Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- FreeRADIUS Version 2.2.0, for host i686-pc-linux-gnu, built on Sep 20 2012 at 09:52:41
- Copyright (C) 1999-2012 The FreeRADIUS server project and contributors.
- There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
- PARTICULAR PURPOSE.
- You may redistribute copies of FreeRADIUS under the terms of the
- GNU General Public License v2.
- Starting - reading configuration files ...
- including configuration file /etc/freeradius/radiusd.conf
- including configuration file /etc/freeradius/proxy.conf
- including configuration file /etc/freeradius/clients.conf
- including configuration file /etc/freeradius/eap.conf
- including configuration file /etc/freeradius/policy.conf
- including files in directory /etc/freeradius/sites-enabled/
- including configuration file /etc/freeradius/sites-enabled/default
- including configuration file /etc/freeradius/sites-enabled/inner-tunnel
- main {
- user = "freerad"
- group = "freerad"
- allow_core_dumps = no
- }
- including dictionary file /etc/freeradius/dictionary
- main {
- name = "radiusd"
- prefix = "/usr"
- localstatedir = "/var"
- sbindir = "/usr/sbin"
- logdir = "/var/log/freeradius"
- run_dir = "/var/run/freeradius"
- libdir = "/usr/lib/freeradius"
- radacctdir = "/var/log/freeradius/radacct"
- hostname_lookups = no
- max_request_time = 30
- cleanup_delay = 5
- max_requests = 1024
- pidfile = "/var/run/freeradius/freeradius.pid"
- checkrad = "/usr/sbin/checkrad"
- debug_level = 0
- proxy_requests = yes
- log {
- stripped_names = no
- auth = yes
- auth_badpass = no
- auth_goodpass = no
- }
- security {
- max_attributes = 200
- reject_delay = 1
- status_server = yes
- }
- }
- radiusd: #### Loading Realms and Home Servers ####
- proxy server {
- retry_delay = 5
- retry_count = 3
- default_fallback = no
- dead_time = 120
- wake_all_if_all_dead = no
- }
- home_server localhost {
- ipaddr = 127.0.0.1
- port = 1812
- type = "auth"
- secret = "testing123"
- response_window = 20
- max_outstanding = 65536
- require_message_authenticator = no
- zombie_period = 40
- status_check = "status-server"
- ping_interval = 30
- check_interval = 30
- num_answers_to_alive = 3
- num_pings_to_alive = 3
- revive_interval = 120
- status_check_timeout = 4
- coa {
- irt = 2
- mrt = 16
- mrc = 5
- mrd = 30
- }
- }
- home_server_pool my_auth_failover {
- type = fail-over
- home_server = localhost
- }
- realm example.com {
- auth_pool = my_auth_failover
- }
- realm LOCAL {
- }
- realm worc.ac.uk {
- authhost = LOCAL
- accthost = LOCAL
- }
- realm worcester.ac.uk {
- authhost = LOCAL
- accthost = LOCAL
- }
- realm uni.worc.ac.uk {
- authhost = LOCAL
- accthost = LOCAL
- }
- realm NULL {
- authhost = LOCAL
- accthost = LOCAL
- }
- radiusd: #### Loading Clients ####
- client localhost {
- ipaddr = 127.0.0.1
- require_message_authenticator = no
- secret = "testing123"
- nastype = "other"
- }
- client 131.1.129.0/24 {
- require_message_authenticator = no
- secret = "3dur04m"
- }
- client 193.62.48.37 {
- require_message_authenticator = no
- secret = "H1sN604s9Z99o"
- }
- client 193.62.48.38 {
- require_message_authenticator = no
- secret = "H1sN604s9Z99o"
- }
- radiusd: #### Instantiating modules ####
- instantiate {
- Module: Linked to module rlm_exec
- Module: Instantiating module "exec" from file /etc/freeradius/radiusd.conf
- exec {
- wait = yes
- input_pairs = "request"
- shell_escape = yes
- }
- Module: Linked to module rlm_expr
- Module: Instantiating module "expr" from file /etc/freeradius/radiusd.conf
- Module: Linked to module rlm_expiration
- Module: Instantiating module "expiration" from file /etc/freeradius/radiusd.conf
- expiration {
- reply-message = "Password Has Expired "
- }
- Module: Linked to module rlm_logintime
- Module: Instantiating module "logintime" from file /etc/freeradius/radiusd.conf
- logintime {
- reply-message = "You are calling outside your allowed timespan "
- minimum-timeout = 60
- }
- }
- radiusd: #### Loading Virtual Servers ####
- server { # from file /etc/freeradius/radiusd.conf
- modules {
- Module: Creating Post-Auth-Type = REJECT
- Module: Checking authenticate {...} for more modules to load
- Module: Linked to module rlm_pap
- Module: Instantiating module "pap" from file /etc/freeradius/radiusd.conf
- pap {
- encryption_scheme = "auto"
- auto_header = no
- }
- Module: Linked to module rlm_mschap
- Module: Instantiating module "mschap_ad" from file /etc/freeradius/radiusd.conf
- mschap mschap_ad {
- use_mppe = yes
- require_encryption = yes
- require_strong = yes
- with_ntdomain_hack = yes
- ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{Stripped-User-Name:-%{User-Name:-None}} --domain=%{%{mschap_ad:NT-Domain}:-%{Domain-Name}} --challenge=%{mschap_ad:Challenge:-00} --nt-response=%{mschap_ad:NT-Response:-00}"
- allow_retry = yes
- }
- Module: Linked to module rlm_eap
- Module: Instantiating module "eap" from file /etc/freeradius/eap.conf
- eap {
- default_eap_type = "peap"
- timer_expire = 60
- ignore_unknown_eap_types = no
- cisco_accounting_username_bug = no
- max_sessions = 2048
- }
- Module: Linked to sub-module rlm_eap_md5
- Module: Instantiating eap-md5
- Module: Linked to sub-module rlm_eap_leap
- Module: Instantiating eap-leap
- Module: Linked to sub-module rlm_eap_gtc
- Module: Instantiating eap-gtc
- gtc {
- challenge = "Password: "
- auth_type = "PAP"
- }
- Module: Linked to sub-module rlm_eap_tls
- Module: Instantiating eap-tls
- tls {
- rsa_key_exchange = no
- dh_key_exchange = yes
- rsa_key_length = 512
- dh_key_length = 512
- verify_depth = 0
- CA_path = "/etc/freeradius/certs"
- pem_file_type = yes
- private_key_file = "/etc/freeradius/certs/eduroam61.key"
- certificate_file = "/etc/freeradius/certs/eduroam61.pem"
- private_key_password = "******"
- dh_file = "/etc/freeradius/certs/dh"
- random_file = "/etc/freeradius/certs/random"
- fragment_size = 1024
- include_length = yes
- check_crl = no
- cipher_list = "DEFAULT"
- ecdh_curve = "prime256v1"
- cache {
- enable = no
- lifetime = 24
- max_entries = 0
- }
- }
- Module: Linked to sub-module rlm_eap_ttls
- Module: Instantiating eap-ttls
- ttls {
- default_eap_type = "md5"
- copy_request_to_tunnel = yes
- use_tunneled_reply = yes
- virtual_server = "inner-tunnel"
- include_length = yes
- }
- Module: Linked to sub-module rlm_eap_peap
- Module: Instantiating eap-peap
- peap {
- default_eap_type = "mschapv2"
- copy_request_to_tunnel = yes
- use_tunneled_reply = yes
- proxy_tunneled_request_as_eap = yes
- virtual_server = "inner-tunnel"
- soh = no
- }
- Module: Linked to sub-module rlm_eap_mschapv2
- Module: Instantiating eap-mschapv2
- mschapv2 {
- with_ntdomain_hack = no
- send_error = no
- }
- Module: Checking authorize {...} for more modules to load
- Module: Linked to module rlm_preprocess
- Module: Instantiating module "preprocess" from file /etc/freeradius/radiusd.conf
- preprocess {
- huntgroups = "/etc/freeradius/huntgroups"
- hints = "/etc/freeradius/hints"
- with_ascend_hack = no
- ascend_channels_per_line = 23
- with_ntdomain_hack = no
- with_specialix_jetstream_hack = no
- with_cisco_vsa_hack = no
- with_alvarion_vsa_hack = no
- }
- reading pairlist file /etc/freeradius/huntgroups
- reading pairlist file /etc/freeradius/hints
- Module: Linked to module rlm_realm
- Module: Instantiating module "ntdomain" from file /etc/freeradius/radiusd.conf
- realm ntdomain {
- format = "prefix"
- delimiter = "\"
- ignore_default = no
- ignore_null = yes
- }
- Module: Instantiating module "suffix" from file /etc/freeradius/radiusd.conf
- realm suffix {
- format = "suffix"
- delimiter = "@"
- ignore_default = no
- ignore_null = no
- }
- Module: Linked to module rlm_files
- Module: Instantiating module "files" from file /etc/freeradius/radiusd.conf
- files {
- usersfile = "/etc/freeradius/users"
- acctusersfile = "/etc/freeradius/acct_users"
- preproxy_usersfile = "/etc/freeradius/preproxy_users"
- compat = "no"
- }
- reading pairlist file /etc/freeradius/users
- reading pairlist file /etc/freeradius/acct_users
- reading pairlist file /etc/freeradius/preproxy_users
- Module: Checking preacct {...} for more modules to load
- Module: Linked to module rlm_acct_unique
- Module: Instantiating module "acct_unique" from file /etc/freeradius/radiusd.conf
- acct_unique {
- key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
- }
- Module: Checking accounting {...} for more modules to load
- Module: Linked to module rlm_unix
- Module: Instantiating module "unix" from file /etc/freeradius/radiusd.conf
- unix {
- radwtmp = "/var/log/freeradius/radwtmp"
- }
- Module: Linked to module rlm_radutmp
- Module: Instantiating module "radutmp" from file /etc/freeradius/radiusd.conf
- radutmp {
- filename = "/var/log/freeradius/radutmp"
- username = "%{User-Name}"
- case_sensitive = yes
- check_with_nas = yes
- perm = 384
- callerid = yes
- }
- Module: Linked to module rlm_attr_filter
- Module: Instantiating module "attr_filter.accounting_response" from file /etc/freeradius/radiusd.conf
- attr_filter attr_filter.accounting_response {
- attrsfile = "/etc/freeradius/attrs.accounting_response"
- key = "%{User-Name}"
- relaxed = no
- }
- reading pairlist file /etc/freeradius/attrs.accounting_response
- Module: Checking session {...} for more modules to load
- Module: Checking post-proxy {...} for more modules to load
- Module: Checking post-auth {...} for more modules to load
- Module: Instantiating module "attr_filter.access_reject" from file /etc/freeradius/radiusd.conf
- attr_filter attr_filter.access_reject {
- attrsfile = "/etc/freeradius/attrs.access_reject"
- key = "%{User-Name}"
- relaxed = no
- }
- reading pairlist file /etc/freeradius/attrs.access_reject
- } # modules
- } # server
- server inner-tunnel { # from file /etc/freeradius/sites-enabled/inner-tunnel
- modules {
- Module: Creating Auth-Type = home
- Module: Checking authenticate {...} for more modules to load
- Module: Linked to module rlm_ldap
- Module: Instantiating module "home" from file /etc/freeradius/radiusd.conf
- ldap home {
- server = "131.1.2.14"
- port = 3268
- password = ***********"
- identity = "**********"
- net_timeout = 5
- timeout = 30
- timelimit = 30
- max_uses = 0
- tls_mode = no
- start_tls = no
- tls_require_cert = "allow"
- tls {
- start_tls = no
- cacertfile = "/etc/freeradius/certs/eduroam60.pem"
- cacertdir = "/etc/freeradius/certs"
- keyfile = "/etc/freeradius/certs/eduroam60.key"
- randfile = "/etc/freeradius/certs/random"
- require_cert = "demand"
- }
- basedn = "DC=worc,DC=ac,DC=uk"
- filter = "(sAMAccountName=%{Stripped-User-Name:-%{User-Name}})"
- base_filter = "(objectclass=radiusprofile)"
- password_attribute = "eapUserPassword"
- auto_header = no
- access_attr = "sAMAccountName"
- access_attr_used_for_allow = yes
- chase_referrals = yes
- rebind = yes
- groupname_attribute = "cn"
- groupmembership_filter = "(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))"
- dictionary_mapping = "/etc/freeradius/ldap.attrmap"
- ldap_debug = 0
- ldap_connections_number = 30
- compare_check_items = no
- do_xlat = yes
- set_auth_type = yes
- }
- rlm_ldap: Registering ldap_groupcmp for Ldap-Group
- rlm_ldap: Creating new attribute home-Ldap-Group
- rlm_ldap: Registering ldap_groupcmp for home-Ldap-Group
- rlm_ldap: Registering ldap_xlat with xlat_name home
- rlm_ldap: reading ldap<->radius mappings from file /etc/freeradius/ldap.attrmap
- rlm_ldap: LDAP radiusCheckItem mapped to RADIUS $GENERIC$
- rlm_ldap: LDAP radiusReplyItem mapped to RADIUS $GENERIC$
- rlm_ldap: LDAP radiusAuthType mapped to RADIUS Auth-Type
- rlm_ldap: LDAP radiusSimultaneousUse mapped to RADIUS Simultaneous-Use
- rlm_ldap: LDAP radiusCalledStationId mapped to RADIUS Called-Station-Id
- rlm_ldap: LDAP radiusCallingStationId mapped to RADIUS Calling-Station-Id
- rlm_ldap: LDAP sambaLmPassword mapped to RADIUS LM-Password
- rlm_ldap: LDAP sambaNtPassword mapped to RADIUS NT-Password
- rlm_ldap: LDAP acctFlags mapped to RADIUS SMB-Account-CTRL-TEXT
- rlm_ldap: LDAP radiusExpiration mapped to RADIUS Expiration
- rlm_ldap: LDAP radiusNASIpAddress mapped to RADIUS NAS-IP-Address
- rlm_ldap: LDAP radiusServiceType mapped to RADIUS Service-Type
- rlm_ldap: LDAP radiusFramedProtocol mapped to RADIUS Framed-Protocol
- rlm_ldap: LDAP radiusFramedIPAddress mapped to RADIUS Framed-IP-Address
- rlm_ldap: LDAP radiusFramedIPNetmask mapped to RADIUS Framed-IP-Netmask
- rlm_ldap: LDAP radiusFramedRoute mapped to RADIUS Framed-Route
- rlm_ldap: LDAP radiusFramedRouting mapped to RADIUS Framed-Routing
- rlm_ldap: LDAP radiusFilterId mapped to RADIUS Filter-Id
- rlm_ldap: LDAP radiusFramedMTU mapped to RADIUS Framed-MTU
- rlm_ldap: LDAP radiusFramedCompression mapped to RADIUS Framed-Compression
- rlm_ldap: LDAP radiusLoginIPHost mapped to RADIUS Login-IP-Host
- rlm_ldap: LDAP radiusLoginService mapped to RADIUS Login-Service
- rlm_ldap: LDAP radiusLoginTCPPort mapped to RADIUS Login-TCP-Port
- rlm_ldap: LDAP radiusCallbackNumber mapped to RADIUS Callback-Number
- rlm_ldap: LDAP radiusCallbackId mapped to RADIUS Callback-Id
- rlm_ldap: LDAP radiusFramedIPXNetwork mapped to RADIUS Framed-IPX-Network
- rlm_ldap: LDAP radiusClass mapped to RADIUS Class
- rlm_ldap: LDAP radiusSessionTimeout mapped to RADIUS Session-Timeout
- rlm_ldap: LDAP radiusIdleTimeout mapped to RADIUS Idle-Timeout
- rlm_ldap: LDAP radiusTerminationAction mapped to RADIUS Termination-Action
- rlm_ldap: LDAP radiusLoginLATService mapped to RADIUS Login-LAT-Service
- rlm_ldap: LDAP radiusLoginLATNode mapped to RADIUS Login-LAT-Node
- rlm_ldap: LDAP radiusLoginLATGroup mapped to RADIUS Login-LAT-Group
- rlm_ldap: LDAP radiusFramedAppleTalkLink mapped to RADIUS Framed-AppleTalk-Link
- rlm_ldap: LDAP radiusFramedAppleTalkNetwork mapped to RADIUS Framed-AppleTalk-Network
- rlm_ldap: LDAP radiusFramedAppleTalkZone mapped to RADIUS Framed-AppleTalk-Zone
- rlm_ldap: LDAP radiusPortLimit mapped to RADIUS Port-Limit
- rlm_ldap: LDAP radiusLoginLATPort mapped to RADIUS Login-LAT-Port
- rlm_ldap: LDAP radiusReplyMessage mapped to RADIUS Reply-Message
- rlm_ldap: LDAP radiusTunnelType mapped to RADIUS Tunnel-Type
- rlm_ldap: LDAP radiusTunnelMediumType mapped to RADIUS Tunnel-Medium-Type
- rlm_ldap: LDAP radiusTunnelPrivateGroupId mapped to RADIUS Tunnel-Private-Group-Id
- rlm_ldap: LDAP userPassword mapped to RADIUS User-Password
- conns: 0x8a616d0
- Module: Linked to module rlm_chap
- Module: Instantiating module "chap" from file /etc/freeradius/radiusd.conf
- Module: Checking authorize {...} for more modules to load
- Module: Checking session {...} for more modules to load
- Module: Checking post-proxy {...} for more modules to load
- Module: Checking post-auth {...} for more modules to load
- } # modules
- } # server
- radiusd: #### Opening IP addresses and Ports ####
- listen {
- type = "auth"
- ipaddr = *
- port = 0
- }
- listen {
- type = "acct"
- ipaddr = *
- port = 0
- }
- ... adding new socket proxy address * port 60622
- Listening on authentication address * port 1812
- Listening on accounting address * port 1813
- Listening on proxy address * port 1814
- Ready to process requests.
- rad_recv: Access-Request packet from host 193.62.48.38 port 1814, id=74, length=141
- User-Name = "anonymous"
- NAS-IP-Address = 127.0.0.1
- Calling-Station-Id = "02-00-00-00-00-01"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 11Mbps 802.11b"
- EAP-Message = 0x0200000e01616e6f6e796d6f7573
- Message-Authenticator = 0x1457993743e1e3c51b17908e14b95467
- Domain-Name = "WORC.AC.UK"
- Proxy-State = 0x30
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +- entering group authorize {...}
- ++[preprocess] returns ok
- ++[mschap_ad] returns noop
- [ntdomain] No '\' in User-Name = "anonymous", skipping NULL due to config.
- ++[ntdomain] returns noop
- [suffix] No '@' in User-Name = "anonymous", looking up realm NULL
- [suffix] Found realm "NULL"
- [suffix] Adding Stripped-User-Name = "anonymous"
- [suffix] Adding Realm = "NULL"
- [suffix] Authentication realm is LOCAL.
- ++[suffix] returns ok
- [eap] EAP packet type response id 0 length 14
- [eap] No EAP Start, assuming it's an on-going EAP conversation
- ++[eap] returns updated
- ++[files] returns noop
- ++[expiration] returns noop
- ++[logintime] returns noop
- [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
- ++[pap] returns noop
- Found Auth-Type = EAP
- # Executing group from file /etc/freeradius/sites-enabled/default
- +- entering group EAP {...}
- [eap] EAP Identity
- [eap] processing type tls
- [tls] Initiate
- [tls] Start returned 1
- ++[eap] returns handled
- Sending Access-Challenge of id 74 to 193.62.48.38 port 1814
- EAP-Message = 0x010100061920
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x75a766a375a67f726488f389cf8e8ffd
- Proxy-State = 0x30
- Finished request 0.
- Going to the next request
- Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 193.62.48.38 port 1814, id=227, length=244
- User-Name = "anonymous"
- NAS-IP-Address = 127.0.0.1
- Calling-Station-Id = "02-00-00-00-00-01"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 11Mbps 802.11b"
- EAP-Message = 0x02010063198000000059160301005401000050030154ec503693c979b06156e9bcdedfa463288e63daf23a0aec470d098e41942db200002800390038003500160013000a00330032002f000500040015001200090014001100080006000300ff020100
- State = 0x75a766a375a67f726488f389cf8e8ffd
- Message-Authenticator = 0x7871317fa48bb75af18737575eda76f0
- Domain-Name = "WORC.AC.UK"
- Proxy-State = 0x31
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +- entering group authorize {...}
- ++[preprocess] returns ok
- ++[mschap_ad] returns noop
- [ntdomain] No '\' in User-Name = "anonymous", skipping NULL due to config.
- ++[ntdomain] returns noop
- [suffix] No '@' in User-Name = "anonymous", looking up realm NULL
- [suffix] Found realm "NULL"
- [suffix] Adding Stripped-User-Name = "anonymous"
- [suffix] Adding Realm = "NULL"
- [suffix] Authentication realm is LOCAL.
- ++[suffix] returns ok
- [eap] EAP packet type response id 1 length 99
- [eap] Continuing tunnel setup.
- ++[eap] returns ok
- Found Auth-Type = EAP
- # Executing group from file /etc/freeradius/sites-enabled/default
- +- entering group EAP {...}
- [eap] Request found, released from the list
- [eap] EAP/peap
- [eap] processing type peap
- [peap] processing EAP-TLS
- TLS Length 89
- [peap] Length Included
- [peap] eaptls_verify returned 11
- [peap] (other): before/accept initialization
- [peap] TLS_accept: before/accept initialization
- [peap] <<< TLS 1.0 Handshake [length 0054], ClientHello
- [peap] TLS_accept: SSLv3 read client hello A
- [peap] >>> TLS 1.0 Handshake [length 0031], ServerHello
- [peap] TLS_accept: SSLv3 write server hello A
- [peap] >>> TLS 1.0 Handshake [length 143f], Certificate
- [peap] TLS_accept: SSLv3 write certificate A
- [peap] >>> TLS 1.0 Handshake [length 020d], ServerKeyExchange
- [peap] TLS_accept: SSLv3 write key exchange A
- [peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
- [peap] TLS_accept: SSLv3 write server done A
- [peap] TLS_accept: SSLv3 flush data
- [peap] TLS_accept: Need to read more data: SSLv3 read client certificate A
- In SSL Handshake Phase
- In SSL Accept mode
- [peap] eaptls_process returned 13
- [peap] EAPTLS_HANDLED
- ++[eap] returns handled
- Sending Access-Challenge of id 227 to 193.62.48.38 port 1814
- EAP-Message = 0x0102040019c00000169516030100310200002d030154ec50368bac339857c3da21631fdd99af935c55f765a7d5515ccb416943823f000039010005ff01000100160301143f0b00143b00143800047a308204763082035ea003020102021100f4ed39d224faf0e5f2df0eeb3cf594cd300d06092a864886f70d01010505003036310b3009060355040613024e4c310f300d060355040a1306544552454e41311630140603550403130d544552454e412053534c204341301e170d3133313030383030303030305a170d3136313030373233353935395a30423121301f060355040b1318446f6d61696e20436f6e74726f6c2056616c696461746564311d
- EAP-Message = 0x301b060355040313147577656475726f616d2e776f72632e61632e756b30820122300d06092a864886f70d01010105000382010f003082010a0282010100bf255b99fad09b4b6ba8c3989866c33e118007a24b48e78f678671322165f7ed852902ee48b6f7e1b2e06bb8cdf575ef765d2fe89891f6d9471ef9e8527bed9850f0b66a211e569a21dfa710eef286a47810b432bbd1327d69fca31024cf1c775af067302087ede27a556d69ed1c98820b9e7cfa7fea7e161e1a3436589fa656cef13abef02700403004c37ca6aba866875b801c4450e73a63890c7765a1fd3ef34ce113d8dec5faa34bb61e1800c937d65b8667eff94a4e665d28a7062e80
- EAP-Message = 0x4706156f95f9beb031cee37c6cdcd46c5b37040fe1c9a5e5a7a352433e641d5d5fc54c4a01a8e5cd664f5b60fd3d146f221d21d7016df0d3e2d71e621e50ab2c750203010001a38201713082016d301f0603551d230418301680140cbd93680cf3deaba3496b2b375747ea90e3b9ed301d0603551d0e041604147628d2253cc8a17bce0622764dc14af275694989300e0603551d0f0101ff0404030205a0300c0603551d130101ff04023000301d0603551d250416301406082b0601050507030106082b0601050507030230220603551d20041b3019300d060b2b06010401b2310102021d3008060667810c010201303a0603551d1f04333031302fa0
- EAP-Message = 0x2da02b8629687474703a2f2f63726c2e7463732e746572656e612e6f72672f544552454e4153534c43412e63726c306d06082b060105050701010461305f303506082b060105050730028629687474703a2f2f6372742e7463732e746572656e612e6f72672f544552454e4153534c43412e637274302606082b06010505073001861a687474703a2f2f6f6373702e7463732e746572656e612e6f7267301f0603551d110418301682147577656475726f616d2e776f72632e61632e756b300d06092a864886f70d010105050003820101003fb05ffb23193cc81798abb8079c82fde71eb5bb172c8e229f91ebbeb03048c743dc5f85e83185d21e6d65
- EAP-Message = 0x6b9b655fb03a47612cfc9c70
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x75a766a374a57f726488f389cf8e8ffd
- Proxy-State = 0x31
- Finished request 1.
- Going to the next request
- Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 193.62.48.38 port 1814, id=122, length=151
- User-Name = "anonymous"
- NAS-IP-Address = 127.0.0.1
- Calling-Station-Id = "02-00-00-00-00-01"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 11Mbps 802.11b"
- EAP-Message = 0x020200061900
- State = 0x75a766a374a57f726488f389cf8e8ffd
- Message-Authenticator = 0x92a50b0623629da267a9435155d9a00f
- Domain-Name = "WORC.AC.UK"
- Proxy-State = 0x32
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +- entering group authorize {...}
- ++[preprocess] returns ok
- ++[mschap_ad] returns noop
- [ntdomain] No '\' in User-Name = "anonymous", skipping NULL due to config.
- ++[ntdomain] returns noop
- [suffix] No '@' in User-Name = "anonymous", looking up realm NULL
- [suffix] Found realm "NULL"
- [suffix] Adding Stripped-User-Name = "anonymous"
- [suffix] Adding Realm = "NULL"
- [suffix] Authentication realm is LOCAL.
- ++[suffix] returns ok
- [eap] EAP packet type response id 2 length 6
- [eap] Continuing tunnel setup.
- ++[eap] returns ok
- Found Auth-Type = EAP
- # Executing group from file /etc/freeradius/sites-enabled/default
- +- entering group EAP {...}
- [eap] Request found, released from the list
- [eap] EAP/peap
- [eap] processing type peap
- [peap] processing EAP-TLS
- [peap] Received TLS ACK
- [peap] ACK handshake fragment handler
- [peap] eaptls_verify returned 1
- [peap] eaptls_process returned 13
- [peap] EAPTLS_HANDLED
- ++[eap] returns handled
- Sending Access-Challenge of id 122 to 193.62.48.38 port 1814
- EAP-Message = 0x010303fc1940dcd1c2b2c822995d11e228ddb08d505d48826cf9e576b8a8bf2602d42c03bed50ac0cf72e5125d4fb930456f6b5ecc34e08a26a3579d1a70b88d257af22efc19916c168b6e9e095895d27f8e3a66fc864fbfa3d654b22b4cd118fbb7b25069928e2eb2b116dc8393fc4a237d229fc476ac758371280c722a8bb165d64c61f26574599dd093be9bc4f8694846fcb08e87a54391f58ee65a10ad3c1fcc556ff62d8b275695693861b909cbc5c8ae8b08e507fdb2b48ca9a4bdff235c0b02a9d22484251a03c82b4535ee0005fd308205f9308203e1a003020102021100b0ffcf3a1d82449815629d64886a4165300d06092a864886f70d01
- EAP-Message = 0x010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3134313030393030303030305a170d3234313030383233353935395a3064310b3009060355040613024e4c311630140603550408130d4e6f6f72642d486f6c6c616e643112301006035504071309416d7374657264616d310f300d060355040a1306544552454e413118
- EAP-Message = 0x30160603550403130f544552454e412053534c204341203230820122300d06092a864886f70d01010105000382010f003082010a0282010100b03a6d7fa9b8009ef3853a08642cf9440c20b4b3154d062da6f093c948bef764ada48e15b331811417fc6ee28b19758b3612cf076d7678265e27bf2c16ba42fbdd1e508f64af759b0a3a82a93125518e7fc442dd1f5c9391bb94fa7057fae7fdb8b868ca9b6a19245437fe326189f722c18f63d5d1697e494dbcd7d0db4cd6f60fbdc1884293d691f99f969911ea6e72e780216cf14e8eec63b83daf6539d085922a793a0ed6e8ad9b2589a2d42e726b73a1d2e2dfce5870ffc05401775df9769d2f43da
- EAP-Message = 0xa226dd1d429a4d38b156fe3ab4cb6b6cf26a9f3fb3ae3ba7d0153eac277f1bf4596050567e9d75259e3fc676bfff99ccd8f1a96a895fdee707cd8d8b0203010001a382017f3082017b301f0603551d230418301680145379bf5aaa2b4acf5480e1d89bc09df2b20366cb301d0603551d0e041604145bd08a1c9a325be0b5dd96541be18628b0fdb6bd300e0603551d0f0101ff04040302018630120603551d130101ff040830060101ff020100301d0603551d250416301406082b0601050507030106082b06010505070302302c0603551d2004253023300d060b2b06010401b2310102021d3008060667810c0102013008060667810c010202305006
- EAP-Message = 0x03551d1f04493047
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x75a766a377a47f726488f389cf8e8ffd
- Proxy-State = 0x32
- Finished request 2.
- Going to the next request
- Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 193.62.48.38 port 1814, id=106, length=151
- User-Name = "anonymous"
- NAS-IP-Address = 127.0.0.1
- Calling-Station-Id = "02-00-00-00-00-01"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 11Mbps 802.11b"
- EAP-Message = 0x020300061900
- State = 0x75a766a377a47f726488f389cf8e8ffd
- Message-Authenticator = 0x530d5d9acc67a5213873a396a52c7192
- Domain-Name = "WORC.AC.UK"
- Proxy-State = 0x33
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +- entering group authorize {...}
- ++[preprocess] returns ok
- ++[mschap_ad] returns noop
- [ntdomain] No '\' in User-Name = "anonymous", skipping NULL due to config.
- ++[ntdomain] returns noop
- [suffix] No '@' in User-Name = "anonymous", looking up realm NULL
- [suffix] Found realm "NULL"
- [suffix] Adding Stripped-User-Name = "anonymous"
- [suffix] Adding Realm = "NULL"
- [suffix] Authentication realm is LOCAL.
- ++[suffix] returns ok
- [eap] EAP packet type response id 3 length 6
- [eap] Continuing tunnel setup.
- ++[eap] returns ok
- Found Auth-Type = EAP
- # Executing group from file /etc/freeradius/sites-enabled/default
- +- entering group EAP {...}
- [eap] Request found, released from the list
- [eap] EAP/peap
- [eap] processing type peap
- [peap] processing EAP-TLS
- [peap] Received TLS ACK
- [peap] ACK handshake fragment handler
- [peap] eaptls_verify returned 1
- [peap] eaptls_process returned 13
- [peap] EAPTLS_HANDLED
- ++[eap] returns handled
- Sending Access-Challenge of id 106 to 193.62.48.38 port 1814
- EAP-Message = 0x010403fc19403045a043a041863f687474703a2f2f63726c2e7573657274727573742e636f6d2f55534552547275737452534143657274696669636174696f6e417574686f726974792e63726c307606082b06010505070101046a3068303f06082b060105050730028633687474703a2f2f6372742e7573657274727573742e636f6d2f555345525472757374525341416464547275737443412e637274302506082b060105050730018619687474703a2f2f6f6373702e7573657274727573742e636f6d300d06092a864886f70d01010c050003820201007d90696656541c6b3cae7f250813e9bb646cf567882fbdc1510aaed363f62ddb70310900
- EAP-Message = 0x7e1d8bdae4332198e02193dbc08e258e5506cc2a65e303e8597227ae379a987cc2f4135a12712d6dabdf326981a706a28b201da890d228aa61d4f6ffa5bf86808e67912a227e1d942d1a61bb20219089e8d50a110af608ba5e1bcb6c28853ec5160f65fdb7d1b161c1a625d886bf0efa9bfad1f522a767b8152ef908adb7750239f42961f9bfc0aa17eb42de268f9d65643207de6c3d32d303ec47d57469203a7eb870efa9a22a9c5542b6e33e8bd8ff265afb7c266c888586d7933e50f84487d450d11d433032bad2ba8d2108caf7eec66ece9259081c5373748f9cf8d7ad1abe4d46eeacc4b981eba750cc1d66fc0e0d7e061db80ed37ebb9a87ae0b
- EAP-Message = 0xb69b8404cec1a07b16df02b21843adabb92609abaa041d5037ee2abd22418a00b5dc9fc305d4e6824c67da2b02f565ac5929bb7a0c4e54b7d23b7d033b2064c6c5e8502a92b05fa0479772585fc10a6f9ff53d09d5e708687592e2d5b89e8fbe8d1b3b438cf34ed554ab76edcc507f2e99edb4b549fae3757d8b11680dd53afa5d50b02b8103782cb4db8fbf4c405b92a3a21a0a415dac57fa6e574ef40755eb6308329300244a5d9dc2c1522893c1c8241aa693fbcd7d3fa673bccf689d79632ee7252b423836b10b56c28a5ff7ae4a31d9df6a06cd2fa39809bc058013c700057b308205773082045fa003020102021013ea28705bf4eced0c366309
- EAP-Message = 0x80614336300d06092a864886f70d01010c0500306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74301e170d3030303533303130343833385a170d3230303533303130343833385a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f
- EAP-Message = 0x726b312e302c0603
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x75a766a376a37f726488f389cf8e8ffd
- Proxy-State = 0x33
- Finished request 3.
- Going to the next request
- Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 193.62.48.38 port 1814, id=67, length=151
- User-Name = "anonymous"
- NAS-IP-Address = 127.0.0.1
- Calling-Station-Id = "02-00-00-00-00-01"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 11Mbps 802.11b"
- EAP-Message = 0x020400061900
- State = 0x75a766a376a37f726488f389cf8e8ffd
- Message-Authenticator = 0x3aa9fab152344804dff01b404f0b8520
- Domain-Name = "WORC.AC.UK"
- Proxy-State = 0x34
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +- entering group authorize {...}
- ++[preprocess] returns ok
- ++[mschap_ad] returns noop
- [ntdomain] No '\' in User-Name = "anonymous", skipping NULL due to config.
- ++[ntdomain] returns noop
- [suffix] No '@' in User-Name = "anonymous", looking up realm NULL
- [suffix] Found realm "NULL"
- [suffix] Adding Stripped-User-Name = "anonymous"
- [suffix] Adding Realm = "NULL"
- [suffix] Authentication realm is LOCAL.
- ++[suffix] returns ok
- [eap] EAP packet type response id 4 length 6
- [eap] Continuing tunnel setup.
- ++[eap] returns ok
- Found Auth-Type = EAP
- # Executing group from file /etc/freeradius/sites-enabled/default
- +- entering group EAP {...}
- [eap] Request found, released from the list
- [eap] EAP/peap
- [eap] processing type peap
- [peap] processing EAP-TLS
- [peap] Received TLS ACK
- [peap] ACK handshake fragment handler
- [peap] eaptls_verify returned 1
- [peap] eaptls_process returned 13
- [peap] EAPTLS_HANDLED
- ++[eap] returns handled
- Sending Access-Challenge of id 67 to 193.62.48.38 port 1814
- EAP-Message = 0x010503fc19405504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf
- EAP-Message = 0x0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757
- EAP-Message = 0x879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a381f43081f1301f0603551d23041830168014adbd987a34b426f7fac42654ef03bde024cb541a301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff30110603551d20040a300830060604551d200030440603551d1f043d303b3039a037a0358633687474703a2f2f63726c2e757365727472757374
- EAP-Message = 0x2e636f6d2f416464547275737445787465726e616c4341526f6f742e63726c303506082b0601050507010104293027302506082b060105050730018619687474703a2f2f6f6373702e7573657274727573742e636f6d300d06092a864886f70d01010c050003820101009365f63783950f5ec3821c1fd677e73c8ac0aa09f0e90b26f1e0c26a75a1c779c9b95260c829120ef0ad03d609c476dfe5a68195a746da8257a99592c5b68f03226c3377c17b32176e07ce5a14413a05241bf614063ba825240ebbcc2a75ddb970413f7cd0633621071f46ff60a491e167bcde1f7e1914c9636791ea67076bb48f8bc06e437dc3a1806cb21ebc53857ddc90a1
- EAP-Message = 0xa4bc2def46725735
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x75a766a371a27f726488f389cf8e8ffd
- Proxy-State = 0x34
- Finished request 4.
- Going to the next request
- Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 193.62.48.38 port 1814, id=164, length=151
- User-Name = "anonymous"
- NAS-IP-Address = 127.0.0.1
- Calling-Station-Id = "02-00-00-00-00-01"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 11Mbps 802.11b"
- EAP-Message = 0x020500061900
- State = 0x75a766a371a27f726488f389cf8e8ffd
- Message-Authenticator = 0xd176018495d3cbd611d715b2e6ee2152
- Domain-Name = "WORC.AC.UK"
- Proxy-State = 0x35
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +- entering group authorize {...}
- ++[preprocess] returns ok
- ++[mschap_ad] returns noop
- [ntdomain] No '\' in User-Name = "anonymous", skipping NULL due to config.
- ++[ntdomain] returns noop
- [suffix] No '@' in User-Name = "anonymous", looking up realm NULL
- [suffix] Found realm "NULL"
- [suffix] Adding Stripped-User-Name = "anonymous"
- [suffix] Adding Realm = "NULL"
- [suffix] Authentication realm is LOCAL.
- ++[suffix] returns ok
- [eap] EAP packet type response id 5 length 6
- [eap] Continuing tunnel setup.
- ++[eap] returns ok
- Found Auth-Type = EAP
- # Executing group from file /etc/freeradius/sites-enabled/default
- +- entering group EAP {...}
- [eap] Request found, released from the list
- [eap] EAP/peap
- [eap] processing type peap
- [peap] processing EAP-TLS
- [peap] Received TLS ACK
- [peap] ACK handshake fragment handler
- [peap] eaptls_verify returned 1
- [peap] eaptls_process returned 13
- [peap] EAPTLS_HANDLED
- ++[eap] returns handled
- Sending Access-Challenge of id 164 to 193.62.48.38 port 1814
- EAP-Message = 0x010603fc194005bfbb46bb6e6d3799b6ff239291c66e40f88f2956ea5fd55f1453acf04f61eaf722cca7560be2b8341f26d97b1905683fba3cd43806a2d3e68f0ee3b4716d4042c584b440952bf465a04879f61d8163969d4f75e0f87ce48ea9d1f2ad8ab38cc721cdc2ef00043a308204363082031ea003020102020101300d06092a864886f70d0101050500306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f
- EAP-Message = 0x74301e170d3030303533303130343833385a170d3230303533303130343833385a306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100b7f71a33e6f200042d39e04e5bed1fbc6c0fcdb5fa23b6cede9b113397a4294c7d939fbd4abc93ed031ae38fcfe56d505ad69729945a80b0497adb2e95fdb8cabf37382d1e3e9141ad70
- EAP-Message = 0x56c7f04f3fe8329e74cac89054e9c65f0f789d9a403c0eac61aa5e148f9e87a16a50dcd79a4eaf05b3a671949c71b350600ac7139d38078602a8e9a869261890ab4cb04f23ab3a4f84d8dfce9fe1696fbbd742d76b44e4c7adee6d415f725a710837b37965a459a09437f7002f0dc29272dad03872db14a845c45d2a7db7b4d6c4eeaccd1344b7c92bdd430025fa61b9696a582311b7a7338f567559f5cd29d746b70a2b65b6d3426f15b2b87bfbefe95d53d5345a270203010001a381dc3081d9301d0603551d0e04160414adbd987a34b426f7fac42654ef03bde024cb541a300b0603551d0f040403020106300f0603551d130101ff040530030101
- EAP-Message = 0xff3081990603551d2304819130818e8014adbd987a34b426f7fac42654ef03bde024cb541aa173a471306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74820101300d06092a864886f70d01010505000382010100b09be08525c2d623e20f9606929d41989cd9847981d91e5b14072336658fb0d877bbac416c47608351b0f9323de7fcf62613c78016a5bf5afc87cf787989219ae24c070a8635bcf2de51c4d2
- EAP-Message = 0x96b7dc7e4eee70fd
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x75a766a370a17f726488f389cf8e8ffd
- Proxy-State = 0x35
- Finished request 5.
- Going to the next request
- Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 193.62.48.38 port 1814, id=204, length=151
- User-Name = "anonymous"
- NAS-IP-Address = 127.0.0.1
- Calling-Station-Id = "02-00-00-00-00-01"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 11Mbps 802.11b"
- EAP-Message = 0x020600061900
- State = 0x75a766a370a17f726488f389cf8e8ffd
- Message-Authenticator = 0xb450e182ea399f1bca489c26e70cfb7d
- Domain-Name = "WORC.AC.UK"
- Proxy-State = 0x36
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +- entering group authorize {...}
- ++[preprocess] returns ok
- ++[mschap_ad] returns noop
- [ntdomain] No '\' in User-Name = "anonymous", skipping NULL due to config.
- ++[ntdomain] returns noop
- [suffix] No '@' in User-Name = "anonymous", looking up realm NULL
- [suffix] Found realm "NULL"
- [suffix] Adding Stripped-User-Name = "anonymous"
- [suffix] Adding Realm = "NULL"
- [suffix] Authentication realm is LOCAL.
- ++[suffix] returns ok
- [eap] EAP packet type response id 6 length 6
- [eap] Continuing tunnel setup.
- ++[eap] returns ok
- Found Auth-Type = EAP
- # Executing group from file /etc/freeradius/sites-enabled/default
- +- entering group EAP {...}
- [eap] Request found, released from the list
- [eap] EAP/peap
- [eap] processing type peap
- [peap] processing EAP-TLS
- [peap] Received TLS ACK
- [peap] ACK handshake fragment handler
- [peap] eaptls_verify returned 1
- [peap] eaptls_process returned 13
- [peap] EAPTLS_HANDLED
- ++[eap] returns handled
- Sending Access-Challenge of id 204 to 193.62.48.38 port 1814
- EAP-Message = 0x010702cd19001c39eb0c0251142d8ebd16e0c1df4675e724adecf442b48593701067ba9d06354a18d32b7acc5142a17a63d1e6bba1c52bc236be130de6bd637e797ba7090d40ab6add8f8ac3f6f68c1a420551d445f59fa76221681520433c99e77cbd24d8a9911773883f561b313818b4710f9acdc80e9e8e2e1be18c9883cb1f31f1444cc604734976600fc7f8bd17806b2ee9cc4c0e5a9a790f200a2ed59e63261e559294d882175a7bd0bcc78f4e8604160301020d0c0002090080ba21368ef92c84de07993a409957cc22d9a9ae0f9f7c0760adcf80828498e06b67a5c85c6896c834f41093585fd584791cad103072184a1c4f6fb64f9592b550
- EAP-Message = 0xf0a37ccb37cad3951c542dbe442cebc2b2e857348b40d0a0f39469c9d13d2f3961c4c7b25843b0667ce65b091ad30d73963a8b42a833748cba095859eccf605b00010200807daed158b3e662084826fb754cd7d715aac20b34508fa29486b5d5499b54d20bf2e97b3b6447bb32915842d0dd40d7c1fb842d2e94d390bdea22949906bafb76877bb9fe70bd747a22b76bbd6f278bdc5dba554261a514b29195015a69a7a9d336ed662753f2f8119a25fe75cbb7d2d943ce38ad7a011961c0a3f65c2f941ec601009054d3c10f3a68ae380c831e169b77d29a2a194c6b6eb9f321853f87cd836f31ee807a160bf47133e49f8829741397c3a5ec16876dac
- EAP-Message = 0xf37ad768c1993d78ffb150fb6b4476de15d8e5e4657e02a6030392d63499bfcb333975b9890bdd68efe4d475b37ef74c45776c6ffa7bca279b8d902d1716482de294e0a4a5bf8a820a3e002577f14b12764cb2fad73bfb52c3a51bb1d9b4f195d1d6d60353faece479908135e232333f59873fad9a7cca91f738ef04c3c79a01ae61da70f8059da9f0f8f0a547d7a993bb5fe1627c5acd3de47dfa5e351a9211b184047854e70d7f3420ea38e562d7201c9804f696a80eddf692ffd7a8cdd508b2a33fbf9d48fd6b8f7516030100040e000000
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x75a766a373a07f726488f389cf8e8ffd
- Proxy-State = 0x36
- Finished request 6.
- Going to the next request
- Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 193.62.48.38 port 1814, id=235, length=353
- User-Name = "anonymous"
- NAS-IP-Address = 127.0.0.1
- Calling-Station-Id = "02-00-00-00-00-01"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 11Mbps 802.11b"
- EAP-Message = 0x020700d01980000000c61603010086100000820080b8ece6756d390089cff72bc852a848599db46a31f0b370c5c4ef12b725165db20015f16e4c810015b1ec64b219b0459453665025bb14301bafee19d735d51d9408347e76706acbfd5d062c905617d090f5c51ba6aabd450f17c1fcf98bccd73969011f926f7e8faf4948ce4c8826d669de4175513ee81626f0b1c6244f37c6ce14030100010116030100306d8781b931f8bea315280f71bc0ae8f2bdd84127e9ef8be0740d97b480651492914eca08e47813e33a547bb799353ba6
- State = 0x75a766a373a07f726488f389cf8e8ffd
- Message-Authenticator = 0xdaa0ac8b625cf50700eff3c9ae17cf12
- Domain-Name = "WORC.AC.UK"
- Proxy-State = 0x37
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +- entering group authorize {...}
- ++[preprocess] returns ok
- ++[mschap_ad] returns noop
- [ntdomain] No '\' in User-Name = "anonymous", skipping NULL due to config.
- ++[ntdomain] returns noop
- [suffix] No '@' in User-Name = "anonymous", looking up realm NULL
- [suffix] Found realm "NULL"
- [suffix] Adding Stripped-User-Name = "anonymous"
- [suffix] Adding Realm = "NULL"
- [suffix] Authentication realm is LOCAL.
- ++[suffix] returns ok
- [eap] EAP packet type response id 7 length 208
- [eap] Continuing tunnel setup.
- ++[eap] returns ok
- Found Auth-Type = EAP
- # Executing group from file /etc/freeradius/sites-enabled/default
- +- entering group EAP {...}
- [eap] Request found, released from the list
- [eap] EAP/peap
- [eap] processing type peap
- [peap] processing EAP-TLS
- TLS Length 198
- [peap] Length Included
- [peap] eaptls_verify returned 11
- [peap] <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
- [peap] TLS_accept: SSLv3 read client key exchange A
- [peap] <<< TLS 1.0 ChangeCipherSpec [length 0001]
- [peap] <<< TLS 1.0 Handshake [length 0010], Finished
- [peap] TLS_accept: SSLv3 read finished A
- [peap] >>> TLS 1.0 ChangeCipherSpec [length 0001]
- [peap] TLS_accept: SSLv3 write change cipher spec A
- [peap] >>> TLS 1.0 Handshake [length 0010], Finished
- [peap] TLS_accept: SSLv3 write finished A
- [peap] TLS_accept: SSLv3 flush data
- [peap] (other): SSL negotiation finished successfully
- SSL Connection Established
- [peap] eaptls_process returned 13
- [peap] EAPTLS_HANDLED
- ++[eap] returns handled
- Sending Access-Challenge of id 235 to 193.62.48.38 port 1814
- EAP-Message = 0x0108004119001403010001011603010030d2dcc3ba640af84fb59d76273a2001657f5a8a5c0736190b9a61170fda7b0f58ef63f2010817b5e97e239516ae3f17a2
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x75a766a372af7f726488f389cf8e8ffd
- Proxy-State = 0x37
- Finished request 7.
- Going to the next request
- Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 193.62.48.38 port 1814, id=57, length=151
- User-Name = "anonymous"
- NAS-IP-Address = 127.0.0.1
- Calling-Station-Id = "02-00-00-00-00-01"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 11Mbps 802.11b"
- EAP-Message = 0x020800061900
- State = 0x75a766a372af7f726488f389cf8e8ffd
- Message-Authenticator = 0xb0dc2a3a1148df72ae432e077939ded2
- Domain-Name = "WORC.AC.UK"
- Proxy-State = 0x38
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +- entering group authorize {...}
- ++[preprocess] returns ok
- ++[mschap_ad] returns noop
- [ntdomain] No '\' in User-Name = "anonymous", skipping NULL due to config.
- ++[ntdomain] returns noop
- [suffix] No '@' in User-Name = "anonymous", looking up realm NULL
- [suffix] Found realm "NULL"
- [suffix] Adding Stripped-User-Name = "anonymous"
- [suffix] Adding Realm = "NULL"
- [suffix] Authentication realm is LOCAL.
- ++[suffix] returns ok
- [eap] EAP packet type response id 8 length 6
- [eap] Continuing tunnel setup.
- ++[eap] returns ok
- Found Auth-Type = EAP
- # Executing group from file /etc/freeradius/sites-enabled/default
- +- entering group EAP {...}
- [eap] Request found, released from the list
- [eap] EAP/peap
- [eap] processing type peap
- [peap] processing EAP-TLS
- [peap] Received TLS ACK
- [peap] ACK handshake is finished
- [peap] eaptls_verify returned 3
- [peap] eaptls_process returned 3
- [peap] EAPTLS_SUCCESS
- [peap] Session established. Decoding tunneled attributes.
- [peap] Peap state TUNNEL ESTABLISHED
- ++[eap] returns handled
- Sending Access-Challenge of id 57 to 193.62.48.38 port 1814
- EAP-Message = 0x0109002b1900170301002005b674b49951ffca62a27efb22404a7564e6582119d87d5a8294c071172d2108
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x75a766a37dae7f726488f389cf8e8ffd
- Proxy-State = 0x38
- Finished request 8.
- Going to the next request
- Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 193.62.48.38 port 1814, id=36, length=241
- User-Name = "anonymous"
- NAS-IP-Address = 127.0.0.1
- Calling-Station-Id = "02-00-00-00-00-01"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 11Mbps 802.11b"
- EAP-Message = 0x02090060190017030100201e148079a45910d97482c4b56dfb20bbe4730b3cea88c0489590bee7c081dde51703010030444bb65de131bae64062300c3af4c9c0f6d86f29ef67daf40f3d724484c00d2331f378b301e668075ccd9cf0a51a4160
- State = 0x75a766a37dae7f726488f389cf8e8ffd
- Message-Authenticator = 0xf347162e917b8659b93a96704aa5c942
- Domain-Name = "WORC.AC.UK"
- Proxy-State = 0x39
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +- entering group authorize {...}
- ++[preprocess] returns ok
- ++[mschap_ad] returns noop
- [ntdomain] No '\' in User-Name = "anonymous", skipping NULL due to config.
- ++[ntdomain] returns noop
- [suffix] No '@' in User-Name = "anonymous", looking up realm NULL
- [suffix] Found realm "NULL"
- [suffix] Adding Stripped-User-Name = "anonymous"
- [suffix] Adding Realm = "NULL"
- [suffix] Authentication realm is LOCAL.
- ++[suffix] returns ok
- [eap] EAP packet type response id 9 length 96
- [eap] Continuing tunnel setup.
- ++[eap] returns ok
- Found Auth-Type = EAP
- # Executing group from file /etc/freeradius/sites-enabled/default
- +- entering group EAP {...}
- [eap] Request found, released from the list
- [eap] EAP/peap
- [eap] processing type peap
- [peap] processing EAP-TLS
- [peap] eaptls_verify returned 7
- [peap] Done initial handshake
- [peap] eaptls_process returned 7
- [peap] EAPTLS_OK
- [peap] Session established. Decoding tunneled attributes.
- [peap] Peap state WAITING FOR INNER IDENTITY
- [peap] Identity - uwjrstest
- [peap] Got inner identity 'uwjrstest'
- [peap] Setting default EAP type for tunneled EAP session.
- [peap] Got tunneled request
- EAP-Message = 0x0209000e0175776a727374657374
- server {
- [peap] Setting User-Name to uwjrstest
- Sending tunneled request
- EAP-Message = 0x0209000e0175776a727374657374
- FreeRADIUS-Proxied-To = 127.0.0.1
- User-Name = "uwjrstest"
- NAS-IP-Address = 127.0.0.1
- Calling-Station-Id = "02-00-00-00-00-01"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 11Mbps 802.11b"
- Domain-Name = "WORC.AC.UK"
- server inner-tunnel {
- # Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
- +- entering group authorize {...}
- ++[preprocess] returns ok
- ++[chap] returns noop
- ++[mschap_ad] returns noop
- ++[unix] returns notfound
- [ntdomain] No '\' in User-Name = "uwjrstest", skipping NULL due to config.
- ++[ntdomain] returns noop
- [suffix] No '@' in User-Name = "uwjrstest", looking up realm NULL
- [suffix] Found realm "NULL"
- [suffix] Adding Stripped-User-Name = "uwjrstest"
- [suffix] Adding Realm = "NULL"
- [suffix] Authentication realm is LOCAL.
- ++[suffix] returns ok
- ++[control] returns ok
- [eap] EAP packet type response id 9 length 14
- [eap] No EAP Start, assuming it's an on-going EAP conversation
- ++[eap] returns updated
- ++[files] returns noop
- ++[expiration] returns noop
- ++[logintime] returns noop
- ++[pap] returns noop
- Found Auth-Type = EAP
- # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
- +- entering group authenticate {...}
- [eap] EAP Identity
- [eap] processing type mschapv2
- rlm_eap_mschapv2: Issuing Challenge
- ++[eap] returns handled
- } # server inner-tunnel
- [peap] Got tunneled reply code 11
- EAP-Message = 0x010a00231a010a001e10b5dcfa91af18a0101eb7544396e3cb3575776a727374657374
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x78b723cc78bd39444d0f0150ae83c59c
- [peap] Got tunneled reply RADIUS code 11
- EAP-Message = 0x010a00231a010a001e10b5dcfa91af18a0101eb7544396e3cb3575776a727374657374
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x78b723cc78bd39444d0f0150ae83c59c
- [peap] Got tunneled Access-Challenge
- ++[eap] returns handled
- Sending Access-Challenge of id 36 to 193.62.48.38 port 1814
- EAP-Message = 0x010a004b19001703010040df13447ce91463d86f57a14b650931a753d23a558b036098a136828563a27b7d4e1f9e4996ef2a1df799d3304b2f1e49e71f5f50159998af10f9bbc51f86b4ea
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x75a766a37cad7f726488f389cf8e8ffd
- Proxy-State = 0x39
- Finished request 9.
- Going to the next request
- Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 193.62.48.38 port 1814, id=119, length=274
- User-Name = "anonymous"
- NAS-IP-Address = 127.0.0.1
- Calling-Station-Id = "02-00-00-00-00-01"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 11Mbps 802.11b"
- EAP-Message = 0x020a008019001703010020979bcaf0d5ec05bad288f27657294f6f20cfa1ef9dec9a578a1f3275d4414013170301005043b3c98497ca72a36f102d95b6e90a3b1d15effd5246855adef6352accc247c7154851859671c86400f4532379294084806307d4e3f3eced3a1448f46aa9578501e49ff6c9becda2c6f5a16778f5a127
- State = 0x75a766a37cad7f726488f389cf8e8ffd
- Message-Authenticator = 0x1382e261b524fdc05df222bba9b35125
- Domain-Name = "WORC.AC.UK"
- Proxy-State = 0x3130
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +- entering group authorize {...}
- ++[preprocess] returns ok
- ++[mschap_ad] returns noop
- [ntdomain] No '\' in User-Name = "anonymous", skipping NULL due to config.
- ++[ntdomain] returns noop
- [suffix] No '@' in User-Name = "anonymous", looking up realm NULL
- [suffix] Found realm "NULL"
- [suffix] Adding Stripped-User-Name = "anonymous"
- [suffix] Adding Realm = "NULL"
- [suffix] Authentication realm is LOCAL.
- ++[suffix] returns ok
- [eap] EAP packet type response id 10 length 128
- [eap] Continuing tunnel setup.
- ++[eap] returns ok
- Found Auth-Type = EAP
- # Executing group from file /etc/freeradius/sites-enabled/default
- +- entering group EAP {...}
- [eap] Request found, released from the list
- [eap] EAP/peap
- [eap] processing type peap
- [peap] processing EAP-TLS
- [peap] eaptls_verify returned 7
- [peap] Done initial handshake
- [peap] eaptls_process returned 7
- [peap] EAPTLS_OK
- [peap] Session established. Decoding tunneled attributes.
- [peap] Peap state phase2
- [peap] EAP type mschapv2
- [peap] Got tunneled request
- EAP-Message = 0x020a00441a020a003f313c6612eb8a1d955dcc5fc92e66c766eb00000000000000004619af06b81d1426e5c7921fe751e5f46b7ee3456b3b0c7f0075776a727374657374
- server {
- [peap] Setting User-Name to uwjrstest
- Sending tunneled request
- EAP-Message = 0x020a00441a020a003f313c6612eb8a1d955dcc5fc92e66c766eb00000000000000004619af06b81d1426e5c7921fe751e5f46b7ee3456b3b0c7f0075776a727374657374
- FreeRADIUS-Proxied-To = 127.0.0.1
- User-Name = "uwjrstest"
- State = 0x78b723cc78bd39444d0f0150ae83c59c
- NAS-IP-Address = 127.0.0.1
- Calling-Station-Id = "02-00-00-00-00-01"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 11Mbps 802.11b"
- Domain-Name = "WORC.AC.UK"
- server inner-tunnel {
- # Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
- +- entering group authorize {...}
- ++[preprocess] returns ok
- ++[chap] returns noop
- ++[mschap_ad] returns noop
- ++[unix] returns notfound
- [ntdomain] No '\' in User-Name = "uwjrstest", skipping NULL due to config.
- ++[ntdomain] returns noop
- [suffix] No '@' in User-Name = "uwjrstest", looking up realm NULL
- [suffix] Found realm "NULL"
- [suffix] Adding Stripped-User-Name = "uwjrstest"
- [suffix] Adding Realm = "NULL"
- [suffix] Authentication realm is LOCAL.
- ++[suffix] returns ok
- ++[control] returns ok
- [eap] EAP packet type response id 10 length 68
- [eap] No EAP Start, assuming it's an on-going EAP conversation
- ++[eap] returns updated
- ++[files] returns noop
- ++[expiration] returns noop
- ++[logintime] returns noop
- ++[pap] returns noop
- Found Auth-Type = EAP
- # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
- +- entering group authenticate {...}
- [eap] Request found, released from the list
- [eap] EAP/mschapv2
- [eap] processing type mschapv2
- [mschapv2] # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
- [mschapv2] +- entering group MS-CHAP {...}
- [mschap_ad] Creating challenge hash with username: uwjrstest
- [mschap_ad] Client is using MS-CHAPv2 for uwjrstest, we need NT-Password
- [mschap_ad] expand: --username=%{Stripped-User-Name:-%{User-Name:-None}} -> --username=uwjrstest
- [mschap_ad] No NT-Domain was found in the User-Name.
- [mschap_ad] expand: %{mschap_ad:NT-Domain} ->
- [mschap_ad] ... expanding second conditional
- [mschap_ad] expand: %{Domain-Name} -> WORC.AC.UK
- [mschap_ad] expand: --domain=%{%{mschap_ad:NT-Domain}:-%{Domain-Name}} -> --domain=WORC.AC.UK
- [mschap_ad] Creating challenge hash with username: uwjrstest
- [mschap_ad] expand: --challenge=%{mschap_ad:Challenge:-00} -> --challenge=eb2123a7a496e886
- [mschap_ad] expand: --nt-response=%{mschap_ad:NT-Response:-00} -> --nt-response=4619af06b81d1426e5c7921fe751e5f46b7ee3456b3b0c7f
- Exec-Program output: NT_KEY: 51C1A08577E4ECDBBD59863E8B0BF5BD
- Exec-Program-Wait: plaintext: NT_KEY: 51C1A08577E4ECDBBD59863E8B0BF5BD
- Exec-Program: returned: 0
- [mschap_ad] adding MS-CHAPv2 MPPE keys
- ++[mschap_ad] returns ok
- MSCHAP Success
- ++[eap] returns handled
- } # server inner-tunnel
- [peap] Got tunneled reply code 11
- EAP-Message = 0x010b00331a030a002e533d34373434464543433834314435314339333134384335383933354130384131324539333345463837
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x78b723cc79bc39444d0f0150ae83c59c
- [peap] Got tunneled reply RADIUS code 11
- EAP-Message = 0x010b00331a030a002e533d34373434464543433834314435314339333134384335383933354130384131324539333345463837
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x78b723cc79bc39444d0f0150ae83c59c
- [peap] Got tunneled Access-Challenge
- ++[eap] returns handled
- Sending Access-Challenge of id 119 to 193.62.48.38 port 1814
- EAP-Message = 0x010b005b190017030100502a5e9a459c709c372df731510a2b08dbe0c532e2a882b7c7672b0a8efcd699ac0737d4e06d39842d469d8fc14ca08de04dbcbf9f84d3c8d36ec379ea39e69b242942805e9ab40af0c4be640da5feb54d
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x75a766a37fac7f726488f389cf8e8ffd
- Proxy-State = 0x3130
- Finished request 10.
- Going to the next request
- Waking up in 4.9 seconds.
- Cleaning up request 0 ID 74 with timestamp +36
- Cleaning up request 1 ID 227 with timestamp +36
- Cleaning up request 2 ID 122 with timestamp +36
- Cleaning up request 3 ID 106 with timestamp +36
- Cleaning up request 4 ID 67 with timestamp +36
- Cleaning up request 5 ID 164 with timestamp +36
- Cleaning up request 6 ID 204 with timestamp +36
- Cleaning up request 7 ID 235 with timestamp +36
- Cleaning up request 8 ID 57 with timestamp +36
- Cleaning up request 9 ID 36 with timestamp +36
- Cleaning up request 10 ID 119 with timestamp +36
- WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- WARNING: !! EAP session for state 0x75a766a37fac7f72 did not finish!
- WARNING: !! Please read http://wiki.freeradius.org/Certificate_Compatibility
- WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- Ready to process requests.
- Ready to process requests.
- Signalled to terminate
- Exiting normally.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement