Ivan Kalik wrote:
>
>
>> You have deleted the interesting part of the debug.
>
>>Ivan Kalik
>>Kalik Informatika ISP
>
>
Sorry
Here is my all debug.
Ready to process requests.
rad_recv: Access-Request packet from host 10.14.56.33 port 32768, id=2,
length=163
User-Name = "user"
Calling-Station-Id = "00-24-2C-83-AA-92"
Called-Station-Id = "00-21-A1-9E-F9-30:testGDL"
NAS-Port = 1
NAS-IP-Address = 10.14.56.33
NAS-Identifier = "test-gdl-wlc"
Airespace-Wlan-Id = 1
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x020800090175736572
Message-Authenticator = 0xb86c778d5e5cbb982425e05ea5b4b6e8
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "user", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 8 length 9
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
++[files] returns noop
[ldap] performing user authorization for user
[ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for
details
[ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=user)
[ldap] expand: ou=Wireless,dc=local,dc=test,dc=com ->
ou=Wireless,dc=local,dc=test,dc=com
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=Wireless,dc=local,dc=test,dc=com, with
filter (cn=user)
[ldap] No default NMAS login sequence
[ldap] looking for check items in directory...
rlm_ldap: userPassword -> Cleartext-Password == "Newuser01"
[ldap] looking for reply items in directory...
[ldap] user user authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
++[ldap] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] Found existing Auth-Type, not changing it.
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type md5
rlm_eap_md5: Issuing Challenge
++[eap] returns handled
Sending Access-Challenge of id 2 to 10.14.56.33 port 32768
EAP-Message = 0x010900160410a1a022fc9a0dfa06c749cc18033a2a4a
Message-Authenticator = 0x
State = 0xeb2a1c90eb2318c7f00b52ffc2a1bc44
Finished request 1.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.14.56.33 port 32768, id=2,
length=163
Sending duplicate reply to client 10.14.56.33 port 32768 - ID: 2
Sending Access-Challenge of id 2 to 10.14.56.33 port 32768
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.14.56.33 port 32768, id=2,
length=163
Sending duplicate reply to client 10.14.56.33 port 32768 - ID: 2
Sending Access-Challenge of id 2 to 10.14.56.33 port 32768
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.14.56.33 port 32768, id=3,
length=178
User-Name = "user"
Calling-Station-Id = "00-24-2C-83-AA-92"
Called-Station-Id = "00-21-A1-9E-F9-30:testGDL"
NAS-Port = 1
NAS-IP-Address = 10.14.56.33
NAS-Identifier = "test-gdl-wlc"
Airespace-Wlan-Id = 1
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x020900060315
State = 0xeb2a1c90eb2318c7f00b52ffc2a1bc44
Message-Authenticator = 0xbe3af8eada8201dbfd51322d12e53c40
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "user", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 9 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
++[files] returns noop
[ldap] performing user authorization for user
[ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for
details
[ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=user)
[ldap] expand: ou=Wireless,dc=local,dc=test,dc=com ->
ou=Wireless,dc=local,dc=test,dc=com
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=Wireless,dc=local,dc=test,dc=com, with
filter (cn=user)
[ldap] No default NMAS login sequence
[ldap] looking for check items in directory...
rlm_ldap: userPassword -> Cleartext-Password == "Newuser01"
[ldap] looking for reply items in directory...
[ldap] user user authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
++[ldap] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] Found existing Auth-Type, not changing it.
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP NAK
[eap] EAP-NAK asked for EA