API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 19th, 2012
110
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 14.55 KB | None | 0 0
raw download clone embed print report
  1.  
  2. [eap] Continuing tunnel setup.
  3. ++[eap] returns ok
  4. Found Auth-Type = EAP
  5. # Executing group from file /etc/freeradius/sites-enabled/default
  6. +- entering group authenticate {...}
  7. [eap] Request found, released from the list
  8. [eap] EAP/peap
  9. [eap] processing type peap
  10. [peap] processing EAP-TLS
  11. [peap] eaptls_verify returned 7
  12. [peap] Done initial handshake
  13. [peap] eaptls_process returned 7
  14. [peap] EAPTLS_OK
  15. [peap] Session established. Decoding tunneled attributes.
  16. [peap] Peap state phase2
  17. [peap] EAP type mschapv2
  18. [peap] Got tunneled request
  19. EAP-Message = 0x02de004c1a02de004731165fcb87a5599a9e3a477b0bd7cd03ce00000000000000003d7c1acb81b8c8287142d0fa6272b618541d330df55c0800006d61726b7573406b6c2d64666b692e6465
  20. server {
  21. PEAP: Setting User-Name to markus@kl-dfki.de
  22. Sending tunneled request
  23. EAP-Message = 0x02de004c1a02de004731165fcb87a5599a9e3a477b0bd7cd03ce00000000000000003d7c1acb81b8c8287142d0fa6272b618541d330df55c0800006d61726b7573406b6c2d64666b692e6465
  24. FreeRADIUS-Proxied-To = 127.0.0.1
  25. User-Name = "markus@kl-dfki.de"
  26. State = 0xe1fcc543e122dfbc041126a585b2adfc
  27. NAS-IP-Address = 172.16.18.214
  28. NAS-Port = 1
  29. Called-Station-Id = "F8-D1-11-3A-BE-50:OpenURC"
  30. Calling-Station-Id = "00-24-2C-2A-F9-89"
  31. Framed-MTU = 1400
  32. NAS-Port-Type = Wireless-802.11
  33. Connect-Info = "CONNECT 54Mbps 802.11g"
  34. server inner-tunnel {
  35. # Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
  36. +- entering group authorize {...}
  37. ++[mschap] returns noop
  38. [suffix] Looking up realm "kl-dfki.de" for User-Name = "markus@kl-dfki.de"
  39. [suffix] Found realm "kl-dfki.de"
  40. [suffix] Adding Stripped-User-Name = "markus"
  41. [suffix] Adding Realm = "kl-dfki.de"
  42. [suffix] Authentication realm is LOCAL.
  43. ++[suffix] returns ok
  44. ++[control] returns ok
  45. [eap] EAP packet type response id 222 length 76
  46. [eap] No EAP Start, assuming it's an on-going EAP conversation
  47. ++[eap] returns updated
  48. ++[files] returns noop
  49. [sql] expand: %{Stripped-User-Name} -> markus
  50. [sql] expand: %{%{Stripped-User-Name}:-%{%{User-Name}:-DEFAULT}} -> markus
  51. [sql] sql_set_user escaped user --> 'markus'
  52. rlm_sql (sql): Reserving sql socket id: 1
  53. [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'markus' ORDER BY id
  54. [sql] User found in radcheck table
  55. [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'markus' ORDER BY id
  56. [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'markus' ORDER BY priority
  57. rlm_sql (sql): Released sql socket id: 1
  58. ++[sql] returns ok
  59. ++[expiration] returns noop
  60. ++[logintime] returns noop
  61. Found Auth-Type = EAP
  62. # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
  63. +- entering group authenticate {...}
  64. [eap] Request found, released from the list
  65. [eap] EAP/mschapv2
  66. [eap] processing type mschapv2
  67. [mschapv2] # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
  68. [mschapv2] +- entering group MS-CHAP {...}
  69. [mschap] Creating challenge hash with username: markus@kl-dfki.de
  70. [mschap] Told to do MS-CHAPv2 for markus@kl-dfki.de with NT-Password
  71. [mschap] adding MS-CHAPv2 MPPE keys
  72. ++[mschap] returns ok
  73. MSCHAP Success
  74. ++[eap] returns handled
  75. } # server inner-tunnel
  76. [peap] Got tunneled reply code 11
  77. EAP-Message = 0x01df00331a03de002e533d35354636323430454234414137343843383538304133353435363032313341413438334530333746
  78. Message-Authenticator = 0x00000000000000000000000000000000
  79. State = 0xe1fcc543e023dfbc041126a585b2adfc
  80. [peap] Got tunneled reply RADIUS code 11
  81. EAP-Message = 0x01df00331a03de002e533d35354636323430454234414137343843383538304133353435363032313341413438334530333746
  82. Message-Authenticator = 0x00000000000000000000000000000000
  83. State = 0xe1fcc543e023dfbc041126a585b2adfc
  84. [peap] Got tunneled Access-Challenge
  85. ++[eap] returns handled
  86. Sending Access-Challenge of id 218 to 172.16.3.225 port 1814
  87. EAP-Message = 0x01df00531900170301004883f5cd0adc0efed30c9843fffe22e2f08f69a83e9e2759456836b17bc8c4734ffb9a769f48b8dbdd23aa98afaf71d0fc32abe43c180b359c47aaeaee5a29d901be5d6089200b690e
  88. Message-Authenticator = 0x00000000000000000000000000000000
  89. State = 0x1486a3861359bae207d8a1fdf0cd7f33
  90. Proxy-State = 0x323435
  91. Proxy-State = 0x313930
  92. Finished request 7.
  93. Going to the next request
  94.  
  95. .......
  96.  
  97. Found Auth-Type = EAP
  98. # Executing group from file /etc/freeradius/sites-enabled/default
  99. +- entering group authenticate {...}
  100. [eap] Request found, released from the list
  101. [eap] EAP/peap
  102. [eap] processing type peap
  103. [peap] processing EAP-TLS
  104. [peap] eaptls_verify returned 7
  105. [peap] Done initial handshake
  106. [peap] eaptls_process returned 7
  107. [peap] EAPTLS_OK
  108. [peap] Session established. Decoding tunneled attributes.
  109. [peap] Peap state send tlv success
  110. [peap] Received EAP-TLV response.
  111. [peap] Success
  112. [peap] Using saved attributes from the original Access-Accept
  113. User-Name = "markus"
  114. Realm = "kl-dfki.de"
  115. [eap] Freeing handler
  116. ++[eap] returns ok
  117. # Executing section post-auth from file /etc/freeradius/sites-enabled/default
  118. +- entering group post-auth {...}
  119. ++[exec] returns noop
  120. expand: %{Realm} -> kl-dfki.de
  121. ++[reply] returns noop
  122. ++[reply] returns noop
  123. Sending Access-Accept of id 188 to 172.16.3.225 port 1814
  124. User-Name = "markus"
  125. MS-MPPE-Recv-Key = 0x19bfda63662c5eda0d0cfd34c617f262ae8611b10aab33c89598e9478000e667
  126. MS-MPPE-Send-Key = 0xa653fb00f50ffb9b86c15b777bc4d6807912c23511749aef1d030b87cb3b0619
  127. EAP-Message = 0x03e00004
  128. Message-Authenticator = 0x00000000000000000000000000000000
  129. 3Com-Ip-Host-Addr = "123.456.789.012"
  130. Proxy-State = 0x323437
  131. Proxy-State = 0x323132
  132. Finished request 9.
  133.  
  134. ...
  135.  
  136. # Executing group from file /etc/freeradius/sites-enabled/default
  137. +- entering group authenticate {...}
  138. [eap] Request found, released from the list
  139. [eap] EAP/peap
  140. [eap] processing type peap
  141. [peap] processing EAP-TLS
  142. [peap] eaptls_verify returned 7
  143. [peap] Done initial handshake
  144. [peap] eaptls_process returned 7
  145. [peap] EAPTLS_OK
  146. [peap] Session established. Decoding tunneled attributes.
  147. [peap] Peap state phase2
  148. [peap] EAP type mschapv2
  149. [peap] Got tunneled request
  150. EAP-Message = 0x02df00061a03
  151. server {
  152. PEAP: Setting User-Name to markus@kl-dfki.de
  153. Sending tunneled request
  154. EAP-Message = 0x02df00061a03
  155. FreeRADIUS-Proxied-To = 127.0.0.1
  156. User-Name = "markus@kl-dfki.de"
  157. State = 0xe1fcc543e023dfbc041126a585b2adfc
  158. NAS-IP-Address = 172.16.18.214
  159. NAS-Port = 1
  160. Called-Station-Id = "F8-D1-11-3A-BE-50:OpenURC"
  161. Calling-Station-Id = "00-24-2C-2A-F9-89"
  162. Framed-MTU = 1400
  163. NAS-Port-Type = Wireless-802.11
  164. Connect-Info = "CONNECT 54Mbps 802.11g"
  165. server inner-tunnel {
  166. # Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
  167. +- entering group authorize {...}
  168. ++[mschap] returns noop
  169. [suffix] Looking up realm "kl-dfki.de" for User-Name = "markus@kl-dfki.de"
  170. [suffix] Found realm "kl-dfki.de"
  171. [suffix] Adding Stripped-User-Name = "markus"
  172. [suffix] Adding Realm = "kl-dfki.de"
  173. [suffix] Authentication realm is LOCAL.
  174. ++[suffix] returns ok
  175. ++[control] returns ok
  176. [eap] EAP packet type response id 223 length 6
  177. [eap] No EAP Start, assuming it's an on-going EAP conversation
  178. ++[eap] returns updated
  179. ++[files] returns noop
  180. [sql] expand: %{Stripped-User-Name} -> markus
  181. [sql] expand: %{%{Stripped-User-Name}:-%{%{User-Name}:-DEFAULT}} -> markus
  182. [sql] sql_set_user escaped user --> 'markus'
  183. rlm_sql (sql): Reserving sql socket id: 0
  184. [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'markus' ORDER BY id
  185. [sql] User found in radcheck table
  186. [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'markus' ORDER BY id
  187. [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'markus' ORDER BY priority
  188. rlm_sql (sql): Released sql socket id: 0
  189. ++[sql] returns ok
  190. ++[expiration] returns noop
  191. ++[logintime] returns noop
  192. Found Auth-Type = EAP
  193. # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
  194. +- entering group authenticate {...}
  195. [eap] Request found, released from the list
  196. [eap] EAP/mschapv2
  197. [eap] processing type mschapv2
  198. [eap] Freeing handler
  199. ++[eap] returns ok
  200. # Executing section post-auth from file /etc/freeradius/sites-enabled/inner-tunnel
  201. +- entering group post-auth {...}
  202. [sql] expand: %{Stripped-User-Name} -> markus
  203. [sql] expand: %{%{Stripped-User-Name}:-%{%{User-Name}:-DEFAULT}} -> markus
  204. [sql] sql_set_user escaped user --> 'markus'
  205. [sql] expand: %{User-Password} ->
  206. [sql] ... expanding second conditional
  207. [sql] expand: %{Chap-Password} ->
  208. [sql] expand: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'markus@kl-dfki.de', '', 'Access-Accept', '2012-10-19 19:48:24')
  209. rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'markus@kl-dfki.de', '', 'Access-Accept', '2012-10-19 19:48:24')
  210. rlm_sql (sql): Reserving sql socket id: 4
  211. rlm_sql (sql): Released sql socket id: 4
  212. ++[sql] returns ok
  213. expand: %{Realm} -> kl-dfki.de
  214. ++[reply] returns ok
  215. } # server inner-tunnel
  216. [peap] Got tunneled reply code 2
  217. MS-MPPE-Encryption-Policy = 0x00000001
  218. MS-MPPE-Encryption-Types = 0x00000006
  219. MS-MPPE-Send-Key = 0xafd2f1fd6e9e2e7ae0a9e44cc5753e7a
  220. MS-MPPE-Recv-Key = 0xa61377e45b8ec8ccb0ced86c417ab4b9
  221. EAP-Message = 0x03df0004
  222. Message-Authenticator = 0x00000000000000000000000000000000
  223. User-Name = "markus"
  224. Realm = "kl-dfki.de"
  225. [peap] Got tunneled reply RADIUS code 2
  226. MS-MPPE-Encryption-Policy = 0x00000001
  227. MS-MPPE-Encryption-Types = 0x00000006
  228. MS-MPPE-Send-Key = 0xafd2f1fd6e9e2e7ae0a9e44cc5753e7a
  229. MS-MPPE-Recv-Key = 0xa61377e45b8ec8ccb0ced86c417ab4b9
  230. EAP-Message = 0x03df0004
  231. Message-Authenticator = 0x00000000000000000000000000000000
  232. User-Name = "markus"
  233. Realm = "kl-dfki.de"
  234. [peap] Tunneled authentication was successful.
  235. [peap] SUCCESS
  236. [peap] Saving tunneled attributes for later
  237. ++[eap] returns handled
  238. Sending Access-Challenge of id 32 to 172.16.3.225 port 1814
  239. EAP-Message = 0x01e0002b19001703010020c2384d09925d44665ee706284e751bb3c1f660a77f07d54ace06146052dbec57
  240. Message-Authenticator = 0x00000000000000000000000000000000
  241. State = 0x1486a3861c66bae207d8a1fdf0cd7f33
  242. Proxy-State = 0x323436
  243. Proxy-State = 0x313937
  244. Finished request 8.
  245. Going to the next request
  246. Waking up in 4.9 seconds.
  247. rad_recv: Access-Request packet from host 172.16.3.225 port 1814, id=188, length=224
  248. User-Name = "markus@kl-dfki.de"
  249. NAS-IP-Address = 172.16.18.214
  250. NAS-Port = 1
  251. Called-Station-Id = "F8-D1-11-3A-BE-50:OpenURC"
  252. Calling-Station-Id = "00-24-2C-2A-F9-89"
  253. Framed-MTU = 1400
  254. NAS-Port-Type = Wireless-802.11
  255. Connect-Info = "CONNECT 54Mbps 802.11g"
  256. EAP-Message = 0x02e0002b19001703010020e2f053d2e910beae3cc86d13b8f5ce250a988449b6c1fbda202f96387ddea962
  257. State = 0x1486a3861c66bae207d8a1fdf0cd7f33
  258. Message-Authenticator = 0x26cc5395af2df290e0cff5ffec9a9729
  259. Proxy-State = 0x323437
  260. Proxy-State = 0x323132
  261. # Executing section authorize from file /etc/freeradius/sites-enabled/default
  262. +- entering group authorize {...}
  263. ++[preprocess] returns ok
  264. [auth_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/freeradius/radacct/172.16.3.225/auth-detail-20121019
  265. [auth_log] /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/172.16.3.225/auth-detail-20121019
  266. [auth_log] expand: %t -> Fri Oct 19 19:48:24 2012
  267. ++[auth_log] returns ok
  268. ++[mschap] returns noop
  269. ++[digest] returns noop
  270. [suffix] Looking up realm "kl-dfki.de" for User-Name = "markus@kl-dfki.de"
  271. [suffix] Found realm "kl-dfki.de"
  272. [suffix] Adding Stripped-User-Name = "markus"
  273. [suffix] Adding Realm = "kl-dfki.de"
  274. [suffix] Authentication realm is LOCAL.
  275. ++[suffix] returns ok
  276. [eap] EAP packet type response id 224 length 43
  277. [eap] Continuing tunnel setup.
  278. ++[eap] returns ok
  279. Found Auth-Type = EAP
  280. # Executing group from file /etc/freeradius/sites-enabled/default
  281. +- entering group authenticate {...}
  282. [eap] Request found, released from the list
  283. [eap] EAP/peap
  284. [eap] processing type peap
  285. [peap] processing EAP-TLS
  286. [peap] eaptls_verify returned 7
  287. [peap] Done initial handshake
  288. [peap] eaptls_process returned 7
  289. [peap] EAPTLS_OK
  290. [peap] Session established. Decoding tunneled attributes.
  291. [peap] Peap state send tlv success
  292. [peap] Received EAP-TLV response.
  293. [peap] Success
  294. [peap] Using saved attributes from the original Access-Accept
  295. User-Name = "markus"
  296. Realm = "kl-dfki.de"
  297. [eap] Freeing handler
  298. ++[eap] returns ok
  299. # Executing section post-auth from file /etc/freeradius/sites-enabled/default
  300. +- entering group post-auth {...}
  301. ++[exec] returns noop
  302. expand: %{Realm} -> kl-dfki.de
  303. ++[reply] returns noop
  304. ++[reply] returns noop
  305. Sending Access-Accept of id 188 to 172.16.3.225 port 1814
  306. User-Name = "markus"
  307. MS-MPPE-Recv-Key = 0x19bfda63662c5eda0d0cfd34c617f262ae8611b10aab33c89598e9478000e667
  308. MS-MPPE-Send-Key = 0xa653fb00f50ffb9b86c15b777bc4d6807912c23511749aef1d030b87cb3b0619
  309. EAP-Message = 0x03e00004
  310. Message-Authenticator = 0x00000000000000000000000000000000
  311. 3Com-Ip-Host-Addr = "123.456.789.012"
  312. Proxy-State = 0x323437
  313. Proxy-State = 0x323132
  314. Finished request 9.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!