but it still works with '==', why?
You didn't post debug logs showing it working. I suspect it doesn't.
OK. Logs are here. User typed 'Jan Nowak' in Identity field, but in my
database there is UserName='jnovak'.
This log was generated when I have '==' in radcheck table.
There are 9 Access-Request packets (always 9):
rad_recv: Access-Request packet from host 10.10.10.120:3072, id=172,
length=185
User-Name = "Jan Nowak"
NAS-IP-Address = 10.10.10.120
NAS-Port = 0
Called-Station-Id = "00304f410101"
Calling-Station-Id = "000e2e740202"
NAS-Identifier = "Realtek Access Point. 8181"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Service-Type = Framed-User
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x02000013014d61726975737a20426f63687261
Message-Authenticator = 0xe12c581fdff458cd955c5e8227772a94
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 9453
modcall[authorize]: module "preprocess" returns ok for request 9453
radius_xlat:
'/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to
/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317
modcall[authorize]: module "auth_log" returns ok for request 9453
modcall[authorize]: module "chap" returns noop for request 9453
modcall[authorize]: module "mschap" returns noop for request 9453
rlm_realm: No '@' in User-Name = "Jan Nowak", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 9453
rlm_eap: EAP packet type response id 0 length 19
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 9453
modcall[authorize]: module "files" returns notfound for request 9453
radius_xlat: 'Jan Nowak'
rlm_sql (sql): sql_set_user escaped user --> 'Jan Nowak'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radcheck WHERE Username = 'Jan Nowak' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql (sql): User Jan Nowak not found in radcheck
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'Jan Nowak' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'Jan Nowak' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): User Jan Nowak not found in radgroupcheck
rlm_sql (sql): Released sql socket id: 4
rlm_sql (sql): User not found
modcall[authorize]: module "sql" returns notfound for request 9453
modcall: leaving group authorize (returns updated) for request 9453
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 9453
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
modcall[authenticate]: module "eap" returns handled for request 9453
modcall: leaving group authenticate (returns handled) for request 9453
Sending Access-Challenge of id 172 to 10.10.10.120 port 3072
EAP-Message = 0x010100061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xa5d902c4e64ab1f874fa7be83778e61e
Finished request 9453
Going to the next request
--- Walking the entire request list ---
Waking up in 3 seconds...
rad_recv: Access-Request packet from host 10.10.10.120:3072, id=173,
length=284
User-Name = "Jan Nowak"
NAS-IP-Address = 10.10.10.120
NAS-Port = 0
Called-Station-Id = "00304f410101"
Calling-Station-Id = "000e2e740202"
NAS-Identifier = "Realtek Access Point. 8181"
NAS-Port-Type = Wireless-802.11
Service-Type = Framed-User
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message =
0x0201006a198000000060160301005b010000570301441b3c365de4870d0aa728036bbb3241beb94a4454df3e953c70b8543976c17800003000390038003500160013000a00330032002f0066000500040065006400630062006000150012000900140011000800030100
State = 0xa5d902c4e64ab1f874fa7be83778e61e
Message-Authenticator = 0xa2f42db50764094ad6cf90bd7b6c3484
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 9454
modcall[authorize]: module "preprocess" returns ok for request 9454
radius_xlat:
'/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to
/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317
modcall[authorize]: module "auth_log" returns ok for request 9454
modcall[authorize]: module "chap" returns noop for request 9454
modcall[authorize]: module "mschap" returns noop for request 9454
rlm_realm: No '@' in User-Name = "Jan Nowak", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 9454
rlm_eap: EAP packet type response id 1 length 106
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 9454
modcall[authorize]: module "files" returns notfound for request 9454
radius_xlat: 'Jan Nowak'
rlm_sql (sql): sql_set_user escaped user --> 'Jan Nowak'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radcheck WHERE Username = 'Jan Nowak' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql (sql): User Jan Nowak not found in radcheck
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'Jan Nowak' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'Jan Nowak' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): User Jan Nowak not found in radgroupcheck
rlm_sql (sql): Released sql socket id: 3
rlm_sql (sql): User not found
modcall[authorize]: module "sql" returns notfound for request 9454
modcall: leaving group authorize (returns updated) for request 9454
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 9454
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
(other): before/accept initialization
TLS_accept: before/accept initialization
rlm_eap_tls: <<< TLS 1.0 Handshake [length 005b], ClientHello
TLS_accept: SSLv3 read client hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
TLS_accept: SSLv3 write server hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 05c2], Certificate
TLS_accept: SSLv3 write certificate A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
TLS_accept: SSLv3 write server done A
TLS_accept: SSLv3 flush data
TLS_accept:error in SSLv3 read client certificate A
In SSL Handshake Phase
In SSL Accept mode
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 9454
modcall: leaving group authenticate (returns handled) for request 9454
Sending Access-Challenge of id 173 to 10.10.10.120 port 3072
EAP-Message =
0x0102040a19c00000061f160301004a020000460301441b3c8a09a768656cc8b18679ddde800cf69824f2ff21174a806fdf90524bae20705a153e92631a2faefae233c6f6ba484b654b4334523215e1c66bb00b8c112b00350016030105c20b0005be0005bb00027d30820279308201e2a003020102020106300d06092a864886f70d01010505003070310b300906035504061302504c310f300d0603550408130650756c617779310f300d0603550407130650756c617779310f300d060355040a130643656c706f6c310f300d0603550403130643656c706f6c311d301b06092a864886f70d010901160e696e666f4063656c706f6c2e706c301e170d
EAP-Message =
0x3036303230383136303835365a170d3037303230383136303835365a307c310b300906035504061302504c310f300d0603550408130650756c617779310f300d0603550407130650756c617779310f300d060355040a130643656c706f6c3119301706035504031310526f6f74206365727469666963617465311f301d06092a864886f70d0109011610726f6f74406578616d706c652e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100ebeb0db2d95e9d54a40db86f4fafa7aaa6a8e7a75181742c25d6c0f2117bb200f547fca9a00d338ad20d216471aff05550cb29e5e7c7b277856a4ec02893b332ca2520dde6cf
EAP-Message =
0x677f98d92fd5e2e8f66327d8f4a0d87a7439fcceb82bd0bf13a97bd750e51731af6353b6db2e1a9f7af0696846b7b3f56988886c64734e022a590203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d0101050500038181006f20918ccc91f8537e50000d363d8bbf338547236c25a5cd63bea4c988af28528d3facc091eba2a40b50f21ce46900983cc2c600c73e4e432ef2620b8afe0b790144b574c949a7edf263de59097ca5f2a31845920d001e3653a214b89362eee7892c80a33f9e207960a03ca0eb5f1eff01306ad6813c9967582c18a78bd715e8000338308203343082029da0030201020209
EAP-Message =
0x008508d88838ca3017300d06092a864886f70d01010505003070310b300906035504061302504c310f300d0603550408130650756c617779310f300d0603550407130650756c617779310f300d060355040a130643656c706f6c310f300d0603550403130643656c706f6c311d301b06092a864886f70d010901160e696e666f4063656c706f6c2e706c301e170d3036303230383136303835355a170d3136303230383136303835355a3070310b300906035504061302504c310f300d0603550408130650756c617779310f300d0603550407130650756c617779310f300d060355040a130643656c706f6c310f300d0603550403130643656c706f6c
EAP-Message = 0x311d301b06092a864886f70d010901160e696e666f40
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x39bc601df9e4a78007d463f02d64bc8b
Finished request 9454
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
rad_recv: Access-Request packet from host 10.10.10.120:3072, id=174,
length=184
User-Name = "Jan Nowak"
NAS-IP-Address = 10.10.10.120
NAS-Port = 0
Called-Station-Id = "00304f410101"
Calling-Station-Id = "000e2e740202"
NAS-Identifier = "Realtek Access Point. 8181"
NAS-Port-Type = Wireless-802.11
Service-Type = Framed-User
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020200061900
State = 0x39bc601df9e4a78007d463f02d64bc8b
Message-Authenticator = 0xbdde1e97a46552df02cc8539ef9b73f0
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 9455
modcall[authorize]: module "preprocess" returns ok for request 9455
radius_xlat:
'/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to
/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317
modcall[authorize]: module "auth_log" returns ok for request 9455
modcall[authorize]: module "chap" returns noop for request 9455
modcall[authorize]: module "mschap" returns noop for request 9455
rlm_realm: No '@' in User-Name = "Jan Nowak", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 9455
rlm_eap: EAP packet type response id 2 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 9455
modcall[authorize]: module "files" returns notfound for request 9455
radius_xlat: 'Jan Nowak'
rlm_sql (sql): sql_set_user escaped user --> 'Jan Nowak'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radcheck WHERE Username = 'Jan Nowak' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 2
rlm_sql (sql): User Jan Nowak not found in radcheck
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'Jan Nowak' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'Jan Nowak' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): User Jan Nowak not found in radgroupcheck
rlm_sql (sql): Released sql socket id: 2
rlm_sql (sql): User not found
modcall[authorize]: module "sql" returns notfound for request 9455
modcall: leaving group authorize (returns updated) for request 9455
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 9455
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 9455
modcall: leaving group authenticate (returns handled) for request 9455
Sending Access-Challenge of id 174 to 10.10.10.120 port 3072
EAP-Message =
0x01030225190063656c706f6c2e706c30819f300d06092a864886f70d010101050003818d0030818902818100c6a272deb4e88d4fd091d201eb153463f3bd9d8015ed90360716b033653057a27c3d3a8a840d1f726b5360507c9ab3cb5ff08b8315bee6dbc02e3434bafc38f793ee8d82b8c15ddcf2dfa78dcdf95704ceb8ce36ef2d0b0562ce7c88222b365ce3cfc40ad861f3ef02055c093c65d6812678adc00e089617f4189fe108f389d90203010001a381d53081d2301d0603551d0e041604145d45399694ebd5b9cdf7bd6b27a5b418f88413c13081a20603551d2304819a30819780145d45399694ebd5b9cdf7bd6b27a5b418f88413c1a174a4
EAP-Message =
0x723070310b300906035504061302504c310f300d0603550408130650756c617779310f300d0603550407130650756c617779310f300d060355040a130643656c706f6c310f300d0603550403130643656c706f6c311d301b06092a864886f70d010901160e696e666f4063656c706f6c2e706c8209008508d88838ca3017300c0603551d13040530030101ff300d06092a864886f70d01010505000381810012bc30f40f58289abe69e7374fe8ea10654d0aa787eb2bdc75a9cfc84a3f5c9952352891a0066825fafc39d5d08b17bf2c0a54abf532ae0d4792bfe6b6d4679ec7755f33e6684cff5493382a54fb9a6a1c37a43305d5e97d01c250110345
EAP-Message =
0x8f64217513a840d631791e07033eeda981df532b1763f5f87b9f317567435f6744ae16030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x6c9fce16240772070594508206d342ea
Finished request 9455
Going to the next request
Cleaning up request 9453 ID 172 with timestamp 441b3c88
Waking up in 1 seconds...
rad_recv: Access-Request packet from host 10.10.10.120:3072, id=175,
length=386
User-Name = "Jan Nowak"
NAS-IP-Address = 10.10.10.120
NAS-Port = 0
Called-Station-Id = "00304f410101"
Calling-Station-Id = "000e2e740202"
NAS-Identifier = "Realtek Access Point. 8181"
NAS-Port-Type = Wireless-802.11
Service-Type = Framed-User
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message =
0x020300d01980000000c6160301008610000082008034a4f389ddbdd9aced47fcfa2641368883f421cd3a27d949beb6f276a1ff80ed701ca6c162bb045d96c48500a396b932c9a339f9acb89e02114990de2158a146a04d8870701947b3a521c6079ea729b8bd0ea4d3f108e48d61303564d17c3a98ee44d1a0c214ec630fd613086980216ec4484a6709e88dd859f302c5cfe8b34c140301000101160301003059bee7596974bc04d86dff8874981c8a9ee9c293484236e3b9d27af08c941e529bd39298734f0e5bf6137f7f409a15e3
State = 0x6c9fce16240772070594508206d342ea
Message-Authenticator = 0x9992ae79a46b3e5e68ca932f3fac5102
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 9456
modcall[authorize]: module "preprocess" returns ok for request 9456
radius_xlat:
'/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to
/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317
modcall[authorize]: module "auth_log" returns ok for request 9456
modcall[authorize]: module "chap" returns noop for request 9456
modcall[authorize]: module "mschap" returns noop for request 9456
rlm_realm: No '@' in User-Name = "Jan Nowak", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 9456
rlm_eap: EAP packet type response id 3 length 208
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 9456
modcall[authorize]: module "files" returns notfound for request 9456
radius_xlat: 'Jan Nowak'
rlm_sql (sql): sql_set_user escaped user --> 'Jan Nowak'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radcheck WHERE Username = 'Jan Nowak' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 1
rlm_sql (sql): User Jan Nowak not found in radcheck
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'Jan Nowak' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'Jan Nowak' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): User Jan Nowak not found in radgroupcheck
rlm_sql (sql): Released sql socket id: 1
rlm_sql (sql): User not found
modcall[authorize]: module "sql" returns notfound for request 9456
modcall: leaving group authorize (returns updated) for request 9456
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 9456
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
TLS_accept: SSLv3 read client key exchange A
rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001]
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 read finished A
rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001]
TLS_accept: SSLv3 write change cipher spec A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 write finished A
TLS_accept: SSLv3 flush data
(other): SSL negotiation finished successfully
SSL Connection Established
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
modcall[authenticate]: module "eap" returns handled for request 9456
modcall: leaving group authenticate (returns handled) for request 9456
Sending Access-Challenge of id 175 to 10.10.10.120 port 3072
EAP-Message =
0x0104004119001403010001011603010030a2f7faa3fbebc41632ed2e335484845b0b28e35e7079546689712be59f70f7eb6bb4a7b279b996c3246c1dec798cabef
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xa636d37307db295290e7df7739d79677
Finished request 9456
Going to the next request
--- Walking the entire request list ---
Waking up in 2 seconds...
rad_recv: Access-Request packet from host 10.10.10.120:3072, id=176,
length=184
User-Name = "Jan Nowak"
NAS-IP-Address = 10.10.10.120
NAS-Port = 0
Called-Station-Id = "00304f410101"
Calling-Station-Id = "000e2e740202"
NAS-Identifier = "Realtek Access Point. 8181"
NAS-Port-Type = Wireless-802.11
Service-Type = Framed-User
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020400061900
State = 0xa636d37307db295290e7df7739d79677
Message-Authenticator = 0xfceece1ee08078c131ae49f1db6449f9
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 9457
modcall[authorize]: module "preprocess" returns ok for request 9457
radius_xlat:
'/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to
/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317
modcall[authorize]: module "auth_log" returns ok for request 9457
modcall[authorize]: module "chap" returns noop for request 9457
modcall[authorize]: module "mschap" returns noop for request 9457
rlm_realm: No '@' in User-Name = "Jan Nowak", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 9457
rlm_eap: EAP packet type response id 4 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 9457
modcall[authorize]: module "files" returns notfound for request 9457
radius_xlat: 'Jan Nowak'
rlm_sql (sql): sql_set_user escaped user --> 'Jan Nowak'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radcheck WHERE Username = 'Jan Nowak' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 0
rlm_sql (sql): User Jan Nowak not found in radcheck
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'Jan Nowak' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'Jan Nowak' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): User Jan Nowak not found in radgroupcheck
rlm_sql (sql): Released sql socket id: 0
rlm_sql (sql): User not found
modcall[authorize]: module "sql" returns notfound for request 9457
modcall: leaving group authorize (returns updated) for request 9457
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 9457
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake is finished
eaptls_verify returned 3
eaptls_process returned 3
rlm_eap_peap: EAPTLS_SUCCESS
modcall[authenticate]: module "eap" returns handled for request 9457
modcall: leaving group authenticate (returns handled) for request 9457
Sending Access-Challenge of id 176 to 10.10.10.120 port 3072
EAP-Message =
0x0105005019001703010020bd830fbec3a1c307909e7422327b1aebff1cb58d781b4feaac2482a3f256fa4e1703010020ad704bf0795f035099a7a0538da3c0338afaaaf4fafd4362c4d448786e0ab514
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xe7f4493ca439636cb18339943bbc97eb
Finished request 9457
Going to the next request
Waking up in 2 seconds...
rad_recv: Access-Request packet from host 10.10.10.120:3072, id=177,
length=258
User-Name = "Jan Nowak"
NAS-IP-Address = 10.10.10.120
NAS-Port = 0
Called-Station-Id = "00304f410101"
Calling-Station-Id = "000e2e740202"
NAS-Identifier = "Realtek Access Point. 8181"
NAS-Port-Type = Wireless-802.11
Service-Type = Framed-User
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message =
0x0205005019001703010020d18e6483f879255c064ed23ac9a78ec7117545a359498d17c554bd3c304748eb17030100209b5f644be27b277f0b531d0b1acfa898620711d83364491306265248a4991fde
State = 0xe7f4493ca439636cb18339943bbc97eb
Message-Authenticator = 0x143e2a227b53ccee2c8d2c3d04e7cad2
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 9458
modcall[authorize]: module "preprocess" returns ok for request 9458
radius_xlat:
'/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to
/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317
modcall[authorize]: module "auth_log" returns ok for request 9458
modcall[authorize]: module "chap" returns noop for request 9458
modcall[authorize]: module "mschap" returns noop for request 9458
rlm_realm: No '@' in User-Name = "Jan Nowak", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 9458
rlm_eap: EAP packet type response id 5 length 80
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 9458
modcall[authorize]: module "files" returns notfound for request 9458
radius_xlat: 'Jan Nowak'
rlm_sql (sql): sql_set_user escaped user --> 'Jan Nowak'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radcheck WHERE Username = 'Jan Nowak' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql (sql): User Jan Nowak not found in radcheck
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'Jan Nowak' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'Jan Nowak' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): User Jan Nowak not found in radgroupcheck
rlm_sql (sql): Released sql socket id: 4
rlm_sql (sql): User not found
modcall[authorize]: module "sql" returns notfound for request 9458
modcall: leaving group authorize (returns updated) for request 9458
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 9458
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: Identity - jnovak
rlm_eap_peap: Tunneled data is valid.
PEAP: Got tunneled identity of jnovak
PEAP: Setting default EAP type for tunneled EAP session.
PEAP: Setting User-Name to jnovak
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 9458
modcall[authorize]: module "preprocess" returns ok for request 9458
radius_xlat:
'/usr/local/var/log/radius/radacct/127.0.0.1/auth-detail-20060317'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /usr/local/var/log/radius/radacct/127.0.0.1/auth-detail-20060317
modcall[authorize]: module "auth_log" returns ok for request 9458
modcall[authorize]: module "chap" returns noop for request 9458
modcall[authorize]: module "mschap" returns noop for request 9458
rlm_realm: No '@' in User-Name = "jnovak", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 9458
rlm_eap: EAP packet type response id 5 length 11
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 9458
modcall[authorize]: module "files" returns notfound for request 9458
radius_xlat: 'jnovak'
rlm_sql (sql): sql_set_user escaped user --> 'jnovak'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radcheck WHERE Username = 'jnovak' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 3
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'jnovak' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radreply WHERE Username = 'jnovak' ORDER BY id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'jnovak' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): Released sql socket id: 3
modcall[authorize]: module "sql" returns ok for request 9458
modcall: leaving group authorize (returns updated) for request 9458
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 9458
rlm_eap: EAP Identity
rlm_eap: processing type mschapv2
rlm_eap_mschapv2: Issuing Challenge
modcall[authenticate]: module "eap" returns handled for request 9458
modcall: leaving group authenticate (returns handled) for request 9458
PEAP: Got tunneled Access-Challenge
modcall[authenticate]: module "eap" returns handled for request 9458
modcall: leaving group authenticate (returns handled) for request 9458
Sending Access-Challenge of id 177 to 10.10.10.120 port 3072
EAP-Message =
0x0106007019001703010020e967380a94e405afb2fbdc4c7650dcb48443811739fdd10472f403bd102b7b401703010040bd21e59a5e4278909348c2cb50bdbd896c9b1db1d01e74df01991c329c777e75c6200582537fc3a285ae96a1776cb44be3379b700519ddd3a2821c7665efe620
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xa3a93732efb58f656e2869bdb474a4d9
Finished request 9458
Going to the next request
Waking up in 2 seconds...
rad_recv: Access-Request packet from host 10.10.10.120:3072, id=178,
length=322
User-Name = "Jan Nowak"
NAS-IP-Address = 10.10.10.120
NAS-Port = 0
Called-Station-Id = "00304f410101"
Calling-Station-Id = "000e2e740202"
NAS-Identifier = "Realtek Access Point. 8181"
NAS-Port-Type = Wireless-802.11
Service-Type = Framed-User
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message =
0x02060090190017030100201033c32f606a99453db42109fe6b3f57d4f9b977c9dd2979e6784c310b5a93881703010060af38ac49655fa128a12d32cd747c742f0e8e14c9524b4410f9f4185fc178270a6fd43e218af569d971caee2e13a3e9453a6b3491dd337a2f84968f1839a9ad42e6504a131e49225c38e5bdf111fbe0c4318b054a87d16459ed4a5aa6ba12a25b
State = 0xa3a93732efb58f656e2869bdb474a4d9
Message-Authenticator = 0x8ab6955c72eacc390d4c71af6bdc5368
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 9459
modcall[authorize]: module "preprocess" returns ok for request 9459
radius_xlat:
'/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to
/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317
modcall[authorize]: module "auth_log" returns ok for request 9459
modcall[authorize]: module "chap" returns noop for request 9459
modcall[authorize]: module "mschap" returns noop for request 9459
rlm_realm: No '@' in User-Name = "Jan Nowak", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 9459
rlm_eap: EAP packet type response id 6 length 144
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 9459
modcall[authorize]: module "files" returns notfound for request 9459
radius_xlat: 'Jan Nowak'
rlm_sql (sql): sql_set_user escaped user --> 'Jan Nowak'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radcheck WHERE Username = 'Jan Nowak' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 2
rlm_sql (sql): User Jan Nowak not found in radcheck
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'Jan Nowak' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'Jan Nowak' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): User Jan Nowak not found in radgroupcheck
rlm_sql (sql): Released sql socket id: 2
rlm_sql (sql): User not found
modcall[authorize]: module "sql" returns notfound for request 9459
modcall: leaving group authorize (returns updated) for request 9459
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 9459
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: EAP type mschapv2
rlm_eap_peap: Tunneled data is valid.
PEAP: Setting User-Name to jnovak
PEAP: Adding old state with 5f c5
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 9459
modcall[authorize]: module "preprocess" returns ok for request 9459
radius_xlat:
'/usr/local/var/log/radius/radacct/127.0.0.1/auth-detail-20060317'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /usr/local/var/log/radius/radacct/127.0.0.1/auth-detail-20060317
modcall[authorize]: module "auth_log" returns ok for request 9459
modcall[authorize]: module "chap" returns noop for request 9459
modcall[authorize]: module "mschap" returns noop for request 9459
rlm_realm: No '@' in User-Name = "jnovak", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 9459
rlm_eap: EAP packet type response id 6 length 65
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 9459
modcall[authorize]: module "files" returns notfound for request 9459
radius_xlat: 'jnovak'
rlm_sql (sql): sql_set_user escaped user --> 'jnovak'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radcheck WHERE Username = 'jnovak' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 1
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'jnovak' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radreply WHERE Username = 'jnovak' ORDER BY id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'jnovak' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): Released sql socket id: 1
modcall[authorize]: module "sql" returns ok for request 9459
modcall: leaving group authorize (returns updated) for request 9459
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 9459
rlm_eap: Request found, released from the list
rlm_eap: EAP/mschapv2
rlm_eap: processing type mschapv2
Processing the authenticate section of radiusd.conf
modcall: entering group MS-CHAP for request 9459
rlm_mschap: Told to do MS-CHAPv2 for jnovak with NT-Password
rlm_mschap: adding MS-CHAPv2 MPPE keys
modcall[authenticate]: module "mschap" returns ok for request 9459
modcall: leaving group MS-CHAP (returns ok) for request 9459
MSCHAP Success
modcall[authenticate]: module "eap" returns handled for request 9459
modcall: leaving group authenticate (returns handled) for request 9459
PEAP: Got tunneled Access-Challenge
modcall[authenticate]: module "eap" returns handled for request 9459
modcall: leaving group authenticate (returns handled) for request 9459
Sending Access-Challenge of id 178 to 10.10.10.120 port 3072
EAP-Message =
0x0107008019001703010020a31e64af966a0a07666b89cbf5f270dad3746fde5c04de489cc8dc007f4f5f2517030100506ee1aaf5fdd1035e28d1e17ec8dcd921408131bfad8ec38d169167cedaec28c2e5c9fbd12be70a414f4a46b0f285398e2964aa3da797824508984fb0c18cc28b155b4b27679a762ea7d7af18f6719974
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xf088e70ad7f57009d357e9ec239d3945
Finished request 9459
Going to the next request
Waking up in 2 seconds...
rad_recv: Access-Request packet from host 10.10.10.120:3072, id=179,
length=258
User-Name = "Jan Nowak"
NAS-IP-Address = 10.10.10.120
NAS-Port = 0
Called-Station-Id = "00304f410101"
Calling-Station-Id = "000e2e740202"
NAS-Identifier = "Realtek Access Point. 8181"
NAS-Port-Type = Wireless-802.11
Service-Type = Framed-User
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message =
0x020700501900170301002061953fd7cd6062ed3d060c2217bc6071397eebc0e9200c8f93e5d3e27f8f29001703010020e255fa52030a457dd6187954eb2088e85b15f5f9f7144422bf843a01230384c0
State = 0xf088e70ad7f57009d357e9ec239d3945
Message-Authenticator = 0x5f668992afa71ade1c7e536d70eeaea2
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 9460
modcall[authorize]: module "preprocess" returns ok for request 9460
radius_xlat:
'/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to
/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317
modcall[authorize]: module "auth_log" returns ok for request 9460
modcall[authorize]: module "chap" returns noop for request 9460
modcall[authorize]: module "mschap" returns noop for request 9460
rlm_realm: No '@' in User-Name = "Jan Nowak", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 9460
rlm_eap: EAP packet type response id 7 length 80
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 9460
modcall[authorize]: module "files" returns notfound for request 9460
radius_xlat: 'Jan Nowak'
rlm_sql (sql): sql_set_user escaped user --> 'Jan Nowak'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radcheck WHERE Username = 'Jan Nowak' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 0
rlm_sql (sql): User Jan Nowak not found in radcheck
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'Jan Nowak' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'Jan Nowak' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): User Jan Nowak not found in radgroupcheck
rlm_sql (sql): Released sql socket id: 0
rlm_sql (sql): User not found
modcall[authorize]: module "sql" returns notfound for request 9460
modcall: leaving group authorize (returns updated) for request 9460
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 9460
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: EAP type mschapv2
rlm_eap_peap: Tunneled data is valid.
PEAP: Setting User-Name to jnovak
PEAP: Adding old state with 09 60
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 9460
modcall[authorize]: module "preprocess" returns ok for request 9460
radius_xlat:
'/usr/local/var/log/radius/radacct/127.0.0.1/auth-detail-20060317'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /usr/local/var/log/radius/radacct/127.0.0.1/auth-detail-20060317
modcall[authorize]: module "auth_log" returns ok for request 9460
modcall[authorize]: module "chap" returns noop for request 9460
modcall[authorize]: module "mschap" returns noop for request 9460
rlm_realm: No '@' in User-Name = "jnovak", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 9460
rlm_eap: EAP packet type response id 7 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 9460
modcall[authorize]: module "files" returns notfound for request 9460
radius_xlat: 'jnovak'
rlm_sql (sql): sql_set_user escaped user --> 'jnovak'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radcheck WHERE Username = 'jnovak' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 4
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'jnovak' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radreply WHERE Username = 'jnovak' ORDER BY id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'jnovak' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): Released sql socket id: 4
modcall[authorize]: module "sql" returns ok for request 9460
modcall: leaving group authorize (returns updated) for request 9460
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 9460
rlm_eap: Request found, released from the list
rlm_eap: EAP/mschapv2
rlm_eap: processing type mschapv2
rlm_eap: Freeing handler
modcall[authenticate]: module "eap" returns ok for request 9460
modcall: leaving group authenticate (returns ok) for request 9460
Login OK: [jnovak] (from client localhost port 0)
Processing the post-auth section of radiusd.conf
modcall: entering group post-auth for request 9460
radius_xlat:
'/usr/local/var/log/radius/radacct/127.0.0.1/reply-detail-20060317'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d
expands to /usr/local/var/log/radius/radacct/127.0.0.1/reply-detail-20060317
modcall[post-auth]: module "reply_log" returns ok for request 9460
rlm_sql (sql): Processing sql_postauth
radius_xlat: 'jnovak'
rlm_sql (sql): sql_set_user escaped user --> 'jnovak'
radius_xlat: 'INSERT into radpostauth (id, user, pass, reply, date) values
('', 'jnovak', 'Chap-Password', 'Access-Accept', NOW())'
rlm_sql (sql) in sql_postauth: query is INSERT into radpostauth (id, user,
pass, reply, date) values ('', 'jnovak', 'Chap-Password', 'Access-Accept',
NOW())
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql (sql): Released sql socket id: 3
modcall[post-auth]: module "sql" returns ok for request 9460
modcall: leaving group post-auth (returns ok) for request 9460
PEAP: Tunneled authentication was successful.
rlm_eap_peap: SUCCESS
modcall[authenticate]: module "eap" returns handled for request 9460
modcall: leaving group authenticate (returns handled) for request 9460
Sending Access-Challenge of id 179 to 10.10.10.120 port 3072
EAP-Message =
0x01080050190017030100209c83d2e118a9b149ac39c2a1b263c8b4a8135d0ee2390aedcf6416b71e33fea917030100202f89b71f344177ad24aef14959db7b69018a121c9bd08c67cb091098cb59c188
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x88b9cdb4c5e09b6fe10e056e00014195
Finished request 9460
Going to the next request
Waking up in 2 seconds...
rad_recv: Access-Request packet from host 10.10.10.120:3072, id=180,
length=258
User-Name = "Jan Nowak"
NAS-IP-Address = 10.10.10.120
NAS-Port = 0
Called-Station-Id = "00304f410101"
Calling-Station-Id = "000e2e740202"
NAS-Identifier = "Realtek Access Point. 8181"
NAS-Port-Type = Wireless-802.11
Service-Type = Framed-User
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message =
0x0208005019001703010020b2711c8c08afb24471bd7cc630f07c4a7cab2cac1a03058f3fddc42b92aec06f17030100203d4f99424afe7a9017d927100d6dd50d1a31ebb6870fc2044b28f27f02eade9f
State = 0x88b9cdb4c5e09b6fe10e056e00014195
Message-Authenticator = 0x197dad7442bbba1103bd14df6274f579
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 9461
modcall[authorize]: module "preprocess" returns ok for request 9461
radius_xlat:
'/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to
/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317
modcall[authorize]: module "auth_log" returns ok for request 9461
modcall[authorize]: module "chap" returns noop for request 9461
modcall[authorize]: module "mschap" returns noop for request 9461
rlm_realm: No '@' in User-Name = "Jan Nowak", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 9461
rlm_eap: EAP packet type response id 8 length 80
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 9461
modcall[authorize]: module "files" returns notfound for request 9461
radius_xlat: 'Jan Nowak'
rlm_sql (sql): sql_set_user escaped user --> 'Jan Nowak'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radcheck WHERE Username = 'Jan Nowak' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 2
rlm_sql (sql): User Jan Nowak not found in radcheck
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'Jan Nowak' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'Jan Nowak' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): User Jan Nowak not found in radgroupcheck
rlm_sql (sql): Released sql socket id: 2
rlm_sql (sql): User not found
modcall[authorize]: module "sql" returns notfound for request 9461
modcall: leaving group authorize (returns updated) for request 9461
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 9461
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: Received EAP-TLV response.
rlm_eap_peap: Tunneled data is valid.
rlm_eap_peap: Success
rlm_eap: Freeing handler
modcall[authenticate]: module "eap" returns ok for request 9461
modcall: leaving group authenticate (returns ok) for request 9461
Login OK: [Jan Nowak] (from client AP120 port 0 cli 000e2e740202)
Processing the post-auth section of radiusd.conf
modcall: entering group post-auth for request 9461
radius_xlat:
'/usr/local/var/log/radius/radacct/10.10.10.120/reply-detail-20060317'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d
expands to
/usr/local/var/log/radius/radacct/10.10.10.120/reply-detail-20060317
modcall[post-auth]: module "reply_log" returns ok for request 9461
rlm_sql (sql): Processing sql_postauth
radius_xlat: 'Jan Nowak'
rlm_sql (sql): sql_set_user escaped user --> 'Jan Nowak'
radius_xlat: 'INSERT into radpostauth (id, user, pass, reply, date) values
('', 'Jan Nowak', 'Chap-Password', 'Access-Accept', NOW())'
rlm_sql (sql) in sql_postauth: query is INSERT into radpostauth (id, user,
pass, reply, date) values ('', 'Jan Nowak', 'Chap-Password',
'Access-Accept', NOW())
rlm_sql (sql): Reserving sql socket id: 1
rlm_sql (sql): Released sql socket id: 1
modcall[post-auth]: module "sql" returns ok for request 9461
modcall: leaving group post-auth (returns ok) for request 9461
Sending Access-Accept of id 180 to 10.10.10.120 port 3072
MS-MPPE-Recv-Key =
0xa72ae1fffa65dbe1b40c309e85f837da734fd1b6d5df0d2a72b264a3fe5d94c2
MS-MPPE-Send-Key =
0xa44af53fff0b5cfc14f228115a4ba667f15a535154e3a2ffb39a01cfb1fc2d54
EAP-Message = 0x03080004
Message-Authenticator = 0x00000000000000000000000000000000
User-Name = "Jan Nowak"
Finished request 9461
Going to the next request
Waking up in 2 seconds...
--- Walking the entire request list ---
Cleaning up request 9454 ID 173 with timestamp 441b3c8a
Cleaning up request 9455 ID 174 with timestamp 441b3c8a
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 9456 ID 175 with timestamp 441b3c8b
Cleaning up request 9457 ID 176 with timestamp 441b3c8b
Cleaning up request 9458 ID 177 with timestamp 441b3c8b
Cleaning up request 9459 ID 178 with timestamp 441b3c8b
Cleaning up request 9460 ID 179 with timestamp 441b3c8b
Cleaning up request 9461 ID 180 with timestamp 441b3c8b
Nothing to do. Sleeping until we see a request.
As for your original question about IP addresses, you put the IP
into the radcheck table, not radreply.
Aha...... (!!!) So...:
insert into radreply (UserName,Attribute,op,Value) values
('norbert','Framed-IP-Address',':=','xx.xx.16.124');
AND IT WORKS!!! :):):):):)
THANKS!!!!!!!!!!!!
Norbert
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
