Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- root@net0:/etc/freeradius# freeradius -X
- freeradius: FreeRADIUS Version 2.2.8, for host x86_64-pc-linux-gnu, built on Jul 26 2017 at 15:27:21
- Copyright (C) 1999-2015 The FreeRADIUS server project and contributors.
- There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
- PARTICULAR PURPOSE.
- You may redistribute copies of FreeRADIUS under the terms of the
- GNU General Public License.
- For more information about these matters, see the file named COPYRIGHT.
- Starting - reading configuration files ...
- including configuration file /etc/freeradius/radiusd.conf
- including configuration file /etc/freeradius/proxy.conf
- including configuration file /etc/freeradius/clients.conf
- including files in directory /etc/freeradius/modules/
- including configuration file /etc/freeradius/modules/expiration
- including configuration file /etc/freeradius/modules/soh
- including configuration file /etc/freeradius/modules/always
- including configuration file /etc/freeradius/modules/files
- including configuration file /etc/freeradius/modules/wimax
- including configuration file /etc/freeradius/modules/cui
- including configuration file /etc/freeradius/modules/checkval
- including configuration file /etc/freeradius/modules/passwd
- including configuration file /etc/freeradius/modules/perl
- including configuration file /etc/freeradius/modules/otp
- including configuration file /etc/freeradius/modules/chap
- including configuration file /etc/freeradius/modules/detail.log
- including configuration file /etc/freeradius/modules/replicate
- including configuration file /etc/freeradius/modules/etc_group
- including configuration file /etc/freeradius/modules/smsotp
- including configuration file /etc/freeradius/modules/realm
- including configuration file /etc/freeradius/modules/ippool
- including configuration file /etc/freeradius/modules/attr_filter
- including configuration file /etc/freeradius/modules/detail
- including configuration file /etc/freeradius/modules/detail.example.com
- including configuration file /etc/freeradius/modules/expr
- including configuration file /etc/freeradius/modules/pam
- including configuration file /etc/freeradius/modules/digest
- including configuration file /etc/freeradius/modules/mschap
- including configuration file /etc/freeradius/modules/attr_rewrite
- including configuration file /etc/freeradius/modules/ntlm_auth
- including configuration file /etc/freeradius/modules/dhcp_sqlippool
- including configuration file /etc/freeradius/modules/ldap
- including configuration file /etc/freeradius/modules/pap
- including configuration file /etc/freeradius/modules/inner-eap
- including configuration file /etc/freeradius/modules/preprocess
- including configuration file /etc/freeradius/modules/logintime
- including configuration file /etc/freeradius/modules/radrelay
- including configuration file /etc/freeradius/modules/unix
- including configuration file /etc/freeradius/modules/cache
- including configuration file /etc/freeradius/modules/linelog
- including configuration file /etc/freeradius/modules/opendirectory
- including configuration file /etc/freeradius/modules/echo
- including configuration file /etc/freeradius/modules/mac2ip
- including configuration file /etc/freeradius/modules/acct_unique
- including configuration file /etc/freeradius/modules/sql_log
- including configuration file /etc/freeradius/modules/smbpasswd
- including configuration file /etc/freeradius/modules/python
- including configuration file /etc/freeradius/modules/radutmp
- including configuration file /etc/freeradius/modules/exec
- including configuration file /etc/freeradius/modules/sradutmp
- including configuration file /etc/freeradius/modules/polylan_auth
- including configuration file /etc/freeradius/modules/rediswho
- including configuration file /etc/freeradius/modules/dynamic_clients
- including configuration file /etc/freeradius/modules/counter
- including configuration file /etc/freeradius/modules/sqlcounter_expire_on_login
- including configuration file /etc/freeradius/modules/policy
- including configuration file /etc/freeradius/modules/mac2vlan
- including configuration file /etc/freeradius/modules/krb5
- including configuration file /etc/freeradius/modules/redis
- including configuration file /etc/freeradius/eap.conf
- including configuration file /etc/freeradius/policy.conf
- including files in directory /etc/freeradius/sites-enabled/
- including configuration file /etc/freeradius/sites-enabled/inner-tunnel
- including configuration file /etc/freeradius/sites-enabled/default
- main {
- user = "freerad"
- group = "freerad"
- allow_core_dumps = no
- }
- including dictionary file /etc/freeradius/dictionary
- main {
- name = "net0-freerad"
- prefix = "/usr"
- localstatedir = "/var"
- sbindir = "/usr/sbin"
- logdir = "/var/log/freeradius"
- run_dir = "/var/run/freeradius"
- libdir = "/usr/lib/freeradius"
- radacctdir = "/var/log/freeradius/radacct"
- hostname_lookups = no
- max_request_time = 30
- cleanup_delay = 5
- max_requests = 1024
- pidfile = "/var/run/freeradius/net0-freerad.pid"
- checkrad = "/usr/sbin/checkrad"
- debug_level = 0
- proxy_requests = yes
- log {
- stripped_names = no
- auth = no
- auth_badpass = yes
- auth_goodpass = no
- }
- security {
- max_attributes = 200
- reject_delay = 1
- status_server = yes
- allow_vulnerable_openssl = no
- }
- }
- radiusd: #### Loading Realms and Home Servers ####
- proxy server {
- retry_delay = 5
- retry_count = 3
- default_fallback = no
- dead_time = 120
- wake_all_if_all_dead = no
- }
- home_server localhost {
- ipaddr = 127.0.0.1
- port = 1812
- type = "auth"
- secret = "testing123"
- response_window = 20
- max_outstanding = 65536
- require_message_authenticator = yes
- zombie_period = 40
- status_check = "status-server"
- ping_interval = 30
- check_interval = 30
- num_answers_to_alive = 3
- num_pings_to_alive = 3
- revive_interval = 120
- status_check_timeout = 4
- coa {
- irt = 2
- mrt = 16
- mrc = 5
- mrd = 30
- }
- }
- home_server_pool my_auth_failover {
- type = fail-over
- home_server = localhost
- }
- realm example.com {
- auth_pool = my_auth_failover
- }
- realm LOCAL {
- }
- radiusd: #### Loading Clients ####
- client 127.0.0.1 {
- require_message_authenticator = no
- secret = "1234"
- nastype = "cisco"
- }
- client 10.0.42.0/24 {
- require_message_authenticator = no
- secret = "1234"
- nastype = "cisco"
- }
- client 10.0.20.0/22 {
- require_message_authenticator = no
- secret = "1234"
- nastype = "cisco"
- }
- radiusd: #### Instantiating modules ####
- instantiate {
- Module: Linked to module rlm_exec
- Module: Instantiating module "exec" from file /etc/freeradius/modules/exec
- exec {
- wait = no
- input_pairs = "request"
- shell_escape = yes
- timeout = 10
- }
- Module: Linked to module rlm_python
- Module: Instantiating module "python" from file /etc/freeradius/modules/python
- python_init done
- python {
- mod_instantiate = "polylan_auth"
- func_instantiate = "instantiate"
- mod_authorize = "polylan_auth"
- func_authorize = "authorize"
- mod_authenticate = "polylan_auth"
- func_authenticate = "authenticate"
- mod_accounting = "polylan_auth"
- func_accounting = "accounting"
- mod_post_auth = "polylan_auth"
- func_post_auth = "post_auth"
- mod_detach = "polylan_auth"
- func_detach = "detach"
- }
- instantiate the polylan authentication module
- Module: Linked to module rlm_expr
- Module: Instantiating module "expr" from file /etc/freeradius/modules/expr
- Module: Linked to module rlm_expiration
- Module: Instantiating module "expiration" from file /etc/freeradius/modules/expiration
- expiration {
- reply-message = "Password Has Expired "
- }
- Module: Linked to module rlm_logintime
- Module: Instantiating module "logintime" from file /etc/freeradius/modules/logintime
- logintime {
- reply-message = "You are calling outside your allowed timespan "
- minimum-timeout = 60
- }
- }
- radiusd: #### Loading Virtual Servers ####
- server { # from file /etc/freeradius/radiusd.conf
- modules {
- Module: Creating Auth-Type = python
- Module: Creating Auth-Type = digest
- Module: Checking authenticate {...} for more modules to load
- Module: Linked to module rlm_digest
- Module: Instantiating module "digest" from file /etc/freeradius/modules/digest
- Module: Linked to module rlm_unix
- Module: Instantiating module "unix" from file /etc/freeradius/modules/unix
- unix {
- radwtmp = "/var/log/freeradius/radwtmp"
- }
- Module: Linked to module rlm_eap
- Module: Instantiating module "eap" from file /etc/freeradius/eap.conf
- eap {
- default_eap_type = "md5"
- timer_expire = 60
- ignore_unknown_eap_types = no
- cisco_accounting_username_bug = no
- max_sessions = 4096
- }
- Module: Linked to sub-module rlm_eap_md5
- Module: Instantiating eap-md5
- Module: Linked to sub-module rlm_eap_leap
- Module: Instantiating eap-leap
- Module: Linked to sub-module rlm_eap_gtc
- Module: Instantiating eap-gtc
- gtc {
- challenge = "Password: "
- auth_type = "PAP"
- }
- Module: Linked to sub-module rlm_eap_tls
- Module: Instantiating eap-tls
- tls {
- rsa_key_exchange = no
- dh_key_exchange = yes
- rsa_key_length = 512
- dh_key_length = 512
- verify_depth = 0
- CA_path = "/etc/freeradius/certs"
- pem_file_type = yes
- private_key_file = "/etc/freeradius/certs/server.key"
- certificate_file = "/etc/freeradius/certs/server.pem"
- CA_file = "/etc/freeradius/certs/ca.pem"
- private_key_password = "whatever"
- dh_file = "/etc/freeradius/certs/dh"
- random_file = "/dev/urandom"
- fragment_size = 1024
- include_length = yes
- check_crl = no
- check_all_crl = no
- cipher_list = "DEFAULT"
- make_cert_command = "/etc/freeradius/certs/bootstrap"
- ecdh_curve = "prime256v1"
- cache {
- enable = no
- lifetime = 24
- max_entries = 255
- }
- verify {
- }
- ocsp {
- enable = no
- override_cert_url = yes
- url = "http://127.0.0.1/ocsp/"
- use_nonce = yes
- timeout = 0
- softfail = no
- }
- }
- Module: Linked to sub-module rlm_eap_ttls
- Module: Instantiating eap-ttls
- ttls {
- default_eap_type = "md5"
- copy_request_to_tunnel = no
- use_tunneled_reply = no
- virtual_server = "inner-tunnel"
- include_length = yes
- }
- Module: Linked to sub-module rlm_eap_peap
- Module: Instantiating eap-peap
- peap {
- default_eap_type = "mschapv2"
- copy_request_to_tunnel = yes
- use_tunneled_reply = no
- proxy_tunneled_request_as_eap = yes
- virtual_server = "inner-tunnel"
- soh = no
- }
- Module: Linked to sub-module rlm_eap_mschapv2
- Module: Instantiating eap-mschapv2
- mschapv2 {
- with_ntdomain_hack = no
- send_error = no
- }
- Module: Checking authorize {...} for more modules to load
- Module: Linked to module rlm_chap
- Module: Instantiating module "chap" from file /etc/freeradius/modules/chap
- Module: Linked to module rlm_mschap
- Module: Instantiating module "mschap" from file /etc/freeradius/modules/mschap
- mschap {
- use_mppe = yes
- require_encryption = no
- require_strong = no
- with_ntdomain_hack = no
- allow_retry = yes
- }
- Module: Linked to module rlm_realm
- Module: Instantiating module "suffix" from file /etc/freeradius/modules/realm
- realm suffix {
- format = "suffix"
- delimiter = "@"
- ignore_default = no
- ignore_null = no
- }
- Module: Linked to module rlm_files
- Module: Instantiating module "files" from file /etc/freeradius/modules/files
- files {
- usersfile = "/etc/freeradius/users"
- acctusersfile = "/etc/freeradius/acct_users"
- preproxy_usersfile = "/etc/freeradius/preproxy_users"
- compat = "no"
- }
- reading pairlist file /etc/freeradius/users
- reading pairlist file /etc/freeradius/acct_users
- reading pairlist file /etc/freeradius/preproxy_users
- Module: Linked to module rlm_pap
- Module: Instantiating module "pap" from file /etc/freeradius/modules/pap
- pap {
- encryption_scheme = "auto"
- auto_header = no
- }
- Module: Checking preacct {...} for more modules to load
- Module: Linked to module rlm_preprocess
- Module: Instantiating module "preprocess" from file /etc/freeradius/modules/preprocess
- preprocess {
- huntgroups = "/etc/freeradius/huntgroups"
- hints = "/etc/freeradius/hints"
- with_ascend_hack = no
- ascend_channels_per_line = 23
- with_ntdomain_hack = no
- with_specialix_jetstream_hack = no
- with_cisco_vsa_hack = no
- with_alvarion_vsa_hack = no
- }
- reading pairlist file /etc/freeradius/huntgroups
- reading pairlist file /etc/freeradius/hints
- Module: Linked to module rlm_acct_unique
- Module: Instantiating module "acct_unique" from file /etc/freeradius/modules/acct_unique
- acct_unique {
- key = "User-Name, Acct-Session-Id, NAS-IP-Address, NAS-Identifier, NAS-Port"
- }
- Module: Checking accounting {...} for more modules to load
- Module: Linked to module rlm_detail
- Module: Instantiating module "detail" from file /etc/freeradius/modules/detail
- detail {
- detailfile = "/var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d"
- header = "%t"
- detailperm = 384
- dirperm = 493
- locking = no
- log_packet_header = no
- escape_filenames = no
- }
- Module: Linked to module rlm_attr_filter
- Module: Instantiating module "attr_filter.accounting_response" from file /etc/freeradius/modules/attr_filter
- attr_filter attr_filter.accounting_response {
- attrsfile = "/etc/freeradius/attrs.accounting_response"
- key = "%{User-Name}"
- relaxed = no
- }
- reading pairlist file /etc/freeradius/attrs.accounting_response
- Module: Checking session {...} for more modules to load
- Module: Linked to module rlm_radutmp
- Module: Instantiating module "radutmp" from file /etc/freeradius/modules/radutmp
- radutmp {
- filename = "/var/log/freeradius/radutmp"
- username = "%{User-Name}"
- case_sensitive = yes
- check_with_nas = yes
- perm = 384
- callerid = yes
- }
- Module: Checking post-auth {...} for more modules to load
- Module: Instantiating module "attr_filter.access_reject" from file /etc/freeradius/modules/attr_filter
- attr_filter attr_filter.access_reject {
- attrsfile = "/etc/freeradius/attrs.access_reject"
- key = "%{User-Name}"
- relaxed = no
- }
- reading pairlist file /etc/freeradius/attrs.access_reject
- } # modules
- } # server
- server inner-tunnel { # from file /etc/freeradius/sites-enabled/inner-tunnel
- modules {
- Module: Checking authenticate {...} for more modules to load
- Module: Checking authorize {...} for more modules to load
- Module: Checking post-proxy {...} for more modules to load
- Module: Checking post-auth {...} for more modules to load
- } # modules
- } # server
- radiusd: #### Opening IP addresses and Ports ####
- listen {
- type = "auth"
- ipaddr = *
- port = 0
- }
- listen {
- type = "acct"
- ipaddr = *
- port = 0
- }
- listen {
- type = "auth"
- ipaddr = *
- port = 18120
- }
- ... adding new socket proxy address * port 58850
- Listening on authentication address * port 1812
- Listening on accounting address * port 1813
- Listening on authentication address * port 18120 as server inner-tunnel
- Listening on proxy address * port 1814
- Ready to process requests.
- rad_recv: Access-Request packet from host 10.0.20.36 port 51361, id=184, length=176
- User-Name = "Deeptwix"
- NAS-IP-Address = 10.0.20.36
- NAS-Identifier = "f09fc2a37292"
- NAS-Port = 0
- Called-Station-Id = "F2-9F-C2-A5-72-92:polylan-gamer"
- Calling-Station-Id = "78-31-C1-CE-BE-5C"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 0Mbps 802.11b"
- EAP-Message = 0x02d4000d014465657074776978
- Message-Authenticator = 0x2ee8cbecd2df6decbf1c7f3b26182cc0
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +group authorize {
- rlm_python:authorize: 'Session-Timeout' = '4000'
- rlm_python:authorize: 'Auth-Type' = 'python'
- ++[python] = updated
- ++[chap] = noop
- ++[mschap] = noop
- ++[digest] = noop
- [suffix] No '@' in User-Name = "Deeptwix", looking up realm NULL
- [suffix] No such realm "NULL"
- ++[suffix] = noop
- [eap] EAP packet type response id 212 length 13
- [eap] No EAP Start, assuming it's an on-going EAP conversation
- ++[eap] = updated
- ++[files] = noop
- ++[expiration] = noop
- ++[logintime] = noop
- [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
- ++[pap] = noop
- +} # group authorize = updated
- Found Auth-Type = python
- Found Auth-Type = EAP
- Warning: Found 2 auth-types on request for user 'Deeptwix'
- # Executing group from file /etc/freeradius/sites-enabled/default
- +group authenticate {
- [eap] EAP Identity
- [eap] processing type md5
- rlm_eap_md5: Issuing Challenge
- ++[eap] = handled
- +} # group authenticate = handled
- Sending Access-Challenge of id 184 to 10.0.20.36 port 51361
- Session-Timeout = 4000
- EAP-Message = 0x01d50016041016d31b96fb4e3a34bf3d9a000c2c74da
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x273c30fd27e93464cbd64c0a8a081c71
- Finished request 0.
- Going to the next request
- Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 10.0.20.36 port 51361, id=185, length=189
- User-Name = "Deeptwix"
- NAS-IP-Address = 10.0.20.36
- NAS-Identifier = "f09fc2a37292"
- NAS-Port = 0
- Called-Station-Id = "F2-9F-C2-A5-72-92:polylan-gamer"
- Calling-Station-Id = "78-31-C1-CE-BE-5C"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 0Mbps 802.11b"
- EAP-Message = 0x02d500080319152b
- State = 0x273c30fd27e93464cbd64c0a8a081c71
- Message-Authenticator = 0x3fb5c4f56135c58555aeacb9b48ca12a
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +group authorize {
- rlm_python:authorize: 'Session-Timeout' = '4000'
- rlm_python:authorize: 'Auth-Type' = 'python'
- ++[python] = updated
- ++[chap] = noop
- ++[mschap] = noop
- ++[digest] = noop
- [suffix] No '@' in User-Name = "Deeptwix", looking up realm NULL
- [suffix] No such realm "NULL"
- ++[suffix] = noop
- [eap] EAP packet type response id 213 length 8
- [eap] No EAP Start, assuming it's an on-going EAP conversation
- ++[eap] = updated
- ++[files] = noop
- ++[expiration] = noop
- ++[logintime] = noop
- [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
- ++[pap] = noop
- +} # group authorize = updated
- Found Auth-Type = python
- Found Auth-Type = EAP
- Warning: Found 2 auth-types on request for user 'Deeptwix'
- # Executing group from file /etc/freeradius/sites-enabled/default
- +group authenticate {
- [eap] Request found, released from the list
- [eap] EAP NAK
- [eap] EAP-NAK asked for EAP-Type/peap
- [eap] processing type tls
- [tls] Initiate
- [tls] Start returned 1
- ++[eap] = handled
- +} # group authenticate = handled
- Sending Access-Challenge of id 185 to 10.0.20.36 port 51361
- Session-Timeout = 4000
- EAP-Message = 0x01d600061920
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x273c30fd26ea2964cbd64c0a8a081c71
- Finished request 1.
- Going to the next request
- Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 10.0.20.36 port 51361, id=186, length=308
- User-Name = "Deeptwix"
- NAS-IP-Address = 10.0.20.36
- NAS-Identifier = "f09fc2a37292"
- NAS-Port = 0
- Called-Station-Id = "F2-9F-C2-A5-72-92:polylan-gamer"
- Calling-Station-Id = "78-31-C1-CE-BE-5C"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 0Mbps 802.11b"
- EAP-Message = 0x02d6007f19800000007516030100700100006c03015a0edeb86cecd22097a41ef2b0ffe53204779887db236ded7a5af64306d9a39b00002000ffc024c023c00ac009c008c028c027c014c013c012003d003c0035002f000a01000023000a00080006001700180019000b000201000005000501000000000012000000170000
- State = 0x273c30fd26ea2964cbd64c0a8a081c71
- Message-Authenticator = 0xfd35a07d74ed66f53c7acd09dfe7ffc8
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +group authorize {
- rlm_python:authorize: 'Session-Timeout' = '4000'
- rlm_python:authorize: 'Auth-Type' = 'python'
- ++[python] = updated
- ++[chap] = noop
- ++[mschap] = noop
- ++[digest] = noop
- [suffix] No '@' in User-Name = "Deeptwix", looking up realm NULL
- [suffix] No such realm "NULL"
- ++[suffix] = noop
- [eap] EAP packet type response id 214 length 127
- [eap] Continuing tunnel setup.
- ++[eap] = ok
- +} # group authorize = ok
- Found Auth-Type = python
- Found Auth-Type = EAP
- Warning: Found 2 auth-types on request for user 'Deeptwix'
- # Executing group from file /etc/freeradius/sites-enabled/default
- +group authenticate {
- [eap] Request found, released from the list
- [eap] EAP/peap
- [eap] processing type peap
- [peap] processing EAP-TLS
- TLS Length 117
- [peap] Length Included
- [peap] eaptls_verify returned 11
- [peap] (other): before/accept initialization
- [peap] TLS_accept: before/accept initialization
- [peap] <<< Unknown TLS version [length 0005]
- [peap] <<< TLS 1.0 Handshake [length 0070], ClientHello
- [peap] TLS_accept: unknown state
- [peap] >>> Unknown TLS version [length 0005]
- [peap] >>> TLS 1.0 Handshake [length 0039], ServerHello
- [peap] TLS_accept: unknown state
- [peap] >>> Unknown TLS version [length 0005]
- [peap] >>> TLS 1.0 Handshake [length 02d2], Certificate
- [peap] TLS_accept: unknown state
- [peap] >>> Unknown TLS version [length 0005]
- [peap] >>> TLS 1.0 Handshake [length 014b], ServerKeyExchange
- [peap] TLS_accept: unknown state
- [peap] >>> Unknown TLS version [length 0005]
- [peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
- [peap] TLS_accept: unknown state
- [peap] TLS_accept: unknown state
- [peap] TLS_accept: unknown state
- [peap] TLS_accept: Need to read more data: unknown state
- [peap] TLS_accept: Need to read more data: unknown state
- In SSL Handshake Phase
- In SSL Accept mode
- [peap] eaptls_process returned 13
- [peap] EAPTLS_HANDLED
- ++[eap] = handled
- +} # group authenticate = handled
- Sending Access-Challenge of id 186 to 10.0.20.36 port 51361
- Session-Timeout = 4000
- EAP-Message = 0x01d7040019c00000046e1603010039020000350301d13880d0a9e5b92fcf2952e4a61b1b4305d7328b4a449e318f3f49a750968fe600c01400000dff01000100000b00040300010216030102d20b0002ce0002cb0002c8308202c4308201aca003020102020900af8abee32931c4b9300d06092a864886f70d01010b0500301a3118301606035504030c0f6e6574302e706f6c796c616e2e6368301e170d3137313131323032303431355a170d3237313131303032303431355a301a3118301606035504030c0f6e6574302e706f6c796c616e2e636830820122300d06092a864886f70d01010105000382010f003082010a0282010100d7290137e520
- EAP-Message = 0x9e9ebbdd6e92ee02b376e4f53bf0f05d2a6ca87659fc8f2bb1e01564f231aa18b8d22d761d5c752277421799f0ee421619dd35b6afd3c6745f108c3b2e950830d4f67d0f22d0b6cbdd01d46729442401b46f1ffda516114e1a06b8604ee05bdb8c6b530e873948e6127527da4eeabd8b4d4a03eafebf3b8db47b0b278c1ff16dedb03369df4ba245a81b1ff2ca5d3c097f021c4159299abd83d6d01bdf43b5d0d689eae631c034257544b7a9c0a07ba1d6f3b575150a31cf08ba5a4bd3793a8143c702e45e7c1552b65f628ab16b1ad9b2c640bb7866f74e02cda86fe2e35446169fe9f90320bf58c53420bb3fee796359787606f74497b7b455020301
- EAP-Message = 0x0001a30d300b30090603551d1304023000300d06092a864886f70d01010b05000382010100869afacab7a81fe51281aade189e4e7b07ecf1300e304f649a7b988f383671681e42d3d09866756bd725628fca3dfe87c7c447b82237f27794e313d442420865b3dafb6ed7e9284fbfb749d2ecc09184ebaedf66c06c2f589d2d8410c2491506de51f22ee6cbb76f22d801f19997e644e5c20f83ebee848d9ce5af806de9f9df99cc9bb178fefa4d0f1b475d2fa6ab4dd894405c0e3fd6ffffa1e8c06171844ab9159614718f07245060cc4cb7edd28a2a343fc8f6f36c3d9493bc6b7c8e739ae679ed14c62130327f4ec86ca3694e7e68f360b8e60d3cfa
- EAP-Message = 0x72530e00a0f85e0ac404356aab7362b9368f2a6af67c184d5297fc35a20331eb47b1f8af9a59cd69160301014b0c000147030017410455014ab2dc790af1465c2448ce26e4cef95538fd7d08c4ea74d842850cd5b93c2e7c6a95f991c478090fed3c89170bdbc143c55121c589293e03a3976456677c01009e5bfc57ffe7a4f945600f06f298a0770b7d9d2313374bcfbcc27357f358616a02728b14f9f2b073dda37a51f7ded63c0cb8ecbf75f2bedd94bfadcebba0450392ee58fb227c1f3f9b7e5db4ec2a27ec0b468f84cbb6ec6f9fa918d0103c27aa6b1b4ede02c8ba0eafd46fe1e4f0cfb8bab6d8ca0f5fa3e76888952db34113fbedb673919e
- EAP-Message = 0x8a7784cf29087eecee411eb9
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x273c30fd25eb2964cbd64c0a8a081c71
- Finished request 2.
- Going to the next request
- Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 10.0.20.36 port 51361, id=187, length=187
- User-Name = "Deeptwix"
- NAS-IP-Address = 10.0.20.36
- NAS-Identifier = "f09fc2a37292"
- NAS-Port = 0
- Called-Station-Id = "F2-9F-C2-A5-72-92:polylan-gamer"
- Calling-Station-Id = "78-31-C1-CE-BE-5C"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 0Mbps 802.11b"
- EAP-Message = 0x02d700061900
- State = 0x273c30fd25eb2964cbd64c0a8a081c71
- Message-Authenticator = 0x96b51e34eeb5f580fb34277300aabf8d
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +group authorize {
- rlm_python:authorize: 'Session-Timeout' = '4000'
- rlm_python:authorize: 'Auth-Type' = 'python'
- ++[python] = updated
- ++[chap] = noop
- ++[mschap] = noop
- ++[digest] = noop
- [suffix] No '@' in User-Name = "Deeptwix", looking up realm NULL
- [suffix] No such realm "NULL"
- ++[suffix] = noop
- [eap] EAP packet type response id 215 length 6
- [eap] Continuing tunnel setup.
- ++[eap] = ok
- +} # group authorize = ok
- Found Auth-Type = python
- Found Auth-Type = EAP
- Warning: Found 2 auth-types on request for user 'Deeptwix'
- # Executing group from file /etc/freeradius/sites-enabled/default
- +group authenticate {
- [eap] Request found, released from the list
- [eap] EAP/peap
- [eap] processing type peap
- [peap] processing EAP-TLS
- [peap] Received TLS ACK
- [peap] ACK handshake fragment handler
- [peap] eaptls_verify returned 1
- [peap] eaptls_process returned 13
- [peap] EAPTLS_HANDLED
- ++[eap] = handled
- +} # group authenticate = handled
- Sending Access-Challenge of id 187 to 10.0.20.36 port 51361
- Session-Timeout = 4000
- EAP-Message = 0x01d8007e19002c1ba6edb823247c8f7477b3548a70b23d8d7058dabd786ff60a1a1cdc845507ac40072fff3fec285f4daa989a6691c242db7d99cae10af0c1bab0db12c3ac47868fc149b2a3a0c20e1a07f6c8093cca4368607f0d98349d48ec9e5b2b40e3313edc2ec9428caaacb6b8d42045581f16030100040e000000
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x273c30fd24e42964cbd64c0a8a081c71
- Finished request 3.
- Going to the next request
- Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 10.0.20.36 port 51361, id=188, length=325
- User-Name = "Deeptwix"
- NAS-IP-Address = 10.0.20.36
- NAS-Identifier = "f09fc2a37292"
- NAS-Port = 0
- Called-Station-Id = "F2-9F-C2-A5-72-92:polylan-gamer"
- Calling-Station-Id = "78-31-C1-CE-BE-5C"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 0Mbps 802.11b"
- EAP-Message = 0x02d800901980000000861603010046100000424104967a88d4e4b7caf0e8516e5a9ca5d66eaf73eb1ea106ce4b989744be2f1cd4f85e8908e8c9148acd353bc1655b41dc58e4fd032d8c2d66d964d92e25f98c3ffa1403010001011603010030678074c716e48f1dc486d2a9eb6ad384225114db3822f75000fc611dd89bd3835400b68dfcab30bbc601a80c075c9267
- State = 0x273c30fd24e42964cbd64c0a8a081c71
- Message-Authenticator = 0xaba53030167ac8e6ebb243e479e8c545
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +group authorize {
- rlm_python:authorize: 'Session-Timeout' = '4000'
- rlm_python:authorize: 'Auth-Type' = 'python'
- ++[python] = updated
- ++[chap] = noop
- ++[mschap] = noop
- ++[digest] = noop
- [suffix] No '@' in User-Name = "Deeptwix", looking up realm NULL
- [suffix] No such realm "NULL"
- ++[suffix] = noop
- [eap] EAP packet type response id 216 length 144
- [eap] Continuing tunnel setup.
- ++[eap] = ok
- +} # group authorize = ok
- Found Auth-Type = python
- Found Auth-Type = EAP
- Warning: Found 2 auth-types on request for user 'Deeptwix'
- # Executing group from file /etc/freeradius/sites-enabled/default
- +group authenticate {
- [eap] Request found, released from the list
- [eap] EAP/peap
- [eap] processing type peap
- [peap] processing EAP-TLS
- TLS Length 134
- [peap] Length Included
- [peap] eaptls_verify returned 11
- [peap] <<< Unknown TLS version [length 0005]
- [peap] <<< TLS 1.0 Handshake [length 0046], ClientKeyExchange
- [peap] TLS_accept: unknown state
- [peap] TLS_accept: unknown state
- [peap] <<< Unknown TLS version [length 0005]
- [peap] <<< TLS 1.0 ChangeCipherSpec [length 0001]
- [peap] <<< Unknown TLS version [length 0005]
- [peap] <<< TLS 1.0 Handshake [length 0010], Finished
- [peap] TLS_accept: unknown state
- [peap] >>> Unknown TLS version [length 0005]
- [peap] >>> TLS 1.0 ChangeCipherSpec [length 0001]
- [peap] TLS_accept: unknown state
- [peap] >>> Unknown TLS version [length 0005]
- [peap] >>> TLS 1.0 Handshake [length 0010], Finished
- [peap] TLS_accept: unknown state
- [peap] TLS_accept: unknown state
- [peap] (other): SSL negotiation finished successfully
- SSL Connection Established
- [peap] eaptls_process returned 13
- [peap] EAPTLS_HANDLED
- ++[eap] = handled
- +} # group authenticate = handled
- Sending Access-Challenge of id 188 to 10.0.20.36 port 51361
- Session-Timeout = 4000
- EAP-Message = 0x01d90041190014030100010116030100309debc395c30a77e10d74f6e3620333085efaf3fc0aa93ddee62c7534dd7777b7b0400ba215a4c10ce09a67f88c981698
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x273c30fd23e52964cbd64c0a8a081c71
- Finished request 4.
- Going to the next request
- Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 10.0.20.36 port 51361, id=189, length=187
- User-Name = "Deeptwix"
- NAS-IP-Address = 10.0.20.36
- NAS-Identifier = "f09fc2a37292"
- NAS-Port = 0
- Called-Station-Id = "F2-9F-C2-A5-72-92:polylan-gamer"
- Calling-Station-Id = "78-31-C1-CE-BE-5C"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 0Mbps 802.11b"
- EAP-Message = 0x02d900061900
- State = 0x273c30fd23e52964cbd64c0a8a081c71
- Message-Authenticator = 0xac03f0ebc0820ec67721f9959ab07d09
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +group authorize {
- rlm_python:authorize: 'Session-Timeout' = '4000'
- rlm_python:authorize: 'Auth-Type' = 'python'
- ++[python] = updated
- ++[chap] = noop
- ++[mschap] = noop
- ++[digest] = noop
- [suffix] No '@' in User-Name = "Deeptwix", looking up realm NULL
- [suffix] No such realm "NULL"
- ++[suffix] = noop
- [eap] EAP packet type response id 217 length 6
- [eap] Continuing tunnel setup.
- ++[eap] = ok
- +} # group authorize = ok
- Found Auth-Type = python
- Found Auth-Type = EAP
- Warning: Found 2 auth-types on request for user 'Deeptwix'
- # Executing group from file /etc/freeradius/sites-enabled/default
- +group authenticate {
- [eap] Request found, released from the list
- [eap] EAP/peap
- [eap] processing type peap
- [peap] processing EAP-TLS
- [peap] Received TLS ACK
- [peap] ACK handshake is finished
- [peap] eaptls_verify returned 3
- [peap] eaptls_process returned 3
- [peap] EAPTLS_SUCCESS
- [peap] Session established. Decoding tunneled attributes.
- [peap] Peap state TUNNEL ESTABLISHED
- [peap] >>> Unknown TLS version [length 0005]
- ++[eap] = handled
- +} # group authenticate = handled
- Sending Access-Challenge of id 189 to 10.0.20.36 port 51361
- Session-Timeout = 4000
- EAP-Message = 0x01da002b1900170301002082a522e601a612a6d5ad2dbe66ed07901ecd3a9bd001c1fb69654792270009df
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x273c30fd22e62964cbd64c0a8a081c71
- Finished request 5.
- Going to the next request
- Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 10.0.20.36 port 51361, id=190, length=224
- User-Name = "Deeptwix"
- NAS-IP-Address = 10.0.20.36
- NAS-Identifier = "f09fc2a37292"
- NAS-Port = 0
- Called-Station-Id = "F2-9F-C2-A5-72-92:polylan-gamer"
- Calling-Station-Id = "78-31-C1-CE-BE-5C"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 0Mbps 802.11b"
- EAP-Message = 0x02da002b19001703010020d4a397a095fd8f29e82a4e7f3a390c74fe33d63c793946fe022d0d409fe4400f
- State = 0x273c30fd22e62964cbd64c0a8a081c71
- Message-Authenticator = 0xc544430623efffc47fd37db2af2ad476
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +group authorize {
- rlm_python:authorize: 'Session-Timeout' = '4000'
- rlm_python:authorize: 'Auth-Type' = 'python'
- ++[python] = updated
- ++[chap] = noop
- ++[mschap] = noop
- ++[digest] = noop
- [suffix] No '@' in User-Name = "Deeptwix", looking up realm NULL
- [suffix] No such realm "NULL"
- ++[suffix] = noop
- [eap] EAP packet type response id 218 length 43
- [eap] Continuing tunnel setup.
- ++[eap] = ok
- +} # group authorize = ok
- Found Auth-Type = python
- Found Auth-Type = EAP
- Warning: Found 2 auth-types on request for user 'Deeptwix'
- # Executing group from file /etc/freeradius/sites-enabled/default
- +group authenticate {
- [eap] Request found, released from the list
- [eap] EAP/peap
- [eap] processing type peap
- [peap] processing EAP-TLS
- [peap] eaptls_verify returned 7
- [peap] Done initial handshake
- [peap] <<< Unknown TLS version [length 0005]
- [peap] eaptls_process returned 7
- [peap] EAPTLS_OK
- [peap] Session established. Decoding tunneled attributes.
- [peap] Peap state WAITING FOR INNER IDENTITY
- [peap] Identity - Deeptwix
- [peap] Got inner identity 'Deeptwix'
- [peap] Setting default EAP type for tunneled EAP session.
- [peap] Got tunneled request
- EAP-Message = 0x02da000d014465657074776978
- server {
- [peap] Setting User-Name to Deeptwix
- Sending tunneled request
- EAP-Message = 0x02da000d014465657074776978
- FreeRADIUS-Proxied-To = 127.0.0.1
- User-Name = "Deeptwix"
- NAS-IP-Address = 10.0.20.36
- NAS-Identifier = "f09fc2a37292"
- NAS-Port = 0
- Called-Station-Id = "F2-9F-C2-A5-72-92:polylan-gamer"
- Calling-Station-Id = "78-31-C1-CE-BE-5C"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 0Mbps 802.11b"
- server inner-tunnel {
- # Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
- +group authorize {
- ++[mschap] = noop
- [eap] EAP packet type response id 218 length 13
- [eap] No EAP Start, assuming it's an on-going EAP conversation
- ++[eap] = updated
- ++[files] = noop
- ++[expiration] = noop
- ++[logintime] = noop
- [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
- ++[pap] = noop
- +} # group authorize = updated
- Found Auth-Type = EAP
- # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
- +group authenticate {
- [eap] EAP Identity
- [eap] processing type mschapv2
- rlm_eap_mschapv2: Issuing Challenge
- ++[eap] = handled
- +} # group authenticate = handled
- } # server inner-tunnel
- [peap] Got tunneled reply code 11
- EAP-Message = 0x01db00221a01db001d1084a83d746ba55c2002ae3f40260c4e584465657074776978
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x73ce834f731599b345b3a8609f5fa6d7
- [peap] Got tunneled reply RADIUS code Access-Challenge
- EAP-Message = 0x01db00221a01db001d1084a83d746ba55c2002ae3f40260c4e584465657074776978
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x73ce834f731599b345b3a8609f5fa6d7
- [peap] Got tunneled Access-Challenge
- [peap] >>> Unknown TLS version [length 0005]
- ++[eap] = handled
- +} # group authenticate = handled
- Sending Access-Challenge of id 190 to 10.0.20.36 port 51361
- Session-Timeout = 4000
- EAP-Message = 0x01db004b1900170301004078d5598e6a84476a8c8d97443e46e3fe6e63034dab431b0da723f85b4836a66a27e666165fe57fa40b414ab4580ae187f4bfa9e31ba1b4e6a0fec29bf9dd9da8
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x273c30fd21e72964cbd64c0a8a081c71
- Finished request 6.
- Going to the next request
- Waking up in 4.8 seconds.
- rad_recv: Access-Request packet from host 10.0.20.36 port 51361, id=191, length=288
- User-Name = "Deeptwix"
- NAS-IP-Address = 10.0.20.36
- NAS-Identifier = "f09fc2a37292"
- NAS-Port = 0
- Called-Station-Id = "F2-9F-C2-A5-72-92:polylan-gamer"
- Calling-Station-Id = "78-31-C1-CE-BE-5C"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 0Mbps 802.11b"
- EAP-Message = 0x02db006b19001703010060da8eb12d0f27be393a4fa07e4242e62e2e866a94f1281717ede9becbfe0aceb0a49bac466a034c02f42364da79e34ee5a8e7ac52add6b07303ccab4dbddeb0ae972d5a90f47bd7bcc2f33507a1f5fcb7e358f7f43c0d06553c61915762bff4d2
- State = 0x273c30fd21e72964cbd64c0a8a081c71
- Message-Authenticator = 0xb6ca7ae63cc65ebddbdbeaaa9724765e
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +group authorize {
- rlm_python:authorize: 'Session-Timeout' = '4000'
- rlm_python:authorize: 'Auth-Type' = 'python'
- ++[python] = updated
- ++[chap] = noop
- ++[mschap] = noop
- ++[digest] = noop
- [suffix] No '@' in User-Name = "Deeptwix", looking up realm NULL
- [suffix] No such realm "NULL"
- ++[suffix] = noop
- [eap] EAP packet type response id 219 length 107
- [eap] Continuing tunnel setup.
- ++[eap] = ok
- +} # group authorize = ok
- Found Auth-Type = python
- Found Auth-Type = EAP
- Warning: Found 2 auth-types on request for user 'Deeptwix'
- # Executing group from file /etc/freeradius/sites-enabled/default
- +group authenticate {
- [eap] Request found, released from the list
- [eap] EAP/peap
- [eap] processing type peap
- [peap] processing EAP-TLS
- [peap] eaptls_verify returned 7
- [peap] Done initial handshake
- [peap] <<< Unknown TLS version [length 0005]
- [peap] eaptls_process returned 7
- [peap] EAPTLS_OK
- [peap] Session established. Decoding tunneled attributes.
- [peap] Peap state phase2
- [peap] EAP type mschapv2
- [peap] Got tunneled request
- EAP-Message = 0x02db00431a02db003e3115746837a19bf7c6f099ec5b5f83b2ba000000000000000001b5c736dbc689dfddf38dbdb32232c0023f0ed6944f0efa004465657074776978
- server {
- [peap] Setting User-Name to Deeptwix
- Sending tunneled request
- EAP-Message = 0x02db00431a02db003e3115746837a19bf7c6f099ec5b5f83b2ba000000000000000001b5c736dbc689dfddf38dbdb32232c0023f0ed6944f0efa004465657074776978
- FreeRADIUS-Proxied-To = 127.0.0.1
- User-Name = "Deeptwix"
- State = 0x73ce834f731599b345b3a8609f5fa6d7
- NAS-IP-Address = 10.0.20.36
- NAS-Identifier = "f09fc2a37292"
- NAS-Port = 0
- Called-Station-Id = "F2-9F-C2-A5-72-92:polylan-gamer"
- Calling-Station-Id = "78-31-C1-CE-BE-5C"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 0Mbps 802.11b"
- server inner-tunnel {
- # Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
- +group authorize {
- ++[mschap] = noop
- [eap] EAP packet type response id 219 length 67
- [eap] No EAP Start, assuming it's an on-going EAP conversation
- ++[eap] = updated
- ++[files] = noop
- ++[expiration] = noop
- ++[logintime] = noop
- [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
- ++[pap] = noop
- +} # group authorize = updated
- Found Auth-Type = EAP
- # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
- +group authenticate {
- [eap] Request found, released from the list
- [eap] EAP/mschapv2
- [eap] processing type mschapv2
- [mschapv2] # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
- [mschapv2] +group MS-CHAP {
- ++[python] = reject
- +} # group MS-CHAP = reject
- [eap] Freeing handler
- ++[eap] = reject
- +} # group authenticate = reject
- Failed to authenticate the user.
- Using Post-Auth-Type Reject
- # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
- +group REJECT {
- [attr_filter.access_reject] expand: %{User-Name} -> Deeptwix
- attr_filter: Matched entry DEFAULT at line 11
- ++[attr_filter.access_reject] = updated
- +} # group REJECT = updated
- } # server inner-tunnel
- [peap] Got tunneled reply code 3
- EAP-Message = 0x04db0004
- Message-Authenticator = 0x00000000000000000000000000000000
- [peap] Got tunneled reply RADIUS code Access-Reject
- EAP-Message = 0x04db0004
- Message-Authenticator = 0x00000000000000000000000000000000
- [peap] Tunneled authentication was rejected.
- [peap] FAILURE
- [peap] >>> Unknown TLS version [length 0005]
- ++[eap] = handled
- +} # group authenticate = handled
- Sending Access-Challenge of id 191 to 10.0.20.36 port 51361
- Session-Timeout = 4000
- EAP-Message = 0x01dc002b190017030100201c0b7296552f30fbffe08b177fb038516e09f071d2e3c1cd8931e82c15668ba1
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x273c30fd20e02964cbd64c0a8a081c71
- Finished request 7.
- Going to the next request
- Waking up in 4.8 seconds.
- rad_recv: Access-Request packet from host 10.0.20.36 port 51361, id=192, length=224
- User-Name = "Deeptwix"
- NAS-IP-Address = 10.0.20.36
- NAS-Identifier = "f09fc2a37292"
- NAS-Port = 0
- Called-Station-Id = "F2-9F-C2-A5-72-92:polylan-gamer"
- Calling-Station-Id = "78-31-C1-CE-BE-5C"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 0Mbps 802.11b"
- EAP-Message = 0x02dc002b190017030100207f5f4b70d316c2d69583793f9fc71bcbb12b3e476c056e9ec59d89f022623a3a
- State = 0x273c30fd20e02964cbd64c0a8a081c71
- Message-Authenticator = 0x645b55a32e3237dade3a86ce5580c26a
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +group authorize {
- rlm_python:authorize: 'Session-Timeout' = '4000'
- rlm_python:authorize: 'Auth-Type' = 'python'
- ++[python] = updated
- ++[chap] = noop
- ++[mschap] = noop
- ++[digest] = noop
- [suffix] No '@' in User-Name = "Deeptwix", looking up realm NULL
- [suffix] No such realm "NULL"
- ++[suffix] = noop
- [eap] EAP packet type response id 220 length 43
- [eap] Continuing tunnel setup.
- ++[eap] = ok
- +} # group authorize = ok
- Found Auth-Type = python
- Found Auth-Type = EAP
- Warning: Found 2 auth-types on request for user 'Deeptwix'
- # Executing group from file /etc/freeradius/sites-enabled/default
- +group authenticate {
- [eap] Request found, released from the list
- [eap] EAP/peap
- [eap] processing type peap
- [peap] processing EAP-TLS
- [peap] eaptls_verify returned 7
- [peap] Done initial handshake
- [peap] <<< Unknown TLS version [length 0005]
- [peap] eaptls_process returned 7
- [peap] EAPTLS_OK
- [peap] Session established. Decoding tunneled attributes.
- [peap] Peap state send tlv failure
- [peap] Received EAP-TLV response.
- [peap] The users session was previously rejected: returning reject (again.)
- [peap] *** This means you need to read the PREVIOUS messages in the debug output
- [peap] *** to find out the reason why the user was rejected.
- [peap] *** Look for "reject" or "fail". Those earlier messages will tell you.
- [peap] *** what went wrong, and how to fix the problem.
- [eap] Handler failed in EAP/peap
- [eap] Failed in EAP select
- ++[eap] = invalid
- +} # group authenticate = invalid
- Failed to authenticate the user.
- Using Post-Auth-Type Reject
- # Executing group from file /etc/freeradius/sites-enabled/default
- +group REJECT {
- [attr_filter.access_reject] expand: %{User-Name} -> Deeptwix
- attr_filter: Matched entry DEFAULT at line 11
- ++[attr_filter.access_reject] = updated
- +} # group REJECT = updated
- Delaying reject of request 8 for 1 seconds
- Going to the next request
- Waking up in 0.9 seconds.
- Sending delayed reject for request 8
- Sending Access-Reject of id 192 to 10.0.20.36 port 51361
- EAP-Message = 0x04dc0004
- Message-Authenticator = 0x00000000000000000000000000000000
- Waking up in 3.8 seconds.
- Cleaning up request 0 ID 184 with timestamp +14
- Cleaning up request 1 ID 185 with timestamp +14
- Cleaning up request 2 ID 186 with timestamp +14
- Cleaning up request 3 ID 187 with timestamp +14
- Cleaning up request 4 ID 188 with timestamp +14
- Cleaning up request 5 ID 189 with timestamp +14
- Cleaning up request 6 ID 190 with timestamp +14
- Cleaning up request 7 ID 191 with timestamp +14
- Waking up in 1.0 seconds.
- Cleaning up request 8 ID 192 with timestamp +14
- Ready to process requests.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement