-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I have freeradius configured to do PEAP and EAP-TTLS, searching the user data
in LDAP. All is working well, except one device, a wireless network printer
that refuses to authenticate. The freeradius debug output is attached.
Does anyone have any idea? I'm stumped by the 'Got something weird' message...
- --
Hugo Chasqueira
Public Key:
http://www.fcee.ucp.pt/docentes/url/hbc/pubkey.txt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFBnO09jFeRi4vRS4IRAtaDAJ4kfGMZrCDOWNTXuHkGUpLnZQNBlACfbFB2
r+nciB8Am4fdzvfAtzZ9uIs=
=ZRlH
-----END PGP SIGNATURE-----
rad_recv: Access-Request packet from host 172.17.0.2:21656, id=202, length=131
User-Name = "impressoras"
Framed-MTU = 1400
Called-Station-Id = "000e.83df.54e0"
Calling-Station-Id = "000e.7f3a.bf7b"
Message-Authenticator = 0x22593e6002c7c256b8041ed4ff07b523
EAP-Message = 0x0202001001696d70726573736f726173
NAS-Port-Type = Wireless-802.11
NAS-Port = 370
Service-Type = Framed-User
NAS-IP-Address = 172.17.0.2
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 150
modcall[authorize]: module "preprocess" returns ok for request 150
modcall[authorize]: module "chap" returns noop for request 150
modcall[authorize]: module "mschap" returns noop for request 150
rlm_realm: No '@' in User-Name = "impressoras", looking up realm NULL
rlm_realm: Found realm "NULL"
rlm_realm: Adding Stripped-User-Name = "impressoras"
rlm_realm: Proxying request from user impressoras to realm NULL
rlm_realm: Adding Realm = "NULL"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 150
rlm_realm: Request already proxied. Ignoring.
modcall[authorize]: module "ntdomain" returns noop for request 150
rlm_eap: EAP packet type response id 2 length 16
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 150
rlm_ldap: - authorize
rlm_ldap: performing user authorization for impressoras
radius_xlat: '(uid=impressoras)'
radius_xlat: 'dc=ucp,dc=pt'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=ucp,dc=pt, with filter (uid=impressoras)
rlm_ldap: looking for check items in directory...
rlm_ldap: Adding acctFlags as SMB-Account-CTRL-TEXT, value [UX & op=21
rlm_ldap: Adding ntPassword as NT-Password, value
BB4C23CC9852DA1DDF3A750EE4A1B2D6 & op=21
rlm_ldap: Adding lmPassword as LM-Password, value
210AB2216E60A5FC985E1393CED001C9 & op=21
rlm_ldap: looking for reply items in directory...
rlm_ldap: user impressoras authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 150
modcall: group authorize returns updated for request 150
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 150
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
modcall[authenticate]: module "eap" returns handled for request 150
modcall: group authenticate returns handled for request 150
Sending Access-Challenge of id 202 to 172.17.0.2:21656
EAP-Message = 0x010300061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xd7f17d64474b7ef6783758e8fa710f28
Finished request 150
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 172.17.0.2:21656, id=203, length=199
User-Name = "impressoras"
Framed-MTU = 1400
Called-Station-Id = "000e.83df.54e0"
Calling-Station-Id = "000e.7f3a.bf7b"
Message-Authenticator = 0x0b4dc6f72fc4fe910e1c8ce3323d7713
EAP-Message =
0x0203004219800000003816030100330100002f030100000567fbaa172dd22a046dd101f70daeefd92afcd35a35f58cbecc6cda8795000008000a0005000400090100
NAS-Port-Type = Wireless-802.11
NAS-Port = 370
State = 0xd7f17d64474b7ef6783758e8fa710f28
Service-Type = Framed-User
NAS-IP-Address = 172.17.0.2
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 151
modcall[authorize]: module "preprocess" returns ok for request 151
modcall[authorize]: module "chap" returns noop for request 151
modcall[authorize]: module "mschap" returns noop for request 151
rlm_realm: No '@' in User-Name = "impressoras", looking up realm NULL
rlm_realm: Found realm "NULL"
rlm_realm: Adding Stripped-User-Name = "impressoras"
rlm_realm: Proxying request from user impressoras to realm NULL
rlm_realm: Adding Realm = "NULL"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 151
rlm_realm: Request already proxied. Ignoring.
modcall[authorize]: module "ntdomain" returns noop for request 151
rlm_eap: EAP packet type response id 3 length 66
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 151
rlm_ldap: - authorize
rlm_ldap: performing user authorization for impressoras
radius_xlat: '(uid=impressoras)'
radius_xlat: 'dc=ucp,dc=pt'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=ucp,dc=pt, with filter (uid=impressoras)
rlm_ldap: looking for check items in directory...
rlm_ldap: Adding acctFlags as SMB-Account-CTRL-TEXT, value [UX & op=21
rlm_ldap: Adding ntPassword as NT-Password, value
BB4C23CC9852DA1DDF3A750EE4A1B2D6 & op=21
rlm_ldap: Adding lmPassword as LM-Password, value
210AB2216E60A5FC985E1393CED001C9 & op=21
rlm_ldap: looking for reply items in directory...
rlm_ldap: user impressoras authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 151
modcall: group authorize returns updated for request 151
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 151
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
(other): before/accept initialization
TLS_accept: before/accept initialization
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0033], ClientHello
TLS_accept: SSLv3 read client hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
TLS_accept: SSLv3 write server hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0543], Certificate
TLS_accept: SSLv3 write certificate A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
TLS_accept: SSLv3 write server done A
TLS_accept: SSLv3 flush data
TLS_accept:error in SSLv3 read client certificate A
In SSL Handshake Phase
In SSL Accept mode
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 151
modcall: group authenticate returns handled for request 151
Sending Access-Challenge of id 203 to 172.17.0.2:21656
EAP-Message =
0x0104040a19c0000005a0160301004a020000460301419cd81ad57a41af38ebbfe121927969148a2d05fcc3abefa7029c6cad7e049d20b7cba67f422ea1b479e3024359c1ed056d0ea7d43a830f3e663fd87476912679000a0016030105430b00053f00053c0002ac308202a830820211a00302010202010f300d06092a864886f70d0101040500308188310b30090603550406130250543111300f06035504081308506f72747567616c310f300d060355040713064c6973626f613111300f060355040a1308464345452d554350310e300c060355040b13055349474d413110300e060355040313075369676d6143413120301e06092a864886f70d01
EAP-Message =
0x090116117369676d6140666365652e7563702e7074301e170d3034313032363137303433345a170d3035313032363137303433345a308191310b30090603550406130250543111300f06035504081308506f72747567616c310f300d060355040713064c6973626f613111300f060355040a1308464345452d554350310e300c060355040b13055349474d4131193017060355040313107261696f2e666365652e7563702e70743120301e06092a864886f70d01090116117369676d6140666365652e7563702e707430819f300d06092a864886f70d010101050003818d0030818902818100b403744b4e540cdfdcf221ba9ae361865feea6d58e2f12
EAP-Message =
0x485daed096d8e176e36bc2b74481c951560436994e9e92b3b73b50f37dfc39d3384bc9629cac5dd46070ee3772096f5c867dc1d77f39678bed550433b4ad8255f0a76344c5e41f37bb3c5618b0fc84bcf4cbd1ba40e1c6a1402efb9d627000ba13e031f47675a150bb0203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d010104050003818100908279972db5e1ce8858487918f2c037107c8ef99ae0a8c5c4be11f9118b3e9185f52170e9c3911f321e61ab8903d43c6d5446640a2cd3093a1b00656b879af0422be98c89daa87364f58e283e690b14f4ca8dabd3390642f40e3020609647462ce7f6
EAP-Message =
0x3f3bf7bdea5a050cf70aa0bc01664e93c45af20a8ed78da4eddbff092800028a30820286308201efa003020102020100300d06092a864886f70d0101040500308188310b30090603550406130250543111300f06035504081308506f72747567616c310f300d060355040713064c6973626f613111300f060355040a1308464345452d554350310e300c060355040b13055349474d413110300e060355040313075369676d6143413120301e06092a864886f70d01090116117369676d6140666365652e7563702e7074301e170d3034303530373131333834345a170d3035303530373131333834345a308188310b3009060355040613025054311130
EAP-Message = 0x0f06035504081308506f72747567616c310f300d0603
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x00174d5fbb41c9689156012d98d46158
Finished request 151
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 172.17.0.2:21656, id=204, length=139
User-Name = "impressoras"
Framed-MTU = 1400
Called-Station-Id = "000e.83df.54e0"
Calling-Station-Id = "000e.7f3a.bf7b"
Message-Authenticator = 0xb32ce391af67396e866da332f006b18d
EAP-Message = 0x020400061900
NAS-Port-Type = Wireless-802.11
NAS-Port = 370
State = 0x00174d5fbb41c9689156012d98d46158
Service-Type = Framed-User
NAS-IP-Address = 172.17.0.2
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 152
modcall[authorize]: module "preprocess" returns ok for request 152
modcall[authorize]: module "chap" returns noop for request 152
modcall[authorize]: module "mschap" returns noop for request 152
rlm_realm: No '@' in User-Name = "impressoras", looking up realm NULL
rlm_realm: Found realm "NULL"
rlm_realm: Adding Stripped-User-Name = "impressoras"
rlm_realm: Proxying request from user impressoras to realm NULL
rlm_realm: Adding Realm = "NULL"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 152
rlm_realm: Request already proxied. Ignoring.
