Hello to all, have a problem with radius and peap and cisco AP1200 and and and .....
What I use : freeradius-1.0.2 installed on Wihitebox Linux 3.0 Respin 1 Accesspoint Cisco AP1200 AIR-AP1231G-E-K9 12.3(2)JA SSL version OpenSSL 0.9.7a Feb 19 2003 Certificates created with script CA.certs located in free-radius installation Directory An DELL Laptop with win2k and WLAN Card Cisco aironet Air-cb21ag-e-k9 Output Starting FreeRADIUS:Thu Apr 7 08:56:47 2005 : Info: Starting - reading configuration files ... Thu Apr 7 08:56:47 2005 : Debug: reread_config: reading radiusd.conf Thu Apr 7 08:56:47 2005 : Debug: Config: including file: /etc/raddb/proxy.conf Thu Apr 7 08:56:47 2005 : Debug: Config: including file: /etc/raddb/clients.conf Thu Apr 7 08:56:47 2005 : Debug: Config: including file: /etc/raddb/snmp.conf Thu Apr 7 08:56:47 2005 : Debug: Config: including file: /etc/raddb/eap.conf Thu Apr 7 08:56:47 2005 : Debug: Config: including file: /etc/raddb/sql.conf Thu Apr 7 08:56:47 2005 : Debug: main: prefix = "/usr/local" Thu Apr 7 08:56:47 2005 : Debug: main: localstatedir = "/usr/local/var" Thu Apr 7 08:56:47 2005 : Debug: main: logdir = "/var/log/radius" Thu Apr 7 08:56:47 2005 : Debug: main: libdir = "/usr/local/lib" Thu Apr 7 08:56:47 2005 : Debug: main: radacctdir = "/var/log/radius/radacct" Thu Apr 7 08:56:47 2005 : Debug: main: hostname_lookups = no Thu Apr 7 08:56:47 2005 : Debug: main: max_request_time = 30 Thu Apr 7 08:56:47 2005 : Debug: main: cleanup_delay = 5 Thu Apr 7 08:56:47 2005 : Debug: main: max_requests = 1024 Thu Apr 7 08:56:47 2005 : Debug: main: delete_blocked_requests = 0 Thu Apr 7 08:56:47 2005 : Debug: main: port = 1812 Thu Apr 7 08:56:47 2005 : Debug: main: allow_core_dumps = no Thu Apr 7 08:56:47 2005 : Debug: main: log_stripped_names = no Thu Apr 7 08:56:47 2005 : Debug: main: log_file = "/var/log/radius/radius.log" Thu Apr 7 08:56:47 2005 : Debug: main: log_auth = no Thu Apr 7 08:56:47 2005 : Debug: main: log_auth_badpass = no Thu Apr 7 08:56:47 2005 : Debug: main: log_auth_goodpass = no Thu Apr 7 08:56:47 2005 : Debug: main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid" Thu Apr 7 08:56:47 2005 : Debug: main: user = "root" Thu Apr 7 08:56:47 2005 : Debug: main: group = "root" Thu Apr 7 08:56:47 2005 : Debug: main: usercollide = no Thu Apr 7 08:56:47 2005 : Debug: main: lower_user = "no" Thu Apr 7 08:56:47 2005 : Debug: main: lower_pass = "no" Thu Apr 7 08:56:47 2005 : Debug: main: nospace_user = "no" Thu Apr 7 08:56:47 2005 : Debug: main: nospace_pass = "no" Thu Apr 7 08:56:47 2005 : Debug: main: checkrad = "/usr/local/sbin/checkrad" Thu Apr 7 08:56:47 2005 : Debug: main: proxy_requests = yes Thu Apr 7 08:56:47 2005 : Debug: proxy: retry_delay = 5 Thu Apr 7 08:56:47 2005 : Debug: proxy: retry_count = 3 Thu Apr 7 08:56:47 2005 : Debug: proxy: synchronous = no Thu Apr 7 08:56:47 2005 : Debug: proxy: default_fallback = yes Thu Apr 7 08:56:47 2005 : Debug: proxy: dead_time = 120 Thu Apr 7 08:56:47 2005 : Debug: proxy: post_proxy_authorize = yes Thu Apr 7 08:56:47 2005 : Debug: proxy: wake_all_if_all_dead = no Thu Apr 7 08:56:47 2005 : Debug: security: max_attributes = 200 Thu Apr 7 08:56:47 2005 : Debug: security: reject_delay = 1 Thu Apr 7 08:56:47 2005 : Debug: security: status_server = no Thu Apr 7 08:56:47 2005 : Debug: main: debug_level = 0 Thu Apr 7 08:56:47 2005 : Debug: read_config_files: reading dictionary Thu Apr 7 08:56:47 2005 : Debug: read_config_files: reading naslist Thu Apr 7 08:56:47 2005 : Debug: read_config_files: reading clients Thu Apr 7 08:56:47 2005 : Debug: read_config_files: reading realms Thu Apr 7 08:56:47 2005 : Debug: radiusd: entering modules setup Thu Apr 7 08:56:47 2005 : Debug: Module: Library search path is /usr/local/lib Thu Apr 7 08:56:47 2005 : Debug: Module: Loaded exec Thu Apr 7 08:56:47 2005 : Debug: exec: wait = yes Thu Apr 7 08:56:47 2005 : Debug: exec: program = "(null)" Thu Apr 7 08:56:47 2005 : Debug: exec: input_pairs = "request" Thu Apr 7 08:56:47 2005 : Debug: exec: output_pairs = "(null)" Thu Apr 7 08:56:47 2005 : Debug: exec: packet_type = "(null)" Thu Apr 7 08:56:47 2005 : Info: rlm_exec: Wait=yes but no output defined. Did you mean output=none? Thu Apr 7 08:56:47 2005 : Debug: Module: Instantiated exec (exec) Thu Apr 7 08:56:47 2005 : Debug: Module: Loaded expr Thu Apr 7 08:56:47 2005 : Debug: Module: Instantiated expr (expr) Thu Apr 7 08:56:47 2005 : Debug: Module: Loaded PAP Thu Apr 7 08:56:47 2005 : Debug: pap: encryption_scheme = "crypt" Thu Apr 7 08:56:47 2005 : Debug: Module: Instantiated pap (pap) Thu Apr 7 08:56:47 2005 : Debug: Module: Loaded CHAP Thu Apr 7 08:56:47 2005 : Debug: Module: Instantiated chap (chap) Thu Apr 7 08:56:47 2005 : Debug: Module: Loaded MS-CHAP Thu Apr 7 08:56:47 2005 : Debug: mschap: use_mppe = yes Thu Apr 7 08:56:47 2005 : Debug: mschap: require_encryption = yes Thu Apr 7 08:56:47 2005 : Debug: mschap: require_strong = yes Thu Apr 7 08:56:47 2005 : Debug: mschap: with_ntdomain_hack = yes Thu Apr 7 08:56:47 2005 : Debug: mschap: passwd = "(null)" Thu Apr 7 08:56:47 2005 : Debug: mschap: authtype = "MS-CHAP" Thu Apr 7 08:56:47 2005 : Debug: mschap: ntlm_auth = "(null)" Thu Apr 7 08:56:47 2005 : Debug: Module: Instantiated mschap (mschap) Thu Apr 7 08:56:47 2005 : Debug: Module: Loaded eap Thu Apr 7 08:56:47 2005 : Debug: eap: default_eap_type = "peap" Thu Apr 7 08:56:47 2005 : Debug: eap: timer_expire = 60 Thu Apr 7 08:56:47 2005 : Debug: eap: ignore_unknown_eap_types = yes Thu Apr 7 08:56:47 2005 : Debug: eap: cisco_accounting_username_bug = yes Thu Apr 7 08:56:47 2005 : Debug: rlm_eap: Loaded and initialized type md5 Thu Apr 7 08:56:47 2005 : Debug: rlm_eap: Loaded and initialized type leap Thu Apr 7 08:56:47 2005 : Debug: gtc: challenge = "Password: " Thu Apr 7 08:56:47 2005 : Debug: gtc: auth_type = "PAP" Thu Apr 7 08:56:47 2005 : Debug: rlm_eap: Loaded and initialized type gtc Thu Apr 7 08:56:47 2005 : Debug: tls: rsa_key_exchange = no Thu Apr 7 08:56:47 2005 : Debug: tls: dh_key_exchange = yes Thu Apr 7 08:56:47 2005 : Debug: tls: rsa_key_length = 512 Thu Apr 7 08:56:47 2005 : Debug: tls: dh_key_length = 512 Thu Apr 7 08:56:47 2005 : Debug: tls: verify_depth = 0 Thu Apr 7 08:56:47 2005 : Debug: tls: CA_path = "(null)" Thu Apr 7 08:56:47 2005 : Debug: tls: pem_file_type = yes Thu Apr 7 08:56:47 2005 : Debug: tls: private_key_file = "/etc/raddb/certs/cert-srv.pem" Thu Apr 7 08:56:47 2005 : Debug: tls: certificate_file = "/etc/raddb/certs/cert-srv.pem" Thu Apr 7 08:56:47 2005 : Debug: tls: CA_file = "/etc/raddb/certs/demoCA/cacert.pem" Thu Apr 7 08:56:47 2005 : Debug: tls: private_key_password = "hahaha" Thu Apr 7 08:56:47 2005 : Debug: tls: dh_file = "/etc/raddb/certs/dh" Thu Apr 7 08:56:47 2005 : Debug: tls: random_file = "/etc/raddb/certs/random" Thu Apr 7 08:56:47 2005 : Debug: tls: fragment_size = 1024 Thu Apr 7 08:56:47 2005 : Debug: tls: include_length = yes Thu Apr 7 08:56:47 2005 : Debug: tls: check_crl = no Thu Apr 7 08:56:47 2005 : Debug: tls: check_cert_cn = "(null)" Thu Apr 7 08:56:48 2005 : Debug: rlm_eap: Loaded and initialized type tls Thu Apr 7 08:56:48 2005 : Debug: peap: default_eap_type = "mschapv2" Thu Apr 7 08:56:48 2005 : Debug: peap: copy_request_to_tunnel = no Thu Apr 7 08:56:48 2005 : Debug: peap: use_tunneled_reply = no Thu Apr 7 08:56:48 2005 : Debug: peap: proxy_tunneled_request_as_eap = yes Thu Apr 7 08:56:48 2005 : Debug: rlm_eap: Loaded and initialized type peap Thu Apr 7 08:56:48 2005 : Debug: mschapv2: with_ntdomain_hack = no Thu Apr 7 08:56:48 2005 : Debug: rlm_eap: Loaded and initialized type mschapv2 Thu Apr 7 08:56:48 2005 : Debug: Module: Instantiated eap (eap) Thu Apr 7 08:56:48 2005 : Debug: Module: Loaded preprocess Thu Apr 7 08:56:48 2005 : Debug: preprocess: huntgroups = "/etc/raddb/huntgroups" Thu Apr 7 08:56:48 2005 : Debug: preprocess: hints = "/etc/raddb/hints" Thu Apr 7 08:56:48 2005 : Debug: preprocess: with_ascend_hack = no Thu Apr 7 08:56:48 2005 : Debug: preprocess: ascend_channels_per_line = 23 Thu Apr 7 08:56:48 2005 : Debug: preprocess: with_ntdomain_hack = no Thu Apr 7 08:56:48 2005 : Debug: preprocess: with_specialix_jetstream_hack = no Thu Apr 7 08:56:48 2005 : Debug: preprocess: with_cisco_vsa_hack = no Thu Apr 7 08:56:48 2005 : Debug: Module: Instantiated preprocess (preprocess) Thu Apr 7 08:56:48 2005 : Debug: Module: Loaded realm Thu Apr 7 08:56:48 2005 : Debug: realm: format = "suffix" Thu Apr 7 08:56:48 2005 : Debug: realm: delimiter = "@" Thu Apr 7 08:56:48 2005 : Debug: realm: ignore_default = no Thu Apr 7 08:56:48 2005 : Debug: realm: ignore_null = no Thu Apr 7 08:56:48 2005 : Debug: Module: Instantiated realm (suffix) Thu Apr 7 08:56:48 2005 : Debug: Module: Loaded files Thu Apr 7 08:56:48 2005 : Debug: files: usersfile = "/etc/raddb/users" Thu Apr 7 08:56:48 2005 : Debug: files: acctusersfile = "/etc/raddb/acct_users" Thu Apr 7 08:56:48 2005 : Debug: files: preproxy_usersfile = "/etc/raddb/preproxy_users" Thu Apr 7 08:56:48 2005 : Debug: files: compat = "no" Thu Apr 7 08:56:48 2005 : Debug: Module: Instantiated files (files) Thu Apr 7 08:56:48 2005 : Debug: Module: Loaded Acct-Unique-Session-Id Thu Apr 7 08:56:48 2005 : Debug: acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port" Thu Apr 7 08:56:48 2005 : Debug: Module: Instantiated acct_unique (acct_unique) Thu Apr 7 08:56:48 2005 : Debug: Module: Loaded detail Thu Apr 7 08:56:48 2005 : Debug: detail: detailfile = "/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d" Thu Apr 7 08:56:48 2005 : Debug: detail: detailperm = 384 Thu Apr 7 08:56:48 2005 : Debug: detail: dirperm = 493 Thu Apr 7 08:56:48 2005 : Debug: detail: locking = no Thu Apr 7 08:56:48 2005 : Debug: Module: Instantiated detail (detail) Thu Apr 7 08:56:48 2005 : Debug: Module: Loaded System Thu Apr 7 08:56:48 2005 : Debug: unix: cache = no Thu Apr 7 08:56:48 2005 : Debug: unix: passwd = "(null)" Thu Apr 7 08:56:48 2005 : Debug: unix: shadow = "(null)" Thu Apr 7 08:56:48 2005 : Debug: unix: group = "(null)" Thu Apr 7 08:56:48 2005 : Debug: unix: radwtmp = "/var/log/radius/radwtmp" Thu Apr 7 08:56:48 2005 : Debug: unix: usegroup = no Thu Apr 7 08:56:48 2005 : Debug: unix: cache_reload = 600 Thu Apr 7 08:56:48 2005 : Debug: Module: Instantiated unix (unix) Thu Apr 7 08:56:48 2005 : Debug: Module: Loaded radutmp Thu Apr 7 08:56:48 2005 : Debug: radutmp: filename = "/var/log/radius/radutmp" Thu Apr 7 08:56:48 2005 : Debug: radutmp: username = "%{User-Name}" Thu Apr 7 08:56:48 2005 : Debug: radutmp: case_sensitive = yes Thu Apr 7 08:56:48 2005 : Debug: radutmp: check_with_nas = yes Thu Apr 7 08:56:48 2005 : Debug: radutmp: perm = 384 Thu Apr 7 08:56:48 2005 : Debug: radutmp: callerid = yes Thu Apr 7 08:56:48 2005 : Debug: Module: Instantiated radutmp (radutmp) Thu Apr 7 08:56:48 2005 : Debug: Initializing the thread pool... Thu Apr 7 08:56:48 2005 : Debug: thread: start_servers = 5 Thu Apr 7 08:56:48 2005 : Debug: thread: max_servers = 32 Thu Apr 7 08:56:48 2005 : Debug: thread: min_spare_servers = 3 Thu Apr 7 08:56:48 2005 : Debug: thread: max_spare_servers = 10 Thu Apr 7 08:56:48 2005 : Debug: thread: max_requests_per_server = 0 Thu Apr 7 08:56:48 2005 : Debug: thread: cleanup_delay = 5 Thu Apr 7 08:56:48 2005 : Debug: Thread 1 waiting to be assigned a request Thu Apr 7 08:56:48 2005 : Debug: Thread spawned new child 1. Total threads in pool: 1 Thu Apr 7 08:56:48 2005 : Debug: Thread 2 waiting to be assigned a request Thu Apr 7 08:56:48 2005 : Debug: Thread spawned new child 2. Total threads in pool: 2 Thu Apr 7 08:56:48 2005 : Debug: Thread 3 waiting to be assigned a request Thu Apr 7 08:56:48 2005 : Debug: Thread spawned new child 3. Total threads in pool: 3 Thu Apr 7 08:56:48 2005 : Debug: Thread 4 waiting to be assigned a request Thu Apr 7 08:56:48 2005 : Debug: Thread spawned new child 4. Total threads in pool: 4 Thu Apr 7 08:56:48 2005 : Debug: Thread 5 waiting to be assigned a request Thu Apr 7 08:56:48 2005 : Debug: Thread spawned new child 5. Total threads in pool: 5 Thu Apr 7 08:56:48 2005 : Debug: Thread pool initialized Thu Apr 7 08:56:48 2005 : Debug: Listening on authentication *:1812 Thu Apr 7 08:56:48 2005 : Debug: Listening on accounting *:1813 Thu Apr 7 08:56:48 2005 : Debug: Listening on proxy *:1814 Thu Apr 7 08:56:48 2005 : Info: Ready to process requests. rad_recv: Access-Request packet from host 10.162.210.11:21670, id=249, length=157 Thu Apr 7 08:56:50 2005 : Debug: --- Walking the entire request list --- Thu Apr 7 08:56:50 2005 : Debug: Waking up in 31 seconds... Thu Apr 7 08:56:50 2005 : Debug: Threads: total/active/spare threads = 5/0/5 Thu Apr 7 08:56:50 2005 : Debug: Thread 1 got semaphore Thu Apr 7 08:56:50 2005 : Debug: Thread 1 handling request 0, (1 handled so far) User-Name = "uhofacker" Framed-MTU = 1400 Called-Station-Id = "0013.1a90.bf00" Calling-Station-Id = "0040.96a4.679e" Service-Type = Login-User Message-Authenticator = 0xf1fa2227bae16096ce3aea21974bdc72 EAP-Message = 0x0204001119800000000715030100020230 NAS-Port-Type = Wireless-802.11 NAS-Port = 6856 State = 0xa75b656b5ce7733aaad426a2f5ab6078 NAS-IP-Address = 10.162.210.11 NAS-Identifier = "ap011hn" Thu Apr 7 08:56:50 2005 : Debug: Processing the authorize section of radiusd.conf Thu Apr 7 08:56:50 2005 : Debug: modcall: entering group authorize for request 0 Thu Apr 7 08:56:50 2005 : Debug: modsingle[authorize]: calling preprocess (rlm_preprocess) for request 0 Thu Apr 7 08:56:50 2005 : Debug: modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 0 Thu Apr 7 08:56:50 2005 : Debug: modcall[authorize]: module "preprocess" returns ok for request 0 Thu Apr 7 08:56:50 2005 : Debug: modsingle[authorize]: calling mschap (rlm_mschap) for request 0 Thu Apr 7 08:56:50 2005 : Debug: modsingle[authorize]: returned from mschap (rlm_mschap) for request 0 Thu Apr 7 08:56:50 2005 : Debug: modcall[authorize]: module "mschap" returns noop for request 0 Thu Apr 7 08:56:50 2005 : Debug: modsingle[authorize]: calling suffix (rlm_realm) for request 0 Thu Apr 7 08:56:50 2005 : Debug: rlm_realm: No '@' in User-Name = "uhofacker", looking up realm NULL Thu Apr 7 08:56:50 2005 : Debug: rlm_realm: No such realm "NULL" Thu Apr 7 08:56:50 2005 : Debug: modsingle[authorize]: returned from suffix (rlm_realm) for request 0 Thu Apr 7 08:56:50 2005 : Debug: modcall[authorize]: module "suffix" returns noop for request 0 Thu Apr 7 08:56:50 2005 : Debug: modsingle[authorize]: calling eap (rlm_eap) for request 0 Thu Apr 7 08:56:50 2005 : Debug: rlm_eap: EAP packet type response id 4 length 17 Thu Apr 7 08:56:50 2005 : Debug: rlm_eap: No EAP Start, assuming it's an on-going EAP conversation Thu Apr 7 08:56:50 2005 : Debug: modsingle[authorize]: returned from eap (rlm_eap) for request 0 Thu Apr 7 08:56:50 2005 : Debug: modcall[authorize]: module "eap" returns updated for request 0 Thu Apr 7 08:56:50 2005 : Debug: modsingle[authorize]: calling files (rlm_files) for request 0 Thu Apr 7 08:56:50 2005 : Debug: users: Matched entry uhofacker at line 3658 Thu Apr 7 08:56:50 2005 : Debug: modsingle[authorize]: returned from files (rlm_files) for request 0 Thu Apr 7 08:56:50 2005 : Debug: modcall[authorize]: module "files" returns ok for request 0 Thu Apr 7 08:56:50 2005 : Debug: modcall: group authorize returns updated for request 0 Thu Apr 7 08:56:50 2005 : Debug: rad_check_password: Found Auth-Type EAP Thu Apr 7 08:56:50 2005 : Debug: auth: type "EAP" Thu Apr 7 08:56:50 2005 : Debug: Processing the authenticate section of radiusd.conf Thu Apr 7 08:56:50 2005 : Debug: modcall: entering group authenticate for request 0 Thu Apr 7 08:56:50 2005 : Debug: modsingle[authenticate]: calling eap (rlm_eap) for request 0 Thu Apr 7 08:56:50 2005 : Debug: rlm_eap: Request not found in the list Thu Apr 7 08:56:50 2005 : Error: rlm_eap: Either EAP-request timed out OR EAP-response to an unknown EAP-request Thu Apr 7 08:56:50 2005 : Debug: rlm_eap: Failed in handler Thu Apr 7 08:56:50 2005 : Debug: modsingle[authenticate]: returned from eap (rlm_eap) for request 0 Thu Apr 7 08:56:50 2005 : Debug: modcall[authenticate]: module "eap" returns invalid for request 0 Thu Apr 7 08:56:50 2005 : Debug: modcall: group authenticate returns invalid for request 0 Thu Apr 7 08:56:50 2005 : Debug: auth: Failed to validate the user. Thu Apr 7 08:56:50 2005 : Debug: Delaying request 0 for 1 seconds Thu Apr 7 08:56:50 2005 : Debug: Finished request 0 Thu Apr 7 08:56:50 2005 : Debug: Going to the next request Thu Apr 7 08:56:50 2005 : Debug: Thread 1 waiting to be assigned a request rad_recv: Access-Request packet from host 10.162.210.11:21670, id=249, length=157 Sending Access-Reject of id 249 to 10.162.210.11:21670 Thu Apr 7 08:56:55 2005 : Debug: --- Walking the entire request list --- Thu Apr 7 08:56:55 2005 : Debug: Waking up in 1 seconds... Thu Apr 7 08:56:56 2005 : Debug: --- Walking the entire request list --- Thu Apr 7 08:56:56 2005 : Debug: Cleaning up request 0 ID 249 with timestamp 4254d9b2 Thu Apr 7 08:56:56 2005 : Debug: Nothing to do. Sleeping until we see a request. rad_recv: Access-Request packet from host 10.162.210.11:21670, id=250, length=136 Thu Apr 7 08:56:59 2005 : Debug: --- Walking the entire request list --- Thu Apr 7 08:56:59 2005 : Debug: Waking up in 31 seconds... Thu Apr 7 08:56:59 2005 : Debug: Thread 2 got semaphore Thu Apr 7 08:56:59 2005 : Debug: Thread 2 handling request 1, (1 handled so far) User-Name = "uhofacker" Framed-MTU = 1400 Called-Station-Id = "0013.1a90.bf00" Calling-Station-Id = "0040.96a4.679e" Service-Type = Login-User Message-Authenticator = 0xdc86e89564e003c8af0b6e29a9b2ba54 EAP-Message = 0x0201000e0175686f6661636b6572 NAS-Port-Type = Wireless-802.11 NAS-Port = 6857 NAS-IP-Address = 10.162.210.11 NAS-Identifier = "ap011hn" Thu Apr 7 08:56:59 2005 : Debug: Processing the authorize section of radiusd.conf Thu Apr 7 08:56:59 2005 : Debug: modcall: entering group authorize for request 1 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: calling preprocess (rlm_preprocess) for request 1 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 1 Thu Apr 7 08:56:59 2005 : Debug: modcall[authorize]: module "preprocess" returns ok for request 1 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: calling mschap (rlm_mschap) for request 1 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: returned from mschap (rlm_mschap) for request 1 Thu Apr 7 08:56:59 2005 : Debug: modcall[authorize]: module "mschap" returns noop for request 1 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: calling suffix (rlm_realm) for request 1 Thu Apr 7 08:56:59 2005 : Debug: rlm_realm: No '@' in User-Name = "uhofacker", looking up realm NULL Thu Apr 7 08:56:59 2005 : Debug: rlm_realm: No such realm "NULL" Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: returned from suffix (rlm_realm) for request 1 Thu Apr 7 08:56:59 2005 : Debug: modcall[authorize]: module "suffix" returns noop for request 1 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: calling eap (rlm_eap) for request 1 Thu Apr 7 08:56:59 2005 : Debug: rlm_eap: EAP packet type response id 1 length 14 Thu Apr 7 08:56:59 2005 : Debug: rlm_eap: No EAP Start, assuming it's an on-going EAP conversation Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: returned from eap (rlm_eap) for request 1 Thu Apr 7 08:56:59 2005 : Debug: modcall[authorize]: module "eap" returns updated for request 1 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: calling files (rlm_files) for request 1 Thu Apr 7 08:56:59 2005 : Debug: users: Matched entry uhofacker at line 3658 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: returned from files (rlm_files) for request 1 Thu Apr 7 08:56:59 2005 : Debug: modcall[authorize]: module "files" returns ok for request 1 Thu Apr 7 08:56:59 2005 : Debug: modcall: group authorize returns updated for request 1 Thu Apr 7 08:56:59 2005 : Debug: rad_check_password: Found Auth-Type EAP Thu Apr 7 08:56:59 2005 : Debug: auth: type "EAP" Thu Apr 7 08:56:59 2005 : Debug: Processing the authenticate section of radiusd.conf Thu Apr 7 08:56:59 2005 : Debug: modcall: entering group authenticate for request 1 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authenticate]: calling eap (rlm_eap) for request 1 Thu Apr 7 08:56:59 2005 : Debug: rlm_eap: EAP Identity Thu Apr 7 08:56:59 2005 : Debug: rlm_eap: processing type tls Thu Apr 7 08:56:59 2005 : Debug: rlm_eap_tls: Initiate Thu Apr 7 08:56:59 2005 : Debug: rlm_eap_tls: Start returned 1 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authenticate]: returned from eap (rlm_eap) for request 1 Thu Apr 7 08:56:59 2005 : Debug: modcall[authenticate]: module "eap" returns handled for request 1 Thu Apr 7 08:56:59 2005 : Debug: modcall: group authenticate returns handled for request 1 Sending Access-Challenge of id 250 to 10.162.210.11:21670 Service-Type = Framed-User Framed-IP-Address = 255.255.255.255 Framed-Routing = Broadcast-Listen Framed-MTU = 1500 Framed-Compression = Van-Jacobson-TCP-IP EAP-Message = 0x010200061920 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x8dbb0e96e7b146d2f74bcffcb2698549 Thu Apr 7 08:56:59 2005 : Debug: Finished request 1 Thu Apr 7 08:56:59 2005 : Debug: Going to the next request Thu Apr 7 08:56:59 2005 : Debug: Thread 2 waiting to be assigned a request rad_recv: Access-Request packet from host 10.162.210.11:21670, id=251, length=240 Thu Apr 7 08:56:59 2005 : Debug: Waking up in 31 seconds... Thu Apr 7 08:56:59 2005 : Debug: Thread 3 got semaphore Thu Apr 7 08:56:59 2005 : Debug: Thread 3 handling request 2, (1 handled so far) User-Name = "uhofacker" Framed-MTU = 1400 Called-Station-Id = "0013.1a90.bf00" Calling-Station-Id = "0040.96a4.679e" Service-Type = Login-User Message-Authenticator = 0x42d03c8c1d167a35f231f5b8655c9e40 EAP-Message = 0x0202006419800000005a16030100550100005103014254d9c3c30d58225bb70df21677cd6f 9fea46a362545f521b7ccac46c515ee200002a00160013000a00660007000500040065006400 63006200610060001500120009001400110008000600030100 NAS-Port-Type = Wireless-802.11 NAS-Port = 6857 State = 0x8dbb0e96e7b146d2f74bcffcb2698549 NAS-IP-Address = 10.162.210.11 NAS-Identifier = "ap011hn" Thu Apr 7 08:56:59 2005 : Debug: Processing the authorize section of radiusd.conf Thu Apr 7 08:56:59 2005 : Debug: modcall: entering group authorize for request 2 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: calling preprocess (rlm_preprocess) for request 2 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 2 Thu Apr 7 08:56:59 2005 : Debug: modcall[authorize]: module "preprocess" returns ok for request 2 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: calling mschap (rlm_mschap) for request 2 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: returned from mschap (rlm_mschap) for request 2 Thu Apr 7 08:56:59 2005 : Debug: modcall[authorize]: module "mschap" returns noop for request 2 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: calling suffix (rlm_realm) for request 2 Thu Apr 7 08:56:59 2005 : Debug: rlm_realm: No '@' in User-Name = "uhofacker", looking up realm NULL Thu Apr 7 08:56:59 2005 : Debug: rlm_realm: No such realm "NULL" Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: returned from suffix (rlm_realm) for request 2 Thu Apr 7 08:56:59 2005 : Debug: modcall[authorize]: module "suffix" returns noop for request 2 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: calling eap (rlm_eap) for request 2 Thu Apr 7 08:56:59 2005 : Debug: rlm_eap: EAP packet type response id 2 length 100 Thu Apr 7 08:56:59 2005 : Debug: rlm_eap: No EAP Start, assuming it's an on-going EAP conversation Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: returned from eap (rlm_eap) for request 2 Thu Apr 7 08:56:59 2005 : Debug: modcall[authorize]: module "eap" returns updated for request 2 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: calling files (rlm_files) for request 2 Thu Apr 7 08:56:59 2005 : Debug: users: Matched entry uhofacker at line 3658 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: returned from files (rlm_files) for request 2 Thu Apr 7 08:56:59 2005 : Debug: modcall[authorize]: module "files" returns ok for request 2 Thu Apr 7 08:56:59 2005 : Debug: modcall: group authorize returns updated for request 2 Thu Apr 7 08:56:59 2005 : Debug: rad_check_password: Found Auth-Type EAP Thu Apr 7 08:56:59 2005 : Debug: auth: type "EAP" Thu Apr 7 08:56:59 2005 : Debug: Processing the authenticate section of radiusd.conf Thu Apr 7 08:56:59 2005 : Debug: modcall: entering group authenticate for request 2 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authenticate]: calling eap (rlm_eap) for request 2 Thu Apr 7 08:56:59 2005 : Debug: rlm_eap: Request found, released from the list Thu Apr 7 08:56:59 2005 : Debug: rlm_eap: EAP/peap Thu Apr 7 08:56:59 2005 : Debug: rlm_eap: processing type peap Thu Apr 7 08:56:59 2005 : Debug: rlm_eap_peap: Authenticate Thu Apr 7 08:56:59 2005 : Debug: rlm_eap_tls: processing TLS Thu Apr 7 08:56:59 2005 : Info: rlm_eap_tls: Length Included Thu Apr 7 08:56:59 2005 : Debug: eaptls_verify returned 11 Thu Apr 7 08:56:59 2005 : Info: (other): before/accept initialization Thu Apr 7 08:56:59 2005 : Info: TLS_accept: before/accept initialization Thu Apr 7 08:56:59 2005 : Debug: rlm_eap_tls: <<< TLS 1.0 Handshake [length 0055], ClientHello Thu Apr 7 08:56:59 2005 : Info: TLS_accept: SSLv3 read client hello A Thu Apr 7 08:56:59 2005 : Debug: rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello Thu Apr 7 08:56:59 2005 : Info: TLS_accept: SSLv3 write server hello A Thu Apr 7 08:56:59 2005 : Debug: rlm_eap_tls: >>> TLS 1.0 Handshake [length 06aa], Certificate Thu Apr 7 08:56:59 2005 : Info: TLS_accept: SSLv3 write certificate A Thu Apr 7 08:56:59 2005 : Debug: rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone Thu Apr 7 08:56:59 2005 : Info: TLS_accept: SSLv3 write server done A Thu Apr 7 08:56:59 2005 : Info: TLS_accept: SSLv3 flush data Thu Apr 7 08:56:59 2005 : Error: TLS_accept:error in SSLv3 read client certificate A Thu Apr 7 08:56:59 2005 : Debug: In SSL Handshake Phase Thu Apr 7 08:56:59 2005 : Debug: In SSL Accept mode Thu Apr 7 08:56:59 2005 : Debug: eaptls_process returned 13 Thu Apr 7 08:56:59 2005 : Debug: rlm_eap_peap: EAPTLS_HANDLED Thu Apr 7 08:56:59 2005 : Debug: modsingle[authenticate]: returned from eap (rlm_eap) for request 2 Thu Apr 7 08:56:59 2005 : Debug: modcall[authenticate]: module "eap" returns handled for request 2 Thu Apr 7 08:56:59 2005 : Debug: modcall: group authenticate returns handled for request 2 Sending Access-Challenge of id 251 to 10.162.210.11:21670 Service-Type = Framed-User Framed-IP-Address = 255.255.255.255 Framed-Routing = Broadcast-Listen Framed-MTU = 1500 Framed-Compression = Van-Jacobson-TCP-IP EAP-Message = 0x0103040a19c000000707160301004a0200004603014254d9bb3bb7c80c19aca3dc8ed6830b 46f7a795f4ca6eb40c07f2b425a97c2920d058fedfd7c0c52f81e056519543ca72cc0f1a2f80 87c9b667c06ac9e6128678000a0016030106aa0b0006a60006a30002d5308202d13082023aa0 03020102020102300d06092a864886f70d01010405003081a3310b3009060355040613024445 310e300c06035504081305626164656e31123010060355040713096865696c62726f6e6e310e 300c060355040a130561746d656c3120301e060355040b1317776f6f6473746f636b2e686e6f 2e61746d656c2e636f6d311b301906035504031312436c69656e EAP-Message = 0x742063657274696669636174653121301f06092a864886f70d0109011612636c69656e7440 6578616d706c652e636f6d301e170d3035303430343134303231395a170d3036303430343134 303231395a30819f310b3009060355040613024445310e300c06035504081305626164656e31 123010060355040713096865696c62726f6e6e310e300c060355040a130561746d656c312030 1e060355040b1317776f6f6473746f636b2e686e6f2e61746d656c2e636f6d31193017060355 04031310526f6f74206365727469666963617465311f301d06092a864886f70d010901161072 6f6f74406578616d706c652e636f6d30819f300d06092a864886 EAP-Message = 0xf70d010101050003818d0030818902818100e483366ede5728f55304fb8d936e93ec6d631a a80aaf18cc6acd453424429a379a30eea4e2b4c153513f049b9c2ffd2d0df59e5066ea7c66c9 cc1fd8d1f3435e8286c2a0c19000c19200c00435220c3c7bccaf8424a7b60ca36e6b4c575039 6c5c17c558ac9c19ac99c5a0563d2f007c858fef0d7d4aa2f953beb9032f9f90410203010001 a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d010104 05000381810002ffcfacdc063e117ca67057532816b078760c77972fb4c9f26a12e86dc30c97 7f1230dcfc7782652ec0bf0e81b6d2c5b189448b41e41dcd634f EAP-Message = 0xdda13a5eb2953e1c743ecf79cfa252f2cc59001eefcde0f9f3f1ee3ce7fecc47f93257bb27 411f9d32607a7a5506d7b565a9a0c69cd273f426977f8fd8d70bd96ef61e3ae7170003c83082 03c43082032da003020102020100300d06092a864886f70d01010405003081a3310b30090603 55040613024445310e300c06035504081305626164656e31123010060355040713096865696c 62726f6e6e310e300c060355040a130561746d656c3120301e060355040b1317776f6f647374 6f636b2e686e6f2e61746d656c2e636f6d311b301906035504031312436c69656e7420636572 74696669636174653121301f06092a864886f70d010901161263 EAP-Message = 0x6c69656e74406578616d706c652e636f6d301e170d30 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x9e98633d843a99f3a8fbda0b0fcfb077 Thu Apr 7 08:56:59 2005 : Debug: Finished request 2 Thu Apr 7 08:56:59 2005 : Debug: Going to the next request Thu Apr 7 08:56:59 2005 : Debug: Thread 3 waiting to be assigned a request rad_recv: Access-Request packet from host 10.162.210.11:21670, id=252, length=146 Thu Apr 7 08:56:59 2005 : Debug: Waking up in 31 seconds... Thu Apr 7 08:56:59 2005 : Debug: Thread 4 got semaphore Thu Apr 7 08:56:59 2005 : Debug: Thread 4 handling request 3, (1 handled so far) User-Name = "uhofacker" Framed-MTU = 1400 Called-Station-Id = "0013.1a90.bf00" Calling-Station-Id = "0040.96a4.679e" Service-Type = Login-User Message-Authenticator = 0x5ed7f7ab73520c56cd2b0c0438a661af EAP-Message = 0x020300061900 NAS-Port-Type = Wireless-802.11 NAS-Port = 6857 State = 0x9e98633d843a99f3a8fbda0b0fcfb077 NAS-IP-Address = 10.162.210.11 NAS-Identifier = "ap011hn" Thu Apr 7 08:56:59 2005 : Debug: Processing the authorize section of radiusd.conf Thu Apr 7 08:56:59 2005 : Debug: modcall: entering group authorize for request 3 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: calling preprocess (rlm_preprocess) for request 3 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 3 Thu Apr 7 08:56:59 2005 : Debug: modcall[authorize]: module "preprocess" returns ok for request 3 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: calling mschap (rlm_mschap) for request 3 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: returned from mschap (rlm_mschap) for request 3 Thu Apr 7 08:56:59 2005 : Debug: modcall[authorize]: module "mschap" returns noop for request 3 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: calling suffix (rlm_realm) for request 3 Thu Apr 7 08:56:59 2005 : Debug: rlm_realm: No '@' in User-Name = "uhofacker", looking up realm NULL Thu Apr 7 08:56:59 2005 : Debug: rlm_realm: No such realm "NULL" Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: returned from suffix (rlm_realm) for request 3 Thu Apr 7 08:56:59 2005 : Debug: modcall[authorize]: module "suffix" returns noop for request 3 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: calling eap (rlm_eap) for request 3 Thu Apr 7 08:56:59 2005 : Debug: rlm_eap: EAP packet type response id 3 length 6 Thu Apr 7 08:56:59 2005 : Debug: rlm_eap: No EAP Start, assuming it's an on-going EAP conversation Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: returned from eap (rlm_eap) for request 3 Thu Apr 7 08:56:59 2005 : Debug: modcall[authorize]: module "eap" returns updated for request 3 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: calling files (rlm_files) for request 3 Thu Apr 7 08:56:59 2005 : Debug: users: Matched entry uhofacker at line 3658 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: returned from files (rlm_files) for request 3 Thu Apr 7 08:56:59 2005 : Debug: modcall[authorize]: module "files" returns ok for request 3 Thu Apr 7 08:56:59 2005 : Debug: modcall: group authorize returns updated for request 3 Thu Apr 7 08:56:59 2005 : Debug: rad_check_password: Found Auth-Type EAP Thu Apr 7 08:56:59 2005 : Debug: auth: type "EAP" Thu Apr 7 08:56:59 2005 : Debug: Processing the authenticate section of radiusd.conf Thu Apr 7 08:56:59 2005 : Debug: modcall: entering group authenticate for request 3 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authenticate]: calling eap (rlm_eap) for request 3 Thu Apr 7 08:56:59 2005 : Debug: rlm_eap: Request found, released from the list Thu Apr 7 08:56:59 2005 : Debug: rlm_eap: EAP/peap Thu Apr 7 08:56:59 2005 : Debug: rlm_eap: processing type peap Thu Apr 7 08:56:59 2005 : Debug: rlm_eap_peap: Authenticate Thu Apr 7 08:56:59 2005 : Debug: rlm_eap_tls: processing TLS Thu Apr 7 08:56:59 2005 : Info: rlm_eap_tls: Received EAP-TLS ACK message Thu Apr 7 08:56:59 2005 : Debug: rlm_eap_tls: ack handshake fragment handler Thu Apr 7 08:56:59 2005 : Debug: eaptls_verify returned 1 Thu Apr 7 08:56:59 2005 : Debug: eaptls_process returned 13 Thu Apr 7 08:56:59 2005 : Debug: rlm_eap_peap: EAPTLS_HANDLED Thu Apr 7 08:56:59 2005 : Debug: modsingle[authenticate]: returned from eap (rlm_eap) for request 3 Thu Apr 7 08:56:59 2005 : Debug: modcall[authenticate]: module "eap" returns handled for request 3 Thu Apr 7 08:56:59 2005 : Debug: modcall: group authenticate returns handled for request 3 Sending Access-Challenge of id 252 to 10.162.210.11:21670 Service-Type = Framed-User Framed-IP-Address = 255.255.255.255 Framed-Routing = Broadcast-Listen Framed-MTU = 1500 Framed-Compression = Van-Jacobson-TCP-IP EAP-Message = 0x0104030d190035303430343134313633365a170d3037303430343134313633365a3081a331 0b3009060355040613024445310e300c06035504081305626164656e31123010060355040713 096865696c62726f6e6e310e300c060355040a130561746d656c3120301e060355040b131777 6f6f6473746f636b2e686e6f2e61746d656c2e636f6d311b301906035504031312436c69656e 742063657274696669636174653121301f06092a864886f70d0109011612636c69656e744065 78616d706c652e636f6d30819f300d06092a864886f70d010101050003818d00308189028181 00b0c8e9839853f506ece6bb46a598f8b20f61e5f96fd4ec9a19 EAP-Message = 0x738afef939725f5d987adfa5a4d7ec8f4ceb3c491897e3dd3ac11fa8b832fea4f5b13c2f75 be995cce30014aadeb600a5a20e31b899208c6d9a5fdc137fd29c1a4033681bc016964d08f02 7ab7de5e0126f68aa37ff044c3868ef09a2b35bec629f6217a97c8270203010001a382010430 820100301d0603551d0e04160414ea34a6a08545c045f73e2f4c27b8415f859afd223081d006 03551d230481c83081c58014ea34a6a08545c045f73e2f4c27b8415f859afd22a181a9a481a6 3081a3310b3009060355040613024445310e300c06035504081305626164656e311230100603 55040713096865696c62726f6e6e310e300c060355040a130561 EAP-Message = 0x746d656c3120301e060355040b1317776f6f6473746f636b2e686e6f2e61746d656c2e636f 6d311b301906035504031312436c69656e742063657274696669636174653121301f06092a86 4886f70d0109011612636c69656e74406578616d706c652e636f6d820100300c0603551d1304 0530030101ff300d06092a864886f70d0101040500038181009a8be2b5cba99ceb16a3d97942 98461b25befb535ccaeb1f9d7707229bb59140f302163465bdf524ec3bbf9b2933362b59a950 5fe35d1a6c6827f3296dd143073492345d2d5971a1ffe63a9e0e4104f86895f9ed08b7a8912a 977e2b3aad1dd262ac45297554a7bc280848e71cd5e3ebd0e2a4 EAP-Message = 0xecf3f7d408c5f3766665cc749b16030100040e000000 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xbc6e0a8e5a14907d43501ee2bbe55707 Thu Apr 7 08:56:59 2005 : Debug: Finished request 3 Thu Apr 7 08:56:59 2005 : Debug: Going to the next request Thu Apr 7 08:56:59 2005 : Debug: Thread 4 waiting to be assigned a request rad_recv: Access-Request packet from host 10.162.210.11:21670, id=253, length=157 Thu Apr 7 08:56:59 2005 : Debug: Waking up in 31 seconds... Thu Apr 7 08:56:59 2005 : Debug: Thread 5 got semaphore Thu Apr 7 08:56:59 2005 : Debug: Thread 5 handling request 4, (1 handled so far) User-Name = "uhofacker" Framed-MTU = 1400 Called-Station-Id = "0013.1a90.bf00" Calling-Station-Id = "0040.96a4.679e" Service-Type = Login-User Message-Authenticator = 0x6c2c0a862e06ece51394e3a6dcfa055d EAP-Message = 0x0204001119800000000715030100020230 NAS-Port-Type = Wireless-802.11 NAS-Port = 6857 State = 0xbc6e0a8e5a14907d43501ee2bbe55707 NAS-IP-Address = 10.162.210.11 NAS-Identifier = "ap011hn" Thu Apr 7 08:56:59 2005 : Debug: Processing the authorize section of radiusd.conf Thu Apr 7 08:56:59 2005 : Debug: modcall: entering group authorize for request 4 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: calling preprocess (rlm_preprocess) for request 4 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 4 Thu Apr 7 08:56:59 2005 : Debug: modcall[authorize]: module "preprocess" returns ok for request 4 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: calling mschap (rlm_mschap) for request 4 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: returned from mschap (rlm_mschap) for request 4 Thu Apr 7 08:56:59 2005 : Debug: modcall[authorize]: module "mschap" returns noop for request 4 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: calling suffix (rlm_realm) for request 4 Thu Apr 7 08:56:59 2005 : Debug: rlm_realm: No '@' in User-Name = "uhofacker", looking up realm NULL Thu Apr 7 08:56:59 2005 : Debug: rlm_realm: No such realm "NULL" Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: returned from suffix (rlm_realm) for request 4 Thu Apr 7 08:56:59 2005 : Debug: modcall[authorize]: module "suffix" returns noop for request 4 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: calling eap (rlm_eap) for request 4 Thu Apr 7 08:56:59 2005 : Debug: rlm_eap: EAP packet type response id 4 length 17 Thu Apr 7 08:56:59 2005 : Debug: rlm_eap: No EAP Start, assuming it's an on-going EAP conversation Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: returned from eap (rlm_eap) for request 4 Thu Apr 7 08:56:59 2005 : Debug: modcall[authorize]: module "eap" returns updated for request 4 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: calling files (rlm_files) for request 4 Thu Apr 7 08:56:59 2005 : Debug: users: Matched entry uhofacker at line 3658 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authorize]: returned from files (rlm_files) for request 4 Thu Apr 7 08:56:59 2005 : Debug: modcall[authorize]: module "files" returns ok for request 4 Thu Apr 7 08:56:59 2005 : Debug: modcall: group authorize returns updated for request 4 Thu Apr 7 08:56:59 2005 : Debug: rad_check_password: Found Auth-Type EAP Thu Apr 7 08:56:59 2005 : Debug: auth: type "EAP" Thu Apr 7 08:56:59 2005 : Debug: Processing the authenticate section of radiusd.conf Thu Apr 7 08:56:59 2005 : Debug: modcall: entering group authenticate for request 4 Thu Apr 7 08:56:59 2005 : Debug: modsingle[authenticate]: calling eap (rlm_eap) for request 4 Thu Apr 7 08:56:59 2005 : Debug: rlm_eap: Request found, released from the list Thu Apr 7 08:56:59 2005 : Debug: rlm_eap: EAP/peap Thu Apr 7 08:56:59 2005 : Debug: rlm_eap: processing type peap Thu Apr 7 08:56:59 2005 : Debug: rlm_eap_peap: Authenticate Thu Apr 7 08:56:59 2005 : Debug: rlm_eap_tls: processing TLS Thu Apr 7 08:56:59 2005 : Info: rlm_eap_tls: Length Included Thu Apr 7 08:56:59 2005 : Debug: eaptls_verify returned 11 Thu Apr 7 08:56:59 2005 : Debug: rlm_eap_tls: <<< TLS 1.0 Alert [length 0002], fatal unknown_ca Thu Apr 7 08:56:59 2005 : Error: TLS Alert read:fatal:unknown CA Thu Apr 7 08:56:59 2005 : Error: TLS_accept:failed in SSLv3 read client certificate A 23398:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1052:SSL alert number 48 23398:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:837: Thu Apr 7 08:56:59 2005 : Error: rlm_eap_tls: SSL_read failed in a system call (-1), TLS session fails. Thu Apr 7 08:56:59 2005 : Debug: In SSL Handshake Phase Thu Apr 7 08:56:59 2005 : Debug: In SSL Accept mode Thu Apr 7 08:56:59 2005 : Error: rlm_eap_tls: BIO_read failed in a system call (-1), TLS session fails. Thu Apr 7 08:56:59 2005 : Debug: eaptls_process returned 13 Thu Apr 7 08:56:59 2005 : Debug: rlm_eap_peap: EAPTLS_HANDLED Thu Apr 7 08:56:59 2005 : Debug: rlm_eap: Freeing handler Thu Apr 7 08:56:59 2005 : Debug: modsingle[authenticate]: returned from eap (rlm_eap) for request 4 Thu Apr 7 08:56:59 2005 : Debug: modcall[authenticate]: module "eap" returns reject for request 4 Thu Apr 7 08:56:59 2005 : Debug: modcall: group authenticate returns reject for request 4 Thu Apr 7 08:56:59 2005 : Debug: auth: Failed to validate the user. Thu Apr 7 08:56:59 2005 : Debug: Delaying request 4 for 1 seconds Thu Apr 7 08:56:59 2005 : Debug: Finished request 4 Thu Apr 7 08:56:59 2005 : Debug: Going to the next request Thu Apr 7 08:56:59 2005 : Debug: Thread 5 waiting to be assigned a request Result : authenticate does'nt work. Find nothing in google Some idea's ? U. Hofacker ATMEL Germany GmbH System Management - IT Operations Germany - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html