Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Fri Sep 24 03:03:10 2010 : Info: FreeRADIUS Version 2.1.10, for host
- i686-pc-linux-gnu, built on Sep 24 2010 at 02:24:05
- Fri Sep 24 03:03:10 2010 : Info: Copyright (C) 1999-2009 The FreeRADIUS
- server project and contributors.
- Fri Sep 24 03:03:10 2010 : Info: There is NO warranty; not even for
- MERCHANTABILITY or FITNESS FOR A
- Fri Sep 24 03:03:10 2010 : Info: PARTICULAR PURPOSE.
- Fri Sep 24 03:03:10 2010 : Info: You may redistribute copies of FreeRADIUS
- under the terms of the
- Fri Sep 24 03:03:10 2010 : Info: GNU General Public License v2.
- Fri Sep 24 03:03:10 2010 : Info: Starting - reading configuration files ...
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/radiusd.conf
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/proxy.conf
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/clients.conf
- Fri Sep 24 03:03:10 2010 : Debug: including files in directory
- /usr/local/etc/raddb/modules/
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/counter
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/unix
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/sradutmp
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/krb5
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/exec
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/expr
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/logintime
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/policy
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/pap
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/sqlcounter_expire_on_login
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/always
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/etc_group
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/sql_log
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/inner-eap
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/files
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/pam
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/radutmp
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/opendirectory
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/detail.log
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/dynamic_clients
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/realm
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/expiration
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/linelog
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/detail.example.com
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/smbpasswd
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/wimax
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/digest
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/preprocess
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/mschap
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/mac2vlan
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/perl
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/chap
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/cui
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/attr_rewrite
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/detail
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/attr_filter
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/passwd
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/acct_unique
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/smsotp
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/ntlm_auth
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/ldap
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/mac2ip
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/echo
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/otp
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/checkval
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/modules/ippool
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/eap.conf
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/policy.conf
- Fri Sep 24 03:03:10 2010 : Debug: including files in directory
- /usr/local/etc/raddb/sites-enabled/
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/sites-enabled/inner-tunnel
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:03:10 2010 : Debug: including configuration file
- /usr/local/etc/raddb/sites-enabled/control-socket
- Fri Sep 24 03:03:10 2010 : Debug: main {
- Fri Sep 24 03:03:10 2010 : Debug: allow_core_dumps = no
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: including dictionary file
- /usr/local/etc/raddb/dictionary
- Fri Sep 24 03:03:10 2010 : Debug: main {
- Fri Sep 24 03:03:10 2010 : Debug: prefix = "/usr/local"
- Fri Sep 24 03:03:10 2010 : Debug: localstatedir = "/usr/local/var"
- Fri Sep 24 03:03:10 2010 : Debug: logdir = "/usr/local/var/log/radius"
- Fri Sep 24 03:03:10 2010 : Debug: libdir = "/usr/local/lib"
- Fri Sep 24 03:03:10 2010 : Debug: radacctdir =
- "/usr/local/var/log/radius/radacct"
- Fri Sep 24 03:03:10 2010 : Debug: hostname_lookups = no
- Fri Sep 24 03:03:10 2010 : Debug: max_request_time = 30
- Fri Sep 24 03:03:10 2010 : Debug: cleanup_delay = 5
- Fri Sep 24 03:03:10 2010 : Debug: max_requests = 1024
- Fri Sep 24 03:03:10 2010 : Debug: pidfile =
- "/usr/local/var/run/radiusd/radiusd.pid"
- Fri Sep 24 03:03:10 2010 : Debug: checkrad = "/usr/local/sbin/checkrad"
- Fri Sep 24 03:03:10 2010 : Debug: debug_level = 0
- Fri Sep 24 03:03:10 2010 : Debug: proxy_requests = yes
- Fri Sep 24 03:03:10 2010 : Debug: log {
- Fri Sep 24 03:03:10 2010 : Debug: stripped_names = no
- Fri Sep 24 03:03:10 2010 : Debug: auth = no
- Fri Sep 24 03:03:10 2010 : Debug: auth_badpass = no
- Fri Sep 24 03:03:10 2010 : Debug: auth_goodpass = no
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: security {
- Fri Sep 24 03:03:10 2010 : Debug: max_attributes = 200
- Fri Sep 24 03:03:10 2010 : Debug: reject_delay = 0
- Fri Sep 24 03:03:10 2010 : Debug: status_server = yes
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: radiusd: #### Loading Realms and Home
- Servers ####
- Fri Sep 24 03:03:10 2010 : Debug: proxy server {
- Fri Sep 24 03:03:10 2010 : Debug: retry_delay = 5
- Fri Sep 24 03:03:10 2010 : Debug: retry_count = 3
- Fri Sep 24 03:03:10 2010 : Debug: default_fallback = no
- Fri Sep 24 03:03:10 2010 : Debug: dead_time = 120
- Fri Sep 24 03:03:10 2010 : Debug: wake_all_if_all_dead = no
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: home_server localhost {
- Fri Sep 24 03:03:10 2010 : Debug: ipaddr = 127.0.0.1
- Fri Sep 24 03:03:10 2010 : Debug: port = 1812
- Fri Sep 24 03:03:10 2010 : Debug: type = "auth"
- Fri Sep 24 03:03:10 2010 : Debug: secret = "*********"
- Fri Sep 24 03:03:10 2010 : Debug: response_window = 20
- Fri Sep 24 03:03:10 2010 : Debug: max_outstanding = 65536
- Fri Sep 24 03:03:10 2010 : Debug: require_message_authenticator = no
- Fri Sep 24 03:03:10 2010 : Debug: zombie_period = 40
- Fri Sep 24 03:03:10 2010 : Debug: status_check = "status-server"
- Fri Sep 24 03:03:10 2010 : Debug: ping_interval = 30
- Fri Sep 24 03:03:10 2010 : Debug: check_interval = 30
- Fri Sep 24 03:03:10 2010 : Debug: num_answers_to_alive = 3
- Fri Sep 24 03:03:10 2010 : Debug: num_pings_to_alive = 3
- Fri Sep 24 03:03:10 2010 : Debug: revive_interval = 120
- Fri Sep 24 03:03:10 2010 : Debug: status_check_timeout = 4
- Fri Sep 24 03:03:10 2010 : Debug: irt = 2
- Fri Sep 24 03:03:10 2010 : Debug: mrt = 16
- Fri Sep 24 03:03:10 2010 : Debug: mrc = 5
- Fri Sep 24 03:03:10 2010 : Debug: mrd = 30
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: home_server_pool my_auth_failover {
- Fri Sep 24 03:03:10 2010 : Debug: type = fail-over
- Fri Sep 24 03:03:10 2010 : Debug: home_server = localhost
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: realm example.com {
- Fri Sep 24 03:03:10 2010 : Debug: auth_pool = my_auth_failover
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: realm LOCAL {
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: radiusd: #### Loading Clients ####
- Fri Sep 24 03:03:10 2010 : Debug: client localhost {
- Fri Sep 24 03:03:10 2010 : Debug: ipv6addr = ::1 IPv6 address [::1]
- Fri Sep 24 03:03:10 2010 : Debug: netmask = 128
- Fri Sep 24 03:03:10 2010 : Debug: require_message_authenticator = no
- Fri Sep 24 03:03:10 2010 : Debug: secret = "*********"
- Fri Sep 24 03:03:10 2010 : Debug: nastype = "other"
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: client my_NAS1 {
- Fri Sep 24 03:03:10 2010 : Debug: ipv6addr = 2001:db94::2 IPv6 address
- [2001:db94::2]
- Fri Sep 24 03:03:10 2010 : Debug: netmask = 128
- Fri Sep 24 03:03:10 2010 : Debug: require_message_authenticator = no
- Fri Sep 24 03:03:10 2010 : Debug: secret = "*********"
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: client my_NAS2 {
- Fri Sep 24 03:03:10 2010 : Debug: ipv6addr = 2001:db93::2 IPv6 address
- [2001:db93::2]
- Fri Sep 24 03:03:10 2010 : Debug: netmask = 128
- Fri Sep 24 03:03:10 2010 : Debug: require_message_authenticator = no
- Fri Sep 24 03:03:10 2010 : Debug: secret = "*********"
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: client my_NAS3 {
- Fri Sep 24 03:03:10 2010 : Debug: ipv6addr = 2001:470:0:0::2 IPv6
- address [2001:470:0:0::2]
- Fri Sep 24 03:03:10 2010 : Debug: netmask = 128
- Fri Sep 24 03:03:10 2010 : Debug: require_message_authenticator = no
- Fri Sep 24 03:03:10 2010 : Debug: secret = "*********"
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: radiusd: #### Instantiating modules ####
- Fri Sep 24 03:03:10 2010 : Debug: instantiate {
- Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_exec, checking if it's
- valid)
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_exec
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module "exec"
- from file /usr/local/etc/raddb/modules/exec
- Fri Sep 24 03:03:10 2010 : Debug: exec {
- Fri Sep 24 03:03:10 2010 : Debug: wait = no
- Fri Sep 24 03:03:10 2010 : Debug: input_pairs = "request"
- Fri Sep 24 03:03:10 2010 : Debug: shell_escape = yes
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_expr, checking if it's
- valid)
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_expr
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module "expr"
- from file /usr/local/etc/raddb/modules/expr
- Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_expiration, checking if
- it's valid)
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_expiration
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module
- "expiration" from file /usr/local/etc/raddb/modules/expiration
- Fri Sep 24 03:03:10 2010 : Debug: expiration {
- Fri Sep 24 03:03:10 2010 : Debug: reply-message = "Password Has Expired "
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_logintime, checking if
- it's valid)
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_logintime
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module
- "logintime" from file /usr/local/etc/raddb/modules/logintime
- Fri Sep 24 03:03:10 2010 : Debug: logintime {
- Fri Sep 24 03:03:10 2010 : Debug: reply-message = "You are calling
- outside your allowed timespan "
- Fri Sep 24 03:03:10 2010 : Debug: minimum-timeout = 60
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: radiusd: #### Loading Virtual Servers ####
- Fri Sep 24 03:03:10 2010 : Debug: server inner-tunnel { # from file
- /usr/local/etc/raddb/sites-enabled/inner-tunnel
- Fri Sep 24 03:03:10 2010 : Debug: modules {
- Fri Sep 24 03:03:10 2010 : Debug: Module: Checking authenticate {...} for
- more modules to load
- Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_pap, checking if it's
- valid)
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_pap
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module "pap" from
- file /usr/local/etc/raddb/modules/pap
- Fri Sep 24 03:03:10 2010 : Debug: pap {
- Fri Sep 24 03:03:10 2010 : Debug: encryption_scheme = "auto"
- Fri Sep 24 03:03:10 2010 : Debug: auto_header = no
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_chap, checking if it's
- valid)
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_chap
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module "chap"
- from file /usr/local/etc/raddb/modules/chap
- Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_mschap, checking if it's
- valid)
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_mschap
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module "mschap"
- from file /usr/local/etc/raddb/modules/mschap
- Fri Sep 24 03:03:10 2010 : Debug: mschap {
- Fri Sep 24 03:03:10 2010 : Debug: use_mppe = yes
- Fri Sep 24 03:03:10 2010 : Debug: require_encryption = no
- Fri Sep 24 03:03:10 2010 : Debug: require_strong = no
- Fri Sep 24 03:03:10 2010 : Debug: with_ntdomain_hack = no
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_unix, checking if it's
- valid)
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_unix
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module "unix"
- from file /usr/local/etc/raddb/modules/unix
- Fri Sep 24 03:03:10 2010 : Debug: unix {
- Fri Sep 24 03:03:10 2010 : Debug: radwtmp =
- "/usr/local/var/log/radius/radwtmp"
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_eap, checking if it's
- valid)
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_eap
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module "eap" from
- file /usr/local/etc/raddb/eap.conf
- Fri Sep 24 03:03:10 2010 : Debug: eap {
- Fri Sep 24 03:03:10 2010 : Debug: default_eap_type = "md5"
- Fri Sep 24 03:03:10 2010 : Debug: timer_expire = 60
- Fri Sep 24 03:03:10 2010 : Debug: ignore_unknown_eap_types = no
- Fri Sep 24 03:03:10 2010 : Debug: cisco_accounting_username_bug = no
- Fri Sep 24 03:03:10 2010 : Debug: max_sessions = 4096
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to sub-module rlm_eap_md5
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating eap-md5
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to sub-module rlm_eap_leap
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating eap-leap
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to sub-module rlm_eap_gtc
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating eap-gtc
- Fri Sep 24 03:03:10 2010 : Debug: gtc {
- Fri Sep 24 03:03:10 2010 : Debug: challenge = "Password: "
- Fri Sep 24 03:03:10 2010 : Debug: auth_type = "PAP"
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to sub-module rlm_eap_tls
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating eap-tls
- Fri Sep 24 03:03:10 2010 : Debug: tls {
- Fri Sep 24 03:03:10 2010 : Debug: rsa_key_exchange = no
- Fri Sep 24 03:03:10 2010 : Debug: dh_key_exchange = yes
- Fri Sep 24 03:03:10 2010 : Debug: rsa_key_length = 512
- Fri Sep 24 03:03:10 2010 : Debug: dh_key_length = 512
- Fri Sep 24 03:03:10 2010 : Debug: verify_depth = 0
- Fri Sep 24 03:03:10 2010 : Debug: pem_file_type = yes
- Fri Sep 24 03:03:10 2010 : Debug: private_key_file =
- "/usr/local/etc/raddb/certs/AAASERVERclientkey.pem"
- Fri Sep 24 03:03:10 2010 : Debug: certificate_file =
- "/usr/local/etc/raddb/certs/AAASERVERclientcert.pem"
- Fri Sep 24 03:03:10 2010 : Debug: CA_file =
- "/usr/local/etc/raddb/certs/cacert.pem"
- Fri Sep 24 03:03:10 2010 : Debug: private_key_password = "passwordclient"
- Fri Sep 24 03:03:10 2010 : Debug: dh_file = "/usr/local/etc/raddb/certs/dh"
- Fri Sep 24 03:03:10 2010 : Debug: random_file =
- "/usr/local/etc/raddb/certs/random"
- Fri Sep 24 03:03:10 2010 : Debug: fragment_size = 1024
- Fri Sep 24 03:03:10 2010 : Debug: include_length = yes
- Fri Sep 24 03:03:10 2010 : Debug: check_crl = no
- Fri Sep 24 03:03:10 2010 : Debug: cipher_list = "DEFAULT"
- Fri Sep 24 03:03:10 2010 : Debug: cache {
- Fri Sep 24 03:03:10 2010 : Debug: enable = yes
- Fri Sep 24 03:03:10 2010 : Debug: lifetime = 1
- Fri Sep 24 03:03:10 2010 : Debug: max_entries = 255
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to sub-module rlm_eap_ttls
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating eap-ttls
- Fri Sep 24 03:03:10 2010 : Debug: ttls {
- Fri Sep 24 03:03:10 2010 : Debug: default_eap_type = "md5"
- Fri Sep 24 03:03:10 2010 : Debug: copy_request_to_tunnel = no
- Fri Sep 24 03:03:10 2010 : Debug: use_tunneled_reply = no
- Fri Sep 24 03:03:10 2010 : Debug: virtual_server = "inner-tunnel"
- Fri Sep 24 03:03:10 2010 : Debug: include_length = yes
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to sub-module rlm_eap_peap
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating eap-peap
- Fri Sep 24 03:03:10 2010 : Debug: peap {
- Fri Sep 24 03:03:10 2010 : Debug: default_eap_type = "mschapv2"
- Fri Sep 24 03:03:10 2010 : Debug: copy_request_to_tunnel = no
- Fri Sep 24 03:03:10 2010 : Debug: use_tunneled_reply = no
- Fri Sep 24 03:03:10 2010 : Debug: proxy_tunneled_request_as_eap = yes
- Fri Sep 24 03:03:10 2010 : Debug: virtual_server = "inner-tunnel"
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to sub-module
- rlm_eap_mschapv2
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating eap-mschapv2
- Fri Sep 24 03:03:10 2010 : Debug: mschapv2 {
- Fri Sep 24 03:03:10 2010 : Debug: with_ntdomain_hack = no
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: Module: Checking authorize {...} for
- more modules to load
- Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_realm, checking if it's
- valid)
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_realm
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module "suffix"
- from file /usr/local/etc/raddb/modules/realm
- Fri Sep 24 03:03:10 2010 : Debug: realm suffix {
- Fri Sep 24 03:03:10 2010 : Debug: format = "suffix"
- Fri Sep 24 03:03:10 2010 : Debug: delimiter = "@"
- Fri Sep 24 03:03:10 2010 : Debug: ignore_default = no
- Fri Sep 24 03:03:10 2010 : Debug: ignore_null = no
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_files, checking if it's
- valid)
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_files
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module "files"
- from file /usr/local/etc/raddb/modules/files
- Fri Sep 24 03:03:10 2010 : Debug: files {
- Fri Sep 24 03:03:10 2010 : Debug: usersfile = "/usr/local/etc/raddb/users"
- Fri Sep 24 03:03:10 2010 : Debug: acctusersfile =
- "/usr/local/etc/raddb/acct_users"
- Fri Sep 24 03:03:10 2010 : Debug: preproxy_usersfile =
- "/usr/local/etc/raddb/preproxy_users"
- Fri Sep 24 03:03:10 2010 : Debug: compat = "no"
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: Module: Checking session {...} for more
- modules to load
- Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_radutmp, checking if
- it's valid)
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_radutmp
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module "radutmp"
- from file /usr/local/etc/raddb/modules/radutmp
- Fri Sep 24 03:03:10 2010 : Debug: radutmp {
- Fri Sep 24 03:03:10 2010 : Debug: filename =
- "/usr/local/var/log/radius/radutmp"
- Fri Sep 24 03:03:10 2010 : Debug: username = "%{User-Name}"
- Fri Sep 24 03:03:10 2010 : Debug: case_sensitive = yes
- Fri Sep 24 03:03:10 2010 : Debug: check_with_nas = yes
- Fri Sep 24 03:03:10 2010 : Debug: perm = 384
- Fri Sep 24 03:03:10 2010 : Debug: callerid = yes
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: Module: Checking post-proxy {...} for
- more modules to load
- Fri Sep 24 03:03:10 2010 : Debug: Module: Checking post-auth {...} for
- more modules to load
- Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_attr_filter, checking if
- it's valid)
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_attr_filter
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module
- "attr_filter.access_reject" from file
- /usr/local/etc/raddb/modules/attr_filter
- Fri Sep 24 03:03:10 2010 : Debug: attr_filter attr_filter.access_reject {
- Fri Sep 24 03:03:10 2010 : Debug: attrsfile =
- "/usr/local/etc/raddb/attrs.access_reject"
- Fri Sep 24 03:03:10 2010 : Debug: key = "%{User-Name}"
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: } # modules
- Fri Sep 24 03:03:10 2010 : Debug: } # server
- Fri Sep 24 03:03:10 2010 : Debug: server { # from file
- /usr/local/etc/raddb/radiusd.conf
- Fri Sep 24 03:03:10 2010 : Debug: modules {
- Fri Sep 24 03:03:10 2010 : Debug: Module: Checking authenticate {...} for
- more modules to load
- Fri Sep 24 03:03:10 2010 : Debug: Module: Checking authorize {...} for
- more modules to load
- Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_preprocess, checking if
- it's valid)
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_preprocess
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module
- "preprocess" from file /usr/local/etc/raddb/modules/preprocess
- Fri Sep 24 03:03:10 2010 : Debug: preprocess {
- Fri Sep 24 03:03:10 2010 : Debug: huntgroups =
- "/usr/local/etc/raddb/huntgroups"
- Fri Sep 24 03:03:10 2010 : Debug: hints = "/usr/local/etc/raddb/hints"
- Fri Sep 24 03:03:10 2010 : Debug: with_ascend_hack = no
- Fri Sep 24 03:03:10 2010 : Debug: ascend_channels_per_line = 23
- Fri Sep 24 03:03:10 2010 : Debug: with_ntdomain_hack = no
- Fri Sep 24 03:03:10 2010 : Debug: with_specialix_jetstream_hack = no
- Fri Sep 24 03:03:10 2010 : Debug: with_cisco_vsa_hack = no
- Fri Sep 24 03:03:10 2010 : Debug: with_alvarion_vsa_hack = no
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: Module: Checking preacct {...} for more
- modules to load
- Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_acct_unique, checking if
- it's valid)
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_acct_unique
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module
- "acct_unique" from file /usr/local/etc/raddb/modules/acct_unique
- Fri Sep 24 03:03:10 2010 : Debug: acct_unique {
- Fri Sep 24 03:03:10 2010 : Debug: key = "User-Name, Acct-Session-Id,
- NAS-IP-Address, Client-IP-Address, NAS-Port"
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: Module: Checking accounting {...} for
- more modules to load
- Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_detail, checking if it's
- valid)
- Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_detail
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module "detail"
- from file /usr/local/etc/raddb/modules/detail
- Fri Sep 24 03:03:10 2010 : Debug: detail {
- Fri Sep 24 03:03:10 2010 : Debug: detailfile =
- "/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
- Fri Sep 24 03:03:10 2010 : Debug: header = "%t"
- Fri Sep 24 03:03:10 2010 : Debug: detailperm = 384
- Fri Sep 24 03:03:10 2010 : Debug: dirperm = 493
- Fri Sep 24 03:03:10 2010 : Debug: locking = no
- Fri Sep 24 03:03:10 2010 : Debug: log_packet_header = no
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module
- "attr_filter.accounting_response" from file
- /usr/local/etc/raddb/modules/attr_filter
- Fri Sep 24 03:03:10 2010 : Debug: attr_filter
- attr_filter.accounting_response {
- Fri Sep 24 03:03:10 2010 : Debug: attrsfile =
- "/usr/local/etc/raddb/attrs.accounting_response"
- Fri Sep 24 03:03:10 2010 : Debug: key = "%{User-Name}"
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: Module: Checking session {...} for more
- modules to load
- Fri Sep 24 03:03:10 2010 : Debug: Module: Checking post-proxy {...} for
- more modules to load
- Fri Sep 24 03:03:10 2010 : Debug: Module: Checking post-auth {...} for
- more modules to load
- Fri Sep 24 03:03:10 2010 : Debug: } # modules
- Fri Sep 24 03:03:10 2010 : Debug: } # server
- Fri Sep 24 03:03:10 2010 : Debug: radiusd: #### Opening IP addresses and
- Ports ####
- Fri Sep 24 03:03:10 2010 : Debug: listen {
- Fri Sep 24 03:03:10 2010 : Debug: type = "auth"
- Fri Sep 24 03:03:10 2010 : Debug: ipv6addr = :: IPv6 address [::]
- Fri Sep 24 03:03:10 2010 : Debug: port = 0
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: listen {
- Fri Sep 24 03:03:10 2010 : Debug: type = "acct"
- Fri Sep 24 03:03:10 2010 : Debug: ipv6addr = :: IPv6 address [::]
- Fri Sep 24 03:03:10 2010 : Debug: port = 0
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: listen {
- Fri Sep 24 03:03:10 2010 : Debug: type = "control"
- Fri Sep 24 03:03:10 2010 : Debug: listen {
- Fri Sep 24 03:03:10 2010 : Debug: socket =
- "/usr/local/var/run/radiusd/radiusd.sock"
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: }
- Fri Sep 24 03:03:10 2010 : Debug: Listening on authentication address ::
- port 1812
- Fri Sep 24 03:03:10 2010 : Debug: Listening on accounting address :: port
- 1813
- Fri Sep 24 03:03:10 2010 : Debug: Listening on command file
- /usr/local/var/run/radiusd/radiusd.sock
- Fri Sep 24 03:03:10 2010 : Debug: Listening on proxy address :: port 1814
- Fri Sep 24 03:03:10 2010 : Info: Ready to process requests.
- (snip)
- rad_recv: Access-Request packet from host 2001:db94::2 port 53023, id=1,
- length=189
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db4::2
- NAS-Identifier = "panosAP-TD4"
- NAS-Port = 1
- Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- EAP-Message = 0x02c6000e01616e6f6e796d6f7573
- Message-Authenticator = 0xbc939da0f8f0ae045e3b34aacc8b8f4e
- Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:05:03 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 198
- length 14
- Fri Sep 24 03:05:03 2010 : Info: [eap] No EAP Start, assuming it's an
- on-going EAP conversation
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns updated
- Fri Sep 24 03:05:03 2010 : Info: ++[unix] returns notfound
- Fri Sep 24 03:05:03 2010 : Info: ++[files] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[expiration] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[logintime] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [pap] WARNING! No "known good" password
- found for the user. Authentication may fail because of this.
- Fri Sep 24 03:05:03 2010 : Info: ++[pap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP Identity
- Fri Sep 24 03:05:03 2010 : Info: [eap] processing type md5
- Fri Sep 24 03:05:03 2010 : Debug: rlm_eap_md5: Issuing Challenge
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
- Sending Access-Challenge of id 1 to 2001:db94::2 port 53023
- EAP-Message = 0x01c700160410b24dea7476eef075ebba4dc5b9a1810d
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x99bafb26997dff4e6a5f6a02067ddfc7
- Fri Sep 24 03:05:03 2010 : Info: Finished request 6.
- Fri Sep 24 03:05:03 2010 : Debug: Going to the next request
- Fri Sep 24 03:05:03 2010 : Debug: Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 2001:db94::2 port 53023, id=2,
- length=199
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db4::2
- NAS-Identifier = "panosAP-TD4"
- NAS-Port = 1
- Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- EAP-Message = 0x02c700060315
- State = 0x99bafb26997dff4e6a5f6a02067ddfc7
- Message-Authenticator = 0xbc62a592dd256c3906a7afc1f4bea280
- Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:05:03 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 199
- length 6
- Fri Sep 24 03:05:03 2010 : Info: [eap] No EAP Start, assuming it's an
- on-going EAP conversation
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns updated
- Fri Sep 24 03:05:03 2010 : Info: ++[unix] returns notfound
- Fri Sep 24 03:05:03 2010 : Info: ++[files] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[expiration] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[logintime] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [pap] WARNING! No "known good" password
- found for the user. Authentication may fail because of this.
- Fri Sep 24 03:05:03 2010 : Info: ++[pap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP NAK
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP-NAK asked for EAP-Type/ttls
- Fri Sep 24 03:05:03 2010 : Info: [eap] processing type tls
- Fri Sep 24 03:05:03 2010 : Info: [tls] Flushing SSL sessions (of #0)
- Fri Sep 24 03:05:03 2010 : Info: [tls] Initiate
- Fri Sep 24 03:05:03 2010 : Info: [tls] Start returned 1
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
- Sending Access-Challenge of id 2 to 2001:db94::2 port 53023
- EAP-Message = 0x01c800061520
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x99bafb269872ee4e6a5f6a02067ddfc7
- Fri Sep 24 03:05:03 2010 : Info: Finished request 7.
- Fri Sep 24 03:05:03 2010 : Debug: Going to the next request
- Fri Sep 24 03:05:03 2010 : Debug: Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 2001:db94::2 port 53023, id=3,
- length=324
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db4::2
- NAS-Identifier = "panosAP-TD4"
- NAS-Port = 1
- Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- EAP-Message =
- 0x02c80083150016030100780100007403014c9c0729a84a62c0ca33f7502905ecb2c08507df42a7172259265df7d7ad9e7020abb5e51b3c9ba4b6914ac420be25409297232e70af28eca704f4f4e3d228745a002600390038003500160013000a00330032002f0005000400150012000900140011000800060003020100000400230000
- State = 0x99bafb269872ee4e6a5f6a02067ddfc7
- Message-Authenticator = 0x1e88933acfaa7c848cb66a67b864c705
- Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:05:03 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 200
- length 131
- Fri Sep 24 03:05:03 2010 : Info: [eap] Continuing tunnel setup.
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns ok
- Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP/ttls
- Fri Sep 24 03:05:03 2010 : Info: [eap] processing type ttls
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Authenticate
- Fri Sep 24 03:05:03 2010 : Info: [ttls] processing EAP-TLS
- Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_verify returned 7
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Done initial handshake
- Fri Sep 24 03:05:03 2010 : Info: [ttls] (other): before/accept
- initialization
- Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: before/accept
- initialization
- Fri Sep 24 03:05:03 2010 : Info: [ttls] <<< TLS 1.0 Handshake [length
- 0078], ClientHello
- Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: SSLv3 read client
- hello A
- Fri Sep 24 03:05:03 2010 : Info: [ttls] >>> TLS 1.0 Handshake [length
- 004a], ServerHello
- Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: SSLv3 write server
- hello A
- Fri Sep 24 03:05:03 2010 : Info: [ttls] >>> TLS 1.0 Handshake [length
- 08b3], Certificate
- Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: SSLv3 write
- certificate A
- Fri Sep 24 03:05:03 2010 : Info: [ttls] >>> TLS 1.0 Handshake [length
- 020d], ServerKeyExchange
- Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: SSLv3 write key
- exchange A
- Fri Sep 24 03:05:03 2010 : Info: [ttls] >>> TLS 1.0 Handshake [length
- 0004], ServerHelloDone
- Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: SSLv3 write server
- done A
- Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: SSLv3 flush data
- Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: Need to read more
- data: SSLv3 read client certificate A
- Fri Sep 24 03:05:03 2010 : Debug: In SSL Handshake Phase
- Fri Sep 24 03:05:03 2010 : Debug: In SSL Accept mode
- Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_process returned 13
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
- Sending Access-Challenge of id 3 to 2001:db94::2 port 53023
- EAP-Message =
- 0x01c9040015c000000b22160301004a0200004603014c9c074f0097aa401342bfbcf574f812122ef8b9c51e5bdc71484a48d908d8f0201d6029bbddba233cd443d692b968df093237d9ad982f9ccc8a2defcd3edeb24300390116030108b30b0008af0008ac0004633082045f30820347a003020102020900e8aa5d45ccde0ec2300d06092a864886f70d01010405003081b5310b300906035504061302554b3113301106035504080c0a4c616e636173686972653140303e060355040a0c37563654657374626564202d20436f6d707574696e67204465706172746d656e74202d204c616e63617374657220556e697665727369747931283026060355
- EAP-Message =
- 0x04030c1f43657274696669636174655f417574686f72697479407636746573746265643125302306092a864886f70d010901161670616e6f7340636f6d702e6c616e63732e61632e756b301e170d3130303432333136323330315a170d3230303432303136323330315a3081aa310b300906035504061302554b3113301106035504080c0a4c616e636173686972653140303e060355040a0c37563654657374626564202d20436f6d707574696e67204465706172746d656e74202d204c616e63617374657220556e6976657273697479311d301b06035504030c144141415f534552564552407636746573746265643125302306092a864886f70d01
- EAP-Message =
- 0x0901161670616e6f7340636f6d702e6c616e63732e61632e756b30820122300d06092a864886f70d01010105000382010f003082010a0282010100ee0aeb8ea5d83782523d2dce5297e8905e9fb3fa8c5f59cd3ee7903c9799c9679fa8c00ea9d6a86a195ec3d9bcd1e2dda95d48cd24bae78fef247a53410e45fbb0cfaf26edb8489afdd76d1da0e014ef60e79047d5c7f1055d6081827e1e1116b5c8a93e3aa744d93c65a5f9912735eeb5ebad5338065954c2fa12092a8f18d5e3a864466f3b4e43d6bdc1d42461151462237fdaccdb6a58e0ace9fcd82489e6ebbc24f2e986978856bff2b0c0043cbe680e1db409c30d5d3ef5e9bcc6bf6f58647e
- EAP-Message =
- 0x383eec7be5af4015b8597886a348514437646ee8b77a884eb593301352ddb7debd2669ab0e716cfad0ae1aae57e384bbc0d7fffee5ade1e3d8705e83af0b0203010001a37b307930090603551d1304023000302c06096086480186f842010d041f161d4f70656e53534c2047656e657261746564204365727469666963617465301d0603551d0e04160414cf045dee9ff9839327e2127c1cd2123521276d25301f0603551d23041830168014849d96ce9dce861838218a5b59371fff875735a0300d06092a864886f70d0101040500038201010059ca64550c6349a37715a7a235a35b75cc729c76346541184e00250167552ac941a1ce251a8f4d183a
- EAP-Message = 0x9b34dfc90e812ab8c370f93d
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x99bafb269b73ee4e6a5f6a02067ddfc7
- Fri Sep 24 03:05:03 2010 : Info: Finished request 8.
- Fri Sep 24 03:05:03 2010 : Debug: Going to the next request
- Fri Sep 24 03:05:03 2010 : Debug: Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 2001:db94::2 port 53023, id=4,
- length=199
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db4::2
- NAS-Identifier = "panosAP-TD4"
- NAS-Port = 1
- Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- EAP-Message = 0x02c900061500
- State = 0x99bafb269b73ee4e6a5f6a02067ddfc7
- Message-Authenticator = 0x4a7a4676a9d48d484e7069d4a3419583
- Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:05:03 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 201
- length 6
- Fri Sep 24 03:05:03 2010 : Info: [eap] Continuing tunnel setup.
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns ok
- Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP/ttls
- Fri Sep 24 03:05:03 2010 : Info: [eap] processing type ttls
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Authenticate
- Fri Sep 24 03:05:03 2010 : Info: [ttls] processing EAP-TLS
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Received TLS ACK
- Fri Sep 24 03:05:03 2010 : Info: [ttls] ACK handshake fragment handler
- Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_verify returned 1
- Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_process returned 13
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
- Sending Access-Challenge of id 4 to 2001:db94::2 port 53023
- EAP-Message =
- 0x01ca040015c000000b22b54a717c1c4d5a1534f04ae733127ca0a219db95ff2ed758f7dd656faa980983d7f9307d80bee7f974db5c97a18a53c028c43f13575d65598ff0e9418bc46d8bf9985a676bd0a0b8ecdeeb5f74fc978290752eecb7cb26d5b53b06b51cf7cf9ddaac4f5a5186b51ed94ac48cef701891e1430b2a1b97e46e48340954e2aa8e0ec3f8b1e54c0801c5e5553e3ca6b77e355016dc21bbbdcab0be50576aee230f95c466e8a9ef516e4b31ddf601edaba2dc36d0ec0f600c04db09c58dcfe04a9e934d1a9074e83ba83f870bcb0004433082043f30820327a003020102020900e8aa5d45ccde0ebc300d06092a864886f70d010105
- EAP-Message =
- 0x05003081b5310b300906035504061302554b3113301106035504080c0a4c616e636173686972653140303e060355040a0c37563654657374626564202d20436f6d707574696e67204465706172746d656e74202d204c616e63617374657220556e69766572736974793128302606035504030c1f43657274696669636174655f417574686f72697479407636746573746265643125302306092a864886f70d010901161670616e6f7340636f6d702e6c616e63732e61632e756b301e170d3130303432333136303235315a170d3230303432303136303235315a3081b5310b300906035504061302554b3113301106035504080c0a4c616e6361736869
- EAP-Message =
- 0x72653140303e060355040a0c37563654657374626564202d20436f6d707574696e67204465706172746d656e74202d204c616e63617374657220556e69766572736974793128302606035504030c1f43657274696669636174655f417574686f72697479407636746573746265643125302306092a864886f70d010901161670616e6f7340636f6d702e6c616e63732e61632e756b30820122300d06092a864886f70d01010105000382010f003082010a0282010100d5742265853cfb58e3d8cd30874e23e27bc0877bc78eb20fa83b76b8de968d67d281208c150741a750da0288710eac89b7b8d849664bfcb09ce2025a8b2974f462c3155774ee23
- EAP-Message =
- 0x07f5c9bc2a81b4c6d20035d869cb05bf391ff5f562a09d50669b1810ad91a8a06a59d7e411ee9ce6d8355c43c8aee3d25b3e937197f5b37ceeec9e9a987fb8aa14117c8dd7d6f599dd3be47b9db7bb8410e168e71a7512b22e833072ca1a6f2a9bfbb67c0c189d2eeca7a5f044a01909053c335647f28a09cee0bffbd8723b1406fd3fef247f2d100b0af9100a40ce0f770369461fe366294d9a8a84c7c17e0fc6e567b923af73a604c7b7c6773469f3e9e4921459f1b0e1e50203010001a350304e301d0603551d0e04160414849d96ce9dce861838218a5b59371fff875735a0301f0603551d23041830168014849d96ce9dce861838218a5b59371f
- EAP-Message = 0xff875735a0300c0603551d13
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x99bafb269a70ee4e6a5f6a02067ddfc7
- Fri Sep 24 03:05:03 2010 : Info: Finished request 9.
- Fri Sep 24 03:05:03 2010 : Debug: Going to the next request
- Fri Sep 24 03:05:03 2010 : Debug: Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 2001:db94::2 port 53023, id=5,
- length=199
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db4::2
- NAS-Identifier = "panosAP-TD4"
- NAS-Port = 1
- Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- EAP-Message = 0x02ca00061500
- State = 0x99bafb269a70ee4e6a5f6a02067ddfc7
- Message-Authenticator = 0x391c8d60f8ef90c92e7dde8a33cdc327
- Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:05:03 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 202
- length 6
- Fri Sep 24 03:05:03 2010 : Info: [eap] Continuing tunnel setup.
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns ok
- Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP/ttls
- Fri Sep 24 03:05:03 2010 : Info: [eap] processing type ttls
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Authenticate
- Fri Sep 24 03:05:03 2010 : Info: [ttls] processing EAP-TLS
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Received TLS ACK
- Fri Sep 24 03:05:03 2010 : Info: [ttls] ACK handshake fragment handler
- Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_verify returned 1
- Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_process returned 13
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
- Sending Access-Challenge of id 5 to 2001:db94::2 port 53023
- EAP-Message =
- 0x01cb0340158000000b22040530030101ff300d06092a864886f70d01010505000382010100a6706416cb639e79cd5d5c0376d4ddb46be58ee8d5248e8e6d86caddd81de83a01f43d671760d2086a4e492fc8f5234a557408e20d8e017bee88aacd57826b6722b2045419d0bd420e1b597682971e595a37c43ceb5a9e3461d13f6e4e3a02b3501afe1956456016bd459b24dcebf0a52667ede741be772f3eb8747020aba9c7c078cc473a640ad0c7b7b983d274b6b1c451e9151a85fb8e716e399d293b2dcb6c0fbc4ff8f30d197c252f8050104465acefdfc277a049bba2292a8c0f21793dc843c8f9c835353cc2bd8b4170ea01ace45a61dcf08010d2
- EAP-Message =
- 0xd86da3332fdd40d725ec1761e07c6d9e787e8c322b97f49ef3f6bc328c7a9861e08599150724d889160301020d0c0002090080a5c543e970288dbe9bb99a4eee9877d3afba38f8772ca0f8ffa5f78099716977289be3bb1803e30cf5010acaf7e0c37c8289cb2becd012470f81f55f64de937d1b4e5eccf843f5855485d3000605e0bdd9b8011eba710d73c823c96b5a92085cfb46c538d8d4c829a2b98a0d51b7351d84da1e6a77f2c4a9cad9ede08ddc1a6b0001020080085bac714701d0c7523f13b94fe253867fe343b4f894795e614815a0e49944b36b64fde3b02b545c73a70f4882e8067287f64dae5a00348b9a9dfb5b46ff2a013ef8edb6bd
- EAP-Message =
- 0x8b04cb591ba98b230e3b8b2d43d0f52c2f439cc96a73ea850d74d1d367c134903a7b014865a1242608ac06a5abc66007767fc3039a68abe0e02646010018776bd6c9ff5bb89381863ab760fdc24cd901326cfe8fd0a5727c8f0e9f01a6276754d764fb5f5e9163cbb446927221798ecdd913a3f3d836966bd16f77feb6c5dea214e2c8e1e32d0ff7b3e50313b3d8c34a383d0053bfbd57657c78579a11f7a6fb279f80c8f664bbb36071ad7c641108bbb6ebf0cbe719471b24bd08dca9f0812ab576bf6f8215e6102dee60ba1c5e28ad4a37cd023a9ceef6fd47981074ded80b1bc3b892a2be66fda8dd7e35dd326ed27489e5cc58a7f6b561dec4c44b
- EAP-Message =
- 0x2fb6338654e664af2b8bc66f111a58394c890a6f9b7b10948ea686e856983a594cbf3fc6c1abc802d06d2b1904a310c99a6920df4f477536c68c61fd4390f2bd16030100040e000000
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x99bafb269d71ee4e6a5f6a02067ddfc7
- Fri Sep 24 03:05:03 2010 : Info: Finished request 10.
- Fri Sep 24 03:05:03 2010 : Debug: Going to the next request
- Fri Sep 24 03:05:03 2010 : Debug: Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 2001:db94::2 port 53023, id=6,
- length=397
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db4::2
- NAS-Identifier = "panosAP-TD4"
- NAS-Port = 1
- Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- EAP-Message =
- 0x02cb00cc15001603010086100000820080a59ed1a177c08a8bf477372d4ccaa2dc914ba09985dde949ae05b52d725b8345c130986dc9a908e9103f41a73e4a1934f60cca114cd5c6f731196f0e239a399857266d427f24336da4a9293dc797c4a38c9b55949960d34b60d0262d7e1ed45de73f2fbf8446f16aa0900da601cd2b25cbe9d17c377814b68b0a2cc3c7cdede41403010001011603010030b52939824439a210d12904c64dd406bdae164f5af0f4fb12b527f0bfe4da40d5e5395c00c344d559fa373310602443a9
- State = 0x99bafb269d71ee4e6a5f6a02067ddfc7
- Message-Authenticator = 0xdee49be3b4f823a38c47792bce75d692
- Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:05:03 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 203
- length 204
- Fri Sep 24 03:05:03 2010 : Info: [eap] Continuing tunnel setup.
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns ok
- Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP/ttls
- Fri Sep 24 03:05:03 2010 : Info: [eap] processing type ttls
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Authenticate
- Fri Sep 24 03:05:03 2010 : Info: [ttls] processing EAP-TLS
- Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_verify returned 7
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Done initial handshake
- Fri Sep 24 03:05:03 2010 : Info: [ttls] <<< TLS 1.0 Handshake [length
- 0086], ClientKeyExchange
- Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: SSLv3 read client
- key exchange A
- Fri Sep 24 03:05:03 2010 : Info: [ttls] <<< TLS 1.0 ChangeCipherSpec
- [length 0001]
- Fri Sep 24 03:05:03 2010 : Info: [ttls] <<< TLS 1.0 Handshake [length
- 0010], Finished
- Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: SSLv3 read finished A
- Fri Sep 24 03:05:03 2010 : Info: [ttls] >>> TLS 1.0 ChangeCipherSpec
- [length 0001]
- Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: SSLv3 write change
- cipher spec A
- Fri Sep 24 03:05:03 2010 : Info: [ttls] >>> TLS 1.0 Handshake [length
- 0010], Finished
- Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: SSLv3 write
- finished A
- Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: SSLv3 flush data
- Fri Sep 24 03:05:03 2010 : Debug: SSL: adding session
- 1d6029bbddba233cd443d692b968df093237d9ad982f9ccc8a2defcd3edeb243 to cache
- Fri Sep 24 03:05:03 2010 : Info: [ttls] (other): SSL negotiation
- finished successfully
- Fri Sep 24 03:05:03 2010 : Debug: SSL Connection Established
- Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_process returned 13
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
- Sending Access-Challenge of id 6 to 2001:db94::2 port 53023
- EAP-Message =
- 0x01cc004515800000003b1403010001011603010030bf848bb49cadb5598fbf1f9f5b37b83cf91b47da0ed91fb37798ab7701ba08fc9b0bf3e9822e372604a9471e4ac5f6c1
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x99bafb269c76ee4e6a5f6a02067ddfc7
- Fri Sep 24 03:05:03 2010 : Info: Finished request 11.
- Fri Sep 24 03:05:03 2010 : Debug: Going to the next request
- Fri Sep 24 03:05:03 2010 : Debug: Waking up in 4.7 seconds.
- rad_recv: Access-Request packet from host 2001:db94::2 port 53023, id=7,
- length=289
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db4::2
- NAS-Identifier = "panosAP-TD4"
- NAS-Port = 1
- Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- EAP-Message =
- 0x02cc006015001703010020be70de01c0b538ef6b7d71d20fa7a0ea436bc87c636d40660f9daff6d7f64ecc1703010030314617d6eeb610a58d5eaeb178b8b78e7e474b51ab9c5734d7bb4491a9107f240850ad12c9f1bb01d5898ca8b7b58f96
- State = 0x99bafb269c76ee4e6a5f6a02067ddfc7
- Message-Authenticator = 0x9007bb4b96bca21108b04bd336325f0e
- Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:05:03 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 204
- length 96
- Fri Sep 24 03:05:03 2010 : Info: [eap] Continuing tunnel setup.
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns ok
- Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP/ttls
- Fri Sep 24 03:05:03 2010 : Info: [eap] processing type ttls
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Authenticate
- Fri Sep 24 03:05:03 2010 : Info: [ttls] processing EAP-TLS
- Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_verify returned 7
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Done initial handshake
- Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_process returned 7
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Session established. Proceeding
- to decode tunneled attributes.
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled request
- EAP-Message = 0x0200000801626f62
- FreeRADIUS-Proxied-To = 127.0.0.1
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled identity of bob
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Setting default EAP type for
- tunneled EAP session.
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Sending tunneled request
- EAP-Message = 0x0200000801626f62
- FreeRADIUS-Proxied-To = 127.0.0.1
- User-Name = "bob"
- server inner-tunnel {
- Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/inner-tunnel
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[unix] returns notfound
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name = "bob",
- looking up realm NULL
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[control] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 0 length 8
- Fri Sep 24 03:05:03 2010 : Info: [eap] No EAP Start, assuming it's an
- on-going EAP conversation
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns updated
- Fri Sep 24 03:05:03 2010 : Info: [files] users: Matched entry bob at line 208
- Fri Sep 24 03:05:03 2010 : Info: [files] expand: Hello, %{User-Name} ->
- Hello, bob
- Fri Sep 24 03:05:03 2010 : Info: ++[files] returns ok
- Fri Sep 24 03:05:03 2010 : Info: ++[expiration] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[logintime] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [pap] WARNING: Auth-Type already set.
- Not setting to PAP
- Fri Sep 24 03:05:03 2010 : Info: ++[pap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/inner-tunnel
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP Identity
- Fri Sep 24 03:05:03 2010 : Info: [eap] processing type md5
- Fri Sep 24 03:05:03 2010 : Debug: rlm_eap_md5: Issuing Challenge
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
- } # server inner-tunnel
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled reply code 11
- Reply-Message = "Hello, bob"
- EAP-Message = 0x010100160410580580cf130e9f4af4245cb49a0b4b15
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x016417860165132d66d2ec2917b35457
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled Access-Challenge
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
- Sending Access-Challenge of id 7 to 2001:db94::2 port 53023
- EAP-Message =
- 0x01cd005f158000000055170301005073ef01144acbe69aa347b9d4c2ad4fe9f4c186765e48ac7dc7e611ef7b9306b561508253722e4185e71dcf2119ed7936cd20d76d3aba32fa54b2a34b515268489dd9b09a3c2445851afe58359777348c
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x99bafb269f77ee4e6a5f6a02067ddfc7
- Fri Sep 24 03:05:03 2010 : Info: Finished request 12.
- Fri Sep 24 03:05:03 2010 : Debug: Going to the next request
- Fri Sep 24 03:05:03 2010 : Debug: Waking up in 4.7 seconds.
- rad_recv: Access-Request packet from host 2001:db94::2 port 53023, id=8,
- length=289
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db4::2
- NAS-Identifier = "panosAP-TD4"
- NAS-Port = 1
- Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- EAP-Message =
- 0x02cd0060150017030100204914b182e06f5efa93940b0f609938323cc272cae90bf47efa588b7645789e5317030100307cddfec6d350c88a0b822038615c9fa2fa05a8e18cd3d9f65836ce604ec611ea563620964d290200f091e1242c7548e8
- State = 0x99bafb269f77ee4e6a5f6a02067ddfc7
- Message-Authenticator = 0x2d8e85c0cbc64e9f9dc952bb33b139ec
- Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:05:03 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 205
- length 96
- Fri Sep 24 03:05:03 2010 : Info: [eap] Continuing tunnel setup.
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns ok
- Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP/ttls
- Fri Sep 24 03:05:03 2010 : Info: [eap] processing type ttls
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Authenticate
- Fri Sep 24 03:05:03 2010 : Info: [ttls] processing EAP-TLS
- Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_verify returned 7
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Done initial handshake
- Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_process returned 7
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Session established. Proceeding
- to decode tunneled attributes.
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled request
- EAP-Message = 0x02010006031a
- FreeRADIUS-Proxied-To = 127.0.0.1
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Sending tunneled request
- EAP-Message = 0x02010006031a
- FreeRADIUS-Proxied-To = 127.0.0.1
- User-Name = "bob"
- State = 0x016417860165132d66d2ec2917b35457
- server inner-tunnel {
- Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/inner-tunnel
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[unix] returns notfound
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name = "bob",
- looking up realm NULL
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[control] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 1 length 6
- Fri Sep 24 03:05:03 2010 : Info: [eap] No EAP Start, assuming it's an
- on-going EAP conversation
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns updated
- Fri Sep 24 03:05:03 2010 : Info: [files] users: Matched entry bob at line 208
- Fri Sep 24 03:05:03 2010 : Info: [files] expand: Hello, %{User-Name} ->
- Hello, bob
- Fri Sep 24 03:05:03 2010 : Info: ++[files] returns ok
- Fri Sep 24 03:05:03 2010 : Info: ++[expiration] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[logintime] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [pap] WARNING: Auth-Type already set.
- Not setting to PAP
- Fri Sep 24 03:05:03 2010 : Info: ++[pap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/inner-tunnel
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP NAK
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP-NAK asked for EAP-Type/mschapv2
- Fri Sep 24 03:05:03 2010 : Info: [eap] processing type mschapv2
- Fri Sep 24 03:05:03 2010 : Debug: rlm_eap_mschapv2: Issuing Challenge
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
- } # server inner-tunnel
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled reply code 11
- Reply-Message = "Hello, bob"
- EAP-Message = 0x0102001d1a0102001810d692a2ee05e87393a727b2b73f047a54626f62
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x0164178600660d2d66d2ec2917b35457
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled Access-Challenge
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
- Sending Access-Challenge of id 8 to 2001:db94::2 port 53023
- EAP-Message =
- 0x01ce004f1580000000451703010040799ae6221491ecc092ae92cc7031bc7931adfc645ab832e9244d190fc4d1bcc55570d97d76048dc842df6c0fdbac63564b3106146776a22cf431679cf0948761
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x99bafb269e74ee4e6a5f6a02067ddfc7
- Fri Sep 24 03:05:03 2010 : Info: Finished request 13.
- Fri Sep 24 03:05:03 2010 : Debug: Going to the next request
- Fri Sep 24 03:05:03 2010 : Debug: Waking up in 4.7 seconds.
- rad_recv: Access-Request packet from host 2001:db94::2 port 53023, id=9,
- length=337
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db4::2
- NAS-Identifier = "panosAP-TD4"
- NAS-Port = 1
- Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- EAP-Message =
- 0x02ce00901500170301002081ef17eaa35f86f20388449f822e0b64c0d8d50d16cf8c54c75c50774acbdac0170301006011f1ced1cc2318be21659c7630edc9611b89349e894c8cb425f6a87c85fc1f24c8be6f9b36fcc405ac2471e9bcb531b13c3ac2ebe8c358241ec9460d7d50a1ecc3d89aa5f3175eded4c6c2183efec5cf4aa85babe7848c7b8820047a258ce41c
- State = 0x99bafb269e74ee4e6a5f6a02067ddfc7
- Message-Authenticator = 0xdb5e4e4007c93b2e35761a7c57d498e8
- Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:05:03 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 206
- length 144
- Fri Sep 24 03:05:03 2010 : Info: [eap] Continuing tunnel setup.
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns ok
- Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP/ttls
- Fri Sep 24 03:05:03 2010 : Info: [eap] processing type ttls
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Authenticate
- Fri Sep 24 03:05:03 2010 : Info: [ttls] processing EAP-TLS
- Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_verify returned 7
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Done initial handshake
- Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_process returned 7
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Session established. Proceeding
- to decode tunneled attributes.
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled request
- EAP-Message =
- 0x0202003e1a02020039314b9d0bcb927fd60b15fdc2555060356500000000000000002702cd6a2d5ddc8564a53bb36a1a16650b716636eba5de9600626f62
- FreeRADIUS-Proxied-To = 127.0.0.1
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Sending tunneled request
- EAP-Message =
- 0x0202003e1a02020039314b9d0bcb927fd60b15fdc2555060356500000000000000002702cd6a2d5ddc8564a53bb36a1a16650b716636eba5de9600626f62
- FreeRADIUS-Proxied-To = 127.0.0.1
- User-Name = "bob"
- State = 0x0164178600660d2d66d2ec2917b35457
- server inner-tunnel {
- Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/inner-tunnel
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[unix] returns notfound
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name = "bob",
- looking up realm NULL
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[control] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 2
- length 62
- Fri Sep 24 03:05:03 2010 : Info: [eap] No EAP Start, assuming it's an
- on-going EAP conversation
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns updated
- Fri Sep 24 03:05:03 2010 : Info: [files] users: Matched entry bob at line 208
- Fri Sep 24 03:05:03 2010 : Info: [files] expand: Hello, %{User-Name} ->
- Hello, bob
- Fri Sep 24 03:05:03 2010 : Info: ++[files] returns ok
- Fri Sep 24 03:05:03 2010 : Info: ++[expiration] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[logintime] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [pap] WARNING: Auth-Type already set.
- Not setting to PAP
- Fri Sep 24 03:05:03 2010 : Info: ++[pap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/inner-tunnel
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP/mschapv2
- Fri Sep 24 03:05:03 2010 : Info: [eap] processing type mschapv2
- Fri Sep 24 03:05:03 2010 : Info: [mschapv2] # Executing group from file
- /usr/local/etc/raddb/sites-enabled/inner-tunnel
- Fri Sep 24 03:05:03 2010 : Info: [mschapv2] +- entering group MS-CHAP {...}
- Fri Sep 24 03:05:03 2010 : Info: [mschap] Creating challenge hash with
- username: bob
- Fri Sep 24 03:05:03 2010 : Info: [mschap] Told to do MS-CHAPv2 for bob
- with NT-Password
- Fri Sep 24 03:05:03 2010 : Info: [mschap] adding MS-CHAPv2 MPPE keys
- Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns ok
- Fri Sep 24 03:05:03 2010 : Debug: MSCHAP Success
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
- } # server inner-tunnel
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled reply code 11
- Reply-Message = "Hello, bob"
- EAP-Message =
- 0x010300331a0302002e533d39344246334136303833464235334639423241353046303138353635433346384233303735334443
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x0164178603670d2d66d2ec2917b35457
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled Access-Challenge
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
- Sending Access-Challenge of id 9 to 2001:db94::2 port 53023
- EAP-Message =
- 0x01cf006f158000000065170301006045212d159c98d1f9eba9d87045a131f0fadcfbaf548839ccfe081efc4811a9d14d1ca2aa2cdc120538933193cdd136e40e7e360e7850790de27275d84ceafc19e2022eaf46e38f0ce92798ea388a4e3f9ee3223092330737f900bf92069381a6
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0x99bafb269175ee4e6a5f6a02067ddfc7
- Fri Sep 24 03:05:03 2010 : Info: Finished request 14.
- Fri Sep 24 03:05:03 2010 : Debug: Going to the next request
- Fri Sep 24 03:05:03 2010 : Debug: Waking up in 4.6 seconds.
- rad_recv: Access-Request packet from host 2001:db94::2 port 53023, id=10,
- length=289
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db4::2
- NAS-Identifier = "panosAP-TD4"
- NAS-Port = 1
- Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- EAP-Message =
- 0x02cf0060150017030100209b9d0e23daea35b09b217bec4add24dbdd7f55e8e51ee1b46de2c10498a64eea17030100309f27e2a6d625397b6ca48fde6a56dd9db44f33f7a1a2f4a433aca8f711d608b349baa4e626a7b684d127fa727cf23d61
- State = 0x99bafb269175ee4e6a5f6a02067ddfc7
- Message-Authenticator = 0x42f626a6fd132e932dc5c0dda8f24874
- Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:05:03 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 207
- length 96
- Fri Sep 24 03:05:03 2010 : Info: [eap] Continuing tunnel setup.
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns ok
- Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP/ttls
- Fri Sep 24 03:05:03 2010 : Info: [eap] processing type ttls
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Authenticate
- Fri Sep 24 03:05:03 2010 : Info: [ttls] processing EAP-TLS
- Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_verify returned 7
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Done initial handshake
- Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_process returned 7
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Session established. Proceeding
- to decode tunneled attributes.
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled request
- EAP-Message = 0x020300061a03
- FreeRADIUS-Proxied-To = 127.0.0.1
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Sending tunneled request
- EAP-Message = 0x020300061a03
- FreeRADIUS-Proxied-To = 127.0.0.1
- User-Name = "bob"
- State = 0x0164178603670d2d66d2ec2917b35457
- server inner-tunnel {
- Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/inner-tunnel
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[unix] returns notfound
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name = "bob",
- looking up realm NULL
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[control] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 3 length 6
- Fri Sep 24 03:05:03 2010 : Info: [eap] No EAP Start, assuming it's an
- on-going EAP conversation
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns updated
- Fri Sep 24 03:05:03 2010 : Info: [files] users: Matched entry bob at line 208
- Fri Sep 24 03:05:03 2010 : Info: [files] expand: Hello, %{User-Name} ->
- Hello, bob
- Fri Sep 24 03:05:03 2010 : Info: ++[files] returns ok
- Fri Sep 24 03:05:03 2010 : Info: ++[expiration] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[logintime] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [pap] WARNING: Auth-Type already set.
- Not setting to PAP
- Fri Sep 24 03:05:03 2010 : Info: ++[pap] returns noop
- Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/inner-tunnel
- Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:05:03 2010 : Info: [eap] EAP/mschapv2
- Fri Sep 24 03:05:03 2010 : Info: [eap] processing type mschapv2
- Fri Sep 24 03:05:03 2010 : Info: [eap] Freeing handler
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns ok
- Fri Sep 24 03:05:03 2010 : Info: WARNING: Empty post-auth section.
- Using default return values.
- Fri Sep 24 03:05:03 2010 : Info: # Executing section post-auth from file
- /usr/local/etc/raddb/sites-enabled/inner-tunnel
- } # server inner-tunnel
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled reply code 2
- Reply-Message = "Hello, bob"
- MS-MPPE-Encryption-Policy = 0x00000001
- MS-MPPE-Encryption-Types = 0x00000006
- MS-MPPE-Send-Key = 0x0e862e8c86b378eefa940cf437a147f8
- MS-MPPE-Recv-Key = 0xd701a18f6107c06a01b07b6dd677f587
- EAP-Message = 0x03030004
- Message-Authenticator = 0x00000000000000000000000000000000
- User-Name = "bob"
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled Access-Accept
- Fri Sep 24 03:05:03 2010 : Info: [ttls] Saving response in the cache
- Fri Sep 24 03:05:03 2010 : Info: [ttls] WARNING: No information to cache:
- session caching will be disabled for this session.
- Fri Sep 24 03:05:03 2010 : Debug: SSL: Removing session
- 1d6029bbddba233cd443d692b968df093237d9ad982f9ccc8a2defcd3edeb243 from the
- cache
- Fri Sep 24 03:05:03 2010 : Info: [eap] Freeing handler
- Fri Sep 24 03:05:03 2010 : Debug: rlm_eap_ttls: Freeing handler for user bob
- Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns ok
- Fri Sep 24 03:05:03 2010 : Info: # Executing section post-auth from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group post-auth {...}
- Fri Sep 24 03:05:03 2010 : Info: ++[exec] returns noop
- Sending Access-Accept of id 10 to 2001:db94::2 port 53023
- MS-MPPE-Recv-Key =
- 0x91d4566a07156dbc9e88b2dd3878690cbe92fb778530b8e6cca79ae845842549
- MS-MPPE-Send-Key =
- 0xaf3fec324ed40a8f780737deab4f661c44b3ca9ddb992cc1e45168cae3289798
- EAP-Message = 0x03cf0004
- Message-Authenticator = 0x00000000000000000000000000000000
- User-Name = "anonymous"
- Fri Sep 24 03:05:03 2010 : Info: Finished request 15.
- Fri Sep 24 03:05:03 2010 : Debug: Going to the next request
- Fri Sep 24 03:05:03 2010 : Debug: Waking up in 4.6 seconds.
- rad_recv: Accounting-Request packet from host 2001:db94::2 port 37825,
- id=11, length=180
- Acct-Session-Id = "4C9C079A-00000000"
- Acct-Status-Type = Start
- Acct-Authentic = RADIUS
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db4::2
- NAS-Identifier = "panosAP-TD4"
- NAS-Port = 1
- Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- Fri Sep 24 03:05:03 2010 : Info: # Executing section preacct from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group preacct {...}
- Fri Sep 24 03:05:03 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:05:03 2010 : Info: [acct_unique] WARNING: Attribute
- Client-IP-Address was not found in request, unique ID MAY be inconsistent
- Fri Sep 24 03:05:03 2010 : Info: [acct_unique] WARNING: Attribute
- NAS-IP-Address was not found in request, unique ID MAY be inconsistent
- Fri Sep 24 03:05:03 2010 : Info: [acct_unique] Hashing 'NAS-Port =
- 1,,,Acct-Session-Id = "4C9C079A-00000000",User-Name = "anonymous"'
- Fri Sep 24 03:05:03 2010 : Info: [acct_unique] Acct-Unique-Session-ID =
- "2078f7bf6576f50c".
- Fri Sep 24 03:05:03 2010 : Info: ++[acct_unique] returns ok
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:05:03 2010 : Info: ++[files] returns noop
- Fri Sep 24 03:05:03 2010 : Info: # Executing section accounting from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:05:03 2010 : Info: +- entering group accounting {...}
- Fri Sep 24 03:05:03 2010 : Info: [detail] expand:
- /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d ->
- /usr/local/var/log/radius/radacct//detail-20100924
- Fri Sep 24 03:05:03 2010 : Info: [detail]
- /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
- expands to /usr/local/var/log/radius/radacct//detail-20100924
- Fri Sep 24 03:05:03 2010 : Info: [detail] expand: %t -> Fri Sep 24
- 03:05:03 2010
- Fri Sep 24 03:05:03 2010 : Info: ++[detail] returns ok
- Fri Sep 24 03:05:03 2010 : Info: [unix] IPv6 is not supported!
- Fri Sep 24 03:05:03 2010 : Info: ++[unix] returns noop
- Fri Sep 24 03:05:03 2010 : Debug: rlm_radutmp: IPv6 not supported!
- Fri Sep 24 03:05:03 2010 : Info: ++[radutmp] returns noop
- Fri Sep 24 03:05:03 2010 : Info: [attr_filter.accounting_response]
- expand: %{User-Name} -> anonymous
- Fri Sep 24 03:05:03 2010 : Debug: attr_filter: Matched entry DEFAULT at
- line 12
- Fri Sep 24 03:05:03 2010 : Info: ++[attr_filter.accounting_response]
- returns updated
- Sending Accounting-Response of id 11 to 2001:db94::2 port 37825
- Fri Sep 24 03:05:03 2010 : Info: Finished request 16.
- Fri Sep 24 03:05:03 2010 : Info: Cleaning up request 16 ID 11 with
- timestamp +113
- Fri Sep 24 03:05:03 2010 : Debug: Going to the next request
- Fri Sep 24 03:05:03 2010 : Debug: Waking up in 4.5 seconds.
- Fri Sep 24 03:05:08 2010 : Info: Cleaning up request 6 ID 1 with timestamp
- +113
- Fri Sep 24 03:05:08 2010 : Info: Cleaning up request 7 ID 2 with timestamp
- +113
- Fri Sep 24 03:05:08 2010 : Info: Cleaning up request 8 ID 3 with timestamp
- +113
- Fri Sep 24 03:05:08 2010 : Info: Cleaning up request 9 ID 4 with timestamp
- +113
- Fri Sep 24 03:05:08 2010 : Info: Cleaning up request 10 ID 5 with
- timestamp +113
- Fri Sep 24 03:05:08 2010 : Debug: Waking up in 0.1 seconds.
- Fri Sep 24 03:05:08 2010 : Info: Cleaning up request 11 ID 6 with
- timestamp +113
- Fri Sep 24 03:05:08 2010 : Info: Cleaning up request 12 ID 7 with
- timestamp +113
- Fri Sep 24 03:05:08 2010 : Info: Cleaning up request 13 ID 8 with
- timestamp +113
- Fri Sep 24 03:05:08 2010 : Info: Cleaning up request 14 ID 9 with
- timestamp +113
- Fri Sep 24 03:05:08 2010 : Info: Cleaning up request 15 ID 10 with
- timestamp +113
- Fri Sep 24 03:05:08 2010 : Info: Ready to process requests.
- rad_recv: Accounting-Request packet from host 2001:db94::2 port 37825,
- id=12, length=222
- Acct-Session-Id = "4C9C079A-00000000"
- Acct-Status-Type = Stop
- Acct-Authentic = RADIUS
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db4::2
- NAS-Identifier = "panosAP-TD4"
- NAS-Port = 1
- Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- Acct-Session-Time = 108
- Acct-Input-Packets = 30
- Acct-Output-Packets = 15
- Acct-Input-Octets = 4210
- Acct-Output-Octets = 4298
- Event-Timestamp = "Sep 24 2010 03:09:32 BST"
- Acct-Terminate-Cause = User-Request
- Fri Sep 24 03:06:51 2010 : Info: # Executing section preacct from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:51 2010 : Info: +- entering group preacct {...}
- Fri Sep 24 03:06:51 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:06:51 2010 : Info: [acct_unique] WARNING: Attribute
- Client-IP-Address was not found in request, unique ID MAY be inconsistent
- Fri Sep 24 03:06:51 2010 : Info: [acct_unique] WARNING: Attribute
- NAS-IP-Address was not found in request, unique ID MAY be inconsistent
- Fri Sep 24 03:06:51 2010 : Info: [acct_unique] Hashing 'NAS-Port =
- 1,,,Acct-Session-Id = "4C9C079A-00000000",User-Name = "anonymous"'
- Fri Sep 24 03:06:51 2010 : Info: [acct_unique] Acct-Unique-Session-ID =
- "2078f7bf6576f50c".
- Fri Sep 24 03:06:51 2010 : Info: ++[acct_unique] returns ok
- Fri Sep 24 03:06:51 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:06:51 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:06:51 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:06:51 2010 : Info: ++[files] returns noop
- Fri Sep 24 03:06:51 2010 : Info: # Executing section accounting from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:51 2010 : Info: +- entering group accounting {...}
- Fri Sep 24 03:06:51 2010 : Info: [detail] expand:
- /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d ->
- /usr/local/var/log/radius/radacct//detail-20100924
- Fri Sep 24 03:06:51 2010 : Info: [detail]
- /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
- expands to /usr/local/var/log/radius/radacct//detail-20100924
- Fri Sep 24 03:06:51 2010 : Info: [detail] expand: %t -> Fri Sep 24
- 03:06:51 2010
- Fri Sep 24 03:06:51 2010 : Info: ++[detail] returns ok
- Fri Sep 24 03:06:51 2010 : Info: [unix] IPv6 is not supported!
- Fri Sep 24 03:06:51 2010 : Info: ++[unix] returns noop
- Fri Sep 24 03:06:51 2010 : Debug: rlm_radutmp: IPv6 not supported!
- Fri Sep 24 03:06:51 2010 : Info: ++[radutmp] returns noop
- Fri Sep 24 03:06:51 2010 : Info: [attr_filter.accounting_response]
- expand: %{User-Name} -> anonymous
- Fri Sep 24 03:06:51 2010 : Debug: attr_filter: Matched entry DEFAULT at
- line 12
- Fri Sep 24 03:06:51 2010 : Info: ++[attr_filter.accounting_response]
- returns updated
- Sending Accounting-Response of id 12 to 2001:db94::2 port 37825
- Fri Sep 24 03:06:51 2010 : Info: Finished request 17.
- Fri Sep 24 03:06:51 2010 : Info: Cleaning up request 17 ID 12 with
- timestamp +221
- Fri Sep 24 03:06:51 2010 : Debug: Going to the next request
- Fri Sep 24 03:06:51 2010 : Info: Ready to process requests.
- rad_recv: Access-Request packet from host 2001:db93::2 port 49667, id=1,
- length=190
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db93::2
- NAS-Identifier = "panosAP-MR2"
- NAS-Port = 1
- Called-Station-Id = "00-1C-F0-9D-22-FF:panos_secure2"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- EAP-Message = 0x02c6000e01616e6f6e796d6f7573
- Message-Authenticator = 0x476da40ad82a4621fc9f70edc29b270e
- Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:06:55 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 198
- length 14
- Fri Sep 24 03:06:55 2010 : Info: [eap] No EAP Start, assuming it's an
- on-going EAP conversation
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns updated
- Fri Sep 24 03:06:55 2010 : Info: ++[unix] returns notfound
- Fri Sep 24 03:06:55 2010 : Info: ++[files] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[expiration] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[logintime] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [pap] WARNING! No "known good" password
- found for the user. Authentication may fail because of this.
- Fri Sep 24 03:06:55 2010 : Info: ++[pap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP Identity
- Fri Sep 24 03:06:55 2010 : Info: [eap] processing type md5
- Fri Sep 24 03:06:55 2010 : Debug: rlm_eap_md5: Issuing Challenge
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
- Sending Access-Challenge of id 1 to 2001:db93::2 port 49667
- EAP-Message = 0x01c7001604106a92fd4cb65176b4ffe56008ab18f454
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0xaff1e84caf36ecb5bb2c56933c8275f3
- Fri Sep 24 03:06:55 2010 : Info: Finished request 18.
- Fri Sep 24 03:06:55 2010 : Debug: Going to the next request
- Fri Sep 24 03:06:55 2010 : Debug: Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 2001:db93::2 port 49667, id=2,
- length=200
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db93::2
- NAS-Identifier = "panosAP-MR2"
- NAS-Port = 1
- Called-Station-Id = "00-1C-F0-9D-22-FF:panos_secure2"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- EAP-Message = 0x02c700060315
- State = 0xaff1e84caf36ecb5bb2c56933c8275f3
- Message-Authenticator = 0x517088e29bb4bec052c925ac831105c7
- Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:06:55 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 199
- length 6
- Fri Sep 24 03:06:55 2010 : Info: [eap] No EAP Start, assuming it's an
- on-going EAP conversation
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns updated
- Fri Sep 24 03:06:55 2010 : Info: ++[unix] returns notfound
- Fri Sep 24 03:06:55 2010 : Info: ++[files] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[expiration] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[logintime] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [pap] WARNING! No "known good" password
- found for the user. Authentication may fail because of this.
- Fri Sep 24 03:06:55 2010 : Info: ++[pap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP NAK
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP-NAK asked for EAP-Type/ttls
- Fri Sep 24 03:06:55 2010 : Info: [eap] processing type tls
- Fri Sep 24 03:06:55 2010 : Info: [tls] Initiate
- Fri Sep 24 03:06:55 2010 : Info: [tls] Start returned 1
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
- Sending Access-Challenge of id 2 to 2001:db93::2 port 49667
- EAP-Message = 0x01c800061520
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0xaff1e84cae39fdb5bb2c56933c8275f3
- Fri Sep 24 03:06:55 2010 : Info: Finished request 19.
- Fri Sep 24 03:06:55 2010 : Debug: Going to the next request
- Fri Sep 24 03:06:55 2010 : Debug: Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 2001:db93::2 port 49667, id=3,
- length=325
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db93::2
- NAS-Identifier = "panosAP-MR2"
- NAS-Port = 1
- Called-Station-Id = "00-1C-F0-9D-22-FF:panos_secure2"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- EAP-Message =
- 0x02c80083150016030100780100007403014c9c0799307635daf8a089e7d879144e57c1c991f353548fe2de5daf8393cc6e201d6029bbddba233cd443d692b968df093237d9ad982f9ccc8a2defcd3edeb243002600390038003500160013000a00330032002f0005000400150012000900140011000800060003020100000400230000
- State = 0xaff1e84cae39fdb5bb2c56933c8275f3
- Message-Authenticator = 0xbc77bb511c10e5e10ef4000caea44a1d
- Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:06:55 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 200
- length 131
- Fri Sep 24 03:06:55 2010 : Info: [eap] Continuing tunnel setup.
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns ok
- Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP/ttls
- Fri Sep 24 03:06:55 2010 : Info: [eap] processing type ttls
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Authenticate
- Fri Sep 24 03:06:55 2010 : Info: [ttls] processing EAP-TLS
- Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_verify returned 7
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Done initial handshake
- Fri Sep 24 03:06:55 2010 : Info: [ttls] (other): before/accept
- initialization
- Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: before/accept
- initialization
- Fri Sep 24 03:06:55 2010 : Info: [ttls] <<< TLS 1.0 Handshake [length
- 0078], ClientHello
- Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: SSLv3 read client
- hello A
- Fri Sep 24 03:06:55 2010 : Info: [ttls] >>> TLS 1.0 Handshake [length
- 004a], ServerHello
- Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: SSLv3 write server
- hello A
- Fri Sep 24 03:06:55 2010 : Info: [ttls] >>> TLS 1.0 Handshake [length
- 08b3], Certificate
- Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: SSLv3 write
- certificate A
- Fri Sep 24 03:06:55 2010 : Info: [ttls] >>> TLS 1.0 Handshake [length
- 020d], ServerKeyExchange
- Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: SSLv3 write key
- exchange A
- Fri Sep 24 03:06:55 2010 : Info: [ttls] >>> TLS 1.0 Handshake [length
- 0004], ServerHelloDone
- Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: SSLv3 write server
- done A
- Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: SSLv3 flush data
- Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: Need to read more
- data: SSLv3 read client certificate A
- Fri Sep 24 03:06:55 2010 : Debug: In SSL Handshake Phase
- Fri Sep 24 03:06:55 2010 : Debug: In SSL Accept mode
- Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_process returned 13
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
- Sending Access-Challenge of id 3 to 2001:db93::2 port 49667
- EAP-Message =
- 0x01c9040015c000000b22160301004a0200004603014c9c07bf5d3eac966232db81394677734520bab4adae4b6c25ffdd48fa6466b22069c204b29e84878591c19645ed74c1ff4b656c30f66adad78d268df65d2e1d1400390116030108b30b0008af0008ac0004633082045f30820347a003020102020900e8aa5d45ccde0ec2300d06092a864886f70d01010405003081b5310b300906035504061302554b3113301106035504080c0a4c616e636173686972653140303e060355040a0c37563654657374626564202d20436f6d707574696e67204465706172746d656e74202d204c616e63617374657220556e697665727369747931283026060355
- EAP-Message =
- 0x04030c1f43657274696669636174655f417574686f72697479407636746573746265643125302306092a864886f70d010901161670616e6f7340636f6d702e6c616e63732e61632e756b301e170d3130303432333136323330315a170d3230303432303136323330315a3081aa310b300906035504061302554b3113301106035504080c0a4c616e636173686972653140303e060355040a0c37563654657374626564202d20436f6d707574696e67204465706172746d656e74202d204c616e63617374657220556e6976657273697479311d301b06035504030c144141415f534552564552407636746573746265643125302306092a864886f70d01
- EAP-Message =
- 0x0901161670616e6f7340636f6d702e6c616e63732e61632e756b30820122300d06092a864886f70d01010105000382010f003082010a0282010100ee0aeb8ea5d83782523d2dce5297e8905e9fb3fa8c5f59cd3ee7903c9799c9679fa8c00ea9d6a86a195ec3d9bcd1e2dda95d48cd24bae78fef247a53410e45fbb0cfaf26edb8489afdd76d1da0e014ef60e79047d5c7f1055d6081827e1e1116b5c8a93e3aa744d93c65a5f9912735eeb5ebad5338065954c2fa12092a8f18d5e3a864466f3b4e43d6bdc1d42461151462237fdaccdb6a58e0ace9fcd82489e6ebbc24f2e986978856bff2b0c0043cbe680e1db409c30d5d3ef5e9bcc6bf6f58647e
- EAP-Message =
- 0x383eec7be5af4015b8597886a348514437646ee8b77a884eb593301352ddb7debd2669ab0e716cfad0ae1aae57e384bbc0d7fffee5ade1e3d8705e83af0b0203010001a37b307930090603551d1304023000302c06096086480186f842010d041f161d4f70656e53534c2047656e657261746564204365727469666963617465301d0603551d0e04160414cf045dee9ff9839327e2127c1cd2123521276d25301f0603551d23041830168014849d96ce9dce861838218a5b59371fff875735a0300d06092a864886f70d0101040500038201010059ca64550c6349a37715a7a235a35b75cc729c76346541184e00250167552ac941a1ce251a8f4d183a
- EAP-Message = 0x9b34dfc90e812ab8c370f93d
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0xaff1e84cad38fdb5bb2c56933c8275f3
- Fri Sep 24 03:06:55 2010 : Info: Finished request 20.
- Fri Sep 24 03:06:55 2010 : Debug: Going to the next request
- Fri Sep 24 03:06:55 2010 : Debug: Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 2001:db93::2 port 49667, id=4,
- length=200
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db93::2
- NAS-Identifier = "panosAP-MR2"
- NAS-Port = 1
- Called-Station-Id = "00-1C-F0-9D-22-FF:panos_secure2"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- EAP-Message = 0x02c900061500
- State = 0xaff1e84cad38fdb5bb2c56933c8275f3
- Message-Authenticator = 0x3dbce4e127e7652498b772996d75cc36
- Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:06:55 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 201
- length 6
- Fri Sep 24 03:06:55 2010 : Info: [eap] Continuing tunnel setup.
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns ok
- Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP/ttls
- Fri Sep 24 03:06:55 2010 : Info: [eap] processing type ttls
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Authenticate
- Fri Sep 24 03:06:55 2010 : Info: [ttls] processing EAP-TLS
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Received TLS ACK
- Fri Sep 24 03:06:55 2010 : Info: [ttls] ACK handshake fragment handler
- Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_verify returned 1
- Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_process returned 13
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
- Sending Access-Challenge of id 4 to 2001:db93::2 port 49667
- EAP-Message =
- 0x01ca040015c000000b22b54a717c1c4d5a1534f04ae733127ca0a219db95ff2ed758f7dd656faa980983d7f9307d80bee7f974db5c97a18a53c028c43f13575d65598ff0e9418bc46d8bf9985a676bd0a0b8ecdeeb5f74fc978290752eecb7cb26d5b53b06b51cf7cf9ddaac4f5a5186b51ed94ac48cef701891e1430b2a1b97e46e48340954e2aa8e0ec3f8b1e54c0801c5e5553e3ca6b77e355016dc21bbbdcab0be50576aee230f95c466e8a9ef516e4b31ddf601edaba2dc36d0ec0f600c04db09c58dcfe04a9e934d1a9074e83ba83f870bcb0004433082043f30820327a003020102020900e8aa5d45ccde0ebc300d06092a864886f70d010105
- EAP-Message =
- 0x05003081b5310b300906035504061302554b3113301106035504080c0a4c616e636173686972653140303e060355040a0c37563654657374626564202d20436f6d707574696e67204465706172746d656e74202d204c616e63617374657220556e69766572736974793128302606035504030c1f43657274696669636174655f417574686f72697479407636746573746265643125302306092a864886f70d010901161670616e6f7340636f6d702e6c616e63732e61632e756b301e170d3130303432333136303235315a170d3230303432303136303235315a3081b5310b300906035504061302554b3113301106035504080c0a4c616e6361736869
- EAP-Message =
- 0x72653140303e060355040a0c37563654657374626564202d20436f6d707574696e67204465706172746d656e74202d204c616e63617374657220556e69766572736974793128302606035504030c1f43657274696669636174655f417574686f72697479407636746573746265643125302306092a864886f70d010901161670616e6f7340636f6d702e6c616e63732e61632e756b30820122300d06092a864886f70d01010105000382010f003082010a0282010100d5742265853cfb58e3d8cd30874e23e27bc0877bc78eb20fa83b76b8de968d67d281208c150741a750da0288710eac89b7b8d849664bfcb09ce2025a8b2974f462c3155774ee23
- EAP-Message =
- 0x07f5c9bc2a81b4c6d20035d869cb05bf391ff5f562a09d50669b1810ad91a8a06a59d7e411ee9ce6d8355c43c8aee3d25b3e937197f5b37ceeec9e9a987fb8aa14117c8dd7d6f599dd3be47b9db7bb8410e168e71a7512b22e833072ca1a6f2a9bfbb67c0c189d2eeca7a5f044a01909053c335647f28a09cee0bffbd8723b1406fd3fef247f2d100b0af9100a40ce0f770369461fe366294d9a8a84c7c17e0fc6e567b923af73a604c7b7c6773469f3e9e4921459f1b0e1e50203010001a350304e301d0603551d0e04160414849d96ce9dce861838218a5b59371fff875735a0301f0603551d23041830168014849d96ce9dce861838218a5b59371f
- EAP-Message = 0xff875735a0300c0603551d13
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0xaff1e84cac3bfdb5bb2c56933c8275f3
- Fri Sep 24 03:06:55 2010 : Info: Finished request 21.
- Fri Sep 24 03:06:55 2010 : Debug: Going to the next request
- Fri Sep 24 03:06:55 2010 : Debug: Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 2001:db93::2 port 49667, id=5,
- length=200
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db93::2
- NAS-Identifier = "panosAP-MR2"
- NAS-Port = 1
- Called-Station-Id = "00-1C-F0-9D-22-FF:panos_secure2"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- EAP-Message = 0x02ca00061500
- State = 0xaff1e84cac3bfdb5bb2c56933c8275f3
- Message-Authenticator = 0xd230b34c4dc6f0069398330675718a52
- Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:06:55 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 202
- length 6
- Fri Sep 24 03:06:55 2010 : Info: [eap] Continuing tunnel setup.
