rad_recv: Access-Request packet from host 10.53.0.120 port 41073, id=107, length

1. rad_recv: Access-Request packet from host 10.53.0.120 port 41073, id=107, length=336
2. User-Name = "expuser@hotcity.lu"
3. NAS-IP-Address = 172.16.70.21
4. NAS-Port = 108
5. Framed-MTU = 1400
6. Called-Station-Id = "20:b3:99:6c:74:c3"
7. Calling-Station-Id = "74:e1:b6:87:66:df"
8. NAS-Port-Type = Wireless-802.11
9. NAS-Identifier = "HC_SECURE_VNS"
10. Service-Type = Framed-User
11. Siemens-AP-Serial = "12461237905C0000"
12. Siemens-AP-Name = "HCSA_AP01"
13. Siemens-VNS-Name = "HC_SECURE_VNS"
14. Siemens-SSID = "HOTCITY_Secure"
15. Siemens-BSS-MAC = "20:b3:99:6c:74:c3"
16. Siemens-Policy-Name = "POST_EAP_POLICY"
17. Siemens-Topology-Name = "POST_EAP_USERS"
18. EAP-Message = 0x02000017016578707573657240686f74636974792e6c75
19. Message-Authenticator = 0x48704ff09ee7d84bc18bf9aa254ccacb
20. # Executing section authorize from file /etc/freeradius/sites-enabled/default
21. +- entering group authorize {...}
22. ++[preprocess] returns ok
23. ++[chap] returns noop
24. ++[mschap] returns noop
25. ++[digest] returns noop
26. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
27. [suffix] No such realm "hotcity.lu"
28. ++[suffix] returns noop
29. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ )
30. ? Evaluating (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/) -> FALSE
31. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ ) -> FALSE
32. ++? elsif (request:Realm == NULL )
33. (Attribute request:Realm was not found)
34. ? Evaluating (request:Realm == NULL ) -> FALSE
35. ++? elsif (request:Realm == NULL ) -> FALSE
36. [eap] EAP packet type response id 0 length 23
37. [eap] No EAP Start, assuming it's an on-going EAP conversation
38. ++[eap] returns updated
39. [files] users: Matched entry expuser@hotcity.lu at line 207
40. ++[files] returns ok
41. [expiration] Checking Expiration time: '23 May 2014 08:30:00'
42. ++[expiration] returns ok
43. ++[logintime] returns noop
44. [pap] WARNING: Auth-Type already set. Not setting to PAP
45. ++[pap] returns noop
46. Found Auth-Type = EAP
47. # Executing group from file /etc/freeradius/sites-enabled/default
48. +- entering group authenticate {...}
49. [eap] EAP Identity
50. [eap] processing type tls
51. [tls] Initiate
52. [tls] Start returned 1
53. ++[eap] returns handled
54. Sending Access-Challenge of id 107 to 10.53.0.120 port 41073
55. Idle-Timeout = 60
56. Termination-Action = RADIUS-Request
57. Session-Timeout = 100
58. EAP-Message = 0x010100061920
59. Message-Authenticator = 0x00000000000000000000000000000000
60. State = 0xaa6307a5aa621ea1f0ac6677f885127b
61. Finished request 65.
62. Going to the next request
63. Waking up in 4.9 seconds.
64. rad_recv: Access-Request packet from host 10.53.0.120 port 41073, id=193, length=483
65. User-Name = "expuser@hotcity.lu"
66. NAS-IP-Address = 172.16.70.21
67. NAS-Port = 108
68. Framed-MTU = 1400
69. Called-Station-Id = "20:b3:99:6c:74:c3"
70. Calling-Station-Id = "74:e1:b6:87:66:df"
71. NAS-Port-Type = Wireless-802.11
72. NAS-Identifier = "HC_SECURE_VNS"
73. Service-Type = Framed-User
74. Siemens-AP-Serial = "12461237905C0000"
75. Siemens-AP-Name = "HCSA_AP01"
76. Siemens-VNS-Name = "HC_SECURE_VNS"
77. Siemens-SSID = "HOTCITY_Secure"
78. Siemens-BSS-MAC = "20:b3:99:6c:74:c3"
79. Siemens-Policy-Name = "POST_EAP_POLICY"
80. Siemens-Topology-Name = "POST_EAP_USERS"
81. EAP-Message = 0x0201009819800000008e1603010089010000850301537eea872445c78ea0988b58b546aeb6a8534ed130a1272f208b62cc95fd536600004a00ffc024c023c00ac009c007c008c028c027c014c013c011c012c026c025c02ac029c005c004c002c003c00fc00ec00cc00d003d003c002f000500040035000a0067006b00330039001601000012000a00080006001700180019000b00020100
82. State = 0xaa6307a5aa621ea1f0ac6677f885127b
83. Message-Authenticator = 0xb47217250bfa117e6c187f50387a7af5
84. # Executing section authorize from file /etc/freeradius/sites-enabled/default
85. +- entering group authorize {...}
86. ++[preprocess] returns ok
87. ++[chap] returns noop
88. ++[mschap] returns noop
89. ++[digest] returns noop
90. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
91. [suffix] No such realm "hotcity.lu"
92. ++[suffix] returns noop
93. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ )
94. ? Evaluating (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/) -> FALSE
95. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ ) -> FALSE
96. ++? elsif (request:Realm == NULL )
97. (Attribute request:Realm was not found)
98. ? Evaluating (request:Realm == NULL ) -> FALSE
99. ++? elsif (request:Realm == NULL ) -> FALSE
100. [eap] EAP packet type response id 1 length 152
101. [eap] Continuing tunnel setup.
102. ++[eap] returns ok
103. Found Auth-Type = EAP
104. # Executing group from file /etc/freeradius/sites-enabled/default
105. +- entering group authenticate {...}
106. [eap] Request found, released from the list
107. [eap] EAP/peap
108. [eap] processing type peap
109. [peap] processing EAP-TLS
110. TLS Length 142
111. [peap] Length Included
112. [peap] eaptls_verify returned 11
113. [peap] (other): before/accept initialization
114. [peap] TLS_accept: before/accept initialization
115. [peap] <<< TLS 1.0 Handshake [length 0089], ClientHello
116. [peap] TLS_accept: SSLv3 read client hello A
117. [peap] >>> TLS 1.0 Handshake [length 0039], ServerHello
118. [peap] TLS_accept: SSLv3 write server hello A
119. [peap] >>> TLS 1.0 Handshake [length 02ce], Certificate
120. [peap] TLS_accept: SSLv3 write certificate A
121. [peap] >>> TLS 1.0 Handshake [length 014b], ServerKeyExchange
122. [peap] TLS_accept: SSLv3 write key exchange A
123. [peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
124. [peap] TLS_accept: SSLv3 write server done A
125. [peap] TLS_accept: SSLv3 flush data
126. [peap] TLS_accept: Need to read more data: SSLv3 read client certificate A
127. In SSL Handshake Phase
128. In SSL Accept mode
129. [peap] eaptls_process returned 13
130. [peap] EAPTLS_HANDLED
131. ++[eap] returns handled
132. Sending Access-Challenge of id 193 to 10.53.0.120 port 41073
133. EAP-Message = 0x0102040019c00000046a1603010039020000350301537eea84c8fd72a208e95f12c963475de43bf0878fa2305207aa025a320ec60400c01400000dff01000100000b00040300010216030102ce0b0002ca0002c70002c4308202c0308201a8a003020102020900986dfc4d571507dd300d06092a864886f70d01010505003018311630140603550403130d48432d4141412d524144495553301e170d3134303131333139343734325a170d3234303131313139343734325a3018311630140603550403130d48432d4141412d52414449555330820122300d06092a864886f70d01010105000382010f003082010a0282010100d114b1f378116b16c7bf
134. EAP-Message = 0x3ade67a6f04ca388af3cb6c29f803bb0cbd9f1d5e719743d0b952059c41c5f0037e858d1cf657689ed920150aca2d93d307a350e8d3d80435cf51303ebc81a0a9ed913b220c42333ac94f0146bafe9552ca71b9d88f60f8d75c7a8c3dbcbc2d7ffb85b76927ac29e80d6cc304d33dbed23011c2aff7ada3702c2ccdba835d7d8cfeec23e86717ba29a541d745500eff40ff69d46b4be670d991d632029c8293092781dc5f8471bb2aebbb52d25521768234116676c5ee82da8c93a10e9c535b18e138622e37fa30e42af4f9e378864e30d9f24ce7f4f4a10e7a587aef4593f8ae4b61ee1c6f236e9ba3d9901fa09dd002e93f7f6ca7f0203010001a30d
135. EAP-Message = 0x300b30090603551d1304023000300d06092a864886f70d010105050003820101002e22fb1551dfeaf3fac790c5831d7397305620246204cdbb33388b379bfeb0375a98e6a2e3e1a028a0fb2ff393c3c8807471dbd23741f36a552290cf97e0c0853bfb3302a34f7c77d95c55b24f5cd9a38e0967158893e12d876a4f7d52a0475c3ed84711bb29f7fa11c058b369c927566193353fe4068c918ebab099842ca6b10c6fc1d63ebd7ef0e2dbe2d06431ce54c6065161335866b300b0ffab962c952b2ba192d8f3d7b124c176edb700fc33b548045a3d63de03f62407320dad2bcba3f0115ab30e2f915105a2dfa3d929ea2fd3e9a68b2d1455a4c8d93ba2
136. EAP-Message = 0x727d9ac5888ae363f29ef4c13a6f5495889e53d67c31789f820ae1d9f81b417321734bab160301014b0c0001470300174104dc121941c7468c99a45d0795b4ef0f34dd224f252e17a158d6793fb2a28b7dffef68225e70ee47cc4b8095bf48ff070e714a49d54bb076239c23f621d62142be01000ca0774c84fe16907240285709677e3fd63603273a705f412bccc5d9681971b59fde8e7e84010bdb78b2612df01501e9916d2eb88398f16f873a8ed183a3c092e5e9b85c639aa35f0f8c1aac86a7bdb58c495e93b9edaca650ea1ba03af3a16df2fd9a0654172841ee36a58273675c39eb928128f4c223f9f1cf86a65d7e4e83fdf68c5b1e7dff5436
137. EAP-Message = 0x72e33337bea83783eb2fdeb7
138. Message-Authenticator = 0x00000000000000000000000000000000
139. State = 0xaa6307a5ab611ea1f0ac6677f885127b
140. Finished request 66.
141. Going to the next request
142. Waking up in 4.9 seconds.
143. rad_recv: Access-Request packet from host 10.53.0.120 port 41073, id=254, length=337
144. User-Name = "expuser@hotcity.lu"
145. NAS-IP-Address = 172.16.70.21
146. NAS-Port = 108
147. Framed-MTU = 1400
148. Called-Station-Id = "20:b3:99:6c:74:c3"
149. Calling-Station-Id = "74:e1:b6:87:66:df"
150. NAS-Port-Type = Wireless-802.11
151. NAS-Identifier = "HC_SECURE_VNS"
152. Service-Type = Framed-User
153. Siemens-AP-Serial = "12461237905C0000"
154. Siemens-AP-Name = "HCSA_AP01"
155. Siemens-VNS-Name = "HC_SECURE_VNS"
156. Siemens-SSID = "HOTCITY_Secure"
157. Siemens-BSS-MAC = "20:b3:99:6c:74:c3"
158. Siemens-Policy-Name = "POST_EAP_POLICY"
159. Siemens-Topology-Name = "POST_EAP_USERS"
160. EAP-Message = 0x020200061900
161. State = 0xaa6307a5ab611ea1f0ac6677f885127b
162. Message-Authenticator = 0x58d6a3967ad03c5568430277df5a5b0d
163. # Executing section authorize from file /etc/freeradius/sites-enabled/default
164. +- entering group authorize {...}
165. ++[preprocess] returns ok
166. ++[chap] returns noop
167. ++[mschap] returns noop
168. ++[digest] returns noop
169. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
170. [suffix] No such realm "hotcity.lu"
171. ++[suffix] returns noop
172. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ )
173. ? Evaluating (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/) -> FALSE
174. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ ) -> FALSE
175. ++? elsif (request:Realm == NULL )
176. (Attribute request:Realm was not found)
177. ? Evaluating (request:Realm == NULL ) -> FALSE
178. ++? elsif (request:Realm == NULL ) -> FALSE
179. [eap] EAP packet type response id 2 length 6
180. [eap] Continuing tunnel setup.
181. ++[eap] returns ok
182. Found Auth-Type = EAP
183. # Executing group from file /etc/freeradius/sites-enabled/default
184. +- entering group authenticate {...}
185. [eap] Request found, released from the list
186. [eap] EAP/peap
187. [eap] processing type peap
188. [peap] processing EAP-TLS
189. [peap] Received TLS ACK
190. [peap] ACK handshake fragment handler
191. [peap] eaptls_verify returned 1
192. [peap] eaptls_process returned 13
193. [peap] EAPTLS_HANDLED
194. ++[eap] returns handled
195. Sending Access-Challenge of id 254 to 10.53.0.120 port 41073
196. EAP-Message = 0x0103007a1900d9927eac703cc214ea01c01a38f8dbbd8ba8bcc8d5bff0433a50b191848a3500cadf5e923e1af146422344931be247cae4b4cab1932e9724388f328afd0fc50f97cddbae9a37a323eb7f2a77f78ecd07e48a946ac707fea5dc015ccfed2d13def430226c0020c6cb38347916030100040e000000
197. Message-Authenticator = 0x00000000000000000000000000000000
198. State = 0xaa6307a5a8601ea1f0ac6677f885127b
199. Finished request 67.
200. Going to the next request
201. Waking up in 4.8 seconds.
202. rad_recv: Access-Request packet from host 10.53.0.120 port 41073, id=201, length=475
203. User-Name = "expuser@hotcity.lu"
204. NAS-IP-Address = 172.16.70.21
205. NAS-Port = 108
206. Framed-MTU = 1400
207. Called-Station-Id = "20:b3:99:6c:74:c3"
208. Calling-Station-Id = "74:e1:b6:87:66:df"
209. NAS-Port-Type = Wireless-802.11
210. NAS-Identifier = "HC_SECURE_VNS"
211. Service-Type = Framed-User
212. Siemens-AP-Serial = "12461237905C0000"
213. Siemens-AP-Name = "HCSA_AP01"
214. Siemens-VNS-Name = "HC_SECURE_VNS"
215. Siemens-SSID = "HOTCITY_Secure"
216. Siemens-BSS-MAC = "20:b3:99:6c:74:c3"
217. Siemens-Policy-Name = "POST_EAP_POLICY"
218. Siemens-Topology-Name = "POST_EAP_USERS"
219. EAP-Message = 0x020300901980000000861603010046100000424104725180449d2f9a3bb832f54b9f165e73af410e7c7e1ed5c01130cbd79a292304458d23314e370aa8907bfdbb4d5620c7b6aa741a09d94b2731e81aa4fba2aff31403010001011603010030a3a2462355f9e642f2bb57320a7af0c98f5c4e5db57191e01a27f98010acf99c38ecde6d9d2d4189734a670102a0c0ea
220. State = 0xaa6307a5a8601ea1f0ac6677f885127b
221. Message-Authenticator = 0xb51221ffc6b0e63bdb36603367da54f9
222. # Executing section authorize from file /etc/freeradius/sites-enabled/default
223. +- entering group authorize {...}
224. ++[preprocess] returns ok
225. ++[chap] returns noop
226. ++[mschap] returns noop
227. ++[digest] returns noop
228. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
229. [suffix] No such realm "hotcity.lu"
230. ++[suffix] returns noop
231. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ )
232. ? Evaluating (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/) -> FALSE
233. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ ) -> FALSE
234. ++? elsif (request:Realm == NULL )
235. (Attribute request:Realm was not found)
236. ? Evaluating (request:Realm == NULL ) -> FALSE
237. ++? elsif (request:Realm == NULL ) -> FALSE
238. [eap] EAP packet type response id 3 length 144
239. [eap] Continuing tunnel setup.
240. ++[eap] returns ok
241. Found Auth-Type = EAP
242. # Executing group from file /etc/freeradius/sites-enabled/default
243. +- entering group authenticate {...}
244. [eap] Request found, released from the list
245. [eap] EAP/peap
246. [eap] processing type peap
247. [peap] processing EAP-TLS
248. TLS Length 134
249. [peap] Length Included
250. [peap] eaptls_verify returned 11
251. [peap] <<< TLS 1.0 Handshake [length 0046], ClientKeyExchange
252. [peap] TLS_accept: SSLv3 read client key exchange A
253. [peap] <<< TLS 1.0 ChangeCipherSpec [length 0001]
254. [peap] <<< TLS 1.0 Handshake [length 0010], Finished
255. [peap] TLS_accept: SSLv3 read finished A
256. [peap] >>> TLS 1.0 ChangeCipherSpec [length 0001]
257. [peap] TLS_accept: SSLv3 write change cipher spec A
258. [peap] >>> TLS 1.0 Handshake [length 0010], Finished
259. [peap] TLS_accept: SSLv3 write finished A
260. [peap] TLS_accept: SSLv3 flush data
261. [peap] (other): SSL negotiation finished successfully
262. SSL Connection Established
263. [peap] eaptls_process returned 13
264. [peap] EAPTLS_HANDLED
265. ++[eap] returns handled
266. Sending Access-Challenge of id 201 to 10.53.0.120 port 41073
267. EAP-Message = 0x0104004119001403010001011603010030e98b9304bd04421daac81b05e954c9dab0702da10f39fb487d20383db974b4ba1bd8665c7638b9b945020a8830a01716
268. Message-Authenticator = 0x00000000000000000000000000000000
269. State = 0xaa6307a5a9671ea1f0ac6677f885127b
270. Finished request 68.
271. Going to the next request
272. Waking up in 4.8 seconds.
273. rad_recv: Access-Request packet from host 10.53.0.120 port 41073, id=51, length=337
274. User-Name = "expuser@hotcity.lu"
275. NAS-IP-Address = 172.16.70.21
276. NAS-Port = 108
277. Framed-MTU = 1400
278. Called-Station-Id = "20:b3:99:6c:74:c3"
279. Calling-Station-Id = "74:e1:b6:87:66:df"
280. NAS-Port-Type = Wireless-802.11
281. NAS-Identifier = "HC_SECURE_VNS"
282. Service-Type = Framed-User
283. Siemens-AP-Serial = "12461237905C0000"
284. Siemens-AP-Name = "HCSA_AP01"
285. Siemens-VNS-Name = "HC_SECURE_VNS"
286. Siemens-SSID = "HOTCITY_Secure"
287. Siemens-BSS-MAC = "20:b3:99:6c:74:c3"
288. Siemens-Policy-Name = "POST_EAP_POLICY"
289. Siemens-Topology-Name = "POST_EAP_USERS"
290. EAP-Message = 0x020400061900
291. State = 0xaa6307a5a9671ea1f0ac6677f885127b
292. Message-Authenticator = 0xd75fb0e139d02ecd40be5e0d20b71c68
293. # Executing section authorize from file /etc/freeradius/sites-enabled/default
294. +- entering group authorize {...}
295. ++[preprocess] returns ok
296. ++[chap] returns noop
297. ++[mschap] returns noop
298. ++[digest] returns noop
299. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
300. [suffix] No such realm "hotcity.lu"
301. ++[suffix] returns noop
302. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ )
303. ? Evaluating (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/) -> FALSE
304. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ ) -> FALSE
305. ++? elsif (request:Realm == NULL )
306. (Attribute request:Realm was not found)
307. ? Evaluating (request:Realm == NULL ) -> FALSE
308. ++? elsif (request:Realm == NULL ) -> FALSE
309. [eap] EAP packet type response id 4 length 6
310. [eap] Continuing tunnel setup.
311. ++[eap] returns ok
312. Found Auth-Type = EAP
313. # Executing group from file /etc/freeradius/sites-enabled/default
314. +- entering group authenticate {...}
315. [eap] Request found, released from the list
316. [eap] EAP/peap
317. [eap] processing type peap
318. [peap] processing EAP-TLS
319. [peap] Received TLS ACK
320. [peap] ACK handshake is finished
321. [peap] eaptls_verify returned 3
322. [peap] eaptls_process returned 3
323. [peap] EAPTLS_SUCCESS
324. [peap] Session established. Decoding tunneled attributes.
325. [peap] Peap state TUNNEL ESTABLISHED
326. ++[eap] returns handled
327. Sending Access-Challenge of id 51 to 10.53.0.120 port 41073
328. EAP-Message = 0x0105002b19001703010020ee97f6b59d201d9ee559874949eb8bab1ba3870393099c3dab5195748353efd1
329. Message-Authenticator = 0x00000000000000000000000000000000
330. State = 0xaa6307a5ae661ea1f0ac6677f885127b
331. Finished request 69.
332. Going to the next request
333. Waking up in 4.7 seconds.
334. rad_recv: Access-Request packet from host 10.53.0.120 port 41073, id=156, length=390
335. User-Name = "expuser@hotcity.lu"
336. NAS-IP-Address = 172.16.70.21
337. NAS-Port = 108
338. Framed-MTU = 1400
339. Called-Station-Id = "20:b3:99:6c:74:c3"
340. Calling-Station-Id = "74:e1:b6:87:66:df"
341. NAS-Port-Type = Wireless-802.11
342. NAS-Identifier = "HC_SECURE_VNS"
343. Service-Type = Framed-User
344. Siemens-AP-Serial = "12461237905C0000"
345. Siemens-AP-Name = "HCSA_AP01"
346. Siemens-VNS-Name = "HC_SECURE_VNS"
347. Siemens-SSID = "HOTCITY_Secure"
348. Siemens-BSS-MAC = "20:b3:99:6c:74:c3"
349. Siemens-Policy-Name = "POST_EAP_POLICY"
350. Siemens-Topology-Name = "POST_EAP_USERS"
351. EAP-Message = 0x0205003b190017030100305698e56b60ed07f68bee7ae280a9741db20fe8577bd1880745c105a697692e14012600c49adb27cebceaf34cd9a026fa
352. State = 0xaa6307a5ae661ea1f0ac6677f885127b
353. Message-Authenticator = 0xe96efd612973144582854932287977ba
354. # Executing section authorize from file /etc/freeradius/sites-enabled/default
355. +- entering group authorize {...}
356. ++[preprocess] returns ok
357. ++[chap] returns noop
358. ++[mschap] returns noop
359. ++[digest] returns noop
360. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
361. [suffix] No such realm "hotcity.lu"
362. ++[suffix] returns noop
363. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ )
364. ? Evaluating (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/) -> FALSE
365. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ ) -> FALSE
366. ++? elsif (request:Realm == NULL )
367. (Attribute request:Realm was not found)
368. ? Evaluating (request:Realm == NULL ) -> FALSE
369. ++? elsif (request:Realm == NULL ) -> FALSE
370. [eap] EAP packet type response id 5 length 59
371. [eap] Continuing tunnel setup.
372. ++[eap] returns ok
373. Found Auth-Type = EAP
374. # Executing group from file /etc/freeradius/sites-enabled/default
375. +- entering group authenticate {...}
376. [eap] Request found, released from the list
377. [eap] EAP/peap
378. [eap] processing type peap
379. [peap] processing EAP-TLS
380. [peap] eaptls_verify returned 7
381. [peap] Done initial handshake
382. [peap] eaptls_process returned 7
383. [peap] EAPTLS_OK
384. [peap] Session established. Decoding tunneled attributes.
385. [peap] Peap state WAITING FOR INNER IDENTITY
386. [peap] Identity - expuser@hotcity.lu
387. [peap] Got inner identity 'expuser@hotcity.lu'
388. [peap] Setting default EAP type for tunneled EAP session.
389. [peap] Got tunneled request
390. EAP-Message = 0x02050017016578707573657240686f74636974792e6c75
391. server {
392. [peap] Setting User-Name to expuser@hotcity.lu
393. Sending tunneled request
394. EAP-Message = 0x02050017016578707573657240686f74636974792e6c75
395. FreeRADIUS-Proxied-To = 127.0.0.1
396. User-Name = "expuser@hotcity.lu"
397. server inner-tunnel {
398. # Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
399. +- entering group authorize {...}
400. ++[chap] returns noop
401. ++[mschap] returns noop
402. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
403. [suffix] No such realm "hotcity.lu"
404. ++[suffix] returns noop
405. ++[control] returns noop
406. [eap] EAP packet type response id 5 length 23
407. [eap] No EAP Start, assuming it's an on-going EAP conversation
408. ++[eap] returns updated
409. [files] users: Matched entry expuser@hotcity.lu at line 207
410. ++[files] returns ok
411. [sql] expand: %{User-Name} -> expuser@hotcity.lu
412. [sql] sql_set_user escaped user --> 'expuser@hotcity.lu'
413. rlm_sql (sql): Reserving sql socket id: 3
414. [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'expuser@hotcity.lu' ORDER BY id
415. [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'expuser@hotcity.lu' ORDER BY priority
416. rlm_sql (sql): Released sql socket id: 3
417. [sql] User expuser@hotcity.lu not found
418. ++[sql] returns notfound
419. [expiration] Checking Expiration time: '23 May 2014 08:30:00'
420. ++[expiration] returns ok
421. ++[logintime] returns noop
422. [pap] WARNING: Auth-Type already set. Not setting to PAP
423. ++[pap] returns noop
424. Found Auth-Type = EAP
425. # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
426. +- entering group authenticate {...}
427. [eap] EAP Identity
428. [eap] processing type mschapv2
429. rlm_eap_mschapv2: Issuing Challenge
430. ++[eap] returns handled
431. } # server inner-tunnel
432. [peap] Got tunneled reply code 11
433. Idle-Timeout = 60
434. Termination-Action = RADIUS-Request
435. Session-Timeout = 99
436. EAP-Message = 0x0106002c1a0106002710a9b60084282796d167cd418e48d14f9f6578707573657240686f74636974792e6c75
437. Message-Authenticator = 0x00000000000000000000000000000000
438. State = 0x924a2b54924c3198589e8196a503b5ef
439. [peap] Got tunneled reply RADIUS code 11
440. Idle-Timeout = 60
441. Termination-Action = RADIUS-Request
442. Session-Timeout = 99
443. EAP-Message = 0x0106002c1a0106002710a9b60084282796d167cd418e48d14f9f6578707573657240686f74636974792e6c75
444. Message-Authenticator = 0x00000000000000000000000000000000
445. State = 0x924a2b54924c3198589e8196a503b5ef
446. [peap] Got tunneled Access-Challenge
447. ++[eap] returns handled
448. Sending Access-Challenge of id 156 to 10.53.0.120 port 41073
449. EAP-Message = 0x0106004b19001703010040a6af6beac42c72a820e57570891de9ff2e372bdfab5d4c947238c2daac1e4dd9f26ec8786d487c4d8853b34d374422885cb05315a577e393d787a97ea09c343b
450. Message-Authenticator = 0x00000000000000000000000000000000
451. State = 0xaa6307a5af651ea1f0ac6677f885127b
452. Finished request 70.
453. Going to the next request
454. Waking up in 4.7 seconds.
455. rad_recv: Access-Request packet from host 10.53.0.120 port 41073, id=126, length=438
456. User-Name = "expuser@hotcity.lu"
457. NAS-IP-Address = 172.16.70.21
458. NAS-Port = 108
459. Framed-MTU = 1400
460. Called-Station-Id = "20:b3:99:6c:74:c3"
461. Calling-Station-Id = "74:e1:b6:87:66:df"
462. NAS-Port-Type = Wireless-802.11
463. NAS-Identifier = "HC_SECURE_VNS"
464. Service-Type = Framed-User
465. Siemens-AP-Serial = "12461237905C0000"
466. Siemens-AP-Name = "HCSA_AP01"
467. Siemens-VNS-Name = "HC_SECURE_VNS"
468. Siemens-SSID = "HOTCITY_Secure"
469. Siemens-BSS-MAC = "20:b3:99:6c:74:c3"
470. Siemens-Policy-Name = "POST_EAP_POLICY"
471. Siemens-Topology-Name = "POST_EAP_USERS"
472. EAP-Message = 0x0206006b19001703010060854ade5f3ea9bfd9c3d0fa220c7e0abfad11f14ed0d5f7c5da1f16dd28b30f8461377db48075b7c2927fcb889308b155df67270622551810be22b28c7403791778f56069126af2d5387c6acea7f8a621906414bd0247d2eb1da1266d5cb8082d
473. State = 0xaa6307a5af651ea1f0ac6677f885127b
474. Message-Authenticator = 0x29e66b3391db0ae3157435fb6f63d00d
475. # Executing section authorize from file /etc/freeradius/sites-enabled/default
476. +- entering group authorize {...}
477. ++[preprocess] returns ok
478. ++[chap] returns noop
479. ++[mschap] returns noop
480. ++[digest] returns noop
481. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
482. [suffix] No such realm "hotcity.lu"
483. ++[suffix] returns noop
484. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ )
485. ? Evaluating (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/) -> FALSE
486. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ ) -> FALSE
487. ++? elsif (request:Realm == NULL )
488. (Attribute request:Realm was not found)
489. ? Evaluating (request:Realm == NULL ) -> FALSE
490. ++? elsif (request:Realm == NULL ) -> FALSE
491. [eap] EAP packet type response id 6 length 107
492. [eap] Continuing tunnel setup.
493. ++[eap] returns ok
494. Found Auth-Type = EAP
495. # Executing group from file /etc/freeradius/sites-enabled/default
496. +- entering group authenticate {...}
497. [eap] Request found, released from the list
498. [eap] EAP/peap
499. [eap] processing type peap
500. [peap] processing EAP-TLS
501. [peap] eaptls_verify returned 7
502. [peap] Done initial handshake
503. [peap] eaptls_process returned 7
504. [peap] EAPTLS_OK
505. [peap] Session established. Decoding tunneled attributes.
506. [peap] Peap state phase2
507. [peap] EAP type mschapv2
508. [peap] Got tunneled request
509. EAP-Message = 0x0206004d1a0206004831753dd25590388fb02e09ddeb7b370b4f0000000000000000d5c8eb8f09c6b2b8b78fd9475a6ca113602d56bbecfb4286006578707573657240686f74636974792e6c75
510. server {
511. [peap] Setting User-Name to expuser@hotcity.lu
512. Sending tunneled request
513. EAP-Message = 0x0206004d1a0206004831753dd25590388fb02e09ddeb7b370b4f0000000000000000d5c8eb8f09c6b2b8b78fd9475a6ca113602d56bbecfb4286006578707573657240686f74636974792e6c75
514. FreeRADIUS-Proxied-To = 127.0.0.1
515. User-Name = "expuser@hotcity.lu"
516. State = 0x924a2b54924c3198589e8196a503b5ef
517. server inner-tunnel {
518. # Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
519. +- entering group authorize {...}
520. ++[chap] returns noop
521. ++[mschap] returns noop
522. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
523. [suffix] No such realm "hotcity.lu"
524. ++[suffix] returns noop
525. ++[control] returns noop
526. [eap] EAP packet type response id 6 length 77
527. [eap] No EAP Start, assuming it's an on-going EAP conversation
528. ++[eap] returns updated
529. [files] users: Matched entry expuser@hotcity.lu at line 207
530. ++[files] returns ok
531. [sql] expand: %{User-Name} -> expuser@hotcity.lu
532. [sql] sql_set_user escaped user --> 'expuser@hotcity.lu'
533. rlm_sql (sql): Reserving sql socket id: 2
534. [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'expuser@hotcity.lu' ORDER BY id
535. [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'expuser@hotcity.lu' ORDER BY priority
536. rlm_sql (sql): Released sql socket id: 2
537. [sql] User expuser@hotcity.lu not found
538. ++[sql] returns notfound
539. [expiration] Checking Expiration time: '23 May 2014 08:30:00'
540. ++[expiration] returns ok
541. ++[logintime] returns noop
542. [pap] WARNING: Auth-Type already set. Not setting to PAP
543. ++[pap] returns noop
544. Found Auth-Type = EAP
545. # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
546. +- entering group authenticate {...}
547. [eap] Request found, released from the list
548. [eap] EAP/mschapv2
549. [eap] processing type mschapv2
550. [mschapv2] # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
551. [mschapv2] +- entering group MS-CHAP {...}
552. [mschap] Creating challenge hash with username: expuser@hotcity.lu
553. [mschap] Told to do MS-CHAPv2 for expuser@hotcity.lu with NT-Password
554. [mschap] adding MS-CHAPv2 MPPE keys
555. ++[mschap] returns ok
556. MSCHAP Success
557. ++[eap] returns handled
558. } # server inner-tunnel
559. [peap] Got tunneled reply code 11
560. Idle-Timeout = 60
561. Termination-Action = RADIUS-Request
562. Session-Timeout = 99
563. EAP-Message = 0x010700331a0306002e533d34394634413444333239374439353634343534373130443437424638454431303138323436433434
564. Message-Authenticator = 0x00000000000000000000000000000000
565. State = 0x924a2b54934d3198589e8196a503b5ef
566. [peap] Got tunneled reply RADIUS code 11
567. Idle-Timeout = 60
568. Termination-Action = RADIUS-Request
569. Session-Timeout = 99
570. EAP-Message = 0x010700331a0306002e533d34394634413444333239374439353634343534373130443437424638454431303138323436433434
571. Message-Authenticator = 0x00000000000000000000000000000000
572. State = 0x924a2b54934d3198589e8196a503b5ef
573. [peap] Got tunneled Access-Challenge
574. ++[eap] returns handled
575. Sending Access-Challenge of id 126 to 10.53.0.120 port 41073
576. EAP-Message = 0x0107005b190017030100506c3b9b0c928d0682117e85d84fde9d8d523b7936a9d369dfa0a18d20e1d2a63f901f6c0d73c0fed9685200691c9041286c6ec98010199e99490770f4654a06096b2b7612271427552193b2ce8907b5c3
577. Message-Authenticator = 0x00000000000000000000000000000000
578. State = 0xaa6307a5ac641ea1f0ac6677f885127b
579. Finished request 71.
580. Going to the next request
581. Waking up in 4.6 seconds.
582. rad_recv: Access-Request packet from host 10.53.0.120 port 41073, id=205, length=374
583. User-Name = "expuser@hotcity.lu"
584. NAS-IP-Address = 172.16.70.21
585. NAS-Port = 108
586. Framed-MTU = 1400
587. Called-Station-Id = "20:b3:99:6c:74:c3"
588. Calling-Station-Id = "74:e1:b6:87:66:df"
589. NAS-Port-Type = Wireless-802.11
590. NAS-Identifier = "HC_SECURE_VNS"
591. Service-Type = Framed-User
592. Siemens-AP-Serial = "12461237905C0000"
593. Siemens-AP-Name = "HCSA_AP01"
594. Siemens-VNS-Name = "HC_SECURE_VNS"
595. Siemens-SSID = "HOTCITY_Secure"
596. Siemens-BSS-MAC = "20:b3:99:6c:74:c3"
597. Siemens-Policy-Name = "POST_EAP_POLICY"
598. Siemens-Topology-Name = "POST_EAP_USERS"
599. EAP-Message = 0x0207002b1900170301002044aa8ae36e637e4a835b46a5f591541a2cf9efbf2b213b4edc9c34578b1ab76c
600. State = 0xaa6307a5ac641ea1f0ac6677f885127b
601. Message-Authenticator = 0xad98a6a2fad5d6eafcc7e5bdef11f155
602. # Executing section authorize from file /etc/freeradius/sites-enabled/default
603. +- entering group authorize {...}
604. ++[preprocess] returns ok
605. ++[chap] returns noop
606. ++[mschap] returns noop
607. ++[digest] returns noop
608. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
609. [suffix] No such realm "hotcity.lu"
610. ++[suffix] returns noop
611. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ )
612. ? Evaluating (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/) -> FALSE
613. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ ) -> FALSE
614. ++? elsif (request:Realm == NULL )
615. (Attribute request:Realm was not found)
616. ? Evaluating (request:Realm == NULL ) -> FALSE
617. ++? elsif (request:Realm == NULL ) -> FALSE
618. [eap] EAP packet type response id 7 length 43
619. [eap] Continuing tunnel setup.
620. ++[eap] returns ok
621. Found Auth-Type = EAP
622. # Executing group from file /etc/freeradius/sites-enabled/default
623. +- entering group authenticate {...}
624. [eap] Request found, released from the list
625. [eap] EAP/peap
626. [eap] processing type peap
627. [peap] processing EAP-TLS
628. [peap] eaptls_verify returned 7
629. [peap] Done initial handshake
630. [peap] eaptls_process returned 7
631. [peap] EAPTLS_OK
632. [peap] Session established. Decoding tunneled attributes.
633. [peap] Peap state phase2
634. [peap] EAP type mschapv2
635. [peap] Got tunneled request
636. EAP-Message = 0x020700061a03
637. server {
638. [peap] Setting User-Name to expuser@hotcity.lu
639. Sending tunneled request
640. EAP-Message = 0x020700061a03
641. FreeRADIUS-Proxied-To = 127.0.0.1
642. User-Name = "expuser@hotcity.lu"
643. State = 0x924a2b54934d3198589e8196a503b5ef
644. server inner-tunnel {
645. # Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
646. +- entering group authorize {...}
647. ++[chap] returns noop
648. ++[mschap] returns noop
649. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
650. [suffix] No such realm "hotcity.lu"
651. ++[suffix] returns noop
652. ++[control] returns noop
653. [eap] EAP packet type response id 7 length 6
654. [eap] No EAP Start, assuming it's an on-going EAP conversation
655. ++[eap] returns updated
656. [files] users: Matched entry expuser@hotcity.lu at line 207
657. ++[files] returns ok
658. [sql] expand: %{User-Name} -> expuser@hotcity.lu
659. [sql] sql_set_user escaped user --> 'expuser@hotcity.lu'
660. rlm_sql (sql): Reserving sql socket id: 1
661. [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'expuser@hotcity.lu' ORDER BY id
662. [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'expuser@hotcity.lu' ORDER BY priority
663. rlm_sql (sql): Released sql socket id: 1
664. [sql] User expuser@hotcity.lu not found
665. ++[sql] returns notfound
666. [expiration] Checking Expiration time: '23 May 2014 08:30:00'
667. ++[expiration] returns ok
668. ++[logintime] returns noop
669. [pap] WARNING: Auth-Type already set. Not setting to PAP
670. ++[pap] returns noop
671. Found Auth-Type = EAP
672. # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
673. +- entering group authenticate {...}
674. [eap] Request found, released from the list
675. [eap] EAP/mschapv2
676. [eap] processing type mschapv2
677. [eap] Freeing handler
678. ++[eap] returns ok
679. WARNING: Empty post-auth section. Using default return values.
680. # Executing section post-auth from file /etc/freeradius/sites-enabled/inner-tunnel
681. } # server inner-tunnel
682. [peap] Got tunneled reply code 2
683. Idle-Timeout = 60
684. Termination-Action = RADIUS-Request
685. Session-Timeout = 99
686. MS-MPPE-Encryption-Policy = 0x00000001
687. MS-MPPE-Encryption-Types = 0x00000006
688. MS-MPPE-Send-Key = 0xdd21b871635c6374c6e548d53ef26c64
689. MS-MPPE-Recv-Key = 0x54e8ec57ec641f6392c21590396d0fa5
690. EAP-Message = 0x03070004
691. Message-Authenticator = 0x00000000000000000000000000000000
692. User-Name = "expuser@hotcity.lu"
693. [peap] Got tunneled reply RADIUS code 2
694. Idle-Timeout = 60
695. Termination-Action = RADIUS-Request
696. Session-Timeout = 99
697. MS-MPPE-Encryption-Policy = 0x00000001
698. MS-MPPE-Encryption-Types = 0x00000006
699. MS-MPPE-Send-Key = 0xdd21b871635c6374c6e548d53ef26c64
700. MS-MPPE-Recv-Key = 0x54e8ec57ec641f6392c21590396d0fa5
701. EAP-Message = 0x03070004
702. Message-Authenticator = 0x00000000000000000000000000000000
703. User-Name = "expuser@hotcity.lu"
704. [peap] Tunneled authentication was successful.
705. [peap] SUCCESS
706. ++[eap] returns handled
707. Sending Access-Challenge of id 205 to 10.53.0.120 port 41073
708. EAP-Message = 0x0108002b19001703010020f568047a1327771a06f666c157f6430661dd772297fb05368c9b5a9e325cd8cd
709. Message-Authenticator = 0x00000000000000000000000000000000
710. State = 0xaa6307a5ad6b1ea1f0ac6677f885127b
711. Finished request 72.
712. Going to the next request
713. Waking up in 4.6 seconds.
714. rad_recv: Access-Request packet from host 10.53.0.120 port 41073, id=79, length=374
715. User-Name = "expuser@hotcity.lu"
716. NAS-IP-Address = 172.16.70.21
717. NAS-Port = 108
718. Framed-MTU = 1400
719. Called-Station-Id = "20:b3:99:6c:74:c3"
720. Calling-Station-Id = "74:e1:b6:87:66:df"
721. NAS-Port-Type = Wireless-802.11
722. NAS-Identifier = "HC_SECURE_VNS"
723. Service-Type = Framed-User
724. Siemens-AP-Serial = "12461237905C0000"
725. Siemens-AP-Name = "HCSA_AP01"
726. Siemens-VNS-Name = "HC_SECURE_VNS"
727. Siemens-SSID = "HOTCITY_Secure"
728. Siemens-BSS-MAC = "20:b3:99:6c:74:c3"
729. Siemens-Policy-Name = "POST_EAP_POLICY"
730. Siemens-Topology-Name = "POST_EAP_USERS"
731. EAP-Message = 0x0208002b19001703010020599dc26ab739361131d322ebab670a883aa9ad2e7e2fc21bdf7cfbc421dbab00
732. State = 0xaa6307a5ad6b1ea1f0ac6677f885127b
733. Message-Authenticator = 0x94046db6905734d52157c12025aee856
734. # Executing section authorize from file /etc/freeradius/sites-enabled/default
735. +- entering group authorize {...}
736. ++[preprocess] returns ok
737. ++[chap] returns noop
738. ++[mschap] returns noop
739. ++[digest] returns noop
740. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
741. [suffix] No such realm "hotcity.lu"
742. ++[suffix] returns noop
743. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ )
744. ? Evaluating (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/) -> FALSE
745. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ ) -> FALSE
746. ++? elsif (request:Realm == NULL )
747. (Attribute request:Realm was not found)
748. ? Evaluating (request:Realm == NULL ) -> FALSE
749. ++? elsif (request:Realm == NULL ) -> FALSE
750. [eap] EAP packet type response id 8 length 43
751. [eap] Continuing tunnel setup.
752. ++[eap] returns ok
753. Found Auth-Type = EAP
754. # Executing group from file /etc/freeradius/sites-enabled/default
755. +- entering group authenticate {...}
756. [eap] Request found, released from the list
757. [eap] EAP/peap
758. [eap] processing type peap
759. [peap] processing EAP-TLS
760. [peap] eaptls_verify returned 7
761. [peap] Done initial handshake
762. [peap] eaptls_process returned 7
763. [peap] EAPTLS_OK
764. [peap] Session established. Decoding tunneled attributes.
765. [peap] Peap state send tlv success
766. [peap] Received EAP-TLV response.
767. [peap] Success
768. [eap] Freeing handler
769. ++[eap] returns ok
770. # Executing section post-auth from file /etc/freeradius/sites-enabled/default
771. +- entering group post-auth {...}
772. ++[exec] returns noop
773. Sending Access-Accept of id 79 to 10.53.0.120 port 41073
774. MS-MPPE-Recv-Key = 0x0da48666be327710abbee1797ec51c632790c7afa75767fdec99a71c94a5d62d
775. MS-MPPE-Send-Key = 0xb27c39aa2620608e98639d0165540f19f572481242f202b434309b8d7bb5b150
776. EAP-Message = 0x03080004
777. Message-Authenticator = 0x00000000000000000000000000000000
778. User-Name = "expuser@hotcity.lu"
779. Finished request 73.
780. Going to the next request
781. Waking up in 4.6 seconds.
782. rad_recv: Accounting-Request packet from host 10.53.0.120 port 54554, id=0, length=395
783. Acct-Session-Id = "537eea98003d"
784. NAS-Port = 108
785. User-Name = "expuser@hotcity.lu"
786. Filter-Id = "POST_EAP_POLICY"
787. Acct-Interim-Interval = 1800
788. Session-Timeout = 0
789. Acct-Status-Type = Interim-Update
790. Acct-Delay-Time = 19458482
791. Acct-Authentic = RADIUS
792. Framed-IP-Address = 10.30.118.192
793. Connect-Info = "802.11b/g"
794. NAS-Port-Type = Wireless-802.11
795. Called-Station-Id = "20:B3:99:6C:74:C3"
796. Calling-Station-Id = "74:E1:B6:87:66:DF"
797. NAS-IP-Address = 172.16.70.21
798. NAS-Identifier = "HC_SECURE_VNS"
799. Siemens-AP-Serial = "12461237905C0000"
800. Siemens-AP-Name = "HCSA_AP01"
801. Siemens-BSS-MAC = "20:B3:99:6C:74:C3"
802. Siemens-VNS-Name = "HC_SECURE_VNS"
803. Siemens-SSID = "HOTCITY_Secure"
804. Siemens-Policy-Name = "POST_EAP_POLICY"
805. Siemens-Topology-Name = "POST_EAP_USERS"
806. Siemens-Ingress-RC-Name = "n/a"
807. Siemens-Egress-RC-Name = "n/a"
808. Acct-Session-Time = 0
809. Acct-Output-Packets = 0
810. Acct-Input-Packets = 0
811. Acct-Output-Octets = 0
812. Acct-Input-Octets = 0
813. # Executing section preacct from file /etc/freeradius/sites-enabled/default
814. +- entering group preacct {...}
815. ++[preprocess] returns ok
816. [acct_unique] Hashing 'NAS-Port = 108,Client-IP-Address = 10.53.0.120,NAS-IP-Address = 172.16.70.21,Acct-Session-Id = "537eea98003d",User-Name = "expuser@hotcity.lu"'
817. [acct_unique] Acct-Unique-Session-ID = "45f5660ca83bdef3".
818. ++[acct_unique] returns ok
819. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
820. [suffix] No such realm "hotcity.lu"
821. ++[suffix] returns noop
822. ++[files] returns noop
823. # Executing section accounting from file /etc/freeradius/sites-enabled/default
824. +- entering group accounting {...}
825. [detail] expand: %{Packet-Src-IP-Address} -> 10.53.0.120
826. [detail] expand: /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d -> /var/log/freeradius/radacct/10.53.0.120/detail-20140523
827. [detail] /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d expands to /var/log/freeradius/radacct/10.53.0.120/detail-20140523
828. [detail] expand: %t -> Fri May 23 08:28:21 2014
829. ++[detail] returns ok
830. ++[unix] returns noop
831. [radutmp] expand: /var/log/freeradius/radutmp -> /var/log/freeradius/radutmp
832. [radutmp] expand: %{User-Name} -> expuser@hotcity.lu
833. ++[radutmp] returns ok
834. ++[exec] returns noop
835. [attr_filter.accounting_response] expand: %{User-Name} -> expuser@hotcity.lu
836. attr_filter: Matched entry DEFAULT at line 12
837. ++[attr_filter.accounting_response] returns updated
838. Sending Accounting-Response of id 0 to 10.53.0.120 port 54554
839. Finished request 74.
840. Cleaning up request 74 ID 0 with timestamp +773
841. Going to the next request
842. Waking up in 4.4 seconds.
843. rad_recv: Access-Request packet from host 10.53.0.120 port 37861, id=21, length=336
844. User-Name = "expuser@hotcity.lu"
845. NAS-IP-Address = 172.16.70.21
846. NAS-Port = 108
847. Framed-MTU = 1400
848. Called-Station-Id = "20:b3:99:6c:74:c3"
849. Calling-Station-Id = "74:e1:b6:87:66:df"
850. NAS-Port-Type = Wireless-802.11
851. NAS-Identifier = "HC_SECURE_VNS"
852. Service-Type = Framed-User
853. Siemens-AP-Serial = "12461237905C0000"
854. Siemens-AP-Name = "HCSA_AP01"
855. Siemens-VNS-Name = "HC_SECURE_VNS"
856. Siemens-SSID = "HOTCITY_Secure"
857. Siemens-BSS-MAC = "20:b3:99:6c:74:c3"
858. Siemens-Policy-Name = "POST_EAP_POLICY"
859. Siemens-Topology-Name = "POST_EAP_USERS"
860. EAP-Message = 0x02000017016578707573657240686f74636974792e6c75
861. Message-Authenticator = 0x89c0587e81aa2806b9f1fd7a2cffb505
862. # Executing section authorize from file /etc/freeradius/sites-enabled/default
863. +- entering group authorize {...}
864. ++[preprocess] returns ok
865. ++[chap] returns noop
866. ++[mschap] returns noop
867. ++[digest] returns noop
868. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
869. [suffix] No such realm "hotcity.lu"
870. ++[suffix] returns noop
871. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ )
872. ? Evaluating (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/) -> FALSE
873. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ ) -> FALSE
874. ++? elsif (request:Realm == NULL )
875. (Attribute request:Realm was not found)
876. ? Evaluating (request:Realm == NULL ) -> FALSE
877. ++? elsif (request:Realm == NULL ) -> FALSE
878. [eap] EAP packet type response id 0 length 23
879. [eap] No EAP Start, assuming it's an on-going EAP conversation
880. ++[eap] returns updated
881. [files] users: Matched entry expuser@hotcity.lu at line 207
882. ++[files] returns ok
883. [expiration] Checking Expiration time: '23 May 2014 08:30:00'
884. ++[expiration] returns ok
885. ++[logintime] returns noop
886. [pap] WARNING: Auth-Type already set. Not setting to PAP
887. ++[pap] returns noop
888. Found Auth-Type = EAP
889. # Executing group from file /etc/freeradius/sites-enabled/default
890. +- entering group authenticate {...}
891. [eap] EAP Identity
892. [eap] processing type tls
893. [tls] Initiate
894. [tls] Start returned 1
895. ++[eap] returns handled
896. Sending Access-Challenge of id 21 to 10.53.0.120 port 37861
897. Idle-Timeout = 60
898. Termination-Action = RADIUS-Request
899. Session-Timeout = 99
900. EAP-Message = 0x010100061920
901. Message-Authenticator = 0x00000000000000000000000000000000
902. State = 0x7266577a72674e7b2983cf8ffc74c0c2
903. Finished request 75.
904. Going to the next request
905. Waking up in 3.9 seconds.
906. rad_recv: Access-Request packet from host 10.53.0.120 port 37861, id=132, length=483
907. User-Name = "expuser@hotcity.lu"
908. NAS-IP-Address = 172.16.70.21
909. NAS-Port = 108
910. Framed-MTU = 1400
911. Called-Station-Id = "20:b3:99:6c:74:c3"
912. Calling-Station-Id = "74:e1:b6:87:66:df"
913. NAS-Port-Type = Wireless-802.11
914. NAS-Identifier = "HC_SECURE_VNS"
915. Service-Type = Framed-User
916. Siemens-AP-Serial = "12461237905C0000"
917. Siemens-AP-Name = "HCSA_AP01"
918. Siemens-VNS-Name = "HC_SECURE_VNS"
919. Siemens-SSID = "HOTCITY_Secure"
920. Siemens-BSS-MAC = "20:b3:99:6c:74:c3"
921. Siemens-Policy-Name = "POST_EAP_POLICY"
922. Siemens-Topology-Name = "POST_EAP_USERS"
923. EAP-Message = 0x0201009819800000008e1603010089010000850301537eea885cc9d1d1023f60a74aab1f8dd89884afc923b70891426a0483e5a58200004a00ffc024c023c00ac009c007c008c028c027c014c013c011c012c026c025c02ac029c005c004c002c003c00fc00ec00cc00d003d003c002f000500040035000a0067006b00330039001601000012000a00080006001700180019000b00020100
924. State = 0x7266577a72674e7b2983cf8ffc74c0c2
925. Message-Authenticator = 0x2f6bea276a09e98e156907077f172a95
926. # Executing section authorize from file /etc/freeradius/sites-enabled/default
927. +- entering group authorize {...}
928. ++[preprocess] returns ok
929. ++[chap] returns noop
930. ++[mschap] returns noop
931. ++[digest] returns noop
932. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
933. [suffix] No such realm "hotcity.lu"
934. ++[suffix] returns noop
935. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ )
936. ? Evaluating (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/) -> FALSE
937. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ ) -> FALSE
938. ++? elsif (request:Realm == NULL )
939. (Attribute request:Realm was not found)
940. ? Evaluating (request:Realm == NULL ) -> FALSE
941. ++? elsif (request:Realm == NULL ) -> FALSE
942. [eap] EAP packet type response id 1 length 152
943. [eap] Continuing tunnel setup.
944. ++[eap] returns ok
945. Found Auth-Type = EAP
946. # Executing group from file /etc/freeradius/sites-enabled/default
947. +- entering group authenticate {...}
948. [eap] Request found, released from the list
949. [eap] EAP/peap
950. [eap] processing type peap
951. [peap] processing EAP-TLS
952. TLS Length 142
953. [peap] Length Included
954. [peap] eaptls_verify returned 11
955. [peap] (other): before/accept initialization
956. [peap] TLS_accept: before/accept initialization
957. [peap] <<< TLS 1.0 Handshake [length 0089], ClientHello
958. [peap] TLS_accept: SSLv3 read client hello A
959. [peap] >>> TLS 1.0 Handshake [length 0039], ServerHello
960. [peap] TLS_accept: SSLv3 write server hello A
961. [peap] >>> TLS 1.0 Handshake [length 02ce], Certificate
962. [peap] TLS_accept: SSLv3 write certificate A
963. [peap] >>> TLS 1.0 Handshake [length 014b], ServerKeyExchange
964. [peap] TLS_accept: SSLv3 write key exchange A
965. [peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
966. [peap] TLS_accept: SSLv3 write server done A
967. [peap] TLS_accept: SSLv3 flush data
968. [peap] TLS_accept: Need to read more data: SSLv3 read client certificate A
969. In SSL Handshake Phase
970. In SSL Accept mode
971. [peap] eaptls_process returned 13
972. [peap] EAPTLS_HANDLED
973. ++[eap] returns handled
974. Sending Access-Challenge of id 132 to 10.53.0.120 port 37861
975. EAP-Message = 0x0102040019c00000046a1603010039020000350301537eea860ffef8a571752c74863dde083ae88d1fd6cff23f768678d91408209e00c01400000dff01000100000b00040300010216030102ce0b0002ca0002c70002c4308202c0308201a8a003020102020900986dfc4d571507dd300d06092a864886f70d01010505003018311630140603550403130d48432d4141412d524144495553301e170d3134303131333139343734325a170d3234303131313139343734325a3018311630140603550403130d48432d4141412d52414449555330820122300d06092a864886f70d01010105000382010f003082010a0282010100d114b1f378116b16c7bf
976. EAP-Message = 0x3ade67a6f04ca388af3cb6c29f803bb0cbd9f1d5e719743d0b952059c41c5f0037e858d1cf657689ed920150aca2d93d307a350e8d3d80435cf51303ebc81a0a9ed913b220c42333ac94f0146bafe9552ca71b9d88f60f8d75c7a8c3dbcbc2d7ffb85b76927ac29e80d6cc304d33dbed23011c2aff7ada3702c2ccdba835d7d8cfeec23e86717ba29a541d745500eff40ff69d46b4be670d991d632029c8293092781dc5f8471bb2aebbb52d25521768234116676c5ee82da8c93a10e9c535b18e138622e37fa30e42af4f9e378864e30d9f24ce7f4f4a10e7a587aef4593f8ae4b61ee1c6f236e9ba3d9901fa09dd002e93f7f6ca7f0203010001a30d
977. EAP-Message = 0x300b30090603551d1304023000300d06092a864886f70d010105050003820101002e22fb1551dfeaf3fac790c5831d7397305620246204cdbb33388b379bfeb0375a98e6a2e3e1a028a0fb2ff393c3c8807471dbd23741f36a552290cf97e0c0853bfb3302a34f7c77d95c55b24f5cd9a38e0967158893e12d876a4f7d52a0475c3ed84711bb29f7fa11c058b369c927566193353fe4068c918ebab099842ca6b10c6fc1d63ebd7ef0e2dbe2d06431ce54c6065161335866b300b0ffab962c952b2ba192d8f3d7b124c176edb700fc33b548045a3d63de03f62407320dad2bcba3f0115ab30e2f915105a2dfa3d929ea2fd3e9a68b2d1455a4c8d93ba2
978. EAP-Message = 0x727d9ac5888ae363f29ef4c13a6f5495889e53d67c31789f820ae1d9f81b417321734bab160301014b0c00014703001741041c57466e43e523cfba547ab99429d3a55e17e0ba396c38ddb45e9ef10b5c4cbe0fcb91963890ecbb7901ef384d2b1dce7774e3f2ac63b38b8fbc8d413ba1be7e0100bd73d03caf20057b211437c4d861f325b72beeda0ee3c6b88603d0959448aead9afff9afbb292a1c693be4598b5727a649107b11147e356e0cb57208eed0820231b98df5f7f8c5a5b830540e9cb1e5f65d340d166e50e8691a0682ff8bf77a2d4402cf22dc1ae526b1941b8d95d658b2734ed25e124462e5ef3c30f2ae9f4361cfb0c5bf7c0dcdb427
979. EAP-Message = 0xac90e2a6ff2243e1e6460305
980. Message-Authenticator = 0x00000000000000000000000000000000
981. State = 0x7266577a73644e7b2983cf8ffc74c0c2
982. Finished request 76.
983. Going to the next request
984. Waking up in 3.8 seconds.
985. rad_recv: Access-Request packet from host 10.53.0.120 port 37861, id=30, length=337
986. User-Name = "expuser@hotcity.lu"
987. NAS-IP-Address = 172.16.70.21
988. NAS-Port = 108
989. Framed-MTU = 1400
990. Called-Station-Id = "20:b3:99:6c:74:c3"
991. Calling-Station-Id = "74:e1:b6:87:66:df"
992. NAS-Port-Type = Wireless-802.11
993. NAS-Identifier = "HC_SECURE_VNS"
994. Service-Type = Framed-User
995. Siemens-AP-Serial = "12461237905C0000"
996. Siemens-AP-Name = "HCSA_AP01"
997. Siemens-VNS-Name = "HC_SECURE_VNS"
998. Siemens-SSID = "HOTCITY_Secure"
999. Siemens-BSS-MAC = "20:b3:99:6c:74:c3"
1000. Siemens-Policy-Name = "POST_EAP_POLICY"
1001. Siemens-Topology-Name = "POST_EAP_USERS"
1002. EAP-Message = 0x020200061900
1003. State = 0x7266577a73644e7b2983cf8ffc74c0c2
1004. Message-Authenticator = 0x8b4278fd4e3f2d944bfbb83e01752801
1005. # Executing section authorize from file /etc/freeradius/sites-enabled/default
1006. +- entering group authorize {...}
1007. ++[preprocess] returns ok
1008. ++[chap] returns noop
1009. ++[mschap] returns noop
1010. ++[digest] returns noop
1011. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
1012. [suffix] No such realm "hotcity.lu"
1013. ++[suffix] returns noop
1014. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ )
1015. ? Evaluating (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/) -> FALSE
1016. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ ) -> FALSE
1017. ++? elsif (request:Realm == NULL )
1018. (Attribute request:Realm was not found)
1019. ? Evaluating (request:Realm == NULL ) -> FALSE
1020. ++? elsif (request:Realm == NULL ) -> FALSE
1021. [eap] EAP packet type response id 2 length 6
1022. [eap] Continuing tunnel setup.
1023. ++[eap] returns ok
1024. Found Auth-Type = EAP
1025. # Executing group from file /etc/freeradius/sites-enabled/default
1026. +- entering group authenticate {...}
1027. [eap] Request found, released from the list
1028. [eap] EAP/peap
1029. [eap] processing type peap
1030. [peap] processing EAP-TLS
1031. [peap] Received TLS ACK
1032. [peap] ACK handshake fragment handler
1033. [peap] eaptls_verify returned 1
1034. [peap] eaptls_process returned 13
1035. [peap] EAPTLS_HANDLED
1036. ++[eap] returns handled
1037. Sending Access-Challenge of id 30 to 10.53.0.120 port 37861
1038. EAP-Message = 0x0103007a1900162e2cacceb04703f63e1f99dbee6afde75b7f70805daae40dbc203daad28ada9bb3d97a05568261fc074d166cdf0ab3a32a37fe395c9018fc4022e4206794429fc5c07c157e8f04db0bf3e42dce9187716a04a524192f68e655b96f35b2ec5015ed3ed1ee8ccdf8089fa516030100040e000000
1039. Message-Authenticator = 0x00000000000000000000000000000000
1040. State = 0x7266577a70654e7b2983cf8ffc74c0c2
1041. Finished request 77.
1042. Going to the next request
1043. Waking up in 3.8 seconds.
1044. rad_recv: Access-Request packet from host 10.53.0.120 port 37861, id=171, length=475
1045. User-Name = "expuser@hotcity.lu"
1046. NAS-IP-Address = 172.16.70.21
1047. NAS-Port = 108
1048. Framed-MTU = 1400
1049. Called-Station-Id = "20:b3:99:6c:74:c3"
1050. Calling-Station-Id = "74:e1:b6:87:66:df"
1051. NAS-Port-Type = Wireless-802.11
1052. NAS-Identifier = "HC_SECURE_VNS"
1053. Service-Type = Framed-User
1054. Siemens-AP-Serial = "12461237905C0000"
1055. Siemens-AP-Name = "HCSA_AP01"
1056. Siemens-VNS-Name = "HC_SECURE_VNS"
1057. Siemens-SSID = "HOTCITY_Secure"
1058. Siemens-BSS-MAC = "20:b3:99:6c:74:c3"
1059. Siemens-Policy-Name = "POST_EAP_POLICY"
1060. Siemens-Topology-Name = "POST_EAP_USERS"
1061. EAP-Message = 0x020300901980000000861603010046100000424104f750212f950cfbaba37737100f530454b6526be69f22f6af34f135672a5d8b24fa15d28be098335dd2f1cd8eda98ad31f804bbe04d511b9b470b1ef8437063591403010001011603010030d9ae25e88a1feead0b25ac6b241cbebe145f7ff8a4a0f5664b17aeadd2c5bc48a91f813e4c6d784310c4a233e5e10295
1062. State = 0x7266577a70654e7b2983cf8ffc74c0c2
1063. Message-Authenticator = 0x2965d358f142cf8bd6a0730e4ac84c6f
1064. # Executing section authorize from file /etc/freeradius/sites-enabled/default
1065. +- entering group authorize {...}
1066. ++[preprocess] returns ok
1067. ++[chap] returns noop
1068. ++[mschap] returns noop
1069. ++[digest] returns noop
1070. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
1071. [suffix] No such realm "hotcity.lu"
1072. ++[suffix] returns noop
1073. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ )
1074. ? Evaluating (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/) -> FALSE
1075. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ ) -> FALSE
1076. ++? elsif (request:Realm == NULL )
1077. (Attribute request:Realm was not found)
1078. ? Evaluating (request:Realm == NULL ) -> FALSE
1079. ++? elsif (request:Realm == NULL ) -> FALSE
1080. [eap] EAP packet type response id 3 length 144
1081. [eap] Continuing tunnel setup.
1082. ++[eap] returns ok
1083. Found Auth-Type = EAP
1084. # Executing group from file /etc/freeradius/sites-enabled/default
1085. +- entering group authenticate {...}
1086. [eap] Request found, released from the list
1087. [eap] EAP/peap
1088. [eap] processing type peap
1089. [peap] processing EAP-TLS
1090. TLS Length 134
1091. [peap] Length Included
1092. [peap] eaptls_verify returned 11
1093. [peap] <<< TLS 1.0 Handshake [length 0046], ClientKeyExchange
1094. [peap] TLS_accept: SSLv3 read client key exchange A
1095. [peap] <<< TLS 1.0 ChangeCipherSpec [length 0001]
1096. [peap] <<< TLS 1.0 Handshake [length 0010], Finished
1097. [peap] TLS_accept: SSLv3 read finished A
1098. [peap] >>> TLS 1.0 ChangeCipherSpec [length 0001]
1099. [peap] TLS_accept: SSLv3 write change cipher spec A
1100. [peap] >>> TLS 1.0 Handshake [length 0010], Finished
1101. [peap] TLS_accept: SSLv3 write finished A
1102. [peap] TLS_accept: SSLv3 flush data
1103. [peap] (other): SSL negotiation finished successfully
1104. SSL Connection Established
1105. [peap] eaptls_process returned 13
1106. [peap] EAPTLS_HANDLED
1107. ++[eap] returns handled
1108. Sending Access-Challenge of id 171 to 10.53.0.120 port 37861
1109. EAP-Message = 0x01040041190014030100010116030100307babda810c0357853f04b98a12238a64c9e517f1c08f63bec3b498bd25b58be8715ae3deb8eb0683554e4d82ed86bf05
1110. Message-Authenticator = 0x00000000000000000000000000000000
1111. State = 0x7266577a71624e7b2983cf8ffc74c0c2
1112. Finished request 78.
1113. Going to the next request
1114. Waking up in 3.7 seconds.
1115. rad_recv: Access-Request packet from host 10.53.0.120 port 37861, id=171, length=337
1116. Cleaning up request 78 ID 171 with timestamp +774
1117. User-Name = "expuser@hotcity.lu"
1118. NAS-IP-Address = 172.16.70.21
1119. NAS-Port = 108
1120. Framed-MTU = 1400
1121. Called-Station-Id = "20:b3:99:6c:74:c3"
1122. Calling-Station-Id = "74:e1:b6:87:66:df"
1123. NAS-Port-Type = Wireless-802.11
1124. NAS-Identifier = "HC_SECURE_VNS"
1125. Service-Type = Framed-User
1126. Siemens-AP-Serial = "12461237905C0000"
1127. Siemens-AP-Name = "HCSA_AP01"
1128. Siemens-VNS-Name = "HC_SECURE_VNS"
1129. Siemens-SSID = "HOTCITY_Secure"
1130. Siemens-BSS-MAC = "20:b3:99:6c:74:c3"
1131. Siemens-Policy-Name = "POST_EAP_POLICY"
1132. Siemens-Topology-Name = "POST_EAP_USERS"
1133. EAP-Message = 0x020400061900
1134. State = 0x7266577a71624e7b2983cf8ffc74c0c2
1135. Message-Authenticator = 0x2df665bd00868a487af89f6e402d2d8f
1136. # Executing section authorize from file /etc/freeradius/sites-enabled/default
1137. +- entering group authorize {...}
1138. ++[preprocess] returns ok
1139. ++[chap] returns noop
1140. ++[mschap] returns noop
1141. ++[digest] returns noop
1142. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
1143. [suffix] No such realm "hotcity.lu"
1144. ++[suffix] returns noop
1145. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ )
1146. ? Evaluating (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/) -> FALSE
1147. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ ) -> FALSE
1148. ++? elsif (request:Realm == NULL )
1149. (Attribute request:Realm was not found)
1150. ? Evaluating (request:Realm == NULL ) -> FALSE
1151. ++? elsif (request:Realm == NULL ) -> FALSE
1152. [eap] EAP packet type response id 4 length 6
1153. [eap] Continuing tunnel setup.
1154. ++[eap] returns ok
1155. Found Auth-Type = EAP
1156. # Executing group from file /etc/freeradius/sites-enabled/default
1157. +- entering group authenticate {...}
1158. [eap] Request found, released from the list
1159. [eap] EAP/peap
1160. [eap] processing type peap
1161. [peap] processing EAP-TLS
1162. [peap] Received TLS ACK
1163. [peap] ACK handshake is finished
1164. [peap] eaptls_verify returned 3
1165. [peap] eaptls_process returned 3
1166. [peap] EAPTLS_SUCCESS
1167. [peap] Session established. Decoding tunneled attributes.
1168. [peap] Peap state TUNNEL ESTABLISHED
1169. ++[eap] returns handled
1170. Sending Access-Challenge of id 171 to 10.53.0.120 port 37861
1171. EAP-Message = 0x0105002b190017030100208d1785db1b47ee6ee58aad58ded743540850ed5de9ad31935043d3da986e8dc3
1172. Message-Authenticator = 0x00000000000000000000000000000000
1173. State = 0x7266577a76634e7b2983cf8ffc74c0c2
1174. Finished request 79.
1175. Going to the next request
1176. Waking up in 3.7 seconds.
1177. rad_recv: Access-Request packet from host 10.53.0.120 port 37861, id=253, length=390
1178. User-Name = "expuser@hotcity.lu"
1179. NAS-IP-Address = 172.16.70.21
1180. NAS-Port = 108
1181. Framed-MTU = 1400
1182. Called-Station-Id = "20:b3:99:6c:74:c3"
1183. Calling-Station-Id = "74:e1:b6:87:66:df"
1184. NAS-Port-Type = Wireless-802.11
1185. NAS-Identifier = "HC_SECURE_VNS"
1186. Service-Type = Framed-User
1187. Siemens-AP-Serial = "12461237905C0000"
1188. Siemens-AP-Name = "HCSA_AP01"
1189. Siemens-VNS-Name = "HC_SECURE_VNS"
1190. Siemens-SSID = "HOTCITY_Secure"
1191. Siemens-BSS-MAC = "20:b3:99:6c:74:c3"
1192. Siemens-Policy-Name = "POST_EAP_POLICY"
1193. Siemens-Topology-Name = "POST_EAP_USERS"
1194. EAP-Message = 0x0205003b19001703010030d2723e9c5eddaddc78ff25c2fbced9748b137e672a79d13b01c33af95b5e2bc65c1c742f8970439b7eecd65a5f5cdb8a
1195. State = 0x7266577a76634e7b2983cf8ffc74c0c2
1196. Message-Authenticator = 0x479afa6ebfbcd130fe08ee95c39dd973
1197. # Executing section authorize from file /etc/freeradius/sites-enabled/default
1198. +- entering group authorize {...}
1199. ++[preprocess] returns ok
1200. ++[chap] returns noop
1201. ++[mschap] returns noop
1202. ++[digest] returns noop
1203. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
1204. [suffix] No such realm "hotcity.lu"
1205. ++[suffix] returns noop
1206. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ )
1207. ? Evaluating (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/) -> FALSE
1208. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ ) -> FALSE
1209. ++? elsif (request:Realm == NULL )
1210. (Attribute request:Realm was not found)
1211. ? Evaluating (request:Realm == NULL ) -> FALSE
1212. ++? elsif (request:Realm == NULL ) -> FALSE
1213. [eap] EAP packet type response id 5 length 59
1214. [eap] Continuing tunnel setup.
1215. ++[eap] returns ok
1216. Found Auth-Type = EAP
1217. # Executing group from file /etc/freeradius/sites-enabled/default
1218. +- entering group authenticate {...}
1219. [eap] Request found, released from the list
1220. [eap] EAP/peap
1221. [eap] processing type peap
1222. [peap] processing EAP-TLS
1223. [peap] eaptls_verify returned 7
1224. [peap] Done initial handshake
1225. [peap] eaptls_process returned 7
1226. [peap] EAPTLS_OK
1227. [peap] Session established. Decoding tunneled attributes.
1228. [peap] Peap state WAITING FOR INNER IDENTITY
1229. [peap] Identity - expuser@hotcity.lu
1230. [peap] Got inner identity 'expuser@hotcity.lu'
1231. [peap] Setting default EAP type for tunneled EAP session.
1232. [peap] Got tunneled request
1233. EAP-Message = 0x02050017016578707573657240686f74636974792e6c75
1234. server {
1235. [peap] Setting User-Name to expuser@hotcity.lu
1236. Sending tunneled request
1237. EAP-Message = 0x02050017016578707573657240686f74636974792e6c75
1238. FreeRADIUS-Proxied-To = 127.0.0.1
1239. User-Name = "expuser@hotcity.lu"
1240. server inner-tunnel {
1241. # Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
1242. +- entering group authorize {...}
1243. ++[chap] returns noop
1244. ++[mschap] returns noop
1245. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
1246. [suffix] No such realm "hotcity.lu"
1247. ++[suffix] returns noop
1248. ++[control] returns noop
1249. [eap] EAP packet type response id 5 length 23
1250. [eap] No EAP Start, assuming it's an on-going EAP conversation
1251. ++[eap] returns updated
1252. [files] users: Matched entry expuser@hotcity.lu at line 207
1253. ++[files] returns ok
1254. [sql] expand: %{User-Name} -> expuser@hotcity.lu
1255. [sql] sql_set_user escaped user --> 'expuser@hotcity.lu'
1256. rlm_sql (sql): Reserving sql socket id: 0
1257. [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'expuser@hotcity.lu' ORDER BY id
1258. [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'expuser@hotcity.lu' ORDER BY priority
1259. rlm_sql (sql): Released sql socket id: 0
1260. [sql] User expuser@hotcity.lu not found
1261. ++[sql] returns notfound
1262. [expiration] Checking Expiration time: '23 May 2014 08:30:00'
1263. ++[expiration] returns ok
1264. ++[logintime] returns noop
1265. [pap] WARNING: Auth-Type already set. Not setting to PAP
1266. ++[pap] returns noop
1267. Found Auth-Type = EAP
1268. # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
1269. +- entering group authenticate {...}
1270. [eap] EAP Identity
1271. [eap] processing type mschapv2
1272. rlm_eap_mschapv2: Issuing Challenge
1273. ++[eap] returns handled
1274. } # server inner-tunnel
1275. [peap] Got tunneled reply code 11
1276. Idle-Timeout = 60
1277. Termination-Action = RADIUS-Request
1278. Session-Timeout = 98
1279. EAP-Message = 0x0106002c1a0106002710a2130142a89dcca320b5cd9b4ea47c466578707573657240686f74636974792e6c75
1280. Message-Authenticator = 0x00000000000000000000000000000000
1281. State = 0x84aafae584ace04616af5f9939797486
1282. [peap] Got tunneled reply RADIUS code 11
1283. Idle-Timeout = 60
1284. Termination-Action = RADIUS-Request
1285. Session-Timeout = 98
1286. EAP-Message = 0x0106002c1a0106002710a2130142a89dcca320b5cd9b4ea47c466578707573657240686f74636974792e6c75
1287. Message-Authenticator = 0x00000000000000000000000000000000
1288. State = 0x84aafae584ace04616af5f9939797486
1289. [peap] Got tunneled Access-Challenge
1290. ++[eap] returns handled
1291. Sending Access-Challenge of id 253 to 10.53.0.120 port 37861
1292. EAP-Message = 0x0106004b19001703010040b52bb9480f1e5d4e35f233218f0a34cdf04cfb957f70e571071dc7c8ad541a43d02573b3a80d59918e8d69a5bbfb855b69246161268519cb11b8124ff0f0e8d4
1293. Message-Authenticator = 0x00000000000000000000000000000000
1294. State = 0x7266577a77604e7b2983cf8ffc74c0c2
1295. Finished request 80.
1296. Going to the next request
1297. Waking up in 3.7 seconds.
1298. rad_recv: Access-Request packet from host 10.53.0.120 port 37861, id=190, length=438
1299. User-Name = "expuser@hotcity.lu"
1300. NAS-IP-Address = 172.16.70.21
1301. NAS-Port = 108
1302. Framed-MTU = 1400
1303. Called-Station-Id = "20:b3:99:6c:74:c3"
1304. Calling-Station-Id = "74:e1:b6:87:66:df"
1305. NAS-Port-Type = Wireless-802.11
1306. NAS-Identifier = "HC_SECURE_VNS"
1307. Service-Type = Framed-User
1308. Siemens-AP-Serial = "12461237905C0000"
1309. Siemens-AP-Name = "HCSA_AP01"
1310. Siemens-VNS-Name = "HC_SECURE_VNS"
1311. Siemens-SSID = "HOTCITY_Secure"
1312. Siemens-BSS-MAC = "20:b3:99:6c:74:c3"
1313. Siemens-Policy-Name = "POST_EAP_POLICY"
1314. Siemens-Topology-Name = "POST_EAP_USERS"
1315. EAP-Message = 0x0206006b19001703010060554054274d88ca45d3ba2468b9495fd8bdf8293403ae505aa9a436f1e335b9fa3827a468b7117a4d880bffb63509c588fb339b2bed48f3552e5c72b3245e4f9158c2d43fe8b0ab8dc0893ec7b161f5a114cede2a87850d1970b73966bc91f1da
1316. State = 0x7266577a77604e7b2983cf8ffc74c0c2
1317. Message-Authenticator = 0xb94771468ba45eeb32946ec410a5dcfd
1318. # Executing section authorize from file /etc/freeradius/sites-enabled/default
1319. +- entering group authorize {...}
1320. ++[preprocess] returns ok
1321. ++[chap] returns noop
1322. ++[mschap] returns noop
1323. ++[digest] returns noop
1324. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
1325. [suffix] No such realm "hotcity.lu"
1326. ++[suffix] returns noop
1327. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ )
1328. ? Evaluating (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/) -> FALSE
1329. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ ) -> FALSE
1330. ++? elsif (request:Realm == NULL )
1331. (Attribute request:Realm was not found)
1332. ? Evaluating (request:Realm == NULL ) -> FALSE
1333. ++? elsif (request:Realm == NULL ) -> FALSE
1334. [eap] EAP packet type response id 6 length 107
1335. [eap] Continuing tunnel setup.
1336. ++[eap] returns ok
1337. Found Auth-Type = EAP
1338. # Executing group from file /etc/freeradius/sites-enabled/default
1339. +- entering group authenticate {...}
1340. [eap] Request found, released from the list
1341. [eap] EAP/peap
1342. [eap] processing type peap
1343. [peap] processing EAP-TLS
1344. [peap] eaptls_verify returned 7
1345. [peap] Done initial handshake
1346. [peap] eaptls_process returned 7
1347. [peap] EAPTLS_OK
1348. [peap] Session established. Decoding tunneled attributes.
1349. [peap] Peap state phase2
1350. [peap] EAP type mschapv2
1351. [peap] Got tunneled request
1352. EAP-Message = 0x0206004d1a020600483160b4cc7dfabf0cc0c6ac10a3a26690aa00000000000000004070733024014a119ea9e532960f5cba9c44d4d222571a43006578707573657240686f74636974792e6c75
1353. server {
1354. [peap] Setting User-Name to expuser@hotcity.lu
1355. Sending tunneled request
1356. EAP-Message = 0x0206004d1a020600483160b4cc7dfabf0cc0c6ac10a3a26690aa00000000000000004070733024014a119ea9e532960f5cba9c44d4d222571a43006578707573657240686f74636974792e6c75
1357. FreeRADIUS-Proxied-To = 127.0.0.1
1358. User-Name = "expuser@hotcity.lu"
1359. State = 0x84aafae584ace04616af5f9939797486
1360. server inner-tunnel {
1361. # Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
1362. +- entering group authorize {...}
1363. ++[chap] returns noop
1364. ++[mschap] returns noop
1365. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
1366. [suffix] No such realm "hotcity.lu"
1367. ++[suffix] returns noop
1368. ++[control] returns noop
1369. [eap] EAP packet type response id 6 length 77
1370. [eap] No EAP Start, assuming it's an on-going EAP conversation
1371. ++[eap] returns updated
1372. [files] users: Matched entry expuser@hotcity.lu at line 207
1373. ++[files] returns ok
1374. [sql] expand: %{User-Name} -> expuser@hotcity.lu
1375. [sql] sql_set_user escaped user --> 'expuser@hotcity.lu'
1376. rlm_sql (sql): Reserving sql socket id: 4
1377. [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'expuser@hotcity.lu' ORDER BY id
1378. [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'expuser@hotcity.lu' ORDER BY priority
1379. rlm_sql (sql): Released sql socket id: 4
1380. [sql] User expuser@hotcity.lu not found
1381. ++[sql] returns notfound
1382. [expiration] Checking Expiration time: '23 May 2014 08:30:00'
1383. ++[expiration] returns ok
1384. ++[logintime] returns noop
1385. [pap] WARNING: Auth-Type already set. Not setting to PAP
1386. ++[pap] returns noop
1387. Found Auth-Type = EAP
1388. # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
1389. +- entering group authenticate {...}
1390. [eap] Request found, released from the list
1391. [eap] EAP/mschapv2
1392. [eap] processing type mschapv2
1393. [mschapv2] # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
1394. [mschapv2] +- entering group MS-CHAP {...}
1395. [mschap] Creating challenge hash with username: expuser@hotcity.lu
1396. [mschap] Told to do MS-CHAPv2 for expuser@hotcity.lu with NT-Password
1397. [mschap] adding MS-CHAPv2 MPPE keys
1398. ++[mschap] returns ok
1399. MSCHAP Success
1400. ++[eap] returns handled
1401. } # server inner-tunnel
1402. [peap] Got tunneled reply code 11
1403. Idle-Timeout = 60
1404. Termination-Action = RADIUS-Request
1405. Session-Timeout = 98
1406. EAP-Message = 0x010700331a0306002e533d45303043344133343936323846354541373745384635334241464538354646463536384542433343
1407. Message-Authenticator = 0x00000000000000000000000000000000
1408. State = 0x84aafae585ade04616af5f9939797486
1409. [peap] Got tunneled reply RADIUS code 11
1410. Idle-Timeout = 60
1411. Termination-Action = RADIUS-Request
1412. Session-Timeout = 98
1413. EAP-Message = 0x010700331a0306002e533d45303043344133343936323846354541373745384635334241464538354646463536384542433343
1414. Message-Authenticator = 0x00000000000000000000000000000000
1415. State = 0x84aafae585ade04616af5f9939797486
1416. [peap] Got tunneled Access-Challenge
1417. ++[eap] returns handled
1418. Sending Access-Challenge of id 190 to 10.53.0.120 port 37861
1419. EAP-Message = 0x0107005b1900170301005029b40bad6ec7cab815666d5a15276896d6a500d086d65c3fab2742dababa1c828f02024a777a4442eeff409954a9ebb6af6e29586f1a9b18b255949ac8d7396f23b1be71c57857c64872eb6aa9dfa13e
1420. Message-Authenticator = 0x00000000000000000000000000000000
1421. State = 0x7266577a74614e7b2983cf8ffc74c0c2
1422. Finished request 81.
1423. Going to the next request
1424. Waking up in 3.6 seconds.
1425. rad_recv: Access-Request packet from host 10.53.0.120 port 37861, id=219, length=374
1426. User-Name = "expuser@hotcity.lu"
1427. NAS-IP-Address = 172.16.70.21
1428. NAS-Port = 108
1429. Framed-MTU = 1400
1430. Called-Station-Id = "20:b3:99:6c:74:c3"
1431. Calling-Station-Id = "74:e1:b6:87:66:df"
1432. NAS-Port-Type = Wireless-802.11
1433. NAS-Identifier = "HC_SECURE_VNS"
1434. Service-Type = Framed-User
1435. Siemens-AP-Serial = "12461237905C0000"
1436. Siemens-AP-Name = "HCSA_AP01"
1437. Siemens-VNS-Name = "HC_SECURE_VNS"
1438. Siemens-SSID = "HOTCITY_Secure"
1439. Siemens-BSS-MAC = "20:b3:99:6c:74:c3"
1440. Siemens-Policy-Name = "POST_EAP_POLICY"
1441. Siemens-Topology-Name = "POST_EAP_USERS"
1442. EAP-Message = 0x0207002b19001703010020f261e9c254ac9b3b67e597220d9c2a9e6ed360de3e0ff7b65dd08f87b32f427d
1443. State = 0x7266577a74614e7b2983cf8ffc74c0c2
1444. Message-Authenticator = 0x66eed3c7162094a02db668c8e6fdbd27
1445. # Executing section authorize from file /etc/freeradius/sites-enabled/default
1446. +- entering group authorize {...}
1447. ++[preprocess] returns ok
1448. ++[chap] returns noop
1449. ++[mschap] returns noop
1450. ++[digest] returns noop
1451. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
1452. [suffix] No such realm "hotcity.lu"
1453. ++[suffix] returns noop
1454. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ )
1455. ? Evaluating (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/) -> FALSE
1456. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ ) -> FALSE
1457. ++? elsif (request:Realm == NULL )
1458. (Attribute request:Realm was not found)
1459. ? Evaluating (request:Realm == NULL ) -> FALSE
1460. ++? elsif (request:Realm == NULL ) -> FALSE
1461. [eap] EAP packet type response id 7 length 43
1462. [eap] Continuing tunnel setup.
1463. ++[eap] returns ok
1464. Found Auth-Type = EAP
1465. # Executing group from file /etc/freeradius/sites-enabled/default
1466. +- entering group authenticate {...}
1467. [eap] Request found, released from the list
1468. [eap] EAP/peap
1469. [eap] processing type peap
1470. [peap] processing EAP-TLS
1471. [peap] eaptls_verify returned 7
1472. [peap] Done initial handshake
1473. [peap] eaptls_process returned 7
1474. [peap] EAPTLS_OK
1475. [peap] Session established. Decoding tunneled attributes.
1476. [peap] Peap state phase2
1477. [peap] EAP type mschapv2
1478. [peap] Got tunneled request
1479. EAP-Message = 0x020700061a03
1480. server {
1481. [peap] Setting User-Name to expuser@hotcity.lu
1482. Sending tunneled request
1483. EAP-Message = 0x020700061a03
1484. FreeRADIUS-Proxied-To = 127.0.0.1
1485. User-Name = "expuser@hotcity.lu"
1486. State = 0x84aafae585ade04616af5f9939797486
1487. server inner-tunnel {
1488. # Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
1489. +- entering group authorize {...}
1490. ++[chap] returns noop
1491. ++[mschap] returns noop
1492. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
1493. [suffix] No such realm "hotcity.lu"
1494. ++[suffix] returns noop
1495. ++[control] returns noop
1496. [eap] EAP packet type response id 7 length 6
1497. [eap] No EAP Start, assuming it's an on-going EAP conversation
1498. ++[eap] returns updated
1499. [files] users: Matched entry expuser@hotcity.lu at line 207
1500. ++[files] returns ok
1501. [sql] expand: %{User-Name} -> expuser@hotcity.lu
1502. [sql] sql_set_user escaped user --> 'expuser@hotcity.lu'
1503. rlm_sql (sql): Reserving sql socket id: 3
1504. [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'expuser@hotcity.lu' ORDER BY id
1505. [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'expuser@hotcity.lu' ORDER BY priority
1506. rlm_sql (sql): Released sql socket id: 3
1507. [sql] User expuser@hotcity.lu not found
1508. ++[sql] returns notfound
1509. [expiration] Checking Expiration time: '23 May 2014 08:30:00'
1510. ++[expiration] returns ok
1511. ++[logintime] returns noop
1512. [pap] WARNING: Auth-Type already set. Not setting to PAP
1513. ++[pap] returns noop
1514. Found Auth-Type = EAP
1515. # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
1516. +- entering group authenticate {...}
1517. [eap] Request found, released from the list
1518. [eap] EAP/mschapv2
1519. [eap] processing type mschapv2
1520. [eap] Freeing handler
1521. ++[eap] returns ok
1522. WARNING: Empty post-auth section. Using default return values.
1523. # Executing section post-auth from file /etc/freeradius/sites-enabled/inner-tunnel
1524. } # server inner-tunnel
1525. [peap] Got tunneled reply code 2
1526. Idle-Timeout = 60
1527. Termination-Action = RADIUS-Request
1528. Session-Timeout = 98
1529. MS-MPPE-Encryption-Policy = 0x00000001
1530. MS-MPPE-Encryption-Types = 0x00000006
1531. MS-MPPE-Send-Key = 0xc80906005e0910f8d4ffeb9a5ada1c7f
1532. MS-MPPE-Recv-Key = 0x705a7a1164263b06c73a3ae886174209
1533. EAP-Message = 0x03070004
1534. Message-Authenticator = 0x00000000000000000000000000000000
1535. User-Name = "expuser@hotcity.lu"
1536. [peap] Got tunneled reply RADIUS code 2
1537. Idle-Timeout = 60
1538. Termination-Action = RADIUS-Request
1539. Session-Timeout = 98
1540. MS-MPPE-Encryption-Policy = 0x00000001
1541. MS-MPPE-Encryption-Types = 0x00000006
1542. MS-MPPE-Send-Key = 0xc80906005e0910f8d4ffeb9a5ada1c7f
1543. MS-MPPE-Recv-Key = 0x705a7a1164263b06c73a3ae886174209
1544. EAP-Message = 0x03070004
1545. Message-Authenticator = 0x00000000000000000000000000000000
1546. User-Name = "expuser@hotcity.lu"
1547. [peap] Tunneled authentication was successful.
1548. [peap] SUCCESS
1549. ++[eap] returns handled
1550. Sending Access-Challenge of id 219 to 10.53.0.120 port 37861
1551. EAP-Message = 0x0108002b1900170301002098dc9156e032400c0beeafef92469a63e41512878d4aa2c31b68b83b6a05c83f
1552. Message-Authenticator = 0x00000000000000000000000000000000
1553. State = 0x7266577a756e4e7b2983cf8ffc74c0c2
1554. Finished request 82.
1555. Going to the next request
1556. Waking up in 3.6 seconds.
1557. rad_recv: Access-Request packet from host 10.53.0.120 port 37861, id=146, length=374
1558. User-Name = "expuser@hotcity.lu"
1559. NAS-IP-Address = 172.16.70.21
1560. NAS-Port = 108
1561. Framed-MTU = 1400
1562. Called-Station-Id = "20:b3:99:6c:74:c3"
1563. Calling-Station-Id = "74:e1:b6:87:66:df"
1564. NAS-Port-Type = Wireless-802.11
1565. NAS-Identifier = "HC_SECURE_VNS"
1566. Service-Type = Framed-User
1567. Siemens-AP-Serial = "12461237905C0000"
1568. Siemens-AP-Name = "HCSA_AP01"
1569. Siemens-VNS-Name = "HC_SECURE_VNS"
1570. Siemens-SSID = "HOTCITY_Secure"
1571. Siemens-BSS-MAC = "20:b3:99:6c:74:c3"
1572. Siemens-Policy-Name = "POST_EAP_POLICY"
1573. Siemens-Topology-Name = "POST_EAP_USERS"
1574. EAP-Message = 0x0208002b190017030100205b399352bcead68483457aec14f11d90864726a833b2b2d80dc1267f7186221a
1575. State = 0x7266577a756e4e7b2983cf8ffc74c0c2
1576. Message-Authenticator = 0x312677e03cdda442e43050df9827b2be
1577. # Executing section authorize from file /etc/freeradius/sites-enabled/default
1578. +- entering group authorize {...}
1579. ++[preprocess] returns ok
1580. ++[chap] returns noop
1581. ++[mschap] returns noop
1582. ++[digest] returns noop
1583. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
1584. [suffix] No such realm "hotcity.lu"
1585. ++[suffix] returns noop
1586. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ )
1587. ? Evaluating (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/) -> FALSE
1588. ++? if (request:User-Name =~ /^6(2|6|9)1[0-9]{6}$/ ) -> FALSE
1589. ++? elsif (request:Realm == NULL )
1590. (Attribute request:Realm was not found)
1591. ? Evaluating (request:Realm == NULL ) -> FALSE
1592. ++? elsif (request:Realm == NULL ) -> FALSE
1593. [eap] EAP packet type response id 8 length 43
1594. [eap] Continuing tunnel setup.
1595. ++[eap] returns ok
1596. Found Auth-Type = EAP
1597. # Executing group from file /etc/freeradius/sites-enabled/default
1598. +- entering group authenticate {...}
1599. [eap] Request found, released from the list
1600. [eap] EAP/peap
1601. [eap] processing type peap
1602. [peap] processing EAP-TLS
1603. [peap] eaptls_verify returned 7
1604. [peap] Done initial handshake
1605. [peap] eaptls_process returned 7
1606. [peap] EAPTLS_OK
1607. [peap] Session established. Decoding tunneled attributes.
1608. [peap] Peap state send tlv success
1609. [peap] Received EAP-TLV response.
1610. [peap] Success
1611. [eap] Freeing handler
1612. ++[eap] returns ok
1613. # Executing section post-auth from file /etc/freeradius/sites-enabled/default
1614. +- entering group post-auth {...}
1615. ++[exec] returns noop
1616. Sending Access-Accept of id 146 to 10.53.0.120 port 37861
1617. MS-MPPE-Recv-Key = 0x323d1b5ce6fdf64d9c9c20ab35f2ee6ee8b4ef9464393808eae5efe36d9245a1
1618. MS-MPPE-Send-Key = 0xab0cc48caf65fa8f5ad74a4778477fe2b337123866a9c49395545812be4cf962
1619. EAP-Message = 0x03080004
1620. Message-Authenticator = 0x00000000000000000000000000000000
1621. User-Name = "expuser@hotcity.lu"
1622. Finished request 83.
1623. Going to the next request
1624. Waking up in 3.6 seconds.
1625. rad_recv: Accounting-Request packet from host 10.53.0.120 port 54554, id=0, length=395
1626. Acct-Session-Id = "537eea98003d"
1627. NAS-Port = 108
1628. User-Name = "expuser@hotcity.lu"
1629. Filter-Id = "POST_EAP_POLICY"
1630. Acct-Interim-Interval = 1800
1631. Session-Timeout = 0
1632. Acct-Status-Type = Interim-Update
1633. Acct-Delay-Time = 1
1634. Acct-Authentic = RADIUS
1635. Framed-IP-Address = 10.30.118.192
1636. Connect-Info = "802.11b/g"
1637. NAS-Port-Type = Wireless-802.11
1638. Called-Station-Id = "20:B3:99:6C:74:C3"
1639. Calling-Station-Id = "74:E1:B6:87:66:DF"
1640. NAS-IP-Address = 172.16.70.21
1641. NAS-Identifier = "HC_SECURE_VNS"
1642. Siemens-AP-Serial = "12461237905C0000"
1643. Siemens-AP-Name = "HCSA_AP01"
1644. Siemens-BSS-MAC = "20:B3:99:6C:74:C3"
1645. Siemens-VNS-Name = "HC_SECURE_VNS"
1646. Siemens-SSID = "HOTCITY_Secure"
1647. Siemens-Policy-Name = "POST_EAP_POLICY"
1648. Siemens-Topology-Name = "POST_EAP_USERS"
1649. Siemens-Ingress-RC-Name = "n/a"
1650. Siemens-Egress-RC-Name = "n/a"
1651. Acct-Session-Time = 2
1652. Acct-Output-Packets = 0
1653. Acct-Input-Packets = 0
1654. Acct-Output-Octets = 0
1655. Acct-Input-Octets = 0
1656. # Executing section preacct from file /etc/freeradius/sites-enabled/default
1657. +- entering group preacct {...}
1658. ++[preprocess] returns ok
1659. [acct_unique] Hashing 'NAS-Port = 108,Client-IP-Address = 10.53.0.120,NAS-IP-Address = 172.16.70.21,Acct-Session-Id = "537eea98003d",User-Name = "expuser@hotcity.lu"'
1660. [acct_unique] Acct-Unique-Session-ID = "45f5660ca83bdef3".
1661. ++[acct_unique] returns ok
1662. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
1663. [suffix] No such realm "hotcity.lu"
1664. ++[suffix] returns noop
1665. ++[files] returns noop
1666. # Executing section accounting from file /etc/freeradius/sites-enabled/default
1667. +- entering group accounting {...}
1668. [detail] expand: %{Packet-Src-IP-Address} -> 10.53.0.120
1669. [detail] expand: /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d -> /var/log/freeradius/radacct/10.53.0.120/detail-20140523
1670. [detail] /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d expands to /var/log/freeradius/radacct/10.53.0.120/detail-20140523
1671. [detail] expand: %t -> Fri May 23 08:28:23 2014
1672. ++[detail] returns ok
1673. ++[unix] returns noop
1674. [radutmp] expand: /var/log/freeradius/radutmp -> /var/log/freeradius/radutmp
1675. [radutmp] expand: %{User-Name} -> expuser@hotcity.lu
1676. ++[radutmp] returns ok
1677. ++[exec] returns noop
1678. [attr_filter.accounting_response] expand: %{User-Name} -> expuser@hotcity.lu
1679. attr_filter: Matched entry DEFAULT at line 12
1680. ++[attr_filter.accounting_response] returns updated
1681. Sending Accounting-Response of id 0 to 10.53.0.120 port 54554
1682. Finished request 84.
1683. Cleaning up request 84 ID 0 with timestamp +775
1684. Going to the next request
1685. Waking up in 2.4 seconds.
1686. rad_recv: Accounting-Request packet from host 10.53.0.120 port 54554, id=0, length=395
1687. Acct-Session-Id = "537eea98003d"
1688. NAS-Port = 108
1689. User-Name = "expuser@hotcity.lu"
1690. Filter-Id = "POST_EAP_POLICY"
1691. Acct-Interim-Interval = 1800
1692. Session-Timeout = 0
1693. Acct-Status-Type = Interim-Update
1694. Acct-Delay-Time = 3
1695. Acct-Authentic = RADIUS
1696. Framed-IP-Address = 10.135.0.105
1697. Connect-Info = "802.11b/g"
1698. NAS-Port-Type = Wireless-802.11
1699. Called-Station-Id = "20:B3:99:6C:74:C3"
1700. Calling-Station-Id = "74:E1:B6:87:66:DF"
1701. NAS-IP-Address = 172.16.70.21
1702. NAS-Identifier = "HC_SECURE_VNS"
1703. Siemens-AP-Serial = "12461237905C0000"
1704. Siemens-AP-Name = "HCSA_AP01"
1705. Siemens-BSS-MAC = "20:B3:99:6C:74:C3"
1706. Siemens-VNS-Name = "HC_SECURE_VNS"
1707. Siemens-SSID = "HOTCITY_Secure"
1708. Siemens-Policy-Name = "POST_EAP_POLICY"
1709. Siemens-Topology-Name = "POST_EAP_USERS"
1710. Siemens-Ingress-RC-Name = "n/a"
1711. Siemens-Egress-RC-Name = "n/a"
1712. Acct-Session-Time = 4
1713. Acct-Output-Packets = 0
1714. Acct-Input-Packets = 0
1715. Acct-Output-Octets = 0
1716. Acct-Input-Octets = 0
1717. # Executing section preacct from file /etc/freeradius/sites-enabled/default
1718. +- entering group preacct {...}
1719. ++[preprocess] returns ok
1720. [acct_unique] Hashing 'NAS-Port = 108,Client-IP-Address = 10.53.0.120,NAS-IP-Address = 172.16.70.21,Acct-Session-Id = "537eea98003d",User-Name = "expuser@hotcity.lu"'
1721. [acct_unique] Acct-Unique-Session-ID = "45f5660ca83bdef3".
1722. ++[acct_unique] returns ok
1723. [suffix] Looking up realm "hotcity.lu" for User-Name = "expuser@hotcity.lu"
1724. [suffix] No such realm "hotcity.lu"
1725. ++[suffix] returns noop
1726. ++[files] returns noop
1727. # Executing section accounting from file /etc/freeradius/sites-enabled/default
1728. +- entering group accounting {...}
1729. [detail] expand: %{Packet-Src-IP-Address} -> 10.53.0.120
1730. [detail] expand: /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d -> /var/log/freeradius/radacct/10.53.0.120/detail-20140523
1731. [detail] /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d expands to /var/log/freeradius/radacct/10.53.0.120/detail-20140523
1732. [detail] expand: %t -> Fri May 23 08:28:25 2014
1733. ++[detail] returns ok
1734. ++[unix] returns noop
1735. [radutmp] expand: /var/log/freeradius/radutmp -> /var/log/freeradius/radutmp
1736. [radutmp] expand: %{User-Name} -> expuser@hotcity.lu
1737. ++[radutmp] returns ok
1738. ++[exec] returns noop
1739. [attr_filter.accounting_response] expand: %{User-Name} -> expuser@hotcity.lu
1740. attr_filter: Matched entry DEFAULT at line 12
1741. ++[attr_filter.accounting_response] returns updated
1742. Sending Accounting-Response of id 0 to 10.53.0.120 port 54554
1743. Finished request 85.
1744. Cleaning up request 85 ID 0 with timestamp +777
1745. Going to the next request
1746. Waking up in 0.4 seconds.
1747. Cleaning up request 65 ID 107 with timestamp +772
1748. Cleaning up request 66 ID 193 with timestamp +772
1749. Cleaning up request 67 ID 254 with timestamp +773
1750. Cleaning up request 68 ID 201 with timestamp +773
1751. Cleaning up request 69 ID 51 with timestamp +773
1752. Cleaning up request 70 ID 156 with timestamp +773
1753. Cleaning up request 71 ID 126 with timestamp +773
1754. Cleaning up request 72 ID 205 with timestamp +773
1755. Cleaning up request 73 ID 79 with timestamp +773
1756. Waking up in 0.6 seconds.
1757. Cleaning up request 75 ID 21 with timestamp +773
1758. Cleaning up request 76 ID 132 with timestamp +774
1759. Cleaning up request 77 ID 30 with timestamp +774
1760. Waking up in 0.1 seconds.
1761. Cleaning up request 79 ID 171 with timestamp +774
1762. Cleaning up request 80 ID 253 with timestamp +774
1763. Cleaning up request 81 ID 190 with timestamp +774
1764. Cleaning up request 82 ID 219 with timestamp +774
1765. Cleaning up request 83 ID 146 with timestamp +774
1766. Ready to process requests.