Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [eap] Continuing tunnel setup.
- ++[eap] returns ok
- Found Auth-Type = EAP
- # Executing group from file /etc/freeradius/sites-enabled/default
- +- entering group authenticate {...}
- [eap] Request found, released from the list
- [eap] EAP/peap
- [eap] processing type peap
- [peap] processing EAP-TLS
- [peap] eaptls_verify returned 7
- [peap] Done initial handshake
- [peap] eaptls_process returned 7
- [peap] EAPTLS_OK
- [peap] Session established. Decoding tunneled attributes.
- [peap] Peap state phase2
- [peap] EAP type mschapv2
- [peap] Got tunneled request
- EAP-Message = 0x02de004c1a02de004731165fcb87a5599a9e3a477b0bd7cd03ce00000000000000003d7c1acb81b8c8287142d0fa6272b618541d330df55c0800006d61726b7573406b6c2d64666b692e6465
- server {
- PEAP: Setting User-Name to markus@kl-dfki.de
- Sending tunneled request
- EAP-Message = 0x02de004c1a02de004731165fcb87a5599a9e3a477b0bd7cd03ce00000000000000003d7c1acb81b8c8287142d0fa6272b618541d330df55c0800006d61726b7573406b6c2d64666b692e6465
- FreeRADIUS-Proxied-To = 127.0.0.1
- User-Name = "markus@kl-dfki.de"
- State = 0xe1fcc543e122dfbc041126a585b2adfc
- NAS-IP-Address = 172.16.18.214
- NAS-Port = 1
- Called-Station-Id = "F8-D1-11-3A-BE-50:OpenURC"
- Calling-Station-Id = "00-24-2C-2A-F9-89"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- server inner-tunnel {
- # Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
- +- entering group authorize {...}
- ++[mschap] returns noop
- [suffix] Looking up realm "kl-dfki.de" for User-Name = "markus@kl-dfki.de"
- [suffix] Found realm "kl-dfki.de"
- [suffix] Adding Stripped-User-Name = "markus"
- [suffix] Adding Realm = "kl-dfki.de"
- [suffix] Authentication realm is LOCAL.
- ++[suffix] returns ok
- ++[control] returns ok
- [eap] EAP packet type response id 222 length 76
- [eap] No EAP Start, assuming it's an on-going EAP conversation
- ++[eap] returns updated
- ++[files] returns noop
- [sql] expand: %{Stripped-User-Name} -> markus
- [sql] expand: %{%{Stripped-User-Name}:-%{%{User-Name}:-DEFAULT}} -> markus
- [sql] sql_set_user escaped user --> 'markus'
- rlm_sql (sql): Reserving sql socket id: 1
- [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'markus' ORDER BY id
- [sql] User found in radcheck table
- [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'markus' ORDER BY id
- [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'markus' ORDER BY priority
- rlm_sql (sql): Released sql socket id: 1
- ++[sql] returns ok
- ++[expiration] returns noop
- ++[logintime] returns noop
- Found Auth-Type = EAP
- # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
- +- entering group authenticate {...}
- [eap] Request found, released from the list
- [eap] EAP/mschapv2
- [eap] processing type mschapv2
- [mschapv2] # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
- [mschapv2] +- entering group MS-CHAP {...}
- [mschap] Creating challenge hash with username: markus@kl-dfki.de
- [mschap] Told to do MS-CHAPv2 for markus@kl-dfki.de with NT-Password
- [mschap] adding MS-CHAPv2 MPPE keys
- ++[mschap] returns ok
- MSCHAP Success
- ++[eap] returns handled
- } # server inner-tunnel
- [peap] Got tunneled reply code 11
- EAP-Message = 0x01df00331a03de002e533d35354636323430454234414137343843383538304133353435363032313341413438334530333746
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0xe1fcc543e023dfbc041126a585b2adfc
- [peap] Got tunneled reply RADIUS code 11
- EAP-Message = 0x01df00331a03de002e533d35354636323430454234414137343843383538304133353435363032313341413438334530333746
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0xe1fcc543e023dfbc041126a585b2adfc
- [peap] Got tunneled Access-Challenge
- ++[eap] returns handled
- Sending Access-Challenge of id 218 to 172.16.3.225 port 1814
- EAP-Message = 0x01df00531900170301004883f5cd0adc0efed30c9843fffe22e2f08f69a83e9e2759456836b17bc8c4734ffb9a769f48b8dbdd23aa98afaf71d0fc32abe43c180b359c47aaeaee5a29d901be5d6089200b690e
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x1486a3861359bae207d8a1fdf0cd7f33
- Proxy-State = 0x323435
- Proxy-State = 0x313930
- Finished request 7.
- Going to the next request
- .......
- Found Auth-Type = EAP
- # Executing group from file /etc/freeradius/sites-enabled/default
- +- entering group authenticate {...}
- [eap] Request found, released from the list
- [eap] EAP/peap
- [eap] processing type peap
- [peap] processing EAP-TLS
- [peap] eaptls_verify returned 7
- [peap] Done initial handshake
- [peap] eaptls_process returned 7
- [peap] EAPTLS_OK
- [peap] Session established. Decoding tunneled attributes.
- [peap] Peap state send tlv success
- [peap] Received EAP-TLV response.
- [peap] Success
- [peap] Using saved attributes from the original Access-Accept
- User-Name = "markus"
- Realm = "kl-dfki.de"
- [eap] Freeing handler
- ++[eap] returns ok
- # Executing section post-auth from file /etc/freeradius/sites-enabled/default
- +- entering group post-auth {...}
- ++[exec] returns noop
- expand: %{Realm} -> kl-dfki.de
- ++[reply] returns noop
- ++[reply] returns noop
- Sending Access-Accept of id 188 to 172.16.3.225 port 1814
- User-Name = "markus"
- MS-MPPE-Recv-Key = 0x19bfda63662c5eda0d0cfd34c617f262ae8611b10aab33c89598e9478000e667
- MS-MPPE-Send-Key = 0xa653fb00f50ffb9b86c15b777bc4d6807912c23511749aef1d030b87cb3b0619
- EAP-Message = 0x03e00004
- Message-Authenticator = 0x00000000000000000000000000000000
- 3Com-Ip-Host-Addr = "123.456.789.012"
- Proxy-State = 0x323437
- Proxy-State = 0x323132
- Finished request 9.
- ...
- # Executing group from file /etc/freeradius/sites-enabled/default
- +- entering group authenticate {...}
- [eap] Request found, released from the list
- [eap] EAP/peap
- [eap] processing type peap
- [peap] processing EAP-TLS
- [peap] eaptls_verify returned 7
- [peap] Done initial handshake
- [peap] eaptls_process returned 7
- [peap] EAPTLS_OK
- [peap] Session established. Decoding tunneled attributes.
- [peap] Peap state phase2
- [peap] EAP type mschapv2
- [peap] Got tunneled request
- EAP-Message = 0x02df00061a03
- server {
- PEAP: Setting User-Name to markus@kl-dfki.de
- Sending tunneled request
- EAP-Message = 0x02df00061a03
- FreeRADIUS-Proxied-To = 127.0.0.1
- User-Name = "markus@kl-dfki.de"
- State = 0xe1fcc543e023dfbc041126a585b2adfc
- NAS-IP-Address = 172.16.18.214
- NAS-Port = 1
- Called-Station-Id = "F8-D1-11-3A-BE-50:OpenURC"
- Calling-Station-Id = "00-24-2C-2A-F9-89"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- server inner-tunnel {
- # Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
- +- entering group authorize {...}
- ++[mschap] returns noop
- [suffix] Looking up realm "kl-dfki.de" for User-Name = "markus@kl-dfki.de"
- [suffix] Found realm "kl-dfki.de"
- [suffix] Adding Stripped-User-Name = "markus"
- [suffix] Adding Realm = "kl-dfki.de"
- [suffix] Authentication realm is LOCAL.
- ++[suffix] returns ok
- ++[control] returns ok
- [eap] EAP packet type response id 223 length 6
- [eap] No EAP Start, assuming it's an on-going EAP conversation
- ++[eap] returns updated
- ++[files] returns noop
- [sql] expand: %{Stripped-User-Name} -> markus
- [sql] expand: %{%{Stripped-User-Name}:-%{%{User-Name}:-DEFAULT}} -> markus
- [sql] sql_set_user escaped user --> 'markus'
- rlm_sql (sql): Reserving sql socket id: 0
- [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'markus' ORDER BY id
- [sql] User found in radcheck table
- [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'markus' ORDER BY id
- [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'markus' ORDER BY priority
- rlm_sql (sql): Released sql socket id: 0
- ++[sql] returns ok
- ++[expiration] returns noop
- ++[logintime] returns noop
- Found Auth-Type = EAP
- # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
- +- entering group authenticate {...}
- [eap] Request found, released from the list
- [eap] EAP/mschapv2
- [eap] processing type mschapv2
- [eap] Freeing handler
- ++[eap] returns ok
- # Executing section post-auth from file /etc/freeradius/sites-enabled/inner-tunnel
- +- entering group post-auth {...}
- [sql] expand: %{Stripped-User-Name} -> markus
- [sql] expand: %{%{Stripped-User-Name}:-%{%{User-Name}:-DEFAULT}} -> markus
- [sql] sql_set_user escaped user --> 'markus'
- [sql] expand: %{User-Password} ->
- [sql] ... expanding second conditional
- [sql] expand: %{Chap-Password} ->
- [sql] expand: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'markus@kl-dfki.de', '', 'Access-Accept', '2012-10-19 19:48:24')
- rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'markus@kl-dfki.de', '', 'Access-Accept', '2012-10-19 19:48:24')
- rlm_sql (sql): Reserving sql socket id: 4
- rlm_sql (sql): Released sql socket id: 4
- ++[sql] returns ok
- expand: %{Realm} -> kl-dfki.de
- ++[reply] returns ok
- } # server inner-tunnel
- [peap] Got tunneled reply code 2
- MS-MPPE-Encryption-Policy = 0x00000001
- MS-MPPE-Encryption-Types = 0x00000006
- MS-MPPE-Send-Key = 0xafd2f1fd6e9e2e7ae0a9e44cc5753e7a
- MS-MPPE-Recv-Key = 0xa61377e45b8ec8ccb0ced86c417ab4b9
- EAP-Message = 0x03df0004
- Message-Authenticator = 0x00000000000000000000000000000000
- User-Name = "markus"
- Realm = "kl-dfki.de"
- [peap] Got tunneled reply RADIUS code 2
- MS-MPPE-Encryption-Policy = 0x00000001
- MS-MPPE-Encryption-Types = 0x00000006
- MS-MPPE-Send-Key = 0xafd2f1fd6e9e2e7ae0a9e44cc5753e7a
- MS-MPPE-Recv-Key = 0xa61377e45b8ec8ccb0ced86c417ab4b9
- EAP-Message = 0x03df0004
- Message-Authenticator = 0x00000000000000000000000000000000
- User-Name = "markus"
- Realm = "kl-dfki.de"
- [peap] Tunneled authentication was successful.
- [peap] SUCCESS
- [peap] Saving tunneled attributes for later
- ++[eap] returns handled
- Sending Access-Challenge of id 32 to 172.16.3.225 port 1814
- EAP-Message = 0x01e0002b19001703010020c2384d09925d44665ee706284e751bb3c1f660a77f07d54ace06146052dbec57
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x1486a3861c66bae207d8a1fdf0cd7f33
- Proxy-State = 0x323436
- Proxy-State = 0x313937
- Finished request 8.
- Going to the next request
- Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 172.16.3.225 port 1814, id=188, length=224
- User-Name = "markus@kl-dfki.de"
- NAS-IP-Address = 172.16.18.214
- NAS-Port = 1
- Called-Station-Id = "F8-D1-11-3A-BE-50:OpenURC"
- Calling-Station-Id = "00-24-2C-2A-F9-89"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- EAP-Message = 0x02e0002b19001703010020e2f053d2e910beae3cc86d13b8f5ce250a988449b6c1fbda202f96387ddea962
- State = 0x1486a3861c66bae207d8a1fdf0cd7f33
- Message-Authenticator = 0x26cc5395af2df290e0cff5ffec9a9729
- Proxy-State = 0x323437
- Proxy-State = 0x323132
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +- entering group authorize {...}
- ++[preprocess] returns ok
- [auth_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/freeradius/radacct/172.16.3.225/auth-detail-20121019
- [auth_log] /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/172.16.3.225/auth-detail-20121019
- [auth_log] expand: %t -> Fri Oct 19 19:48:24 2012
- ++[auth_log] returns ok
- ++[mschap] returns noop
- ++[digest] returns noop
- [suffix] Looking up realm "kl-dfki.de" for User-Name = "markus@kl-dfki.de"
- [suffix] Found realm "kl-dfki.de"
- [suffix] Adding Stripped-User-Name = "markus"
- [suffix] Adding Realm = "kl-dfki.de"
- [suffix] Authentication realm is LOCAL.
- ++[suffix] returns ok
- [eap] EAP packet type response id 224 length 43
- [eap] Continuing tunnel setup.
- ++[eap] returns ok
- Found Auth-Type = EAP
- # Executing group from file /etc/freeradius/sites-enabled/default
- +- entering group authenticate {...}
- [eap] Request found, released from the list
- [eap] EAP/peap
- [eap] processing type peap
- [peap] processing EAP-TLS
- [peap] eaptls_verify returned 7
- [peap] Done initial handshake
- [peap] eaptls_process returned 7
- [peap] EAPTLS_OK
- [peap] Session established. Decoding tunneled attributes.
- [peap] Peap state send tlv success
- [peap] Received EAP-TLV response.
- [peap] Success
- [peap] Using saved attributes from the original Access-Accept
- User-Name = "markus"
- Realm = "kl-dfki.de"
- [eap] Freeing handler
- ++[eap] returns ok
- # Executing section post-auth from file /etc/freeradius/sites-enabled/default
- +- entering group post-auth {...}
- ++[exec] returns noop
- expand: %{Realm} -> kl-dfki.de
- ++[reply] returns noop
- ++[reply] returns noop
- Sending Access-Accept of id 188 to 172.16.3.225 port 1814
- User-Name = "markus"
- MS-MPPE-Recv-Key = 0x19bfda63662c5eda0d0cfd34c617f262ae8611b10aab33c89598e9478000e667
- MS-MPPE-Send-Key = 0xa653fb00f50ffb9b86c15b777bc4d6807912c23511749aef1d030b87cb3b0619
- EAP-Message = 0x03e00004
- Message-Authenticator = 0x00000000000000000000000000000000
- 3Com-Ip-Host-Addr = "123.456.789.012"
- Proxy-State = 0x323437
- Proxy-State = 0x323132
- Finished request 9.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement