subject:"Radius log files"

Re: Radius log files

2008-12-05 Thread David Blackman

This is a windows XP laptop logging in as db and the mac address is 
0003:471f:9744.  I was not able to find the mac address in the output, 
so would there need to be something that I need to configure to get this 
info?  Where do  find information on the linelog module?


[EMAIL PROTECTED] wrote:

Can I get the mac
address or computer name of the computer written to the log file?  I see
that the computer name is logged when the user is denied.



Do radiusd -X and see if mac address (computer name will not appear for
user authentication) appears in the request attributes
(Calling-Station-Id is the most likely). If it does, you can log it. See
linelog module.

Ivan Kalik
Kalik Informatika ISP

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


rad_recv: Access-Request packet from host 128.227.232.133 port 49155, 
id=0, length=69

NAS-IP-Address = 128.227.232.133
NAS-Port-Type = Ethernet
NAS-Port = 15
User-Name = db
EAP-Message = 0x02010007016462
Message-Authenticator = 0x6cf174049e73916e850b9cd445f2425b
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = db, looking up realm NULL
[suffix] No such realm NULL
++[suffix] returns noop
[eap] EAP packet type response id 1 length 7
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No known good password found for the user. 
Authentication may fail because of this.

++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type md5
rlm_eap_md5: Issuing Challenge
++[eap] returns handled
Sending Access-Challenge of id 0 to 128.227.232.133 port 49155
EAP-Message = 0x010200160410f43f631dda6ea458c36c654f666e7c24
Message-Authenticator = 0x
State = 0xc4c69974c4c49dc928a82c4f8dbb2dbf
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 128.227.232.133 port 49155, 
id=0, length=86

Cleaning up request 0 ID 0 with timestamp +36
NAS-IP-Address = 128.227.232.133
NAS-Port-Type = Ethernet
NAS-Port = 15
User-Name = db
State = 0xc4c69974c4c49dc928a82c4f8dbb2dbf
EAP-Message = 0x020200060319
Message-Authenticator = 0xbe4aa971c4100fa839166c318dd6ded1
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = db, looking up realm NULL
[suffix] No such realm NULL
++[suffix] returns noop
[eap] EAP packet type response id 2 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No known good password found for the user. 
Authentication may fail because of this.

++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP NAK
[eap] EAP-NAK asked for EAP-Type/peap
[eap] processing type tls
[tls] Initiate
[tls] Start returned 1
++[eap] returns handled
Sending Access-Challenge of id 0 to 128.227.232.133 port 49155
EAP-Message = 0x010300061920
Message-Authenticator = 0x
State = 0xc4c69974c5c580c928a82c4f8dbb2dbf
Finished request 1.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 128.227.232.133 port 49155, 
id=0, length=160

Cleaning up request 1 ID 0 with timestamp +36
NAS-IP-Address = 128.227.232.133
NAS-Port-Type = Ethernet
NAS-Port = 15
User-Name = db
State = 0xc4c69974c5c580c928a82c4f8dbb2dbf
EAP-Message = 
0x02030050198000461603010041013d03014939381309817df59b25a5b17df37c14546f41cb32caceb84db43cb1977a8d411600040005000a000900640062000300060013001200630100

Message-Authenticator = 0x92c16642be16c4c8c883fabef163ce4e
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = db, looking up realm NULL
[suffix] No such realm NULL
++[suffix] returns noop
[eap] EAP packet type response id 3 length 80
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
  TLS Length 70
[peap] Length Included
[peap] eaptls_verify returned 11
[peap] (other): before/accept initialization
[peap] TLS_accept: before/accept initialization
[peap]  TLS 1.0 Handshake [length 0041], ClientHello
[peap] TLS_accept: SSLv3 read client hello A
[peap]  TLS 1.0

Re: Radius log files

2008-12-05 Thread Martin Silvero

Hi



I have the same logout when I do radiusd -X

If I find a solution or some I telll you.

if you find some tellme =)


Bye!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Radius log files

2008-12-05 Thread tnt

This is a windows XP laptop logging in as db and the mac address is
0003:471f:9744.  I was not able to find the mac address in the output,
so would there need to be something that I need to configure to get this
info?
rad_recv: Access-Request packet from host 128.227.232.133 port 49155,
id=0, length=69
 NAS-IP-Address = 128.227.232.133
 NAS-Port-Type = Ethernet
 NAS-Port = 15
 User-Name = db
 EAP-Message = 0x02010007016462
 Message-Authenticator = 0x6cf174049e73916e850b9cd445f2425b

It is not in the request - so you can't log it. Check your NAS
documentation if you can make it appear in Calling-Station-Id. Access
points normally send it. But this doesn't look like an AP.

Where do  find information on the linelog module?

raddb/modules/linelog

Ivan Kalik
Kalik Informatika ISP

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Radius log files

2008-12-04 Thread David Blackman

I have included a clip from the radius log file that shows both allow 
and a deny.  The problem that I'm having is that I need to log info that 
I can track back to the computer that logged on.  Can I get the mac 
address or computer name of the computer written to the log file?  I see 
that the computer name is logged when the user is denied.



Thu Dec  4 07:01:37 2008 : Auth: Login incorrect: host/paolo-laptop/via 
Auth-Type = EAP] (from client linksys port 0 via TLS tunnel)
Thu Dec  4 07:01:37 2008 : Auth: Login incorrect: host/paolo-laptop/via 
Auth-Type = EAP] (from client linksys port 44)
Thu Dec  4 07:14:17 2008 : Auth: Login OK: [bradatea/via Auth-Type = 
EAP] (from client linksys port 0 via TLS tunnel)
Thu Dec  4 07:14:17 2008 : Auth: Login OK: [bradatea/via Auth-Type = 
EAP] (from client linksys port 44)

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Radius log files

2008-12-04 Thread tnt

I have included a clip from the radius log file that shows both allow
and a deny.  The problem that I'm having is that I need to log info that
I can track back to the computer that logged on.  Can I get the mac
address or computer name of the computer written to the log file?  I see
that the computer name is logged when the user is denied.


Do radiusd -X and see if mac address (computer name will not appear for
user authentication) appears in the request attributes
(Calling-Station-Id is the most likely). If it does, you can log it. See
linelog module.

Ivan Kalik
Kalik Informatika ISP

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Radius log files

Re: Radius log files

Re: Radius log files

Radius log files

Re: Radius log files

5 matches

Site Navigation

Mail list logo

Footer information