of id 221 to 129.21.6.215:1812
EAP-Message =
0x010800261900170301001bdab3dcfbec96c998f674ee432002e6b07c0c7f980f332c038df68f
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x3156abc6533d2ef50733056b67da13de
Finished request 7
Going to the next request
--- Walking the entire request list ---
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 129.21.6.215:1812, id=222, length=147
NAS-IP-Address = 129.21.6.215
NAS-Port-Type = Async
User-Name = "aweits"
Service-Type = Framed-User
Framed-MTU = 1500
Calling-Station-Id = "00-08-0d-4c-03-37"
State = 0x3156abc6533d2ef50733056b67da13de
EAP-Message =
0x020800261900170301001bc298cce104f2e5fcc055087d7a49f055e173a98db67782a1c04d19
Message-Authenticator = 0x803f1d73d5b7b733618b0e77cf3ed1eb
modcall: entering group authorize for request 8
modcall[authorize]: module "preprocess" returns ok for request 8
radius_xlat:
'/project/radiusbeta/var/log/radius/radacct/129.21.6.215/auth-detail-20040816'
rlm_detail:
/project/radiusbeta/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /project/radiusbeta/var/log/radius/radacct/129.21.6.215/auth-detail-20040816
modcall[authorize]: module "auth_log" returns ok for request 8
modcall[authorize]: module "chap" returns noop for request 8
rlm_eap: EAP packet type response id 8 length 38
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 8
rlm_realm: No '@' in User-Name = "aweits", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 8
users: Matched aweits at 83
modcall[authorize]: module "files" returns ok for request 8
modcall: group authorize returns updated for request 8
rad_check_password: Found Auth-Type eap
auth: type "EAP"
modcall: entering group authenticate for request 8
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Proceeding to decode tunneled attributes.
rlm_eap_peap: Received EAP-TLV response.
rlm_eap_peap: Tunneled data is valid.
rlm_eap_peap: Success
rlm_eap: Freeing handler
modcall[authenticate]: module "eap" returns ok for request 8
modcall: group authenticate returns ok for request 8
Login OK: [aweits] (from client aweits-test port 0 cli 00-08-0d-4c-03-37)
modcall: entering group post-auth for request 8
radius_xlat:
'/project/radiusbeta/var/log/radius/radacct/129.21.6.215/reply-detail-20040816'
rlm_detail:
/project/radiusbeta/var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d
expands to
/project/radiusbeta/var/log/radius/radacct/129.21.6.215/reply-detail-20040816
modcall[post-auth]: module "reply_log" returns ok for request 8
modcall: group post-auth returns ok for request 8
Sending Access-Accept of id 222 to 129.21.6.215:1812
MS-MPPE-Recv-Key =
0x711d6b20a2e17b61b07440cf1786f09f1e5463cef4476a85f9dce6216b524acb
MS-MPPE-Send-Key =
0x9975ecb6f5f4a421c0038d62298025461dbf3967b7d93f86967b089564ef7491
EAP-Message = 0x03080004
Message-Authenticator = 0x00000000000000000000000000000000
User-Name = "aweits"
Finished request 8
Going to the next request
Waking up in 5 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 214 with timestamp 4120f9f3
Cleaning up request 1 ID 215 with timestamp 4120f9f3
Cleaning up request 2 ID 216 with timestamp 4120f9f3
Cleaning up request 3 ID 217 with timestamp 4120f9f3
Cleaning up request 4 ID 218 with timestamp 4120f9f3
Cleaning up request 5 ID 219 with timestamp 4120f9f3
Cleaning up request 6 ID 220 with timestamp 4120f9f3
Cleaning up request 7 ID 221 with timestamp 4120f9f3
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 8 ID 222 with timestamp 4120f9f4
Nothing to do. Sleeping until we see a request.
--
Andrew W. Elble
[EMAIL PROTECTED]
Senior Network Engineer
Rochester Institute of Technology
PGP: BFAD 8461 4CCF DC95 DA2C B0EB 965B 082E 863E C912
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
