Untitled

(0) Thu May 24 17:30:29 2018: Debug: Received Access-Request Id 25 from 172.20.5.79:52628 to 172.20.5.3:1812 length 372
(0) Thu May 24 17:30:29 2018: Debug:   Framed-MTU = 1480
(0) Thu May 24 17:30:29 2018: Debug:   NAS-IP-Address = 172.20.9.150
(0) Thu May 24 17:30:29 2018: Debug:   NAS-Identifier = "Test"
(0) Thu May 24 17:30:29 2018: Debug:   User-Name = "host/Admin-15-NB.PERSONALAMT.DE"
(0) Thu May 24 17:30:29 2018: Debug:   Service-Type = Framed-User
(0) Thu May 24 17:30:29 2018: Debug:   Framed-Protocol = PPP
(0) Thu May 24 17:30:29 2018: Debug:   NAS-Port = 1
(0) Thu May 24 17:30:29 2018: Debug:   NAS-Port-Type = Ethernet
(0) Thu May 24 17:30:29 2018: Debug:   NAS-Port-Id = "1"
(0) Thu May 24 17:30:29 2018: Debug:   Called-Station-Id = "94-18-82-b9-32-80"
(0) Thu May 24 17:30:29 2018: Debug:   Calling-Station-Id = "00-e0-4c-60-43-20"
(0) Thu May 24 17:30:29 2018: Debug:   Connect-Info = "CONNECT Ethernet 1000Mbps Full duplex"
(0) Thu May 24 17:30:29 2018: Debug:   Tunnel-Type:0 = VLAN
(0) Thu May 24 17:30:29 2018: Debug:   Tunnel-Medium-Type:0 = IEEE-802
(0) Thu May 24 17:30:29 2018: Debug:   Tunnel-Private-Group-Id:0 = "1"
(0) Thu May 24 17:30:29 2018: Debug:   EAP-Message = 0x0201002401686f73742f41646d696e2d31352d4e422e504552534f4e414c414d542e4445
(0) Thu May 24 17:30:29 2018: Debug:   Message-Authenticator = 0x6617fad777f9bd50b77d4b3fbe07f915
(0) Thu May 24 17:30:29 2018: Debug:   MS-RAS-Vendor = 11
(0) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x011a0000000b28
(0) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x011a0000000b2e
(0) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x011a0000000b30
(0) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x011a0000000b3d
(0) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x0138
(0) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x013a
(0) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x0140
(0) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x0141
(0) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x0151
(0) Thu May 24 17:30:29 2018: Debug:   Proxy-State = 0x3134
(0) Thu May 24 17:30:29 2018: Debug: # Executing section authorize from file /usr/local/pf/raddb/sites-enabled/packetfence
(0) Thu May 24 17:30:29 2018: Debug:   authorize {
(0) Thu May 24 17:30:29 2018: Debug:     update {
(0) Thu May 24 17:30:29 2018: Debug:       EXPAND %{Packet-Src-IP-Address}
(0) Thu May 24 17:30:29 2018: Debug:          --> 172.20.5.79
(0) Thu May 24 17:30:29 2018: Debug:       EXPAND %l
(0) Thu May 24 17:30:29 2018: Debug:          --> 1527175829
(0) Thu May 24 17:30:29 2018: Debug:     } # update = noop
(0) Thu May 24 17:30:29 2018: Debug:     policy packetfence-set-tenant-id {
(0) Thu May 24 17:30:29 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0") {
(0) Thu May 24 17:30:29 2018: Debug:       EXPAND %{%{control:PacketFence-Tenant-Id}:-0}
(0) Thu May 24 17:30:29 2018: Debug:          --> 0
(0) Thu May 24 17:30:29 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  -> TRUE
(0) Thu May 24 17:30:29 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  {
(0) Thu May 24 17:30:29 2018: Debug:         update control {
(0) Thu May 24 17:30:29 2018: Debug:           EXPAND %{User-Name}
(0) Thu May 24 17:30:29 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(0) Thu May 24 17:30:29 2018: Debug:           SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(0) Thu May 24 17:30:29 2018: Debug:           Executing select query:  SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '172.20.5.79'), 0)
(0) Thu May 24 17:30:29 2018: Debug:           EXPAND %{sql: SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '%{Packet-Src-IP-Address}'), 0)}
(0) Thu May 24 17:30:29 2018: Debug:              --> 0
(0) Thu May 24 17:30:29 2018: Debug:         } # update control = noop
(0) Thu May 24 17:30:29 2018: Debug:       } # if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  = noop
(0) Thu May 24 17:30:29 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 ) {
(0) Thu May 24 17:30:29 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  -> TRUE
(0) Thu May 24 17:30:29 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  {
(0) Thu May 24 17:30:29 2018: Debug:         update control {
(0) Thu May 24 17:30:29 2018: Debug:           EXPAND %{User-Name}
(0) Thu May 24 17:30:29 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(0) Thu May 24 17:30:29 2018: Debug:           SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(0) Thu May 24 17:30:29 2018: Debug:           Executing select query:  SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('172.20.5.79') and INET_ATON('172.20.5.79') <= end_ip order by range_length limit 1), 1)
(0) Thu May 24 17:30:29 2018: Debug:           EXPAND %{sql: SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('%{Packet-Src-IP-Address}') and INET_ATON('%{Packet-Src-IP-Address}') <= end_ip order by range_length limit 1), 1)}
(0) Thu May 24 17:30:29 2018: Debug:              --> 1
(0) Thu May 24 17:30:29 2018: Debug:         } # update control = noop
(0) Thu May 24 17:30:29 2018: Debug:       } # if ( &control:PacketFence-Tenant-Id == 0 )  = noop
(0) Thu May 24 17:30:29 2018: Debug:     } # policy packetfence-set-tenant-id = noop
(0) Thu May 24 17:30:29 2018: Debug:     policy rewrite_calling_station_id {
(0) Thu May 24 17:30:29 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i)) {
(0) Thu May 24 17:30:29 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  -> TRUE
(0) Thu May 24 17:30:29 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  {
(0) Thu May 24 17:30:29 2018: Debug:         update request {
(0) Thu May 24 17:30:29 2018: Debug:           EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(0) Thu May 24 17:30:29 2018: Debug:              --> 00:e0:4c:60:43:20
(0) Thu May 24 17:30:29 2018: Debug:         } # update request = noop
(0) Thu May 24 17:30:29 2018: Debug:         [updated] = updated
(0) Thu May 24 17:30:29 2018: Debug:       } # if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  = updated
(0) Thu May 24 17:30:29 2018: Debug:       ... skipping else: Preceding "if" was taken
(0) Thu May 24 17:30:29 2018: Debug:     } # policy rewrite_calling_station_id = updated
(0) Thu May 24 17:30:29 2018: Debug:     policy rewrite_called_station_id {
(0) Thu May 24 17:30:29 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i)) {
(0) Thu May 24 17:30:29 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  -> TRUE
(0) Thu May 24 17:30:29 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  {
(0) Thu May 24 17:30:29 2018: Debug:         update request {
(0) Thu May 24 17:30:29 2018: Debug:           EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(0) Thu May 24 17:30:29 2018: Debug:              --> 94:18:82:b9:32:80
(0) Thu May 24 17:30:29 2018: Debug:         } # update request = noop
(0) Thu May 24 17:30:29 2018: Debug:         if ("%{8}") {
(0) Thu May 24 17:30:29 2018: Debug:         EXPAND %{8}
(0) Thu May 24 17:30:29 2018: Debug:            -->
(0) Thu May 24 17:30:29 2018: Debug:         if ("%{8}")  -> FALSE
(0) Thu May 24 17:30:29 2018: Debug:         elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i) {
(0) Thu May 24 17:30:29 2018: Debug:         elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(0) Thu May 24 17:30:29 2018: Debug:         elsif (Aruba-Essid-Name) {
(0) Thu May 24 17:30:29 2018: Debug:         elsif (Aruba-Essid-Name)  -> FALSE
(0) Thu May 24 17:30:29 2018: Debug:         elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i) {
(0) Thu May 24 17:30:29 2018: Debug:         elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(0) Thu May 24 17:30:29 2018: Debug:         [updated] = updated
(0) Thu May 24 17:30:29 2018: Debug:       } # if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  = updated
(0) Thu May 24 17:30:29 2018: Debug:       ... skipping else: Preceding "if" was taken
(0) Thu May 24 17:30:29 2018: Debug:     } # policy rewrite_called_station_id = updated
(0) Thu May 24 17:30:29 2018: Debug:     policy filter_username {
(0) Thu May 24 17:30:29 2018: Debug:       if (&User-Name) {
(0) Thu May 24 17:30:29 2018: Debug:       if (&User-Name)  -> TRUE
(0) Thu May 24 17:30:29 2018: Debug:       if (&User-Name)  {
(0) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ / /) {
(0) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ / /)  -> FALSE
(0) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /@[^@]*@/ ) {
(0) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /@[^@]*@/ )  -> FALSE
(0) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /\.\./ ) {
(0) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /\.\./ )  -> FALSE
(0) Thu May 24 17:30:29 2018: Debug:         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))  {
(0) Thu May 24 17:30:29 2018: Debug:         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))   -> FALSE
(0) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /\.$/)  {
(0) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /\.$/)   -> FALSE
(0) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /@\./)  {
(0) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /@\./)   -> FALSE
(0) Thu May 24 17:30:29 2018: Debug:       } # if (&User-Name)  = updated
(0) Thu May 24 17:30:29 2018: Debug:     } # policy filter_username = updated
(0) Thu May 24 17:30:29 2018: Debug:     policy filter_password {
(0) Thu May 24 17:30:29 2018: Debug:       if (&User-Password && 	   (&User-Password != "%{string:User-Password}")) {
(0) Thu May 24 17:30:29 2018: Debug:       if (&User-Password && 	   (&User-Password != "%{string:User-Password}"))  -> FALSE
(0) Thu May 24 17:30:29 2018: Debug:     } # policy filter_password = updated
(0) Thu May 24 17:30:29 2018: Debug:     [preprocess] = ok
(0) Thu May 24 17:30:29 2018: Debug: suffix: Checking for suffix after "@"
(0) Thu May 24 17:30:29 2018: Debug: suffix: No '@' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", skipping NULL due to config.
(0) Thu May 24 17:30:29 2018: Debug:     [suffix] = noop
(0) Thu May 24 17:30:29 2018: Debug: ntdomain: Checking for prefix before "\"
(0) Thu May 24 17:30:29 2018: Debug: ntdomain: No '\' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", looking up realm NULL
(0) Thu May 24 17:30:29 2018: Debug: ntdomain: Found realm "null"
(0) Thu May 24 17:30:29 2018: Debug: ntdomain: Adding Realm = "null"
(0) Thu May 24 17:30:29 2018: Debug: ntdomain: Authentication realm is LOCAL
(0) Thu May 24 17:30:29 2018: Debug:     [ntdomain] = ok
(0) Thu May 24 17:30:29 2018: Debug: eap: Peer sent EAP Response (code 2) ID 1 length 36
(0) Thu May 24 17:30:29 2018: Debug: eap: EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
(0) Thu May 24 17:30:29 2018: Debug:     [eap] = ok
(0) Thu May 24 17:30:29 2018: Debug:   } # authorize = ok
(0) Thu May 24 17:30:29 2018: Debug: Found Auth-Type = eap
(0) Thu May 24 17:30:29 2018: Debug: # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence
(0) Thu May 24 17:30:29 2018: Debug:   authenticate {
(0) Thu May 24 17:30:29 2018: Debug: eap: Peer sent packet with method EAP Identity (1)
(0) Thu May 24 17:30:29 2018: Debug: eap: Calling submodule eap_peap to process data
(0) Thu May 24 17:30:29 2018: Debug: eap_peap: Initiating new EAP-TLS session
(0) Thu May 24 17:30:29 2018: Debug: eap_peap: [eaptls start] = request
(0) Thu May 24 17:30:29 2018: Debug: eap: Sending EAP Request (code 1) ID 2 length 6
(0) Thu May 24 17:30:29 2018: Debug: eap: EAP session adding &reply:State = 0x49c411c249c6082f
(0) Thu May 24 17:30:29 2018: Debug:     [eap] = handled
(0) Thu May 24 17:30:29 2018: Debug:   } # authenticate = handled
(0) Thu May 24 17:30:29 2018: Debug: Using Post-Auth-Type Challenge
(0) Thu May 24 17:30:29 2018: Debug: Post-Auth-Type sub-section not found.  Ignoring.
(0) Thu May 24 17:30:29 2018: Debug: # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence
(0) Thu May 24 17:30:29 2018: Debug: Sent Access-Challenge Id 25 from 172.20.5.3:1812 to 172.20.5.79:52628 length 0
(0) Thu May 24 17:30:29 2018: Debug:   EAP-Message = 0x010200061920
(0) Thu May 24 17:30:29 2018: Debug:   Message-Authenticator = 0x00000000000000000000000000000000
(0) Thu May 24 17:30:29 2018: Debug:   State = 0x49c411c249c6082fb3b3797cce5894f4
(0) Thu May 24 17:30:29 2018: Debug:   Proxy-State = 0x3134
(0) Thu May 24 17:30:29 2018: Debug: Finished request
(1) Thu May 24 17:30:29 2018: Debug: Received Access-Request Id 8 from 172.20.5.79:52628 to 172.20.5.3:1812 length 520
(1) Thu May 24 17:30:29 2018: Debug:   Framed-MTU = 1480
(1) Thu May 24 17:30:29 2018: Debug:   NAS-IP-Address = 172.20.9.150
(1) Thu May 24 17:30:29 2018: Debug:   NAS-Identifier = "Test"
(1) Thu May 24 17:30:29 2018: Debug:   User-Name = "host/Admin-15-NB.PERSONALAMT.DE"
(1) Thu May 24 17:30:29 2018: Debug:   Service-Type = Framed-User
(1) Thu May 24 17:30:29 2018: Debug:   Framed-Protocol = PPP
(1) Thu May 24 17:30:29 2018: Debug:   NAS-Port = 1
(1) Thu May 24 17:30:29 2018: Debug:   NAS-Port-Type = Ethernet
(1) Thu May 24 17:30:29 2018: Debug:   NAS-Port-Id = "1"
(1) Thu May 24 17:30:29 2018: Debug:   Called-Station-Id = "94-18-82-b9-32-80"
(1) Thu May 24 17:30:29 2018: Debug:   Calling-Station-Id = "00-e0-4c-60-43-20"
(1) Thu May 24 17:30:29 2018: Debug:   Connect-Info = "CONNECT Ethernet 1000Mbps Full duplex"
(1) Thu May 24 17:30:29 2018: Debug:   Tunnel-Type:0 = VLAN
(1) Thu May 24 17:30:29 2018: Debug:   Tunnel-Medium-Type:0 = IEEE-802
(1) Thu May 24 17:30:29 2018: Debug:   Tunnel-Private-Group-Id:0 = "1"
(1) Thu May 24 17:30:29 2018: Debug:   State = 0x49c411c249c6082fb3b3797cce5894f4
(1) Thu May 24 17:30:29 2018: Debug:   EAP-Message = 0x020200a619800000009c16030300970100009303035b06da94218ad8be62e68a5597bfdebed186a04d4b719f26cb30cf87486b51c200002ac02cc02bc030c02f009f009ec024c023c028c027c00ac009c014c013009d009c003d003c0035002f000a01000040000500050100000000000a00080006001d
(1) Thu May 24 17:30:29 2018: Debug:   Message-Authenticator = 0x95f7b8858d65bd7c000a05026301c991
(1) Thu May 24 17:30:29 2018: Debug:   MS-RAS-Vendor = 11
(1) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x011a0000000b28
(1) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x011a0000000b2e
(1) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x011a0000000b30
(1) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x011a0000000b3d
(1) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x0138
(1) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x013a
(1) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x0140
(1) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x0141
(1) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x0151
(1) Thu May 24 17:30:29 2018: Debug:   Proxy-State = 0x3135
(1) Thu May 24 17:30:29 2018: Debug: session-state: No cached attributes
(1) Thu May 24 17:30:29 2018: Debug: # Executing section authorize from file /usr/local/pf/raddb/sites-enabled/packetfence
(1) Thu May 24 17:30:29 2018: Debug:   authorize {
(1) Thu May 24 17:30:29 2018: Debug:     update {
(1) Thu May 24 17:30:29 2018: Debug:       EXPAND %{Packet-Src-IP-Address}
(1) Thu May 24 17:30:29 2018: Debug:          --> 172.20.5.79
(1) Thu May 24 17:30:29 2018: Debug:       EXPAND %l
(1) Thu May 24 17:30:29 2018: Debug:          --> 1527175829
(1) Thu May 24 17:30:29 2018: Debug:     } # update = noop
(1) Thu May 24 17:30:29 2018: Debug:     policy packetfence-set-tenant-id {
(1) Thu May 24 17:30:29 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0") {
(1) Thu May 24 17:30:29 2018: Debug:       EXPAND %{%{control:PacketFence-Tenant-Id}:-0}
(1) Thu May 24 17:30:29 2018: Debug:          --> 0
(1) Thu May 24 17:30:29 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  -> TRUE
(1) Thu May 24 17:30:29 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  {
(1) Thu May 24 17:30:29 2018: Debug:         update control {
(1) Thu May 24 17:30:29 2018: Debug:           EXPAND %{User-Name}
(1) Thu May 24 17:30:29 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(1) Thu May 24 17:30:29 2018: Debug:           SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(1) Thu May 24 17:30:29 2018: Debug:           Executing select query:  SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '172.20.5.79'), 0)
(1) Thu May 24 17:30:29 2018: Debug:           EXPAND %{sql: SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '%{Packet-Src-IP-Address}'), 0)}
(1) Thu May 24 17:30:29 2018: Debug:              --> 0
(1) Thu May 24 17:30:29 2018: Debug:         } # update control = noop
(1) Thu May 24 17:30:29 2018: Debug:       } # if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  = noop
(1) Thu May 24 17:30:29 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 ) {
(1) Thu May 24 17:30:29 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  -> TRUE
(1) Thu May 24 17:30:29 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  {
(1) Thu May 24 17:30:29 2018: Debug:         update control {
(1) Thu May 24 17:30:29 2018: Debug:           EXPAND %{User-Name}
(1) Thu May 24 17:30:29 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(1) Thu May 24 17:30:29 2018: Debug:           SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(1) Thu May 24 17:30:29 2018: Debug:           Executing select query:  SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('172.20.5.79') and INET_ATON('172.20.5.79') <= end_ip order by range_length limit 1), 1)
(1) Thu May 24 17:30:29 2018: Debug:           EXPAND %{sql: SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('%{Packet-Src-IP-Address}') and INET_ATON('%{Packet-Src-IP-Address}') <= end_ip order by range_length limit 1), 1)}
(1) Thu May 24 17:30:29 2018: Debug:              --> 1
(1) Thu May 24 17:30:29 2018: Debug:         } # update control = noop
(1) Thu May 24 17:30:29 2018: Debug:       } # if ( &control:PacketFence-Tenant-Id == 0 )  = noop
(1) Thu May 24 17:30:29 2018: Debug:     } # policy packetfence-set-tenant-id = noop
(1) Thu May 24 17:30:29 2018: Debug:     policy rewrite_calling_station_id {
(1) Thu May 24 17:30:29 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i)) {
(1) Thu May 24 17:30:29 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  -> TRUE
(1) Thu May 24 17:30:29 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  {
(1) Thu May 24 17:30:29 2018: Debug:         update request {
(1) Thu May 24 17:30:29 2018: Debug:           EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(1) Thu May 24 17:30:29 2018: Debug:              --> 00:e0:4c:60:43:20
(1) Thu May 24 17:30:29 2018: Debug:         } # update request = noop
(1) Thu May 24 17:30:29 2018: Debug:         [updated] = updated
(1) Thu May 24 17:30:29 2018: Debug:       } # if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  = updated
(1) Thu May 24 17:30:29 2018: Debug:       ... skipping else: Preceding "if" was taken
(1) Thu May 24 17:30:29 2018: Debug:     } # policy rewrite_calling_station_id = updated
(1) Thu May 24 17:30:29 2018: Debug:     policy rewrite_called_station_id {
(1) Thu May 24 17:30:29 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i)) {
(1) Thu May 24 17:30:29 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  -> TRUE
(1) Thu May 24 17:30:29 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  {
(1) Thu May 24 17:30:29 2018: Debug:         update request {
(1) Thu May 24 17:30:29 2018: Debug:           EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(1) Thu May 24 17:30:29 2018: Debug:              --> 94:18:82:b9:32:80
(1) Thu May 24 17:30:29 2018: Debug:         } # update request = noop
(1) Thu May 24 17:30:29 2018: Debug:         if ("%{8}") {
(1) Thu May 24 17:30:29 2018: Debug:         EXPAND %{8}
(1) Thu May 24 17:30:29 2018: Debug:            -->
(1) Thu May 24 17:30:29 2018: Debug:         if ("%{8}")  -> FALSE
(1) Thu May 24 17:30:29 2018: Debug:         elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i) {
(1) Thu May 24 17:30:29 2018: Debug:         elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(1) Thu May 24 17:30:29 2018: Debug:         elsif (Aruba-Essid-Name) {
(1) Thu May 24 17:30:29 2018: Debug:         elsif (Aruba-Essid-Name)  -> FALSE
(1) Thu May 24 17:30:29 2018: Debug:         elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i) {
(1) Thu May 24 17:30:29 2018: Debug:         elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(1) Thu May 24 17:30:29 2018: Debug:         [updated] = updated
(1) Thu May 24 17:30:29 2018: Debug:       } # if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  = updated
(1) Thu May 24 17:30:29 2018: Debug:       ... skipping else: Preceding "if" was taken
(1) Thu May 24 17:30:29 2018: Debug:     } # policy rewrite_called_station_id = updated
(1) Thu May 24 17:30:29 2018: Debug:     policy filter_username {
(1) Thu May 24 17:30:29 2018: Debug:       if (&User-Name) {
(1) Thu May 24 17:30:29 2018: Debug:       if (&User-Name)  -> TRUE
(1) Thu May 24 17:30:29 2018: Debug:       if (&User-Name)  {
(1) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ / /) {
(1) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ / /)  -> FALSE
(1) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /@[^@]*@/ ) {
(1) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /@[^@]*@/ )  -> FALSE
(1) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /\.\./ ) {
(1) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /\.\./ )  -> FALSE
(1) Thu May 24 17:30:29 2018: Debug:         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))  {
(1) Thu May 24 17:30:29 2018: Debug:         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))   -> FALSE
(1) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /\.$/)  {
(1) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /\.$/)   -> FALSE
(1) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /@\./)  {
(1) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /@\./)   -> FALSE
(1) Thu May 24 17:30:29 2018: Debug:       } # if (&User-Name)  = updated
(1) Thu May 24 17:30:29 2018: Debug:     } # policy filter_username = updated
(1) Thu May 24 17:30:29 2018: Debug:     policy filter_password {
(1) Thu May 24 17:30:29 2018: Debug:       if (&User-Password && 	   (&User-Password != "%{string:User-Password}")) {
(1) Thu May 24 17:30:29 2018: Debug:       if (&User-Password && 	   (&User-Password != "%{string:User-Password}"))  -> FALSE
(1) Thu May 24 17:30:29 2018: Debug:     } # policy filter_password = updated
(1) Thu May 24 17:30:29 2018: Debug:     [preprocess] = ok
(1) Thu May 24 17:30:29 2018: Debug: suffix: Checking for suffix after "@"
(1) Thu May 24 17:30:29 2018: Debug: suffix: No '@' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", skipping NULL due to config.
(1) Thu May 24 17:30:29 2018: Debug:     [suffix] = noop
(1) Thu May 24 17:30:29 2018: Debug: ntdomain: Checking for prefix before "\"
(1) Thu May 24 17:30:29 2018: Debug: ntdomain: No '\' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", looking up realm NULL
(1) Thu May 24 17:30:29 2018: Debug: ntdomain: Found realm "null"
(1) Thu May 24 17:30:29 2018: Debug: ntdomain: Adding Realm = "null"
(1) Thu May 24 17:30:29 2018: Debug: ntdomain: Authentication realm is LOCAL
(1) Thu May 24 17:30:29 2018: Debug:     [ntdomain] = ok
(1) Thu May 24 17:30:29 2018: Debug: eap: Peer sent EAP Response (code 2) ID 2 length 166
(1) Thu May 24 17:30:29 2018: Debug: eap: Continuing tunnel setup
(1) Thu May 24 17:30:29 2018: Debug:     [eap] = ok
(1) Thu May 24 17:30:29 2018: Debug:   } # authorize = ok
(1) Thu May 24 17:30:29 2018: Debug: Found Auth-Type = eap
(1) Thu May 24 17:30:29 2018: Debug: # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence
(1) Thu May 24 17:30:29 2018: Debug:   authenticate {
(1) Thu May 24 17:30:29 2018: Debug: eap: Expiring EAP session with state 0x49c411c249c6082f
(1) Thu May 24 17:30:29 2018: Debug: eap: Finished EAP session with state 0x49c411c249c6082f
(1) Thu May 24 17:30:29 2018: Debug: eap: Previous EAP request found for state 0x49c411c249c6082f, released from the list
(1) Thu May 24 17:30:29 2018: Debug: eap: Peer sent packet with method EAP PEAP (25)
(1) Thu May 24 17:30:29 2018: Debug: eap: Calling submodule eap_peap to process data
(1) Thu May 24 17:30:29 2018: Debug: eap_peap: Continuing EAP-TLS
(1) Thu May 24 17:30:29 2018: Debug: eap_peap: Peer indicated complete TLS record size will be 156 bytes
(1) Thu May 24 17:30:29 2018: Debug: eap_peap: Got complete TLS record (156 bytes)
(1) Thu May 24 17:30:29 2018: Debug: eap_peap: [eaptls verify] = length included
(1) Thu May 24 17:30:29 2018: Debug: eap_peap: (other): before/accept initialization
(1) Thu May 24 17:30:29 2018: Debug: eap_peap: TLS_accept: before/accept initialization
(1) Thu May 24 17:30:29 2018: Debug: eap_peap: TLS_accept: SSLv3 read client hello A
(1) Thu May 24 17:30:29 2018: Debug: eap_peap: TLS_accept: SSLv3 write server hello A
(1) Thu May 24 17:30:29 2018: Debug: eap_peap: TLS_accept: SSLv3 write certificate A
(1) Thu May 24 17:30:29 2018: Debug: eap_peap: TLS_accept: SSLv3 write key exchange A
(1) Thu May 24 17:30:29 2018: Debug: eap_peap: TLS_accept: SSLv3 write server done A
(1) Thu May 24 17:30:29 2018: Debug: eap_peap: TLS_accept: SSLv3 flush data
(1) Thu May 24 17:30:29 2018: Debug: eap_peap: TLS_accept: SSLv3 read client certificate A
(1) Thu May 24 17:30:29 2018: Debug: eap_peap: TLS_accept: Need to read more data: SSLv3 read client key exchange A
(1) Thu May 24 17:30:29 2018: Debug: eap_peap: TLS_accept: Need to read more data: SSLv3 read client key exchange A
(1) Thu May 24 17:30:29 2018: Debug: eap_peap: In SSL Handshake Phase
(1) Thu May 24 17:30:29 2018: Debug: eap_peap: In SSL Accept mode
(1) Thu May 24 17:30:29 2018: Debug: eap_peap: [eaptls process] = handled
(1) Thu May 24 17:30:29 2018: Debug: eap: Sending EAP Request (code 1) ID 3 length 1004
(1) Thu May 24 17:30:29 2018: Debug: eap: EAP session adding &reply:State = 0x49c411c248c7082f
(1) Thu May 24 17:30:29 2018: Debug:     [eap] = handled
(1) Thu May 24 17:30:29 2018: Debug:   } # authenticate = handled
(1) Thu May 24 17:30:29 2018: Debug: Using Post-Auth-Type Challenge
(1) Thu May 24 17:30:29 2018: Debug: Post-Auth-Type sub-section not found.  Ignoring.
(1) Thu May 24 17:30:29 2018: Debug: # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence
(1) Thu May 24 17:30:29 2018: Debug: Sent Access-Challenge Id 8 from 172.20.5.3:1812 to 172.20.5.79:52628 length 0
(1) Thu May 24 17:30:29 2018: Debug:   EAP-Message = 0x010303ec19c000000ef11603030039020000350303b92d82b691d11d3e346c50cb14b78f557a46944605b693a7f89d9c0f431797ea00c03000000dff01000100000b0004030001021603030d530b000d4f000d4c0006723082066e30820456a00302010202131c00000069cf888ce5f58d0c7b00040000
(1) Thu May 24 17:30:29 2018: Debug:   Message-Authenticator = 0x00000000000000000000000000000000
(1) Thu May 24 17:30:29 2018: Debug:   State = 0x49c411c248c7082fb3b3797cce5894f4
(1) Thu May 24 17:30:29 2018: Debug:   Proxy-State = 0x3135
(1) Thu May 24 17:30:29 2018: Debug: Finished request
(2) Thu May 24 17:30:29 2018: Debug: Received Access-Request Id 98 from 172.20.5.79:52628 to 172.20.5.3:1812 length 360
(2) Thu May 24 17:30:29 2018: Debug:   Framed-MTU = 1480
(2) Thu May 24 17:30:29 2018: Debug:   NAS-IP-Address = 172.20.9.150
(2) Thu May 24 17:30:29 2018: Debug:   NAS-Identifier = "Test"
(2) Thu May 24 17:30:29 2018: Debug:   User-Name = "host/Admin-15-NB.PERSONALAMT.DE"
(2) Thu May 24 17:30:29 2018: Debug:   Service-Type = Framed-User
(2) Thu May 24 17:30:29 2018: Debug:   Framed-Protocol = PPP
(2) Thu May 24 17:30:29 2018: Debug:   NAS-Port = 1
(2) Thu May 24 17:30:29 2018: Debug:   NAS-Port-Type = Ethernet
(2) Thu May 24 17:30:29 2018: Debug:   NAS-Port-Id = "1"
(2) Thu May 24 17:30:29 2018: Debug:   Called-Station-Id = "94-18-82-b9-32-80"
(2) Thu May 24 17:30:29 2018: Debug:   Calling-Station-Id = "00-e0-4c-60-43-20"
(2) Thu May 24 17:30:29 2018: Debug:   Connect-Info = "CONNECT Ethernet 1000Mbps Full duplex"
(2) Thu May 24 17:30:29 2018: Debug:   Tunnel-Type:0 = VLAN
(2) Thu May 24 17:30:29 2018: Debug:   Tunnel-Medium-Type:0 = IEEE-802
(2) Thu May 24 17:30:29 2018: Debug:   Tunnel-Private-Group-Id:0 = "1"
(2) Thu May 24 17:30:29 2018: Debug:   State = 0x49c411c248c7082fb3b3797cce5894f4
(2) Thu May 24 17:30:29 2018: Debug:   EAP-Message = 0x020300061900
(2) Thu May 24 17:30:29 2018: Debug:   Message-Authenticator = 0xdfa0273502264dfec8a6595aeaf12f71
(2) Thu May 24 17:30:29 2018: Debug:   MS-RAS-Vendor = 11
(2) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x011a0000000b28
(2) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x011a0000000b2e
(2) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x011a0000000b30
(2) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x011a0000000b3d
(2) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x0138
(2) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x013a
(2) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x0140
(2) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x0141
(2) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x0151
(2) Thu May 24 17:30:29 2018: Debug:   Proxy-State = 0x3136
(2) Thu May 24 17:30:29 2018: Debug: session-state: No cached attributes
(2) Thu May 24 17:30:29 2018: Debug: # Executing section authorize from file /usr/local/pf/raddb/sites-enabled/packetfence
(2) Thu May 24 17:30:29 2018: Debug:   authorize {
(2) Thu May 24 17:30:29 2018: Debug:     update {
(2) Thu May 24 17:30:29 2018: Debug:       EXPAND %{Packet-Src-IP-Address}
(2) Thu May 24 17:30:29 2018: Debug:          --> 172.20.5.79
(2) Thu May 24 17:30:29 2018: Debug:       EXPAND %l
(2) Thu May 24 17:30:29 2018: Debug:          --> 1527175829
(2) Thu May 24 17:30:29 2018: Debug:     } # update = noop
(2) Thu May 24 17:30:29 2018: Debug:     policy packetfence-set-tenant-id {
(2) Thu May 24 17:30:29 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0") {
(2) Thu May 24 17:30:29 2018: Debug:       EXPAND %{%{control:PacketFence-Tenant-Id}:-0}
(2) Thu May 24 17:30:29 2018: Debug:          --> 0
(2) Thu May 24 17:30:29 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  -> TRUE
(2) Thu May 24 17:30:29 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  {
(2) Thu May 24 17:30:29 2018: Debug:         update control {
(2) Thu May 24 17:30:29 2018: Debug:           EXPAND %{User-Name}
(2) Thu May 24 17:30:29 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(2) Thu May 24 17:30:29 2018: Debug:           SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(2) Thu May 24 17:30:29 2018: Debug:           Executing select query:  SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '172.20.5.79'), 0)
(2) Thu May 24 17:30:29 2018: Debug:           EXPAND %{sql: SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '%{Packet-Src-IP-Address}'), 0)}
(2) Thu May 24 17:30:29 2018: Debug:              --> 0
(2) Thu May 24 17:30:29 2018: Debug:         } # update control = noop
(2) Thu May 24 17:30:29 2018: Debug:       } # if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  = noop
(2) Thu May 24 17:30:29 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 ) {
(2) Thu May 24 17:30:29 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  -> TRUE
(2) Thu May 24 17:30:29 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  {
(2) Thu May 24 17:30:29 2018: Debug:         update control {
(2) Thu May 24 17:30:29 2018: Debug:           EXPAND %{User-Name}
(2) Thu May 24 17:30:29 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(2) Thu May 24 17:30:29 2018: Debug:           SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(2) Thu May 24 17:30:29 2018: Debug:           Executing select query:  SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('172.20.5.79') and INET_ATON('172.20.5.79') <= end_ip order by range_length limit 1), 1)
(2) Thu May 24 17:30:29 2018: Debug:           EXPAND %{sql: SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('%{Packet-Src-IP-Address}') and INET_ATON('%{Packet-Src-IP-Address}') <= end_ip order by range_length limit 1), 1)}
(2) Thu May 24 17:30:29 2018: Debug:              --> 1
(2) Thu May 24 17:30:29 2018: Debug:         } # update control = noop
(2) Thu May 24 17:30:29 2018: Debug:       } # if ( &control:PacketFence-Tenant-Id == 0 )  = noop
(2) Thu May 24 17:30:29 2018: Debug:     } # policy packetfence-set-tenant-id = noop
(2) Thu May 24 17:30:29 2018: Debug:     policy rewrite_calling_station_id {
(2) Thu May 24 17:30:29 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i)) {
(2) Thu May 24 17:30:29 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  -> TRUE
(2) Thu May 24 17:30:29 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  {
(2) Thu May 24 17:30:29 2018: Debug:         update request {
(2) Thu May 24 17:30:29 2018: Debug:           EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(2) Thu May 24 17:30:29 2018: Debug:              --> 00:e0:4c:60:43:20
(2) Thu May 24 17:30:29 2018: Debug:         } # update request = noop
(2) Thu May 24 17:30:29 2018: Debug:         [updated] = updated
(2) Thu May 24 17:30:29 2018: Debug:       } # if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  = updated
(2) Thu May 24 17:30:29 2018: Debug:       ... skipping else: Preceding "if" was taken
(2) Thu May 24 17:30:29 2018: Debug:     } # policy rewrite_calling_station_id = updated
(2) Thu May 24 17:30:29 2018: Debug:     policy rewrite_called_station_id {
(2) Thu May 24 17:30:29 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i)) {
(2) Thu May 24 17:30:29 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  -> TRUE
(2) Thu May 24 17:30:29 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  {
(2) Thu May 24 17:30:29 2018: Debug:         update request {
(2) Thu May 24 17:30:29 2018: Debug:           EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(2) Thu May 24 17:30:29 2018: Debug:              --> 94:18:82:b9:32:80
(2) Thu May 24 17:30:29 2018: Debug:         } # update request = noop
(2) Thu May 24 17:30:29 2018: Debug:         if ("%{8}") {
(2) Thu May 24 17:30:29 2018: Debug:         EXPAND %{8}
(2) Thu May 24 17:30:29 2018: Debug:            -->
(2) Thu May 24 17:30:29 2018: Debug:         if ("%{8}")  -> FALSE
(2) Thu May 24 17:30:29 2018: Debug:         elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i) {
(2) Thu May 24 17:30:29 2018: Debug:         elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(2) Thu May 24 17:30:29 2018: Debug:         elsif (Aruba-Essid-Name) {
(2) Thu May 24 17:30:29 2018: Debug:         elsif (Aruba-Essid-Name)  -> FALSE
(2) Thu May 24 17:30:29 2018: Debug:         elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i) {
(2) Thu May 24 17:30:29 2018: Debug:         elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(2) Thu May 24 17:30:29 2018: Debug:         [updated] = updated
(2) Thu May 24 17:30:29 2018: Debug:       } # if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  = updated
(2) Thu May 24 17:30:29 2018: Debug:       ... skipping else: Preceding "if" was taken
(2) Thu May 24 17:30:29 2018: Debug:     } # policy rewrite_called_station_id = updated
(2) Thu May 24 17:30:29 2018: Debug:     policy filter_username {
(2) Thu May 24 17:30:29 2018: Debug:       if (&User-Name) {
(2) Thu May 24 17:30:29 2018: Debug:       if (&User-Name)  -> TRUE
(2) Thu May 24 17:30:29 2018: Debug:       if (&User-Name)  {
(2) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ / /) {
(2) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ / /)  -> FALSE
(2) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /@[^@]*@/ ) {
(2) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /@[^@]*@/ )  -> FALSE
(2) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /\.\./ ) {
(2) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /\.\./ )  -> FALSE
(2) Thu May 24 17:30:29 2018: Debug:         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))  {
(2) Thu May 24 17:30:29 2018: Debug:         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))   -> FALSE
(2) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /\.$/)  {
(2) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /\.$/)   -> FALSE
(2) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /@\./)  {
(2) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /@\./)   -> FALSE
(2) Thu May 24 17:30:29 2018: Debug:       } # if (&User-Name)  = updated
(2) Thu May 24 17:30:29 2018: Debug:     } # policy filter_username = updated
(2) Thu May 24 17:30:29 2018: Debug:     policy filter_password {
(2) Thu May 24 17:30:29 2018: Debug:       if (&User-Password && 	   (&User-Password != "%{string:User-Password}")) {
(2) Thu May 24 17:30:29 2018: Debug:       if (&User-Password && 	   (&User-Password != "%{string:User-Password}"))  -> FALSE
(2) Thu May 24 17:30:29 2018: Debug:     } # policy filter_password = updated
(2) Thu May 24 17:30:29 2018: Debug:     [preprocess] = ok
(2) Thu May 24 17:30:29 2018: Debug: suffix: Checking for suffix after "@"
(2) Thu May 24 17:30:29 2018: Debug: suffix: No '@' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", skipping NULL due to config.
(2) Thu May 24 17:30:29 2018: Debug:     [suffix] = noop
(2) Thu May 24 17:30:29 2018: Debug: ntdomain: Checking for prefix before "\"
(2) Thu May 24 17:30:29 2018: Debug: ntdomain: No '\' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", looking up realm NULL
(2) Thu May 24 17:30:29 2018: Debug: ntdomain: Found realm "null"
(2) Thu May 24 17:30:29 2018: Debug: ntdomain: Adding Realm = "null"
(2) Thu May 24 17:30:29 2018: Debug: ntdomain: Authentication realm is LOCAL
(2) Thu May 24 17:30:29 2018: Debug:     [ntdomain] = ok
(2) Thu May 24 17:30:29 2018: Debug: eap: Peer sent EAP Response (code 2) ID 3 length 6
(2) Thu May 24 17:30:29 2018: Debug: eap: Continuing tunnel setup
(2) Thu May 24 17:30:29 2018: Debug:     [eap] = ok
(2) Thu May 24 17:30:29 2018: Debug:   } # authorize = ok
(2) Thu May 24 17:30:29 2018: Debug: Found Auth-Type = eap
(2) Thu May 24 17:30:29 2018: Debug: # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence
(2) Thu May 24 17:30:29 2018: Debug:   authenticate {
(2) Thu May 24 17:30:29 2018: Debug: eap: Expiring EAP session with state 0x49c411c248c7082f
(2) Thu May 24 17:30:29 2018: Debug: eap: Finished EAP session with state 0x49c411c248c7082f
(2) Thu May 24 17:30:29 2018: Debug: eap: Previous EAP request found for state 0x49c411c248c7082f, released from the list
(2) Thu May 24 17:30:29 2018: Debug: eap: Peer sent packet with method EAP PEAP (25)
(2) Thu May 24 17:30:29 2018: Debug: eap: Calling submodule eap_peap to process data
(2) Thu May 24 17:30:29 2018: Debug: eap_peap: Continuing EAP-TLS
(2) Thu May 24 17:30:29 2018: Debug: eap_peap: Peer ACKed our handshake fragment
(2) Thu May 24 17:30:29 2018: Debug: eap_peap: [eaptls verify] = request
(2) Thu May 24 17:30:29 2018: Debug: eap_peap: [eaptls process] = handled
(2) Thu May 24 17:30:29 2018: Debug: eap: Sending EAP Request (code 1) ID 4 length 1000
(2) Thu May 24 17:30:29 2018: Debug: eap: EAP session adding &reply:State = 0x49c411c24bc0082f
(2) Thu May 24 17:30:29 2018: Debug:     [eap] = handled
(2) Thu May 24 17:30:29 2018: Debug:   } # authenticate = handled
(2) Thu May 24 17:30:29 2018: Debug: Using Post-Auth-Type Challenge
(2) Thu May 24 17:30:29 2018: Debug: Post-Auth-Type sub-section not found.  Ignoring.
(2) Thu May 24 17:30:29 2018: Debug: # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence
(2) Thu May 24 17:30:29 2018: Debug: Sent Access-Challenge Id 98 from 172.20.5.3:1812 to 172.20.5.79:52628 length 0
(2) Thu May 24 17:30:29 2018: Debug:   EAP-Message = 0x010403e81940412c434e3d5075626c69632532304b657925323053657276696365732c434e3d53657276696365732c434e3d436f6e66696775726174696f6e2c44433d504552534f4e414c414d542c44433d44453f634143657274696669636174653f626173653f6f626a656374436c6173733d636572
(2) Thu May 24 17:30:29 2018: Debug:   Message-Authenticator = 0x00000000000000000000000000000000
(2) Thu May 24 17:30:29 2018: Debug:   State = 0x49c411c24bc0082fb3b3797cce5894f4
(2) Thu May 24 17:30:29 2018: Debug:   Proxy-State = 0x3136
(2) Thu May 24 17:30:29 2018: Debug: Finished request
(3) Thu May 24 17:30:29 2018: Debug: Received Access-Request Id 46 from 172.20.5.79:52628 to 172.20.5.3:1812 length 360
(3) Thu May 24 17:30:29 2018: Debug:   Framed-MTU = 1480
(3) Thu May 24 17:30:29 2018: Debug:   NAS-IP-Address = 172.20.9.150
(3) Thu May 24 17:30:29 2018: Debug:   NAS-Identifier = "Test"
(3) Thu May 24 17:30:29 2018: Debug:   User-Name = "host/Admin-15-NB.PERSONALAMT.DE"
(3) Thu May 24 17:30:29 2018: Debug:   Service-Type = Framed-User
(3) Thu May 24 17:30:29 2018: Debug:   Framed-Protocol = PPP
(3) Thu May 24 17:30:29 2018: Debug:   NAS-Port = 1
(3) Thu May 24 17:30:29 2018: Debug:   NAS-Port-Type = Ethernet
(3) Thu May 24 17:30:29 2018: Debug:   NAS-Port-Id = "1"
(3) Thu May 24 17:30:29 2018: Debug:   Called-Station-Id = "94-18-82-b9-32-80"
(3) Thu May 24 17:30:29 2018: Debug:   Calling-Station-Id = "00-e0-4c-60-43-20"
(3) Thu May 24 17:30:29 2018: Debug:   Connect-Info = "CONNECT Ethernet 1000Mbps Full duplex"
(3) Thu May 24 17:30:29 2018: Debug:   Tunnel-Type:0 = VLAN
(3) Thu May 24 17:30:29 2018: Debug:   Tunnel-Medium-Type:0 = IEEE-802
(3) Thu May 24 17:30:29 2018: Debug:   Tunnel-Private-Group-Id:0 = "1"
(3) Thu May 24 17:30:29 2018: Debug:   State = 0x49c411c24bc0082fb3b3797cce5894f4
(3) Thu May 24 17:30:29 2018: Debug:   EAP-Message = 0x020400061900
(3) Thu May 24 17:30:29 2018: Debug:   Message-Authenticator = 0x5b12c3df57f3f0f4904afac48a2d58c9
(3) Thu May 24 17:30:29 2018: Debug:   MS-RAS-Vendor = 11
(3) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x011a0000000b28
(3) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x011a0000000b2e
(3) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x011a0000000b30
(3) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x011a0000000b3d
(3) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x0138
(3) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x013a
(3) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x0140
(3) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x0141
(3) Thu May 24 17:30:29 2018: Debug:   HP-Capability-Advert = 0x0151
(3) Thu May 24 17:30:29 2018: Debug:   Proxy-State = 0x3137
(3) Thu May 24 17:30:29 2018: Debug: session-state: No cached attributes
(3) Thu May 24 17:30:29 2018: Debug: # Executing section authorize from file /usr/local/pf/raddb/sites-enabled/packetfence
(3) Thu May 24 17:30:29 2018: Debug:   authorize {
(3) Thu May 24 17:30:29 2018: Debug:     update {
(3) Thu May 24 17:30:29 2018: Debug:       EXPAND %{Packet-Src-IP-Address}
(3) Thu May 24 17:30:29 2018: Debug:          --> 172.20.5.79
(3) Thu May 24 17:30:29 2018: Debug:       EXPAND %l
(3) Thu May 24 17:30:29 2018: Debug:          --> 1527175829
(3) Thu May 24 17:30:29 2018: Debug:     } # update = noop
(3) Thu May 24 17:30:29 2018: Debug:     policy packetfence-set-tenant-id {
(3) Thu May 24 17:30:29 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0") {
(3) Thu May 24 17:30:29 2018: Debug:       EXPAND %{%{control:PacketFence-Tenant-Id}:-0}
(3) Thu May 24 17:30:29 2018: Debug:          --> 0
(3) Thu May 24 17:30:29 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  -> TRUE
(3) Thu May 24 17:30:29 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  {
(3) Thu May 24 17:30:29 2018: Debug:         update control {
(3) Thu May 24 17:30:29 2018: Debug:           EXPAND %{User-Name}
(3) Thu May 24 17:30:29 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(3) Thu May 24 17:30:29 2018: Debug:           SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(3) Thu May 24 17:30:29 2018: Debug:           Executing select query:  SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '172.20.5.79'), 0)
(3) Thu May 24 17:30:29 2018: Debug:           EXPAND %{sql: SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '%{Packet-Src-IP-Address}'), 0)}
(3) Thu May 24 17:30:29 2018: Debug:              --> 0
(3) Thu May 24 17:30:29 2018: Debug:         } # update control = noop
(3) Thu May 24 17:30:29 2018: Debug:       } # if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  = noop
(3) Thu May 24 17:30:29 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 ) {
(3) Thu May 24 17:30:29 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  -> TRUE
(3) Thu May 24 17:30:29 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  {
(3) Thu May 24 17:30:29 2018: Debug:         update control {
(3) Thu May 24 17:30:29 2018: Debug:           EXPAND %{User-Name}
(3) Thu May 24 17:30:29 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(3) Thu May 24 17:30:29 2018: Debug:           SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(3) Thu May 24 17:30:29 2018: Debug:           Executing select query:  SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('172.20.5.79') and INET_ATON('172.20.5.79') <= end_ip order by range_length limit 1), 1)
(3) Thu May 24 17:30:29 2018: Debug:           EXPAND %{sql: SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('%{Packet-Src-IP-Address}') and INET_ATON('%{Packet-Src-IP-Address}') <= end_ip order by range_length limit 1), 1)}
(3) Thu May 24 17:30:29 2018: Debug:              --> 1
(3) Thu May 24 17:30:29 2018: Debug:         } # update control = noop
(3) Thu May 24 17:30:29 2018: Debug:       } # if ( &control:PacketFence-Tenant-Id == 0 )  = noop
(3) Thu May 24 17:30:29 2018: Debug:     } # policy packetfence-set-tenant-id = noop
(3) Thu May 24 17:30:29 2018: Debug:     policy rewrite_calling_station_id {
(3) Thu May 24 17:30:29 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i)) {
(3) Thu May 24 17:30:29 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  -> TRUE
(3) Thu May 24 17:30:29 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  {
(3) Thu May 24 17:30:29 2018: Debug:         update request {
(3) Thu May 24 17:30:29 2018: Debug:           EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(3) Thu May 24 17:30:29 2018: Debug:              --> 00:e0:4c:60:43:20
(3) Thu May 24 17:30:29 2018: Debug:         } # update request = noop
(3) Thu May 24 17:30:29 2018: Debug:         [updated] = updated
(3) Thu May 24 17:30:29 2018: Debug:       } # if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  = updated
(3) Thu May 24 17:30:29 2018: Debug:       ... skipping else: Preceding "if" was taken
(3) Thu May 24 17:30:29 2018: Debug:     } # policy rewrite_calling_station_id = updated
(3) Thu May 24 17:30:29 2018: Debug:     policy rewrite_called_station_id {
(3) Thu May 24 17:30:29 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i)) {
(3) Thu May 24 17:30:29 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  -> TRUE
(3) Thu May 24 17:30:29 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  {
(3) Thu May 24 17:30:29 2018: Debug:         update request {
(3) Thu May 24 17:30:29 2018: Debug:           EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(3) Thu May 24 17:30:29 2018: Debug:              --> 94:18:82:b9:32:80
(3) Thu May 24 17:30:29 2018: Debug:         } # update request = noop
(3) Thu May 24 17:30:29 2018: Debug:         if ("%{8}") {
(3) Thu May 24 17:30:29 2018: Debug:         EXPAND %{8}
(3) Thu May 24 17:30:29 2018: Debug:            -->
(3) Thu May 24 17:30:29 2018: Debug:         if ("%{8}")  -> FALSE
(3) Thu May 24 17:30:29 2018: Debug:         elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i) {
(3) Thu May 24 17:30:29 2018: Debug:         elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(3) Thu May 24 17:30:29 2018: Debug:         elsif (Aruba-Essid-Name) {
(3) Thu May 24 17:30:29 2018: Debug:         elsif (Aruba-Essid-Name)  -> FALSE
(3) Thu May 24 17:30:29 2018: Debug:         elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i) {
(3) Thu May 24 17:30:29 2018: Debug:         elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(3) Thu May 24 17:30:29 2018: Debug:         [updated] = updated
(3) Thu May 24 17:30:29 2018: Debug:       } # if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  = updated
(3) Thu May 24 17:30:29 2018: Debug:       ... skipping else: Preceding "if" was taken
(3) Thu May 24 17:30:29 2018: Debug:     } # policy rewrite_called_station_id = updated
(3) Thu May 24 17:30:29 2018: Debug:     policy filter_username {
(3) Thu May 24 17:30:29 2018: Debug:       if (&User-Name) {
(3) Thu May 24 17:30:29 2018: Debug:       if (&User-Name)  -> TRUE
(3) Thu May 24 17:30:29 2018: Debug:       if (&User-Name)  {
(3) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ / /) {
(3) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ / /)  -> FALSE
(3) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /@[^@]*@/ ) {
(3) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /@[^@]*@/ )  -> FALSE
(3) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /\.\./ ) {
(3) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /\.\./ )  -> FALSE
(3) Thu May 24 17:30:29 2018: Debug:         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))  {
(3) Thu May 24 17:30:29 2018: Debug:         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))   -> FALSE
(3) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /\.$/)  {
(3) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /\.$/)   -> FALSE
(3) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /@\./)  {
(3) Thu May 24 17:30:29 2018: Debug:         if (&User-Name =~ /@\./)   -> FALSE
(3) Thu May 24 17:30:29 2018: Debug:       } # if (&User-Name)  = updated
(3) Thu May 24 17:30:29 2018: Debug:     } # policy filter_username = updated
(3) Thu May 24 17:30:29 2018: Debug:     policy filter_password {
(3) Thu May 24 17:30:29 2018: Debug:       if (&User-Password && 	   (&User-Password != "%{string:User-Password}")) {
(3) Thu May 24 17:30:29 2018: Debug:       if (&User-Password && 	   (&User-Password != "%{string:User-Password}"))  -> FALSE
(3) Thu May 24 17:30:29 2018: Debug:     } # policy filter_password = updated
(3) Thu May 24 17:30:29 2018: Debug:     [preprocess] = ok
(3) Thu May 24 17:30:29 2018: Debug: suffix: Checking for suffix after "@"
(3) Thu May 24 17:30:29 2018: Debug: suffix: No '@' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", skipping NULL due to config.
(3) Thu May 24 17:30:29 2018: Debug:     [suffix] = noop
(3) Thu May 24 17:30:29 2018: Debug: ntdomain: Checking for prefix before "\"
(3) Thu May 24 17:30:29 2018: Debug: ntdomain: No '\' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", looking up realm NULL
(3) Thu May 24 17:30:29 2018: Debug: ntdomain: Found realm "null"
(3) Thu May 24 17:30:29 2018: Debug: ntdomain: Adding Realm = "null"
(3) Thu May 24 17:30:29 2018: Debug: ntdomain: Authentication realm is LOCAL
(3) Thu May 24 17:30:29 2018: Debug:     [ntdomain] = ok
(3) Thu May 24 17:30:29 2018: Debug: eap: Peer sent EAP Response (code 2) ID 4 length 6
(3) Thu May 24 17:30:29 2018: Debug: eap: Continuing tunnel setup
(3) Thu May 24 17:30:29 2018: Debug:     [eap] = ok
(3) Thu May 24 17:30:29 2018: Debug:   } # authorize = ok
(3) Thu May 24 17:30:29 2018: Debug: Found Auth-Type = eap
(3) Thu May 24 17:30:29 2018: Debug: # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence
(3) Thu May 24 17:30:29 2018: Debug:   authenticate {
(3) Thu May 24 17:30:29 2018: Debug: eap: Expiring EAP session with state 0x49c411c24bc0082f
(3) Thu May 24 17:30:29 2018: Debug: eap: Finished EAP session with state 0x49c411c24bc0082f
(3) Thu May 24 17:30:29 2018: Debug: eap: Previous EAP request found for state 0x49c411c24bc0082f, released from the list
(3) Thu May 24 17:30:29 2018: Debug: eap: Peer sent packet with method EAP PEAP (25)
(3) Thu May 24 17:30:29 2018: Debug: eap: Calling submodule eap_peap to process data
(3) Thu May 24 17:30:29 2018: Debug: eap_peap: Continuing EAP-TLS
(3) Thu May 24 17:30:29 2018: Debug: eap_peap: Peer ACKed our handshake fragment
(3) Thu May 24 17:30:29 2018: Debug: eap_peap: [eaptls verify] = request
(3) Thu May 24 17:30:29 2018: Debug: eap_peap: [eaptls process] = handled
(3) Thu May 24 17:30:29 2018: Debug: eap: Sending EAP Request (code 1) ID 5 length 1000
(3) Thu May 24 17:30:29 2018: Debug: eap: EAP session adding &reply:State = 0x49c411c24ac1082f
(3) Thu May 24 17:30:29 2018: Debug:     [eap] = handled
(3) Thu May 24 17:30:29 2018: Debug:   } # authenticate = handled
(3) Thu May 24 17:30:29 2018: Debug: Using Post-Auth-Type Challenge
(3) Thu May 24 17:30:29 2018: Debug: Post-Auth-Type sub-section not found.  Ignoring.
(3) Thu May 24 17:30:29 2018: Debug: # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence
(3) Thu May 24 17:30:29 2018: Debug: Sent Access-Challenge Id 46 from 172.20.5.3:1812 to 172.20.5.79:52628 length 0
(3) Thu May 24 17:30:29 2018: Debug:   EAP-Message = 0x010503e81940857fb02e359be06bba356a6ddeee561f174e4574ba18734e04703fe2439d7059336b92dfc9c6e4a42fd6832f045572ea2bd3424158f0059d1d69794f39d849cb93d4e849a9f645afc696f5c4bba51abd52c560313d10c35497a721d195168c4b97c7b87a40e8ebcf2d761663cdaccc0cb8
(3) Thu May 24 17:30:29 2018: Debug:   Message-Authenticator = 0x00000000000000000000000000000000
(3) Thu May 24 17:30:29 2018: Debug:   State = 0x49c411c24ac1082fb3b3797cce5894f4
(3) Thu May 24 17:30:29 2018: Debug:   Proxy-State = 0x3137
(3) Thu May 24 17:30:29 2018: Debug: Finished request
(4) Thu May 24 17:30:30 2018: Debug: Received Access-Request Id 200 from 172.20.5.79:52628 to 172.20.5.3:1812 length 360
(4) Thu May 24 17:30:30 2018: Debug:   Framed-MTU = 1480
(4) Thu May 24 17:30:30 2018: Debug:   NAS-IP-Address = 172.20.9.150
(4) Thu May 24 17:30:30 2018: Debug:   NAS-Identifier = "Test"
(4) Thu May 24 17:30:30 2018: Debug:   User-Name = "host/Admin-15-NB.PERSONALAMT.DE"
(4) Thu May 24 17:30:30 2018: Debug:   Service-Type = Framed-User
(4) Thu May 24 17:30:30 2018: Debug:   Framed-Protocol = PPP
(4) Thu May 24 17:30:30 2018: Debug:   NAS-Port = 1
(4) Thu May 24 17:30:30 2018: Debug:   NAS-Port-Type = Ethernet
(4) Thu May 24 17:30:30 2018: Debug:   NAS-Port-Id = "1"
(4) Thu May 24 17:30:30 2018: Debug:   Called-Station-Id = "94-18-82-b9-32-80"
(4) Thu May 24 17:30:30 2018: Debug:   Calling-Station-Id = "00-e0-4c-60-43-20"
(4) Thu May 24 17:30:30 2018: Debug:   Connect-Info = "CONNECT Ethernet 1000Mbps Full duplex"
(4) Thu May 24 17:30:30 2018: Debug:   Tunnel-Type:0 = VLAN
(4) Thu May 24 17:30:30 2018: Debug:   Tunnel-Medium-Type:0 = IEEE-802
(4) Thu May 24 17:30:30 2018: Debug:   Tunnel-Private-Group-Id:0 = "1"
(4) Thu May 24 17:30:30 2018: Debug:   State = 0x49c411c24ac1082fb3b3797cce5894f4
(4) Thu May 24 17:30:30 2018: Debug:   EAP-Message = 0x020500061900
(4) Thu May 24 17:30:30 2018: Debug:   Message-Authenticator = 0xe4777662f43f9f986461b2fe572c90c2
(4) Thu May 24 17:30:30 2018: Debug:   MS-RAS-Vendor = 11
(4) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b28
(4) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b2e
(4) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b30
(4) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b3d
(4) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0138
(4) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x013a
(4) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0140
(4) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0141
(4) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0151
(4) Thu May 24 17:30:30 2018: Debug:   Proxy-State = 0x3138
(4) Thu May 24 17:30:30 2018: Debug: session-state: No cached attributes
(4) Thu May 24 17:30:30 2018: Debug: # Executing section authorize from file /usr/local/pf/raddb/sites-enabled/packetfence
(4) Thu May 24 17:30:30 2018: Debug:   authorize {
(4) Thu May 24 17:30:30 2018: Debug:     update {
(4) Thu May 24 17:30:30 2018: Debug:       EXPAND %{Packet-Src-IP-Address}
(4) Thu May 24 17:30:30 2018: Debug:          --> 172.20.5.79
(4) Thu May 24 17:30:30 2018: Debug:       EXPAND %l
(4) Thu May 24 17:30:30 2018: Debug:          --> 1527175830
(4) Thu May 24 17:30:30 2018: Debug:     } # update = noop
(4) Thu May 24 17:30:30 2018: Debug:     policy packetfence-set-tenant-id {
(4) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0") {
(4) Thu May 24 17:30:30 2018: Debug:       EXPAND %{%{control:PacketFence-Tenant-Id}:-0}
(4) Thu May 24 17:30:30 2018: Debug:          --> 0
(4) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  -> TRUE
(4) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  {
(4) Thu May 24 17:30:30 2018: Debug:         update control {
(4) Thu May 24 17:30:30 2018: Debug:           EXPAND %{User-Name}
(4) Thu May 24 17:30:30 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(4) Thu May 24 17:30:30 2018: Debug:           SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(4) Thu May 24 17:30:30 2018: Debug:           Executing select query:  SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '172.20.5.79'), 0)
(4) Thu May 24 17:30:30 2018: Debug:           EXPAND %{sql: SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '%{Packet-Src-IP-Address}'), 0)}
(4) Thu May 24 17:30:30 2018: Debug:              --> 0
(4) Thu May 24 17:30:30 2018: Debug:         } # update control = noop
(4) Thu May 24 17:30:30 2018: Debug:       } # if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  = noop
(4) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 ) {
(4) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  -> TRUE
(4) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  {
(4) Thu May 24 17:30:30 2018: Debug:         update control {
(4) Thu May 24 17:30:30 2018: Debug:           EXPAND %{User-Name}
(4) Thu May 24 17:30:30 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(4) Thu May 24 17:30:30 2018: Debug:           SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(4) Thu May 24 17:30:30 2018: Debug:           Executing select query:  SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('172.20.5.79') and INET_ATON('172.20.5.79') <= end_ip order by range_length limit 1), 1)
(4) Thu May 24 17:30:30 2018: Debug:           EXPAND %{sql: SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('%{Packet-Src-IP-Address}') and INET_ATON('%{Packet-Src-IP-Address}') <= end_ip order by range_length limit 1), 1)}
(4) Thu May 24 17:30:30 2018: Debug:              --> 1
(4) Thu May 24 17:30:30 2018: Debug:         } # update control = noop
(4) Thu May 24 17:30:30 2018: Debug:       } # if ( &control:PacketFence-Tenant-Id == 0 )  = noop
(4) Thu May 24 17:30:30 2018: Debug:     } # policy packetfence-set-tenant-id = noop
(4) Thu May 24 17:30:30 2018: Debug:     policy rewrite_calling_station_id {
(4) Thu May 24 17:30:30 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i)) {
(4) Thu May 24 17:30:30 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  -> TRUE
(4) Thu May 24 17:30:30 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  {
(4) Thu May 24 17:30:30 2018: Debug:         update request {
(4) Thu May 24 17:30:30 2018: Debug:           EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(4) Thu May 24 17:30:30 2018: Debug:              --> 00:e0:4c:60:43:20
(4) Thu May 24 17:30:30 2018: Debug:         } # update request = noop
(4) Thu May 24 17:30:30 2018: Debug:         [updated] = updated
(4) Thu May 24 17:30:30 2018: Debug:       } # if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  = updated
(4) Thu May 24 17:30:30 2018: Debug:       ... skipping else: Preceding "if" was taken
(4) Thu May 24 17:30:30 2018: Debug:     } # policy rewrite_calling_station_id = updated
(4) Thu May 24 17:30:30 2018: Debug:     policy rewrite_called_station_id {
(4) Thu May 24 17:30:30 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i)) {
(4) Thu May 24 17:30:30 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  -> TRUE
(4) Thu May 24 17:30:30 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  {
(4) Thu May 24 17:30:30 2018: Debug:         update request {
(4) Thu May 24 17:30:30 2018: Debug:           EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(4) Thu May 24 17:30:30 2018: Debug:              --> 94:18:82:b9:32:80
(4) Thu May 24 17:30:30 2018: Debug:         } # update request = noop
(4) Thu May 24 17:30:30 2018: Debug:         if ("%{8}") {
(4) Thu May 24 17:30:30 2018: Debug:         EXPAND %{8}
(4) Thu May 24 17:30:30 2018: Debug:            -->
(4) Thu May 24 17:30:30 2018: Debug:         if ("%{8}")  -> FALSE
(4) Thu May 24 17:30:30 2018: Debug:         elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i) {
(4) Thu May 24 17:30:30 2018: Debug:         elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(4) Thu May 24 17:30:30 2018: Debug:         elsif (Aruba-Essid-Name) {
(4) Thu May 24 17:30:30 2018: Debug:         elsif (Aruba-Essid-Name)  -> FALSE
(4) Thu May 24 17:30:30 2018: Debug:         elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i) {
(4) Thu May 24 17:30:30 2018: Debug:         elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(4) Thu May 24 17:30:30 2018: Debug:         [updated] = updated
(4) Thu May 24 17:30:30 2018: Debug:       } # if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  = updated
(4) Thu May 24 17:30:30 2018: Debug:       ... skipping else: Preceding "if" was taken
(4) Thu May 24 17:30:30 2018: Debug:     } # policy rewrite_called_station_id = updated
(4) Thu May 24 17:30:30 2018: Debug:     policy filter_username {
(4) Thu May 24 17:30:30 2018: Debug:       if (&User-Name) {
(4) Thu May 24 17:30:30 2018: Debug:       if (&User-Name)  -> TRUE
(4) Thu May 24 17:30:30 2018: Debug:       if (&User-Name)  {
(4) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ / /) {
(4) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ / /)  -> FALSE
(4) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@[^@]*@/ ) {
(4) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@[^@]*@/ )  -> FALSE
(4) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.\./ ) {
(4) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.\./ )  -> FALSE
(4) Thu May 24 17:30:30 2018: Debug:         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))  {
(4) Thu May 24 17:30:30 2018: Debug:         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))   -> FALSE
(4) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.$/)  {
(4) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.$/)   -> FALSE
(4) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@\./)  {
(4) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@\./)   -> FALSE
(4) Thu May 24 17:30:30 2018: Debug:       } # if (&User-Name)  = updated
(4) Thu May 24 17:30:30 2018: Debug:     } # policy filter_username = updated
(4) Thu May 24 17:30:30 2018: Debug:     policy filter_password {
(4) Thu May 24 17:30:30 2018: Debug:       if (&User-Password && 	   (&User-Password != "%{string:User-Password}")) {
(4) Thu May 24 17:30:30 2018: Debug:       if (&User-Password && 	   (&User-Password != "%{string:User-Password}"))  -> FALSE
(4) Thu May 24 17:30:30 2018: Debug:     } # policy filter_password = updated
(4) Thu May 24 17:30:30 2018: Debug:     [preprocess] = ok
(4) Thu May 24 17:30:30 2018: Debug: suffix: Checking for suffix after "@"
(4) Thu May 24 17:30:30 2018: Debug: suffix: No '@' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", skipping NULL due to config.
(4) Thu May 24 17:30:30 2018: Debug:     [suffix] = noop
(4) Thu May 24 17:30:30 2018: Debug: ntdomain: Checking for prefix before "\"
(4) Thu May 24 17:30:30 2018: Debug: ntdomain: No '\' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", looking up realm NULL
(4) Thu May 24 17:30:30 2018: Debug: ntdomain: Found realm "null"
(4) Thu May 24 17:30:30 2018: Debug: ntdomain: Adding Realm = "null"
(4) Thu May 24 17:30:30 2018: Debug: ntdomain: Authentication realm is LOCAL
(4) Thu May 24 17:30:30 2018: Debug:     [ntdomain] = ok
(4) Thu May 24 17:30:30 2018: Debug: eap: Peer sent EAP Response (code 2) ID 5 length 6
(4) Thu May 24 17:30:30 2018: Debug: eap: Continuing tunnel setup
(4) Thu May 24 17:30:30 2018: Debug:     [eap] = ok
(4) Thu May 24 17:30:30 2018: Debug:   } # authorize = ok
(4) Thu May 24 17:30:30 2018: Debug: Found Auth-Type = eap
(4) Thu May 24 17:30:30 2018: Debug: # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence
(4) Thu May 24 17:30:30 2018: Debug:   authenticate {
(4) Thu May 24 17:30:30 2018: Debug: eap: Expiring EAP session with state 0x49c411c24ac1082f
(4) Thu May 24 17:30:30 2018: Debug: eap: Finished EAP session with state 0x49c411c24ac1082f
(4) Thu May 24 17:30:30 2018: Debug: eap: Previous EAP request found for state 0x49c411c24ac1082f, released from the list
(4) Thu May 24 17:30:30 2018: Debug: eap: Peer sent packet with method EAP PEAP (25)
(4) Thu May 24 17:30:30 2018: Debug: eap: Calling submodule eap_peap to process data
(4) Thu May 24 17:30:30 2018: Debug: eap_peap: Continuing EAP-TLS
(4) Thu May 24 17:30:30 2018: Debug: eap_peap: Peer ACKed our handshake fragment
(4) Thu May 24 17:30:30 2018: Debug: eap_peap: [eaptls verify] = request
(4) Thu May 24 17:30:30 2018: Debug: eap_peap: [eaptls process] = handled
(4) Thu May 24 17:30:30 2018: Debug: eap: Sending EAP Request (code 1) ID 6 length 849
(4) Thu May 24 17:30:30 2018: Debug: eap: EAP session adding &reply:State = 0x49c411c24dc2082f
(4) Thu May 24 17:30:30 2018: Debug:     [eap] = handled
(4) Thu May 24 17:30:30 2018: Debug:   } # authenticate = handled
(4) Thu May 24 17:30:30 2018: Debug: Using Post-Auth-Type Challenge
(4) Thu May 24 17:30:30 2018: Debug: Post-Auth-Type sub-section not found.  Ignoring.
(4) Thu May 24 17:30:30 2018: Debug: # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence
(4) Thu May 24 17:30:30 2018: Debug: Sent Access-Challenge Id 200 from 172.20.5.3:1812 to 172.20.5.79:52628 length 0
(4) Thu May 24 17:30:30 2018: Debug:   EAP-Message = 0x010603511900a5c818e32bb9ae33a322fd61cd5755b68853dd9ccbb6d3a16fb3a4128bea0fbf2c9703ed5d8543d0274ae47cbfb3a9350eca86224e212354d0f5757d95c75c3604b636f7def58ee79640d07a8e92d6d283cfe481f5ab13dd5e2b69a7d3fef209d339cab685bdb44726bfafa18faa078d07
(4) Thu May 24 17:30:30 2018: Debug:   Message-Authenticator = 0x00000000000000000000000000000000
(4) Thu May 24 17:30:30 2018: Debug:   State = 0x49c411c24dc2082fb3b3797cce5894f4
(4) Thu May 24 17:30:30 2018: Debug:   Proxy-State = 0x3138
(4) Thu May 24 17:30:30 2018: Debug: Finished request
(5) Thu May 24 17:30:30 2018: Debug: Received Access-Request Id 58 from 172.20.5.79:52628 to 172.20.5.3:1812 length 490
(5) Thu May 24 17:30:30 2018: Debug:   Framed-MTU = 1480
(5) Thu May 24 17:30:30 2018: Debug:   NAS-IP-Address = 172.20.9.150
(5) Thu May 24 17:30:30 2018: Debug:   NAS-Identifier = "Test"
(5) Thu May 24 17:30:30 2018: Debug:   User-Name = "host/Admin-15-NB.PERSONALAMT.DE"
(5) Thu May 24 17:30:30 2018: Debug:   Service-Type = Framed-User
(5) Thu May 24 17:30:30 2018: Debug:   Framed-Protocol = PPP
(5) Thu May 24 17:30:30 2018: Debug:   NAS-Port = 1
(5) Thu May 24 17:30:30 2018: Debug:   NAS-Port-Type = Ethernet
(5) Thu May 24 17:30:30 2018: Debug:   NAS-Port-Id = "1"
(5) Thu May 24 17:30:30 2018: Debug:   Called-Station-Id = "94-18-82-b9-32-80"
(5) Thu May 24 17:30:30 2018: Debug:   Calling-Station-Id = "00-e0-4c-60-43-20"
(5) Thu May 24 17:30:30 2018: Debug:   Connect-Info = "CONNECT Ethernet 1000Mbps Full duplex"
(5) Thu May 24 17:30:30 2018: Debug:   Tunnel-Type:0 = VLAN
(5) Thu May 24 17:30:30 2018: Debug:   Tunnel-Medium-Type:0 = IEEE-802
(5) Thu May 24 17:30:30 2018: Debug:   Tunnel-Private-Group-Id:0 = "1"
(5) Thu May 24 17:30:30 2018: Debug:   State = 0x49c411c24dc2082fb3b3797cce5894f4
(5) Thu May 24 17:30:30 2018: Debug:   EAP-Message = 0x0206008819800000007e1603030046100000424104ce352eced3447730353b40337d70531fcfbe117630605c68bb0487e0eb71ecd5596dd1ef415501a624645f16c29017567c0c86fc963eb5177fa9489f05bbe26414030300010116030300280000000000000000e4c6ec892ed54c3945a18cf995cee9
(5) Thu May 24 17:30:30 2018: Debug:   Message-Authenticator = 0x863c0f59d9f13c57e96a1cd8812c2d54
(5) Thu May 24 17:30:30 2018: Debug:   MS-RAS-Vendor = 11
(5) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b28
(5) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b2e
(5) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b30
(5) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b3d
(5) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0138
(5) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x013a
(5) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0140
(5) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0141
(5) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0151
(5) Thu May 24 17:30:30 2018: Debug:   Proxy-State = 0x3139
(5) Thu May 24 17:30:30 2018: Debug: session-state: No cached attributes
(5) Thu May 24 17:30:30 2018: Debug: # Executing section authorize from file /usr/local/pf/raddb/sites-enabled/packetfence
(5) Thu May 24 17:30:30 2018: Debug:   authorize {
(5) Thu May 24 17:30:30 2018: Debug:     update {
(5) Thu May 24 17:30:30 2018: Debug:       EXPAND %{Packet-Src-IP-Address}
(5) Thu May 24 17:30:30 2018: Debug:          --> 172.20.5.79
(5) Thu May 24 17:30:30 2018: Debug:       EXPAND %l
(5) Thu May 24 17:30:30 2018: Debug:          --> 1527175830
(5) Thu May 24 17:30:30 2018: Debug:     } # update = noop
(5) Thu May 24 17:30:30 2018: Debug:     policy packetfence-set-tenant-id {
(5) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0") {
(5) Thu May 24 17:30:30 2018: Debug:       EXPAND %{%{control:PacketFence-Tenant-Id}:-0}
(5) Thu May 24 17:30:30 2018: Debug:          --> 0
(5) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  -> TRUE
(5) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  {
(5) Thu May 24 17:30:30 2018: Debug:         update control {
(5) Thu May 24 17:30:30 2018: Debug:           EXPAND %{User-Name}
(5) Thu May 24 17:30:30 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(5) Thu May 24 17:30:30 2018: Debug:           SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(5) Thu May 24 17:30:30 2018: Debug:           Executing select query:  SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '172.20.5.79'), 0)
(5) Thu May 24 17:30:30 2018: Debug:           EXPAND %{sql: SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '%{Packet-Src-IP-Address}'), 0)}
(5) Thu May 24 17:30:30 2018: Debug:              --> 0
(5) Thu May 24 17:30:30 2018: Debug:         } # update control = noop
(5) Thu May 24 17:30:30 2018: Debug:       } # if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  = noop
(5) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 ) {
(5) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  -> TRUE
(5) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  {
(5) Thu May 24 17:30:30 2018: Debug:         update control {
(5) Thu May 24 17:30:30 2018: Debug:           EXPAND %{User-Name}
(5) Thu May 24 17:30:30 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(5) Thu May 24 17:30:30 2018: Debug:           SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(5) Thu May 24 17:30:30 2018: Debug:           Executing select query:  SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('172.20.5.79') and INET_ATON('172.20.5.79') <= end_ip order by range_length limit 1), 1)
(5) Thu May 24 17:30:30 2018: Debug:           EXPAND %{sql: SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('%{Packet-Src-IP-Address}') and INET_ATON('%{Packet-Src-IP-Address}') <= end_ip order by range_length limit 1), 1)}
(5) Thu May 24 17:30:30 2018: Debug:              --> 1
(5) Thu May 24 17:30:30 2018: Debug:         } # update control = noop
(5) Thu May 24 17:30:30 2018: Debug:       } # if ( &control:PacketFence-Tenant-Id == 0 )  = noop
(5) Thu May 24 17:30:30 2018: Debug:     } # policy packetfence-set-tenant-id = noop
(5) Thu May 24 17:30:30 2018: Debug:     policy rewrite_calling_station_id {
(5) Thu May 24 17:30:30 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i)) {
(5) Thu May 24 17:30:30 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  -> TRUE
(5) Thu May 24 17:30:30 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  {
(5) Thu May 24 17:30:30 2018: Debug:         update request {
(5) Thu May 24 17:30:30 2018: Debug:           EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(5) Thu May 24 17:30:30 2018: Debug:              --> 00:e0:4c:60:43:20
(5) Thu May 24 17:30:30 2018: Debug:         } # update request = noop
(5) Thu May 24 17:30:30 2018: Debug:         [updated] = updated
(5) Thu May 24 17:30:30 2018: Debug:       } # if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  = updated
(5) Thu May 24 17:30:30 2018: Debug:       ... skipping else: Preceding "if" was taken
(5) Thu May 24 17:30:30 2018: Debug:     } # policy rewrite_calling_station_id = updated
(5) Thu May 24 17:30:30 2018: Debug:     policy rewrite_called_station_id {
(5) Thu May 24 17:30:30 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i)) {
(5) Thu May 24 17:30:30 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  -> TRUE
(5) Thu May 24 17:30:30 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  {
(5) Thu May 24 17:30:30 2018: Debug:         update request {
(5) Thu May 24 17:30:30 2018: Debug:           EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(5) Thu May 24 17:30:30 2018: Debug:              --> 94:18:82:b9:32:80
(5) Thu May 24 17:30:30 2018: Debug:         } # update request = noop
(5) Thu May 24 17:30:30 2018: Debug:         if ("%{8}") {
(5) Thu May 24 17:30:30 2018: Debug:         EXPAND %{8}
(5) Thu May 24 17:30:30 2018: Debug:            -->
(5) Thu May 24 17:30:30 2018: Debug:         if ("%{8}")  -> FALSE
(5) Thu May 24 17:30:30 2018: Debug:         elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i) {
(5) Thu May 24 17:30:30 2018: Debug:         elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(5) Thu May 24 17:30:30 2018: Debug:         elsif (Aruba-Essid-Name) {
(5) Thu May 24 17:30:30 2018: Debug:         elsif (Aruba-Essid-Name)  -> FALSE
(5) Thu May 24 17:30:30 2018: Debug:         elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i) {
(5) Thu May 24 17:30:30 2018: Debug:         elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(5) Thu May 24 17:30:30 2018: Debug:         [updated] = updated
(5) Thu May 24 17:30:30 2018: Debug:       } # if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  = updated
(5) Thu May 24 17:30:30 2018: Debug:       ... skipping else: Preceding "if" was taken
(5) Thu May 24 17:30:30 2018: Debug:     } # policy rewrite_called_station_id = updated
(5) Thu May 24 17:30:30 2018: Debug:     policy filter_username {
(5) Thu May 24 17:30:30 2018: Debug:       if (&User-Name) {
(5) Thu May 24 17:30:30 2018: Debug:       if (&User-Name)  -> TRUE
(5) Thu May 24 17:30:30 2018: Debug:       if (&User-Name)  {
(5) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ / /) {
(5) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ / /)  -> FALSE
(5) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@[^@]*@/ ) {
(5) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@[^@]*@/ )  -> FALSE
(5) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.\./ ) {
(5) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.\./ )  -> FALSE
(5) Thu May 24 17:30:30 2018: Debug:         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))  {
(5) Thu May 24 17:30:30 2018: Debug:         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))   -> FALSE
(5) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.$/)  {
(5) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.$/)   -> FALSE
(5) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@\./)  {
(5) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@\./)   -> FALSE
(5) Thu May 24 17:30:30 2018: Debug:       } # if (&User-Name)  = updated
(5) Thu May 24 17:30:30 2018: Debug:     } # policy filter_username = updated
(5) Thu May 24 17:30:30 2018: Debug:     policy filter_password {
(5) Thu May 24 17:30:30 2018: Debug:       if (&User-Password && 	   (&User-Password != "%{string:User-Password}")) {
(5) Thu May 24 17:30:30 2018: Debug:       if (&User-Password && 	   (&User-Password != "%{string:User-Password}"))  -> FALSE
(5) Thu May 24 17:30:30 2018: Debug:     } # policy filter_password = updated
(5) Thu May 24 17:30:30 2018: Debug:     [preprocess] = ok
(5) Thu May 24 17:30:30 2018: Debug: suffix: Checking for suffix after "@"
(5) Thu May 24 17:30:30 2018: Debug: suffix: No '@' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", skipping NULL due to config.
(5) Thu May 24 17:30:30 2018: Debug:     [suffix] = noop
(5) Thu May 24 17:30:30 2018: Debug: ntdomain: Checking for prefix before "\"
(5) Thu May 24 17:30:30 2018: Debug: ntdomain: No '\' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", looking up realm NULL
(5) Thu May 24 17:30:30 2018: Debug: ntdomain: Found realm "null"
(5) Thu May 24 17:30:30 2018: Debug: ntdomain: Adding Realm = "null"
(5) Thu May 24 17:30:30 2018: Debug: ntdomain: Authentication realm is LOCAL
(5) Thu May 24 17:30:30 2018: Debug:     [ntdomain] = ok
(5) Thu May 24 17:30:30 2018: Debug: eap: Peer sent EAP Response (code 2) ID 6 length 136
(5) Thu May 24 17:30:30 2018: Debug: eap: Continuing tunnel setup
(5) Thu May 24 17:30:30 2018: Debug:     [eap] = ok
(5) Thu May 24 17:30:30 2018: Debug:   } # authorize = ok
(5) Thu May 24 17:30:30 2018: Debug: Found Auth-Type = eap
(5) Thu May 24 17:30:30 2018: Debug: # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence
(5) Thu May 24 17:30:30 2018: Debug:   authenticate {
(5) Thu May 24 17:30:30 2018: Debug: eap: Expiring EAP session with state 0x49c411c24dc2082f
(5) Thu May 24 17:30:30 2018: Debug: eap: Finished EAP session with state 0x49c411c24dc2082f
(5) Thu May 24 17:30:30 2018: Debug: eap: Previous EAP request found for state 0x49c411c24dc2082f, released from the list
(5) Thu May 24 17:30:30 2018: Debug: eap: Peer sent packet with method EAP PEAP (25)
(5) Thu May 24 17:30:30 2018: Debug: eap: Calling submodule eap_peap to process data
(5) Thu May 24 17:30:30 2018: Debug: eap_peap: Continuing EAP-TLS
(5) Thu May 24 17:30:30 2018: Debug: eap_peap: Peer indicated complete TLS record size will be 126 bytes
(5) Thu May 24 17:30:30 2018: Debug: eap_peap: Got complete TLS record (126 bytes)
(5) Thu May 24 17:30:30 2018: Debug: eap_peap: [eaptls verify] = length included
(5) Thu May 24 17:30:30 2018: Debug: eap_peap: TLS_accept: SSLv3 read client key exchange A
(5) Thu May 24 17:30:30 2018: Debug: eap_peap: TLS_accept: SSLv3 read certificate verify A
(5) Thu May 24 17:30:30 2018: Debug: eap_peap: TLS_accept: SSLv3 read finished A
(5) Thu May 24 17:30:30 2018: Debug: eap_peap: TLS_accept: SSLv3 write change cipher spec A
(5) Thu May 24 17:30:30 2018: Debug: eap_peap: TLS_accept: SSLv3 write finished A
(5) Thu May 24 17:30:30 2018: Debug: eap_peap: TLS_accept: SSLv3 flush data
(5) Thu May 24 17:30:30 2018: Debug: eap_peap: (other): SSL negotiation finished successfully
(5) Thu May 24 17:30:30 2018: Debug: eap_peap: SSL Connection Established
(5) Thu May 24 17:30:30 2018: Debug: eap_peap: [eaptls process] = handled
(5) Thu May 24 17:30:30 2018: Debug: eap: Sending EAP Request (code 1) ID 7 length 57
(5) Thu May 24 17:30:30 2018: Debug: eap: EAP session adding &reply:State = 0x49c411c24cc3082f
(5) Thu May 24 17:30:30 2018: Debug:     [eap] = handled
(5) Thu May 24 17:30:30 2018: Debug:   } # authenticate = handled
(5) Thu May 24 17:30:30 2018: Debug: Using Post-Auth-Type Challenge
(5) Thu May 24 17:30:30 2018: Debug: Post-Auth-Type sub-section not found.  Ignoring.
(5) Thu May 24 17:30:30 2018: Debug: # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence
(5) Thu May 24 17:30:30 2018: Debug: Sent Access-Challenge Id 58 from 172.20.5.3:1812 to 172.20.5.79:52628 length 0
(5) Thu May 24 17:30:30 2018: Debug:   EAP-Message = 0x0107003919001403030001011603030028c204d6dc726b81da71a67e708091ab875e0c5756c6a0bef05bcc116c35b2ad4068bbd39829055953
(5) Thu May 24 17:30:30 2018: Debug:   Message-Authenticator = 0x00000000000000000000000000000000
(5) Thu May 24 17:30:30 2018: Debug:   State = 0x49c411c24cc3082fb3b3797cce5894f4
(5) Thu May 24 17:30:30 2018: Debug:   Proxy-State = 0x3139
(5) Thu May 24 17:30:30 2018: Debug: Finished request
(6) Thu May 24 17:30:30 2018: Debug: Received Access-Request Id 109 from 172.20.5.79:52628 to 172.20.5.3:1812 length 360
(6) Thu May 24 17:30:30 2018: Debug:   Framed-MTU = 1480
(6) Thu May 24 17:30:30 2018: Debug:   NAS-IP-Address = 172.20.9.150
(6) Thu May 24 17:30:30 2018: Debug:   NAS-Identifier = "Test"
(6) Thu May 24 17:30:30 2018: Debug:   User-Name = "host/Admin-15-NB.PERSONALAMT.DE"
(6) Thu May 24 17:30:30 2018: Debug:   Service-Type = Framed-User
(6) Thu May 24 17:30:30 2018: Debug:   Framed-Protocol = PPP
(6) Thu May 24 17:30:30 2018: Debug:   NAS-Port = 1
(6) Thu May 24 17:30:30 2018: Debug:   NAS-Port-Type = Ethernet
(6) Thu May 24 17:30:30 2018: Debug:   NAS-Port-Id = "1"
(6) Thu May 24 17:30:30 2018: Debug:   Called-Station-Id = "94-18-82-b9-32-80"
(6) Thu May 24 17:30:30 2018: Debug:   Calling-Station-Id = "00-e0-4c-60-43-20"
(6) Thu May 24 17:30:30 2018: Debug:   Connect-Info = "CONNECT Ethernet 1000Mbps Full duplex"
(6) Thu May 24 17:30:30 2018: Debug:   Tunnel-Type:0 = VLAN
(6) Thu May 24 17:30:30 2018: Debug:   Tunnel-Medium-Type:0 = IEEE-802
(6) Thu May 24 17:30:30 2018: Debug:   Tunnel-Private-Group-Id:0 = "1"
(6) Thu May 24 17:30:30 2018: Debug:   State = 0x49c411c24cc3082fb3b3797cce5894f4
(6) Thu May 24 17:30:30 2018: Debug:   EAP-Message = 0x020700061900
(6) Thu May 24 17:30:30 2018: Debug:   Message-Authenticator = 0x5c999f89a3773ffa1a1be600c701a541
(6) Thu May 24 17:30:30 2018: Debug:   MS-RAS-Vendor = 11
(6) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b28
(6) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b2e
(6) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b30
(6) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b3d
(6) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0138
(6) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x013a
(6) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0140
(6) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0141
(6) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0151
(6) Thu May 24 17:30:30 2018: Debug:   Proxy-State = 0x3230
(6) Thu May 24 17:30:30 2018: Debug: session-state: No cached attributes
(6) Thu May 24 17:30:30 2018: Debug: # Executing section authorize from file /usr/local/pf/raddb/sites-enabled/packetfence
(6) Thu May 24 17:30:30 2018: Debug:   authorize {
(6) Thu May 24 17:30:30 2018: Debug:     update {
(6) Thu May 24 17:30:30 2018: Debug:       EXPAND %{Packet-Src-IP-Address}
(6) Thu May 24 17:30:30 2018: Debug:          --> 172.20.5.79
(6) Thu May 24 17:30:30 2018: Debug:       EXPAND %l
(6) Thu May 24 17:30:30 2018: Debug:          --> 1527175830
(6) Thu May 24 17:30:30 2018: Debug:     } # update = noop
(6) Thu May 24 17:30:30 2018: Debug:     policy packetfence-set-tenant-id {
(6) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0") {
(6) Thu May 24 17:30:30 2018: Debug:       EXPAND %{%{control:PacketFence-Tenant-Id}:-0}
(6) Thu May 24 17:30:30 2018: Debug:          --> 0
(6) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  -> TRUE
(6) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  {
(6) Thu May 24 17:30:30 2018: Debug:         update control {
(6) Thu May 24 17:30:30 2018: Debug:           EXPAND %{User-Name}
(6) Thu May 24 17:30:30 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(6) Thu May 24 17:30:30 2018: Debug:           SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(6) Thu May 24 17:30:30 2018: Debug:           Executing select query:  SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '172.20.5.79'), 0)
(6) Thu May 24 17:30:30 2018: Debug:           EXPAND %{sql: SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '%{Packet-Src-IP-Address}'), 0)}
(6) Thu May 24 17:30:30 2018: Debug:              --> 0
(6) Thu May 24 17:30:30 2018: Debug:         } # update control = noop
(6) Thu May 24 17:30:30 2018: Debug:       } # if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  = noop
(6) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 ) {
(6) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  -> TRUE
(6) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  {
(6) Thu May 24 17:30:30 2018: Debug:         update control {
(6) Thu May 24 17:30:30 2018: Debug:           EXPAND %{User-Name}
(6) Thu May 24 17:30:30 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(6) Thu May 24 17:30:30 2018: Debug:           SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(6) Thu May 24 17:30:30 2018: Debug:           Executing select query:  SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('172.20.5.79') and INET_ATON('172.20.5.79') <= end_ip order by range_length limit 1), 1)
(6) Thu May 24 17:30:30 2018: Debug:           EXPAND %{sql: SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('%{Packet-Src-IP-Address}') and INET_ATON('%{Packet-Src-IP-Address}') <= end_ip order by range_length limit 1), 1)}
(6) Thu May 24 17:30:30 2018: Debug:              --> 1
(6) Thu May 24 17:30:30 2018: Debug:         } # update control = noop
(6) Thu May 24 17:30:30 2018: Debug:       } # if ( &control:PacketFence-Tenant-Id == 0 )  = noop
(6) Thu May 24 17:30:30 2018: Debug:     } # policy packetfence-set-tenant-id = noop
(6) Thu May 24 17:30:30 2018: Debug:     policy rewrite_calling_station_id {
(6) Thu May 24 17:30:30 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i)) {
(6) Thu May 24 17:30:30 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  -> TRUE
(6) Thu May 24 17:30:30 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  {
(6) Thu May 24 17:30:30 2018: Debug:         update request {
(6) Thu May 24 17:30:30 2018: Debug:           EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(6) Thu May 24 17:30:30 2018: Debug:              --> 00:e0:4c:60:43:20
(6) Thu May 24 17:30:30 2018: Debug:         } # update request = noop
(6) Thu May 24 17:30:30 2018: Debug:         [updated] = updated
(6) Thu May 24 17:30:30 2018: Debug:       } # if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  = updated
(6) Thu May 24 17:30:30 2018: Debug:       ... skipping else: Preceding "if" was taken
(6) Thu May 24 17:30:30 2018: Debug:     } # policy rewrite_calling_station_id = updated
(6) Thu May 24 17:30:30 2018: Debug:     policy rewrite_called_station_id {
(6) Thu May 24 17:30:30 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i)) {
(6) Thu May 24 17:30:30 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  -> TRUE
(6) Thu May 24 17:30:30 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  {
(6) Thu May 24 17:30:30 2018: Debug:         update request {
(6) Thu May 24 17:30:30 2018: Debug:           EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(6) Thu May 24 17:30:30 2018: Debug:              --> 94:18:82:b9:32:80
(6) Thu May 24 17:30:30 2018: Debug:         } # update request = noop
(6) Thu May 24 17:30:30 2018: Debug:         if ("%{8}") {
(6) Thu May 24 17:30:30 2018: Debug:         EXPAND %{8}
(6) Thu May 24 17:30:30 2018: Debug:            -->
(6) Thu May 24 17:30:30 2018: Debug:         if ("%{8}")  -> FALSE
(6) Thu May 24 17:30:30 2018: Debug:         elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i) {
(6) Thu May 24 17:30:30 2018: Debug:         elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(6) Thu May 24 17:30:30 2018: Debug:         elsif (Aruba-Essid-Name) {
(6) Thu May 24 17:30:30 2018: Debug:         elsif (Aruba-Essid-Name)  -> FALSE
(6) Thu May 24 17:30:30 2018: Debug:         elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i) {
(6) Thu May 24 17:30:30 2018: Debug:         elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(6) Thu May 24 17:30:30 2018: Debug:         [updated] = updated
(6) Thu May 24 17:30:30 2018: Debug:       } # if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  = updated
(6) Thu May 24 17:30:30 2018: Debug:       ... skipping else: Preceding "if" was taken
(6) Thu May 24 17:30:30 2018: Debug:     } # policy rewrite_called_station_id = updated
(6) Thu May 24 17:30:30 2018: Debug:     policy filter_username {
(6) Thu May 24 17:30:30 2018: Debug:       if (&User-Name) {
(6) Thu May 24 17:30:30 2018: Debug:       if (&User-Name)  -> TRUE
(6) Thu May 24 17:30:30 2018: Debug:       if (&User-Name)  {
(6) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ / /) {
(6) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ / /)  -> FALSE
(6) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@[^@]*@/ ) {
(6) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@[^@]*@/ )  -> FALSE
(6) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.\./ ) {
(6) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.\./ )  -> FALSE
(6) Thu May 24 17:30:30 2018: Debug:         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))  {
(6) Thu May 24 17:30:30 2018: Debug:         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))   -> FALSE
(6) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.$/)  {
(6) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.$/)   -> FALSE
(6) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@\./)  {
(6) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@\./)   -> FALSE
(6) Thu May 24 17:30:30 2018: Debug:       } # if (&User-Name)  = updated
(6) Thu May 24 17:30:30 2018: Debug:     } # policy filter_username = updated
(6) Thu May 24 17:30:30 2018: Debug:     policy filter_password {
(6) Thu May 24 17:30:30 2018: Debug:       if (&User-Password && 	   (&User-Password != "%{string:User-Password}")) {
(6) Thu May 24 17:30:30 2018: Debug:       if (&User-Password && 	   (&User-Password != "%{string:User-Password}"))  -> FALSE
(6) Thu May 24 17:30:30 2018: Debug:     } # policy filter_password = updated
(6) Thu May 24 17:30:30 2018: Debug:     [preprocess] = ok
(6) Thu May 24 17:30:30 2018: Debug: suffix: Checking for suffix after "@"
(6) Thu May 24 17:30:30 2018: Debug: suffix: No '@' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", skipping NULL due to config.
(6) Thu May 24 17:30:30 2018: Debug:     [suffix] = noop
(6) Thu May 24 17:30:30 2018: Debug: ntdomain: Checking for prefix before "\"
(6) Thu May 24 17:30:30 2018: Debug: ntdomain: No '\' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", looking up realm NULL
(6) Thu May 24 17:30:30 2018: Debug: ntdomain: Found realm "null"
(6) Thu May 24 17:30:30 2018: Debug: ntdomain: Adding Realm = "null"
(6) Thu May 24 17:30:30 2018: Debug: ntdomain: Authentication realm is LOCAL
(6) Thu May 24 17:30:30 2018: Debug:     [ntdomain] = ok
(6) Thu May 24 17:30:30 2018: Debug: eap: Peer sent EAP Response (code 2) ID 7 length 6
(6) Thu May 24 17:30:30 2018: Debug: eap: Continuing tunnel setup
(6) Thu May 24 17:30:30 2018: Debug:     [eap] = ok
(6) Thu May 24 17:30:30 2018: Debug:   } # authorize = ok
(6) Thu May 24 17:30:30 2018: Debug: Found Auth-Type = eap
(6) Thu May 24 17:30:30 2018: Debug: # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence
(6) Thu May 24 17:30:30 2018: Debug:   authenticate {
(6) Thu May 24 17:30:30 2018: Debug: eap: Expiring EAP session with state 0x49c411c24cc3082f
(6) Thu May 24 17:30:30 2018: Debug: eap: Finished EAP session with state 0x49c411c24cc3082f
(6) Thu May 24 17:30:30 2018: Debug: eap: Previous EAP request found for state 0x49c411c24cc3082f, released from the list
(6) Thu May 24 17:30:30 2018: Debug: eap: Peer sent packet with method EAP PEAP (25)
(6) Thu May 24 17:30:30 2018: Debug: eap: Calling submodule eap_peap to process data
(6) Thu May 24 17:30:30 2018: Debug: eap_peap: Continuing EAP-TLS
(6) Thu May 24 17:30:30 2018: Debug: eap_peap: Peer ACKed our handshake fragment.  handshake is finished
(6) Thu May 24 17:30:30 2018: Debug: eap_peap: [eaptls verify] = success
(6) Thu May 24 17:30:30 2018: Debug: eap_peap: [eaptls process] = success
(6) Thu May 24 17:30:30 2018: Debug: eap_peap: Session established.  Decoding tunneled attributes
(6) Thu May 24 17:30:30 2018: Debug: eap_peap: PEAP state TUNNEL ESTABLISHED
(6) Thu May 24 17:30:30 2018: Debug: eap: Sending EAP Request (code 1) ID 8 length 40
(6) Thu May 24 17:30:30 2018: Debug: eap: EAP session adding &reply:State = 0x49c411c24fcc082f
(6) Thu May 24 17:30:30 2018: Debug:     [eap] = handled
(6) Thu May 24 17:30:30 2018: Debug:   } # authenticate = handled
(6) Thu May 24 17:30:30 2018: Debug: Using Post-Auth-Type Challenge
(6) Thu May 24 17:30:30 2018: Debug: Post-Auth-Type sub-section not found.  Ignoring.
(6) Thu May 24 17:30:30 2018: Debug: # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence
(6) Thu May 24 17:30:30 2018: Debug: Sent Access-Challenge Id 109 from 172.20.5.3:1812 to 172.20.5.79:52628 length 0
(6) Thu May 24 17:30:30 2018: Debug:   EAP-Message = 0x010800281900170303001dc204d6dc726b81db8a469ae587be1edde1f1702951d298552627b74f15
(6) Thu May 24 17:30:30 2018: Debug:   Message-Authenticator = 0x00000000000000000000000000000000
(6) Thu May 24 17:30:30 2018: Debug:   State = 0x49c411c24fcc082fb3b3797cce5894f4
(6) Thu May 24 17:30:30 2018: Debug:   Proxy-State = 0x3230
(6) Thu May 24 17:30:30 2018: Debug: Finished request
(7) Thu May 24 17:30:30 2018: Debug: Received Access-Request Id 213 from 172.20.5.79:52628 to 172.20.5.3:1812 length 421
(7) Thu May 24 17:30:30 2018: Debug:   Framed-MTU = 1480
(7) Thu May 24 17:30:30 2018: Debug:   NAS-IP-Address = 172.20.9.150
(7) Thu May 24 17:30:30 2018: Debug:   NAS-Identifier = "Test"
(7) Thu May 24 17:30:30 2018: Debug:   User-Name = "host/Admin-15-NB.PERSONALAMT.DE"
(7) Thu May 24 17:30:30 2018: Debug:   Service-Type = Framed-User
(7) Thu May 24 17:30:30 2018: Debug:   Framed-Protocol = PPP
(7) Thu May 24 17:30:30 2018: Debug:   NAS-Port = 1
(7) Thu May 24 17:30:30 2018: Debug:   NAS-Port-Type = Ethernet
(7) Thu May 24 17:30:30 2018: Debug:   NAS-Port-Id = "1"
(7) Thu May 24 17:30:30 2018: Debug:   Called-Station-Id = "94-18-82-b9-32-80"
(7) Thu May 24 17:30:30 2018: Debug:   Calling-Station-Id = "00-e0-4c-60-43-20"
(7) Thu May 24 17:30:30 2018: Debug:   Connect-Info = "CONNECT Ethernet 1000Mbps Full duplex"
(7) Thu May 24 17:30:30 2018: Debug:   Tunnel-Type:0 = VLAN
(7) Thu May 24 17:30:30 2018: Debug:   Tunnel-Medium-Type:0 = IEEE-802
(7) Thu May 24 17:30:30 2018: Debug:   Tunnel-Private-Group-Id:0 = "1"
(7) Thu May 24 17:30:30 2018: Debug:   State = 0x49c411c24fcc082fb3b3797cce5894f4
(7) Thu May 24 17:30:30 2018: Debug:   EAP-Message = 0x0208004319001703030038000000000000000136a4dbac58bd2162f5d7e53a853d094521715a022e1e966ac88f81da70ab5f61b4c725ffab5824956fb62a49d8fb96b8
(7) Thu May 24 17:30:30 2018: Debug:   Message-Authenticator = 0x5e78675bf103d85dff0c18c3ef6d31b8
(7) Thu May 24 17:30:30 2018: Debug:   MS-RAS-Vendor = 11
(7) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b28
(7) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b2e
(7) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b30
(7) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b3d
(7) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0138
(7) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x013a
(7) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0140
(7) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0141
(7) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0151
(7) Thu May 24 17:30:30 2018: Debug:   Proxy-State = 0x3231
(7) Thu May 24 17:30:30 2018: Debug: session-state: No cached attributes
(7) Thu May 24 17:30:30 2018: Debug: # Executing section authorize from file /usr/local/pf/raddb/sites-enabled/packetfence
(7) Thu May 24 17:30:30 2018: Debug:   authorize {
(7) Thu May 24 17:30:30 2018: Debug:     update {
(7) Thu May 24 17:30:30 2018: Debug:       EXPAND %{Packet-Src-IP-Address}
(7) Thu May 24 17:30:30 2018: Debug:          --> 172.20.5.79
(7) Thu May 24 17:30:30 2018: Debug:       EXPAND %l
(7) Thu May 24 17:30:30 2018: Debug:          --> 1527175830
(7) Thu May 24 17:30:30 2018: Debug:     } # update = noop
(7) Thu May 24 17:30:30 2018: Debug:     policy packetfence-set-tenant-id {
(7) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0") {
(7) Thu May 24 17:30:30 2018: Debug:       EXPAND %{%{control:PacketFence-Tenant-Id}:-0}
(7) Thu May 24 17:30:30 2018: Debug:          --> 0
(7) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  -> TRUE
(7) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  {
(7) Thu May 24 17:30:30 2018: Debug:         update control {
(7) Thu May 24 17:30:30 2018: Debug:           EXPAND %{User-Name}
(7) Thu May 24 17:30:30 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(7) Thu May 24 17:30:30 2018: Debug:           SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(7) Thu May 24 17:30:30 2018: Debug:           Executing select query:  SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '172.20.5.79'), 0)
(7) Thu May 24 17:30:30 2018: Debug:           EXPAND %{sql: SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '%{Packet-Src-IP-Address}'), 0)}
(7) Thu May 24 17:30:30 2018: Debug:              --> 0
(7) Thu May 24 17:30:30 2018: Debug:         } # update control = noop
(7) Thu May 24 17:30:30 2018: Debug:       } # if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  = noop
(7) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 ) {
(7) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  -> TRUE
(7) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  {
(7) Thu May 24 17:30:30 2018: Debug:         update control {
(7) Thu May 24 17:30:30 2018: Debug:           EXPAND %{User-Name}
(7) Thu May 24 17:30:30 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(7) Thu May 24 17:30:30 2018: Debug:           SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(7) Thu May 24 17:30:30 2018: Debug:           Executing select query:  SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('172.20.5.79') and INET_ATON('172.20.5.79') <= end_ip order by range_length limit 1), 1)
(7) Thu May 24 17:30:30 2018: Debug:           EXPAND %{sql: SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('%{Packet-Src-IP-Address}') and INET_ATON('%{Packet-Src-IP-Address}') <= end_ip order by range_length limit 1), 1)}
(7) Thu May 24 17:30:30 2018: Debug:              --> 1
(7) Thu May 24 17:30:30 2018: Debug:         } # update control = noop
(7) Thu May 24 17:30:30 2018: Debug:       } # if ( &control:PacketFence-Tenant-Id == 0 )  = noop
(7) Thu May 24 17:30:30 2018: Debug:     } # policy packetfence-set-tenant-id = noop
(7) Thu May 24 17:30:30 2018: Debug:     policy rewrite_calling_station_id {
(7) Thu May 24 17:30:30 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i)) {
(7) Thu May 24 17:30:30 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  -> TRUE
(7) Thu May 24 17:30:30 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  {
(7) Thu May 24 17:30:30 2018: Debug:         update request {
(7) Thu May 24 17:30:30 2018: Debug:           EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(7) Thu May 24 17:30:30 2018: Debug:              --> 00:e0:4c:60:43:20
(7) Thu May 24 17:30:30 2018: Debug:         } # update request = noop
(7) Thu May 24 17:30:30 2018: Debug:         [updated] = updated
(7) Thu May 24 17:30:30 2018: Debug:       } # if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  = updated
(7) Thu May 24 17:30:30 2018: Debug:       ... skipping else: Preceding "if" was taken
(7) Thu May 24 17:30:30 2018: Debug:     } # policy rewrite_calling_station_id = updated
(7) Thu May 24 17:30:30 2018: Debug:     policy rewrite_called_station_id {
(7) Thu May 24 17:30:30 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i)) {
(7) Thu May 24 17:30:30 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  -> TRUE
(7) Thu May 24 17:30:30 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  {
(7) Thu May 24 17:30:30 2018: Debug:         update request {
(7) Thu May 24 17:30:30 2018: Debug:           EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(7) Thu May 24 17:30:30 2018: Debug:              --> 94:18:82:b9:32:80
(7) Thu May 24 17:30:30 2018: Debug:         } # update request = noop
(7) Thu May 24 17:30:30 2018: Debug:         if ("%{8}") {
(7) Thu May 24 17:30:30 2018: Debug:         EXPAND %{8}
(7) Thu May 24 17:30:30 2018: Debug:            -->
(7) Thu May 24 17:30:30 2018: Debug:         if ("%{8}")  -> FALSE
(7) Thu May 24 17:30:30 2018: Debug:         elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i) {
(7) Thu May 24 17:30:30 2018: Debug:         elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(7) Thu May 24 17:30:30 2018: Debug:         elsif (Aruba-Essid-Name) {
(7) Thu May 24 17:30:30 2018: Debug:         elsif (Aruba-Essid-Name)  -> FALSE
(7) Thu May 24 17:30:30 2018: Debug:         elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i) {
(7) Thu May 24 17:30:30 2018: Debug:         elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(7) Thu May 24 17:30:30 2018: Debug:         [updated] = updated
(7) Thu May 24 17:30:30 2018: Debug:       } # if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  = updated
(7) Thu May 24 17:30:30 2018: Debug:       ... skipping else: Preceding "if" was taken
(7) Thu May 24 17:30:30 2018: Debug:     } # policy rewrite_called_station_id = updated
(7) Thu May 24 17:30:30 2018: Debug:     policy filter_username {
(7) Thu May 24 17:30:30 2018: Debug:       if (&User-Name) {
(7) Thu May 24 17:30:30 2018: Debug:       if (&User-Name)  -> TRUE
(7) Thu May 24 17:30:30 2018: Debug:       if (&User-Name)  {
(7) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ / /) {
(7) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ / /)  -> FALSE
(7) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@[^@]*@/ ) {
(7) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@[^@]*@/ )  -> FALSE
(7) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.\./ ) {
(7) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.\./ )  -> FALSE
(7) Thu May 24 17:30:30 2018: Debug:         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))  {
(7) Thu May 24 17:30:30 2018: Debug:         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))   -> FALSE
(7) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.$/)  {
(7) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.$/)   -> FALSE
(7) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@\./)  {
(7) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@\./)   -> FALSE
(7) Thu May 24 17:30:30 2018: Debug:       } # if (&User-Name)  = updated
(7) Thu May 24 17:30:30 2018: Debug:     } # policy filter_username = updated
(7) Thu May 24 17:30:30 2018: Debug:     policy filter_password {
(7) Thu May 24 17:30:30 2018: Debug:       if (&User-Password && 	   (&User-Password != "%{string:User-Password}")) {
(7) Thu May 24 17:30:30 2018: Debug:       if (&User-Password && 	   (&User-Password != "%{string:User-Password}"))  -> FALSE
(7) Thu May 24 17:30:30 2018: Debug:     } # policy filter_password = updated
(7) Thu May 24 17:30:30 2018: Debug:     [preprocess] = ok
(7) Thu May 24 17:30:30 2018: Debug: suffix: Checking for suffix after "@"
(7) Thu May 24 17:30:30 2018: Debug: suffix: No '@' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", skipping NULL due to config.
(7) Thu May 24 17:30:30 2018: Debug:     [suffix] = noop
(7) Thu May 24 17:30:30 2018: Debug: ntdomain: Checking for prefix before "\"
(7) Thu May 24 17:30:30 2018: Debug: ntdomain: No '\' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", looking up realm NULL
(7) Thu May 24 17:30:30 2018: Debug: ntdomain: Found realm "null"
(7) Thu May 24 17:30:30 2018: Debug: ntdomain: Adding Realm = "null"
(7) Thu May 24 17:30:30 2018: Debug: ntdomain: Authentication realm is LOCAL
(7) Thu May 24 17:30:30 2018: Debug:     [ntdomain] = ok
(7) Thu May 24 17:30:30 2018: Debug: eap: Peer sent EAP Response (code 2) ID 8 length 67
(7) Thu May 24 17:30:30 2018: Debug: eap: Continuing tunnel setup
(7) Thu May 24 17:30:30 2018: Debug:     [eap] = ok
(7) Thu May 24 17:30:30 2018: Debug:   } # authorize = ok
(7) Thu May 24 17:30:30 2018: Debug: Found Auth-Type = eap
(7) Thu May 24 17:30:30 2018: Debug: # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence
(7) Thu May 24 17:30:30 2018: Debug:   authenticate {
(7) Thu May 24 17:30:30 2018: Debug: eap: Expiring EAP session with state 0x49c411c24fcc082f
(7) Thu May 24 17:30:30 2018: Debug: eap: Finished EAP session with state 0x49c411c24fcc082f
(7) Thu May 24 17:30:30 2018: Debug: eap: Previous EAP request found for state 0x49c411c24fcc082f, released from the list
(7) Thu May 24 17:30:30 2018: Debug: eap: Peer sent packet with method EAP PEAP (25)
(7) Thu May 24 17:30:30 2018: Debug: eap: Calling submodule eap_peap to process data
(7) Thu May 24 17:30:30 2018: Debug: eap_peap: Continuing EAP-TLS
(7) Thu May 24 17:30:30 2018: Debug: eap_peap: [eaptls verify] = ok
(7) Thu May 24 17:30:30 2018: Debug: eap_peap: Done initial handshake
(7) Thu May 24 17:30:30 2018: Debug: eap_peap: [eaptls process] = ok
(7) Thu May 24 17:30:30 2018: Debug: eap_peap: Session established.  Decoding tunneled attributes
(7) Thu May 24 17:30:30 2018: Debug: eap_peap: PEAP state WAITING FOR INNER IDENTITY
(7) Thu May 24 17:30:30 2018: Debug: eap_peap: Identity - host/Admin-15-NB.PERSONALAMT.DE
(7) Thu May 24 17:30:30 2018: Debug: eap_peap: Got inner identity 'host/Admin-15-NB.PERSONALAMT.DE'
(7) Thu May 24 17:30:30 2018: Debug: eap_peap: Setting default EAP type for tunneled EAP session
(7) Thu May 24 17:30:30 2018: Debug: eap_peap: Got tunneled request
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   EAP-Message = 0x0208002401686f73742f41646d696e2d31352d4e422e504552534f4e414c414d542e4445
(7) Thu May 24 17:30:30 2018: Debug: eap_peap: Setting User-Name to host/Admin-15-NB.PERSONALAMT.DE
(7) Thu May 24 17:30:30 2018: Debug: eap_peap: Sending tunneled request to packetfence-tunnel
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   EAP-Message = 0x0208002401686f73742f41646d696e2d31352d4e422e504552534f4e414c414d542e4445
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   FreeRADIUS-Proxied-To = 127.0.0.1
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   User-Name = "host/Admin-15-NB.PERSONALAMT.DE"
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   Framed-MTU = 1480
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   NAS-IP-Address = 172.20.9.150
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   NAS-Identifier = "Test"
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   Service-Type = Framed-User
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   Framed-Protocol = PPP
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   NAS-Port = 1
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   NAS-Port-Type = Ethernet
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   NAS-Port-Id = "1"
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   Calling-Station-Id := "00:e0:4c:60:43:20"
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   Connect-Info = "CONNECT Ethernet 1000Mbps Full duplex"
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   Tunnel-Type:0 = VLAN
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   Tunnel-Medium-Type:0 = IEEE-802
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   Tunnel-Private-Group-Id:0 = "1"
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   MS-RAS-Vendor = 11
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x011a0000000b28
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x011a0000000b2e
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x011a0000000b30
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x011a0000000b3d
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x0138
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x013a
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x0140
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x0141
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x0151
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   Called-Station-Id := "94:18:82:b9:32:80"
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   Event-Timestamp = "Mai 24 2018 17:30:30 CEST"
(7) Thu May 24 17:30:30 2018: Debug: Virtual server packetfence-tunnel received request
(7) Thu May 24 17:30:30 2018: Debug:   EAP-Message = 0x0208002401686f73742f41646d696e2d31352d4e422e504552534f4e414c414d542e4445
(7) Thu May 24 17:30:30 2018: Debug:   FreeRADIUS-Proxied-To = 127.0.0.1
(7) Thu May 24 17:30:30 2018: Debug:   User-Name = "host/Admin-15-NB.PERSONALAMT.DE"
(7) Thu May 24 17:30:30 2018: Debug:   Framed-MTU = 1480
(7) Thu May 24 17:30:30 2018: Debug:   NAS-IP-Address = 172.20.9.150
(7) Thu May 24 17:30:30 2018: Debug:   NAS-Identifier = "Test"
(7) Thu May 24 17:30:30 2018: Debug:   Service-Type = Framed-User
(7) Thu May 24 17:30:30 2018: Debug:   Framed-Protocol = PPP
(7) Thu May 24 17:30:30 2018: Debug:   NAS-Port = 1
(7) Thu May 24 17:30:30 2018: Debug:   NAS-Port-Type = Ethernet
(7) Thu May 24 17:30:30 2018: Debug:   NAS-Port-Id = "1"
(7) Thu May 24 17:30:30 2018: Debug:   Calling-Station-Id := "00:e0:4c:60:43:20"
(7) Thu May 24 17:30:30 2018: Debug:   Connect-Info = "CONNECT Ethernet 1000Mbps Full duplex"
(7) Thu May 24 17:30:30 2018: Debug:   Tunnel-Type:0 = VLAN
(7) Thu May 24 17:30:30 2018: Debug:   Tunnel-Medium-Type:0 = IEEE-802
(7) Thu May 24 17:30:30 2018: Debug:   Tunnel-Private-Group-Id:0 = "1"
(7) Thu May 24 17:30:30 2018: Debug:   MS-RAS-Vendor = 11
(7) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b28
(7) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b2e
(7) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b30
(7) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b3d
(7) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0138
(7) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x013a
(7) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0140
(7) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0141
(7) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0151
(7) Thu May 24 17:30:30 2018: Debug:   Called-Station-Id := "94:18:82:b9:32:80"
(7) Thu May 24 17:30:30 2018: Debug:   Event-Timestamp = "Mai 24 2018 17:30:30 CEST"
(7) Thu May 24 17:30:30 2018: WARNING: Outer and inner identities are the same.  User privacy is compromised.
(7) Thu May 24 17:30:30 2018: Debug: server packetfence-tunnel {
(7) Thu May 24 17:30:30 2018: Debug:   # Executing section authorize from file /usr/local/pf/raddb/sites-enabled/packetfence-tunnel
(7) Thu May 24 17:30:30 2018: Debug:     authorize {
(7) Thu May 24 17:30:30 2018: Debug:       if ( outer.EAP-Type == TTLS) {
(7) Thu May 24 17:30:30 2018: Debug:       if ( outer.EAP-Type == TTLS)  -> FALSE
(7) Thu May 24 17:30:30 2018: Debug:       policy filter_username {
(7) Thu May 24 17:30:30 2018: Debug:         if (&User-Name) {
(7) Thu May 24 17:30:30 2018: Debug:         if (&User-Name)  -> TRUE
(7) Thu May 24 17:30:30 2018: Debug:         if (&User-Name)  {
(7) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ / /) {
(7) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ / /)  -> FALSE
(7) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /@[^@]*@/ ) {
(7) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /@[^@]*@/ )  -> FALSE
(7) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /\.\./ ) {
(7) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /\.\./ )  -> FALSE
(7) Thu May 24 17:30:30 2018: Debug:           if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))  {
(7) Thu May 24 17:30:30 2018: Debug:           if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))   -> FALSE
(7) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /\.$/)  {
(7) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /\.$/)   -> FALSE
(7) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /@\./)  {
(7) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /@\./)   -> FALSE
(7) Thu May 24 17:30:30 2018: Debug:         } # if (&User-Name)  = notfound
(7) Thu May 24 17:30:30 2018: Debug:       } # policy filter_username = notfound
(7) Thu May 24 17:30:30 2018: Debug:       [mschap] = noop
(7) Thu May 24 17:30:30 2018: Debug: suffix: Checking for suffix after "@"
(7) Thu May 24 17:30:30 2018: Debug: suffix: No '@' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", skipping NULL due to config.
(7) Thu May 24 17:30:30 2018: Debug:       [suffix] = noop
(7) Thu May 24 17:30:30 2018: Debug: ntdomain: Checking for prefix before "\"
(7) Thu May 24 17:30:30 2018: Debug: ntdomain: No '\' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", looking up realm NULL
(7) Thu May 24 17:30:30 2018: Debug: ntdomain: Found realm "null"
(7) Thu May 24 17:30:30 2018: Debug: ntdomain: Adding Realm = "null"
(7) Thu May 24 17:30:30 2018: Debug: ntdomain: Authentication realm is LOCAL
(7) Thu May 24 17:30:30 2018: Debug:       [ntdomain] = ok
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'User-Name'} = &request:User-Name -> 'host/Admin-15-NB.PERSONALAMT.DE'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'NAS-IP-Address'} = &request:NAS-IP-Address -> '172.20.9.150'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'NAS-Port'} = &request:NAS-Port -> '1'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Service-Type'} = &request:Service-Type -> 'Framed-User'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Framed-Protocol'} = &request:Framed-Protocol -> 'PPP'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Framed-MTU'} = &request:Framed-MTU -> '1480'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Called-Station-Id'} = &request:Called-Station-Id -> '94:18:82:b9:32:80'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Calling-Station-Id'} = &request:Calling-Station-Id -> '00:e0:4c:60:43:20'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'NAS-Identifier'} = &request:NAS-Identifier -> 'Test'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'NAS-Port-Type'} = &request:NAS-Port-Type -> 'Ethernet'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Tunnel-Type'} = &request:Tunnel-Type -> 'VLAN'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Tunnel-Medium-Type'} = &request:Tunnel-Medium-Type -> 'IEEE-802'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Tunnel-Private-Group-Id'} = &request:Tunnel-Private-Group-Id -> '1'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Event-Timestamp'} = &request:Event-Timestamp -> 'Mai 24 2018 17:30:30 CEST'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Connect-Info'} = &request:Connect-Info -> 'CONNECT Ethernet 1000Mbps Full duplex'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'EAP-Message'} = &request:EAP-Message -> '0x0208002401686f73742f41646d696e2d31352d4e422e504552534f4e414c414d542e4445'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'NAS-Port-Id'} = &request:NAS-Port-Id -> '1'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'FreeRADIUS-Proxied-To'} = &request:FreeRADIUS-Proxied-To -> '127.0.0.1'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[0] = &request:HP-Capability-Advert -> '0x011a0000000b28'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[1] = &request:HP-Capability-Advert -> '0x011a0000000b2e'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[2] = &request:HP-Capability-Advert -> '0x011a0000000b30'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[3] = &request:HP-Capability-Advert -> '0x011a0000000b3d'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[4] = &request:HP-Capability-Advert -> '0x0138'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[5] = &request:HP-Capability-Advert -> '0x013a'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[6] = &request:HP-Capability-Advert -> '0x0140'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[7] = &request:HP-Capability-Advert -> '0x0141'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[8] = &request:HP-Capability-Advert -> '0x0151'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'MS-RAS-Vendor'} = &request:MS-RAS-Vendor -> '11'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Realm'} = &request:Realm -> 'null'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_CHECK{'EAP-Type'} = &control:EAP-Type -> 'MSCHAPv2'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_CONFIG{'EAP-Type'} = &control:EAP-Type -> 'MSCHAPv2'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x011a0000000b28'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x011a0000000b2e'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x011a0000000b30'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x011a0000000b3d'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x0138'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x013a'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x0140'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x0141'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x0151'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:NAS-Port-Type = $RAD_REQUEST{'NAS-Port-Type'} -> 'Ethernet'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:MS-RAS-Vendor = $RAD_REQUEST{'MS-RAS-Vendor'} -> '11'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Service-Type = $RAD_REQUEST{'Service-Type'} -> 'Framed-User'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Called-Station-Id = $RAD_REQUEST{'Called-Station-Id'} -> '94:18:82:b9:32:80'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:FreeRADIUS-Proxied-To = $RAD_REQUEST{'FreeRADIUS-Proxied-To'} -> '127.0.0.1'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Tunnel-Type:0 = $RAD_REQUEST{'Tunnel-Type:0'} -> 'VLAN'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Connect-Info = $RAD_REQUEST{'Connect-Info'} -> 'CONNECT Ethernet 1000Mbps Full duplex'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Realm = $RAD_REQUEST{'Realm'} -> 'null'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:NAS-IP-Address = $RAD_REQUEST{'NAS-IP-Address'} -> '172.20.9.150'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:NAS-Port-Id = $RAD_REQUEST{'NAS-Port-Id'} -> '1'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Tunnel-Medium-Type:0 = $RAD_REQUEST{'Tunnel-Medium-Type:0'} -> 'IEEE-802'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Calling-Station-Id = $RAD_REQUEST{'Calling-Station-Id'} -> '00:e0:4c:60:43:20'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:PacketFence-Domain = $RAD_REQUEST{'PacketFence-Domain'} -> 'LKMRBI'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Framed-Protocol = $RAD_REQUEST{'Framed-Protocol'} -> 'PPP'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Tunnel-Private-Group-Id:0 = $RAD_REQUEST{'Tunnel-Private-Group-Id:0'} -> '1'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:User-Name = $RAD_REQUEST{'User-Name'} -> 'host/Admin-15-NB.PERSONALAMT.DE'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:NAS-Identifier = $RAD_REQUEST{'NAS-Identifier'} -> 'Test'
(7) Thu May 24 17:30:30 2018: ERROR: packetfence-multi-domain: Failed to create pair - failed to parse time string "Mai 24 2018 17:30:30 CEST"
(7) Thu May 24 17:30:30 2018: ERROR: packetfence-multi-domain:     &request:Event-Timestamp = $RAD_REQUEST{'Event-Timestamp'} -> 'Mai 24 2018 17:30:30 CEST'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:EAP-Message = $RAD_REQUEST{'EAP-Message'} -> '0x0208002401686f73742f41646d696e2d31352d4e422e504552534f4e414c414d542e4445'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:NAS-Port = $RAD_REQUEST{'NAS-Port'} -> '1'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Framed-MTU = $RAD_REQUEST{'Framed-MTU'} -> '1480'
(7) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &control:EAP-Type = $RAD_CHECK{'EAP-Type'} -> 'MSCHAPv2'
(7) Thu May 24 17:30:30 2018: Debug:       [packetfence-multi-domain] = updated
(7) Thu May 24 17:30:30 2018: Debug:       update control {
(7) Thu May 24 17:30:30 2018: Debug:       } # update control = noop
(7) Thu May 24 17:30:30 2018: Debug: eap: Peer sent EAP Response (code 2) ID 8 length 36
(7) Thu May 24 17:30:30 2018: Debug: eap: EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
(7) Thu May 24 17:30:30 2018: Debug:       [eap] = ok
(7) Thu May 24 17:30:30 2018: Debug:     } # authorize = ok
(7) Thu May 24 17:30:30 2018: WARNING:   You set Proxy-To-Realm = local, but it is a LOCAL realm!  Cancelling proxy request.
(7) Thu May 24 17:30:30 2018: Debug:   Found Auth-Type = eap
(7) Thu May 24 17:30:30 2018: Debug:   # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence-tunnel
(7) Thu May 24 17:30:30 2018: Debug:     authenticate {
(7) Thu May 24 17:30:30 2018: Debug: eap: Peer sent packet with method EAP Identity (1)
(7) Thu May 24 17:30:30 2018: Debug: eap: Calling submodule eap_mschapv2 to process data
(7) Thu May 24 17:30:30 2018: Debug: eap_mschapv2: Issuing Challenge
(7) Thu May 24 17:30:30 2018: Debug: eap: Sending EAP Request (code 1) ID 9 length 43
(7) Thu May 24 17:30:30 2018: Debug: eap: EAP session adding &reply:State = 0x3c540b463c5d11bc
(7) Thu May 24 17:30:30 2018: Debug:       [eap] = handled
(7) Thu May 24 17:30:30 2018: Debug:     } # authenticate = handled
(7) Thu May 24 17:30:30 2018: Debug: } # server packetfence-tunnel
(7) Thu May 24 17:30:30 2018: Debug: Virtual server sending reply
(7) Thu May 24 17:30:30 2018: Debug:   EAP-Message = 0x0109002b1a0109002610cdf91c10176e1e591aaaba0ec7e8ec7c667265657261646975732d332e302e3135
(7) Thu May 24 17:30:30 2018: Debug:   Message-Authenticator = 0x00000000000000000000000000000000
(7) Thu May 24 17:30:30 2018: Debug:   State = 0x3c540b463c5d11bc9b9de9eca83b76bb
(7) Thu May 24 17:30:30 2018: Debug: eap_peap: Got tunneled reply code 11
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   EAP-Message = 0x0109002b1a0109002610cdf91c10176e1e591aaaba0ec7e8ec7c667265657261646975732d332e302e3135
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   Message-Authenticator = 0x00000000000000000000000000000000
(7) Thu May 24 17:30:30 2018: Debug: eap_peap:   State = 0x3c540b463c5d11bc9b9de9eca83b76bb
(7) Thu May 24 17:30:30 2018: Debug: eap_peap: Got tunneled Access-Challenge
(7) Thu May 24 17:30:30 2018: Debug: eap: Sending EAP Request (code 1) ID 9 length 74
(7) Thu May 24 17:30:30 2018: Debug: eap: EAP session adding &reply:State = 0x49c411c24ecd082f
(7) Thu May 24 17:30:30 2018: Debug:     [eap] = handled
(7) Thu May 24 17:30:30 2018: Debug:   } # authenticate = handled
(7) Thu May 24 17:30:30 2018: Debug: Using Post-Auth-Type Challenge
(7) Thu May 24 17:30:30 2018: Debug: Post-Auth-Type sub-section not found.  Ignoring.
(7) Thu May 24 17:30:30 2018: Debug: # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence
(7) Thu May 24 17:30:30 2018: Debug: Sent Access-Challenge Id 213 from 172.20.5.3:1812 to 172.20.5.79:52628 length 0
(7) Thu May 24 17:30:30 2018: Debug:   EAP-Message = 0x0109004a1900170303003fc204d6dc726b81dcc38d0d7620d43ee6de16f96200d67e765fc7bb27f998ee98c0f5f5354569f64774c4e71fff345b908044d152a3c9f1e873fd6168148cfe
(7) Thu May 24 17:30:30 2018: Debug:   Message-Authenticator = 0x00000000000000000000000000000000
(7) Thu May 24 17:30:30 2018: Debug:   State = 0x49c411c24ecd082fb3b3797cce5894f4
(7) Thu May 24 17:30:30 2018: Debug:   Proxy-State = 0x3231
(7) Thu May 24 17:30:30 2018: Debug: Finished request
(8) Thu May 24 17:30:30 2018: Debug: Received Access-Request Id 45 from 172.20.5.79:52628 to 172.20.5.3:1812 length 475
(8) Thu May 24 17:30:30 2018: Debug:   Framed-MTU = 1480
(8) Thu May 24 17:30:30 2018: Debug:   NAS-IP-Address = 172.20.9.150
(8) Thu May 24 17:30:30 2018: Debug:   NAS-Identifier = "Test"
(8) Thu May 24 17:30:30 2018: Debug:   User-Name = "host/Admin-15-NB.PERSONALAMT.DE"
(8) Thu May 24 17:30:30 2018: Debug:   Service-Type = Framed-User
(8) Thu May 24 17:30:30 2018: Debug:   Framed-Protocol = PPP
(8) Thu May 24 17:30:30 2018: Debug:   NAS-Port = 1
(8) Thu May 24 17:30:30 2018: Debug:   NAS-Port-Type = Ethernet
(8) Thu May 24 17:30:30 2018: Debug:   NAS-Port-Id = "1"
(8) Thu May 24 17:30:30 2018: Debug:   Called-Station-Id = "94-18-82-b9-32-80"
(8) Thu May 24 17:30:30 2018: Debug:   Calling-Station-Id = "00-e0-4c-60-43-20"
(8) Thu May 24 17:30:30 2018: Debug:   Connect-Info = "CONNECT Ethernet 1000Mbps Full duplex"
(8) Thu May 24 17:30:30 2018: Debug:   Tunnel-Type:0 = VLAN
(8) Thu May 24 17:30:30 2018: Debug:   Tunnel-Medium-Type:0 = IEEE-802
(8) Thu May 24 17:30:30 2018: Debug:   Tunnel-Private-Group-Id:0 = "1"
(8) Thu May 24 17:30:30 2018: Debug:   State = 0x49c411c24ecd082fb3b3797cce5894f4
(8) Thu May 24 17:30:30 2018: Debug:   EAP-Message = 0x020900791900170303006e0000000000000002a78ef4f10e50144dbc569670d2043607c8b6d6c274870853ca9edcdb980828dd20f4f9fcb6688dd0341132568c405fc296ce490f5d3c4e69b080f795b66b51262d6a50103c60f728f1cd51f5111530a6cf80a208d6943cafd1270353ba40124e28ef6028
(8) Thu May 24 17:30:30 2018: Debug:   Message-Authenticator = 0x4d4f3198399a23f5b92ece5023620b1a
(8) Thu May 24 17:30:30 2018: Debug:   MS-RAS-Vendor = 11
(8) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b28
(8) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b2e
(8) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b30
(8) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b3d
(8) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0138
(8) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x013a
(8) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0140
(8) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0141
(8) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0151
(8) Thu May 24 17:30:30 2018: Debug:   Proxy-State = 0x3232
(8) Thu May 24 17:30:30 2018: Debug: session-state: No cached attributes
(8) Thu May 24 17:30:30 2018: Debug: # Executing section authorize from file /usr/local/pf/raddb/sites-enabled/packetfence
(8) Thu May 24 17:30:30 2018: Debug:   authorize {
(8) Thu May 24 17:30:30 2018: Debug:     update {
(8) Thu May 24 17:30:30 2018: Debug:       EXPAND %{Packet-Src-IP-Address}
(8) Thu May 24 17:30:30 2018: Debug:          --> 172.20.5.79
(8) Thu May 24 17:30:30 2018: Debug:       EXPAND %l
(8) Thu May 24 17:30:30 2018: Debug:          --> 1527175830
(8) Thu May 24 17:30:30 2018: Debug:     } # update = noop
(8) Thu May 24 17:30:30 2018: Debug:     policy packetfence-set-tenant-id {
(8) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0") {
(8) Thu May 24 17:30:30 2018: Debug:       EXPAND %{%{control:PacketFence-Tenant-Id}:-0}
(8) Thu May 24 17:30:30 2018: Debug:          --> 0
(8) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  -> TRUE
(8) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  {
(8) Thu May 24 17:30:30 2018: Debug:         update control {
(8) Thu May 24 17:30:30 2018: Debug:           EXPAND %{User-Name}
(8) Thu May 24 17:30:30 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(8) Thu May 24 17:30:30 2018: Debug:           SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(8) Thu May 24 17:30:30 2018: Debug:           Executing select query:  SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '172.20.5.79'), 0)
(8) Thu May 24 17:30:30 2018: Debug:           EXPAND %{sql: SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '%{Packet-Src-IP-Address}'), 0)}
(8) Thu May 24 17:30:30 2018: Debug:              --> 0
(8) Thu May 24 17:30:30 2018: Debug:         } # update control = noop
(8) Thu May 24 17:30:30 2018: Debug:       } # if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  = noop
(8) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 ) {
(8) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  -> TRUE
(8) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  {
(8) Thu May 24 17:30:30 2018: Debug:         update control {
(8) Thu May 24 17:30:30 2018: Debug:           EXPAND %{User-Name}
(8) Thu May 24 17:30:30 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(8) Thu May 24 17:30:30 2018: Debug:           SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(8) Thu May 24 17:30:30 2018: Debug:           Executing select query:  SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('172.20.5.79') and INET_ATON('172.20.5.79') <= end_ip order by range_length limit 1), 1)
(8) Thu May 24 17:30:30 2018: Debug:           EXPAND %{sql: SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('%{Packet-Src-IP-Address}') and INET_ATON('%{Packet-Src-IP-Address}') <= end_ip order by range_length limit 1), 1)}
(8) Thu May 24 17:30:30 2018: Debug:              --> 1
(8) Thu May 24 17:30:30 2018: Debug:         } # update control = noop
(8) Thu May 24 17:30:30 2018: Debug:       } # if ( &control:PacketFence-Tenant-Id == 0 )  = noop
(8) Thu May 24 17:30:30 2018: Debug:     } # policy packetfence-set-tenant-id = noop
(8) Thu May 24 17:30:30 2018: Debug:     policy rewrite_calling_station_id {
(8) Thu May 24 17:30:30 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i)) {
(8) Thu May 24 17:30:30 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  -> TRUE
(8) Thu May 24 17:30:30 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  {
(8) Thu May 24 17:30:30 2018: Debug:         update request {
(8) Thu May 24 17:30:30 2018: Debug:           EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(8) Thu May 24 17:30:30 2018: Debug:              --> 00:e0:4c:60:43:20
(8) Thu May 24 17:30:30 2018: Debug:         } # update request = noop
(8) Thu May 24 17:30:30 2018: Debug:         [updated] = updated
(8) Thu May 24 17:30:30 2018: Debug:       } # if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  = updated
(8) Thu May 24 17:30:30 2018: Debug:       ... skipping else: Preceding "if" was taken
(8) Thu May 24 17:30:30 2018: Debug:     } # policy rewrite_calling_station_id = updated
(8) Thu May 24 17:30:30 2018: Debug:     policy rewrite_called_station_id {
(8) Thu May 24 17:30:30 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i)) {
(8) Thu May 24 17:30:30 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  -> TRUE
(8) Thu May 24 17:30:30 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  {
(8) Thu May 24 17:30:30 2018: Debug:         update request {
(8) Thu May 24 17:30:30 2018: Debug:           EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(8) Thu May 24 17:30:30 2018: Debug:              --> 94:18:82:b9:32:80
(8) Thu May 24 17:30:30 2018: Debug:         } # update request = noop
(8) Thu May 24 17:30:30 2018: Debug:         if ("%{8}") {
(8) Thu May 24 17:30:30 2018: Debug:         EXPAND %{8}
(8) Thu May 24 17:30:30 2018: Debug:            -->
(8) Thu May 24 17:30:30 2018: Debug:         if ("%{8}")  -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:         elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i) {
(8) Thu May 24 17:30:30 2018: Debug:         elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:         elsif (Aruba-Essid-Name) {
(8) Thu May 24 17:30:30 2018: Debug:         elsif (Aruba-Essid-Name)  -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:         elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i) {
(8) Thu May 24 17:30:30 2018: Debug:         elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:         [updated] = updated
(8) Thu May 24 17:30:30 2018: Debug:       } # if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  = updated
(8) Thu May 24 17:30:30 2018: Debug:       ... skipping else: Preceding "if" was taken
(8) Thu May 24 17:30:30 2018: Debug:     } # policy rewrite_called_station_id = updated
(8) Thu May 24 17:30:30 2018: Debug:     policy filter_username {
(8) Thu May 24 17:30:30 2018: Debug:       if (&User-Name) {
(8) Thu May 24 17:30:30 2018: Debug:       if (&User-Name)  -> TRUE
(8) Thu May 24 17:30:30 2018: Debug:       if (&User-Name)  {
(8) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ / /) {
(8) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ / /)  -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@[^@]*@/ ) {
(8) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@[^@]*@/ )  -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.\./ ) {
(8) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.\./ )  -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))  {
(8) Thu May 24 17:30:30 2018: Debug:         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))   -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.$/)  {
(8) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.$/)   -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@\./)  {
(8) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@\./)   -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:       } # if (&User-Name)  = updated
(8) Thu May 24 17:30:30 2018: Debug:     } # policy filter_username = updated
(8) Thu May 24 17:30:30 2018: Debug:     policy filter_password {
(8) Thu May 24 17:30:30 2018: Debug:       if (&User-Password && 	   (&User-Password != "%{string:User-Password}")) {
(8) Thu May 24 17:30:30 2018: Debug:       if (&User-Password && 	   (&User-Password != "%{string:User-Password}"))  -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:     } # policy filter_password = updated
(8) Thu May 24 17:30:30 2018: Debug:     [preprocess] = ok
(8) Thu May 24 17:30:30 2018: Debug: suffix: Checking for suffix after "@"
(8) Thu May 24 17:30:30 2018: Debug: suffix: No '@' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", skipping NULL due to config.
(8) Thu May 24 17:30:30 2018: Debug:     [suffix] = noop
(8) Thu May 24 17:30:30 2018: Debug: ntdomain: Checking for prefix before "\"
(8) Thu May 24 17:30:30 2018: Debug: ntdomain: No '\' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", looking up realm NULL
(8) Thu May 24 17:30:30 2018: Debug: ntdomain: Found realm "null"
(8) Thu May 24 17:30:30 2018: Debug: ntdomain: Adding Realm = "null"
(8) Thu May 24 17:30:30 2018: Debug: ntdomain: Authentication realm is LOCAL
(8) Thu May 24 17:30:30 2018: Debug:     [ntdomain] = ok
(8) Thu May 24 17:30:30 2018: Debug: eap: Peer sent EAP Response (code 2) ID 9 length 121
(8) Thu May 24 17:30:30 2018: Debug: eap: Continuing tunnel setup
(8) Thu May 24 17:30:30 2018: Debug:     [eap] = ok
(8) Thu May 24 17:30:30 2018: Debug:   } # authorize = ok
(8) Thu May 24 17:30:30 2018: Debug: Found Auth-Type = eap
(8) Thu May 24 17:30:30 2018: Debug: # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence
(8) Thu May 24 17:30:30 2018: Debug:   authenticate {
(8) Thu May 24 17:30:30 2018: Debug: eap: Expiring EAP session with state 0x3c540b463c5d11bc
(8) Thu May 24 17:30:30 2018: Debug: eap: Finished EAP session with state 0x49c411c24ecd082f
(8) Thu May 24 17:30:30 2018: Debug: eap: Previous EAP request found for state 0x49c411c24ecd082f, released from the list
(8) Thu May 24 17:30:30 2018: Debug: eap: Peer sent packet with method EAP PEAP (25)
(8) Thu May 24 17:30:30 2018: Debug: eap: Calling submodule eap_peap to process data
(8) Thu May 24 17:30:30 2018: Debug: eap_peap: Continuing EAP-TLS
(8) Thu May 24 17:30:30 2018: Debug: eap_peap: [eaptls verify] = ok
(8) Thu May 24 17:30:30 2018: Debug: eap_peap: Done initial handshake
(8) Thu May 24 17:30:30 2018: Debug: eap_peap: [eaptls process] = ok
(8) Thu May 24 17:30:30 2018: Debug: eap_peap: Session established.  Decoding tunneled attributes
(8) Thu May 24 17:30:30 2018: Debug: eap_peap: PEAP state phase2
(8) Thu May 24 17:30:30 2018: Debug: eap_peap: EAP method MSCHAPv2 (26)
(8) Thu May 24 17:30:30 2018: Debug: eap_peap: Got tunneled request
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   EAP-Message = 0x0209005a1a02090055316159b5ecaefb2209298539b2a82fc5ad0000000000000000bee84769b24f2eb26a8e3902bb9448be4a3371baa932ccef00686f73742f41646d696e2d31352d4e422e504552534f4e414c414d542e4445
(8) Thu May 24 17:30:30 2018: Debug: eap_peap: Setting User-Name to host/Admin-15-NB.PERSONALAMT.DE
(8) Thu May 24 17:30:30 2018: Debug: eap_peap: Sending tunneled request to packetfence-tunnel
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   EAP-Message = 0x0209005a1a02090055316159b5ecaefb2209298539b2a82fc5ad0000000000000000bee84769b24f2eb26a8e3902bb9448be4a3371baa932ccef00686f73742f41646d696e2d31352d4e422e504552534f4e414c414d542e4445
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   FreeRADIUS-Proxied-To = 127.0.0.1
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   User-Name = "host/Admin-15-NB.PERSONALAMT.DE"
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   State = 0x3c540b463c5d11bc9b9de9eca83b76bb
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   Framed-MTU = 1480
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   NAS-IP-Address = 172.20.9.150
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   NAS-Identifier = "Test"
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   Service-Type = Framed-User
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   Framed-Protocol = PPP
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   NAS-Port = 1
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   NAS-Port-Type = Ethernet
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   NAS-Port-Id = "1"
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   Calling-Station-Id := "00:e0:4c:60:43:20"
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   Connect-Info = "CONNECT Ethernet 1000Mbps Full duplex"
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   Tunnel-Type:0 = VLAN
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   Tunnel-Medium-Type:0 = IEEE-802
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   Tunnel-Private-Group-Id:0 = "1"
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   MS-RAS-Vendor = 11
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x011a0000000b28
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x011a0000000b2e
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x011a0000000b30
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x011a0000000b3d
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x0138
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x013a
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x0140
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x0141
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x0151
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   Called-Station-Id := "94:18:82:b9:32:80"
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   Event-Timestamp = "Mai 24 2018 17:30:30 CEST"
(8) Thu May 24 17:30:30 2018: Debug: Virtual server packetfence-tunnel received request
(8) Thu May 24 17:30:30 2018: Debug:   EAP-Message = 0x0209005a1a02090055316159b5ecaefb2209298539b2a82fc5ad0000000000000000bee84769b24f2eb26a8e3902bb9448be4a3371baa932ccef00686f73742f41646d696e2d31352d4e422e504552534f4e414c414d542e4445
(8) Thu May 24 17:30:30 2018: Debug:   FreeRADIUS-Proxied-To = 127.0.0.1
(8) Thu May 24 17:30:30 2018: Debug:   User-Name = "host/Admin-15-NB.PERSONALAMT.DE"
(8) Thu May 24 17:30:30 2018: Debug:   State = 0x3c540b463c5d11bc9b9de9eca83b76bb
(8) Thu May 24 17:30:30 2018: Debug:   Framed-MTU = 1480
(8) Thu May 24 17:30:30 2018: Debug:   NAS-IP-Address = 172.20.9.150
(8) Thu May 24 17:30:30 2018: Debug:   NAS-Identifier = "Test"
(8) Thu May 24 17:30:30 2018: Debug:   Service-Type = Framed-User
(8) Thu May 24 17:30:30 2018: Debug:   Framed-Protocol = PPP
(8) Thu May 24 17:30:30 2018: Debug:   NAS-Port = 1
(8) Thu May 24 17:30:30 2018: Debug:   NAS-Port-Type = Ethernet
(8) Thu May 24 17:30:30 2018: Debug:   NAS-Port-Id = "1"
(8) Thu May 24 17:30:30 2018: Debug:   Calling-Station-Id := "00:e0:4c:60:43:20"
(8) Thu May 24 17:30:30 2018: Debug:   Connect-Info = "CONNECT Ethernet 1000Mbps Full duplex"
(8) Thu May 24 17:30:30 2018: Debug:   Tunnel-Type:0 = VLAN
(8) Thu May 24 17:30:30 2018: Debug:   Tunnel-Medium-Type:0 = IEEE-802
(8) Thu May 24 17:30:30 2018: Debug:   Tunnel-Private-Group-Id:0 = "1"
(8) Thu May 24 17:30:30 2018: Debug:   MS-RAS-Vendor = 11
(8) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b28
(8) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b2e
(8) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b30
(8) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b3d
(8) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0138
(8) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x013a
(8) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0140
(8) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0141
(8) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0151
(8) Thu May 24 17:30:30 2018: Debug:   Called-Station-Id := "94:18:82:b9:32:80"
(8) Thu May 24 17:30:30 2018: Debug:   Event-Timestamp = "Mai 24 2018 17:30:30 CEST"
(8) Thu May 24 17:30:30 2018: WARNING: Outer and inner identities are the same.  User privacy is compromised.
(8) Thu May 24 17:30:30 2018: Debug: server packetfence-tunnel {
(8) Thu May 24 17:30:30 2018: Debug:   session-state: No cached attributes
(8) Thu May 24 17:30:30 2018: Debug:   # Executing section authorize from file /usr/local/pf/raddb/sites-enabled/packetfence-tunnel
(8) Thu May 24 17:30:30 2018: Debug:     authorize {
(8) Thu May 24 17:30:30 2018: Debug:       if ( outer.EAP-Type == TTLS) {
(8) Thu May 24 17:30:30 2018: Debug:       if ( outer.EAP-Type == TTLS)  -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:       policy filter_username {
(8) Thu May 24 17:30:30 2018: Debug:         if (&User-Name) {
(8) Thu May 24 17:30:30 2018: Debug:         if (&User-Name)  -> TRUE
(8) Thu May 24 17:30:30 2018: Debug:         if (&User-Name)  {
(8) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ / /) {
(8) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ / /)  -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /@[^@]*@/ ) {
(8) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /@[^@]*@/ )  -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /\.\./ ) {
(8) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /\.\./ )  -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:           if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))  {
(8) Thu May 24 17:30:30 2018: Debug:           if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))   -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /\.$/)  {
(8) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /\.$/)   -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /@\./)  {
(8) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /@\./)   -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:         } # if (&User-Name)  = notfound
(8) Thu May 24 17:30:30 2018: Debug:       } # policy filter_username = notfound
(8) Thu May 24 17:30:30 2018: Debug:       [mschap] = noop
(8) Thu May 24 17:30:30 2018: Debug: suffix: Checking for suffix after "@"
(8) Thu May 24 17:30:30 2018: Debug: suffix: No '@' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", skipping NULL due to config.
(8) Thu May 24 17:30:30 2018: Debug:       [suffix] = noop
(8) Thu May 24 17:30:30 2018: Debug: ntdomain: Checking for prefix before "\"
(8) Thu May 24 17:30:30 2018: Debug: ntdomain: No '\' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", looking up realm NULL
(8) Thu May 24 17:30:30 2018: Debug: ntdomain: Found realm "null"
(8) Thu May 24 17:30:30 2018: Debug: ntdomain: Adding Realm = "null"
(8) Thu May 24 17:30:30 2018: Debug: ntdomain: Authentication realm is LOCAL
(8) Thu May 24 17:30:30 2018: Debug:       [ntdomain] = ok
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'User-Name'} = &request:User-Name -> 'host/Admin-15-NB.PERSONALAMT.DE'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'NAS-IP-Address'} = &request:NAS-IP-Address -> '172.20.9.150'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'NAS-Port'} = &request:NAS-Port -> '1'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Service-Type'} = &request:Service-Type -> 'Framed-User'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Framed-Protocol'} = &request:Framed-Protocol -> 'PPP'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Framed-MTU'} = &request:Framed-MTU -> '1480'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'State'} = &request:State -> '0x3c540b463c5d11bc9b9de9eca83b76bb'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Called-Station-Id'} = &request:Called-Station-Id -> '94:18:82:b9:32:80'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Calling-Station-Id'} = &request:Calling-Station-Id -> '00:e0:4c:60:43:20'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'NAS-Identifier'} = &request:NAS-Identifier -> 'Test'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'NAS-Port-Type'} = &request:NAS-Port-Type -> 'Ethernet'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Tunnel-Type'} = &request:Tunnel-Type -> 'VLAN'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Tunnel-Medium-Type'} = &request:Tunnel-Medium-Type -> 'IEEE-802'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Tunnel-Private-Group-Id'} = &request:Tunnel-Private-Group-Id -> '1'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Event-Timestamp'} = &request:Event-Timestamp -> 'Mai 24 2018 17:30:30 CEST'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Connect-Info'} = &request:Connect-Info -> 'CONNECT Ethernet 1000Mbps Full duplex'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'EAP-Message'} = &request:EAP-Message -> '0x0209005a1a02090055316159b5ecaefb2209298539b2a82fc5ad0000000000000000bee84769b24f2eb26a8e3902bb9448be4a3371baa932ccef00686f73742f41646d696e2d31352d4e422e504552534f4e414c414d542e4445'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'NAS-Port-Id'} = &request:NAS-Port-Id -> '1'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'FreeRADIUS-Proxied-To'} = &request:FreeRADIUS-Proxied-To -> '127.0.0.1'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[0] = &request:HP-Capability-Advert -> '0x011a0000000b28'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[1] = &request:HP-Capability-Advert -> '0x011a0000000b2e'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[2] = &request:HP-Capability-Advert -> '0x011a0000000b30'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[3] = &request:HP-Capability-Advert -> '0x011a0000000b3d'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[4] = &request:HP-Capability-Advert -> '0x0138'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[5] = &request:HP-Capability-Advert -> '0x013a'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[6] = &request:HP-Capability-Advert -> '0x0140'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[7] = &request:HP-Capability-Advert -> '0x0141'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[8] = &request:HP-Capability-Advert -> '0x0151'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'MS-RAS-Vendor'} = &request:MS-RAS-Vendor -> '11'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Realm'} = &request:Realm -> 'null'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x011a0000000b28'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x011a0000000b2e'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x011a0000000b30'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x011a0000000b3d'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x0138'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x013a'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x0140'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x0141'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x0151'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:NAS-Port-Type = $RAD_REQUEST{'NAS-Port-Type'} -> 'Ethernet'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:MS-RAS-Vendor = $RAD_REQUEST{'MS-RAS-Vendor'} -> '11'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Service-Type = $RAD_REQUEST{'Service-Type'} -> 'Framed-User'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Called-Station-Id = $RAD_REQUEST{'Called-Station-Id'} -> '94:18:82:b9:32:80'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:State = $RAD_REQUEST{'State'} -> '0x3c540b463c5d11bc9b9de9eca83b76bb'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:FreeRADIUS-Proxied-To = $RAD_REQUEST{'FreeRADIUS-Proxied-To'} -> '127.0.0.1'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Tunnel-Type:0 = $RAD_REQUEST{'Tunnel-Type:0'} -> 'VLAN'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Connect-Info = $RAD_REQUEST{'Connect-Info'} -> 'CONNECT Ethernet 1000Mbps Full duplex'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Realm = $RAD_REQUEST{'Realm'} -> 'null'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:NAS-IP-Address = $RAD_REQUEST{'NAS-IP-Address'} -> '172.20.9.150'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:NAS-Port-Id = $RAD_REQUEST{'NAS-Port-Id'} -> '1'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Tunnel-Medium-Type:0 = $RAD_REQUEST{'Tunnel-Medium-Type:0'} -> 'IEEE-802'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Calling-Station-Id = $RAD_REQUEST{'Calling-Station-Id'} -> '00:e0:4c:60:43:20'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:PacketFence-Domain = $RAD_REQUEST{'PacketFence-Domain'} -> 'LKMRBI'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Framed-Protocol = $RAD_REQUEST{'Framed-Protocol'} -> 'PPP'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Tunnel-Private-Group-Id:0 = $RAD_REQUEST{'Tunnel-Private-Group-Id:0'} -> '1'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:User-Name = $RAD_REQUEST{'User-Name'} -> 'host/Admin-15-NB.PERSONALAMT.DE'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:NAS-Identifier = $RAD_REQUEST{'NAS-Identifier'} -> 'Test'
(8) Thu May 24 17:30:30 2018: ERROR: packetfence-multi-domain: Failed to create pair - failed to parse time string "Mai 24 2018 17:30:30 CEST"
(8) Thu May 24 17:30:30 2018: ERROR: packetfence-multi-domain:     &request:Event-Timestamp = $RAD_REQUEST{'Event-Timestamp'} -> 'Mai 24 2018 17:30:30 CEST'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:EAP-Message = $RAD_REQUEST{'EAP-Message'} -> '0x0209005a1a02090055316159b5ecaefb2209298539b2a82fc5ad0000000000000000bee84769b24f2eb26a8e3902bb9448be4a3371baa932ccef00686f73742f41646d696e2d31352d4e422e504552534f4e414c414d542e4445'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:NAS-Port = $RAD_REQUEST{'NAS-Port'} -> '1'
(8) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Framed-MTU = $RAD_REQUEST{'Framed-MTU'} -> '1480'
(8) Thu May 24 17:30:30 2018: Debug:       [packetfence-multi-domain] = updated
(8) Thu May 24 17:30:30 2018: Debug:       update control {
(8) Thu May 24 17:30:30 2018: Debug:       } # update control = noop
(8) Thu May 24 17:30:30 2018: Debug: eap: Peer sent EAP Response (code 2) ID 9 length 90
(8) Thu May 24 17:30:30 2018: Debug: eap: No EAP Start, assuming it's an on-going EAP conversation
(8) Thu May 24 17:30:30 2018: Debug:       [eap] = updated
(8) Thu May 24 17:30:30 2018: Debug:       policy rewrite_called_station_id {
(8) Thu May 24 17:30:30 2018: Debug:         if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i)) {
(8) Thu May 24 17:30:30 2018: Debug:         if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  -> TRUE
(8) Thu May 24 17:30:30 2018: Debug:         if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  {
(8) Thu May 24 17:30:30 2018: Debug:           update request {
(8) Thu May 24 17:30:30 2018: Debug:             EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(8) Thu May 24 17:30:30 2018: Debug:                --> 94:18:82:b9:32:80
(8) Thu May 24 17:30:30 2018: Debug:           } # update request = noop
(8) Thu May 24 17:30:30 2018: Debug:           if ("%{8}") {
(8) Thu May 24 17:30:30 2018: Debug:           EXPAND %{8}
(8) Thu May 24 17:30:30 2018: Debug:              -->
(8) Thu May 24 17:30:30 2018: Debug:           if ("%{8}")  -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:           elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i) {
(8) Thu May 24 17:30:30 2018: Debug:           elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:           elsif (Aruba-Essid-Name) {
(8) Thu May 24 17:30:30 2018: Debug:           elsif (Aruba-Essid-Name)  -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:           elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i) {
(8) Thu May 24 17:30:30 2018: Debug:           elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:           [updated] = updated
(8) Thu May 24 17:30:30 2018: Debug:         } # if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  = updated
(8) Thu May 24 17:30:30 2018: Debug:         ... skipping else: Preceding "if" was taken
(8) Thu May 24 17:30:30 2018: Debug:       } # policy rewrite_called_station_id = updated
(8) Thu May 24 17:30:30 2018: Debug:       [pap] = noop
(8) Thu May 24 17:30:30 2018: Debug:     } # authorize = updated
(8) Thu May 24 17:30:30 2018: WARNING:   You set Proxy-To-Realm = local, but it is a LOCAL realm!  Cancelling proxy request.
(8) Thu May 24 17:30:30 2018: Debug:   Found Auth-Type = eap
(8) Thu May 24 17:30:30 2018: Debug:   # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence-tunnel
(8) Thu May 24 17:30:30 2018: Debug:     authenticate {
(8) Thu May 24 17:30:30 2018: Debug: eap: Expiring EAP session with state 0x3c540b463c5d11bc
(8) Thu May 24 17:30:30 2018: Debug: eap: Finished EAP session with state 0x3c540b463c5d11bc
(8) Thu May 24 17:30:30 2018: Debug: eap: Previous EAP request found for state 0x3c540b463c5d11bc, released from the list
(8) Thu May 24 17:30:30 2018: Debug: eap: Peer sent packet with method EAP MSCHAPv2 (26)
(8) Thu May 24 17:30:30 2018: Debug: eap: Calling submodule eap_mschapv2 to process data
(8) Thu May 24 17:30:30 2018: Debug: eap_mschapv2: # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence-tunnel
(8) Thu May 24 17:30:30 2018: Debug: eap_mschapv2:   Auth-Type MS-CHAP {
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'User-Name'} = &request:User-Name -> 'host/Admin-15-NB.PERSONALAMT.DE'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'NAS-IP-Address'} = &request:NAS-IP-Address -> '172.20.9.150'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'NAS-Port'} = &request:NAS-Port -> '1'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'Service-Type'} = &request:Service-Type -> 'Framed-User'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'Framed-Protocol'} = &request:Framed-Protocol -> 'PPP'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'Framed-MTU'} = &request:Framed-MTU -> '1480'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'State'} = &request:State -> '0x3c540b463c5d11bc9b9de9eca83b76bb'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'Called-Station-Id'} = &request:Called-Station-Id -> '94:18:82:b9:32:80'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'Calling-Station-Id'} = &request:Calling-Station-Id -> '00:e0:4c:60:43:20'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'NAS-Identifier'} = &request:NAS-Identifier -> 'Test'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'NAS-Port-Type'} = &request:NAS-Port-Type -> 'Ethernet'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'Tunnel-Type'} = &request:Tunnel-Type -> 'VLAN'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'Tunnel-Medium-Type'} = &request:Tunnel-Medium-Type -> 'IEEE-802'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'Tunnel-Private-Group-Id'} = &request:Tunnel-Private-Group-Id -> '1'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'Event-Timestamp'} = &request:Event-Timestamp -> 'Jan  1 1970 01:00:00 CET'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'Connect-Info'} = &request:Connect-Info -> 'CONNECT Ethernet 1000Mbps Full duplex'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'EAP-Message'} = &request:EAP-Message -> '0x0209005a1a02090055316159b5ecaefb2209298539b2a82fc5ad0000000000000000bee84769b24f2eb26a8e3902bb9448be4a3371baa932ccef00686f73742f41646d696e2d31352d4e422e504552534f4e414c414d542e4445'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'NAS-Port-Id'} = &request:NAS-Port-Id -> '1'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'FreeRADIUS-Proxied-To'} = &request:FreeRADIUS-Proxied-To -> '127.0.0.1'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'HP-Capability-Advert'}[0] = &request:HP-Capability-Advert -> '0x011a0000000b28'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'HP-Capability-Advert'}[1] = &request:HP-Capability-Advert -> '0x011a0000000b2e'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'HP-Capability-Advert'}[2] = &request:HP-Capability-Advert -> '0x011a0000000b30'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'HP-Capability-Advert'}[3] = &request:HP-Capability-Advert -> '0x011a0000000b3d'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'HP-Capability-Advert'}[4] = &request:HP-Capability-Advert -> '0x0138'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'HP-Capability-Advert'}[5] = &request:HP-Capability-Advert -> '0x013a'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'HP-Capability-Advert'}[6] = &request:HP-Capability-Advert -> '0x0140'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'HP-Capability-Advert'}[7] = &request:HP-Capability-Advert -> '0x0141'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'HP-Capability-Advert'}[8] = &request:HP-Capability-Advert -> '0x0151'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'MS-RAS-Vendor'} = &request:MS-RAS-Vendor -> '11'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'MS-CHAP-Challenge'} = &request:MS-CHAP-Challenge -> '0xcdf91c10176e1e591aaaba0ec7e8ec7c'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'MS-CHAP2-Response'} = &request:MS-CHAP2-Response -> '0x096f6159b5ecaefb2209298539b2a82fc5ad0000000000000000bee84769b24f2eb26a8e3902bb9448be4a3371baa932ccef'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'EAP-Type'} = &request:EAP-Type -> 'MSCHAPv2'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'Realm'} = &request:Realm -> 'null'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'MS-CHAP-User-Name'} = &request:MS-CHAP-User-Name -> 'host/Admin-15-NB.PERSONALAMT.DE'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_REQUEST{'PacketFence-Domain'} = &request:PacketFence-Domain -> 'LKMRBI'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_CHECK{'Auth-Type'} = &control:Auth-Type -> 'eap'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_CHECK{'Proxy-To-Realm'} = &control:Proxy-To-Realm -> 'LOCAL'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_CONFIG{'Auth-Type'} = &control:Auth-Type -> 'eap'
(8) Thu May 24 17:30:30 2018: Debug: packetfence:   $RAD_CONFIG{'Proxy-To-Realm'} = &control:Proxy-To-Realm -> 'LOCAL'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x011a0000000b28'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x011a0000000b2e'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x011a0000000b30'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x011a0000000b3d'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x0138'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x013a'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x0140'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x0141'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x0151'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:NAS-Port-Type = $RAD_REQUEST{'NAS-Port-Type'} -> 'Ethernet'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:MS-RAS-Vendor = $RAD_REQUEST{'MS-RAS-Vendor'} -> '11'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:Service-Type = $RAD_REQUEST{'Service-Type'} -> 'Framed-User'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:Called-Station-Id = $RAD_REQUEST{'Called-Station-Id'} -> '94:18:82:b9:32:80'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:State = $RAD_REQUEST{'State'} -> '0x3c540b463c5d11bc9b9de9eca83b76bb'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:FreeRADIUS-Proxied-To = $RAD_REQUEST{'FreeRADIUS-Proxied-To'} -> '127.0.0.1'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:Tunnel-Type:0 = $RAD_REQUEST{'Tunnel-Type:0'} -> 'VLAN'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:Connect-Info = $RAD_REQUEST{'Connect-Info'} -> 'CONNECT Ethernet 1000Mbps Full duplex'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:Realm = $RAD_REQUEST{'Realm'} -> 'null'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:EAP-Type = $RAD_REQUEST{'EAP-Type'} -> 'MSCHAPv2'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:NAS-IP-Address = $RAD_REQUEST{'NAS-IP-Address'} -> '172.20.9.150'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:NAS-Port-Id = $RAD_REQUEST{'NAS-Port-Id'} -> '1'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:Tunnel-Medium-Type:0 = $RAD_REQUEST{'Tunnel-Medium-Type:0'} -> 'IEEE-802'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:Calling-Station-Id = $RAD_REQUEST{'Calling-Station-Id'} -> '00:e0:4c:60:43:20'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:MS-CHAP-User-Name = $RAD_REQUEST{'MS-CHAP-User-Name'} -> 'host/Admin-15-NB.PERSONALAMT.DE'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:MS-CHAP-Challenge = $RAD_REQUEST{'MS-CHAP-Challenge'} -> '0xcdf91c10176e1e591aaaba0ec7e8ec7c'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:PacketFence-Domain = $RAD_REQUEST{'PacketFence-Domain'} -> 'LKMRBI'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:Framed-Protocol = $RAD_REQUEST{'Framed-Protocol'} -> 'PPP'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:Tunnel-Private-Group-Id:0 = $RAD_REQUEST{'Tunnel-Private-Group-Id:0'} -> '1'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:User-Name = $RAD_REQUEST{'User-Name'} -> 'host/Admin-15-NB.PERSONALAMT.DE'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:NAS-Identifier = $RAD_REQUEST{'NAS-Identifier'} -> 'Test'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:Event-Timestamp = $RAD_REQUEST{'Event-Timestamp'} -> 'Jan  1 1970 01:00:00 CET'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:EAP-Message = $RAD_REQUEST{'EAP-Message'} -> '0x0209005a1a02090055316159b5ecaefb2209298539b2a82fc5ad0000000000000000bee84769b24f2eb26a8e3902bb9448be4a3371baa932ccef00686f73742f41646d696e2d31352d4e422e504552534f4e414c414d542e4445'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:MS-CHAP2-Response = $RAD_REQUEST{'MS-CHAP2-Response'} -> '0x096f6159b5ecaefb2209298539b2a82fc5ad0000000000000000bee84769b24f2eb26a8e3902bb9448be4a3371baa932ccef'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:NAS-Port = $RAD_REQUEST{'NAS-Port'} -> '1'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &request:Framed-MTU = $RAD_REQUEST{'Framed-MTU'} -> '1480'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &control:Auth-Type = $RAD_CHECK{'Auth-Type'} -> 'eap'
(8) Thu May 24 17:30:30 2018: Debug: packetfence: &control:Proxy-To-Realm = $RAD_CHECK{'Proxy-To-Realm'} -> 'LOCAL'
(8) Thu May 24 17:30:30 2018: Debug:     [packetfence] = noop
(8) Thu May 24 17:30:30 2018: Debug:     if (&control:NT-Password && &control:NT-Password != "") {
(8) Thu May 24 17:30:30 2018: Debug:     if (&control:NT-Password && &control:NT-Password != "")  -> FALSE
(8) Thu May 24 17:30:30 2018: Debug:     else {
(8) Thu May 24 17:30:30 2018: Debug:       policy packetfence-mschap-authenticate {
(8) Thu May 24 17:30:30 2018: Debug:         if (PacketFence-Domain) {
(8) Thu May 24 17:30:30 2018: Debug:         if (PacketFence-Domain)  -> TRUE
(8) Thu May 24 17:30:30 2018: Debug:         if (PacketFence-Domain)  {
(8) Thu May 24 17:30:30 2018: Debug:           if ( "%{User-Name}" =~ /^host\/.*/) {
(8) Thu May 24 17:30:30 2018: Debug:           EXPAND %{User-Name}
(8) Thu May 24 17:30:30 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(8) Thu May 24 17:30:30 2018: Debug:           if ( "%{User-Name}" =~ /^host\/.*/)  -> TRUE
(8) Thu May 24 17:30:30 2018: Debug:           if ( "%{User-Name}" =~ /^host\/.*/)  {
(8) Thu May 24 17:30:30 2018: Debug: chrooted_mschap_machine: Creating challenge hash with username: host/Admin-15-NB.PERSONALAMT.DE
(8) Thu May 24 17:30:30 2018: Debug: chrooted_mschap_machine: Client is using MS-CHAPv2
(8) Thu May 24 17:30:30 2018: Debug: chrooted_mschap_machine: Executing: /usr/bin/sudo /usr/sbin/chroot /chroots/%{PacketFence-Domain} /usr/local/pf/bin/ntlm_auth_wrapper --              --request-nt-key --username=%{mschap:User-Name:-None} --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}:
(8) Thu May 24 17:30:30 2018: Debug: chrooted_mschap_machine: EXPAND /chroots/%{PacketFence-Domain}
(8) Thu May 24 17:30:30 2018: Debug: chrooted_mschap_machine:    --> /chroots/LKMRBI
(8) Thu May 24 17:30:30 2018: Debug: chrooted_mschap_machine: EXPAND --username=%{mschap:User-Name:-None}
(8) Thu May 24 17:30:30 2018: Debug: chrooted_mschap_machine:    --> --username=Admin-15-NB$
(8) Thu May 24 17:30:30 2018: Debug: chrooted_mschap_machine: Creating challenge hash with username: host/Admin-15-NB.PERSONALAMT.DE
(8) Thu May 24 17:30:30 2018: Debug: chrooted_mschap_machine: EXPAND --challenge=%{mschap:Challenge:-00}
(8) Thu May 24 17:30:30 2018: Debug: chrooted_mschap_machine:    --> --challenge=0d1410748d2ee087
(8) Thu May 24 17:30:30 2018: Debug: chrooted_mschap_machine: EXPAND --nt-response=%{mschap:NT-Response:-00}
(8) Thu May 24 17:30:30 2018: Debug: chrooted_mschap_machine:    --> --nt-response=bee84769b24f2eb26a8e3902bb9448be4a3371baa932ccef
(8) Thu May 24 17:30:30 2018: Debug: chrooted_mschap_machine: Program returned code (0) and output 'NT_KEY: 9238003533F2707D4BA51680D501B17B'
(8) Thu May 24 17:30:30 2018: Debug: chrooted_mschap_machine: Adding MS-CHAPv2 MPPE keys
(8) Thu May 24 17:30:30 2018: Debug:             [chrooted_mschap_machine] = ok
(8) Thu May 24 17:30:30 2018: Debug:           } # if ( "%{User-Name}" =~ /^host\/.*/)  = ok
(8) Thu May 24 17:30:30 2018: Debug:           ... skipping else: Preceding "if" was taken
(8) Thu May 24 17:30:30 2018: Debug:         } # if (PacketFence-Domain)  = ok
(8) Thu May 24 17:30:30 2018: Debug:         ... skipping else: Preceding "if" was taken
(8) Thu May 24 17:30:30 2018: Debug:       } # policy packetfence-mschap-authenticate = ok
(8) Thu May 24 17:30:30 2018: Debug:     } # else = ok
(8) Thu May 24 17:30:30 2018: Debug:   } # Auth-Type MS-CHAP = ok
(8) Thu May 24 17:30:30 2018: Debug: MSCHAP Success
(8) Thu May 24 17:30:30 2018: Debug: eap: Sending EAP Request (code 1) ID 10 length 51
(8) Thu May 24 17:30:30 2018: Debug: eap: EAP session adding &reply:State = 0x3c540b463d5e11bc
(8) Thu May 24 17:30:30 2018: Debug:       [eap] = handled
(8) Thu May 24 17:30:30 2018: Debug:     } # authenticate = handled
(8) Thu May 24 17:30:30 2018: Debug: } # server packetfence-tunnel
(8) Thu May 24 17:30:30 2018: Debug: Virtual server sending reply
(8) Thu May 24 17:30:30 2018: Debug:   EAP-Message = 0x010a00331a0309002e533d30394632373546394339393343453935314134424530343143343544313131333939454439443145
(8) Thu May 24 17:30:30 2018: Debug:   Message-Authenticator = 0x00000000000000000000000000000000
(8) Thu May 24 17:30:30 2018: Debug:   State = 0x3c540b463d5e11bc9b9de9eca83b76bb
(8) Thu May 24 17:30:30 2018: Debug: eap_peap: Got tunneled reply code 11
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   EAP-Message = 0x010a00331a0309002e533d30394632373546394339393343453935314134424530343143343544313131333939454439443145
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   Message-Authenticator = 0x00000000000000000000000000000000
(8) Thu May 24 17:30:30 2018: Debug: eap_peap:   State = 0x3c540b463d5e11bc9b9de9eca83b76bb
(8) Thu May 24 17:30:30 2018: Debug: eap_peap: Got tunneled Access-Challenge
(8) Thu May 24 17:30:30 2018: Debug: eap: Sending EAP Request (code 1) ID 10 length 82
(8) Thu May 24 17:30:30 2018: Debug: eap: EAP session adding &reply:State = 0x49c411c241ce082f
(8) Thu May 24 17:30:30 2018: Debug:     [eap] = handled
(8) Thu May 24 17:30:30 2018: Debug:   } # authenticate = handled
(8) Thu May 24 17:30:30 2018: Debug: Using Post-Auth-Type Challenge
(8) Thu May 24 17:30:30 2018: Debug: Post-Auth-Type sub-section not found.  Ignoring.
(8) Thu May 24 17:30:30 2018: Debug: # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence
(8) Thu May 24 17:30:30 2018: Debug: Sent Access-Challenge Id 45 from 172.20.5.3:1812 to 172.20.5.79:52628 length 0
(8) Thu May 24 17:30:30 2018: Debug:   EAP-Message = 0x010a005219001703030047c204d6dc726b81dd07bdc2f29d1b871755f0e3c2803973b98daa082477ae639163c200fb1056db60fca4f92576f381118b5e69f851e4d690c42ecec8446757950ef1df41010fa0
(8) Thu May 24 17:30:30 2018: Debug:   Message-Authenticator = 0x00000000000000000000000000000000
(8) Thu May 24 17:30:30 2018: Debug:   State = 0x49c411c241ce082fb3b3797cce5894f4
(8) Thu May 24 17:30:30 2018: Debug:   Proxy-State = 0x3232
(8) Thu May 24 17:30:30 2018: Debug: Finished request
(9) Thu May 24 17:30:30 2018: Debug: Received Access-Request Id 195 from 172.20.5.79:52628 to 172.20.5.3:1812 length 391
(9) Thu May 24 17:30:30 2018: Debug:   Framed-MTU = 1480
(9) Thu May 24 17:30:30 2018: Debug:   NAS-IP-Address = 172.20.9.150
(9) Thu May 24 17:30:30 2018: Debug:   NAS-Identifier = "Test"
(9) Thu May 24 17:30:30 2018: Debug:   User-Name = "host/Admin-15-NB.PERSONALAMT.DE"
(9) Thu May 24 17:30:30 2018: Debug:   Service-Type = Framed-User
(9) Thu May 24 17:30:30 2018: Debug:   Framed-Protocol = PPP
(9) Thu May 24 17:30:30 2018: Debug:   NAS-Port = 1
(9) Thu May 24 17:30:30 2018: Debug:   NAS-Port-Type = Ethernet
(9) Thu May 24 17:30:30 2018: Debug:   NAS-Port-Id = "1"
(9) Thu May 24 17:30:30 2018: Debug:   Called-Station-Id = "94-18-82-b9-32-80"
(9) Thu May 24 17:30:30 2018: Debug:   Calling-Station-Id = "00-e0-4c-60-43-20"
(9) Thu May 24 17:30:30 2018: Debug:   Connect-Info = "CONNECT Ethernet 1000Mbps Full duplex"
(9) Thu May 24 17:30:30 2018: Debug:   Tunnel-Type:0 = VLAN
(9) Thu May 24 17:30:30 2018: Debug:   Tunnel-Medium-Type:0 = IEEE-802
(9) Thu May 24 17:30:30 2018: Debug:   Tunnel-Private-Group-Id:0 = "1"
(9) Thu May 24 17:30:30 2018: Debug:   State = 0x49c411c241ce082fb3b3797cce5894f4
(9) Thu May 24 17:30:30 2018: Debug:   EAP-Message = 0x020a00251900170303001a0000000000000003f85f904f5b005d854c2ef032be778bffdd0e
(9) Thu May 24 17:30:30 2018: Debug:   Message-Authenticator = 0x02de20183a7587ca0dbadf2398e2e22b
(9) Thu May 24 17:30:30 2018: Debug:   MS-RAS-Vendor = 11
(9) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b28
(9) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b2e
(9) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b30
(9) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b3d
(9) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0138
(9) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x013a
(9) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0140
(9) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0141
(9) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0151
(9) Thu May 24 17:30:30 2018: Debug:   Proxy-State = 0x3233
(9) Thu May 24 17:30:30 2018: Debug: session-state: No cached attributes
(9) Thu May 24 17:30:30 2018: Debug: # Executing section authorize from file /usr/local/pf/raddb/sites-enabled/packetfence
(9) Thu May 24 17:30:30 2018: Debug:   authorize {
(9) Thu May 24 17:30:30 2018: Debug:     update {
(9) Thu May 24 17:30:30 2018: Debug:       EXPAND %{Packet-Src-IP-Address}
(9) Thu May 24 17:30:30 2018: Debug:          --> 172.20.5.79
(9) Thu May 24 17:30:30 2018: Debug:       EXPAND %l
(9) Thu May 24 17:30:30 2018: Debug:          --> 1527175830
(9) Thu May 24 17:30:30 2018: Debug:     } # update = noop
(9) Thu May 24 17:30:30 2018: Debug:     policy packetfence-set-tenant-id {
(9) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0") {
(9) Thu May 24 17:30:30 2018: Debug:       EXPAND %{%{control:PacketFence-Tenant-Id}:-0}
(9) Thu May 24 17:30:30 2018: Debug:          --> 0
(9) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  -> TRUE
(9) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  {
(9) Thu May 24 17:30:30 2018: Debug:         update control {
(9) Thu May 24 17:30:30 2018: Debug:           EXPAND %{User-Name}
(9) Thu May 24 17:30:30 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(9) Thu May 24 17:30:30 2018: Debug:           SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(9) Thu May 24 17:30:30 2018: Debug:           Executing select query:  SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '172.20.5.79'), 0)
(9) Thu May 24 17:30:30 2018: Debug:           EXPAND %{sql: SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '%{Packet-Src-IP-Address}'), 0)}
(9) Thu May 24 17:30:30 2018: Debug:              --> 0
(9) Thu May 24 17:30:30 2018: Debug:         } # update control = noop
(9) Thu May 24 17:30:30 2018: Debug:       } # if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  = noop
(9) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 ) {
(9) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  -> TRUE
(9) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  {
(9) Thu May 24 17:30:30 2018: Debug:         update control {
(9) Thu May 24 17:30:30 2018: Debug:           EXPAND %{User-Name}
(9) Thu May 24 17:30:30 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(9) Thu May 24 17:30:30 2018: Debug:           SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(9) Thu May 24 17:30:30 2018: Debug:           Executing select query:  SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('172.20.5.79') and INET_ATON('172.20.5.79') <= end_ip order by range_length limit 1), 1)
(9) Thu May 24 17:30:30 2018: Debug:           EXPAND %{sql: SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('%{Packet-Src-IP-Address}') and INET_ATON('%{Packet-Src-IP-Address}') <= end_ip order by range_length limit 1), 1)}
(9) Thu May 24 17:30:30 2018: Debug:              --> 1
(9) Thu May 24 17:30:30 2018: Debug:         } # update control = noop
(9) Thu May 24 17:30:30 2018: Debug:       } # if ( &control:PacketFence-Tenant-Id == 0 )  = noop
(9) Thu May 24 17:30:30 2018: Debug:     } # policy packetfence-set-tenant-id = noop
(9) Thu May 24 17:30:30 2018: Debug:     policy rewrite_calling_station_id {
(9) Thu May 24 17:30:30 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i)) {
(9) Thu May 24 17:30:30 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  -> TRUE
(9) Thu May 24 17:30:30 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  {
(9) Thu May 24 17:30:30 2018: Debug:         update request {
(9) Thu May 24 17:30:30 2018: Debug:           EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(9) Thu May 24 17:30:30 2018: Debug:              --> 00:e0:4c:60:43:20
(9) Thu May 24 17:30:30 2018: Debug:         } # update request = noop
(9) Thu May 24 17:30:30 2018: Debug:         [updated] = updated
(9) Thu May 24 17:30:30 2018: Debug:       } # if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  = updated
(9) Thu May 24 17:30:30 2018: Debug:       ... skipping else: Preceding "if" was taken
(9) Thu May 24 17:30:30 2018: Debug:     } # policy rewrite_calling_station_id = updated
(9) Thu May 24 17:30:30 2018: Debug:     policy rewrite_called_station_id {
(9) Thu May 24 17:30:30 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i)) {
(9) Thu May 24 17:30:30 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  -> TRUE
(9) Thu May 24 17:30:30 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  {
(9) Thu May 24 17:30:30 2018: Debug:         update request {
(9) Thu May 24 17:30:30 2018: Debug:           EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(9) Thu May 24 17:30:30 2018: Debug:              --> 94:18:82:b9:32:80
(9) Thu May 24 17:30:30 2018: Debug:         } # update request = noop
(9) Thu May 24 17:30:30 2018: Debug:         if ("%{8}") {
(9) Thu May 24 17:30:30 2018: Debug:         EXPAND %{8}
(9) Thu May 24 17:30:30 2018: Debug:            -->
(9) Thu May 24 17:30:30 2018: Debug:         if ("%{8}")  -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:         elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i) {
(9) Thu May 24 17:30:30 2018: Debug:         elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:         elsif (Aruba-Essid-Name) {
(9) Thu May 24 17:30:30 2018: Debug:         elsif (Aruba-Essid-Name)  -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:         elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i) {
(9) Thu May 24 17:30:30 2018: Debug:         elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:         [updated] = updated
(9) Thu May 24 17:30:30 2018: Debug:       } # if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  = updated
(9) Thu May 24 17:30:30 2018: Debug:       ... skipping else: Preceding "if" was taken
(9) Thu May 24 17:30:30 2018: Debug:     } # policy rewrite_called_station_id = updated
(9) Thu May 24 17:30:30 2018: Debug:     policy filter_username {
(9) Thu May 24 17:30:30 2018: Debug:       if (&User-Name) {
(9) Thu May 24 17:30:30 2018: Debug:       if (&User-Name)  -> TRUE
(9) Thu May 24 17:30:30 2018: Debug:       if (&User-Name)  {
(9) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ / /) {
(9) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ / /)  -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@[^@]*@/ ) {
(9) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@[^@]*@/ )  -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.\./ ) {
(9) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.\./ )  -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))  {
(9) Thu May 24 17:30:30 2018: Debug:         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))   -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.$/)  {
(9) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.$/)   -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@\./)  {
(9) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@\./)   -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:       } # if (&User-Name)  = updated
(9) Thu May 24 17:30:30 2018: Debug:     } # policy filter_username = updated
(9) Thu May 24 17:30:30 2018: Debug:     policy filter_password {
(9) Thu May 24 17:30:30 2018: Debug:       if (&User-Password && 	   (&User-Password != "%{string:User-Password}")) {
(9) Thu May 24 17:30:30 2018: Debug:       if (&User-Password && 	   (&User-Password != "%{string:User-Password}"))  -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:     } # policy filter_password = updated
(9) Thu May 24 17:30:30 2018: Debug:     [preprocess] = ok
(9) Thu May 24 17:30:30 2018: Debug: suffix: Checking for suffix after "@"
(9) Thu May 24 17:30:30 2018: Debug: suffix: No '@' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", skipping NULL due to config.
(9) Thu May 24 17:30:30 2018: Debug:     [suffix] = noop
(9) Thu May 24 17:30:30 2018: Debug: ntdomain: Checking for prefix before "\"
(9) Thu May 24 17:30:30 2018: Debug: ntdomain: No '\' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", looking up realm NULL
(9) Thu May 24 17:30:30 2018: Debug: ntdomain: Found realm "null"
(9) Thu May 24 17:30:30 2018: Debug: ntdomain: Adding Realm = "null"
(9) Thu May 24 17:30:30 2018: Debug: ntdomain: Authentication realm is LOCAL
(9) Thu May 24 17:30:30 2018: Debug:     [ntdomain] = ok
(9) Thu May 24 17:30:30 2018: Debug: eap: Peer sent EAP Response (code 2) ID 10 length 37
(9) Thu May 24 17:30:30 2018: Debug: eap: Continuing tunnel setup
(9) Thu May 24 17:30:30 2018: Debug:     [eap] = ok
(9) Thu May 24 17:30:30 2018: Debug:   } # authorize = ok
(9) Thu May 24 17:30:30 2018: Debug: Found Auth-Type = eap
(9) Thu May 24 17:30:30 2018: Debug: # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence
(9) Thu May 24 17:30:30 2018: Debug:   authenticate {
(9) Thu May 24 17:30:30 2018: Debug: eap: Expiring EAP session with state 0x3c540b463d5e11bc
(9) Thu May 24 17:30:30 2018: Debug: eap: Finished EAP session with state 0x49c411c241ce082f
(9) Thu May 24 17:30:30 2018: Debug: eap: Previous EAP request found for state 0x49c411c241ce082f, released from the list
(9) Thu May 24 17:30:30 2018: Debug: eap: Peer sent packet with method EAP PEAP (25)
(9) Thu May 24 17:30:30 2018: Debug: eap: Calling submodule eap_peap to process data
(9) Thu May 24 17:30:30 2018: Debug: eap_peap: Continuing EAP-TLS
(9) Thu May 24 17:30:30 2018: Debug: eap_peap: [eaptls verify] = ok
(9) Thu May 24 17:30:30 2018: Debug: eap_peap: Done initial handshake
(9) Thu May 24 17:30:30 2018: Debug: eap_peap: [eaptls process] = ok
(9) Thu May 24 17:30:30 2018: Debug: eap_peap: Session established.  Decoding tunneled attributes
(9) Thu May 24 17:30:30 2018: Debug: eap_peap: PEAP state phase2
(9) Thu May 24 17:30:30 2018: Debug: eap_peap: EAP method MSCHAPv2 (26)
(9) Thu May 24 17:30:30 2018: Debug: eap_peap: Got tunneled request
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   EAP-Message = 0x020a00061a03
(9) Thu May 24 17:30:30 2018: Debug: eap_peap: Setting User-Name to host/Admin-15-NB.PERSONALAMT.DE
(9) Thu May 24 17:30:30 2018: Debug: eap_peap: Sending tunneled request to packetfence-tunnel
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   EAP-Message = 0x020a00061a03
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   FreeRADIUS-Proxied-To = 127.0.0.1
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   User-Name = "host/Admin-15-NB.PERSONALAMT.DE"
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   State = 0x3c540b463d5e11bc9b9de9eca83b76bb
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   Framed-MTU = 1480
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   NAS-IP-Address = 172.20.9.150
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   NAS-Identifier = "Test"
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   Service-Type = Framed-User
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   Framed-Protocol = PPP
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   NAS-Port = 1
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   NAS-Port-Type = Ethernet
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   NAS-Port-Id = "1"
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   Calling-Station-Id := "00:e0:4c:60:43:20"
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   Connect-Info = "CONNECT Ethernet 1000Mbps Full duplex"
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   Tunnel-Type:0 = VLAN
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   Tunnel-Medium-Type:0 = IEEE-802
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   Tunnel-Private-Group-Id:0 = "1"
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   MS-RAS-Vendor = 11
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x011a0000000b28
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x011a0000000b2e
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x011a0000000b30
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x011a0000000b3d
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x0138
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x013a
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x0140
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x0141
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   HP-Capability-Advert = 0x0151
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   Called-Station-Id := "94:18:82:b9:32:80"
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   Event-Timestamp = "Mai 24 2018 17:30:30 CEST"
(9) Thu May 24 17:30:30 2018: Debug: Virtual server packetfence-tunnel received request
(9) Thu May 24 17:30:30 2018: Debug:   EAP-Message = 0x020a00061a03
(9) Thu May 24 17:30:30 2018: Debug:   FreeRADIUS-Proxied-To = 127.0.0.1
(9) Thu May 24 17:30:30 2018: Debug:   User-Name = "host/Admin-15-NB.PERSONALAMT.DE"
(9) Thu May 24 17:30:30 2018: Debug:   State = 0x3c540b463d5e11bc9b9de9eca83b76bb
(9) Thu May 24 17:30:30 2018: Debug:   Framed-MTU = 1480
(9) Thu May 24 17:30:30 2018: Debug:   NAS-IP-Address = 172.20.9.150
(9) Thu May 24 17:30:30 2018: Debug:   NAS-Identifier = "Test"
(9) Thu May 24 17:30:30 2018: Debug:   Service-Type = Framed-User
(9) Thu May 24 17:30:30 2018: Debug:   Framed-Protocol = PPP
(9) Thu May 24 17:30:30 2018: Debug:   NAS-Port = 1
(9) Thu May 24 17:30:30 2018: Debug:   NAS-Port-Type = Ethernet
(9) Thu May 24 17:30:30 2018: Debug:   NAS-Port-Id = "1"
(9) Thu May 24 17:30:30 2018: Debug:   Calling-Station-Id := "00:e0:4c:60:43:20"
(9) Thu May 24 17:30:30 2018: Debug:   Connect-Info = "CONNECT Ethernet 1000Mbps Full duplex"
(9) Thu May 24 17:30:30 2018: Debug:   Tunnel-Type:0 = VLAN
(9) Thu May 24 17:30:30 2018: Debug:   Tunnel-Medium-Type:0 = IEEE-802
(9) Thu May 24 17:30:30 2018: Debug:   Tunnel-Private-Group-Id:0 = "1"
(9) Thu May 24 17:30:30 2018: Debug:   MS-RAS-Vendor = 11
(9) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b28
(9) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b2e
(9) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b30
(9) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b3d
(9) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0138
(9) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x013a
(9) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0140
(9) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0141
(9) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0151
(9) Thu May 24 17:30:30 2018: Debug:   Called-Station-Id := "94:18:82:b9:32:80"
(9) Thu May 24 17:30:30 2018: Debug:   Event-Timestamp = "Mai 24 2018 17:30:30 CEST"
(9) Thu May 24 17:30:30 2018: WARNING: Outer and inner identities are the same.  User privacy is compromised.
(9) Thu May 24 17:30:30 2018: Debug: server packetfence-tunnel {
(9) Thu May 24 17:30:30 2018: Debug:   session-state: No cached attributes
(9) Thu May 24 17:30:30 2018: Debug:   # Executing section authorize from file /usr/local/pf/raddb/sites-enabled/packetfence-tunnel
(9) Thu May 24 17:30:30 2018: Debug:     authorize {
(9) Thu May 24 17:30:30 2018: Debug:       if ( outer.EAP-Type == TTLS) {
(9) Thu May 24 17:30:30 2018: Debug:       if ( outer.EAP-Type == TTLS)  -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:       policy filter_username {
(9) Thu May 24 17:30:30 2018: Debug:         if (&User-Name) {
(9) Thu May 24 17:30:30 2018: Debug:         if (&User-Name)  -> TRUE
(9) Thu May 24 17:30:30 2018: Debug:         if (&User-Name)  {
(9) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ / /) {
(9) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ / /)  -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /@[^@]*@/ ) {
(9) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /@[^@]*@/ )  -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /\.\./ ) {
(9) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /\.\./ )  -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:           if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))  {
(9) Thu May 24 17:30:30 2018: Debug:           if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))   -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /\.$/)  {
(9) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /\.$/)   -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /@\./)  {
(9) Thu May 24 17:30:30 2018: Debug:           if (&User-Name =~ /@\./)   -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:         } # if (&User-Name)  = notfound
(9) Thu May 24 17:30:30 2018: Debug:       } # policy filter_username = notfound
(9) Thu May 24 17:30:30 2018: Debug:       [mschap] = noop
(9) Thu May 24 17:30:30 2018: Debug: suffix: Checking for suffix after "@"
(9) Thu May 24 17:30:30 2018: Debug: suffix: No '@' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", skipping NULL due to config.
(9) Thu May 24 17:30:30 2018: Debug:       [suffix] = noop
(9) Thu May 24 17:30:30 2018: Debug: ntdomain: Checking for prefix before "\"
(9) Thu May 24 17:30:30 2018: Debug: ntdomain: No '\' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", looking up realm NULL
(9) Thu May 24 17:30:30 2018: Debug: ntdomain: Found realm "null"
(9) Thu May 24 17:30:30 2018: Debug: ntdomain: Adding Realm = "null"
(9) Thu May 24 17:30:30 2018: Debug: ntdomain: Authentication realm is LOCAL
(9) Thu May 24 17:30:30 2018: Debug:       [ntdomain] = ok
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'User-Name'} = &request:User-Name -> 'host/Admin-15-NB.PERSONALAMT.DE'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'NAS-IP-Address'} = &request:NAS-IP-Address -> '172.20.9.150'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'NAS-Port'} = &request:NAS-Port -> '1'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Service-Type'} = &request:Service-Type -> 'Framed-User'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Framed-Protocol'} = &request:Framed-Protocol -> 'PPP'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Framed-MTU'} = &request:Framed-MTU -> '1480'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'State'} = &request:State -> '0x3c540b463d5e11bc9b9de9eca83b76bb'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Called-Station-Id'} = &request:Called-Station-Id -> '94:18:82:b9:32:80'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Calling-Station-Id'} = &request:Calling-Station-Id -> '00:e0:4c:60:43:20'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'NAS-Identifier'} = &request:NAS-Identifier -> 'Test'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'NAS-Port-Type'} = &request:NAS-Port-Type -> 'Ethernet'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Tunnel-Type'} = &request:Tunnel-Type -> 'VLAN'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Tunnel-Medium-Type'} = &request:Tunnel-Medium-Type -> 'IEEE-802'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Tunnel-Private-Group-Id'} = &request:Tunnel-Private-Group-Id -> '1'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Event-Timestamp'} = &request:Event-Timestamp -> 'Mai 24 2018 17:30:30 CEST'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Connect-Info'} = &request:Connect-Info -> 'CONNECT Ethernet 1000Mbps Full duplex'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'EAP-Message'} = &request:EAP-Message -> '0x020a00061a03'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'NAS-Port-Id'} = &request:NAS-Port-Id -> '1'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'FreeRADIUS-Proxied-To'} = &request:FreeRADIUS-Proxied-To -> '127.0.0.1'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[0] = &request:HP-Capability-Advert -> '0x011a0000000b28'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[1] = &request:HP-Capability-Advert -> '0x011a0000000b2e'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[2] = &request:HP-Capability-Advert -> '0x011a0000000b30'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[3] = &request:HP-Capability-Advert -> '0x011a0000000b3d'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[4] = &request:HP-Capability-Advert -> '0x0138'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[5] = &request:HP-Capability-Advert -> '0x013a'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[6] = &request:HP-Capability-Advert -> '0x0140'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[7] = &request:HP-Capability-Advert -> '0x0141'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'HP-Capability-Advert'}[8] = &request:HP-Capability-Advert -> '0x0151'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'MS-RAS-Vendor'} = &request:MS-RAS-Vendor -> '11'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain:   $RAD_REQUEST{'Realm'} = &request:Realm -> 'null'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x011a0000000b28'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x011a0000000b2e'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x011a0000000b30'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x011a0000000b3d'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x0138'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x013a'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x0140'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x0141'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:HP-Capability-Advert += $RAD_REQUEST{'HP-Capability-Advert'} -> '0x0151'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:NAS-Port-Type = $RAD_REQUEST{'NAS-Port-Type'} -> 'Ethernet'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:MS-RAS-Vendor = $RAD_REQUEST{'MS-RAS-Vendor'} -> '11'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Service-Type = $RAD_REQUEST{'Service-Type'} -> 'Framed-User'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Called-Station-Id = $RAD_REQUEST{'Called-Station-Id'} -> '94:18:82:b9:32:80'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:State = $RAD_REQUEST{'State'} -> '0x3c540b463d5e11bc9b9de9eca83b76bb'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:FreeRADIUS-Proxied-To = $RAD_REQUEST{'FreeRADIUS-Proxied-To'} -> '127.0.0.1'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Tunnel-Type:0 = $RAD_REQUEST{'Tunnel-Type:0'} -> 'VLAN'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Connect-Info = $RAD_REQUEST{'Connect-Info'} -> 'CONNECT Ethernet 1000Mbps Full duplex'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Realm = $RAD_REQUEST{'Realm'} -> 'null'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:NAS-IP-Address = $RAD_REQUEST{'NAS-IP-Address'} -> '172.20.9.150'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:NAS-Port-Id = $RAD_REQUEST{'NAS-Port-Id'} -> '1'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Tunnel-Medium-Type:0 = $RAD_REQUEST{'Tunnel-Medium-Type:0'} -> 'IEEE-802'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Calling-Station-Id = $RAD_REQUEST{'Calling-Station-Id'} -> '00:e0:4c:60:43:20'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:PacketFence-Domain = $RAD_REQUEST{'PacketFence-Domain'} -> 'LKMRBI'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Framed-Protocol = $RAD_REQUEST{'Framed-Protocol'} -> 'PPP'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Tunnel-Private-Group-Id:0 = $RAD_REQUEST{'Tunnel-Private-Group-Id:0'} -> '1'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:User-Name = $RAD_REQUEST{'User-Name'} -> 'host/Admin-15-NB.PERSONALAMT.DE'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:NAS-Identifier = $RAD_REQUEST{'NAS-Identifier'} -> 'Test'
(9) Thu May 24 17:30:30 2018: ERROR: packetfence-multi-domain: Failed to create pair - failed to parse time string "Mai 24 2018 17:30:30 CEST"
(9) Thu May 24 17:30:30 2018: ERROR: packetfence-multi-domain:     &request:Event-Timestamp = $RAD_REQUEST{'Event-Timestamp'} -> 'Mai 24 2018 17:30:30 CEST'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:EAP-Message = $RAD_REQUEST{'EAP-Message'} -> '0x020a00061a03'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:NAS-Port = $RAD_REQUEST{'NAS-Port'} -> '1'
(9) Thu May 24 17:30:30 2018: Debug: packetfence-multi-domain: &request:Framed-MTU = $RAD_REQUEST{'Framed-MTU'} -> '1480'
(9) Thu May 24 17:30:30 2018: Debug:       [packetfence-multi-domain] = updated
(9) Thu May 24 17:30:30 2018: Debug:       update control {
(9) Thu May 24 17:30:30 2018: Debug:       } # update control = noop
(9) Thu May 24 17:30:30 2018: Debug: eap: Peer sent EAP Response (code 2) ID 10 length 6
(9) Thu May 24 17:30:30 2018: Debug: eap: No EAP Start, assuming it's an on-going EAP conversation
(9) Thu May 24 17:30:30 2018: Debug:       [eap] = updated
(9) Thu May 24 17:30:30 2018: Debug:       policy rewrite_called_station_id {
(9) Thu May 24 17:30:30 2018: Debug:         if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i)) {
(9) Thu May 24 17:30:30 2018: Debug:         if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  -> TRUE
(9) Thu May 24 17:30:30 2018: Debug:         if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  {
(9) Thu May 24 17:30:30 2018: Debug:           update request {
(9) Thu May 24 17:30:30 2018: Debug:             EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(9) Thu May 24 17:30:30 2018: Debug:                --> 94:18:82:b9:32:80
(9) Thu May 24 17:30:30 2018: Debug:           } # update request = noop
(9) Thu May 24 17:30:30 2018: Debug:           if ("%{8}") {
(9) Thu May 24 17:30:30 2018: Debug:           EXPAND %{8}
(9) Thu May 24 17:30:30 2018: Debug:              -->
(9) Thu May 24 17:30:30 2018: Debug:           if ("%{8}")  -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:           elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i) {
(9) Thu May 24 17:30:30 2018: Debug:           elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:           elsif (Aruba-Essid-Name) {
(9) Thu May 24 17:30:30 2018: Debug:           elsif (Aruba-Essid-Name)  -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:           elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i) {
(9) Thu May 24 17:30:30 2018: Debug:           elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:           [updated] = updated
(9) Thu May 24 17:30:30 2018: Debug:         } # if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  = updated
(9) Thu May 24 17:30:30 2018: Debug:         ... skipping else: Preceding "if" was taken
(9) Thu May 24 17:30:30 2018: Debug:       } # policy rewrite_called_station_id = updated
(9) Thu May 24 17:30:30 2018: Debug:       [pap] = noop
(9) Thu May 24 17:30:30 2018: Debug:     } # authorize = updated
(9) Thu May 24 17:30:30 2018: WARNING:   You set Proxy-To-Realm = local, but it is a LOCAL realm!  Cancelling proxy request.
(9) Thu May 24 17:30:30 2018: Debug:   Found Auth-Type = eap
(9) Thu May 24 17:30:30 2018: Debug:   # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence-tunnel
(9) Thu May 24 17:30:30 2018: Debug:     authenticate {
(9) Thu May 24 17:30:30 2018: Debug: eap: Expiring EAP session with state 0x3c540b463d5e11bc
(9) Thu May 24 17:30:30 2018: Debug: eap: Finished EAP session with state 0x3c540b463d5e11bc
(9) Thu May 24 17:30:30 2018: Debug: eap: Previous EAP request found for state 0x3c540b463d5e11bc, released from the list
(9) Thu May 24 17:30:30 2018: Debug: eap: Peer sent packet with method EAP MSCHAPv2 (26)
(9) Thu May 24 17:30:30 2018: Debug: eap: Calling submodule eap_mschapv2 to process data
(9) Thu May 24 17:30:30 2018: Debug: eap: Sending EAP Success (code 3) ID 10 length 4
(9) Thu May 24 17:30:30 2018: Debug: eap: Freeing handler
(9) Thu May 24 17:30:30 2018: Debug:       [eap] = ok
(9) Thu May 24 17:30:30 2018: Debug:     } # authenticate = ok
(9) Thu May 24 17:30:30 2018: Debug:   # Executing section post-auth from file /usr/local/pf/raddb/sites-enabled/packetfence-tunnel
(9) Thu May 24 17:30:30 2018: Debug:     post-auth {
(9) Thu May 24 17:30:30 2018: Debug:       policy packetfence-set-tenant-id {
(9) Thu May 24 17:30:30 2018: Debug:         if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0") {
(9) Thu May 24 17:30:30 2018: Debug:         EXPAND %{%{control:PacketFence-Tenant-Id}:-0}
(9) Thu May 24 17:30:30 2018: Debug:            --> 0
(9) Thu May 24 17:30:30 2018: Debug:         if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  -> TRUE
(9) Thu May 24 17:30:30 2018: Debug:         if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  {
(9) Thu May 24 17:30:30 2018: Debug:           update control {
(9) Thu May 24 17:30:30 2018: Debug:             EXPAND %{User-Name}
(9) Thu May 24 17:30:30 2018: Debug:                --> host/Admin-15-NB.PERSONALAMT.DE
(9) Thu May 24 17:30:30 2018: Debug:             SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(9) Thu May 24 17:30:30 2018: Debug:             Executing select query:  SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '172.20.5.79'), 0)
(9) Thu May 24 17:30:30 2018: Debug:             EXPAND %{sql: SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '%{Packet-Src-IP-Address}'), 0)}
(9) Thu May 24 17:30:30 2018: Debug:                --> 0
(9) Thu May 24 17:30:30 2018: Debug:           } # update control = noop
(9) Thu May 24 17:30:30 2018: Debug:         } # if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  = noop
(9) Thu May 24 17:30:30 2018: Debug:         if ( &control:PacketFence-Tenant-Id == 0 ) {
(9) Thu May 24 17:30:30 2018: Debug:         if ( &control:PacketFence-Tenant-Id == 0 )  -> TRUE
(9) Thu May 24 17:30:30 2018: Debug:         if ( &control:PacketFence-Tenant-Id == 0 )  {
(9) Thu May 24 17:30:30 2018: Debug:           update control {
(9) Thu May 24 17:30:30 2018: Debug:             EXPAND %{User-Name}
(9) Thu May 24 17:30:30 2018: Debug:                --> host/Admin-15-NB.PERSONALAMT.DE
(9) Thu May 24 17:30:30 2018: Debug:             SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(9) Thu May 24 17:30:30 2018: Debug:             Executing select query:  SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('172.20.5.79') and INET_ATON('172.20.5.79') <= end_ip order by range_length limit 1), 1)
(9) Thu May 24 17:30:30 2018: Debug:             EXPAND %{sql: SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('%{Packet-Src-IP-Address}') and INET_ATON('%{Packet-Src-IP-Address}') <= end_ip order by range_length limit 1), 1)}
(9) Thu May 24 17:30:30 2018: Debug:                --> 1
(9) Thu May 24 17:30:30 2018: Debug:           } # update control = noop
(9) Thu May 24 17:30:30 2018: Debug:         } # if ( &control:PacketFence-Tenant-Id == 0 )  = noop
(9) Thu May 24 17:30:30 2018: Debug:       } # policy packetfence-set-tenant-id = noop
(9) Thu May 24 17:30:30 2018: Debug: rest: Expanding URI components
(9) Thu May 24 17:30:30 2018: Debug: rest: EXPAND http://127.0.0.1:7070
(9) Thu May 24 17:30:30 2018: Debug: rest:    --> http://127.0.0.1:7070
(9) Thu May 24 17:30:30 2018: Debug: rest: EXPAND //radius/rest/authorize
(9) Thu May 24 17:30:30 2018: Debug: rest:    --> //radius/rest/authorize
(9) Thu May 24 17:30:30 2018: Debug: rest: Sending HTTP POST to "http://127.0.0.1:7070//radius/rest/authorize"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "User-Name"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "NAS-IP-Address"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "NAS-Port"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "Service-Type"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "Framed-Protocol"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "Framed-MTU"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "State"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "Called-Station-Id"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "Calling-Station-Id"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "NAS-Identifier"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "NAS-Port-Type"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "Tunnel-Type"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "Tunnel-Medium-Type"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "Tunnel-Private-Group-Id"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "Event-Timestamp"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "Connect-Info"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "EAP-Message"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "NAS-Port-Id"
(9) Thu May 24 17:30:30 2018: Debug: rest: Returning 1012 bytes of JSON data (buffer full or chunk exceeded)
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "NAS-Port-Id"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "FreeRADIUS-Proxied-To"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "HP-Capability-Advert"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "MS-RAS-Vendor"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "EAP-Type"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "Realm"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "SQL-User-Name"
(9) Thu May 24 17:30:30 2018: Debug: rest: Encoding attribute "PacketFence-Domain"
(9) Thu May 24 17:30:30 2018: Debug: rest: Processing response header
(9) Thu May 24 17:30:30 2018: Debug: rest:   Status : 100 (Continue)
(9) Thu May 24 17:30:30 2018: Debug: rest: Continuing...
(9) Thu May 24 17:30:30 2018: Debug: rest: Processing response header
(9) Thu May 24 17:30:30 2018: Debug: rest:   Status : 200 (OK)
(9) Thu May 24 17:30:30 2018: Debug: rest:   Type   : json (application/json)
(9) Thu May 24 17:30:30 2018: Debug: rest: Parsing attribute "control:PacketFence-Profile"
(9) Thu May 24 17:30:30 2018: Debug: rest: EXPAND AD
(9) Thu May 24 17:30:30 2018: Debug: rest:    --> AD
(9) Thu May 24 17:30:30 2018: Debug: rest: PacketFence-Profile := "AD"
(9) Thu May 24 17:30:30 2018: Debug: rest: Parsing attribute "control:PacketFence-Role"
(9) Thu May 24 17:30:30 2018: Debug: rest: EXPAND default
(9) Thu May 24 17:30:30 2018: Debug: rest:    --> default
(9) Thu May 24 17:30:30 2018: Debug: rest: PacketFence-Role := "default"
(9) Thu May 24 17:30:30 2018: Debug: rest: Parsing attribute "control:PacketFence-Eap-Type"
(9) Thu May 24 17:30:30 2018: Debug: rest: EXPAND 26
(9) Thu May 24 17:30:30 2018: Debug: rest:    --> 26
(9) Thu May 24 17:30:30 2018: Debug: rest: PacketFence-Eap-Type := "26"
(9) Thu May 24 17:30:30 2018: Debug: rest: Parsing attribute "Tunnel-Type"
(9) Thu May 24 17:30:30 2018: Debug: rest: EXPAND 13
(9) Thu May 24 17:30:30 2018: Debug: rest:    --> 13
(9) Thu May 24 17:30:30 2018: Debug: rest: Tunnel-Type := VLAN
(9) Thu May 24 17:30:30 2018: Debug: rest: Parsing attribute "control:PacketFence-AutoReg"
(9) Thu May 24 17:30:30 2018: Debug: rest: EXPAND 1
(9) Thu May 24 17:30:30 2018: Debug: rest:    --> 1
(9) Thu May 24 17:30:30 2018: Debug: rest: PacketFence-AutoReg := "1"
(9) Thu May 24 17:30:30 2018: Debug: rest: Parsing attribute "control:PacketFence-Authorization-Status"
(9) Thu May 24 17:30:30 2018: Debug: rest: EXPAND allow
(9) Thu May 24 17:30:30 2018: Debug: rest:    --> allow
(9) Thu May 24 17:30:30 2018: Debug: rest: PacketFence-Authorization-Status := "allow"
(9) Thu May 24 17:30:30 2018: Debug: rest: Parsing attribute "Tunnel-Private-Group-ID"
(9) Thu May 24 17:30:30 2018: Debug: rest: EXPAND 1
(9) Thu May 24 17:30:30 2018: Debug: rest:    --> 1
(9) Thu May 24 17:30:30 2018: Debug: rest: Tunnel-Private-Group-Id := "1"
(9) Thu May 24 17:30:30 2018: Debug: rest: Parsing attribute "control:PacketFence-Request-Time"
(9) Thu May 24 17:30:30 2018: Debug: rest: EXPAND 1527175830
(9) Thu May 24 17:30:30 2018: Debug: rest:    --> 1527175830
(9) Thu May 24 17:30:30 2018: Debug: rest: PacketFence-Request-Time := 1527175830
(9) Thu May 24 17:30:30 2018: Debug: rest: Parsing attribute "control:PacketFence-Switch-Ip-Address"
(9) Thu May 24 17:30:30 2018: Debug: rest: EXPAND 172.20.9.150
(9) Thu May 24 17:30:30 2018: Debug: rest:    --> 172.20.9.150
(9) Thu May 24 17:30:30 2018: Debug: rest: PacketFence-Switch-Ip-Address := "172.20.9.150"
(9) Thu May 24 17:30:30 2018: Debug: rest: Parsing attribute "control:PacketFence-IsPhone"
(9) Thu May 24 17:30:30 2018: Debug: rest: PacketFence-IsPhone := ""
(9) Thu May 24 17:30:30 2018: Debug: rest: Parsing attribute "control:PacketFence-UserName"
(9) Thu May 24 17:30:30 2018: Debug: rest: EXPAND host/Admin-15-NB.PERSONALAMT.DE
(9) Thu May 24 17:30:30 2018: Debug: rest:    --> host/Admin-15-NB.PERSONALAMT.DE
(9) Thu May 24 17:30:30 2018: Debug: rest: PacketFence-UserName := "host/Admin-15-NB.PERSONALAMT.DE"
(9) Thu May 24 17:30:30 2018: Debug: rest: Parsing attribute "control:PacketFence-Switch-Mac"
(9) Thu May 24 17:30:30 2018: Debug: rest: EXPAND 94:18:82:b9:32:80
(9) Thu May 24 17:30:30 2018: Debug: rest:    --> 94:18:82:b9:32:80
(9) Thu May 24 17:30:30 2018: Debug: rest: PacketFence-Switch-Mac := "94:18:82:b9:32:80"
(9) Thu May 24 17:30:30 2018: Debug: rest: Parsing attribute "control:PacketFence-Switch-Id"
(9) Thu May 24 17:30:30 2018: Debug: rest: EXPAND 172.20.9.150
(9) Thu May 24 17:30:30 2018: Debug: rest:    --> 172.20.9.150
(9) Thu May 24 17:30:30 2018: Debug: rest: PacketFence-Switch-Id := "172.20.9.150"
(9) Thu May 24 17:30:30 2018: Debug: rest: Parsing attribute "Tunnel-Medium-Type"
(9) Thu May 24 17:30:30 2018: Debug: rest: EXPAND 6
(9) Thu May 24 17:30:30 2018: Debug: rest:    --> 6
(9) Thu May 24 17:30:30 2018: Debug: rest: Tunnel-Medium-Type := IEEE-802
(9) Thu May 24 17:30:30 2018: Debug: rest: Parsing attribute "control:PacketFence-Computer-Name"
(9) Thu May 24 17:30:30 2018: Debug: rest: EXPAND Admin-15-NB
(9) Thu May 24 17:30:30 2018: Debug: rest:    --> Admin-15-NB
(9) Thu May 24 17:30:30 2018: Debug: rest: PacketFence-Computer-Name := "Admin-15-NB"
(9) Thu May 24 17:30:30 2018: Debug: rest: Parsing attribute "control:PacketFence-Mac"
(9) Thu May 24 17:30:30 2018: Debug: rest: EXPAND 00:e0:4c:60:43:20
(9) Thu May 24 17:30:30 2018: Debug: rest:    --> 00:e0:4c:60:43:20
(9) Thu May 24 17:30:30 2018: Debug: rest: PacketFence-Mac := "00:e0:4c:60:43:20"
(9) Thu May 24 17:30:30 2018: Debug: rest: Parsing attribute "control:PacketFence-IfIndex"
(9) Thu May 24 17:30:30 2018: Debug: rest: EXPAND 1
(9) Thu May 24 17:30:30 2018: Debug: rest:    --> 1
(9) Thu May 24 17:30:30 2018: Debug: rest: PacketFence-IfIndex := "1"
(9) Thu May 24 17:30:30 2018: Debug: rest: Parsing attribute "control:PacketFence-Connection-Type"
(9) Thu May 24 17:30:30 2018: Debug: rest: EXPAND Ethernet-EAP
(9) Thu May 24 17:30:30 2018: Debug: rest:    --> Ethernet-EAP
(9) Thu May 24 17:30:30 2018: Debug: rest: PacketFence-Connection-Type := "Ethernet-EAP"
(9) Thu May 24 17:30:30 2018: Debug: rest: Parsing attribute "control:PacketFence-Status"
(9) Thu May 24 17:30:30 2018: Debug: rest: EXPAND reg
(9) Thu May 24 17:30:30 2018: Debug: rest:    --> reg
(9) Thu May 24 17:30:30 2018: Debug: rest: PacketFence-Status := "reg"
(9) Thu May 24 17:30:30 2018: Debug:       [rest] = updated
(9) Thu May 24 17:30:30 2018: Debug:       update {
(9) Thu May 24 17:30:30 2018: Debug:       } # update = noop
(9) Thu May 24 17:30:30 2018: Debug:       if (&control:PacketFence-Authorization-Status == "deny") {
(9) Thu May 24 17:30:30 2018: Debug:       if (&control:PacketFence-Authorization-Status == "deny")  -> FALSE
(9) Thu May 24 17:30:30 2018: Debug:       else {
(9) Thu May 24 17:30:30 2018: Debug:         policy packetfence-audit-log-accept {
(9) Thu May 24 17:30:30 2018: Debug:           if (&User-Name != "dummy") {
(9) Thu May 24 17:30:30 2018: Debug:           if (&User-Name != "dummy")  -> TRUE
(9) Thu May 24 17:30:30 2018: Debug:           if (&User-Name != "dummy")  {
(9) Thu May 24 17:30:30 2018: Debug:             policy request-timing {
(9) Thu May 24 17:30:30 2018: Debug:               if (control:PacketFence-Request-Time != 0) {
(9) Thu May 24 17:30:30 2018: Debug:               if (control:PacketFence-Request-Time != 0)  -> TRUE
(9) Thu May 24 17:30:30 2018: Debug:               if (control:PacketFence-Request-Time != 0)  {
(9) Thu May 24 17:30:30 2018: Debug:                 update control {
(9) Thu May 24 17:30:30 2018: Debug:                   Not a number at ""
(9) Thu May 24 17:30:30 2018: Debug:                   EXPAND %{expr: %{control:PacketFence-Request-Time} - %{control:Tmp-Integer-0}}
(9) Thu May 24 17:30:30 2018: Debug:                      -->
(9) Thu May 24 17:30:30 2018: Debug:                 } # update control = noop
(9) Thu May 24 17:30:30 2018: Debug:               } # if (control:PacketFence-Request-Time != 0)  = noop
(9) Thu May 24 17:30:30 2018: Debug:             } # policy request-timing = noop
(9) Thu May 24 17:30:30 2018: Debug: sql: EXPAND type.accept.query
(9) Thu May 24 17:30:30 2018: Debug: sql:    --> type.accept.query
(9) Thu May 24 17:30:30 2018: Debug: sql: Using query template 'query'
(9) Thu May 24 17:30:30 2018: Debug: sql: EXPAND %{User-Name}
(9) Thu May 24 17:30:30 2018: Debug: sql:    --> host/Admin-15-NB.PERSONALAMT.DE
(9) Thu May 24 17:30:30 2018: Debug: sql: SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(9) Thu May 24 17:30:30 2018: Debug: sql: EXPAND INSERT INTO radius_audit_log               ( mac, ip, computer_name, user_name,                stripped_user_name,  realm, event_type,                switch_id, switch_mac, switch_ip_address,                radius_source_ip_address, called_station_id, calling_station_id,                nas_port_type, ssid, nas_port_id,                ifindex, nas_port, connection_type,                nas_ip_address, nas_identifier, auth_status,                reason, auth_type, eap_type,                role, node_status, profile,                source, auto_reg, is_phone,                pf_domain, uuid, radius_request,                radius_reply, request_time, tenant_id)              VALUES               ( '%{request:Calling-Station-Id}', '%{request:Framed-IP-Address}', '%{%{control:PacketFence-Computer-Name}:-N/A}', '%{request:User-Name}',                '%{request:Stripped-User-Name}', '%{request:Realm}', 'Radius-Access-Request',                '%{%{control:PacketFence-Switch-Id}:-N/A}', '%{%{control:PacketFence-Switch-Mac}:-N/A}', '%{%{control:PacketFence-Switch-Ip-Address}:-N/A}',                '%{Packet-Src-IP-Address}', '%{request:Called-Station-Id}', '%{request:Calling-Station-Id}',                '%{request:NAS-Port-Type}', '%{request:Called-Station-SSID}', '%{request:NAS-Port-Id}',                '%{%{control:PacketFence-IfIndex}:-N/A}', '%{request:NAS-Port}', '%{%{control:PacketFence-Connection-Type}:-N/A}',                '%{request:NAS-IP-Address}', '%{request:NAS-Identifier}', 'Accept',                '%{request:Module-Failure-Message}', '%{control:Auth-Type}', '%{request:EAP-Type}',                '%{%{control:PacketFence-Role}:-N/A}', '%{%{control:PacketFence-Status}:-N/A}', '%{%{control:PacketFence-Profile}:-N/A}',                '%{%{control:PacketFence-Source}:-N/A}', '%{%{control:PacketFence-AutoReg}:-0}', '%{%{control:PacketFence-IsPhone}:-0}',                '%{request:PacketFence-Domain}', '', '%{pairs:&request:[*]}','%{pairs:&reply:[*]}', '%{control:PacketFence-Request-Time}', '%{control:PacketFence-Tenant-Id}')
(9) Thu May 24 17:30:30 2018: Debug: sql:    --> INSERT INTO radius_audit_log               ( mac, ip, computer_name, user_name,                stripped_user_name,  realm, event_type,                switch_id, switch_mac, switch_ip_address,                radius_source_ip_address, called_station_id, calling_station_id,                nas_port_type, ssid, nas_port_id,                ifindex, nas_port, connection_type,                nas_ip_address, nas_identifier, auth_status,                reason, auth_type, eap_type,                role, node_status, profile,                source, auto_reg, is_phone,                pf_domain, uuid, radius_request,                radius_reply, request_time, tenant_id)              VALUES               ( '00:e0:4c:60:43:20', '', 'Admin-15-NB', 'host/Admin-15-NB.PERSONALAMT.DE',                '', 'null', 'Radius-Access-Request',                '172.20.9.150', '94:18:82:b9:32:80', '172.20.9.150',                '172.20.5.79', '94:18:82:b9:32:80', '00:e0:4c:60:43:20',                'Ethernet', '', '1',                '1', '1', 'Ethernet-EAP',                '172.20.9.150', 'Test', 'Accept',                '', 'eap', 'MSCHAPv2',                'default', 'reg', 'AD',                'N/A', '1', '0',                'LKMRBI', '', 'User-Name =3D =22host/Admin-15-NB.PERSONALAMT.DE=22=2C NAS-IP-Address =3D 172.20.9.150=2C NAS-Port =3D 1=2C Service-Type =3D Framed-User=2C Framed-Protocol =3D PPP=2C Framed-MTU =3D 1480=2C State =3D 0x3c540b463d5e11bc9b9de9eca83b76bb=2C Called-Station-Id =3D =2294:18:82:b9:32:80=22=2C Calling-Station-Id =3D =2200:e0:4c:60:43:20=22=2C NAS-Identifier =3D =22Test=22=2C NAS-Port-Type =3D Ethernet=2C Tunnel-Type:0 =3D VLAN=2C Tunnel-Medium-Type:0 =3D IEEE-802=2C Tunnel-Private-Group-Id:0 =3D =221=22=2C Event-Timestamp =3D =22Jan  1 1970 01:00:00 CET=22=2C Connect-Info =3D =22CONNECT Ethernet 1000Mbps Full duplex=22=2C EAP-Message =3D 0x020a00061a03=2C NAS-Port-Id =3D =221=22=2C FreeRADIUS-Proxied-To =3D 127.0.0.1=2C HP-Capability-Advert =3D 0x011a0000000b28=2C HP-Capability-Advert =3D 0x011a0000000b2e=2C HP-Capability-Advert =3D 0x011a0000000b30=2C HP-Capability-Advert =3D 0x011a0000000b3d=2C HP-Capability-Advert =3D 0x0138=2C HP-Capability-Advert =3D 0x013a=2C HP-Capability-Advert =3D 0x0140=2C HP-Capability-Advert =3D 0x0141=2C HP-Capability-Advert =3D 0x0151=2C MS-RAS-Vendor =3D 11=2C EAP-Type =3D MSCHAPv2=2C Realm =3D =22null=22=2C PacketFence-Domain =3D =22LKMRBI=22=2C User-Password =3D =22=2A=2A=2A=2A=2A=2A=22=2C SQL-User-Name =3D =22host/Admin-15-NB.PERSONALAMT.DE=22','MS-MPPE-Encryption-Policy =3D Encryption-Required=2C MS-MPPE-Encryption-Types =3D 4=2C MS-MPPE-Send-Key =3D 0x35ed63e74ce1691755c714e79b7a0ede=2C MS-MPPE-Recv-Key =3D 0x7e7adfcaee73aa321bb088e4d809fd78=2C EAP-Message =3D 0x030a0004=2C Message-Authenticator =3D 0x00000000000000000000000000000000=2C User-Name =3D =22host/Admin-15-NB.PERSONALAMT.DE=22=2C Tunnel-Type =3D VLAN=2C Tunnel-Private-Group-Id =3D =221=22=2C Tunnel-Medium-Type =3D IEEE-802', '0', '1')
(9) Thu May 24 17:30:30 2018: Debug: sql: Executing query: INSERT INTO radius_audit_log               ( mac, ip, computer_name, user_name,                stripped_user_name,  realm, event_type,                switch_id, switch_mac, switch_ip_address,                radius_source_ip_address, called_station_id, calling_station_id,                nas_port_type, ssid, nas_port_id,                ifindex, nas_port, connection_type,                nas_ip_address, nas_identifier, auth_status,                reason, auth_type, eap_type,                role, node_status, profile,                source, auto_reg, is_phone,                pf_domain, uuid, radius_request,                radius_reply, request_time, tenant_id)              VALUES               ( '00:e0:4c:60:43:20', '', 'Admin-15-NB', 'host/Admin-15-NB.PERSONALAMT.DE',                '', 'null', 'Radius-Access-Request',                '172.20.9.150', '94:18:82:b9:32:80', '172.20.9.150',                '172.20.5.79', '94:18:82:b9:32:80', '00:e0:4c:60:43:20',                'Ethernet', '', '1',                '1', '1', 'Ethernet-EAP',                '172.20.9.150', 'Test', 'Accept',                '', 'eap', 'MSCHAPv2',                'default', 'reg', 'AD',                'N/A', '1', '0',                'LKMRBI', '', 'User-Name =3D =22host/Admin-15-NB.PERSONALAMT.DE=22=2C NAS-IP-Address =3D 172.20.9.150=2C NAS-Port =3D 1=2C Service-Type =3D Framed-User=2C Framed-Protocol =3D PPP=2C Framed-MTU =3D 1480=2C State =3D 0x3c540b463d5e11bc9b9de9eca83b76bb=2C Called-Station-Id =3D =2294:18:82:b9:32:80=22=2C Calling-Station-Id =3D =2200:e0:4c:60:43:20=22=2C NAS-Identifier =3D =22Test=22=2C NAS-Port-Type =3D Ethernet=2C Tunnel-Type:0 =3D VLAN=2C Tunnel-Medium-Type:0 =3D IEEE-802=2C Tunnel-Private-Group-Id:0 =3D =221=22=2C Event-Timestamp =3D =22Jan  1 1970 01:00:00 CET=22=2C Connect-Info =3D =22CONNECT Ethernet 1000Mbps Full duplex=22=2C EAP-Message =3D 0x020a00061a03=2C NAS-Port-Id =3D =221=22=2C FreeRADIUS-Proxied-To =3D 127.0.0.1=2C HP-Capability-Advert =3D 0x011a0000000b28=2C HP-Capability-Advert =3D 0x011a0000000b2e=2C HP-Capability-Advert =3D 0x011a0000000b30=2C HP-Capability-Advert =3D 0x011a0000000b3d=2C HP-Capability-Advert =3D 0x0138=2C HP-Capability-Advert =3D 0x013a=2C HP-Capability-Advert =3D 0x0140=2C HP-Capability-Advert =3D 0x0141=2C HP-Capability-Advert =3D 0x0151=2C MS-RAS-Vendor =3D 11=2C EAP-Type =3D MSCHAPv2=2C Realm =3D =22null=22=2C PacketFence-Domain =3D =22LKMRBI=22=2C User-Password =3D =22=2A=2A=2A=2A=2A=2A=22=2C SQL-User-Name =3D =22host/Admin-15-NB.PERSONALAMT.DE=22','MS-MPPE-Encryption-Policy =3D Encryption-Required=2C MS-MPPE-Encryption-Types =3D 4=2C MS-MPPE-Send-Key =3D 0x35ed63e74ce1691755c714e79b7a0ede=2C MS-MPPE-Recv-Key =3D 0x7e7adfcaee73aa321bb088e4d809fd78=2C EAP-Message =3D 0x030a0004=2C Message-Authenticator =3D 0x00000000000000000000000000000000=2C User-Name =3D =22host/Admin-15-NB.PERSONALAMT.DE=22=2C Tunnel-Type =3D VLAN=2C Tunnel-Private-Group-Id =3D =221=22=2C Tunnel-Medium-Type =3D IEEE-802', '0', '1')
(9) Thu May 24 17:30:30 2018: Debug: sql: SQL query returned: success
(9) Thu May 24 17:30:30 2018: Debug: sql: 1 record(s) updated
(9) Thu May 24 17:30:30 2018: Debug:             [sql] = ok
(9) Thu May 24 17:30:30 2018: Debug:           } # if (&User-Name != "dummy")  = ok
(9) Thu May 24 17:30:30 2018: Debug:         } # policy packetfence-audit-log-accept = ok
(9) Thu May 24 17:30:30 2018: Debug:       } # else = ok
(9) Thu May 24 17:30:30 2018: Debug:       update outer.session-state {
(9) Thu May 24 17:30:30 2018: Debug:       } # update outer.session-state = noop
(9) Thu May 24 17:30:30 2018: Debug:     } # post-auth = updated
(9) Thu May 24 17:30:30 2018: Debug: } # server packetfence-tunnel
(9) Thu May 24 17:30:30 2018: Debug: Virtual server sending reply
(9) Thu May 24 17:30:30 2018: Debug:   MS-MPPE-Encryption-Policy = Encryption-Required
(9) Thu May 24 17:30:30 2018: Debug:   MS-MPPE-Encryption-Types = 4
(9) Thu May 24 17:30:30 2018: Debug:   MS-MPPE-Send-Key = 0x35ed63e74ce1691755c714e79b7a0ede
(9) Thu May 24 17:30:30 2018: Debug:   MS-MPPE-Recv-Key = 0x7e7adfcaee73aa321bb088e4d809fd78
(9) Thu May 24 17:30:30 2018: Debug:   EAP-Message = 0x030a0004
(9) Thu May 24 17:30:30 2018: Debug:   Message-Authenticator = 0x00000000000000000000000000000000
(9) Thu May 24 17:30:30 2018: Debug:   User-Name = "host/Admin-15-NB.PERSONALAMT.DE"
(9) Thu May 24 17:30:30 2018: Debug:   Tunnel-Type = VLAN
(9) Thu May 24 17:30:30 2018: Debug:   Tunnel-Private-Group-Id = "1"
(9) Thu May 24 17:30:30 2018: Debug:   Tunnel-Medium-Type = IEEE-802
(9) Thu May 24 17:30:30 2018: Debug: eap_peap: Got tunneled reply code 2
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   MS-MPPE-Encryption-Policy = Encryption-Required
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   MS-MPPE-Encryption-Types = 4
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   MS-MPPE-Send-Key = 0x35ed63e74ce1691755c714e79b7a0ede
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   MS-MPPE-Recv-Key = 0x7e7adfcaee73aa321bb088e4d809fd78
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   EAP-Message = 0x030a0004
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   Message-Authenticator = 0x00000000000000000000000000000000
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   User-Name = "host/Admin-15-NB.PERSONALAMT.DE"
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   Tunnel-Type = VLAN
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   Tunnel-Private-Group-Id = "1"
(9) Thu May 24 17:30:30 2018: Debug: eap_peap:   Tunnel-Medium-Type = IEEE-802
(9) Thu May 24 17:30:30 2018: Debug: eap_peap: Tunneled authentication was successful
(9) Thu May 24 17:30:30 2018: Debug: eap_peap: SUCCESS
(9) Thu May 24 17:30:30 2018: Debug: eap_peap: Saving tunneled attributes for later
(9) Thu May 24 17:30:30 2018: Debug: eap: Sending EAP Request (code 1) ID 11 length 46
(9) Thu May 24 17:30:30 2018: Debug: eap: EAP session adding &reply:State = 0x49c411c240cf082f
(9) Thu May 24 17:30:30 2018: Debug:     [eap] = handled
(9) Thu May 24 17:30:30 2018: Debug:   } # authenticate = handled
(9) Thu May 24 17:30:30 2018: Debug: Using Post-Auth-Type Challenge
(9) Thu May 24 17:30:30 2018: Debug: Post-Auth-Type sub-section not found.  Ignoring.
(9) Thu May 24 17:30:30 2018: Debug: # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence
(9) Thu May 24 17:30:30 2018: Debug: Sent Access-Challenge Id 195 from 172.20.5.3:1812 to 172.20.5.79:52628 length 0
(9) Thu May 24 17:30:30 2018: Debug:   EAP-Message = 0x010b002e19001703030023c204d6dc726b81dea460e72a3058f76c0954f167b05ed831daa346a94cdf054fec3c1d
(9) Thu May 24 17:30:30 2018: Debug:   Message-Authenticator = 0x00000000000000000000000000000000
(9) Thu May 24 17:30:30 2018: Debug:   State = 0x49c411c240cf082fb3b3797cce5894f4
(9) Thu May 24 17:30:30 2018: Debug:   Proxy-State = 0x3233
(9) Thu May 24 17:30:30 2018: Debug: Finished request
(10) Thu May 24 17:30:30 2018: Debug: Received Access-Request Id 153 from 172.20.5.79:52628 to 172.20.5.3:1812 length 400
(10) Thu May 24 17:30:30 2018: Debug:   Framed-MTU = 1480
(10) Thu May 24 17:30:30 2018: Debug:   NAS-IP-Address = 172.20.9.150
(10) Thu May 24 17:30:30 2018: Debug:   NAS-Identifier = "Test"
(10) Thu May 24 17:30:30 2018: Debug:   User-Name = "host/Admin-15-NB.PERSONALAMT.DE"
(10) Thu May 24 17:30:30 2018: Debug:   Service-Type = Framed-User
(10) Thu May 24 17:30:30 2018: Debug:   Framed-Protocol = PPP
(10) Thu May 24 17:30:30 2018: Debug:   NAS-Port = 1
(10) Thu May 24 17:30:30 2018: Debug:   NAS-Port-Type = Ethernet
(10) Thu May 24 17:30:30 2018: Debug:   NAS-Port-Id = "1"
(10) Thu May 24 17:30:30 2018: Debug:   Called-Station-Id = "94-18-82-b9-32-80"
(10) Thu May 24 17:30:30 2018: Debug:   Calling-Station-Id = "00-e0-4c-60-43-20"
(10) Thu May 24 17:30:30 2018: Debug:   Connect-Info = "CONNECT Ethernet 1000Mbps Full duplex"
(10) Thu May 24 17:30:30 2018: Debug:   Tunnel-Type:0 = VLAN
(10) Thu May 24 17:30:30 2018: Debug:   Tunnel-Medium-Type:0 = IEEE-802
(10) Thu May 24 17:30:30 2018: Debug:   Tunnel-Private-Group-Id:0 = "1"
(10) Thu May 24 17:30:30 2018: Debug:   State = 0x49c411c240cf082fb3b3797cce5894f4
(10) Thu May 24 17:30:30 2018: Debug:   EAP-Message = 0x020b002e190017030300230000000000000004b77df085fba8258708e81f575620c8b880eefae106a939fc14e2cb
(10) Thu May 24 17:30:30 2018: Debug:   Message-Authenticator = 0x8b8a73f4165251a5ad7912c2f4cb0dee
(10) Thu May 24 17:30:30 2018: Debug:   MS-RAS-Vendor = 11
(10) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b28
(10) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b2e
(10) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b30
(10) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x011a0000000b3d
(10) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0138
(10) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x013a
(10) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0140
(10) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0141
(10) Thu May 24 17:30:30 2018: Debug:   HP-Capability-Advert = 0x0151
(10) Thu May 24 17:30:30 2018: Debug:   Proxy-State = 0x3234
(10) Thu May 24 17:30:30 2018: Debug: session-state: No cached attributes
(10) Thu May 24 17:30:30 2018: Debug: # Executing section authorize from file /usr/local/pf/raddb/sites-enabled/packetfence
(10) Thu May 24 17:30:30 2018: Debug:   authorize {
(10) Thu May 24 17:30:30 2018: Debug:     update {
(10) Thu May 24 17:30:30 2018: Debug:       EXPAND %{Packet-Src-IP-Address}
(10) Thu May 24 17:30:30 2018: Debug:          --> 172.20.5.79
(10) Thu May 24 17:30:30 2018: Debug:       EXPAND %l
(10) Thu May 24 17:30:30 2018: Debug:          --> 1527175830
(10) Thu May 24 17:30:30 2018: Debug:     } # update = noop
(10) Thu May 24 17:30:30 2018: Debug:     policy packetfence-set-tenant-id {
(10) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0") {
(10) Thu May 24 17:30:30 2018: Debug:       EXPAND %{%{control:PacketFence-Tenant-Id}:-0}
(10) Thu May 24 17:30:30 2018: Debug:          --> 0
(10) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  -> TRUE
(10) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  {
(10) Thu May 24 17:30:30 2018: Debug:         update control {
(10) Thu May 24 17:30:30 2018: Debug:           EXPAND %{User-Name}
(10) Thu May 24 17:30:30 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(10) Thu May 24 17:30:30 2018: Debug:           SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(10) Thu May 24 17:30:30 2018: Debug:           Executing select query:  SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '172.20.5.79'), 0)
(10) Thu May 24 17:30:30 2018: Debug:           EXPAND %{sql: SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname = '%{Packet-Src-IP-Address}'), 0)}
(10) Thu May 24 17:30:30 2018: Debug:              --> 0
(10) Thu May 24 17:30:30 2018: Debug:         } # update control = noop
(10) Thu May 24 17:30:30 2018: Debug:       } # if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  = noop
(10) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 ) {
(10) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  -> TRUE
(10) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  {
(10) Thu May 24 17:30:30 2018: Debug:         update control {
(10) Thu May 24 17:30:30 2018: Debug:           EXPAND %{User-Name}
(10) Thu May 24 17:30:30 2018: Debug:              --> host/Admin-15-NB.PERSONALAMT.DE
(10) Thu May 24 17:30:30 2018: Debug:           SQL-User-Name set to 'host/Admin-15-NB.PERSONALAMT.DE'
(10) Thu May 24 17:30:30 2018: Debug:           Executing select query:  SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('172.20.5.79') and INET_ATON('172.20.5.79') <= end_ip order by range_length limit 1), 1)
(10) Thu May 24 17:30:30 2018: Debug:           EXPAND %{sql: SELECT IFNULL((SELECT tenant_id from radius_nas WHERE start_ip <= INET_ATON('%{Packet-Src-IP-Address}') and INET_ATON('%{Packet-Src-IP-Address}') <= end_ip order by range_length limit 1), 1)}
(10) Thu May 24 17:30:30 2018: Debug:              --> 1
(10) Thu May 24 17:30:30 2018: Debug:         } # update control = noop
(10) Thu May 24 17:30:30 2018: Debug:       } # if ( &control:PacketFence-Tenant-Id == 0 )  = noop
(10) Thu May 24 17:30:30 2018: Debug:     } # policy packetfence-set-tenant-id = noop
(10) Thu May 24 17:30:30 2018: Debug:     policy rewrite_calling_station_id {
(10) Thu May 24 17:30:30 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i)) {
(10) Thu May 24 17:30:30 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  -> TRUE
(10) Thu May 24 17:30:30 2018: Debug:       if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  {
(10) Thu May 24 17:30:30 2018: Debug:         update request {
(10) Thu May 24 17:30:30 2018: Debug:           EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(10) Thu May 24 17:30:30 2018: Debug:              --> 00:e0:4c:60:43:20
(10) Thu May 24 17:30:30 2018: Debug:         } # update request = noop
(10) Thu May 24 17:30:30 2018: Debug:         [updated] = updated
(10) Thu May 24 17:30:30 2018: Debug:       } # if (&Calling-Station-Id && (&Calling-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))  = updated
(10) Thu May 24 17:30:30 2018: Debug:       ... skipping else: Preceding "if" was taken
(10) Thu May 24 17:30:30 2018: Debug:     } # policy rewrite_calling_station_id = updated
(10) Thu May 24 17:30:30 2018: Debug:     policy rewrite_called_station_id {
(10) Thu May 24 17:30:30 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i)) {
(10) Thu May 24 17:30:30 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  -> TRUE
(10) Thu May 24 17:30:30 2018: Debug:       if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  {
(10) Thu May 24 17:30:30 2018: Debug:         update request {
(10) Thu May 24 17:30:30 2018: Debug:           EXPAND %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(10) Thu May 24 17:30:30 2018: Debug:              --> 94:18:82:b9:32:80
(10) Thu May 24 17:30:30 2018: Debug:         } # update request = noop
(10) Thu May 24 17:30:30 2018: Debug:         if ("%{8}") {
(10) Thu May 24 17:30:30 2018: Debug:         EXPAND %{8}
(10) Thu May 24 17:30:30 2018: Debug:            -->
(10) Thu May 24 17:30:30 2018: Debug:         if ("%{8}")  -> FALSE
(10) Thu May 24 17:30:30 2018: Debug:         elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i) {
(10) Thu May 24 17:30:30 2018: Debug:         elsif ( (Colubris-AVPair) && "%{Colubris-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(10) Thu May 24 17:30:30 2018: Debug:         elsif (Aruba-Essid-Name) {
(10) Thu May 24 17:30:30 2018: Debug:         elsif (Aruba-Essid-Name)  -> FALSE
(10) Thu May 24 17:30:30 2018: Debug:         elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i) {
(10) Thu May 24 17:30:30 2018: Debug:         elsif ( (Cisco-AVPair)  && "%{Cisco-AVPair}" =~ /^ssid=(.*)$/i)  -> FALSE
(10) Thu May 24 17:30:30 2018: Debug:         [updated] = updated
(10) Thu May 24 17:30:30 2018: Debug:       } # if ((&Called-Station-Id) && (&Called-Station-Id =~ /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))  = updated
(10) Thu May 24 17:30:30 2018: Debug:       ... skipping else: Preceding "if" was taken
(10) Thu May 24 17:30:30 2018: Debug:     } # policy rewrite_called_station_id = updated
(10) Thu May 24 17:30:30 2018: Debug:     policy filter_username {
(10) Thu May 24 17:30:30 2018: Debug:       if (&User-Name) {
(10) Thu May 24 17:30:30 2018: Debug:       if (&User-Name)  -> TRUE
(10) Thu May 24 17:30:30 2018: Debug:       if (&User-Name)  {
(10) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ / /) {
(10) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ / /)  -> FALSE
(10) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@[^@]*@/ ) {
(10) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@[^@]*@/ )  -> FALSE
(10) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.\./ ) {
(10) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.\./ )  -> FALSE
(10) Thu May 24 17:30:30 2018: Debug:         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))  {
(10) Thu May 24 17:30:30 2018: Debug:         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))   -> FALSE
(10) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.$/)  {
(10) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /\.$/)   -> FALSE
(10) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@\./)  {
(10) Thu May 24 17:30:30 2018: Debug:         if (&User-Name =~ /@\./)   -> FALSE
(10) Thu May 24 17:30:30 2018: Debug:       } # if (&User-Name)  = updated
(10) Thu May 24 17:30:30 2018: Debug:     } # policy filter_username = updated
(10) Thu May 24 17:30:30 2018: Debug:     policy filter_password {
(10) Thu May 24 17:30:30 2018: Debug:       if (&User-Password && 	   (&User-Password != "%{string:User-Password}")) {
(10) Thu May 24 17:30:30 2018: Debug:       if (&User-Password && 	   (&User-Password != "%{string:User-Password}"))  -> FALSE
(10) Thu May 24 17:30:30 2018: Debug:     } # policy filter_password = updated
(10) Thu May 24 17:30:30 2018: Debug:     [preprocess] = ok
(10) Thu May 24 17:30:30 2018: Debug: suffix: Checking for suffix after "@"
(10) Thu May 24 17:30:30 2018: Debug: suffix: No '@' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", skipping NULL due to config.
(10) Thu May 24 17:30:30 2018: Debug:     [suffix] = noop
(10) Thu May 24 17:30:30 2018: Debug: ntdomain: Checking for prefix before "\"
(10) Thu May 24 17:30:30 2018: Debug: ntdomain: No '\' in User-Name = "host/Admin-15-NB.PERSONALAMT.DE", looking up realm NULL
(10) Thu May 24 17:30:30 2018: Debug: ntdomain: Found realm "null"
(10) Thu May 24 17:30:30 2018: Debug: ntdomain: Adding Realm = "null"
(10) Thu May 24 17:30:30 2018: Debug: ntdomain: Authentication realm is LOCAL
(10) Thu May 24 17:30:30 2018: Debug:     [ntdomain] = ok
(10) Thu May 24 17:30:30 2018: Debug: eap: Peer sent EAP Response (code 2) ID 11 length 46
(10) Thu May 24 17:30:30 2018: Debug: eap: Continuing tunnel setup
(10) Thu May 24 17:30:30 2018: Debug:     [eap] = ok
(10) Thu May 24 17:30:30 2018: Debug:   } # authorize = ok
(10) Thu May 24 17:30:30 2018: Debug: Found Auth-Type = eap
(10) Thu May 24 17:30:30 2018: Debug: # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence
(10) Thu May 24 17:30:30 2018: Debug:   authenticate {
(10) Thu May 24 17:30:30 2018: Debug: eap: Expiring EAP session with state 0x49c411c240cf082f
(10) Thu May 24 17:30:30 2018: Debug: eap: Finished EAP session with state 0x49c411c240cf082f
(10) Thu May 24 17:30:30 2018: Debug: eap: Previous EAP request found for state 0x49c411c240cf082f, released from the list
(10) Thu May 24 17:30:30 2018: Debug: eap: Peer sent packet with method EAP PEAP (25)
(10) Thu May 24 17:30:30 2018: Debug: eap: Calling submodule eap_peap to process data
(10) Thu May 24 17:30:30 2018: Debug: eap_peap: Continuing EAP-TLS
(10) Thu May 24 17:30:30 2018: Debug: eap_peap: [eaptls verify] = ok
(10) Thu May 24 17:30:30 2018: Debug: eap_peap: Done initial handshake
(10) Thu May 24 17:30:30 2018: Debug: eap_peap: [eaptls process] = ok
(10) Thu May 24 17:30:30 2018: Debug: eap_peap: Session established.  Decoding tunneled attributes
(10) Thu May 24 17:30:30 2018: Debug: eap_peap: PEAP state send tlv success
(10) Thu May 24 17:30:30 2018: Debug: eap_peap: Received EAP-TLV response
(10) Thu May 24 17:30:30 2018: Debug: eap_peap: Success
(10) Thu May 24 17:30:30 2018: Debug: eap_peap: Using saved attributes from the original Access-Accept
(10) Thu May 24 17:30:30 2018: Debug: eap_peap:   User-Name = "host/Admin-15-NB.PERSONALAMT.DE"
(10) Thu May 24 17:30:30 2018: Debug: eap_peap:   Tunnel-Type = VLAN
(10) Thu May 24 17:30:30 2018: Debug: eap_peap:   Tunnel-Private-Group-Id = "1"
(10) Thu May 24 17:30:30 2018: Debug: eap_peap:   Tunnel-Medium-Type = IEEE-802
(10) Thu May 24 17:30:30 2018: Debug: eap: Sending EAP Success (code 3) ID 11 length 4
(10) Thu May 24 17:30:30 2018: Debug: eap: Freeing handler
(10) Thu May 24 17:30:30 2018: Debug:     [eap] = ok
(10) Thu May 24 17:30:30 2018: Debug:   } # authenticate = ok
(10) Thu May 24 17:30:30 2018: Debug: # Executing section post-auth from file /usr/local/pf/raddb/sites-enabled/packetfence
(10) Thu May 24 17:30:30 2018: Debug:   post-auth {
(10) Thu May 24 17:30:30 2018: Debug:     update {
(10) Thu May 24 17:30:30 2018: Debug:       EXPAND %{Packet-Src-IP-Address}
(10) Thu May 24 17:30:30 2018: Debug:          --> 172.20.5.79
(10) Thu May 24 17:30:30 2018: Debug:     } # update = noop
(10) Thu May 24 17:30:30 2018: Debug:     policy packetfence-set-tenant-id {
(10) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0") {
(10) Thu May 24 17:30:30 2018: Debug:       EXPAND %{%{control:PacketFence-Tenant-Id}:-0}
(10) Thu May 24 17:30:30 2018: Debug:          --> 1
(10) Thu May 24 17:30:30 2018: Debug:       if ( "%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  -> FALSE
(10) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 ) {
(10) Thu May 24 17:30:30 2018: Debug:       if ( &control:PacketFence-Tenant-Id == 0 )  -> FALSE
(10) Thu May 24 17:30:30 2018: Debug:     } # policy packetfence-set-tenant-id = noop
(10) Thu May 24 17:30:30 2018: Debug:     if (! EAP-Type || (EAP-Type != TTLS  && EAP-Type != PEAP) ) {
(10) Thu May 24 17:30:30 2018: Debug:     if (! EAP-Type || (EAP-Type != TTLS  && EAP-Type != PEAP) )  -> FALSE
(10) Thu May 24 17:30:30 2018: Debug: attr_filter.packetfence_post_auth: EXPAND %{User-Name}
(10) Thu May 24 17:30:30 2018: Debug: attr_filter.packetfence_post_auth:    --> host/Admin-15-NB.PERSONALAMT.DE
(10) Thu May 24 17:30:30 2018: Debug: attr_filter.packetfence_post_auth: Matched entry DEFAULT at line 10
(10) Thu May 24 17:30:30 2018: Debug:     [attr_filter.packetfence_post_auth] = updated
(10) Thu May 24 17:30:30 2018: Debug: linelog: EXPAND messages.%{%{reply:Packet-Type}:-default}
(10) Thu May 24 17:30:30 2018: Debug: linelog:    --> messages.Access-Accept
(10) Thu May 24 17:30:30 2018: Debug: linelog: EXPAND [mac:%{Calling-Station-Id}] Accepted user: %{reply:User-Name} and returned VLAN %{reply:Tunnel-Private-Group-ID}
(10) Thu May 24 17:30:30 2018: Debug: linelog:    --> [mac:00:e0:4c:60:43:20] Accepted user: host/Admin-15-NB.PERSONALAMT.DE and returned VLAN 1
(10) Thu May 24 17:30:30 2018: Debug:     [linelog] = ok
(10) Thu May 24 17:30:30 2018: Debug:   } # post-auth = updated
(10) Thu May 24 17:30:30 2018: Debug: Sent Access-Accept Id 153 from 172.20.5.3:1812 to 172.20.5.79:52628 length 0
(10) Thu May 24 17:30:30 2018: Debug:   User-Name = "host/Admin-15-NB.PERSONALAMT.DE"
(10) Thu May 24 17:30:30 2018: Debug:   Tunnel-Type = VLAN
(10) Thu May 24 17:30:30 2018: Debug:   Tunnel-Private-Group-Id = "1"
(10) Thu May 24 17:30:30 2018: Debug:   Tunnel-Medium-Type = IEEE-802
(10) Thu May 24 17:30:30 2018: Debug:   MS-MPPE-Recv-Key = 0x2db6a2bc6e32acd329e3226d0c9168e0059bb49a5c5aa598555418d839ff1fe5
(10) Thu May 24 17:30:30 2018: Debug:   MS-MPPE-Send-Key = 0x3b4631a53e7ad98da55ea9d10351fd61b79b58d12ba675eca644839050883a59
(10) Thu May 24 17:30:30 2018: Debug:   EAP-Message = 0x030b0004
(10) Thu May 24 17:30:30 2018: Debug:   Message-Authenticator = 0x00000000000000000000000000000000
(10) Thu May 24 17:30:30 2018: Debug:   Proxy-State = 0x3234
(10) Thu May 24 17:30:30 2018: Debug: Finished request
(0) Thu May 24 17:30:34 2018: Debug: Cleaning up request packet ID 25 with timestamp +56
(1) Thu May 24 17:30:34 2018: Debug: Cleaning up request packet ID 8 with timestamp +56
(2) Thu May 24 17:30:34 2018: Debug: Cleaning up request packet ID 98 with timestamp +56
(3) Thu May 24 17:30:34 2018: Debug: Cleaning up request packet ID 46 with timestamp +56
(4) Thu May 24 17:30:35 2018: Debug: Cleaning up request packet ID 200 with timestamp +57
(5) Thu May 24 17:30:35 2018: Debug: Cleaning up request packet ID 58 with timestamp +57
(6) Thu May 24 17:30:35 2018: Debug: Cleaning up request packet ID 109 with timestamp +57
(7) Thu May 24 17:30:35 2018: Debug: Cleaning up request packet ID 213 with timestamp +57
(8) Thu May 24 17:30:35 2018: Debug: Cleaning up request packet ID 45 with timestamp +57
(9) Thu May 24 17:30:35 2018: Debug: Cleaning up request packet ID 195 with timestamp +57
(10) Thu May 24 17:30:35 2018: Debug: Cleaning up request packet ID 153 with timestamp +57