Read the explanation in eap.conf, FAQ, this list hundreds of times ... Ivan Kalik Kalik Informatika ISP
Dana 4/10/2007, "elhammoud rachida" <[EMAIL PROTECTED]> piše: >hello, >i'am trying to use radius authenticate and authorise users by EAP/TTLS from >XP and Linux ( Debian), i'am using only a Ť users ť like database. i'am >reading the documentation : http://wiki.freeradius.org >i've imported root.pem both Windows XP and Linux > >this log to Linux: > >rad_recv: Access-Request packet from host 145.238.3.182:1026, id=191, >length=208 Framed-MTU = 1480 > NAS-IP-Address = 145.238.3.182 > NAS-Identifier = "sw-test-radius-1" > User-Name = "racha" > Service-Type = Framed-User > Framed-Protocol = PPP > NAS-Port = 17 > NAS-Port-Type = Ethernet > NAS-Port-Id = "17" > Called-Station-Id = "00-14-38-fe-12-00" > Calling-Station-Id = "00-12-3f-0e-99-6f" > Connect-Info = "CONNECT Ethernet 100Mbps Full duplex" > Tunnel-Type:0 = VLAN > Tunnel-Medium-Type:0 = IEEE-802 > Tunnel-Private-Group-Id:0 = "301" > EAP-Message = 0x0201000a017261636861 > Message-Authenticator = 0xfae743fe55bca3b8b83a48a3f10ed3bc > Processing the authorize section of radiusd.conf >modcall: entering group authorize for request 0 > modcall[authorize]: module "preprocess" returns ok for request 0 > modcall[authorize]: module "chap" returns noop for request 0 > rlm_eap: EAP packet type response id 1 length 10 > rlm_eap: No EAP Start, assuming it's an on-going EAP conversation > modcall[authorize]: module "eap" returns updated for request 0 > users: Matched entry racha at line 86 > modcall[authorize]: module "files" returns ok for request 0 >modcall: group authorize returns updated for request 0 > rad_check_password: Found Auth-Type EAP >auth: type "EAP" > Processing the authenticate section of radiusd.conf >modcall: entering group authenticate for request 0 > rlm_eap: EAP Identity > rlm_eap: processing type mschapv2 >rlm_eap_mschapv2: Issuing Challenge > modcall[authenticate]: module "eap" returns handled for request 0 >modcall: group authenticate returns handled for request 0 >Sending Access-Challenge of id 191 to 145.238.3.182:1026 > EAP-Message = >0x0102001f1a0102001a105f4f4c366e47d80b1c27e30d08b4b0367261636861 > Message-Authenticator = 0x00000000000000000000000000000000 > State = 0xfbee0cbaf20c360d6491c2b0b512304d >Finished request 0 >Going to the next request >--- Walking the entire request list --- >Waking up in 6 seconds... >rad_recv: Access-Request packet from host 145.238.3.182:1026, id=192, >length=222 Framed-MTU = 1480 > NAS-IP-Address = 145.238.3.182 > NAS-Identifier = "sw-test-radius-1" > User-Name = "racha" > Service-Type = Framed-User > Framed-Protocol = PPP > NAS-Port = 17 > NAS-Port-Type = Ethernet > NAS-Port-Id = "17" > Called-Station-Id = "00-14-38-fe-12-00" > Calling-Station-Id = "00-12-3f-0e-99-6f" > Connect-Info = "CONNECT Ethernet 100Mbps Full duplex" > Tunnel-Type:0 = VLAN > Tunnel-Medium-Type:0 = IEEE-802 > Tunnel-Private-Group-Id:0 = "301" > State = 0xfbee0cbaf20c360d6491c2b0b512304d > EAP-Message = 0x020200060315 > Message-Authenticator = 0xd72410f740ae385523110d6defecb5f0 > Processing the authorize section of radiusd.conf >modcall: entering group authorize for request 1 > modcall[authorize]: module "preprocess" returns ok for request 1 > modcall[authorize]: module "chap" returns noop for request 1 > rlm_eap: EAP packet type response id 2 length 6 > rlm_eap: No EAP Start, assuming it's an on-going EAP conversation > modcall[authorize]: module "eap" returns updated for request 1 > users: Matched entry racha at line 86 > modcall[authorize]: module "files" returns ok for request 1 >modcall: group authorize returns updated for request 1 > rad_check_password: Found Auth-Type EAP >auth: type "EAP" > Processing the authenticate section of radiusd.conf >modcall: entering group authenticate for request 1 > rlm_eap: Request found, released from the list > rlm_eap: EAP NAK >rlm_eap: EAP-NAK asked for EAP-Type/ttls > rlm_eap: processing type tls > rlm_eap_tls: Initiate > rlm_eap_tls: Start returned 1 > modcall[authenticate]: module "eap" returns handled for request 1 >modcall: group authenticate returns handled for request 1 >Sending Access-Challenge of id 192 to 145.238.3.182:1026 > EAP-Message = 0x010300061520 > Message-Authenticator = 0x00000000000000000000000000000000 > State = 0x429c3c29e255f725c510981e01307d3e >Finished request 1 >Going to the next request >Waking up in 6 seconds... >rad_recv: Access-Request packet from host 145.238.3.182:1026, id=193, >length=313 Framed-MTU = 1480 > NAS-IP-Address = 145.238.3.182 > NAS-Identifier = "sw-test-radius-1" > User-Name = "racha" > Service-Type = Framed-User > Framed-Protocol = PPP > NAS-Port = 17 > NAS-Port-Type = Ethernet > NAS-Port-Id = "17" > Called-Station-Id = "00-14-38-fe-12-00" > Calling-Station-Id = "00-12-3f-0e-99-6f" > Connect-Info = "CONNECT Ethernet 100Mbps Full duplex" > Tunnel-Type:0 = VLAN > Tunnel-Medium-Type:0 = IEEE-802 > Tunnel-Private-Group-Id:0 = "301" > State = 0x429c3c29e255f725c510981e01307d3e > EAP-Message = >0x0203006115800000005716030100520100004e0301470497b869826a1a156494e801e8ab8ebc88e444edbab8d5e7b9c890b9ce7d5c00002600390038003500160013000a00330032002f0005000400150012000900140011000800060003020100 > Message-Authenticator = 0x69a1421041ecda03d67273a14054310d > Processing the authorize section of radiusd.conf >modcall: entering group authorize for request 2 > modcall[authorize]: module "preprocess" returns ok for request 2 > modcall[authorize]: module "chap" returns noop for request 2 > rlm_eap: EAP packet type response id 3 length 97 > rlm_eap: No EAP Start, assuming it's an on-going EAP conversation > modcall[authorize]: module "eap" returns updated for request 2 > users: Matched entry racha at line 86 > modcall[authorize]: module "files" returns ok for request 2 >modcall: group authorize returns updated for request 2 > rad_check_password: Found Auth-Type EAP >auth: type "EAP" > Processing the authenticate section of radiusd.conf >modcall: entering group authenticate for request 2 > rlm_eap: Request found, released from the list > rlm_eap: EAP/ttls > rlm_eap: processing type ttls > rlm_eap_ttls: Authenticate > rlm_eap_tls: processing TLS >rlm_eap_tls: Length Included > eaptls_verify returned 11 > (other): before/accept initialization > TLS_accept: before/accept initialization > rlm_eap_tls: <<< TLS 1.0 Handshake [length 0052], ClientHello > TLS_accept: SSLv3 read client hello A > rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello > TLS_accept: SSLv3 write server hello A > rlm_eap_tls: >>> TLS 1.0 Handshake [length 0627], Certificate > TLS_accept: SSLv3 write certificate A > rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone > TLS_accept: SSLv3 write server done A > TLS_accept: SSLv3 flush data > TLS_accept:error in SSLv3 read client certificate A >In SSL Handshake Phase >In SSL Accept mode > eaptls_process returned 13 > modcall[authenticate]: module "eap" returns handled for request 2 >modcall: group authenticate returns handled for request 2 >Sending Access-Challenge of id 193 to 145.238.3.182:1026 > EAP-Message = >0x0104040a15c000000684160301004a02000046030147049795ea5f54b60ec1a963a6050cf321b373a5129b55236ceb8814646c656e2021397a7083f4b0e4ef289bb347da88c32d2538e9c0c5796afd72671ff95b43a800350116030106270b0006230006200002ad308202a930820212a00302010202090097d09903d21d9c53300d06092a864886f70d0101040500308180310b3009060355040613024652311330110603550408130a536f6d652d5374617465310f300d060355040713064d4555444f4e31133011060355040a130a4f4253204d4555444f4e31133011060355040b130a4465706172742053494f3121301f06092a864886f70d0109 > EAP-Message = >0x0116127261636861383140686f746d61696c2e6672301e170d3037303932353131313234395a170d3038303932343131313234395a308192310b3009060355040613024652311330110603550408130a536f6d652d5374617465310f300d060355040713064d4555444f4e31133011060355040a130a4f4253204d4555444f4e31133011060355040b130a4465706172742053494f3110300e06035504031307736572766575723121301f06092a864886f70d01090116127261636861383140686f746d61696c2e667230819f300d06092a864886f70d010101050003818d0030818902818100bfb94bae23d4d4501336fc7fdb003812ab5c91411eed > EAP-Message = >0xb9725040db64c2a0e82e184b66da29d00c42a99b5c588f7de357d074b21a4ce8ed578bffb5f2b962dd2bfd8c6a60a3dc064acc9fedb3fad12fb92de22b0634430dc06a630879e4ea0448079ced1bc11c003ef63cc063bcb5a511c6f6fd2b5d8b0bae89d1b04c0985a1f70203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d0101040500038181009bb60795878ef9fd824caf95eda533eab41d75312f8af7420ca9045a4fed5c4999bb03caacd5f1074ba66ec9c401629f93b57709be7ab76188983f3f87b120536fdc626dbb5aed1b80e1473745421b7a867877073afc4394bae8579886ade7082f38 > EAP-Message = >0x5284ead1564c79f6c83c07344ad50707bc67777485939021fd5c4fde550500036d30820369308202d2a00302010202090097d09903d21d9c52300d06092a864886f70d0101040500308180310b3009060355040613024652311330110603550408130a536f6d652d5374617465310f300d060355040713064d4555444f4e31133011060355040a130a4f4253204d4555444f4e31133011060355040b130a4465706172742053494f3121301f06092a864886f70d01090116127261636861383140686f746d61696c2e6672301e170d3037303932353131313130375a170d3037313032353131313130375a308180310b30090603550406130246523113 > EAP-Message = 0x30110603550408130a536f6d652d5374617465310f30 > Message-Authenticator = 0x00000000000000000000000000000000 > State = 0xcdb56b546410d47e8ad2dc8aa7e606f8 >Finished request 2 >Going to the next request >Waking up in 6 seconds... >rad_recv: Access-Request packet from host 145.238.3.182:1026, id=194, >length=222 Framed-MTU = 1480 > NAS-IP-Address = 145.238.3.182 > NAS-Identifier = "sw-test-radius-1" > User-Name = "racha" > Service-Type = Framed-User > Framed-Protocol = PPP > NAS-Port = 17 > NAS-Port-Type = Ethernet > NAS-Port-Id = "17" > Called-Station-Id = "00-14-38-fe-12-00" > Calling-Station-Id = "00-12-3f-0e-99-6f" > Connect-Info = "CONNECT Ethernet 100Mbps Full duplex" > Tunnel-Type:0 = VLAN > Tunnel-Medium-Type:0 = IEEE-802 > Tunnel-Private-Group-Id:0 = "301" > State = 0xcdb56b546410d47e8ad2dc8aa7e606f8 > EAP-Message = 0x020400061500 > Message-Authenticator = 0x78acfb7b5c5d9ba93dbf5fb16b853196 > Processing the authorize section of radiusd.conf >modcall: entering group authorize for request 3 > modcall[authorize]: module "preprocess" returns ok for request 3 > modcall[authorize]: module "chap" returns noop for request 3 > rlm_eap: EAP packet type response id 4 length 6 > rlm_eap: No EAP Start, assuming it's an on-going EAP conversation > modcall[authorize]: module "eap" returns updated for request 3 > users: Matched entry racha at line 86 > modcall[authorize]: module "files" returns ok for request 3 >modcall: group authorize returns updated for request 3 > rad_check_password: Found Auth-Type EAP >auth: type "EAP" > Processing the authenticate section of radiusd.conf >modcall: entering group authenticate for request 3 > rlm_eap: Request found, released from the list > rlm_eap: EAP/ttls > rlm_eap: processing type ttls > rlm_eap_ttls: Authenticate > rlm_eap_tls: processing TLS >rlm_eap_tls: Received EAP-TLS ACK message > rlm_eap_tls: ack handshake fragment handler > eaptls_verify returned 1 > eaptls_process returned 13 > modcall[authenticate]: module "eap" returns handled for request 3 >modcall: group authenticate returns handled for request 3 >Sending Access-Challenge of id 194 to 145.238.3.182:1026 > EAP-Message = >0x0105028e1580000006840d060355040713064d4555444f4e31133011060355040a130a4f4253204d4555444f4e31133011060355040b130a4465706172742053494f3121301f06092a864886f70d01090116127261636861383140686f746d61696c2e667230819f300d06092a864886f70d010101050003818d0030818902818100f2ce03feb0bbacd0c1b89ecea0621fa70d0c0dfd777f82b7da4b0c67908bdc72af35b501036b39c796fab274fe7c7098395139cd80c3def0e8ca65c3f1291a84a1f38342474758c9fa9aac36818b6626839b7f9a6673393d44940ebaea14cd662a0f5bd0487e27a29842095e7bd5309d75649205a5fad97bc41d75 > EAP-Message = >0xec80d2fbab0203010001a381e83081e5301d0603551d0e04160414d8ca68899a3cf0402e89e9889f4f598ba2bec2513081b50603551d230481ad3081aa8014d8ca68899a3cf0402e89e9889f4f598ba2bec251a18186a48183308180310b3009060355040613024652311330110603550408130a536f6d652d5374617465310f300d060355040713064d4555444f4e31133011060355040a130a4f4253204d4555444f4e31133011060355040b130a4465706172742053494f3121301f06092a864886f70d01090116127261636861383140686f746d61696c2e667282090097d09903d21d9c52300c0603551d13040530030101ff300d06092a864886 > EAP-Message = >0xf70d01010405000381810055e9fecdcd89146c84f21a7b232da59b1eee35c889d5eb07950d116f3baf9123308ea514daa6f7515e33994652f76748b981e7c5e5a00e6c5c4c03299318e812e100549970034482fef14fcaa937d71d79a6bfb4f0ce39b2bbe0f4028e1f90a2c7d1e1f6ded3df9e11af13c85fa10eaec4f6979f3010b4b5521d07e05e4a6ec916030100040e000000 > > Message-Authenticator = 0x00000000000000000000000000000000 > State = 0xe701c94007f01d9882634f0432a6d114 >Finished request 3 >Going to the next request >Waking up in 6 seconds... >rad_recv: Access-Request packet from host 145.238.3.182:1026, id=195, >length=424 Framed-MTU = 1480 > NAS-IP-Address = 145.238.3.182 > NAS-Identifier = "sw-test-radius-1" > User-Name = "racha" > Service-Type = Framed-User > Framed-Protocol = PPP > NAS-Port = 17 > NAS-Port-Type = Ethernet > NAS-Port-Id = "17" > Called-Station-Id = "00-14-38-fe-12-00" > Calling-Station-Id = "00-12-3f-0e-99-6f" > Connect-Info = "CONNECT Ethernet 100Mbps Full duplex" > Tunnel-Type:0 = VLAN > Tunnel-Medium-Type:0 = IEEE-802 > Tunnel-Private-Group-Id:0 = "301" > State = 0xe701c94007f01d9882634f0432a6d114 > EAP-Message = >0x020500d01580000000c61603010086100000820080507e96001f817c7dfce96e989e771b2f38902a81f66519d75d522508d6b663508f50ef374da3dfc95996083930080e5edc58248184dd494816913f65d647fde08f8b2db8a1e37422e4d9ff6dd65cbd60a5c21b5d7e66d015b9cc61e2ac46dc25de7c9f6e01be17dbbb0599d795f3aa77467f4354579881ff6240969e5e9f5a1414030100010116030100305b0059cfbe818835fc45399fb05c6c72596ce0ec8a4a0befa17575c6a10931c46c05cc777adf688c60a888f381a2e561 > Message-Authenticator = 0xa55246d48162d9bc3e2842114589d25b > Processing the authorize section of radiusd.conf >modcall: entering group authorize for request 4 > modcall[authorize]: module "preprocess" returns ok for request 4 > modcall[authorize]: module "chap" returns noop for request 4 > rlm_eap: EAP packet type response id 5 length 208 > rlm_eap: No EAP Start, assuming it's an on-going EAP conversation > modcall[authorize]: module "eap" returns updated for request 4 > users: Matched entry racha at line 86 > modcall[authorize]: module "files" returns ok for request 4 >modcall: group authorize returns updated for request 4 > rad_check_password: Found Auth-Type EAP >auth: type "EAP" > Processing the authenticate section of radiusd.conf >modcall: entering group authenticate for request 4 > rlm_eap: Request found, released from the list > rlm_eap: EAP/ttls > rlm_eap: processing type ttls > rlm_eap_ttls: Authenticate > rlm_eap_tls: processing TLS >rlm_eap_tls: Length Included > eaptls_verify returned 11 > rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange > TLS_accept: SSLv3 read client key exchange A > rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001] > rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished > TLS_accept: SSLv3 read finished A > rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001] > TLS_accept: SSLv3 write change cipher spec A > rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished > TLS_accept: SSLv3 write finished A > TLS_accept: SSLv3 flush data > (other): SSL negotiation finished successfully >SSL Connection Established > eaptls_process returned 13 > modcall[authenticate]: module "eap" returns handled for request 4 >modcall: group authenticate returns handled for request 4 >Sending Access-Challenge of id 195 to 145.238.3.182:1026 > EAP-Message = >0x0106004515800000003b140301000101160301003058729f21c600df1c67c00c784ba7ecf50581a5b3657f8a24ebd96af0977e332430409dee3dfec98cb5786579ba3c9189 > Message-Authenticator = 0x00000000000000000000000000000000 > State = 0x34c8b26e1d7071a34ec8210c3710baaa >Finished request 4 >Going to the next request >Waking up in 6 seconds... >--- Walking the entire request list --- >Cleaning up request 0 ID 191 with timestamp 47049795 >Cleaning up request 1 ID 192 with timestamp 47049795 >Cleaning up request 2 ID 193 with timestamp 47049795 >Cleaning up request 3 ID 194 with timestamp 47049795 >Cleaning up request 4 ID 195 with timestamp 47049795 >Nothing to do. Sleeping until we see a request. > >the server no sends response, why?? > >and this log by Windows XP > >rad_recv: Access-Request packet from host 145.238.3.182:1026, id=196, >length=208 Framed-MTU = 1480 > NAS-IP-Address = 145.238.3.182 > NAS-Identifier = "sw-test-radius-1" > User-Name = "racha" > Service-Type = Framed-User > Framed-Protocol = PPP > NAS-Port = 17 > NAS-Port-Type = Ethernet > NAS-Port-Id = "17" > Called-Station-Id = "00-14-38-fe-12-00" > Calling-Station-Id = "00-12-3f-0e-99-6f" > Connect-Info = "CONNECT Ethernet 100Mbps Full duplex" > Tunnel-Type:0 = VLAN > Tunnel-Medium-Type:0 = IEEE-802 > Tunnel-Private-Group-Id:0 = "301" > EAP-Message = 0x021b000a017261636861 > Message-Authenticator = 0x54bacc36ad1175e684554c5f76c58832 > Processing the authorize section of radiusd.conf >modcall: entering group authorize for request 0 > modcall[authorize]: module "preprocess" returns ok for request 0 > modcall[authorize]: module "chap" returns noop for request 0 > rlm_eap: EAP packet type response id 27 length 10 > rlm_eap: No EAP Start, assuming it's an on-going EAP conversation > modcall[authorize]: module "eap" returns updated for request 0 > users: Matched entry racha at line 86 > modcall[authorize]: module "files" returns ok for request 0 >modcall: group authorize returns updated for request 0 > rad_check_password: Found Auth-Type EAP >auth: type "EAP" > Processing the authenticate section of radiusd.conf >modcall: entering group authenticate for request 0 > rlm_eap: EAP Identity > rlm_eap: processing type mschapv2 >rlm_eap_mschapv2: Issuing Challenge > modcall[authenticate]: module "eap" returns handled for request 0 >modcall: group authenticate returns handled for request 0 >Sending Access-Challenge of id 196 to 145.238.3.182:1026 > EAP-Message = >0x011c001f1a011c001a105f4f4c366e47d80b1c27e30d08b4b0367261636861 > Message-Authenticator = 0x00000000000000000000000000000000 > State = 0xfbee0cbaf20c360de5cb21cf55607e20 >Finished request 0 >Going to the next request >--- Walking the entire request list --- >Waking up in 6 seconds... >rad_recv: Access-Request packet from host 145.238.3.182:1026, id=197, >length=222 Framed-MTU = 1480 > NAS-IP-Address = 145.238.3.182 > NAS-Identifier = "sw-test-radius-1" > User-Name = "racha" > Service-Type = Framed-User > Framed-Protocol = PPP > NAS-Port = 17 > NAS-Port-Type = Ethernet > NAS-Port-Id = "17" > Called-Station-Id = "00-14-38-fe-12-00" > Calling-Station-Id = "00-12-3f-0e-99-6f" > Connect-Info = "CONNECT Ethernet 100Mbps Full duplex" > Tunnel-Type:0 = VLAN > Tunnel-Medium-Type:0 = IEEE-802 > Tunnel-Private-Group-Id:0 = "301" > State = 0xfbee0cbaf20c360de5cb21cf55607e20 > EAP-Message = 0x021c00060315 > Message-Authenticator = 0xb00f0ec480c5c36eb8a7110e87bde3b3 > Processing the authorize section of radiusd.conf >modcall: entering group authorize for request 1 > modcall[authorize]: module "preprocess" returns ok for request 1 > modcall[authorize]: module "chap" returns noop for request 1 > rlm_eap: EAP packet type response id 28 length 6 > rlm_eap: No EAP Start, assuming it's an on-going EAP conversation > modcall[authorize]: module "eap" returns updated for request 1 > users: Matched entry racha at line 86 > modcall[authorize]: module "files" returns ok for request 1 >modcall: group authorize returns updated for request 1 > rad_check_password: Found Auth-Type EAP >auth: type "EAP" > Processing the authenticate section of radiusd.conf >modcall: entering group authenticate for request 1 > rlm_eap: Request found, released from the list > rlm_eap: EAP NAK >rlm_eap: EAP-NAK asked for EAP-Type/ttls > rlm_eap: processing type tls > rlm_eap_tls: Initiate > rlm_eap_tls: Start returned 1 > modcall[authenticate]: module "eap" returns handled for request 1 >modcall: group authenticate returns handled for request 1 >Sending Access-Challenge of id 197 to 145.238.3.182:1026 > EAP-Message = 0x011d00061520 > Message-Authenticator = 0x00000000000000000000000000000000 > State = 0x429c3c29e255f725e935b0e1db7a8a39 >Finished request 1 >Going to the next request >Waking up in 6 seconds... >rad_recv: Access-Request packet from host 145.238.3.182:1026, id=198, >length=276 Framed-MTU = 1480 > NAS-IP-Address = 145.238.3.182 > NAS-Identifier = "sw-test-radius-1" > User-Name = "racha" > Service-Type = Framed-User > Framed-Protocol = PPP > NAS-Port = 17 > NAS-Port-Type = Ethernet > NAS-Port-Id = "17" > Called-Station-Id = "00-14-38-fe-12-00" > Calling-Station-Id = "00-12-3f-0e-99-6f" > Connect-Info = "CONNECT Ethernet 100Mbps Full duplex" > Tunnel-Type:0 = VLAN > Tunnel-Medium-Type:0 = IEEE-802 > Tunnel-Private-Group-Id:0 = "301" > State = 0x429c3c29e255f725e935b0e1db7a8a39 > EAP-Message = >0x021d003c158000000032160301002d010000290301e0dd816d595bd3edf0729c53c2953ffb3711cca4eb039cd0b2ac413175dfd9cd000002000a0100 > Message-Authenticator = 0x842f4348b12e8e2bf0ce66965c711fc9 > Processing the authorize section of radiusd.conf >modcall: entering group authorize for request 2 > modcall[authorize]: module "preprocess" returns ok for request 2 > modcall[authorize]: module "chap" returns noop for request 2 > rlm_eap: EAP packet type response id 29 length 60 > rlm_eap: No EAP Start, assuming it's an on-going EAP conversation > modcall[authorize]: module "eap" returns updated for request 2 > users: Matched entry racha at line 86 > modcall[authorize]: module "files" returns ok for request 2 >modcall: group authorize returns updated for request 2 > rad_check_password: Found Auth-Type EAP >auth: type "EAP" > Processing the authenticate section of radiusd.conf >modcall: entering group authenticate for request 2 > rlm_eap: Request found, released from the list > rlm_eap: EAP/ttls > rlm_eap: processing type ttls > rlm_eap_ttls: Authenticate > rlm_eap_tls: processing TLS >rlm_eap_tls: Length Included > eaptls_verify returned 11 > (other): before/accept initialization > TLS_accept: before/accept initialization > rlm_eap_tls: <<< TLS 1.0 Handshake [length 002d], ClientHello > TLS_accept: SSLv3 read client hello A > rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello > TLS_accept: SSLv3 write server hello A > rlm_eap_tls: >>> TLS 1.0 Handshake [length 0627], Certificate > TLS_accept: SSLv3 write certificate A > rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone > TLS_accept: SSLv3 write server done A > TLS_accept: SSLv3 flush data > TLS_accept:error in SSLv3 read client certificate A >In SSL Handshake Phase >In SSL Accept mode > eaptls_process returned 13 > modcall[authenticate]: module "eap" returns handled for request 2 >modcall: group authenticate returns handled for request 2 >Sending Access-Challenge of id 198 to 145.238.3.182:1026 > EAP-Message = >0x011e040a15c000000684160301004a02000046030147049daa9066df5b206f509c2daf785a039b3f290d1da1972b195d73c56b3fee20d5f2327a11b59ff3ae5d4e9d5faaa5a1e5941852291e3c28f8403f5658ff3bd0000a0016030106270b0006230006200002ad308202a930820212a00302010202090097d09903d21d9c53300d06092a864886f70d0101040500308180310b3009060355040613024652311330110603550408130a536f6d652d5374617465310f300d060355040713064d4555444f4e31133011060355040a130a4f4253204d4555444f4e31133011060355040b130a4465706172742053494f3121301f06092a864886f70d0109 > EAP-Message = >0x0116127261636861383140686f746d61696c2e6672301e170d3037303932353131313234395a170d3038303932343131313234395a308192310b3009060355040613024652311330110603550408130a536f6d652d5374617465310f300d060355040713064d4555444f4e31133011060355040a130a4f4253204d4555444f4e31133011060355040b130a4465706172742053494f3110300e06035504031307736572766575723121301f06092a864886f70d01090116127261636861383140686f746d61696c2e667230819f300d06092a864886f70d010101050003818d0030818902818100bfb94bae23d4d4501336fc7fdb003812ab5c91411eed > EAP-Message = >0xb9725040db64c2a0e82e184b66da29d00c42a99b5c588f7de357d074b21a4ce8ed578bffb5f2b962dd2bfd8c6a60a3dc064acc9fedb3fad12fb92de22b0634430dc06a630879e4ea0448079ced1bc11c003ef63cc063bcb5a511c6f6fd2b5d8b0bae89d1b04c0985a1f70203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d0101040500038181009bb60795878ef9fd824caf95eda533eab41d75312f8af7420ca9045a4fed5c4999bb03caacd5f1074ba66ec9c401629f93b57709be7ab76188983f3f87b120536fdc626dbb5aed1b80e1473745421b7a867877073afc4394bae8579886ade7082f38 > EAP-Message = >0x5284ead1564c79f6c83c07344ad50707bc67777485939021fd5c4fde550500036d30820369308202d2a00302010202090097d09903d21d9c52300d06092a864886f70d0101040500308180310b3009060355040613024652311330110603550408130a536f6d652d5374617465310f300d060355040713064d4555444f4e31133011060355040a130a4f4253204d4555444f4e31133011060355040b130a4465706172742053494f3121301f06092a864886f70d01090116127261636861383140686f746d61696c2e6672301e170d3037303932353131313130375a170d3037313032353131313130375a308180310b30090603550406130246523113 > EAP-Message = 0x30110603550408130a536f6d652d5374617465310f30 > Message-Authenticator = 0x00000000000000000000000000000000 > State = 0xcdb56b546410d47ec20726810835dc55 >Finished request 2 >Going to the next request >--- Walking the entire request list --- >Waking up in 4 seconds... >rad_recv: Access-Request packet from host 145.238.3.182:1026, id=199, >length=222 Framed-MTU = 1480 > NAS-IP-Address = 145.238.3.182 > NAS-Identifier = "sw-test-radius-1" > User-Name = "racha" > Service-Type = Framed-User > Framed-Protocol = PPP > NAS-Port = 17 > NAS-Port-Type = Ethernet > NAS-Port-Id = "17" > Called-Station-Id = "00-14-38-fe-12-00" > Calling-Station-Id = "00-12-3f-0e-99-6f" > Connect-Info = "CONNECT Ethernet 100Mbps Full duplex" > Tunnel-Type:0 = VLAN > Tunnel-Medium-Type:0 = IEEE-802 > Tunnel-Private-Group-Id:0 = "301" > State = 0xcdb56b546410d47ec20726810835dc55 > EAP-Message = 0x021e00061500 > Message-Authenticator = 0xabeaab3cbe7e553ebd43785cd5c25f86 > Processing the authorize section of radiusd.conf >modcall: entering group authorize for request 3 > modcall[authorize]: module "preprocess" returns ok for request 3 > modcall[authorize]: module "chap" returns noop for request 3 > rlm_eap: EAP packet type response id 30 length 6 > rlm_eap: No EAP Start, assuming it's an on-going EAP conversation > modcall[authorize]: module "eap" returns updated for request 3 > users: Matched entry racha at line 86 > modcall[authorize]: module "files" returns ok for request 3 >modcall: group authorize returns updated for request 3 > rad_check_password: Found Auth-Type EAP >auth: type "EAP" > Processing the authenticate section of radiusd.conf >modcall: entering group authenticate for request 3 > rlm_eap: Request found, released from the list > rlm_eap: EAP/ttls > rlm_eap: processing type ttls > rlm_eap_ttls: Authenticate > rlm_eap_tls: processing TLS >rlm_eap_tls: Received EAP-TLS ACK message > rlm_eap_tls: ack handshake fragment handler > eaptls_verify returned 1 > eaptls_process returned 13 > modcall[authenticate]: module "eap" returns handled for request 3 >modcall: group authenticate returns handled for request 3 >Sending Access-Challenge of id 199 to 145.238.3.182:1026 > EAP-Message = >0x011f028e1580000006840d060355040713064d4555444f4e31133011060355040a130a4f4253204d4555444f4e31133011060355040b130a4465706172742053494f3121301f06092a864886f70d01090116127261636861383140686f746d61696c2e667230819f300d06092a864886f70d010101050003818d0030818902818100f2ce03feb0bbacd0c1b89ecea0621fa70d0c0dfd777f82b7da4b0c67908bdc72af35b501036b39c796fab274fe7c7098395139cd80c3def0e8ca65c3f1291a84a1f38342474758c9fa9aac36818b6626839b7f9a6673393d44940ebaea14cd662a0f5bd0487e27a29842095e7bd5309d75649205a5fad97bc41d75 > EAP-Message = >0xec80d2fbab0203010001a381e83081e5301d0603551d0e04160414d8ca68899a3cf0402e89e9889f4f598ba2bec2513081b50603551d230481ad3081aa8014d8ca68899a3cf0402e89e9889f4f598ba2bec251a18186a48183308180310b3009060355040613024652311330110603550408130a536f6d652d5374617465310f300d060355040713064d4555444f4e31133011060355040a130a4f4253204d4555444f4e31133011060355040b130a4465706172742053494f3121301f06092a864886f70d01090116127261636861383140686f746d61696c2e667282090097d09903d21d9c52300c0603551d13040530030101ff300d06092a864886 > EAP-Message = >0xf70d01010405000381810055e9fecdcd89146c84f21a7b232da59b1eee35c889d5eb07950d116f3baf9123308ea514daa6f7515e33994652f76748b981e7c5e5a00e6c5c4c03299318e812e100549970034482fef14fcaa937d71d79a6bfb4f0ce39b2bbe0f4028e1f90a2c7d1e1f6ded3df9e11af13c85fa10eaec4f6979f3010b4b5521d07e05e4a6ec916030100040e000000 > > Message-Authenticator = 0x00000000000000000000000000000000 > State = 0xe701c94007f01d98e348e2739e552ea6 >Finished request 3 >Going to the next request >Waking up in 4 seconds... >--- Walking the entire request list --- >Cleaning up request 0 ID 196 with timestamp 47049da8 >Cleaning up request 1 ID 197 with timestamp 47049da8 >Waking up in 2 seconds... >--- Walking the entire request list --- >Cleaning up request 2 ID 198 with timestamp 47049daa >Cleaning up request 3 ID 199 with timestamp 47049daa >Nothing to do. Sleeping until we see a request. > > >what's a problem? > >Please could you help me? >thanks > >_________________________________________________________________ >Gagnez des écrans plats avec Live.com http://www.image-addict.fr/ > >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html