Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- rlm_sql (sql): Released connection (14)
- Need 1 more connections to reach 10 spares
- rlm_sql (sql): Opening additional connection (19), 1 of 23 pending slots used
- rlm_sql_mysql: Starting connect to MySQL server
- rlm_sql_mysql: Connected to database 'radius' on freeraddb via TCP/IP, server version 5.5.5-10.3.31-MariaDB-0ubuntu0.20.04.1-log, protocol version 10
- (19) [sql] = ok
- (19) [exec] = noop
- (19) policy remove_reply_message_if_eap {
- (19) if (&reply:EAP-Message && &reply:Reply-Message) {
- (19) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE
- (19) else {
- (19) [noop] = noop
- (19) } # else = noop
- (19) } # policy remove_reply_message_if_eap = noop
- (19) if (EAP-Key-Name && &reply:EAP-Session-Id) {
- (19) if (EAP-Key-Name && &reply:EAP-Session-Id) -> FALSE
- (19) } # post-auth = ok
- (19) Sent Access-Accept Id 48 from 127.0.0.1:1812 to 127.0.0.1:41572 length 0
- (19) MS-CHAP-MPPE-Keys = 0x000000000000000007db3f1956e783b80e035b938a27d2aa
- (19) MS-MPPE-Encryption-Policy = Encryption-Allowed
- (19) MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
- (19) Finished request
- Waking up in 4.6 seconds.
- Aug 26 22:35:48 mstfreerad01 systemd[1]: check_mk@2893-172.16.200.253:6556-172.16.193.173:36926.service: Succeeded.
- (18) Cleaning up request packet ID 0 with timestamp +496
- Waking up in 0.3 seconds.
- (19) Cleaning up request packet ID 48 with timestamp +496
- Ready to process requests
- (20) Received Access-Request Id 68 from 10.15.200.15:61772 to 172.16.200.253:1812 length 309
- (20) User-Name = "CORPORATE\\Raspb.P14"
- (20) Service-Type = Framed-User
- (20) Cisco-AVPair = "service-type=Framed"
- (20) Framed-MTU = 1468
- (20) EAP-Message = 0x0201001801434f52504f524154455c52617370622e503134
- (20) Message-Authenticator = 0xeaaa29ac81f3b1fff448cdc85dc9aaa3
- (20) Cisco-AVPair = "audit-session-id=0FC80F0A000006F3842D78C6"
- (20) Cisco-AVPair = "method=dot1x"
- (20) Cisco-AVPair = "client-iif-id=346278732"
- (20) NAS-IP-Address = 10.15.200.15
- (20) NAS-Port-Id = "FiveGigabitEthernet1/0/15"
- (20) NAS-Port-Type = Ethernet
- (20) NAS-Port = 50115
- (20) Calling-Station-Id = "DC-A6-32-A8-8A-D0"
- (20) Called-Station-Id = "34-ED-1B-4B-15-8F"
- (20) # Executing section authorize from file /etc/freeradius/sites-enabled/GO_Live
- (20) authorize {
- (20) policy filter_username {
- (20) if (&User-Name) {
- (20) if (&User-Name) -> TRUE
- (20) if (&User-Name) {
- (20) if (&User-Name =~ / /) {
- (20) if (&User-Name =~ / /) -> FALSE
- (20) if (&User-Name =~ /@[^@]*@/ ) {
- (20) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
- (20) if (&User-Name =~ /\.\./ ) {
- (20) if (&User-Name =~ /\.\./ ) -> FALSE
- (20) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
- (20) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
- (20) if (&User-Name =~ /\.$/) {
- (20) if (&User-Name =~ /\.$/) -> FALSE
- (20) if (&User-Name =~ /@\./) {
- (20) if (&User-Name =~ /@\./) -> FALSE
- (20) } # if (&User-Name) = notfound
- (20) } # policy filter_username = notfound
- (20) [preprocess] = ok
- (20) auth_log: EXPAND /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
- (20) auth_log: --> /var/log/freeradius/radacct/10.15.200.15/auth-detail-20210826
- (20) auth_log: /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/10.15.200.15/auth-detail-20210826
- (20) auth_log: EXPAND %t
- (20) auth_log: --> Thu Aug 26 22:36:18 2021
- (20) [auth_log] = ok
- (20) [mschap] = noop
- (20) ntdomain: Checking for prefix before "\"
- (20) ntdomain: Looking up realm "CORPORATE" for User-Name = "CORPORATE\Raspb.P14"
- (20) ntdomain: Found realm "CORPORATE"
- (20) ntdomain: Adding Stripped-User-Name = "Raspb.P14"
- (20) ntdomain: Adding Realm = "CORPORATE"
- (20) ntdomain: Authentication realm is LOCAL
- (20) [ntdomain] = ok
- (20) eap: Peer sent EAP Response (code 2) ID 1 length 24
- (20) eap: EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
- (20) [eap] = ok
- (20) } # authorize = ok
- (20) Found Auth-Type = eap
- (20) # Executing group from file /etc/freeradius/sites-enabled/GO_Live
- (20) authenticate {
- (20) eap: Peer sent packet with method EAP Identity (1)
- (20) eap: Calling submodule eap_peap to process data
- (20) eap_peap: (TLS) Initiating new session
- (20) eap: Sending EAP Request (code 1) ID 2 length 6
- (20) eap: EAP session adding &reply:State = 0x68ef777168ed6ef7
- (20) [eap] = handled
- (20) } # authenticate = handled
- (20) Using Post-Auth-Type Challenge
- (20) # Executing group from file /etc/freeradius/sites-enabled/GO_Live
- (20) Challenge { ... } # empty sub-section is ignored
- (20) session-state: Saving cached attributes
- (20) Framed-MTU = 994
- (20) Sent Access-Challenge Id 68 from 172.16.200.253:1812 to 10.15.200.15:61772 length 0
- (20) EAP-Message = 0x010200061920
- (20) Message-Authenticator = 0x00000000000000000000000000000000
- (20) State = 0x68ef777168ed6ef72d7f5eed64273179
- (20) Finished request
- Waking up in 4.9 seconds.
- (21) Received Access-Request Id 69 from 10.15.200.15:61772 to 172.16.200.253:1812 length 503
- (21) User-Name = "CORPORATE\\Raspb.P14"
- (21) Service-Type = Framed-User
- (21) Cisco-AVPair = "service-type=Framed"
- (21) Framed-MTU = 1468
- (21) EAP-Message = 0x020200c81980000000be16030100b9010000b503031cc258e9e427593bdafb5fd88b51224244622ec74f9a5a0e91b6abc3f9d52ab6000038c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff01000054000b000403000102000a000c000a001d0017001e001900180016000000170000000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602
- (21) Message-Authenticator = 0xefe4412e3558ba16c8273d117042e833
- (21) Cisco-AVPair = "audit-session-id=0FC80F0A000006F3842D78C6"
- (21) Cisco-AVPair = "method=dot1x"
- (21) Cisco-AVPair = "client-iif-id=346278732"
- (21) NAS-IP-Address = 10.15.200.15
- (21) NAS-Port-Id = "FiveGigabitEthernet1/0/15"
- (21) NAS-Port-Type = Ethernet
- (21) NAS-Port = 50115
- (21) State = 0x68ef777168ed6ef72d7f5eed64273179
- (21) Calling-Station-Id = "DC-A6-32-A8-8A-D0"
- (21) Called-Station-Id = "34-ED-1B-4B-15-8F"
- (21) Restoring &session-state
- (21) &session-state:Framed-MTU = 994
- (21) # Executing section authorize from file /etc/freeradius/sites-enabled/GO_Live
- (21) authorize {
- (21) policy filter_username {
- (21) if (&User-Name) {
- (21) if (&User-Name) -> TRUE
- (21) if (&User-Name) {
- (21) if (&User-Name =~ / /) {
- (21) if (&User-Name =~ / /) -> FALSE
- (21) if (&User-Name =~ /@[^@]*@/ ) {
- (21) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
- (21) if (&User-Name =~ /\.\./ ) {
- (21) if (&User-Name =~ /\.\./ ) -> FALSE
- (21) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
- (21) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
- (21) if (&User-Name =~ /\.$/) {
- (21) if (&User-Name =~ /\.$/) -> FALSE
- (21) if (&User-Name =~ /@\./) {
- (21) if (&User-Name =~ /@\./) -> FALSE
- (21) } # if (&User-Name) = notfound
- (21) } # policy filter_username = notfound
- (21) [preprocess] = ok
- (21) auth_log: EXPAND /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
- (21) auth_log: --> /var/log/freeradius/radacct/10.15.200.15/auth-detail-20210826
- (21) auth_log: /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/10.15.200.15/auth-detail-20210826
- (21) auth_log: EXPAND %t
- (21) auth_log: --> Thu Aug 26 22:36:18 2021
- (21) [auth_log] = ok
- (21) [mschap] = noop
- (21) ntdomain: Checking for prefix before "\"
- (21) ntdomain: Looking up realm "CORPORATE" for User-Name = "CORPORATE\Raspb.P14"
- (21) ntdomain: Found realm "CORPORATE"
- (21) ntdomain: Adding Stripped-User-Name = "Raspb.P14"
- (21) ntdomain: Adding Realm = "CORPORATE"
- (21) ntdomain: Authentication realm is LOCAL
- (21) [ntdomain] = ok
- (21) eap: Peer sent EAP Response (code 2) ID 2 length 200
- (21) eap: Continuing tunnel setup
- (21) [eap] = ok
- (21) } # authorize = ok
- (21) Found Auth-Type = eap
- (21) # Executing group from file /etc/freeradius/sites-enabled/GO_Live
- (21) authenticate {
- (21) eap: Expiring EAP session with state 0x68ef777168ed6ef7
- (21) eap: Finished EAP session with state 0x68ef777168ed6ef7
- (21) eap: Previous EAP request found for state 0x68ef777168ed6ef7, released from the list
- (21) eap: Peer sent packet with method EAP PEAP (25)
- (21) eap: Calling submodule eap_peap to process data
- (21) eap_peap: (TLS) EAP Peer says that the final record size will be 190 bytes
- (21) eap_peap: (TLS) EAP Got all data (190 bytes)
- (21) eap_peap: (TLS) Handshake state - before SSL initialization
- (21) eap_peap: (TLS) Handshake state - Server before SSL initialization
- (21) eap_peap: (TLS) Handshake state - Server before SSL initialization
- (21) eap_peap: (TLS) recv TLS 1.3 Handshake, ClientHello
- (21) eap_peap: (TLS) Handshake state - Server SSLv3/TLS read client hello
- (21) eap_peap: (TLS) send TLS 1.2 Handshake, ServerHello
- (21) eap_peap: (TLS) Handshake state - Server SSLv3/TLS write server hello
- (21) eap_peap: (TLS) send TLS 1.2 Handshake, Certificate
- (21) eap_peap: (TLS) Handshake state - Server SSLv3/TLS write certificate
- (21) eap_peap: (TLS) send TLS 1.2 Handshake, ServerKeyExchange
- (21) eap_peap: (TLS) Handshake state - Server SSLv3/TLS write key exchange
- (21) eap_peap: (TLS) send TLS 1.2 Handshake, ServerHelloDone
- (21) eap_peap: (TLS) Handshake state - Server SSLv3/TLS write server done
- (21) eap_peap: (TLS) Server : Need to read more data: SSLv3/TLS write server done
- (21) eap_peap: (TLS) In Handshake Phase
- (21) eap: Sending EAP Request (code 1) ID 3 length 1004
- (21) eap: EAP session adding &reply:State = 0x68ef777169ec6ef7
- (21) [eap] = handled
- (21) } # authenticate = handled
- (21) Using Post-Auth-Type Challenge
- (21) # Executing group from file /etc/freeradius/sites-enabled/GO_Live
- (21) Challenge { ... } # empty sub-section is ignored
- (21) session-state: Saving cached attributes
- (21) Framed-MTU = 994
- (21) TLS-Session-Information = "(TLS) recv TLS 1.3 Handshake, ClientHello\n"
- (21) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHello\n"
- (21) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Certificate\n"
- (21) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerKeyExchange\n"
- (21) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHelloDone\n"
- (21) Sent Access-Challenge Id 69 from 172.16.200.253:1812 to 10.15.200.15:61772 length 0
- (21) EAP-Message = 0x010303ec19c000000aa5160303003d020000390303fbfab067d669502031374031eec3dfa5348376bd887c379ba5531f0373ce6f9a00c030000011ff01000100000b0004030001020017000016030309030b0008ff0008fc0003f8308203f4308202dca003020102020101300d06092a864886f70d01010b0500308193310b3009060355040613024652310f300d06035504080c065261646975733112301006035504070c09536f6d65776865726531153013060355040a0c0c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e6f72673126302406035504030c1d4578616d706c6520436572746966696361746520417574686f72697479301e170d3231303732363134343635345a170d3231303932343134343635345a307c310b3009060355040613024652310f300d06035504080c0652616469757331153013060355040a0c0c4578616d706c6520496e632e3123302106035504030c1a4578616d70
- (21) Message-Authenticator = 0x00000000000000000000000000000000
- (21) State = 0x68ef777169ec6ef72d7f5eed64273179
- (21) Finished request
- Waking up in 4.9 seconds.
- (22) Received Access-Request Id 70 from 10.15.200.15:61772 to 172.16.200.253:1812 length 309
- (22) User-Name = "CORPORATE\\Raspb.P14"
- (22) Service-Type = Framed-User
- (22) Cisco-AVPair = "service-type=Framed"
- (22) Framed-MTU = 1468
- (22) EAP-Message = 0x020300061900
- (22) Message-Authenticator = 0x22bc4c3b4d39e1d3baf8c085b679696f
- (22) Cisco-AVPair = "audit-session-id=0FC80F0A000006F3842D78C6"
- (22) Cisco-AVPair = "method=dot1x"
- (22) Cisco-AVPair = "client-iif-id=346278732"
- (22) NAS-IP-Address = 10.15.200.15
- (22) NAS-Port-Id = "FiveGigabitEthernet1/0/15"
- (22) NAS-Port-Type = Ethernet
- (22) NAS-Port = 50115
- (22) State = 0x68ef777169ec6ef72d7f5eed64273179
- (22) Calling-Station-Id = "DC-A6-32-A8-8A-D0"
- (22) Called-Station-Id = "34-ED-1B-4B-15-8F"
- (22) Restoring &session-state
- (22) &session-state:Framed-MTU = 994
- (22) &session-state:TLS-Session-Information = "(TLS) recv TLS 1.3 Handshake, ClientHello\n"
- (22) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHello\n"
- (22) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Certificate\n"
- (22) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerKeyExchange\n"
- (22) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHelloDone\n"
- (22) # Executing section authorize from file /etc/freeradius/sites-enabled/GO_Live
- (22) authorize {
- (22) policy filter_username {
- (22) if (&User-Name) {
- (22) if (&User-Name) -> TRUE
- (22) if (&User-Name) {
- (22) if (&User-Name =~ / /) {
- (22) if (&User-Name =~ / /) -> FALSE
- (22) if (&User-Name =~ /@[^@]*@/ ) {
- (22) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
- (22) if (&User-Name =~ /\.\./ ) {
- (22) if (&User-Name =~ /\.\./ ) -> FALSE
- (22) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
- (22) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
- (22) if (&User-Name =~ /\.$/) {
- (22) if (&User-Name =~ /\.$/) -> FALSE
- (22) if (&User-Name =~ /@\./) {
- (22) if (&User-Name =~ /@\./) -> FALSE
- (22) } # if (&User-Name) = notfound
- (22) } # policy filter_username = notfound
- (22) [preprocess] = ok
- (22) auth_log: EXPAND /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
- (22) auth_log: --> /var/log/freeradius/radacct/10.15.200.15/auth-detail-20210826
- (22) auth_log: /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/10.15.200.15/auth-detail-20210826
- (22) auth_log: EXPAND %t
- (22) auth_log: --> Thu Aug 26 22:36:18 2021
- (22) [auth_log] = ok
- (22) [mschap] = noop
- (22) ntdomain: Checking for prefix before "\"
- (22) ntdomain: Looking up realm "CORPORATE" for User-Name = "CORPORATE\Raspb.P14"
- (22) ntdomain: Found realm "CORPORATE"
- (22) ntdomain: Adding Stripped-User-Name = "Raspb.P14"
- (22) ntdomain: Adding Realm = "CORPORATE"
- (22) ntdomain: Authentication realm is LOCAL
- (22) [ntdomain] = ok
- (22) eap: Peer sent EAP Response (code 2) ID 3 length 6
- (22) eap: Continuing tunnel setup
- (22) [eap] = ok
- (22) } # authorize = ok
- (22) Found Auth-Type = eap
- (22) # Executing group from file /etc/freeradius/sites-enabled/GO_Live
- (22) authenticate {
- (22) eap: Expiring EAP session with state 0x68ef777169ec6ef7
- (22) eap: Finished EAP session with state 0x68ef777169ec6ef7
- (22) eap: Previous EAP request found for state 0x68ef777169ec6ef7, released from the list
- (22) eap: Peer sent packet with method EAP PEAP (25)
- (22) eap: Calling submodule eap_peap to process data
- (22) eap_peap: (TLS) Peer ACKed our handshake fragment
- (22) eap: Sending EAP Request (code 1) ID 4 length 1000
- (22) eap: EAP session adding &reply:State = 0x68ef77716aeb6ef7
- (22) [eap] = handled
- (22) } # authenticate = handled
- (22) Using Post-Auth-Type Challenge
- (22) # Executing group from file /etc/freeradius/sites-enabled/GO_Live
- (22) Challenge { ... } # empty sub-section is ignored
- (22) session-state: Saving cached attributes
- (22) Framed-MTU = 994
- (22) TLS-Session-Information = "(TLS) recv TLS 1.3 Handshake, ClientHello\n"
- (22) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHello\n"
- (22) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Certificate\n"
- (22) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerKeyExchange\n"
- (22) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHelloDone\n"
- (22) Sent Access-Challenge Id 70 from 172.16.200.253:1812 to 10.15.200.15:61772 length 0
- (22) EAP-Message = 0x010403e81940612118fa668f9c12cc64288e16c497e12585eda91486f0a8c5240f5ea6b9f623c5c87569dfdb85e99e5c90b6a01a8da8cae26e1fc4710c9d389f642b50cd628b8505529391151970bd086c6b782fa100248dff3934c1a81e9331bd2ee5b85658d2a2f1c8a904d30004fe308204fa308203e2a00302010202140ea6ec415cdc0fa962de082473e519055ec35eed300d06092a864886f70d01010b0500308193310b3009060355040613024652310f300d06035504080c065261646975733112301006035504070c09536f6d65776865726531153013060355040a0c0c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e6f72673126302406035504030c1d4578616d706c6520436572746966696361746520417574686f72697479301e170d3231303732363134343635345a170d3231303932343134343635345a308193310b3009060355040613024652310f300d06035504080c0652616469
- (22) Message-Authenticator = 0x00000000000000000000000000000000
- (22) State = 0x68ef77716aeb6ef72d7f5eed64273179
- (22) Finished request
- Waking up in 4.9 seconds.
- (23) Received Access-Request Id 71 from 10.15.200.15:61772 to 172.16.200.253:1812 length 309
- (23) User-Name = "CORPORATE\\Raspb.P14"
- (23) Service-Type = Framed-User
- (23) Cisco-AVPair = "service-type=Framed"
- (23) Framed-MTU = 1468
- (23) EAP-Message = 0x020400061900
- (23) Message-Authenticator = 0xe35d9a131a37fe003c600249edf13aeb
- (23) Cisco-AVPair = "audit-session-id=0FC80F0A000006F3842D78C6"
- (23) Cisco-AVPair = "method=dot1x"
- (23) Cisco-AVPair = "client-iif-id=346278732"
- (23) NAS-IP-Address = 10.15.200.15
- (23) NAS-Port-Id = "FiveGigabitEthernet1/0/15"
- (23) NAS-Port-Type = Ethernet
- (23) NAS-Port = 50115
- (23) State = 0x68ef77716aeb6ef72d7f5eed64273179
- (23) Calling-Station-Id = "DC-A6-32-A8-8A-D0"
- (23) Called-Station-Id = "34-ED-1B-4B-15-8F"
- (23) Restoring &session-state
- (23) &session-state:Framed-MTU = 994
- (23) &session-state:TLS-Session-Information = "(TLS) recv TLS 1.3 Handshake, ClientHello\n"
- (23) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHello\n"
- (23) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Certificate\n"
- (23) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerKeyExchange\n"
- (23) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHelloDone\n"
- (23) # Executing section authorize from file /etc/freeradius/sites-enabled/GO_Live
- (23) authorize {
- (23) policy filter_username {
- (23) if (&User-Name) {
- (23) if (&User-Name) -> TRUE
- (23) if (&User-Name) {
- (23) if (&User-Name =~ / /) {
- (23) if (&User-Name =~ / /) -> FALSE
- (23) if (&User-Name =~ /@[^@]*@/ ) {
- (23) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
- (23) if (&User-Name =~ /\.\./ ) {
- (23) if (&User-Name =~ /\.\./ ) -> FALSE
- (23) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
- (23) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
- (23) if (&User-Name =~ /\.$/) {
- (23) if (&User-Name =~ /\.$/) -> FALSE
- (23) if (&User-Name =~ /@\./) {
- (23) if (&User-Name =~ /@\./) -> FALSE
- (23) } # if (&User-Name) = notfound
- (23) } # policy filter_username = notfound
- (23) [preprocess] = ok
- (23) auth_log: EXPAND /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
- (23) auth_log: --> /var/log/freeradius/radacct/10.15.200.15/auth-detail-20210826
- (23) auth_log: /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/10.15.200.15/auth-detail-20210826
- (23) auth_log: EXPAND %t
- (23) auth_log: --> Thu Aug 26 22:36:18 2021
- (23) [auth_log] = ok
- (23) [mschap] = noop
- (23) ntdomain: Checking for prefix before "\"
- (23) ntdomain: Looking up realm "CORPORATE" for User-Name = "CORPORATE\Raspb.P14"
- (23) ntdomain: Found realm "CORPORATE"
- (23) ntdomain: Adding Stripped-User-Name = "Raspb.P14"
- (23) ntdomain: Adding Realm = "CORPORATE"
- (23) ntdomain: Authentication realm is LOCAL
- (23) [ntdomain] = ok
- (23) eap: Peer sent EAP Response (code 2) ID 4 length 6
- (23) eap: Continuing tunnel setup
- (23) [eap] = ok
- (23) } # authorize = ok
- (23) Found Auth-Type = eap
- (23) # Executing group from file /etc/freeradius/sites-enabled/GO_Live
- (23) authenticate {
- (23) eap: Expiring EAP session with state 0x68ef77716aeb6ef7
- (23) eap: Finished EAP session with state 0x68ef77716aeb6ef7
- (23) eap: Previous EAP request found for state 0x68ef77716aeb6ef7, released from the list
- (23) eap: Peer sent packet with method EAP PEAP (25)
- (23) eap: Calling submodule eap_peap to process data
- (23) eap_peap: (TLS) Peer ACKed our handshake fragment
- (23) eap: Sending EAP Request (code 1) ID 5 length 743
- (23) eap: EAP session adding &reply:State = 0x68ef77716bea6ef7
- (23) [eap] = handled
- (23) } # authenticate = handled
- (23) Using Post-Auth-Type Challenge
- (23) # Executing group from file /etc/freeradius/sites-enabled/GO_Live
- (23) Challenge { ... } # empty sub-section is ignored
- (23) session-state: Saving cached attributes
- (23) Framed-MTU = 994
- (23) TLS-Session-Information = "(TLS) recv TLS 1.3 Handshake, ClientHello\n"
- (23) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHello\n"
- (23) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Certificate\n"
- (23) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerKeyExchange\n"
- (23) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHelloDone\n"
- (23) Sent Access-Challenge Id 71 from 172.16.200.253:1812 to 10.15.200.15:61772 length 0
- (23) EAP-Message = 0x010502e7190072746966696361746520417574686f7269747982140ea6ec415cdc0fa962de082473e519055ec35eed300f0603551d130101ff040530030101ff30360603551d1f042f302d302ba029a0278625687474703a2f2f7777772e6578616d706c652e6f72672f6578616d706c655f63612e63726c300d06092a864886f70d01010b050003820101001783ba56de4f62e5d71f7c655686bc3eadf3f1f44ed7ba6c98e17b1a9d4f6abfb1424d0a50bfa80006f56dc1c488cab9edb82ef48f0c93755ef56904e6878081e3c8bf429fc76c0456b699c180a2262f23d381f93234689d4f421f78d2a495433be04700b4fe6e0af35bc5227423696c941aa8d39a72b5b921ed07f94b914a9c5f56e19adfbb8356f04a107d2a992f546dcb3c80bd5fd04d8bbe26ef71ee7d025a7d6381d316ae4361f6e93c6a41e15121bd03733bb2325ccb7908054e5e1477ff7d59191bd8e198415c4d5ffc7506cf0794308721797f42436d08ee59b621d40c422096c58209f8e3af4e
- (23) Message-Authenticator = 0x00000000000000000000000000000000
- (23) State = 0x68ef77716bea6ef72d7f5eed64273179
- (23) Finished request
- Waking up in 4.9 seconds.
- (24) Received Access-Request Id 72 from 10.15.200.15:61772 to 172.16.200.253:1812 length 439
- (24) User-Name = "CORPORATE\\Raspb.P14"
- (24) Service-Type = Framed-User
- (24) Cisco-AVPair = "service-type=Framed"
- (24) Framed-MTU = 1468
- (24) EAP-Message = 0x0205008819800000007e1603030046100000424104f05837335e34cec84ffa55386d0c795e96a0a641e1b471072b0a7b915ceda78f0cc9c46ad3b7659412879afb62ed0c35626713bdddd90b0b964c748cc0c4726f140303000101160303002865d2428980423cdd05868839ed2e13603aad86695d53e50bf21463c6d3e2bcebe1aa018afec0a4f4
- (24) Message-Authenticator = 0xaf52444b53a3ad902c3bf3b2bc1ab40b
- (24) Cisco-AVPair = "audit-session-id=0FC80F0A000006F3842D78C6"
- (24) Cisco-AVPair = "method=dot1x"
- (24) Cisco-AVPair = "client-iif-id=346278732"
- (24) NAS-IP-Address = 10.15.200.15
- (24) NAS-Port-Id = "FiveGigabitEthernet1/0/15"
- (24) NAS-Port-Type = Ethernet
- (24) NAS-Port = 50115
- (24) State = 0x68ef77716bea6ef72d7f5eed64273179
- (24) Calling-Station-Id = "DC-A6-32-A8-8A-D0"
- (24) Called-Station-Id = "34-ED-1B-4B-15-8F"
- (24) Restoring &session-state
- (24) &session-state:Framed-MTU = 994
- (24) &session-state:TLS-Session-Information = "(TLS) recv TLS 1.3 Handshake, ClientHello\n"
- (24) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHello\n"
- (24) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Certificate\n"
- (24) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerKeyExchange\n"
- (24) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHelloDone\n"
- (24) # Executing section authorize from file /etc/freeradius/sites-enabled/GO_Live
- (24) authorize {
- (24) policy filter_username {
- (24) if (&User-Name) {
- (24) if (&User-Name) -> TRUE
- (24) if (&User-Name) {
- (24) if (&User-Name =~ / /) {
- (24) if (&User-Name =~ / /) -> FALSE
- (24) if (&User-Name =~ /@[^@]*@/ ) {
- (24) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
- (24) if (&User-Name =~ /\.\./ ) {
- (24) if (&User-Name =~ /\.\./ ) -> FALSE
- (24) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
- (24) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
- (24) if (&User-Name =~ /\.$/) {
- (24) if (&User-Name =~ /\.$/) -> FALSE
- (24) if (&User-Name =~ /@\./) {
- (24) if (&User-Name =~ /@\./) -> FALSE
- (24) } # if (&User-Name) = notfound
- (24) } # policy filter_username = notfound
- (24) [preprocess] = ok
- (24) auth_log: EXPAND /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
- (24) auth_log: --> /var/log/freeradius/radacct/10.15.200.15/auth-detail-20210826
- (24) auth_log: /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/10.15.200.15/auth-detail-20210826
- (24) auth_log: EXPAND %t
- (24) auth_log: --> Thu Aug 26 22:36:18 2021
- (24) [auth_log] = ok
- (24) [mschap] = noop
- (24) ntdomain: Checking for prefix before "\"
- (24) ntdomain: Looking up realm "CORPORATE" for User-Name = "CORPORATE\Raspb.P14"
- (24) ntdomain: Found realm "CORPORATE"
- (24) ntdomain: Adding Stripped-User-Name = "Raspb.P14"
- (24) ntdomain: Adding Realm = "CORPORATE"
- (24) ntdomain: Authentication realm is LOCAL
- (24) [ntdomain] = ok
- (24) eap: Peer sent EAP Response (code 2) ID 5 length 136
- (24) eap: Continuing tunnel setup
- (24) [eap] = ok
- (24) } # authorize = ok
- (24) Found Auth-Type = eap
- (24) # Executing group from file /etc/freeradius/sites-enabled/GO_Live
- (24) authenticate {
- (24) eap: Expiring EAP session with state 0x68ef77716bea6ef7
- (24) eap: Finished EAP session with state 0x68ef77716bea6ef7
- (24) eap: Previous EAP request found for state 0x68ef77716bea6ef7, released from the list
- (24) eap: Peer sent packet with method EAP PEAP (25)
- (24) eap: Calling submodule eap_peap to process data
- (24) eap_peap: (TLS) EAP Peer says that the final record size will be 126 bytes
- (24) eap_peap: (TLS) EAP Got all data (126 bytes)
- (24) eap_peap: (TLS) Handshake state - Server SSLv3/TLS write server done
- (24) eap_peap: (TLS) recv TLS 1.2 Handshake, ClientKeyExchange
- (24) eap_peap: (TLS) Handshake state - Server SSLv3/TLS read client key exchange
- (24) eap_peap: (TLS) Handshake state - Server SSLv3/TLS read change cipher spec
- (24) eap_peap: (TLS) recv TLS 1.2 Handshake, Finished
- (24) eap_peap: (TLS) Handshake state - Server SSLv3/TLS read finished
- (24) eap_peap: (TLS) send TLS 1.2 ChangeCipherSpec
- (24) eap_peap: (TLS) Handshake state - Server SSLv3/TLS write change cipher spec
- (24) eap_peap: (TLS) send TLS 1.2 Handshake, Finished
- (24) eap_peap: (TLS) Handshake state - Server SSLv3/TLS write finished
- (24) eap_peap: (TLS) Handshake state - SSL negotiation finished successfully
- (24) eap_peap: (TLS) Connection Established
- (24) eap_peap: TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
- (24) eap_peap: TLS-Session-Version = "TLS 1.2"
- (24) eap: Sending EAP Request (code 1) ID 6 length 57
- (24) eap: EAP session adding &reply:State = 0x68ef77716ce96ef7
- (24) [eap] = handled
- (24) } # authenticate = handled
- (24) Using Post-Auth-Type Challenge
- (24) # Executing group from file /etc/freeradius/sites-enabled/GO_Live
- (24) Challenge { ... } # empty sub-section is ignored
- (24) session-state: Saving cached attributes
- (24) Framed-MTU = 994
- (24) TLS-Session-Information = "(TLS) recv TLS 1.3 Handshake, ClientHello\n"
- (24) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHello\n"
- (24) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Certificate\n"
- (24) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerKeyExchange\n"
- (24) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHelloDone\n"
- (24) TLS-Session-Information = "(TLS) recv TLS 1.2 Handshake, ClientKeyExchange\n"
- (24) TLS-Session-Information = "(TLS) recv TLS 1.2 Handshake, Finished\n"
- (24) TLS-Session-Information = "(TLS) send TLS 1.2 ChangeCipherSpec\n"
- (24) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Finished\n"
- (24) TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
- (24) TLS-Session-Version = "TLS 1.2"
- (24) Sent Access-Challenge Id 72 from 172.16.200.253:1812 to 10.15.200.15:61772 length 0
- (24) EAP-Message = 0x0106003919001403030001011603030028e1ae2a7bad0fc698bf83bbb5171e14d8ecd113c8d0f8710cf76e50f9e631d2e15f9d37fef507cdf9
- (24) Message-Authenticator = 0x00000000000000000000000000000000
- (24) State = 0x68ef77716ce96ef72d7f5eed64273179
- (24) Finished request
- Waking up in 4.9 seconds.
- (25) Received Access-Request Id 73 from 10.15.200.15:61772 to 172.16.200.253:1812 length 309
- (25) User-Name = "CORPORATE\\Raspb.P14"
- (25) Service-Type = Framed-User
- (25) Cisco-AVPair = "service-type=Framed"
- (25) Framed-MTU = 1468
- (25) EAP-Message = 0x020600061900
- (25) Message-Authenticator = 0x344cd0efd0ef97522a44d0d06f23f595
- (25) Cisco-AVPair = "audit-session-id=0FC80F0A000006F3842D78C6"
- (25) Cisco-AVPair = "method=dot1x"
- (25) Cisco-AVPair = "client-iif-id=346278732"
- (25) NAS-IP-Address = 10.15.200.15
- (25) NAS-Port-Id = "FiveGigabitEthernet1/0/15"
- (25) NAS-Port-Type = Ethernet
- (25) NAS-Port = 50115
- (25) State = 0x68ef77716ce96ef72d7f5eed64273179
- (25) Calling-Station-Id = "DC-A6-32-A8-8A-D0"
- (25) Called-Station-Id = "34-ED-1B-4B-15-8F"
- (25) Restoring &session-state
- (25) &session-state:Framed-MTU = 994
- (25) &session-state:TLS-Session-Information = "(TLS) recv TLS 1.3 Handshake, ClientHello\n"
- (25) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHello\n"
- (25) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Certificate\n"
- (25) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerKeyExchange\n"
- (25) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHelloDone\n"
- (25) &session-state:TLS-Session-Information = "(TLS) recv TLS 1.2 Handshake, ClientKeyExchange\n"
- (25) &session-state:TLS-Session-Information = "(TLS) recv TLS 1.2 Handshake, Finished\n"
- (25) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 ChangeCipherSpec\n"
- (25) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Finished\n"
- (25) &session-state:TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
- (25) &session-state:TLS-Session-Version = "TLS 1.2"
- (25) # Executing section authorize from file /etc/freeradius/sites-enabled/GO_Live
- (25) authorize {
- (25) policy filter_username {
- (25) if (&User-Name) {
- (25) if (&User-Name) -> TRUE
- (25) if (&User-Name) {
- (25) if (&User-Name =~ / /) {
- (25) if (&User-Name =~ / /) -> FALSE
- (25) if (&User-Name =~ /@[^@]*@/ ) {
- (25) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
- (25) if (&User-Name =~ /\.\./ ) {
- (25) if (&User-Name =~ /\.\./ ) -> FALSE
- (25) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
- (25) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
- (25) if (&User-Name =~ /\.$/) {
- (25) if (&User-Name =~ /\.$/) -> FALSE
- (25) if (&User-Name =~ /@\./) {
- (25) if (&User-Name =~ /@\./) -> FALSE
- (25) } # if (&User-Name) = notfound
- (25) } # policy filter_username = notfound
- (25) [preprocess] = ok
- (25) auth_log: EXPAND /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
- (25) auth_log: --> /var/log/freeradius/radacct/10.15.200.15/auth-detail-20210826
- (25) auth_log: /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/10.15.200.15/auth-detail-20210826
- (25) auth_log: EXPAND %t
- (25) auth_log: --> Thu Aug 26 22:36:18 2021
- (25) [auth_log] = ok
- (25) [mschap] = noop
- (25) ntdomain: Checking for prefix before "\"
- (25) ntdomain: Looking up realm "CORPORATE" for User-Name = "CORPORATE\Raspb.P14"
- (25) ntdomain: Found realm "CORPORATE"
- (25) ntdomain: Adding Stripped-User-Name = "Raspb.P14"
- (25) ntdomain: Adding Realm = "CORPORATE"
- (25) ntdomain: Authentication realm is LOCAL
- (25) [ntdomain] = ok
- (25) eap: Peer sent EAP Response (code 2) ID 6 length 6
- (25) eap: Continuing tunnel setup
- (25) [eap] = ok
- (25) } # authorize = ok
- (25) Found Auth-Type = eap
- (25) # Executing group from file /etc/freeradius/sites-enabled/GO_Live
- (25) authenticate {
- (25) eap: Expiring EAP session with state 0x68ef77716ce96ef7
- (25) eap: Finished EAP session with state 0x68ef77716ce96ef7
- (25) eap: Previous EAP request found for state 0x68ef77716ce96ef7, released from the list
- (25) eap: Peer sent packet with method EAP PEAP (25)
- (25) eap: Calling submodule eap_peap to process data
- (25) eap_peap: (TLS) Peer ACKed our handshake fragment. handshake is finished
- (25) eap_peap: Session established. Decoding tunneled attributes
- (25) eap_peap: PEAP state TUNNEL ESTABLISHED
- (25) eap: Sending EAP Request (code 1) ID 7 length 40
- (25) eap: EAP session adding &reply:State = 0x68ef77716de86ef7
- (25) [eap] = handled
- (25) } # authenticate = handled
- (25) Using Post-Auth-Type Challenge
- (25) # Executing group from file /etc/freeradius/sites-enabled/GO_Live
- (25) Challenge { ... } # empty sub-section is ignored
- (25) session-state: Saving cached attributes
- (25) Framed-MTU = 994
- (25) TLS-Session-Information = "(TLS) recv TLS 1.3 Handshake, ClientHello\n"
- (25) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHello\n"
- (25) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Certificate\n"
- (25) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerKeyExchange\n"
- (25) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHelloDone\n"
- (25) TLS-Session-Information = "(TLS) recv TLS 1.2 Handshake, ClientKeyExchange\n"
- (25) TLS-Session-Information = "(TLS) recv TLS 1.2 Handshake, Finished\n"
- (25) TLS-Session-Information = "(TLS) send TLS 1.2 ChangeCipherSpec\n"
- (25) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Finished\n"
- (25) TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
- (25) TLS-Session-Version = "TLS 1.2"
- (25) Sent Access-Challenge Id 73 from 172.16.200.253:1812 to 10.15.200.15:61772 length 0
- (25) EAP-Message = 0x010700281900170303001de1ae2a7bad0fc699c41ae355b5579cd3565c0456b4baecae93d2245278
- (25) Message-Authenticator = 0x00000000000000000000000000000000
- (25) State = 0x68ef77716de86ef72d7f5eed64273179
- (25) Finished request
- Waking up in 4.9 seconds.
- (26) Received Access-Request Id 74 from 10.15.200.15:61772 to 172.16.200.253:1812 length 358
- (26) User-Name = "CORPORATE\\Raspb.P14"
- (26) Service-Type = Framed-User
- (26) Cisco-AVPair = "service-type=Framed"
- (26) Framed-MTU = 1468
- (26) EAP-Message = 0x020700371900170303002c65d2428980423cde3946862910c9599864d7a68e131cd98be33af7dc63e4f7ea1c420d7002089d732fb9d843
- (26) Message-Authenticator = 0x4bb17c18a02f10458625865643aa2047
- (26) Cisco-AVPair = "audit-session-id=0FC80F0A000006F3842D78C6"
- (26) Cisco-AVPair = "method=dot1x"
- (26) Cisco-AVPair = "client-iif-id=346278732"
- (26) NAS-IP-Address = 10.15.200.15
- (26) NAS-Port-Id = "FiveGigabitEthernet1/0/15"
- (26) NAS-Port-Type = Ethernet
- (26) NAS-Port = 50115
- (26) State = 0x68ef77716de86ef72d7f5eed64273179
- (26) Calling-Station-Id = "DC-A6-32-A8-8A-D0"
- (26) Called-Station-Id = "34-ED-1B-4B-15-8F"
- (26) Restoring &session-state
- (26) &session-state:Framed-MTU = 994
- (26) &session-state:TLS-Session-Information = "(TLS) recv TLS 1.3 Handshake, ClientHello\n"
- (26) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHello\n"
- (26) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Certificate\n"
- (26) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerKeyExchange\n"
- (26) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHelloDone\n"
- (26) &session-state:TLS-Session-Information = "(TLS) recv TLS 1.2 Handshake, ClientKeyExchange\n"
- (26) &session-state:TLS-Session-Information = "(TLS) recv TLS 1.2 Handshake, Finished\n"
- (26) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 ChangeCipherSpec\n"
- (26) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Finished\n"
- (26) &session-state:TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
- (26) &session-state:TLS-Session-Version = "TLS 1.2"
- (26) # Executing section authorize from file /etc/freeradius/sites-enabled/GO_Live
- (26) authorize {
- (26) policy filter_username {
- (26) if (&User-Name) {
- (26) if (&User-Name) -> TRUE
- (26) if (&User-Name) {
- (26) if (&User-Name =~ / /) {
- (26) if (&User-Name =~ / /) -> FALSE
- (26) if (&User-Name =~ /@[^@]*@/ ) {
- (26) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
- (26) if (&User-Name =~ /\.\./ ) {
- (26) if (&User-Name =~ /\.\./ ) -> FALSE
- (26) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
- (26) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
- (26) if (&User-Name =~ /\.$/) {
- (26) if (&User-Name =~ /\.$/) -> FALSE
- (26) if (&User-Name =~ /@\./) {
- (26) if (&User-Name =~ /@\./) -> FALSE
- (26) } # if (&User-Name) = notfound
- (26) } # policy filter_username = notfound
- (26) [preprocess] = ok
- (26) auth_log: EXPAND /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
- (26) auth_log: --> /var/log/freeradius/radacct/10.15.200.15/auth-detail-20210826
- (26) auth_log: /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/10.15.200.15/auth-detail-20210826
- (26) auth_log: EXPAND %t
- (26) auth_log: --> Thu Aug 26 22:36:18 2021
- (26) [auth_log] = ok
- (26) [mschap] = noop
- (26) ntdomain: Checking for prefix before "\"
- (26) ntdomain: Looking up realm "CORPORATE" for User-Name = "CORPORATE\Raspb.P14"
- (26) ntdomain: Found realm "CORPORATE"
- (26) ntdomain: Adding Stripped-User-Name = "Raspb.P14"
- (26) ntdomain: Adding Realm = "CORPORATE"
- (26) ntdomain: Authentication realm is LOCAL
- (26) [ntdomain] = ok
- (26) eap: Peer sent EAP Response (code 2) ID 7 length 55
- (26) eap: Continuing tunnel setup
- (26) [eap] = ok
- (26) } # authorize = ok
- (26) Found Auth-Type = eap
- (26) # Executing group from file /etc/freeradius/sites-enabled/GO_Live
- (26) authenticate {
- (26) eap: Expiring EAP session with state 0x68ef77716de86ef7
- (26) eap: Finished EAP session with state 0x68ef77716de86ef7
- (26) eap: Previous EAP request found for state 0x68ef77716de86ef7, released from the list
- (26) eap: Peer sent packet with method EAP PEAP (25)
- (26) eap: Calling submodule eap_peap to process data
- (26) eap_peap: (TLS) EAP Done initial handshake
- (26) eap_peap: Session established. Decoding tunneled attributes
- (26) eap_peap: PEAP state WAITING FOR INNER IDENTITY
- (26) eap_peap: Identity - CORPORATE\Raspb.P14
- (26) eap_peap: Got inner identity 'CORPORATE\Raspb.P14'
- (26) eap_peap: Setting default EAP type for tunneled EAP session
- (26) eap_peap: Got tunneled request
- (26) eap_peap: EAP-Message = 0x0207001801434f52504f524154455c52617370622e503134
- (26) eap_peap: Setting User-Name to CORPORATE\Raspb.P14
- (26) eap_peap: Sending tunneled request to inner-tunnel
- (26) eap_peap: EAP-Message = 0x0207001801434f52504f524154455c52617370622e503134
- (26) eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
- (26) eap_peap: User-Name = "CORPORATE\\Raspb.P14"
- (26) Virtual server inner-tunnel received request
- (26) EAP-Message = 0x0207001801434f52504f524154455c52617370622e503134
- (26) FreeRADIUS-Proxied-To = 127.0.0.1
- (26) User-Name = "CORPORATE\\Raspb.P14"
- (26) WARNING: Outer and inner identities are the same. User privacy is compromised.
- (26) server inner-tunnel {
- (26) # Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
- (26) authorize {
- (26) policy filter_username {
- (26) if (&User-Name) {
- (26) if (&User-Name) -> TRUE
- (26) if (&User-Name) {
- (26) if (&User-Name =~ / /) {
- (26) if (&User-Name =~ / /) -> FALSE
- (26) if (&User-Name =~ /@[^@]*@/ ) {
- (26) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
- (26) if (&User-Name =~ /\.\./ ) {
- (26) if (&User-Name =~ /\.\./ ) -> FALSE
- (26) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
- (26) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
- (26) if (&User-Name =~ /\.$/) {
- (26) if (&User-Name =~ /\.$/) -> FALSE
- (26) if (&User-Name =~ /@\./) {
- (26) if (&User-Name =~ /@\./) -> FALSE
- (26) } # if (&User-Name) = notfound
- (26) } # policy filter_username = notfound
- (26) [mschap] = noop
- (26) ntdomain: Checking for prefix before "\"
- (26) ntdomain: Looking up realm "CORPORATE" for User-Name = "CORPORATE\Raspb.P14"
- (26) ntdomain: Found realm "CORPORATE"
- (26) ntdomain: Adding Stripped-User-Name = "Raspb.P14"
- (26) ntdomain: Adding Realm = "CORPORATE"
- (26) ntdomain: Authentication realm is LOCAL
- (26) [ntdomain] = ok
- (26) eap: Peer sent EAP Response (code 2) ID 7 length 24
- (26) eap: EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
- (26) [eap] = ok
- (26) } # authorize = ok
- (26) Found Auth-Type = eap
- (26) # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
- (26) authenticate {
- (26) eap: Peer sent packet with method EAP Identity (1)
- (26) eap: Calling submodule eap_mschapv2 to process data
- (26) eap_mschapv2: Issuing Challenge
- (26) eap: Sending EAP Request (code 1) ID 8 length 43
- (26) eap: EAP session adding &reply:State = 0x2c4eaac22c46b0b4
- (26) [eap] = handled
- (26) } # authenticate = handled
- (26) } # server inner-tunnel
- (26) Virtual server sending reply
- (26) EAP-Message = 0x0108002b1a01080026105651527af0db11d65047cdd227eed5a7667265657261646975732d332e302e3233
- (26) Message-Authenticator = 0x00000000000000000000000000000000
- (26) State = 0x2c4eaac22c46b0b4656110deb915f9b3
- (26) eap_peap: Got tunneled reply code 11
- (26) eap_peap: EAP-Message = 0x0108002b1a01080026105651527af0db11d65047cdd227eed5a7667265657261646975732d332e302e3233
- (26) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
- (26) eap_peap: State = 0x2c4eaac22c46b0b4656110deb915f9b3
- (26) eap_peap: Got tunneled reply RADIUS code 11
- (26) eap_peap: EAP-Message = 0x0108002b1a01080026105651527af0db11d65047cdd227eed5a7667265657261646975732d332e302e3233
- (26) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
- (26) eap_peap: State = 0x2c4eaac22c46b0b4656110deb915f9b3
- (26) eap_peap: Got tunneled Access-Challenge
- (26) eap: Sending EAP Request (code 1) ID 8 length 74
- (26) eap: EAP session adding &reply:State = 0x68ef77716ee76ef7
- (26) [eap] = handled
- (26) } # authenticate = handled
- (26) Using Post-Auth-Type Challenge
- (26) # Executing group from file /etc/freeradius/sites-enabled/GO_Live
- (26) Challenge { ... } # empty sub-section is ignored
- (26) session-state: Saving cached attributes
- (26) Framed-MTU = 994
- (26) TLS-Session-Information = "(TLS) recv TLS 1.3 Handshake, ClientHello\n"
- (26) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHello\n"
- (26) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Certificate\n"
- (26) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerKeyExchange\n"
- (26) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHelloDone\n"
- (26) TLS-Session-Information = "(TLS) recv TLS 1.2 Handshake, ClientKeyExchange\n"
- (26) TLS-Session-Information = "(TLS) recv TLS 1.2 Handshake, Finished\n"
- (26) TLS-Session-Information = "(TLS) send TLS 1.2 ChangeCipherSpec\n"
- (26) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Finished\n"
- (26) TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
- (26) TLS-Session-Version = "TLS 1.2"
- (26) Sent Access-Challenge Id 74 from 172.16.200.253:1812 to 10.15.200.15:61772 length 0
- (26) EAP-Message = 0x0108004a1900170303003fe1ae2a7bad0fc69a9f13ab50bc87f16914defdf66e73e5745a2a468208edd8a45d91e69b4760838035e53bd0b9f40d57ed37432cf1fd18e53cc4956479f597
- (26) Message-Authenticator = 0x00000000000000000000000000000000
- (26) State = 0x68ef77716ee76ef72d7f5eed64273179
- (26) Finished request
- Waking up in 4.9 seconds.
- (27) Received Access-Request Id 75 from 10.15.200.15:61772 to 172.16.200.253:1812 length 412
- (27) User-Name = "CORPORATE\\Raspb.P14"
- (27) Service-Type = Framed-User
- (27) Cisco-AVPair = "service-type=Framed"
- (27) Framed-MTU = 1468
- (27) EAP-Message = 0x0208006d1900170303006265d2428980423cdf9c5834fce18e3bac46bee800a013d319ef01a02112592647cb4cc8f5987822e14973f421b78e89dac39b7de48cb87e449ed9ace084312025ea1571ed38fb0de840731cf641824d10a9938b67da4f6ff32368f29d280b4d62dcdd
- (27) Message-Authenticator = 0x3430d80e7a904ed189a80d7f983417d3
- (27) Cisco-AVPair = "audit-session-id=0FC80F0A000006F3842D78C6"
- (27) Cisco-AVPair = "method=dot1x"
- (27) Cisco-AVPair = "client-iif-id=346278732"
- (27) NAS-IP-Address = 10.15.200.15
- (27) NAS-Port-Id = "FiveGigabitEthernet1/0/15"
- (27) NAS-Port-Type = Ethernet
- (27) NAS-Port = 50115
- (27) State = 0x68ef77716ee76ef72d7f5eed64273179
- (27) Calling-Station-Id = "DC-A6-32-A8-8A-D0"
- (27) Called-Station-Id = "34-ED-1B-4B-15-8F"
- (27) Restoring &session-state
- (27) &session-state:Framed-MTU = 994
- (27) &session-state:TLS-Session-Information = "(TLS) recv TLS 1.3 Handshake, ClientHello\n"
- (27) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHello\n"
- (27) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Certificate\n"
- (27) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerKeyExchange\n"
- (27) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHelloDone\n"
- (27) &session-state:TLS-Session-Information = "(TLS) recv TLS 1.2 Handshake, ClientKeyExchange\n"
- (27) &session-state:TLS-Session-Information = "(TLS) recv TLS 1.2 Handshake, Finished\n"
- (27) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 ChangeCipherSpec\n"
- (27) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Finished\n"
- (27) &session-state:TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
- (27) &session-state:TLS-Session-Version = "TLS 1.2"
- (27) # Executing section authorize from file /etc/freeradius/sites-enabled/GO_Live
- (27) authorize {
- (27) policy filter_username {
- (27) if (&User-Name) {
- (27) if (&User-Name) -> TRUE
- (27) if (&User-Name) {
- (27) if (&User-Name =~ / /) {
- (27) if (&User-Name =~ / /) -> FALSE
- (27) if (&User-Name =~ /@[^@]*@/ ) {
- (27) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
- (27) if (&User-Name =~ /\.\./ ) {
- (27) if (&User-Name =~ /\.\./ ) -> FALSE
- (27) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
- (27) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
- (27) if (&User-Name =~ /\.$/) {
- (27) if (&User-Name =~ /\.$/) -> FALSE
- (27) if (&User-Name =~ /@\./) {
- (27) if (&User-Name =~ /@\./) -> FALSE
- (27) } # if (&User-Name) = notfound
- (27) } # policy filter_username = notfound
- (27) [preprocess] = ok
- (27) auth_log: EXPAND /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
- (27) auth_log: --> /var/log/freeradius/radacct/10.15.200.15/auth-detail-20210826
- (27) auth_log: /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/10.15.200.15/auth-detail-20210826
- (27) auth_log: EXPAND %t
- (27) auth_log: --> Thu Aug 26 22:36:18 2021
- (27) [auth_log] = ok
- (27) [mschap] = noop
- (27) ntdomain: Checking for prefix before "\"
- (27) ntdomain: Looking up realm "CORPORATE" for User-Name = "CORPORATE\Raspb.P14"
- (27) ntdomain: Found realm "CORPORATE"
- (27) ntdomain: Adding Stripped-User-Name = "Raspb.P14"
- (27) ntdomain: Adding Realm = "CORPORATE"
- (27) ntdomain: Authentication realm is LOCAL
- (27) [ntdomain] = ok
- (27) eap: Peer sent EAP Response (code 2) ID 8 length 109
- (27) eap: Continuing tunnel setup
- (27) [eap] = ok
- (27) } # authorize = ok
- (27) Found Auth-Type = eap
- (27) # Executing group from file /etc/freeradius/sites-enabled/GO_Live
- (27) authenticate {
- (27) eap: Expiring EAP session with state 0x2c4eaac22c46b0b4
- (27) eap: Finished EAP session with state 0x68ef77716ee76ef7
- (27) eap: Previous EAP request found for state 0x68ef77716ee76ef7, released from the list
- (27) eap: Peer sent packet with method EAP PEAP (25)
- (27) eap: Calling submodule eap_peap to process data
- (27) eap_peap: (TLS) EAP Done initial handshake
- (27) eap_peap: Session established. Decoding tunneled attributes
- (27) eap_peap: PEAP state phase2
- (27) eap_peap: EAP method MSCHAPv2 (26)
- (27) eap_peap: Got tunneled request
- (27) eap_peap: EAP-Message = 0x0208004e1a0208004931dace487f2291cfb1803462e241094cb100000000000000006bad6ccdfb11f56adf4f46fd82b4ca886f638ede417aebf500434f52504f524154455c52617370622e503134
- (27) eap_peap: Setting User-Name to CORPORATE\Raspb.P14
- (27) eap_peap: Sending tunneled request to inner-tunnel
- (27) eap_peap: EAP-Message = 0x0208004e1a0208004931dace487f2291cfb1803462e241094cb100000000000000006bad6ccdfb11f56adf4f46fd82b4ca886f638ede417aebf500434f52504f524154455c52617370622e503134
- (27) eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
- (27) eap_peap: User-Name = "CORPORATE\\Raspb.P14"
- (27) eap_peap: State = 0x2c4eaac22c46b0b4656110deb915f9b3
- (27) Virtual server inner-tunnel received request
- (27) EAP-Message = 0x0208004e1a0208004931dace487f2291cfb1803462e241094cb100000000000000006bad6ccdfb11f56adf4f46fd82b4ca886f638ede417aebf500434f52504f524154455c52617370622e503134
- (27) FreeRADIUS-Proxied-To = 127.0.0.1
- (27) User-Name = "CORPORATE\\Raspb.P14"
- (27) State = 0x2c4eaac22c46b0b4656110deb915f9b3
- (27) WARNING: Outer and inner identities are the same. User privacy is compromised.
- (27) server inner-tunnel {
- (27) session-state: No cached attributes
- (27) # Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
- (27) authorize {
- (27) policy filter_username {
- (27) if (&User-Name) {
- (27) if (&User-Name) -> TRUE
- (27) if (&User-Name) {
- (27) if (&User-Name =~ / /) {
- (27) if (&User-Name =~ / /) -> FALSE
- (27) if (&User-Name =~ /@[^@]*@/ ) {
- (27) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
- (27) if (&User-Name =~ /\.\./ ) {
- (27) if (&User-Name =~ /\.\./ ) -> FALSE
- (27) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
- (27) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
- (27) if (&User-Name =~ /\.$/) {
- (27) if (&User-Name =~ /\.$/) -> FALSE
- (27) if (&User-Name =~ /@\./) {
- (27) if (&User-Name =~ /@\./) -> FALSE
- (27) } # if (&User-Name) = notfound
- (27) } # policy filter_username = notfound
- (27) [mschap] = noop
- (27) ntdomain: Checking for prefix before "\"
- (27) ntdomain: Looking up realm "CORPORATE" for User-Name = "CORPORATE\Raspb.P14"
- (27) ntdomain: Found realm "CORPORATE"
- (27) ntdomain: Adding Stripped-User-Name = "Raspb.P14"
- (27) ntdomain: Adding Realm = "CORPORATE"
- (27) ntdomain: Authentication realm is LOCAL
- (27) [ntdomain] = ok
- (27) eap: Peer sent EAP Response (code 2) ID 8 length 78
- (27) eap: No EAP Start, assuming it's an on-going EAP conversation
- (27) [eap] = updated
- (27) [files] = noop
- (27) sql: EXPAND %{User-Name}
- (27) sql: --> CORPORATE\\Raspb.P14
- (27) sql: SQL-User-Name set to 'CORPORATE\\Raspb.P14'
- rlm_sql (sql): Reserved connection (11)
- (27) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id
- (27) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'CORPORATE=5C=5CRaspb.P14' ORDER BY id
- (27) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'CORPORATE=5C=5CRaspb.P14' ORDER BY id
- (27) sql: WARNING: User not found in radcheck table.
- (27) sql: EXPAND SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority
- (27) sql: --> SELECT groupname FROM radusergroup WHERE username = 'CORPORATE=5C=5CRaspb.P14' ORDER BY priority
- (27) sql: Executing select query: SELECT groupname FROM radusergroup WHERE username = 'CORPORATE=5C=5CRaspb.P14' ORDER BY priority
- (27) sql: User not found in any groups
- rlm_sql (sql): Released connection (11)
- (27) [sql] = notfound
- rlm_ldap (ldap): Reserved connection (19)
- (27) ldap: EXPAND (sAMAccountName=%{%{Stripped-User-Name}:-%{User-Name}})
- (27) ldap: --> (sAMAccountName=Raspb.P14)
- (27) ldap: Performing search in "dc=corporate,dc=intra" with filter "(sAMAccountName=Raspb.P14)", scope "sub"
- (27) ldap: Waiting for search result...
- rlm_ldap (ldap): Rebinding to URL ldap://DomainDnsZones.corporate.intra/DC=DomainDnsZones,DC=corporate,DC=intra
- rlm_ldap (ldap): Waiting for bind result...
- rlm_ldap (ldap): Rebinding to URL ldap://ForestDnsZones.corporate.intra/DC=ForestDnsZones,DC=corporate,DC=intra
- rlm_ldap (ldap): Waiting for bind result...
- rlm_ldap (ldap): Bind successful
- rlm_ldap (ldap): Bind successful
- (27) ldap: User object found at DN "CN=Raspb.P14,OU=GO Services,OU=Systems_Administration_OU,DC=corporate,DC=intra"
- (27) ldap: Processing user attributes
- (27) ldap: WARNING: No "known good" password added. Ensure the admin user has permission to read the password attribute
- (27) ldap: WARNING: PAP authentication will *NOT* work with Active Directory (if that is what you were trying to configure)
- rlm_ldap (ldap): Deleting connection (19) - Was referred to a different LDAP server
- Need 2 more connections to reach min connections (3)
- rlm_ldap (ldap): Opening additional connection (21), 1 of 31 pending slots used
- rlm_ldap (ldap): Connecting to ldap://corporate.intra:389
- rlm_ldap (ldap): Waiting for bind result...
- rlm_ldap (ldap): Bind successful
- (27) [ldap] = ok
- (27) [expiration] = noop
- (27) [logintime] = noop
- Not doing PAP as Auth-Type is already set.
- (27) [pap] = noop
- (27) } # authorize = updated
- (27) Found Auth-Type = eap
- (27) # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
- (27) authenticate {
- (27) eap: Expiring EAP session with state 0x2c4eaac22c46b0b4
- (27) eap: Finished EAP session with state 0x2c4eaac22c46b0b4
- (27) eap: Previous EAP request found for state 0x2c4eaac22c46b0b4, released from the list
- (27) eap: Peer sent packet with method EAP MSCHAPv2 (26)
- (27) eap: Calling submodule eap_mschapv2 to process data
- (27) eap_mschapv2: # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
- (27) eap_mschapv2: authenticate {
- (27) mschap: Creating challenge hash with username: Raspb.P14
- (27) mschap: Client is using MS-CHAPv2
- (27) mschap: EXPAND %{mschap:User-Name}
- (27) mschap: --> Raspb.P14
- (27) mschap: EXPAND %{mschap:NT-Domain}
- (27) mschap: --> CORPORATE
- rlm_mschap (mschap): Reserved connection (3)
- (27) mschap: sending authentication request user='Raspb.P14' domain='CORPORATE'
- rlm_mschap (mschap): Released connection (3)
- (27) mschap: Authenticated successfully
- (27) mschap: Adding MS-CHAPv2 MPPE keys
- (27) eap_mschapv2: [mschap] = ok
- (27) eap_mschapv2: } # authenticate = ok
- (27) eap_mschapv2: MSCHAP Success
- (27) eap: Sending EAP Request (code 1) ID 9 length 51
- (27) eap: EAP session adding &reply:State = 0x2c4eaac22d47b0b4
- (27) [eap] = handled
- (27) } # authenticate = handled
- (27) } # server inner-tunnel
- (27) Virtual server sending reply
- (27) EAP-Message = 0x010900331a0308002e533d37444445423832363646333245324538344545333541433331324630444231453135464431353341
- (27) Message-Authenticator = 0x00000000000000000000000000000000
- (27) State = 0x2c4eaac22d47b0b4656110deb915f9b3
- (27) eap_peap: Got tunneled reply code 11
- (27) eap_peap: EAP-Message = 0x010900331a0308002e533d37444445423832363646333245324538344545333541433331324630444231453135464431353341
- (27) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
- (27) eap_peap: State = 0x2c4eaac22d47b0b4656110deb915f9b3
- (27) eap_peap: Got tunneled reply RADIUS code 11
- (27) eap_peap: EAP-Message = 0x010900331a0308002e533d37444445423832363646333245324538344545333541433331324630444231453135464431353341
- (27) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
- (27) eap_peap: State = 0x2c4eaac22d47b0b4656110deb915f9b3
- (27) eap_peap: Got tunneled Access-Challenge
- (27) eap: Sending EAP Request (code 1) ID 9 length 82
- (27) eap: EAP session adding &reply:State = 0x68ef77716fe66ef7
- (27) [eap] = handled
- (27) } # authenticate = handled
- (27) Using Post-Auth-Type Challenge
- (27) # Executing group from file /etc/freeradius/sites-enabled/GO_Live
- (27) Challenge { ... } # empty sub-section is ignored
- (27) session-state: Saving cached attributes
- (27) Framed-MTU = 994
- (27) TLS-Session-Information = "(TLS) recv TLS 1.3 Handshake, ClientHello\n"
- (27) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHello\n"
- (27) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Certificate\n"
- (27) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerKeyExchange\n"
- (27) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHelloDone\n"
- (27) TLS-Session-Information = "(TLS) recv TLS 1.2 Handshake, ClientKeyExchange\n"
- (27) TLS-Session-Information = "(TLS) recv TLS 1.2 Handshake, Finished\n"
- (27) TLS-Session-Information = "(TLS) send TLS 1.2 ChangeCipherSpec\n"
- (27) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Finished\n"
- (27) TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
- (27) TLS-Session-Version = "TLS 1.2"
- (27) Sent Access-Challenge Id 75 from 172.16.200.253:1812 to 10.15.200.15:61772 length 0
- (27) EAP-Message = 0x0109005219001703030047e1ae2a7bad0fc69b74c77f1e05647ea7438cd4cfb62e63fe0bf1af9e28c19f7e7bc219dd4961c1367f798132dc13fc87ad1fd7b9b5329431cc0866a5bf9df66b8e1242c2a4416f
- (27) Message-Authenticator = 0x00000000000000000000000000000000
- (27) State = 0x68ef77716fe66ef72d7f5eed64273179
- (27) Finished request
- Waking up in 4.9 seconds.
- (28) Received Access-Request Id 76 from 10.15.200.15:61772 to 172.16.200.253:1812 length 340
- (28) User-Name = "CORPORATE\\Raspb.P14"
- (28) Service-Type = Framed-User
- (28) Cisco-AVPair = "service-type=Framed"
- (28) Framed-MTU = 1468
- (28) EAP-Message = 0x020900251900170303001a65d2428980423ce0d109908025fe7165f015f934f22cad9720cb
- (28) Message-Authenticator = 0x6c0d988538c227f9878c357a2dcbc6e3
- (28) Cisco-AVPair = "audit-session-id=0FC80F0A000006F3842D78C6"
- (28) Cisco-AVPair = "method=dot1x"
- (28) Cisco-AVPair = "client-iif-id=346278732"
- (28) NAS-IP-Address = 10.15.200.15
- (28) NAS-Port-Id = "FiveGigabitEthernet1/0/15"
- (28) NAS-Port-Type = Ethernet
- (28) NAS-Port = 50115
- (28) State = 0x68ef77716fe66ef72d7f5eed64273179
- (28) Calling-Station-Id = "DC-A6-32-A8-8A-D0"
- (28) Called-Station-Id = "34-ED-1B-4B-15-8F"
- (28) Restoring &session-state
- (28) &session-state:Framed-MTU = 994
- (28) &session-state:TLS-Session-Information = "(TLS) recv TLS 1.3 Handshake, ClientHello\n"
- (28) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHello\n"
- (28) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Certificate\n"
- (28) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerKeyExchange\n"
- (28) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHelloDone\n"
- (28) &session-state:TLS-Session-Information = "(TLS) recv TLS 1.2 Handshake, ClientKeyExchange\n"
- (28) &session-state:TLS-Session-Information = "(TLS) recv TLS 1.2 Handshake, Finished\n"
- (28) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 ChangeCipherSpec\n"
- (28) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Finished\n"
- (28) &session-state:TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
- (28) &session-state:TLS-Session-Version = "TLS 1.2"
- (28) # Executing section authorize from file /etc/freeradius/sites-enabled/GO_Live
- (28) authorize {
- (28) policy filter_username {
- (28) if (&User-Name) {
- (28) if (&User-Name) -> TRUE
- (28) if (&User-Name) {
- (28) if (&User-Name =~ / /) {
- (28) if (&User-Name =~ / /) -> FALSE
- (28) if (&User-Name =~ /@[^@]*@/ ) {
- (28) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
- (28) if (&User-Name =~ /\.\./ ) {
- (28) if (&User-Name =~ /\.\./ ) -> FALSE
- (28) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
- (28) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
- (28) if (&User-Name =~ /\.$/) {
- (28) if (&User-Name =~ /\.$/) -> FALSE
- (28) if (&User-Name =~ /@\./) {
- (28) if (&User-Name =~ /@\./) -> FALSE
- (28) } # if (&User-Name) = notfound
- (28) } # policy filter_username = notfound
- (28) [preprocess] = ok
- (28) auth_log: EXPAND /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
- (28) auth_log: --> /var/log/freeradius/radacct/10.15.200.15/auth-detail-20210826
- (28) auth_log: /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/10.15.200.15/auth-detail-20210826
- (28) auth_log: EXPAND %t
- (28) auth_log: --> Thu Aug 26 22:36:18 2021
- (28) [auth_log] = ok
- (28) [mschap] = noop
- (28) ntdomain: Checking for prefix before "\"
- (28) ntdomain: Looking up realm "CORPORATE" for User-Name = "CORPORATE\Raspb.P14"
- (28) ntdomain: Found realm "CORPORATE"
- (28) ntdomain: Adding Stripped-User-Name = "Raspb.P14"
- (28) ntdomain: Adding Realm = "CORPORATE"
- (28) ntdomain: Authentication realm is LOCAL
- (28) [ntdomain] = ok
- (28) eap: Peer sent EAP Response (code 2) ID 9 length 37
- (28) eap: Continuing tunnel setup
- (28) [eap] = ok
- (28) } # authorize = ok
- (28) Found Auth-Type = eap
- (28) # Executing group from file /etc/freeradius/sites-enabled/GO_Live
- (28) authenticate {
- (28) eap: Expiring EAP session with state 0x2c4eaac22d47b0b4
- (28) eap: Finished EAP session with state 0x68ef77716fe66ef7
- (28) eap: Previous EAP request found for state 0x68ef77716fe66ef7, released from the list
- (28) eap: Peer sent packet with method EAP PEAP (25)
- (28) eap: Calling submodule eap_peap to process data
- (28) eap_peap: (TLS) EAP Done initial handshake
- (28) eap_peap: Session established. Decoding tunneled attributes
- (28) eap_peap: PEAP state phase2
- (28) eap_peap: EAP method MSCHAPv2 (26)
- (28) eap_peap: Got tunneled request
- (28) eap_peap: EAP-Message = 0x020900061a03
- (28) eap_peap: Setting User-Name to CORPORATE\Raspb.P14
- (28) eap_peap: Sending tunneled request to inner-tunnel
- (28) eap_peap: EAP-Message = 0x020900061a03
- (28) eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
- (28) eap_peap: User-Name = "CORPORATE\\Raspb.P14"
- (28) eap_peap: State = 0x2c4eaac22d47b0b4656110deb915f9b3
- (28) Virtual server inner-tunnel received request
- (28) EAP-Message = 0x020900061a03
- (28) FreeRADIUS-Proxied-To = 127.0.0.1
- (28) User-Name = "CORPORATE\\Raspb.P14"
- (28) State = 0x2c4eaac22d47b0b4656110deb915f9b3
- (28) WARNING: Outer and inner identities are the same. User privacy is compromised.
- (28) server inner-tunnel {
- (28) session-state: No cached attributes
- (28) # Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
- (28) authorize {
- (28) policy filter_username {
- (28) if (&User-Name) {
- (28) if (&User-Name) -> TRUE
- (28) if (&User-Name) {
- (28) if (&User-Name =~ / /) {
- (28) if (&User-Name =~ / /) -> FALSE
- (28) if (&User-Name =~ /@[^@]*@/ ) {
- (28) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
- (28) if (&User-Name =~ /\.\./ ) {
- (28) if (&User-Name =~ /\.\./ ) -> FALSE
- (28) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
- (28) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
- (28) if (&User-Name =~ /\.$/) {
- (28) if (&User-Name =~ /\.$/) -> FALSE
- (28) if (&User-Name =~ /@\./) {
- (28) if (&User-Name =~ /@\./) -> FALSE
- (28) } # if (&User-Name) = notfound
- (28) } # policy filter_username = notfound
- (28) [mschap] = noop
- (28) ntdomain: Checking for prefix before "\"
- (28) ntdomain: Looking up realm "CORPORATE" for User-Name = "CORPORATE\Raspb.P14"
- (28) ntdomain: Found realm "CORPORATE"
- (28) ntdomain: Adding Stripped-User-Name = "Raspb.P14"
- (28) ntdomain: Adding Realm = "CORPORATE"
- (28) ntdomain: Authentication realm is LOCAL
- (28) [ntdomain] = ok
- (28) eap: Peer sent EAP Response (code 2) ID 9 length 6
- (28) eap: No EAP Start, assuming it's an on-going EAP conversation
- (28) [eap] = updated
- (28) [files] = noop
- (28) sql: EXPAND %{User-Name}
- (28) sql: --> CORPORATE\\Raspb.P14
- (28) sql: SQL-User-Name set to 'CORPORATE\\Raspb.P14'
- rlm_sql (sql): Reserved connection (13)
- (28) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id
- (28) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'CORPORATE=5C=5CRaspb.P14' ORDER BY id
- (28) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'CORPORATE=5C=5CRaspb.P14' ORDER BY id
- (28) sql: WARNING: User not found in radcheck table.
- (28) sql: EXPAND SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority
- (28) sql: --> SELECT groupname FROM radusergroup WHERE username = 'CORPORATE=5C=5CRaspb.P14' ORDER BY priority
- (28) sql: Executing select query: SELECT groupname FROM radusergroup WHERE username = 'CORPORATE=5C=5CRaspb.P14' ORDER BY priority
- (28) sql: User not found in any groups
- rlm_sql (sql): Released connection (13)
- (28) [sql] = notfound
- rlm_ldap (ldap): Reserved connection (20)
- (28) ldap: EXPAND (sAMAccountName=%{%{Stripped-User-Name}:-%{User-Name}})
- (28) ldap: --> (sAMAccountName=Raspb.P14)
- (28) ldap: Performing search in "dc=corporate,dc=intra" with filter "(sAMAccountName=Raspb.P14)", scope "sub"
- (28) ldap: Waiting for search result...
- rlm_ldap (ldap): Rebinding to URL ldap://DomainDnsZones.corporate.intra/DC=DomainDnsZones,DC=corporate,DC=intra
- rlm_ldap (ldap): Waiting for bind result...
- rlm_ldap (ldap): Rebinding to URL ldap://ForestDnsZones.corporate.intra/DC=ForestDnsZones,DC=corporate,DC=intra
- rlm_ldap (ldap): Waiting for bind result...
- rlm_ldap (ldap): Bind successful
- rlm_ldap (ldap): Bind successful
- (28) ldap: User object found at DN "CN=Raspb.P14,OU=GO Services,OU=Systems_Administration_OU,DC=corporate,DC=intra"
- (28) ldap: Processing user attributes
- (28) ldap: WARNING: No "known good" password added. Ensure the admin user has permission to read the password attribute
- (28) ldap: WARNING: PAP authentication will *NOT* work with Active Directory (if that is what you were trying to configure)
- rlm_ldap (ldap): Deleting connection (20) - Was referred to a different LDAP server
- (28) [ldap] = ok
- (28) [expiration] = noop
- (28) [logintime] = noop
- Not doing PAP as Auth-Type is already set.
- (28) [pap] = noop
- (28) } # authorize = updated
- (28) Found Auth-Type = eap
- (28) # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
- (28) authenticate {
- (28) eap: Expiring EAP session with state 0x2c4eaac22d47b0b4
- (28) eap: Finished EAP session with state 0x2c4eaac22d47b0b4
- (28) eap: Previous EAP request found for state 0x2c4eaac22d47b0b4, released from the list
- (28) eap: Peer sent packet with method EAP MSCHAPv2 (26)
- (28) eap: Calling submodule eap_mschapv2 to process data
- (28) eap: Sending EAP Success (code 3) ID 9 length 4
- (28) eap: Freeing handler
- (28) [eap] = ok
- (28) } # authenticate = ok
- (28) # Executing section post-auth from file /etc/freeradius/sites-enabled/inner-tunnel
- (28) post-auth {
- (28) reply_log: EXPAND /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/reply-detail-%Y%m%d
- (28) reply_log: --> /var/log/freeradius/radacct/10.15.200.15/reply-detail-20210826
- (28) reply_log: /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/reply-detail-%Y%m%d expands to /var/log/freeradius/radacct/10.15.200.15/reply-detail-20210826
- (28) reply_log: EXPAND %t
- (28) reply_log: --> Thu Aug 26 22:36:18 2021
- (28) [reply_log] = ok
- (28) sql: EXPAND .query
- (28) sql: --> .query
- (28) sql: Using query template 'query'
- rlm_sql (sql): Reserved connection (15)
- (28) sql: EXPAND %{User-Name}
- (28) sql: --> CORPORATE\\Raspb.P14
- (28) sql: SQL-User-Name set to 'CORPORATE\\Raspb.P14'
- (28) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate ) VALUES ( '%{SQL-User-Name}', 'Omitted', '%{reply:Packet-Type}', '%S.%M' )
- (28) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate ) VALUES ( 'CORPORATE=5C=5CRaspb.P14', 'Omitted', 'Access-Accept', '2021-08-26 22:36:18.150694' )
- (28) sql: EXPAND /var/log/freeradius/sqllog.sql
- (28) sql: --> /var/log/freeradius/sqllog.sql
- (28) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate ) VALUES ( 'CORPORATE=5C=5CRaspb.P14', 'Omitted', 'Access-Accept', '2021-08-26 22:36:18.150694' )
- (28) sql: SQL query returned: success
- (28) sql: 1 record(s) updated
- rlm_sql (sql): Released connection (15)
- (28) [sql] = ok
- (28) if (0) {
- (28) if (0) -> FALSE
- (28) } # post-auth = ok
- (28) } # server inner-tunnel
- (28) Virtual server sending reply
- (28) MS-MPPE-Encryption-Policy = Encryption-Allowed
- (28) MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
- (28) MS-MPPE-Send-Key = 0x6fcc97fc56f2664af57946c75fd65b3f
- (28) MS-MPPE-Recv-Key = 0xa1adfb9c413b9a2ea82c01fbfdcb048a
- (28) EAP-Message = 0x03090004
- (28) Message-Authenticator = 0x00000000000000000000000000000000
- (28) User-Name = "CORPORATE\\Raspb.P14"
- (28) eap_peap: Got tunneled reply code 2
- (28) eap_peap: MS-MPPE-Encryption-Policy = Encryption-Allowed
- (28) eap_peap: MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
- (28) eap_peap: MS-MPPE-Send-Key = 0x6fcc97fc56f2664af57946c75fd65b3f
- (28) eap_peap: MS-MPPE-Recv-Key = 0xa1adfb9c413b9a2ea82c01fbfdcb048a
- (28) eap_peap: EAP-Message = 0x03090004
- (28) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
- (28) eap_peap: User-Name = "CORPORATE\\Raspb.P14"
- (28) eap_peap: Got tunneled reply RADIUS code 2
- (28) eap_peap: MS-MPPE-Encryption-Policy = Encryption-Allowed
- (28) eap_peap: MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
- (28) eap_peap: MS-MPPE-Send-Key = 0x6fcc97fc56f2664af57946c75fd65b3f
- (28) eap_peap: MS-MPPE-Recv-Key = 0xa1adfb9c413b9a2ea82c01fbfdcb048a
- (28) eap_peap: EAP-Message = 0x03090004
- (28) eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
- (28) eap_peap: User-Name = "CORPORATE\\Raspb.P14"
- (28) eap_peap: Tunneled authentication was successful
- (28) eap_peap: SUCCESS
- (28) eap: Sending EAP Request (code 1) ID 10 length 46
- (28) eap: EAP session adding &reply:State = 0x68ef777160e56ef7
- (28) [eap] = handled
- (28) } # authenticate = handled
- (28) Using Post-Auth-Type Challenge
- (28) # Executing group from file /etc/freeradius/sites-enabled/GO_Live
- (28) Challenge { ... } # empty sub-section is ignored
- (28) session-state: Saving cached attributes
- (28) Framed-MTU = 994
- (28) TLS-Session-Information = "(TLS) recv TLS 1.3 Handshake, ClientHello\n"
- (28) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHello\n"
- (28) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Certificate\n"
- (28) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerKeyExchange\n"
- (28) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHelloDone\n"
- (28) TLS-Session-Information = "(TLS) recv TLS 1.2 Handshake, ClientKeyExchange\n"
- (28) TLS-Session-Information = "(TLS) recv TLS 1.2 Handshake, Finished\n"
- (28) TLS-Session-Information = "(TLS) send TLS 1.2 ChangeCipherSpec\n"
- (28) TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Finished\n"
- (28) TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
- (28) TLS-Session-Version = "TLS 1.2"
- (28) Sent Access-Challenge Id 76 from 172.16.200.253:1812 to 10.15.200.15:61772 length 0
- (28) EAP-Message = 0x010a002e19001703030023e1ae2a7bad0fc69c32ea9d39ba971ea0d1e3a3a430d86474b02204d3a403d08bb9e43b
- (28) Message-Authenticator = 0x00000000000000000000000000000000
- (28) State = 0x68ef777160e56ef72d7f5eed64273179
- (28) Finished request
- Waking up in 4.9 seconds.
- (29) Received Access-Request Id 77 from 10.15.200.15:61772 to 172.16.200.253:1812 length 349
- (29) User-Name = "CORPORATE\\Raspb.P14"
- (29) Service-Type = Framed-User
- (29) Cisco-AVPair = "service-type=Framed"
- (29) Framed-MTU = 1468
- (29) EAP-Message = 0x020a002e1900170303002365d2428980423ce13278d183c5398b295129ba2d247f08b2369bfd683a4480b51a21a1
- (29) Message-Authenticator = 0xff60f56fdbd96a27015bbf77ff967e72
- (29) Cisco-AVPair = "audit-session-id=0FC80F0A000006F3842D78C6"
- (29) Cisco-AVPair = "method=dot1x"
- (29) Cisco-AVPair = "client-iif-id=346278732"
- (29) NAS-IP-Address = 10.15.200.15
- (29) NAS-Port-Id = "FiveGigabitEthernet1/0/15"
- (29) NAS-Port-Type = Ethernet
- (29) NAS-Port = 50115
- (29) State = 0x68ef777160e56ef72d7f5eed64273179
- (29) Calling-Station-Id = "DC-A6-32-A8-8A-D0"
- (29) Called-Station-Id = "34-ED-1B-4B-15-8F"
- (29) Restoring &session-state
- (29) &session-state:Framed-MTU = 994
- (29) &session-state:TLS-Session-Information = "(TLS) recv TLS 1.3 Handshake, ClientHello\n"
- (29) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHello\n"
- (29) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Certificate\n"
- (29) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerKeyExchange\n"
- (29) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, ServerHelloDone\n"
- (29) &session-state:TLS-Session-Information = "(TLS) recv TLS 1.2 Handshake, ClientKeyExchange\n"
- (29) &session-state:TLS-Session-Information = "(TLS) recv TLS 1.2 Handshake, Finished\n"
- (29) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 ChangeCipherSpec\n"
- (29) &session-state:TLS-Session-Information = "(TLS) send TLS 1.2 Handshake, Finished\n"
- (29) &session-state:TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
- (29) &session-state:TLS-Session-Version = "TLS 1.2"
- (29) # Executing section authorize from file /etc/freeradius/sites-enabled/GO_Live
- (29) authorize {
- (29) policy filter_username {
- (29) if (&User-Name) {
- (29) if (&User-Name) -> TRUE
- (29) if (&User-Name) {
- (29) if (&User-Name =~ / /) {
- (29) if (&User-Name =~ / /) -> FALSE
- (29) if (&User-Name =~ /@[^@]*@/ ) {
- (29) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
- (29) if (&User-Name =~ /\.\./ ) {
- (29) if (&User-Name =~ /\.\./ ) -> FALSE
- (29) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
- (29) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
- (29) if (&User-Name =~ /\.$/) {
- (29) if (&User-Name =~ /\.$/) -> FALSE
- (29) if (&User-Name =~ /@\./) {
- (29) if (&User-Name =~ /@\./) -> FALSE
- (29) } # if (&User-Name) = notfound
- (29) } # policy filter_username = notfound
- (29) [preprocess] = ok
- (29) auth_log: EXPAND /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
- (29) auth_log: --> /var/log/freeradius/radacct/10.15.200.15/auth-detail-20210826
- (29) auth_log: /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/10.15.200.15/auth-detail-20210826
- (29) auth_log: EXPAND %t
- (29) auth_log: --> Thu Aug 26 22:36:18 2021
- (29) [auth_log] = ok
- (29) [mschap] = noop
- (29) ntdomain: Checking for prefix before "\"
- (29) ntdomain: Looking up realm "CORPORATE" for User-Name = "CORPORATE\Raspb.P14"
- (29) ntdomain: Found realm "CORPORATE"
- (29) ntdomain: Adding Stripped-User-Name = "Raspb.P14"
- (29) ntdomain: Adding Realm = "CORPORATE"
- (29) ntdomain: Authentication realm is LOCAL
- (29) [ntdomain] = ok
- (29) eap: Peer sent EAP Response (code 2) ID 10 length 46
- (29) eap: Continuing tunnel setup
- (29) [eap] = ok
- (29) } # authorize = ok
- (29) Found Auth-Type = eap
- (29) # Executing group from file /etc/freeradius/sites-enabled/GO_Live
- (29) authenticate {
- (29) eap: Expiring EAP session with state 0x68ef777160e56ef7
- (29) eap: Finished EAP session with state 0x68ef777160e56ef7
- (29) eap: Previous EAP request found for state 0x68ef777160e56ef7, released from the list
- (29) eap: Peer sent packet with method EAP PEAP (25)
- (29) eap: Calling submodule eap_peap to process data
- (29) eap_peap: (TLS) EAP Done initial handshake
- (29) eap_peap: Session established. Decoding tunneled attributes
- (29) eap_peap: PEAP state send tlv success
- (29) eap_peap: Received EAP-TLV response
- (29) eap_peap: Success
- (29) eap: Sending EAP Success (code 3) ID 10 length 4
- (29) eap: Freeing handler
- (29) [eap] = ok
- (29) } # authenticate = ok
- (29) # Executing section post-auth from file /etc/freeradius/sites-enabled/GO_Live
- (29) post-auth {
- (29) if (&Framed-IP-Address =~ /^169\.254\./) {
- (29) ERROR: Failed retrieving values required to evaluate condition
- (29) if (&LDAP-Group == "RSSO - IT - Networking") {
- (29) Searching for user in group "RSSO - IT - Networking"
- rlm_ldap (ldap): Reserved connection (21)
- (29) EXPAND (sAMAccountName=%{%{Stripped-User-Name}:-%{User-Name}})
- (29) --> (sAMAccountName=Raspb.P14)
- (29) Performing search in "dc=corporate,dc=intra" with filter "(sAMAccountName=Raspb.P14)", scope "sub"
- (29) Waiting for search result...
- rlm_ldap (ldap): Rebinding to URL ldap://DomainDnsZones.corporate.intra/DC=DomainDnsZones,DC=corporate,DC=intra
- rlm_ldap (ldap): Waiting for bind result...
- rlm_ldap (ldap): Rebinding to URL ldap://ForestDnsZones.corporate.intra/DC=ForestDnsZones,DC=corporate,DC=intra
- rlm_ldap (ldap): Waiting for bind result...
- rlm_ldap (ldap): Bind successful
- rlm_ldap (ldap): Bind successful
- (29) User object found at DN "CN=Raspb.P14,OU=GO Services,OU=Systems_Administration_OU,DC=corporate,DC=intra"
- (29) Checking user object's memberOf attributes
- (29) Waiting for bind result...
- (29) Bind successful
- (29) Performing unfiltered search in "CN=Raspb.P14,OU=GO Services,OU=Systems_Administration_OU,DC=corporate,DC=intra", scope "base"
- (29) Waiting for search result...
- (29) Processing memberOf value "CN=RSSO - TEC - RaspBerryPi,OU=GO Groups,OU=Users_OU,DC=corporate,DC=intra" as a DN
- (29) Resolving group DN "CN=RSSO - TEC - RaspBerryPi,OU=GO Groups,OU=Users_OU,DC=corporate,DC=intra" to group name
- (29) Performing unfiltered search in "CN=RSSO - TEC - RaspBerryPi,OU=GO Groups,OU=Users_OU,DC=corporate,DC=intra", scope "base"
- (29) Waiting for search result...
- (29) Group DN "CN=RSSO - TEC - RaspBerryPi,OU=GO Groups,OU=Users_OU,DC=corporate,DC=intra" resolves to name "RSSO - TEC - RaspBerryPi"
- rlm_ldap (ldap): Deleting connection (21) - Was referred to a different LDAP server
- (29) User is not a member of "RSSO - IT - Networking"
- (29) if (&LDAP-Group == "RSSO - IT - Networking") -> FALSE
- (29) elsif (LDAP-Group == "RSSO - IT - App Support") {
- (29) Searching for user in group "RSSO - IT - App Support"
- rlm_ldap (ldap): 0 of 0 connections in use. You may need to increase "spare"
- rlm_ldap (ldap): Opening additional connection (22), 1 of 32 pending slots used
- rlm_ldap (ldap): Connecting to ldap://corporate.intra:389
- rlm_ldap (ldap): Waiting for bind result...
- rlm_ldap (ldap): Bind successful
- rlm_ldap (ldap): Reserved connection (22)
- <<escaped more ldap search text from debug>>
- rlm_ldap (ldap): Reserved connection (22)
- (29) Using user DN from request "CN=Raspb.P14,OU=GO Services,OU=Systems_Administration_OU,DC=corporate,DC=intra"
- (29) Checking user object's memberOf attributes
- (29) Performing unfiltered search in "CN=Raspb.P14,OU=GO Services,OU=Systems_Administration_OU,DC=corporate,DC=intra", scope "base"
- (29) Waiting for search result...
- (29) Processing memberOf value "CN=RSSO - TEC - RaspBerryPi,OU=GO Groups,OU=Users_OU,DC=corporate,DC=intra" as a DN
- (29) Resolving group DN "CN=RSSO - TEC - RaspBerryPi,OU=GO Groups,OU=Users_OU,DC=corporate,DC=intra" to group name
- (29) Performing unfiltered search in "CN=RSSO - TEC - RaspBerryPi,OU=GO Groups,OU=Users_OU,DC=corporate,DC=intra", scope "base"
- (29) Waiting for search result...
- (29) Group DN "CN=RSSO - TEC - RaspBerryPi,OU=GO Groups,OU=Users_OU,DC=corporate,DC=intra" resolves to name "RSSO - TEC - RaspBerryPi"
- (29) User found in group "RSSO - TEC - RaspBerryPi". Comparison between membership: name (resolved from DN "CN=RSSO - TEC - RaspBerryPi,OU=GO Groups,OU=Users_OU,DC=corporate,DC=intra"), check: name
- rlm_ldap (ldap): Released connection (22)
- (29) elsif (LDAP-Group == "RSSO - TEC - RaspBerryPi") -> TRUE
- (29) elsif (LDAP-Group == "RSSO - TEC - RaspBerryPi") {
- (29) update Reply {
- (29) Tunnel-Type := VLAN
- (29) Tunnel-Medium-Type := IEEE-802
- (29) Tunnel-Private-Group-Id := "943"
- (29) Class := 0x5253534f2d5445432d5261737042657272795069
- (29) } # update Reply = noop
- (29) } # elsif (LDAP-Group == "RSSO - TEC - RaspBerryPi") = noop
- (29) ... skipping elsif: Preceding "if" was taken
- (29) ... skipping elsif: Preceding "if" was taken
- (29) if (session-state:User-Name && reply:User-Name && request:User-Name && (reply:User-Name == request:User-Name)) {
- (29) if (session-state:User-Name && reply:User-Name && request:User-Name && (reply:User-Name == request:User-Name)) -> FALSE
- (29) update {
- (29) &reply::Framed-MTU += &session-state:Framed-MTU[*] -> 994
- (29) &reply::TLS-Session-Information += &session-state:TLS-Session-Information[*] -> '(TLS) recv TLS 1.3 Handshake, ClientHello '
- (29) &reply::TLS-Session-Information += &session-state:TLS-Session-Information[*] -> '(TLS) send TLS 1.2 Handshake, ServerHello '
- (29) &reply::TLS-Session-Information += &session-state:TLS-Session-Information[*] -> '(TLS) send TLS 1.2 Handshake, Certificate '
- (29) &reply::TLS-Session-Information += &session-state:TLS-Session-Information[*] -> '(TLS) send TLS 1.2 Handshake, ServerKeyExchange '
- (29) &reply::TLS-Session-Information += &session-state:TLS-Session-Information[*] -> '(TLS) send TLS 1.2 Handshake, ServerHelloDone '
- (29) &reply::TLS-Session-Information += &session-state:TLS-Session-Information[*] -> '(TLS) recv TLS 1.2 Handshake, ClientKeyExchange '
- (29) &reply::TLS-Session-Information += &session-state:TLS-Session-Information[*] -> '(TLS) recv TLS 1.2 Handshake, Finished '
- (29) &reply::TLS-Session-Information += &session-state:TLS-Session-Information[*] -> '(TLS) send TLS 1.2 ChangeCipherSpec '
- (29) &reply::TLS-Session-Information += &session-state:TLS-Session-Information[*] -> '(TLS) send TLS 1.2 Handshake, Finished '
- (29) &reply::TLS-Session-Cipher-Suite += &session-state:TLS-Session-Cipher-Suite[*] -> 'ECDHE-RSA-AES256-GCM-SHA384'
- (29) &reply::TLS-Session-Version += &session-state:TLS-Session-Version[*] -> 'TLS 1.2'
- (29) } # update = noop
- (29) reply_log: EXPAND /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/reply-detail-%Y%m%d
- (29) reply_log: --> /var/log/freeradius/radacct/10.15.200.15/reply-detail-20210826
- (29) reply_log: /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/reply-detail-%Y%m%d expands to /var/log/freeradius/radacct/10.15.200.15/reply-detail-20210826
- (29) reply_log: EXPAND %t
- (29) reply_log: --> Thu Aug 26 22:36:18 2021
- (29) [reply_log] = ok
- (29) sql: EXPAND .query
- (29) sql: --> .query
- (29) sql: Using query template 'query'
- rlm_sql (sql): Reserved connection (17)
- (29) sql: EXPAND %{User-Name}
- (29) sql: --> CORPORATE\\Raspb.P14
- (29) sql: SQL-User-Name set to 'CORPORATE\\Raspb.P14'
- (29) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate ) VALUES ( '%{SQL-User-Name}', 'Omitted', '%{reply:Packet-Type}', '%S.%M' )
- (29) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate ) VALUES ( 'CORPORATE=5C=5CRaspb.P14', 'Omitted', 'Access-Accept', '2021-08-26 22:36:18.168110' )
- (29) sql: EXPAND /var/log/freeradius/sqllog.sql
- (29) sql: --> /var/log/freeradius/sqllog.sql
- (29) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate ) VALUES ( 'CORPORATE=5C=5CRaspb.P14', 'Omitted', 'Access-Accept', '2021-08-26 22:36:18.168110' )
- (29) sql: SQL query returned: success
- (29) sql: 1 record(s) updated
- rlm_sql (sql): Released connection (17)
- (29) [sql] = ok
- (29) [exec] = noop
- (29) policy remove_reply_message_if_eap {
- (29) if (&reply:EAP-Message && &reply:Reply-Message) {
- (29) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE
- (29) else {
- (29) [noop] = noop
- (29) } # else = noop
- (29) } # policy remove_reply_message_if_eap = noop
- (29) if (EAP-Key-Name && &reply:EAP-Session-Id) {
- (29) if (EAP-Key-Name && &reply:EAP-Session-Id) -> FALSE
- (29) } # post-auth = ok
- (29) Sent Access-Accept Id 77 from 172.16.200.253:1812 to 10.15.200.15:61772 length 0
- (29) MS-MPPE-Recv-Key = 0xc509355dc56d93d4aa9c6ef2bce30f9ed436192345d42dd91ac1e180007091a1
- (29) MS-MPPE-Send-Key = 0xe271bf04394e6bd945d56b549a73e57671a60b1ed6f6976e58f0c98380ab33e8
- (29) EAP-Message = 0x030a0004
- (29) Message-Authenticator = 0x00000000000000000000000000000000
- (29) User-Name = "CORPORATE\\Raspb.P14"
- (29) Tunnel-Type := VLAN
- (29) Tunnel-Medium-Type := IEEE-802
- (29) Tunnel-Private-Group-Id := "943"
- (29) Class := 0x5253534f2d5445432d5261737042657272795069
- (29) Framed-MTU += 994
- (29) Finished request
- Waking up in 4.8 seconds.
- (20) Cleaning up request packet ID 68 with timestamp +527
- (21) Cleaning up request packet ID 69 with timestamp +527
- (22) Cleaning up request packet ID 70 with timestamp +527
- (23) Cleaning up request packet ID 71 with timestamp +527
- (24) Cleaning up request packet ID 72 with timestamp +527
- (25) Cleaning up request packet ID 73 with timestamp +527
- (26) Cleaning up request packet ID 74 with timestamp +527
- (27) Cleaning up request packet ID 75 with timestamp +527
- (28) Cleaning up request packet ID 76 with timestamp +527
- Waking up in 0.1 seconds.
- (29) Cleaning up request packet ID 77 with timestamp +527
- Ready to process requests
- Ready to process requests
- (75) Received Accounting-Request Id 246 from 10.15.200.15:62985 to 172.16.200.253:1813 length 376
- (75) Framed-IP-Address = 10.15.204.105
- (75) Framed-IPv6-Address = fe80::423c:e86c:af53:897b
- (75) User-Name = "CORPORATE\\Raspb.P14"
- (75) Cisco-AVPair = "audit-session-id=0FC80F0A000006F3842D78C6"
- (75) Cisco-AVPair = "vlan-id=943"
- (75) Cisco-AVPair = "method=dot1x"
- (75) Called-Station-Id = "34-ED-1B-4B-15-8F"
- (75) Calling-Station-Id = "DC-A6-32-A8-8A-D0"
- (75) NAS-IP-Address = 10.15.200.15
- (75) NAS-Port-Id = "FiveGigabitEthernet1/0/15"
- (75) NAS-Port-Type = Ethernet
- (75) NAS-Port = 50115
- (75) Calling-Station-Id = "DC-A6-32-A8-8A-D0"
- (75) NAS-Identifier = "MRS_3rdFlr_NW_SW3_93"
- (75) Called-Station-Id = "34-ED-1B-4B-15-8F"
- (75) Acct-Session-Id = "00000116"
- (75) Acct-Authentic = Remote
- (75) Class = 0x5253534f2d5445432d5261737042657272795069
- (75) Acct-Status-Type = Interim-Update
- (75) Event-Timestamp = "Aug 26 2021 22:56:18 CEST"
- (75) Acct-Input-Octets = 14864970
- (75) Acct-Output-Octets = 0
- (75) Acct-Input-Packets = 110074
- (75) Acct-Output-Packets = 0
- (75) Acct-Delay-Time = 0
- (75) # Executing section preacct from file /etc/freeradius/sites-enabled/GO_Live
- (75) preacct {
- (75) [preprocess] = ok
- (75) policy acct_unique {
- (75) update request {
- (75) &Tmp-String-9 := "ai:"
- (75) } # update request = noop
- (75) if (("%{hex:&Class}" =~ /^%{hex:&Tmp-String-9}/) && ("%{string:&Class}" =~ /^ai:([0-9a-f]{32})/i)) {
- (75) EXPAND %{hex:&Class}
- (75) --> 5253534f2d5445432d5261737042657272795069
- (75) EXPAND ^%{hex:&Tmp-String-9}
- (75) --> ^61693a
- (75) if (("%{hex:&Class}" =~ /^%{hex:&Tmp-String-9}/) && ("%{string:&Class}" =~ /^ai:([0-9a-f]{32})/i)) -> FALSE
- (75) else {
- (75) update request {
- (75) EXPAND %{md5:%{User-Name},%{Acct-Session-ID},%{%{NAS-IPv6-Address}:-%{NAS-IP-Address}},%{NAS-Identifier},%{NAS-Port-ID},%{NAS-Port}}
- (75) --> df588029321131090ffa13b0d81e9e2d
- (75) &Acct-Unique-Session-Id := df588029321131090ffa13b0d81e9e2d
- (75) } # update request = noop
- (75) } # else = noop
- (75) } # policy acct_unique = noop
- (75) ntdomain: Checking for prefix before "\"
- (75) ntdomain: Looking up realm "CORPORATE" for User-Name = "CORPORATE\Raspb.P14"
- (75) ntdomain: Found realm "CORPORATE"
- (75) ntdomain: Adding Stripped-User-Name = "Raspb.P14"
- (75) ntdomain: Adding Realm = "CORPORATE"
- (75) ntdomain: Accounting realm is LOCAL
- (75) [ntdomain] = ok
- (75) [files] = noop
- (75) update control {
- (75) &Replicate-To-Realm += "Realm_FG_1500D_Agg_Users_Acct"
- (75) &Replicate-To-Realm += "Realm_FG_3300E_Datacentre_Acct"
- (75) &Replicate-To-Realm += "Realm_FG_1500D_Users_Acct"
- (75) &Replicate-To-Realm += "Realm_FG_3300E_Headend_Acct"
- (75) &Replicate-To-Realm += "Realm_FG_3300E_STG-DC_Acct"
- (75) &Replicate-To-Realm += "Realm_FG_3300E_ISP-Services_Acct"
- (75) &Replicate-To-Realm += "Realm_FG_3300E_Users-VPN_Acct"
- (75) } # update control = noop
- (75) replicate: Replicating list 'request' to Realm 'Realm_FG_1500D_Agg_Users_Acct'
- (75) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_Datacentre_Acct'
- (75) replicate: Replicating list 'request' to Realm 'Realm_FG_1500D_Users_Acct'
- (75) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_Headend_Acct'
- (75) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_STG-DC_Acct'
- (75) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_ISP-Services_Acct'
- (75) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_Users-VPN_Acct'
- (75) [replicate] = ok
- (75) } # preacct = ok
- (75) # Executing section accounting from file /etc/freeradius/sites-enabled/GO_Live
- (75) accounting {
- (75) detail: EXPAND /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d
- (75) detail: --> /var/log/freeradius/radacct/10.15.200.15/detail-20210826
- (75) detail: /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d expands to /var/log/freeradius/radacct/10.15.200.15/detail-20210826
- (75) detail: EXPAND %t
- (75) detail: --> Thu Aug 26 22:56:19 2021
- (75) [detail] = ok
- (75) [unix] = noop
- (75) sql: EXPAND %{tolower:type.%{%{Acct-Status-Type}:-%{Request-Processing-Stage}}.query}
- (75) sql: --> type.interim-update.query
- (75) sql: Using query template 'query'
- rlm_sql (sql): Reserved connection (46)
- (75) sql: EXPAND %{User-Name}
- (75) sql: --> CORPORATE\\Raspb.P14
- (75) sql: SQL-User-Name set to 'CORPORATE\\Raspb.P14'
- (75) sql: EXPAND UPDATE radacct SET acctupdatetime = (@acctupdatetime_old:=acctupdatetime), acctupdatetime = FROM_UNIXTIME(%{%{integer:Event-Timestamp}:-%l}), acctinterval = %{%{integer:Event-Timestamp}:-%l} - UNIX_TIMESTAMP(@acctupdatetime_old), framedipaddress = '%{Framed-IP-Address}', framedipv6address = '%{Framed-IPv6-Address}', framedipv6prefix = '%{Framed-IPv6-Prefix}', framedinterfaceid = '%{Framed-Interface-Id}', delegatedipv6prefix = '%{Delegated-IPv6-Prefix}', acctsessiontime = %{%{Acct-Session-Time}:-NULL}, acctinputoctets = '%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct-Input-Octets}:-0}', acctoutputoctets = '%{%{Acct-Output-Gigawords}:-0}' << 32 | '%{%{Acct-Output-Octets}:-0}' WHERE AcctUniqueId = '%{Acct-Unique-Session-Id}'
- (75) sql: --> UPDATE radacct SET acctupdatetime = (@acctupdatetime_old:=acctupdatetime), acctupdatetime = FROM_UNIXTIME(1630011378), acctinterval = 1630011378 - UNIX_TIMESTAMP(@acctupdatetime_old), framedipaddress = '10.15.204.105', framedipv6address = 'fe80::423c:e86c:af53:897b', framedipv6prefix = '', framedinterfaceid = '', delegatedipv6prefix = '', acctsessiontime = NULL, acctinputoctets = '0' << 32 | '14864970', acctoutputoctets = '0' << 32 | '0' WHERE AcctUniqueId = 'df588029321131090ffa13b0d81e9e2d'
- (75) sql: EXPAND /var/log/freeradius/sqllog.sql
- (75) sql: --> /var/log/freeradius/sqllog.sql
- (75) sql: Executing query: UPDATE radacct SET acctupdatetime = (@acctupdatetime_old:=acctupdatetime), acctupdatetime = FROM_UNIXTIME(1630011378), acctinterval = 1630011378 - UNIX_TIMESTAMP(@acctupdatetime_old), framedipaddress = '10.15.204.105', framedipv6address = 'fe80::423c:e86c:af53:897b', framedipv6prefix = '', framedinterfaceid = '', delegatedipv6prefix = '', acctsessiontime = NULL, acctinputoctets = '0' << 32 | '14864970', acctoutputoctets = '0' << 32 | '0' WHERE AcctUniqueId = 'df588029321131090ffa13b0d81e9e2d'
- rlm_sql_mysql: Rows matched: 1 Changed: 1 Warnings: 0
- (75) sql: SQL query returned: success
- (75) sql: 1 record(s) updated
- rlm_sql (sql): Released connection (46)
- (75) [sql] = ok
- (75) [exec] = noop
- (75) attr_filter.accounting_response: EXPAND %{User-Name}
- (75) attr_filter.accounting_response: --> CORPORATE\\Raspb.P14
- (75) attr_filter.accounting_response: Matched entry DEFAULT at line 12
- (75) [attr_filter.accounting_response] = updated
- (75) update control {
- (75) &Replicate-To-Realm += "Realm_FG_1500D_Agg_Users_Acct"
- (75) &Replicate-To-Realm += "Realm_FG_3300E_Datacentre_Acct"
- (75) &Replicate-To-Realm += "Realm_FG_1500D_Users_Acct"
- (75) &Replicate-To-Realm += "Realm_FG_3300E_Headend_Acct"
- (75) &Replicate-To-Realm += "Realm_FG_3300E_STG-DC_Acct"
- (75) &Replicate-To-Realm += "Realm_FG_3300E_ISP-Services_Acct"
- (75) &Replicate-To-Realm += "Realm_FG_3300E_Users-VPN_Acct"
- (75) } # update control = noop
- (75) replicate: Replicating list 'request' to Realm 'Realm_FG_1500D_Agg_Users_Acct'
- (75) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_Datacentre_Acct'
- (75) replicate: Replicating list 'request' to Realm 'Realm_FG_1500D_Users_Acct'
- (75) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_Headend_Acct'
- (75) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_STG-DC_Acct'
- (75) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_ISP-Services_Acct'
- (75) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_Users-VPN_Acct'
- (75) replicate: Replicating list 'request' to Realm 'Realm_FG_1500D_Agg_Users_Acct'
- (75) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_Datacentre_Acct'
- (75) replicate: Replicating list 'request' to Realm 'Realm_FG_1500D_Users_Acct'
- (75) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_Headend_Acct'
- (75) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_STG-DC_Acct'
- (75) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_ISP-Services_Acct'
- (75) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_Users-VPN_Acct'
- (75) [replicate] = ok
- (75) } # accounting = updated
- (75) Sent Accounting-Response Id 246 from 172.16.200.253:1813 to 10.15.200.15:62985 length 0
- (75) Finished request
- (75) Cleaning up request packet ID 246 with timestamp +1728
- Ready to process requests
- (76) Received Accounting-Request Id 247 from 10.15.200.15:62985 to 172.16.200.253:1813 length 376
- (76) Framed-IP-Address = 10.15.204.105
- (76) Framed-IPv6-Address = fe80::423c:e86c:af53:897b
- (76) User-Name = "CORPORATE\\Raspb.P14"
- (76) Cisco-AVPair = "audit-session-id=0FC80F0A000006F3842D78C6"
- (76) Cisco-AVPair = "vlan-id=943"
- (76) Cisco-AVPair = "method=dot1x"
- (76) Called-Station-Id = "34-ED-1B-4B-15-8F"
- (76) Calling-Station-Id = "DC-A6-32-A8-8A-D0"
- (76) NAS-IP-Address = 10.15.200.15
- (76) NAS-Port-Id = "FiveGigabitEthernet1/0/15"
- (76) NAS-Port-Type = Ethernet
- (76) NAS-Port = 50115
- (76) Calling-Station-Id = "DC-A6-32-A8-8A-D0"
- (76) NAS-Identifier = "MRS_3rdFlr_NW_SW3_93"
- (76) Called-Station-Id = "34-ED-1B-4B-15-8F"
- (76) Acct-Session-Id = "00000116"
- (76) Acct-Authentic = Remote
- (76) Class = 0x5253534f2d5445432d5261737042657272795069
- (76) Acct-Status-Type = Interim-Update
- (76) Event-Timestamp = "Aug 26 2021 22:56:29 CEST"
- (76) Acct-Input-Octets = 15003058
- (76) Acct-Output-Octets = 0
- (76) Acct-Input-Packets = 111105
- (76) Acct-Output-Packets = 0
- (76) Acct-Delay-Time = 0
- (76) # Executing section preacct from file /etc/freeradius/sites-enabled/GO_Live
- (76) preacct {
- (76) [preprocess] = ok
- (76) policy acct_unique {
- (76) update request {
- (76) &Tmp-String-9 := "ai:"
- (76) } # update request = noop
- (76) if (("%{hex:&Class}" =~ /^%{hex:&Tmp-String-9}/) && ("%{string:&Class}" =~ /^ai:([0-9a-f]{32})/i)) {
- (76) EXPAND %{hex:&Class}
- (76) --> 5253534f2d5445432d5261737042657272795069
- (76) EXPAND ^%{hex:&Tmp-String-9}
- (76) --> ^61693a
- (76) if (("%{hex:&Class}" =~ /^%{hex:&Tmp-String-9}/) && ("%{string:&Class}" =~ /^ai:([0-9a-f]{32})/i)) -> FALSE
- (76) else {
- (76) update request {
- (76) EXPAND %{md5:%{User-Name},%{Acct-Session-ID},%{%{NAS-IPv6-Address}:-%{NAS-IP-Address}},%{NAS-Identifier},%{NAS-Port-ID},%{NAS-Port}}
- (76) --> df588029321131090ffa13b0d81e9e2d
- (76) &Acct-Unique-Session-Id := df588029321131090ffa13b0d81e9e2d
- (76) } # update request = noop
- (76) } # else = noop
- (76) } # policy acct_unique = noop
- (76) ntdomain: Checking for prefix before "\"
- (76) ntdomain: Looking up realm "CORPORATE" for User-Name = "CORPORATE\Raspb.P14"
- (76) ntdomain: Found realm "CORPORATE"
- (76) ntdomain: Adding Stripped-User-Name = "Raspb.P14"
- (76) ntdomain: Adding Realm = "CORPORATE"
- (76) ntdomain: Accounting realm is LOCAL
- (76) [ntdomain] = ok
- (76) [files] = noop
- (76) update control {
- (76) &Replicate-To-Realm += "Realm_FG_1500D_Agg_Users_Acct"
- (76) &Replicate-To-Realm += "Realm_FG_3300E_Datacentre_Acct"
- (76) &Replicate-To-Realm += "Realm_FG_1500D_Users_Acct"
- (76) &Replicate-To-Realm += "Realm_FG_3300E_Headend_Acct"
- (76) &Replicate-To-Realm += "Realm_FG_3300E_STG-DC_Acct"
- (76) &Replicate-To-Realm += "Realm_FG_3300E_ISP-Services_Acct"
- (76) &Replicate-To-Realm += "Realm_FG_3300E_Users-VPN_Acct"
- (76) } # update control = noop
- (76) replicate: Replicating list 'request' to Realm 'Realm_FG_1500D_Agg_Users_Acct'
- (76) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_Datacentre_Acct'
- (76) replicate: Replicating list 'request' to Realm 'Realm_FG_1500D_Users_Acct'
- (76) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_Headend_Acct'
- (76) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_STG-DC_Acct'
- (76) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_ISP-Services_Acct'
- (76) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_Users-VPN_Acct'
- (76) [replicate] = ok
- (76) } # preacct = ok
- (76) # Executing section accounting from file /etc/freeradius/sites-enabled/GO_Live
- (76) accounting {
- (76) detail: EXPAND /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d
- (76) detail: --> /var/log/freeradius/radacct/10.15.200.15/detail-20210826
- (76) detail: /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d expands to /var/log/freeradius/radacct/10.15.200.15/detail-20210826
- (76) detail: EXPAND %t
- (76) detail: --> Thu Aug 26 22:56:29 2021
- (76) [detail] = ok
- (76) [unix] = noop
- (76) sql: EXPAND %{tolower:type.%{%{Acct-Status-Type}:-%{Request-Processing-Stage}}.query}
- (76) sql: --> type.interim-update.query
- (76) sql: Using query template 'query'
- rlm_sql (sql): Reserved connection (48)
- (76) sql: EXPAND %{User-Name}
- (76) sql: --> CORPORATE\\Raspb.P14
- (76) sql: SQL-User-Name set to 'CORPORATE\\Raspb.P14'
- (76) sql: EXPAND UPDATE radacct SET acctupdatetime = (@acctupdatetime_old:=acctupdatetime), acctupdatetime = FROM_UNIXTIME(%{%{integer:Event-Timestamp}:-%l}), acctinterval = %{%{integer:Event-Timestamp}:-%l} - UNIX_TIMESTAMP(@acctupdatetime_old), framedipaddress = '%{Framed-IP-Address}', framedipv6address = '%{Framed-IPv6-Address}', framedipv6prefix = '%{Framed-IPv6-Prefix}', framedinterfaceid = '%{Framed-Interface-Id}', delegatedipv6prefix = '%{Delegated-IPv6-Prefix}', acctsessiontime = %{%{Acct-Session-Time}:-NULL}, acctinputoctets = '%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct-Input-Octets}:-0}', acctoutputoctets = '%{%{Acct-Output-Gigawords}:-0}' << 32 | '%{%{Acct-Output-Octets}:-0}' WHERE AcctUniqueId = '%{Acct-Unique-Session-Id}'
- (76) sql: --> UPDATE radacct SET acctupdatetime = (@acctupdatetime_old:=acctupdatetime), acctupdatetime = FROM_UNIXTIME(1630011389), acctinterval = 1630011389 - UNIX_TIMESTAMP(@acctupdatetime_old), framedipaddress = '10.15.204.105', framedipv6address = 'fe80::423c:e86c:af53:897b', framedipv6prefix = '', framedinterfaceid = '', delegatedipv6prefix = '', acctsessiontime = NULL, acctinputoctets = '0' << 32 | '15003058', acctoutputoctets = '0' << 32 | '0' WHERE AcctUniqueId = 'df588029321131090ffa13b0d81e9e2d'
- (76) sql: EXPAND /var/log/freeradius/sqllog.sql
- (76) sql: --> /var/log/freeradius/sqllog.sql
- (76) sql: Executing query: UPDATE radacct SET acctupdatetime = (@acctupdatetime_old:=acctupdatetime), acctupdatetime = FROM_UNIXTIME(1630011389), acctinterval = 1630011389 - UNIX_TIMESTAMP(@acctupdatetime_old), framedipaddress = '10.15.204.105', framedipv6address = 'fe80::423c:e86c:af53:897b', framedipv6prefix = '', framedinterfaceid = '', delegatedipv6prefix = '', acctsessiontime = NULL, acctinputoctets = '0' << 32 | '15003058', acctoutputoctets = '0' << 32 | '0' WHERE AcctUniqueId = 'df588029321131090ffa13b0d81e9e2d'
- rlm_sql_mysql: Rows matched: 1 Changed: 1 Warnings: 0
- (76) sql: SQL query returned: success
- (76) sql: 1 record(s) updated
- rlm_sql (sql): Released connection (48)
- (76) [sql] = ok
- (76) [exec] = noop
- (76) attr_filter.accounting_response: EXPAND %{User-Name}
- (76) attr_filter.accounting_response: --> CORPORATE\\Raspb.P14
- (76) attr_filter.accounting_response: Matched entry DEFAULT at line 12
- (76) [attr_filter.accounting_response] = updated
- (76) update control {
- (76) &Replicate-To-Realm += "Realm_FG_1500D_Agg_Users_Acct"
- (76) &Replicate-To-Realm += "Realm_FG_3300E_Datacentre_Acct"
- (76) &Replicate-To-Realm += "Realm_FG_1500D_Users_Acct"
- (76) &Replicate-To-Realm += "Realm_FG_3300E_Headend_Acct"
- (76) &Replicate-To-Realm += "Realm_FG_3300E_STG-DC_Acct"
- (76) &Replicate-To-Realm += "Realm_FG_3300E_ISP-Services_Acct"
- (76) &Replicate-To-Realm += "Realm_FG_3300E_Users-VPN_Acct"
- (76) } # update control = noop
- (76) replicate: Replicating list 'request' to Realm 'Realm_FG_1500D_Agg_Users_Acct'
- (76) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_Datacentre_Acct'
- (76) replicate: Replicating list 'request' to Realm 'Realm_FG_1500D_Users_Acct'
- (76) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_Headend_Acct'
- (76) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_STG-DC_Acct'
- (76) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_ISP-Services_Acct'
- (76) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_Users-VPN_Acct'
- (76) replicate: Replicating list 'request' to Realm 'Realm_FG_1500D_Agg_Users_Acct'
- (76) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_Datacentre_Acct'
- (76) replicate: Replicating list 'request' to Realm 'Realm_FG_1500D_Users_Acct'
- (76) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_Headend_Acct'
- (76) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_STG-DC_Acct'
- (76) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_ISP-Services_Acct'
- (76) replicate: Replicating list 'request' to Realm 'Realm_FG_3300E_Users-VPN_Acct'
- (76) [replicate] = ok
- (76) } # accounting = updated
- (76) Sent Accounting-Response Id 247 from 172.16.200.253:1813 to 10.15.200.15:62985 length 0
- (76) Finished request
- (76) Cleaning up request packet ID 247 with timestamp +1738
- Ready to process requests
Add Comment
Please, Sign In to add comment