modcall[authorize]: module "ntdomain" returns noop for request 152
rlm_eap: EAP packet type response id 4 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 152
rlm_ldap: - authorize
rlm_ldap: performing user authorization for impressoras
radius_xlat: '(uid=impressoras)'
radius_xlat: 'dc=ucp,dc=pt'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=ucp,dc=pt, with filter (uid=impressoras)
rlm_ldap: looking for check items in directory...
rlm_ldap: Adding acctFlags as SMB-Account-CTRL-TEXT, value [UX & op=21
rlm_ldap: Adding ntPassword as NT-Password, value
BB4C23CC9852DA1DDF3A750EE4A1B2D6 & op=21
rlm_ldap: Adding lmPassword as LM-Password, value
210AB2216E60A5FC985E1393CED001C9 & op=21
rlm_ldap: looking for reply items in directory...
rlm_ldap: user impressoras authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 152
modcall: group authorize returns updated for request 152
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 152
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 152
modcall: group authenticate returns handled for request 152
Sending Access-Challenge of id 204 to 172.17.0.2:21656
EAP-Message =
0x010501a6190055040713064c6973626f613111300f060355040a1308464345452d554350310e300c060355040b13055349474d413110300e060355040313075369676d6143413120301e06092a864886f70d01090116117369676d6140666365652e7563702e707430819f300d06092a864886f70d010101050003818d0030818902818100d80cfdd41731065464c2af3e927819bfc8d449959b240e8ce4a730b579888660ca53ee727ac7d5f9ccedba4fe6595206b24a2e4bca9fcbe864cd5de9c82cd8c4c6be9ef9706eaee42fe9da663c77c794270553fe6d07b6eddbeeb6073eaf47ccfefe6cba4f97bb7f4576289dc6a10b592179a0f9bdcf7c0d
EAP-Message =
0xe4415d9a65ac85cf0203010001300d06092a864886f70d0101040500038181002b04fa7f144a1318154b06707cc843359b62b40cd3c62f700f2b850d220cc39068eefe5844908099cca234aaeedaa766cb13c097889cbc5ea92b4b142f8b4ad4034f261fbdaa5b920368bd5fb4a8dde7736a96f4423643cef377de4ca380f1fa67b30e22c18c05efc4e0687b3190f6e3d32722e5fc91eabbb09316fb70a795da16030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x4bfde7f6a0e47de5ac2e6c5b24d715da
Finished request 152
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 172.17.0.2:21656, id=205, length=333
User-Name = "impressoras"
Framed-MTU = 1400
Called-Station-Id = "000e.83df.54e0"
Calling-Station-Id = "000e.7f3a.bf7b"
Message-Authenticator = 0x5f4432d4cd3bfac00f16f3293c3b7bf1
EAP-Message =
0x020500c81980000000be160301008610000082008036520106d177b3cfa7de43c0e1d199b07408a92f27c6a6e40f22efd16b0c11f6f1cbee1875965c89a513442720a931d93df8a2d0384ac0a20e8a2910e948ea5a2d369ea7828a737789f22bbd56c5b37f60935a8fc9584385c45e22fcb63807d9236da27a03f3f35ac1f2265168683360e409b9286bb66bf42e78827243f5ed2f14030100010116030100283a137d3995097fbf3dc98b84552ae942e2b78a2183cb0c6cbd7a9d05e32810bca48513e00271f593
NAS-Port-Type = Wireless-802.11
NAS-Port = 370
State = 0x4bfde7f6a0e47de5ac2e6c5b24d715da
Service-Type = Framed-User
NAS-IP-Address = 172.17.0.2
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 153
modcall[authorize]: module "preprocess" returns ok for request 153
modcall[authorize]: module "chap" returns noop for request 153
modcall[authorize]: module "mschap" returns noop for request 153
rlm_realm: No '@' in User-Name = "impressoras", looking up realm NULL
rlm_realm: Found realm "NULL"
rlm_realm: Adding Stripped-User-Name = "impressoras"
rlm_realm: Proxying request from user impressoras to realm NULL
rlm_realm: Adding Realm = "NULL"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 153
rlm_realm: Request already proxied. Ignoring.
modcall[authorize]: module "ntdomain" returns noop for request 153
rlm_eap: EAP packet type response id 5 length 200
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 153
rlm_ldap: - authorize
rlm_ldap: performing user authorization for impressoras
radius_xlat: '(uid=impressoras)'
radius_xlat: 'dc=ucp,dc=pt'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=ucp,dc=pt, with filter (uid=impressoras)
rlm_ldap: looking for check items in directory...
rlm_ldap: Adding acctFlags as SMB-Account-CTRL-TEXT, value [UX & op=21
rlm_ldap: Adding ntPassword as NT-Password, value
BB4C23CC9852DA1DDF3A750EE4A1B2D6 & op=21
rlm_ldap: Adding lmPassword as LM-Password, value
210AB2216E60A5FC985E1393CED001C9 & op=21
rlm_ldap: looking for reply items in directory...
rlm_ldap: user impressoras authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 153
modcall: group authorize returns updated for request 153
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 153
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
TLS_accept: SSLv3 read client key exchange A
rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001]
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 read finished A
rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001]
TLS_accept: SSLv3 write change cipher spec A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 write finished A
TLS_accept: SSLv3 flush data
(other): SSL negotiation finished successfully
SSL Connection Established
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 153
modcall: group authenticate returns handled for request 153
Sending Access-Challenge of id 205 to 172.17.0.2:21656
EAP-Message =
0x0106003919001403010001011603010028a4fffc3c16b6b49a235e834d2644ad20cad1675e31883e45820d2feeb814e6f64e6d81cc526f6e69
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x652958e7452a4aeda3122ca87785562d
Finished request 153
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 172.17.0.2:21656, id=206, length=139
User-Name = "impressoras"
Framed-MTU = 1400
Called-Station-Id = "000e.83df.54e0"
Calling-Station-Id = "000e.7f3a.bf7b"
Message-Authenticator = 0x6953bbcffa7874ef88f9b3fd362cc3e2
EAP-Message = 0x020600061900
NAS-Port-Type = Wireless-802.11
NAS-Port = 370
State = 0x652958e7452a4aeda3122ca87785562d
Service-Type = Framed-User
NAS-IP-Address = 172.17.0.2
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 154
modcall[authorize]: module "preprocess" returns ok for request 154
modcall[authorize]: module "chap" returns noop for request 154
modcall[authorize]: module "mschap" returns noop for request 154
rlm_realm: No '@' in User-Name = "impressoras", looking up realm NULL
rlm_realm: Found realm "NULL"
rlm_realm: Adding Stripped-User-Name = "impressoras"
rlm_realm: Proxying request from user impressoras to realm NULL
rlm_realm: Adding Realm = "NULL"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 154
rlm_realm: Request already proxied. Ignoring.
modcall[authorize]: module "ntdomain" returns noop for request 154
rlm_eap: EAP packet type response id 6 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 154
rlm_ldap: - authorize
rlm_ldap: performing user authorization for impressoras
radius_xlat: '(uid=impressoras)'
radius_xlat: 'dc=ucp,dc=pt'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=ucp,dc=pt, with filter (uid=impressoras)
rlm_ldap: looking for check items in directory...
rlm_ldap: Adding acctFlags as SMB-Account-CTRL-TEXT, value [UX & op=21
rlm_ldap: Adding ntPassword as NT-Password, value
BB4C23CC9852DA1DDF3A750EE4A1B2D6 & op=21
rlm_ldap: Adding lmPassword as LM-Password, value
210AB2216E60A5FC985E1393CED001C9 & op=21
rlm_ldap: looking for reply items in directory...
rlm_ldap: user impressoras authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 154
modcall: group authorize returns updated for request 154
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 154
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake is finished
eaptls_verify returned 3
eaptls_process returned 3
rlm_eap_peap: EAPTLS_SUCCESS
modcall[authenticate]: module "eap" returns handled for request 154
modcall: group authenticate returns handled for request 154
Sending Access-Challenge of id 206 to 172.17.0.2:21656
EAP-Message =
0x0107004819001703010018621122a686f0220a454e549665ca03094736549428491dfa1703010020f3509f590a2aee96c46bec625df53342708bd8a17e8fed837ea7ca6ce62e3a86
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x529a37918b1ca57a86398395c911c442
Finished request 154
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 172.17.0.2:21656, id=207, length=213
User-Name = "impressoras"
Framed-MTU = 1400
Called-Station-Id = "000e.83df.54e0"
Calling-Station-Id = "000e.7f3a.bf7b"
Message-Authenticator = 0x3a0909ccd1c32b55c52b4337281bb89e
EAP-Message =
0x020700501900170301001879506f1aaec49fb9e20a7bc6de988e202c90de0a94939480170301002853fd4483ec3aa7c64fa18e06dd259581c9e3a3a479d65a8a7c6000781f96a628d16700e421cc409f
NAS-Port-Type = Wireless-802.11
NAS-Port = 370
State = 0x529a37918b1ca57a86398395c911c442
Service-Type = Framed-User
NAS-IP-Address = 172.17.0.2
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 155
modcall[authorize]: module "preprocess" returns ok for request 155
modcall[authorize]: module "chap" returns noop for request 155
modcall[authorize]: module "mschap" returns noop for request 155
rlm_realm: No '@' in User-Name = "impressoras", looking up realm NULL
rlm_realm: Found realm "NULL"
rlm_realm: Adding Stripped-User-Name = "impressoras"
rlm_realm: Proxying request from user impressoras to realm NULL
rlm_realm: Adding Realm = "NULL"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 155
rlm_realm: Request already proxied. Ignoring.
modcall[authorize]: module "ntdomain" returns noop for request 155
rlm_eap: EAP packet type response id 7 length 80
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 155
rlm_ldap: - authorize
rlm_ldap: performing user authorization for impressoras
radius_xlat: '(uid=impressoras)'
radius_xlat: 'dc=ucp,dc=pt'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=ucp,dc=pt, with filter (uid=impressoras)
rlm_ldap: looking for check items in directory...
rlm_ldap: Adding acctFlags as SMB-Account-CTRL-TEXT, value [UX & op=21
rlm_ldap: Adding ntPassword as NT-Password, value
BB4C23CC9852DA1DDF3A750EE4A1B2D6 & op=21
rlm_ldap: Adding lmPassword as LM-Password, value
210AB2216E60A5FC985E1393CED001C9 & op=21
rlm_ldap: looking for reply items in directory...
rlm_ldap: user impressoras authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 155
modcall: group authorize returns updated for request 155
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 155
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: Got something weird.
rlm_eap: Handler failed in EAP/peap
rlm_eap: Failed in EAP select
modcall[authenticate]: module "eap" returns invalid for request 155
modcall: group authenticate returns invalid for request 155
auth: Failed to validate the user.
Delaying request 155 for 1 seconds
Finished request 155
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 172.17.0.2:21656, id=207, length=213
Sending Access-Reject of id 207 to 172.17.0.2:21656
EAP-Message = 0x04070004
Message-Authenticator = 0x00000000000000000000000000000000
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 150 ID 202 with timestamp 419cd81a
Cleaning up request 151 ID 203 with timestamp 419cd81a
Cleaning up request 152 ID 204 with timestamp 419cd81a
Cleaning up request 153 ID 205 with timestamp 419cd81a
Cleaning up request 154 ID 206 with timestamp 419cd81a
Cleaning up request 155 ID 207 with timestamp 419cd81a
Nothing to do. Sleeping until we see a request.