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns ok
- Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP/ttls
- Fri Sep 24 03:06:55 2010 : Info: [eap] processing type ttls
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Authenticate
- Fri Sep 24 03:06:55 2010 : Info: [ttls] processing EAP-TLS
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Received TLS ACK
- Fri Sep 24 03:06:55 2010 : Info: [ttls] ACK handshake fragment handler
- Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_verify returned 1
- Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_process returned 13
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
- Sending Access-Challenge of id 5 to 2001:db93::2 port 49667
- EAP-Message =
- 0x01cb0340158000000b22040530030101ff300d06092a864886f70d01010505000382010100a6706416cb639e79cd5d5c0376d4ddb46be58ee8d5248e8e6d86caddd81de83a01f43d671760d2086a4e492fc8f5234a557408e20d8e017bee88aacd57826b6722b2045419d0bd420e1b597682971e595a37c43ceb5a9e3461d13f6e4e3a02b3501afe1956456016bd459b24dcebf0a52667ede741be772f3eb8747020aba9c7c078cc473a640ad0c7b7b983d274b6b1c451e9151a85fb8e716e399d293b2dcb6c0fbc4ff8f30d197c252f8050104465acefdfc277a049bba2292a8c0f21793dc843c8f9c835353cc2bd8b4170ea01ace45a61dcf08010d2
- EAP-Message =
- 0xd86da3332fdd40d725ec1761e07c6d9e787e8c322b97f49ef3f6bc328c7a9861e08599150724d889160301020d0c0002090080a5c543e970288dbe9bb99a4eee9877d3afba38f8772ca0f8ffa5f78099716977289be3bb1803e30cf5010acaf7e0c37c8289cb2becd012470f81f55f64de937d1b4e5eccf843f5855485d3000605e0bdd9b8011eba710d73c823c96b5a92085cfb46c538d8d4c829a2b98a0d51b7351d84da1e6a77f2c4a9cad9ede08ddc1a6b0001020080689b60d0842c49efe7660824f3a75547684e21a6d7b963bdc027de7283d526ad6b204b5570d36bb5025c1f7a6cf8348fcf2417f13b9d252ae80f3c3a3c0172af61e5fb17e6
- EAP-Message =
- 0x0cdc50b8dd5ee1bcbfc4ed906c8c15dcf9d01bb6687b36ef6af2a89e0f6c0691c1a297382dc75d644aa24d59aee30c2f43c304d17a4a4e510808790100b3dfd1c9c34d66c0ee194c7a73004b51afc9ab45df80fe2a22f20a3798ac5ee9dde3ef913c5ba8f8bb5efc3b3ced62bfdb16bb974d385a6b943449ef9ee158e2c2b06f41519d5afadb99169f5ed7d19c4a2e4ab3051ce02641fb5b613117e6a169e0936bb8670443ab547412fadb9094e79480a198fc70bad82471f056a3746a96a998a55e47db7702aa66d8fef7cd3c3be4eb58ed82f24aefd582d0b5384ec238b26c156e7232da5d4c0f7206d1b1e6d43a5f95ed7dcca7d29dfb157b7e5075
- EAP-Message =
- 0x5c4784407b129b0ac7cf20e28afe1145be7186b6c4b8b4dd3e6f3fe55940fd7b4558109c8b3bc71f521772ea4c68cb0611beec3355f5c83264aa477fafb938da16030100040e000000
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0xaff1e84cab3afdb5bb2c56933c8275f3
- Fri Sep 24 03:06:55 2010 : Info: Finished request 22.
- Fri Sep 24 03:06:55 2010 : Debug: Going to the next request
- Fri Sep 24 03:06:55 2010 : Debug: Waking up in 4.9 seconds.
- rad_recv: Access-Request packet from host 2001:db93::2 port 49667, id=6,
- length=398
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db93::2
- NAS-Identifier = "panosAP-MR2"
- NAS-Port = 1
- Called-Station-Id = "00-1C-F0-9D-22-FF:panos_secure2"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- EAP-Message =
- 0x02cb00cc1500160301008610000082008091e67232e4a8d43d1a5dab6a356c24d193fe3a7d371c1e32425fee8fcec58a2adfe36b0b2457dea7d165ea9aa7fe8f0e6b75ff3ba8dbcc1a9c5c8727b5232170b91527aff29d8e228dc30a5002695560204a457be5b603366a1a00a065a7eee21d0ff73d4059171037c7bd42deeeddac9ef710cf72de6c47101eb4311d489f80140301000101160301003035000c8eb7309040534d659e9da84b67ae5f520c15023a70971e32c94f7c89c705167f36639b77cb80ae1e90f6ba245a
- State = 0xaff1e84cab3afdb5bb2c56933c8275f3
- Message-Authenticator = 0x90d642f99f8ed29ccad6af4727438ad5
- Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:06:55 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 203
- length 204
- Fri Sep 24 03:06:55 2010 : Info: [eap] Continuing tunnel setup.
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns ok
- Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP/ttls
- Fri Sep 24 03:06:55 2010 : Info: [eap] processing type ttls
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Authenticate
- Fri Sep 24 03:06:55 2010 : Info: [ttls] processing EAP-TLS
- Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_verify returned 7
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Done initial handshake
- Fri Sep 24 03:06:55 2010 : Info: [ttls] <<< TLS 1.0 Handshake [length
- 0086], ClientKeyExchange
- Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: SSLv3 read client
- key exchange A
- Fri Sep 24 03:06:55 2010 : Info: [ttls] <<< TLS 1.0 ChangeCipherSpec
- [length 0001]
- Fri Sep 24 03:06:55 2010 : Info: [ttls] <<< TLS 1.0 Handshake [length
- 0010], Finished
- Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: SSLv3 read finished A
- Fri Sep 24 03:06:55 2010 : Info: [ttls] >>> TLS 1.0 ChangeCipherSpec
- [length 0001]
- Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: SSLv3 write change
- cipher spec A
- Fri Sep 24 03:06:55 2010 : Info: [ttls] >>> TLS 1.0 Handshake [length
- 0010], Finished
- Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: SSLv3 write
- finished A
- Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: SSLv3 flush data
- Fri Sep 24 03:06:55 2010 : Debug: SSL: adding session
- 69c204b29e84878591c19645ed74c1ff4b656c30f66adad78d268df65d2e1d14 to cache
- Fri Sep 24 03:06:55 2010 : Info: [ttls] (other): SSL negotiation
- finished successfully
- Fri Sep 24 03:06:55 2010 : Debug: SSL Connection Established
- Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_process returned 13
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
- Sending Access-Challenge of id 6 to 2001:db93::2 port 49667
- EAP-Message =
- 0x01cc004515800000003b1403010001011603010030c15a5c33615dc708af694cdac7ea4a1d9574181114b8dc5d06640f9b54f1ad45898fcf10f04c4e40856c75f1aeb60c6b
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0xaff1e84caa3dfdb5bb2c56933c8275f3
- Fri Sep 24 03:06:55 2010 : Info: Finished request 23.
- Fri Sep 24 03:06:55 2010 : Debug: Going to the next request
- Fri Sep 24 03:06:55 2010 : Debug: Waking up in 4.8 seconds.
- rad_recv: Access-Request packet from host 2001:db93::2 port 49667, id=7,
- length=290
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db93::2
- NAS-Identifier = "panosAP-MR2"
- NAS-Port = 1
- Called-Station-Id = "00-1C-F0-9D-22-FF:panos_secure2"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- EAP-Message =
- 0x02cc006015001703010020ed8d6cc4f6dd4cf77ba03035fc780a3eea8bf767882b6fed37e0fb9909e0c9ca17030100305d0db2e22560aa385ec2921ad94bbec29b1aac58f2e18fbbe38ae014cfa325fb8602774d9779de78cca99c93722717b6
- State = 0xaff1e84caa3dfdb5bb2c56933c8275f3
- Message-Authenticator = 0x00ec82537df67437161837129a80e00b
- Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:06:55 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 204
- length 96
- Fri Sep 24 03:06:55 2010 : Info: [eap] Continuing tunnel setup.
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns ok
- Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP/ttls
- Fri Sep 24 03:06:55 2010 : Info: [eap] processing type ttls
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Authenticate
- Fri Sep 24 03:06:55 2010 : Info: [ttls] processing EAP-TLS
- Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_verify returned 7
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Done initial handshake
- Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_process returned 7
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Session established. Proceeding
- to decode tunneled attributes.
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled request
- EAP-Message = 0x0200000801626f62
- FreeRADIUS-Proxied-To = 127.0.0.1
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled identity of bob
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Setting default EAP type for
- tunneled EAP session.
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Sending tunneled request
- EAP-Message = 0x0200000801626f62
- FreeRADIUS-Proxied-To = 127.0.0.1
- User-Name = "bob"
- server inner-tunnel {
- Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/inner-tunnel
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[unix] returns notfound
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name = "bob",
- looking up realm NULL
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[control] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 0 length 8
- Fri Sep 24 03:06:55 2010 : Info: [eap] No EAP Start, assuming it's an
- on-going EAP conversation
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns updated
- Fri Sep 24 03:06:55 2010 : Info: [files] users: Matched entry bob at line 208
- Fri Sep 24 03:06:55 2010 : Info: [files] expand: Hello, %{User-Name} ->
- Hello, bob
- Fri Sep 24 03:06:55 2010 : Info: ++[files] returns ok
- Fri Sep 24 03:06:55 2010 : Info: ++[expiration] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[logintime] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [pap] WARNING: Auth-Type already set.
- Not setting to PAP
- Fri Sep 24 03:06:55 2010 : Info: ++[pap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/inner-tunnel
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP Identity
- Fri Sep 24 03:06:55 2010 : Info: [eap] processing type md5
- Fri Sep 24 03:06:55 2010 : Debug: rlm_eap_md5: Issuing Challenge
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
- } # server inner-tunnel
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled reply code 11
- Reply-Message = "Hello, bob"
- EAP-Message = 0x010100160410066543bfbd219873b468f4b298dba6f7
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0xb966de05b967dae4c45b57a72400cd2f
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled Access-Challenge
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
- Sending Access-Challenge of id 7 to 2001:db93::2 port 49667
- EAP-Message =
- 0x01cd005f1580000000551703010050f16015b0873d10bdb192db0b235829a7bc51f8d51fa50e0ed2ac3a3d27655dcb76871d85cf10fc611a8f7a83339f16b5da33a38e05864edccb4e8d55744d51bbf6d0f3dc31dd9599f7c421c755e72755
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0xaff1e84ca93cfdb5bb2c56933c8275f3
- Fri Sep 24 03:06:55 2010 : Info: Finished request 24.
- Fri Sep 24 03:06:55 2010 : Debug: Going to the next request
- Fri Sep 24 03:06:55 2010 : Debug: Waking up in 4.8 seconds.
- rad_recv: Access-Request packet from host 2001:db93::2 port 49667, id=8,
- length=290
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db93::2
- NAS-Identifier = "panosAP-MR2"
- NAS-Port = 1
- Called-Station-Id = "00-1C-F0-9D-22-FF:panos_secure2"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- EAP-Message =
- 0x02cd006015001703010020564b8c2db33d4de032e2986a4c062505dd70e5375381ef12122976faa320855b17030100306a0c5586def74a0253457fc9463597512f7cb70e874613f8a98f73b8aed83d264daa63ec8cae155b35faa618f03be4b5
- State = 0xaff1e84ca93cfdb5bb2c56933c8275f3
- Message-Authenticator = 0x03ab117f121c55e5bd94a682ea0ed90e
- Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:06:55 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 205
- length 96
- Fri Sep 24 03:06:55 2010 : Info: [eap] Continuing tunnel setup.
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns ok
- Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP/ttls
- Fri Sep 24 03:06:55 2010 : Info: [eap] processing type ttls
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Authenticate
- Fri Sep 24 03:06:55 2010 : Info: [ttls] processing EAP-TLS
- Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_verify returned 7
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Done initial handshake
- Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_process returned 7
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Session established. Proceeding
- to decode tunneled attributes.
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled request
- EAP-Message = 0x02010006031a
- FreeRADIUS-Proxied-To = 127.0.0.1
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Sending tunneled request
- EAP-Message = 0x02010006031a
- FreeRADIUS-Proxied-To = 127.0.0.1
- User-Name = "bob"
- State = 0xb966de05b967dae4c45b57a72400cd2f
- server inner-tunnel {
- Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/inner-tunnel
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[unix] returns notfound
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name = "bob",
- looking up realm NULL
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[control] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 1 length 6
- Fri Sep 24 03:06:55 2010 : Info: [eap] No EAP Start, assuming it's an
- on-going EAP conversation
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns updated
- Fri Sep 24 03:06:55 2010 : Info: [files] users: Matched entry bob at line 208
- Fri Sep 24 03:06:55 2010 : Info: [files] expand: Hello, %{User-Name} ->
- Hello, bob
- Fri Sep 24 03:06:55 2010 : Info: ++[files] returns ok
- Fri Sep 24 03:06:55 2010 : Info: ++[expiration] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[logintime] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [pap] WARNING: Auth-Type already set.
- Not setting to PAP
- Fri Sep 24 03:06:55 2010 : Info: ++[pap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/inner-tunnel
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP NAK
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP-NAK asked for EAP-Type/mschapv2
- Fri Sep 24 03:06:55 2010 : Info: [eap] processing type mschapv2
- Fri Sep 24 03:06:55 2010 : Debug: rlm_eap_mschapv2: Issuing Challenge
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
- } # server inner-tunnel
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled reply code 11
- Reply-Message = "Hello, bob"
- EAP-Message = 0x0102001d1a010200181001fb51383905981d78c1e685ac1b7a9a626f62
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0xb966de05b864c4e4c45b57a72400cd2f
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled Access-Challenge
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
- Sending Access-Challenge of id 8 to 2001:db93::2 port 49667
- EAP-Message =
- 0x01ce004f1580000000451703010040888ee00df3d809dc650dc52e4e5051117a559a4dc935734f816ccaccbfd618813a45020275b5c6c76073047ea5530faac8a8869580e60481903f8d9bac3e7c12
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0xaff1e84ca83ffdb5bb2c56933c8275f3
- Fri Sep 24 03:06:55 2010 : Info: Finished request 25.
- Fri Sep 24 03:06:55 2010 : Debug: Going to the next request
- Fri Sep 24 03:06:55 2010 : Debug: Waking up in 4.8 seconds.
- rad_recv: Access-Request packet from host 2001:db93::2 port 49667, id=9,
- length=338
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db93::2
- NAS-Identifier = "panosAP-MR2"
- NAS-Port = 1
- Called-Station-Id = "00-1C-F0-9D-22-FF:panos_secure2"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- EAP-Message =
- 0x02ce0090150017030100206d5f383875f521035af9dcc22871cc8de5cafce984d72beb827680df007abec717030100602f9a2a45530f14333dfb3b1cdf5b37ed13cabe4d08d82629cb29cad6e1c685764d85019a3eab82b2a0f1693cd3115e3f10426dd94cec61e335a8e1a6c0febcb42ff3435f2c34d8a04dbe6c8930fb6a5d0799adc5084430acbca67fd99e8b3324
- State = 0xaff1e84ca83ffdb5bb2c56933c8275f3
- Message-Authenticator = 0x98997bc6575e3c744ce2f1a3245fd3ee
- Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:06:55 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 206
- length 144
- Fri Sep 24 03:06:55 2010 : Info: [eap] Continuing tunnel setup.
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns ok
- Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP/ttls
- Fri Sep 24 03:06:55 2010 : Info: [eap] processing type ttls
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Authenticate
- Fri Sep 24 03:06:55 2010 : Info: [ttls] processing EAP-TLS
- Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_verify returned 7
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Done initial handshake
- Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_process returned 7
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Session established. Proceeding
- to decode tunneled attributes.
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled request
- EAP-Message =
- 0x0202003e1a02020039317e2e08ca0e19795cc9877434d3b182630000000000000000f77973b633d6ccf223a817759f2f8c8a3aaa2c93601ea69300626f62
- FreeRADIUS-Proxied-To = 127.0.0.1
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Sending tunneled request
- EAP-Message =
- 0x0202003e1a02020039317e2e08ca0e19795cc9877434d3b182630000000000000000f77973b633d6ccf223a817759f2f8c8a3aaa2c93601ea69300626f62
- FreeRADIUS-Proxied-To = 127.0.0.1
- User-Name = "bob"
- State = 0xb966de05b864c4e4c45b57a72400cd2f
- server inner-tunnel {
- Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/inner-tunnel
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[unix] returns notfound
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name = "bob",
- looking up realm NULL
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[control] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 2
- length 62
- Fri Sep 24 03:06:55 2010 : Info: [eap] No EAP Start, assuming it's an
- on-going EAP conversation
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns updated
- Fri Sep 24 03:06:55 2010 : Info: [files] users: Matched entry bob at line 208
- Fri Sep 24 03:06:55 2010 : Info: [files] expand: Hello, %{User-Name} ->
- Hello, bob
- Fri Sep 24 03:06:55 2010 : Info: ++[files] returns ok
- Fri Sep 24 03:06:55 2010 : Info: ++[expiration] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[logintime] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [pap] WARNING: Auth-Type already set.
- Not setting to PAP
- Fri Sep 24 03:06:55 2010 : Info: ++[pap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/inner-tunnel
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP/mschapv2
- Fri Sep 24 03:06:55 2010 : Info: [eap] processing type mschapv2
- Fri Sep 24 03:06:55 2010 : Info: [mschapv2] # Executing group from file
- /usr/local/etc/raddb/sites-enabled/inner-tunnel
- Fri Sep 24 03:06:55 2010 : Info: [mschapv2] +- entering group MS-CHAP {...}
- Fri Sep 24 03:06:55 2010 : Info: [mschap] Creating challenge hash with
- username: bob
- Fri Sep 24 03:06:55 2010 : Info: [mschap] Told to do MS-CHAPv2 for bob
- with NT-Password
- Fri Sep 24 03:06:55 2010 : Info: [mschap] adding MS-CHAPv2 MPPE keys
- Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns ok
- Fri Sep 24 03:06:55 2010 : Debug: MSCHAP Success
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
- } # server inner-tunnel
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled reply code 11
- Reply-Message = "Hello, bob"
- EAP-Message =
- 0x010300331a0302002e533d32383636443443443232423933334338384336313633383638433544453633463246373046374346
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0xb966de05bb65c4e4c45b57a72400cd2f
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled Access-Challenge
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
- Sending Access-Challenge of id 9 to 2001:db93::2 port 49667
- EAP-Message =
- 0x01cf006f1580000000651703010060b4f3cddb2c24d6df96c12eac2ae30ebb92566a3b52f57f9667f024db5f0890a3d8fbf3e3044f2e61c26ad6a58fee1ed23c2101007be16647f76a1b5d4c3ce22dda8da199f489fde2eae5d1231a894645794970db323e1318f072231e1765a76c
- Message-Authenticator = 0x00000000000000000000000000000000
- State = 0xaff1e84ca73efdb5bb2c56933c8275f3
- Fri Sep 24 03:06:55 2010 : Info: Finished request 26.
- Fri Sep 24 03:06:55 2010 : Debug: Going to the next request
- Fri Sep 24 03:06:55 2010 : Debug: Waking up in 4.7 seconds.
- rad_recv: Access-Request packet from host 2001:db93::2 port 49667, id=10,
- length=290
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db93::2
- NAS-Identifier = "panosAP-MR2"
- NAS-Port = 1
- Called-Station-Id = "00-1C-F0-9D-22-FF:panos_secure2"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- Framed-MTU = 1400
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- EAP-Message =
- 0x02cf006015001703010020b4a4804ae6c506fa5a3823ff6f0c349660523ccdf8683b4b060f4d2707dc2def170301003043c4acfca040076c667f9a4f775b0ff0d8051dbd9e51f0018e53d8370a2c24b899fb8fc4dcb1a0c17bbc3e7e3a0b9bfc
- State = 0xaff1e84ca73efdb5bb2c56933c8275f3
- Message-Authenticator = 0x56e9ece90fceb38cbb47757941cf9ddc
- Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:06:55 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 207
- length 96
- Fri Sep 24 03:06:55 2010 : Info: [eap] Continuing tunnel setup.
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns ok
- Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP/ttls
- Fri Sep 24 03:06:55 2010 : Info: [eap] processing type ttls
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Authenticate
- Fri Sep 24 03:06:55 2010 : Info: [ttls] processing EAP-TLS
- Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_verify returned 7
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Done initial handshake
- Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_process returned 7
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Session established. Proceeding
- to decode tunneled attributes.
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled request
- EAP-Message = 0x020300061a03
- FreeRADIUS-Proxied-To = 127.0.0.1
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Sending tunneled request
- EAP-Message = 0x020300061a03
- FreeRADIUS-Proxied-To = 127.0.0.1
- User-Name = "bob"
- State = 0xb966de05bb65c4e4c45b57a72400cd2f
- server inner-tunnel {
- Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
- /usr/local/etc/raddb/sites-enabled/inner-tunnel
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
- Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[unix] returns notfound
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name = "bob",
- looking up realm NULL
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[control] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 3 length 6
- Fri Sep 24 03:06:55 2010 : Info: [eap] No EAP Start, assuming it's an
- on-going EAP conversation
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns updated
- Fri Sep 24 03:06:55 2010 : Info: [files] users: Matched entry bob at line 208
- Fri Sep 24 03:06:55 2010 : Info: [files] expand: Hello, %{User-Name} ->
- Hello, bob
- Fri Sep 24 03:06:55 2010 : Info: ++[files] returns ok
- Fri Sep 24 03:06:55 2010 : Info: ++[expiration] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[logintime] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [pap] WARNING: Auth-Type already set.
- Not setting to PAP
- Fri Sep 24 03:06:55 2010 : Info: ++[pap] returns noop
- Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
- Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
- /usr/local/etc/raddb/sites-enabled/inner-tunnel
- Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
- Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
- Fri Sep 24 03:06:55 2010 : Info: [eap] EAP/mschapv2
- Fri Sep 24 03:06:55 2010 : Info: [eap] processing type mschapv2
- Fri Sep 24 03:06:55 2010 : Info: [eap] Freeing handler
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns ok
- Fri Sep 24 03:06:55 2010 : Info: WARNING: Empty post-auth section.
- Using default return values.
- Fri Sep 24 03:06:55 2010 : Info: # Executing section post-auth from file
- /usr/local/etc/raddb/sites-enabled/inner-tunnel
- } # server inner-tunnel
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled reply code 2
- Reply-Message = "Hello, bob"
- MS-MPPE-Encryption-Policy = 0x00000001
- MS-MPPE-Encryption-Types = 0x00000006
- MS-MPPE-Send-Key = 0xc667dd0175a542bbc8769243d4f47c67
- MS-MPPE-Recv-Key = 0xb58dfec835f0ecefd4c4277f32706b78
- EAP-Message = 0x03030004
- Message-Authenticator = 0x00000000000000000000000000000000
- User-Name = "bob"
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled Access-Accept
- Fri Sep 24 03:06:55 2010 : Info: [ttls] Saving response in the cache
- Fri Sep 24 03:06:55 2010 : Info: [ttls] WARNING: No information to cache:
- session caching will be disabled for this session.
- Fri Sep 24 03:06:55 2010 : Debug: SSL: Removing session
- 69c204b29e84878591c19645ed74c1ff4b656c30f66adad78d268df65d2e1d14 from the
- cache
- Fri Sep 24 03:06:55 2010 : Info: [eap] Freeing handler
- Fri Sep 24 03:06:55 2010 : Debug: rlm_eap_ttls: Freeing handler for user bob
- Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns ok
- Fri Sep 24 03:06:55 2010 : Info: # Executing section post-auth from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group post-auth {...}
- Fri Sep 24 03:06:55 2010 : Info: ++[exec] returns noop
- Sending Access-Accept of id 10 to 2001:db93::2 port 49667
- MS-MPPE-Recv-Key =
- 0x84faf1a0e36f0f769f56ab0ac628622eb479ca87eae2bb989563b4a133172fe8
- MS-MPPE-Send-Key =
- 0xba374fdefbe520c26dfcb59013e12d4f23989b63215c29389850cc5d65146726
- EAP-Message = 0x03cf0004
- Message-Authenticator = 0x00000000000000000000000000000000
- User-Name = "anonymous"
- Fri Sep 24 03:06:55 2010 : Info: Finished request 27.
- Fri Sep 24 03:06:55 2010 : Debug: Going to the next request
- Fri Sep 24 03:06:55 2010 : Debug: Waking up in 4.7 seconds.
- rad_recv: Accounting-Request packet from host 2001:db93::2 port 33610,
- id=11, length=181
- Acct-Session-Id = "4C9C0536-00000000"
- Acct-Status-Type = Start
- Acct-Authentic = RADIUS
- User-Name = "anonymous"
- NAS-IPv6-Address = 2001:db93::2
- NAS-Identifier = "panosAP-MR2"
- NAS-Port = 1
- Called-Station-Id = "00-1C-F0-9D-22-FF:panos_secure2"
- Calling-Station-Id = "00-1B-2F-2C-AD-D9"
- NAS-Port-Type = Wireless-802.11
- Connect-Info = "CONNECT 54Mbps 802.11g"
- Fri Sep 24 03:06:55 2010 : Info: # Executing section preacct from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group preacct {...}
- Fri Sep 24 03:06:55 2010 : Info: ++[preprocess] returns ok
- Fri Sep 24 03:06:55 2010 : Info: [acct_unique] WARNING: Attribute
- Client-IP-Address was not found in request, unique ID MAY be inconsistent
- Fri Sep 24 03:06:55 2010 : Info: [acct_unique] WARNING: Attribute
- NAS-IP-Address was not found in request, unique ID MAY be inconsistent
- Fri Sep 24 03:06:55 2010 : Info: [acct_unique] Hashing 'NAS-Port =
- 1,,,Acct-Session-Id = "4C9C0536-00000000",User-Name = "anonymous"'
- Fri Sep 24 03:06:55 2010 : Info: [acct_unique] Acct-Unique-Session-ID =
- "bee22e2205dd4cd8".
- Fri Sep 24 03:06:55 2010 : Info: ++[acct_unique] returns ok
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name =
- "anonymous", looking up realm NULL
- Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
- Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
- Fri Sep 24 03:06:55 2010 : Info: ++[files] returns noop
- Fri Sep 24 03:06:55 2010 : Info: # Executing section accounting from file
- /usr/local/etc/raddb/sites-enabled/default
- Fri Sep 24 03:06:55 2010 : Info: +- entering group accounting {...}
- Fri Sep 24 03:06:55 2010 : Info: [detail] expand:
- /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d ->
- /usr/local/var/log/radius/radacct//detail-20100924
- Fri Sep 24 03:06:55 2010 : Info: [detail]
- /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
- expands to /usr/local/var/log/radius/radacct//detail-20100924
- Fri Sep 24 03:06:55 2010 : Info: [detail] expand: %t -> Fri Sep 24
- 03:06:55 2010
- Fri Sep 24 03:06:55 2010 : Info: ++[detail] returns ok
- Fri Sep 24 03:06:55 2010 : Info: [unix] IPv6 is not supported!
- Fri Sep 24 03:06:55 2010 : Info: ++[unix] returns noop
- Fri Sep 24 03:06:55 2010 : Debug: rlm_radutmp: IPv6 not supported!
- Fri Sep 24 03:06:55 2010 : Info: ++[radutmp] returns noop
- Fri Sep 24 03:06:55 2010 : Info: [attr_filter.accounting_response]
- expand: %{User-Name} -> anonymous
- Fri Sep 24 03:06:55 2010 : Debug: attr_filter: Matched entry DEFAULT at
- line 12
- Fri Sep 24 03:06:55 2010 : Info: ++[attr_filter.accounting_response]
- returns updated
- Sending Accounting-Response of id 11 to 2001:db93::2 port 33610
- Fri Sep 24 03:06:55 2010 : Info: Finished request 28.
- Fri Sep 24 03:06:55 2010 : Info: Cleaning up request 28 ID 11 with
- timestamp +225
- Fri Sep 24 03:06:55 2010 : Debug: Going to the next request
- Fri Sep 24 03:06:55 2010 : Debug: Waking up in 4.6 seconds.
- Fri Sep 24 03:07:00 2010 : Info: Cleaning up request 18 ID 1 with
- timestamp +225
- Fri Sep 24 03:07:00 2010 : Info: Cleaning up request 19 ID 2 with
- timestamp +225
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement