Hi All, I have been trying, unsuccessfully, to get a windows supplicant (as shipped with Vista) to authenticate via freeradius/ldap. The freeradius/ldap combo works well with the existing VPN authen/auth that we have here on campus but not with EAP. I'm not sure what or where to go from here ...any pointers?
freeradius logging: Listening on authentication *:1812 Listening on accounting *:1813 Ready to process requests. rad_recv: Access-Request packet from host 10.56.7.81:1645, id=246, length=130 User-Name = "timmy" Framed-MTU = 1400 Called-Station-Id = "0013.6067.bcb0" Calling-Station-Id = "001b.7728.a8c0" Service-Type = Login-User Message-Authenticator = 0x7d2246236182294e8085da177383f3b4 EAP-Message = 0x0202000801746e67 NAS-Port-Type = Wireless-802.11 NAS-Port = 6722 NAS-IP-Address = 10.56.7.81 NAS-Identifier = "svhwapmed0301" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "timmy", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: EAP packet type response id 2 length 8 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 0 modcall[authorize]: module "files" returns notfound for request 0 rlm_ldap: - authorize rlm_ldap: performing user authorization for timmy radius_xlat: '(cn=timmy)' radius_xlat: 'ou=people,ou=darlinghurst,ou=nsw,o=schs,c=au' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: attempting LDAP reconnection rlm_ldap: (re)connect to ldap-dev.stvincents.com.au:389, authentication 0 rlm_ldap: bind as cn=superuser,o=schs,c=au/ldapadmin to ldap-dev.stvincents.com.au:389 rlm_ldap: waiting for bind result ... rlm_ldap: Bind was successful rlm_ldap: performing search in ou=people,ou=darlinghurst,ou=nsw,o=schs,c=au, with filter (cn=timmy) rlm_ldap: checking if remote access for timmy is allowed by cn rlm_ldap: Password header not found in password timmysPASSWORD for user timmy rlm_ldap: looking for check items in directory... rlm_ldap: Adding userPassword as User-Password, value timmysPASSWORD & op=21 rlm_ldap: looking for reply items in directory... rlm_ldap: user timmy authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "people_search" returns ok for request 0 modcall: leaving group authorize (returns updated) for request 0 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 rlm_eap: EAP Identity rlm_eap: processing type md5 rlm_eap_md5: Issuing Challenge modcall[authenticate]: module "eap" returns handled for request 0 modcall: leaving group authenticate (returns handled) for request 0 Sending Access-Challenge of id 246 to 10.56.7.81 port 1645 EAP-Message = 0x010300160410da433545ecf08558fb23fb9d7a1e9251 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x84dc68e3b83cac07d2bdde56656fa45b Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 10.56.7.81:1645, id=247, length=146 User-Name = "timmy" Framed-MTU = 1400 Called-Station-Id = "0013.6067.bcb0" Calling-Station-Id = "001b.7728.a8c0" Service-Type = Login-User Message-Authenticator = 0x80896aec4445abeab1b82e57df662896 EAP-Message = 0x020300060319 NAS-Port-Type = Wireless-802.11 NAS-Port = 6722 State = 0x84dc68e3b83cac07d2bdde56656fa45b NAS-IP-Address = 10.56.7.81 NAS-Identifier = "svhwapmed0301" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 1 modcall[authorize]: module "chap" returns noop for request 1 modcall[authorize]: module "preprocess" returns ok for request 1 modcall[authorize]: module "mschap" returns noop for request 1 rlm_realm: No '@' in User-Name = "timmy", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 1 rlm_eap: EAP packet type response id 3 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 1 modcall[authorize]: module "files" returns notfound for request 1 rlm_ldap: - authorize rlm_ldap: performing user authorization for timmy radius_xlat: '(cn=timmy)' radius_xlat: 'ou=people,ou=darlinghurst,ou=nsw,o=schs,c=au' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in ou=people,ou=darlinghurst,ou=nsw,o=schs,c=au, with filter (cn=timmy) rlm_ldap: checking if remote access for timmy is allowed by cn rlm_ldap: Password header not found in password timmysPASSWORD for user timmy rlm_ldap: looking for check items in directory... rlm_ldap: Adding userPassword as User-Password, value timmysPASSWORD & op=21 rlm_ldap: looking for reply items in directory... rlm_ldap: user timmy authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "people_search" returns ok for request 1 modcall: leaving group authorize (returns updated) for request 1 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 1 rlm_eap: Request found, released from the list rlm_eap: EAP NAK rlm_eap: EAP-NAK asked for EAP-Type/peap rlm_eap: processing type tls rlm_eap_tls: Initiate rlm_eap_tls: Start returned 1 modcall[authenticate]: module "eap" returns handled for request 1 modcall: leaving group authenticate (returns handled) for request 1 Sending Access-Challenge of id 247 to 10.56.7.81 port 1645 EAP-Message = 0x010400061920 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xa67de6a6917fb1801883447f7d07bf73 Finished request 1 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 10.56.7.81:1645, id=248, length=286 User-Name = "timmy" Framed-MTU = 1400 Called-Station-Id = "0013.6067.bcb0" Calling-Station-Id = "001b.7728.a8c0" Service-Type = Login-User Message-Authenticator = 0x63c0e15a97da9e0708a94a4866dd3f63 EAP-Message = 0x0204009219800000008816030100830100007f0301471d2dfcffd525f06e56ea45e95ba59040cf607de28f6ec019a0bfc7562fb67a209ef61a1f6dfa89b1f9f 32b95eb9a60448a86c1603e922cedbdc32dfcb09a3ba40018002f00350005000ac009c00ac013c01400320038001300040100001e000000080006000003746e67 000a00080006001700180019000b00020100 NAS-Port-Type = Wireless-802.11 NAS-Port = 6722 State = 0xa67de6a6917fb1801883447f7d07bf73 NAS-IP-Address = 10.56.7.81 NAS-Identifier = "svhwapmed0301" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 2 modcall[authorize]: module "chap" returns noop for request 2 modcall[authorize]: module "preprocess" returns ok for request 2 modcall[authorize]: module "mschap" returns noop for request 2 rlm_realm: No '@' in User-Name = "timmy", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 2 rlm_eap: EAP packet type response id 4 length 146 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 2 modcall[authorize]: module "files" returns notfound for request 2 rlm_ldap: - authorize rlm_ldap: performing user authorization for timmy radius_xlat: '(cn=timmy)' radius_xlat: 'ou=people,ou=darlinghurst,ou=nsw,o=schs,c=au' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in ou=people,ou=darlinghurst,ou=nsw,o=schs,c=au, with filter (cn=timmy) rlm_ldap: checking if remote access for timmy is allowed by cn rlm_ldap: Password header not found in password timmysPASSWORD for user timmy rlm_ldap: looking for check items in directory... rlm_ldap: Adding userPassword as User-Password, value timmysPASSWORD & op=21 rlm_ldap: looking for reply items in directory... rlm_ldap: user timmy authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "people_search" returns ok for request 2 modcall: leaving group authorize (returns updated) for request 2 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 2 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 (other): before/accept initialization TLS_accept: before/accept initialization rlm_eap_tls: <<< TLS 1.0 Handshake [length 0083], ClientHello TLS_accept: SSLv3 read client hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello TLS_accept: SSLv3 write server hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0694], Certificate TLS_accept: SSLv3 write certificate A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone TLS_accept: SSLv3 write server done A TLS_accept: SSLv3 flush data TLS_accept:error in SSLv3 read client certificate A In SSL Handshake Phase In SSL Accept mode eaptls_process returned 13 rlm_eap_peap: EAPTLS_HANDLED modcall[authenticate]: module "eap" returns handled for request 2 modcall: leaving group authenticate (returns handled) for request 2 Sending Access-Challenge of id 248 to 10.56.7.81 port 1645 EAP-Message = 0x0105040a19c0000006f1160301004a020000460301471df0af1061ddbf5eb56761e29205a9e3e6f2c629dfedd7e48986d1d70a1bdc20c8f928a15bdc928654f 737f82c0d065558cc630a34842ed95c75e9255ffe68e0002f0016030106940b00069000068d0002cd308202c930820232a003020102020102300d06092a864886 f70d010104050030819f310b30090603550406130243413111300f0603550408130850726f76696e63653112301006035504071309536f6d65204369747931153 013060355040a130c4f7267616e697a6174696f6e31123010060355040b13096c6f63616c686f7374311b301906035504031312436c69656e74206365 EAP-Message = 0x7274696669636174653121301f06092a864886f70d0109011612636c69656e74406578616d706c652e636f6d301e170d3034303132353133323631305a170d3 035303132343133323631305a30819b310b30090603550406130243413111300f0603550408130850726f76696e63653112301006035504071309536f6d652043 69747931153013060355040a130c4f7267616e697a6174696f6e31123010060355040b13096c6f63616c686f73743119301706035504031310526f6f742063657 27469666963617465311f301d06092a864886f70d0109011610726f6f74406578616d706c652e636f6d30819f300d06092a864886f70d010101050003 EAP-Message = 0x818d0030818902818100dac525422bfedb082629a2cba44b3449c90d0ab462fb72c8434a782098863d7eb7d7e70028c2b7ad555a51cc756cf4fa1d7091615ab 450d5289553ae6616aff014a55085d6b8fb4aee98638e426175cdd36c665c63cda177d34920eb30585edc8773999c2980f81ad4638bbbea1c82d054023db7ef24 a3ec1c3f6241a903d7f30203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d0101040500038181007a2d921b1cf 13bf2982a9178ec9ede6d88edc178a2e8bd40a0a06fb6f0769957884cd7084537083496fd184165293f583c8e8240eb68e042c94b15752e4c07e80d09 EAP-Message = 0x779afa3dd55c24fa54ac292d77205d1c2477ed30d59f57caf9bd21ff2a8d16cc0911c50e4f295763fcb60efa3c3d2d0e43850f6e6fbe284902f6e8350365000 3ba308203b63082031fa003020102020100300d06092a864886f70d010104050030819f310b30090603550406130243413111300f0603550408130850726f7669 6e63653112301006035504071309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f6e31123010060355040b13096c6f63616c686f7 374311b301906035504031312436c69656e742063657274696669636174653121301f06092a864886f70d0109011612636c69656e74406578616d706c EAP-Message = 0x652e636f6d301e170d3034303132353133323630375a Message-Authenticator = 0x00000000000000000000000000000000 State = 0x2a41bebb402ac05cba1644abf67b505d Finished request 2 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 10.56.7.81:1645, id=249, length=146 User-Name = "timmy" Framed-MTU = 1400 Called-Station-Id = "0013.6067.bcb0" Calling-Station-Id = "001b.7728.a8c0" Service-Type = Login-User Message-Authenticator = 0x92dcb7065be1aacef1d3c822189d80ac EAP-Message = 0x020500061900 NAS-Port-Type = Wireless-802.11 NAS-Port = 6722 State = 0x2a41bebb402ac05cba1644abf67b505d NAS-IP-Address = 10.56.7.81 NAS-Identifier = "svhwapmed0301" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 3 modcall[authorize]: module "chap" returns noop for request 3 modcall[authorize]: module "preprocess" returns ok for request 3 modcall[authorize]: module "mschap" returns noop for request 3 rlm_realm: No '@' in User-Name = "timmy", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 3 rlm_eap: EAP packet type response id 5 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 3 modcall[authorize]: module "files" returns notfound for request 3 rlm_ldap: - authorize rlm_ldap: performing user authorization for timmy radius_xlat: '(cn=timmy)' radius_xlat: 'ou=people,ou=darlinghurst,ou=nsw,o=schs,c=au' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in ou=people,ou=darlinghurst,ou=nsw,o=schs,c=au, with filter (cn=timmy) rlm_ldap: checking if remote access for timmy is allowed by cn rlm_ldap: Password header not found in password timmysPASSWORD for user timmy rlm_ldap: looking for check items in directory... rlm_ldap: Adding userPassword as User-Password, value timmysPASSWORD & op=21 rlm_ldap: looking for reply items in directory... rlm_ldap: user timmy authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "people_search" returns ok for request 3 modcall: leaving group authorize (returns updated) for request 3 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 3 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: ack handshake fragment handler eaptls_verify returned 1 eaptls_process returned 13 rlm_eap_peap: EAPTLS_HANDLED modcall[authenticate]: module "eap" returns handled for request 3 modcall: leaving group authenticate (returns handled) for request 3 Sending Access-Challenge of id 249 to 10.56.7.81 port 1645 EAP-Message = 0x010602f71900170d3036303132343133323630375a30819f310b30090603550406130243413111300f0603550408130850726f76696e6365311230100603550 4071309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f6e31123010060355040b13096c6f63616c686f7374311b30190603550403 1312436c69656e742063657274696669636174653121301f06092a864886f70d0109011612636c69656e74406578616d706c652e636f6d30819f300d06092a864 886f70d010101050003818d0030818902818100d4c5b19724f164acf1ffb189db1c8fbff4f14396ea7cb1e90f78d69451725377895dfe52ccb99b41e8 EAP-Message = 0x0ddeb58b127a943f4f58cbc562878192fbdc6fece9f871e7c130d35cf5188817e9b133249edd2a1c75d31043ae87553cec7a77ef26aa7d74281db9b77e17c64 46c5dd9b188b43250ca0229963722a123a726b00b4027fd0203010001a381ff3081fc301d0603551d0e0416041468d36d3e1ee7bc9d5a057021c363da1365d1ad e33081cc0603551d230481c43081c1801468d36d3e1ee7bc9d5a057021c363da1365d1ade3a181a5a481a230819f310b30090603550406130243413111300f060 3550408130850726f76696e63653112301006035504071309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f6e31123010 EAP-Message = 0x060355040b13096c6f63616c686f7374311b301906035504031312436c69656e742063657274696669636174653121301f06092a864886f70d0109011612636 c69656e74406578616d706c652e636f6d820100300c0603551d13040530030101ff300d06092a864886f70d01010405000381810033c00b66b1e579ef73a06798 252dab8d5e5511fc00fd276d80d12f834777c6743fdc2743fca1507704e4bc0979e4f60ac3ad9ee83e6f347369229d1f77229ba2e982359da563024a00163dba6 d6c986c0bad28af85132ff8f0d76501bf1b7c2dff658ce1e62c01997b6e64e3e8d4373354ce9912847651539063b85bbc5485c516030100040e000000 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x1a27c6ddec22fc7e8ba7321a04a67cdf Finished request 3 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 10.56.7.81:1645, id=250, length=348 User-Name = "timmy" Framed-MTU = 1400 Called-Station-Id = "0013.6067.bcb0" Calling-Station-Id = "001b.7728.a8c0" Service-Type = Login-User Message-Authenticator = 0x28fd9e0202cf42bd44781d1936b19d5b EAP-Message = 0x020600d01980000000c61603010086100000820080c8496ebc39e0d28f133239b1bfefccb1784377f1b07bd7d12bf071b224065604e7e5e9cf15bff61442b71 af55ac6c6858f77849b77a5c2166d136211cd01d13e4310bc0c7ca31c3cd4753fc290d89f66f4d7d741efe6111767af2458fce838b9433fb7f29c861f5512c2fc 841101765ff968fd0af7618fca760a1b0f52c8c12f1403010001011603010030ffc6b4939e760c4cb04e95cd91fc9b2ad09413ca627eaf3c5c2393a7c5faf2a00 61a5537352eda0ae57c30df28076830 NAS-Port-Type = Wireless-802.11 NAS-Port = 6722 State = 0x1a27c6ddec22fc7e8ba7321a04a67cdf NAS-IP-Address = 10.56.7.81 NAS-Identifier = "svhwapmed0301" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 4 modcall[authorize]: module "chap" returns noop for request 4 modcall[authorize]: module "preprocess" returns ok for request 4 modcall[authorize]: module "mschap" returns noop for request 4 rlm_realm: No '@' in User-Name = "timmy", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 4 rlm_eap: EAP packet type response id 6 length 208 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 4 modcall[authorize]: module "files" returns notfound for request 4 rlm_ldap: - authorize rlm_ldap: performing user authorization for timmy radius_xlat: '(cn=timmy)' radius_xlat: 'ou=people,ou=darlinghurst,ou=nsw,o=schs,c=au' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in ou=people,ou=darlinghurst,ou=nsw,o=schs,c=au, with filter (cn=timmy) rlm_ldap: checking if remote access for timmy is allowed by cn rlm_ldap: Password header not found in password timmysPASSWORD for user timmy rlm_ldap: looking for check items in directory... rlm_ldap: Adding userPassword as User-Password, value timmysPASSWORD & op=21 rlm_ldap: looking for reply items in directory... rlm_ldap: user timmy authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "people_search" returns ok for request 4 modcall: leaving group authorize (returns updated) for request 4 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 4 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange TLS_accept: SSLv3 read client key exchange A rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001] rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished TLS_accept: SSLv3 read finished A rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001] TLS_accept: SSLv3 write change cipher spec A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished TLS_accept: SSLv3 write finished A TLS_accept: SSLv3 flush data (other): SSL negotiation finished successfully SSL Connection Established eaptls_process returned 13 rlm_eap_peap: EAPTLS_HANDLED modcall[authenticate]: module "eap" returns handled for request 4 modcall: leaving group authenticate (returns handled) for request 4 Sending Access-Challenge of id 250 to 10.56.7.81 port 1645 EAP-Message = 0x01070041190014030100010116030100306b3fd8715c33413675406c2dba6d3c4cf5b81093805d860c763723e87d2f53c3c9c1b337b68f0ca371f395bf52371 262 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x750739061080eab3d90e47746efede12 Finished request 4 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 10.56.7.81:1645, id=251, length=146 User-Name = "timmy" Framed-MTU = 1400 Called-Station-Id = "0013.6067.bcb0" Calling-Station-Id = "001b.7728.a8c0" Service-Type = Login-User Message-Authenticator = 0xac51a58b821abc23ae73f0b5faba230f EAP-Message = 0x020700061900 NAS-Port-Type = Wireless-802.11 NAS-Port = 6722 State = 0x750739061080eab3d90e47746efede12 NAS-IP-Address = 10.56.7.81 NAS-Identifier = "svhwapmed0301" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 5 modcall[authorize]: module "chap" returns noop for request 5 modcall[authorize]: module "preprocess" returns ok for request 5 modcall[authorize]: module "mschap" returns noop for request 5 rlm_realm: No '@' in User-Name = "timmy", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 5 rlm_eap: EAP packet type response id 7 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 5 modcall[authorize]: module "files" returns notfound for request 5 rlm_ldap: - authorize rlm_ldap: performing user authorization for timmy radius_xlat: '(cn=timmy)' radius_xlat: 'ou=people,ou=darlinghurst,ou=nsw,o=schs,c=au' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in ou=people,ou=darlinghurst,ou=nsw,o=schs,c=au, with filter (cn=timmy) rlm_ldap: checking if remote access for timmy is allowed by cn rlm_ldap: Password header not found in password timmysPASSWORD for user timmy rlm_ldap: looking for check items in directory... rlm_ldap: Adding userPassword as User-Password, value timmysPASSWORD & op=21 rlm_ldap: looking for reply items in directory... rlm_ldap: user timmy authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "people_search" returns ok for request 5 modcall: leaving group authorize (returns updated) for request 5 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 5 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: ack handshake is finished eaptls_verify returned 3 eaptls_process returned 3 rlm_eap_peap: EAPTLS_SUCCESS modcall[authenticate]: module "eap" returns handled for request 5 modcall: leaving group authenticate (returns handled) for request 5 Sending Access-Challenge of id 251 to 10.56.7.81 port 1645 EAP-Message = 0x010800501900170301002056b3fce58dfde9876381acb7eb7ec8139c58d280947a6c2cae9d9eeba78271f61703010020086e9221f752701d9d96797db6f7ae6 c3d6ff0e8afe29639e9607da3bb708140 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x144352a3976c560713ae411bf3b1f1fd Finished request 5 Going to the next request Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 246 with timestamp 471df0af Cleaning up request 1 ID 247 with timestamp 471df0af Cleaning up request 2 ID 248 with timestamp 471df0af Cleaning up request 3 ID 249 with timestamp 471df0af Cleaning up request 4 ID 250 with timestamp 471df0af Cleaning up request 5 ID 251 with timestamp 471df0af Nothing to do. Sleeping until we see a request. ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been virus scanned and although no viruses were detected by the system, St Vincents & Mater Health Sydney accepts no liability for any consequential damage resulting from email containing any computer viruses. ********************************************************************** - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html