Fri Sep 24 03:03:10 2010 : Info: FreeRADIUS Version 2.1.10, for hosti686-pc-li

1. Fri Sep 24 03:03:10 2010 : Info: FreeRADIUS Version 2.1.10, for host
2. i686-pc-linux-gnu, built on Sep 24 2010 at 02:24:05
3. Fri Sep 24 03:03:10 2010 : Info: Copyright (C) 1999-2009 The FreeRADIUS
4. server project and contributors.
5. Fri Sep 24 03:03:10 2010 : Info: There is NO warranty; not even for
6. MERCHANTABILITY or FITNESS FOR A
7. Fri Sep 24 03:03:10 2010 : Info: PARTICULAR PURPOSE.
8. Fri Sep 24 03:03:10 2010 : Info: You may redistribute copies of FreeRADIUS
9. under the terms of the
10. Fri Sep 24 03:03:10 2010 : Info: GNU General Public License v2.
11. Fri Sep 24 03:03:10 2010 : Info: Starting - reading configuration files ...
12. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
13. /usr/local/etc/raddb/radiusd.conf
14. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
15. /usr/local/etc/raddb/proxy.conf
16. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
17. /usr/local/etc/raddb/clients.conf
18. Fri Sep 24 03:03:10 2010 : Debug: including files in directory
19. /usr/local/etc/raddb/modules/
20. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
21. /usr/local/etc/raddb/modules/counter
22. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
23. /usr/local/etc/raddb/modules/unix
24. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
25. /usr/local/etc/raddb/modules/sradutmp
26. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
27. /usr/local/etc/raddb/modules/krb5
28. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
29. /usr/local/etc/raddb/modules/exec
30. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
31. /usr/local/etc/raddb/modules/expr
32. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
33. /usr/local/etc/raddb/modules/logintime
34. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
35. /usr/local/etc/raddb/modules/policy
36. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
37. /usr/local/etc/raddb/modules/pap
38. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
39. /usr/local/etc/raddb/modules/sqlcounter_expire_on_login
40. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
41. /usr/local/etc/raddb/modules/always
42. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
43. /usr/local/etc/raddb/modules/etc_group
44. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
45. /usr/local/etc/raddb/modules/sql_log
46. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
47. /usr/local/etc/raddb/modules/inner-eap
48. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
49. /usr/local/etc/raddb/modules/files
50. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
51. /usr/local/etc/raddb/modules/pam
52. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
53. /usr/local/etc/raddb/modules/radutmp
54. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
55. /usr/local/etc/raddb/modules/opendirectory
56. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
57. /usr/local/etc/raddb/modules/detail.log
58. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
59. /usr/local/etc/raddb/modules/dynamic_clients
60. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
61. /usr/local/etc/raddb/modules/realm
62. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
63. /usr/local/etc/raddb/modules/expiration
64. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
65. /usr/local/etc/raddb/modules/linelog
66. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
67. /usr/local/etc/raddb/modules/detail.example.com
68. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
69. /usr/local/etc/raddb/modules/smbpasswd
70. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
71. /usr/local/etc/raddb/modules/wimax
72. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
73. /usr/local/etc/raddb/modules/digest
74. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
75. /usr/local/etc/raddb/modules/preprocess
76. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
77. /usr/local/etc/raddb/modules/mschap
78. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
79. /usr/local/etc/raddb/modules/mac2vlan
80. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
81. /usr/local/etc/raddb/modules/perl
82. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
83. /usr/local/etc/raddb/modules/chap
84. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
85. /usr/local/etc/raddb/modules/cui
86. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
87. /usr/local/etc/raddb/modules/attr_rewrite
88. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
89. /usr/local/etc/raddb/modules/detail
90. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
91. /usr/local/etc/raddb/modules/attr_filter
92. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
93. /usr/local/etc/raddb/modules/passwd
94. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
95. /usr/local/etc/raddb/modules/acct_unique
96. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
97. /usr/local/etc/raddb/modules/smsotp
98. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
99. /usr/local/etc/raddb/modules/ntlm_auth
100. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
101. /usr/local/etc/raddb/modules/ldap
102. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
103. /usr/local/etc/raddb/modules/mac2ip
104. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
105. /usr/local/etc/raddb/modules/echo
106. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
107. /usr/local/etc/raddb/modules/otp
108. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
109. /usr/local/etc/raddb/modules/checkval
110. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
111. /usr/local/etc/raddb/modules/ippool
112. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
113. /usr/local/etc/raddb/eap.conf
114. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
115. /usr/local/etc/raddb/policy.conf
116. Fri Sep 24 03:03:10 2010 : Debug: including files in directory
117. /usr/local/etc/raddb/sites-enabled/
118. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
119. /usr/local/etc/raddb/sites-enabled/inner-tunnel
120. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
121. /usr/local/etc/raddb/sites-enabled/default
122. Fri Sep 24 03:03:10 2010 : Debug: including configuration file
123. /usr/local/etc/raddb/sites-enabled/control-socket
124. Fri Sep 24 03:03:10 2010 : Debug: main {
125. Fri Sep 24 03:03:10 2010 : Debug: allow_core_dumps = no
126. Fri Sep 24 03:03:10 2010 : Debug: }
127. Fri Sep 24 03:03:10 2010 : Debug: including dictionary file
128. /usr/local/etc/raddb/dictionary
129. Fri Sep 24 03:03:10 2010 : Debug: main {
130. Fri Sep 24 03:03:10 2010 : Debug: prefix = "/usr/local"
131. Fri Sep 24 03:03:10 2010 : Debug: localstatedir = "/usr/local/var"
132. Fri Sep 24 03:03:10 2010 : Debug: logdir = "/usr/local/var/log/radius"
133. Fri Sep 24 03:03:10 2010 : Debug: libdir = "/usr/local/lib"
134. Fri Sep 24 03:03:10 2010 : Debug: radacctdir =
135. "/usr/local/var/log/radius/radacct"
136. Fri Sep 24 03:03:10 2010 : Debug: hostname_lookups = no
137. Fri Sep 24 03:03:10 2010 : Debug: max_request_time = 30
138. Fri Sep 24 03:03:10 2010 : Debug: cleanup_delay = 5
139. Fri Sep 24 03:03:10 2010 : Debug: max_requests = 1024
140. Fri Sep 24 03:03:10 2010 : Debug: pidfile =
141. "/usr/local/var/run/radiusd/radiusd.pid"
142. Fri Sep 24 03:03:10 2010 : Debug: checkrad = "/usr/local/sbin/checkrad"
143. Fri Sep 24 03:03:10 2010 : Debug: debug_level = 0
144. Fri Sep 24 03:03:10 2010 : Debug: proxy_requests = yes
145. Fri Sep 24 03:03:10 2010 : Debug: log {
146. Fri Sep 24 03:03:10 2010 : Debug: stripped_names = no
147. Fri Sep 24 03:03:10 2010 : Debug: auth = no
148. Fri Sep 24 03:03:10 2010 : Debug: auth_badpass = no
149. Fri Sep 24 03:03:10 2010 : Debug: auth_goodpass = no
150. Fri Sep 24 03:03:10 2010 : Debug: }
151. Fri Sep 24 03:03:10 2010 : Debug: security {
152. Fri Sep 24 03:03:10 2010 : Debug: max_attributes = 200
153. Fri Sep 24 03:03:10 2010 : Debug: reject_delay = 0
154. Fri Sep 24 03:03:10 2010 : Debug: status_server = yes
155. Fri Sep 24 03:03:10 2010 : Debug: }
156. Fri Sep 24 03:03:10 2010 : Debug: }
157. Fri Sep 24 03:03:10 2010 : Debug: radiusd: #### Loading Realms and Home
158. Servers ####
159. Fri Sep 24 03:03:10 2010 : Debug: proxy server {
160. Fri Sep 24 03:03:10 2010 : Debug: retry_delay = 5
161. Fri Sep 24 03:03:10 2010 : Debug: retry_count = 3
162. Fri Sep 24 03:03:10 2010 : Debug: default_fallback = no
163. Fri Sep 24 03:03:10 2010 : Debug: dead_time = 120
164. Fri Sep 24 03:03:10 2010 : Debug: wake_all_if_all_dead = no
165. Fri Sep 24 03:03:10 2010 : Debug: }
166. Fri Sep 24 03:03:10 2010 : Debug: home_server localhost {
167. Fri Sep 24 03:03:10 2010 : Debug: ipaddr = 127.0.0.1
168. Fri Sep 24 03:03:10 2010 : Debug: port = 1812
169. Fri Sep 24 03:03:10 2010 : Debug: type = "auth"
170. Fri Sep 24 03:03:10 2010 : Debug: secret = "*********"
171. Fri Sep 24 03:03:10 2010 : Debug: response_window = 20
172. Fri Sep 24 03:03:10 2010 : Debug: max_outstanding = 65536
173. Fri Sep 24 03:03:10 2010 : Debug: require_message_authenticator = no
174. Fri Sep 24 03:03:10 2010 : Debug: zombie_period = 40
175. Fri Sep 24 03:03:10 2010 : Debug: status_check = "status-server"
176. Fri Sep 24 03:03:10 2010 : Debug: ping_interval = 30
177. Fri Sep 24 03:03:10 2010 : Debug: check_interval = 30
178. Fri Sep 24 03:03:10 2010 : Debug: num_answers_to_alive = 3
179. Fri Sep 24 03:03:10 2010 : Debug: num_pings_to_alive = 3
180. Fri Sep 24 03:03:10 2010 : Debug: revive_interval = 120
181. Fri Sep 24 03:03:10 2010 : Debug: status_check_timeout = 4
182. Fri Sep 24 03:03:10 2010 : Debug: irt = 2
183. Fri Sep 24 03:03:10 2010 : Debug: mrt = 16
184. Fri Sep 24 03:03:10 2010 : Debug: mrc = 5
185. Fri Sep 24 03:03:10 2010 : Debug: mrd = 30
186. Fri Sep 24 03:03:10 2010 : Debug: }
187. Fri Sep 24 03:03:10 2010 : Debug: home_server_pool my_auth_failover {
188. Fri Sep 24 03:03:10 2010 : Debug: type = fail-over
189. Fri Sep 24 03:03:10 2010 : Debug: home_server = localhost
190. Fri Sep 24 03:03:10 2010 : Debug: }
191. Fri Sep 24 03:03:10 2010 : Debug: realm example.com {
192. Fri Sep 24 03:03:10 2010 : Debug: auth_pool = my_auth_failover
193. Fri Sep 24 03:03:10 2010 : Debug: }
194. Fri Sep 24 03:03:10 2010 : Debug: realm LOCAL {
195. Fri Sep 24 03:03:10 2010 : Debug: }
196. Fri Sep 24 03:03:10 2010 : Debug: radiusd: #### Loading Clients ####
197. Fri Sep 24 03:03:10 2010 : Debug: client localhost {
198. Fri Sep 24 03:03:10 2010 : Debug: ipv6addr = ::1 IPv6 address [::1]
199. Fri Sep 24 03:03:10 2010 : Debug: netmask = 128
200. Fri Sep 24 03:03:10 2010 : Debug: require_message_authenticator = no
201. Fri Sep 24 03:03:10 2010 : Debug: secret = "*********"
202. Fri Sep 24 03:03:10 2010 : Debug: nastype = "other"
203. Fri Sep 24 03:03:10 2010 : Debug: }
204. Fri Sep 24 03:03:10 2010 : Debug: client my_NAS1 {
205. Fri Sep 24 03:03:10 2010 : Debug: ipv6addr = 2001:db94::2 IPv6 address
206. [2001:db94::2]
207. Fri Sep 24 03:03:10 2010 : Debug: netmask = 128
208. Fri Sep 24 03:03:10 2010 : Debug: require_message_authenticator = no
209. Fri Sep 24 03:03:10 2010 : Debug: secret = "*********"
210. Fri Sep 24 03:03:10 2010 : Debug: }
211. Fri Sep 24 03:03:10 2010 : Debug: client my_NAS2 {
212. Fri Sep 24 03:03:10 2010 : Debug: ipv6addr = 2001:db93::2 IPv6 address
213. [2001:db93::2]
214. Fri Sep 24 03:03:10 2010 : Debug: netmask = 128
215. Fri Sep 24 03:03:10 2010 : Debug: require_message_authenticator = no
216. Fri Sep 24 03:03:10 2010 : Debug: secret = "*********"
217. Fri Sep 24 03:03:10 2010 : Debug: }
218. Fri Sep 24 03:03:10 2010 : Debug: client my_NAS3 {
219. Fri Sep 24 03:03:10 2010 : Debug: ipv6addr = 2001:470:0:0::2 IPv6
220. address [2001:470:0:0::2]
221. Fri Sep 24 03:03:10 2010 : Debug: netmask = 128
222. Fri Sep 24 03:03:10 2010 : Debug: require_message_authenticator = no
223. Fri Sep 24 03:03:10 2010 : Debug: secret = "*********"
224. Fri Sep 24 03:03:10 2010 : Debug: }
225. Fri Sep 24 03:03:10 2010 : Debug: radiusd: #### Instantiating modules ####
226. Fri Sep 24 03:03:10 2010 : Debug: instantiate {
227. Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_exec, checking if it's
228. valid)
229. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_exec
230. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module "exec"
231. from file /usr/local/etc/raddb/modules/exec
232. Fri Sep 24 03:03:10 2010 : Debug: exec {
233. Fri Sep 24 03:03:10 2010 : Debug: wait = no
234. Fri Sep 24 03:03:10 2010 : Debug: input_pairs = "request"
235. Fri Sep 24 03:03:10 2010 : Debug: shell_escape = yes
236. Fri Sep 24 03:03:10 2010 : Debug: }
237. Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_expr, checking if it's
238. valid)
239. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_expr
240. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module "expr"
241. from file /usr/local/etc/raddb/modules/expr
242. Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_expiration, checking if
243. it's valid)
244. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_expiration
245. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module
246. "expiration" from file /usr/local/etc/raddb/modules/expiration
247. Fri Sep 24 03:03:10 2010 : Debug: expiration {
248. Fri Sep 24 03:03:10 2010 : Debug: reply-message = "Password Has Expired "
249. Fri Sep 24 03:03:10 2010 : Debug: }
250. Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_logintime, checking if
251. it's valid)
252. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_logintime
253. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module
254. "logintime" from file /usr/local/etc/raddb/modules/logintime
255. Fri Sep 24 03:03:10 2010 : Debug: logintime {
256. Fri Sep 24 03:03:10 2010 : Debug: reply-message = "You are calling
257. outside your allowed timespan "
258. Fri Sep 24 03:03:10 2010 : Debug: minimum-timeout = 60
259. Fri Sep 24 03:03:10 2010 : Debug: }
260. Fri Sep 24 03:03:10 2010 : Debug: }
261. Fri Sep 24 03:03:10 2010 : Debug: radiusd: #### Loading Virtual Servers ####
262. Fri Sep 24 03:03:10 2010 : Debug: server inner-tunnel { # from file
263. /usr/local/etc/raddb/sites-enabled/inner-tunnel
264. Fri Sep 24 03:03:10 2010 : Debug: modules {
265. Fri Sep 24 03:03:10 2010 : Debug: Module: Checking authenticate {...} for
266. more modules to load
267. Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_pap, checking if it's
268. valid)
269. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_pap
270. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module "pap" from
271. file /usr/local/etc/raddb/modules/pap
272. Fri Sep 24 03:03:10 2010 : Debug: pap {
273. Fri Sep 24 03:03:10 2010 : Debug: encryption_scheme = "auto"
274. Fri Sep 24 03:03:10 2010 : Debug: auto_header = no
275. Fri Sep 24 03:03:10 2010 : Debug: }
276. Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_chap, checking if it's
277. valid)
278. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_chap
279. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module "chap"
280. from file /usr/local/etc/raddb/modules/chap
281. Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_mschap, checking if it's
282. valid)
283. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_mschap
284. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module "mschap"
285. from file /usr/local/etc/raddb/modules/mschap
286. Fri Sep 24 03:03:10 2010 : Debug: mschap {
287. Fri Sep 24 03:03:10 2010 : Debug: use_mppe = yes
288. Fri Sep 24 03:03:10 2010 : Debug: require_encryption = no
289. Fri Sep 24 03:03:10 2010 : Debug: require_strong = no
290. Fri Sep 24 03:03:10 2010 : Debug: with_ntdomain_hack = no
291. Fri Sep 24 03:03:10 2010 : Debug: }
292. Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_unix, checking if it's
293. valid)
294. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_unix
295. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module "unix"
296. from file /usr/local/etc/raddb/modules/unix
297. Fri Sep 24 03:03:10 2010 : Debug: unix {
298. Fri Sep 24 03:03:10 2010 : Debug: radwtmp =
299. "/usr/local/var/log/radius/radwtmp"
300. Fri Sep 24 03:03:10 2010 : Debug: }
301. Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_eap, checking if it's
302. valid)
303. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_eap
304. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module "eap" from
305. file /usr/local/etc/raddb/eap.conf
306. Fri Sep 24 03:03:10 2010 : Debug: eap {
307. Fri Sep 24 03:03:10 2010 : Debug: default_eap_type = "md5"
308. Fri Sep 24 03:03:10 2010 : Debug: timer_expire = 60
309. Fri Sep 24 03:03:10 2010 : Debug: ignore_unknown_eap_types = no
310. Fri Sep 24 03:03:10 2010 : Debug: cisco_accounting_username_bug = no
311. Fri Sep 24 03:03:10 2010 : Debug: max_sessions = 4096
312. Fri Sep 24 03:03:10 2010 : Debug: }
313. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to sub-module rlm_eap_md5
314. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating eap-md5
315. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to sub-module rlm_eap_leap
316. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating eap-leap
317. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to sub-module rlm_eap_gtc
318. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating eap-gtc
319. Fri Sep 24 03:03:10 2010 : Debug: gtc {
320. Fri Sep 24 03:03:10 2010 : Debug: challenge = "Password: "
321. Fri Sep 24 03:03:10 2010 : Debug: auth_type = "PAP"
322. Fri Sep 24 03:03:10 2010 : Debug: }
323. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to sub-module rlm_eap_tls
324. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating eap-tls
325. Fri Sep 24 03:03:10 2010 : Debug: tls {
326. Fri Sep 24 03:03:10 2010 : Debug: rsa_key_exchange = no
327. Fri Sep 24 03:03:10 2010 : Debug: dh_key_exchange = yes
328. Fri Sep 24 03:03:10 2010 : Debug: rsa_key_length = 512
329. Fri Sep 24 03:03:10 2010 : Debug: dh_key_length = 512
330. Fri Sep 24 03:03:10 2010 : Debug: verify_depth = 0
331. Fri Sep 24 03:03:10 2010 : Debug: pem_file_type = yes
332. Fri Sep 24 03:03:10 2010 : Debug: private_key_file =
333. "/usr/local/etc/raddb/certs/AAASERVERclientkey.pem"
334. Fri Sep 24 03:03:10 2010 : Debug: certificate_file =
335. "/usr/local/etc/raddb/certs/AAASERVERclientcert.pem"
336. Fri Sep 24 03:03:10 2010 : Debug: CA_file =
337. "/usr/local/etc/raddb/certs/cacert.pem"
338. Fri Sep 24 03:03:10 2010 : Debug: private_key_password = "passwordclient"
339. Fri Sep 24 03:03:10 2010 : Debug: dh_file = "/usr/local/etc/raddb/certs/dh"
340. Fri Sep 24 03:03:10 2010 : Debug: random_file =
341. "/usr/local/etc/raddb/certs/random"
342. Fri Sep 24 03:03:10 2010 : Debug: fragment_size = 1024
343. Fri Sep 24 03:03:10 2010 : Debug: include_length = yes
344. Fri Sep 24 03:03:10 2010 : Debug: check_crl = no
345. Fri Sep 24 03:03:10 2010 : Debug: cipher_list = "DEFAULT"
346. Fri Sep 24 03:03:10 2010 : Debug: cache {
347. Fri Sep 24 03:03:10 2010 : Debug: enable = yes
348. Fri Sep 24 03:03:10 2010 : Debug: lifetime = 1
349. Fri Sep 24 03:03:10 2010 : Debug: max_entries = 255
350. Fri Sep 24 03:03:10 2010 : Debug: }
351. Fri Sep 24 03:03:10 2010 : Debug: }
352. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to sub-module rlm_eap_ttls
353. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating eap-ttls
354. Fri Sep 24 03:03:10 2010 : Debug: ttls {
355. Fri Sep 24 03:03:10 2010 : Debug: default_eap_type = "md5"
356. Fri Sep 24 03:03:10 2010 : Debug: copy_request_to_tunnel = no
357. Fri Sep 24 03:03:10 2010 : Debug: use_tunneled_reply = no
358. Fri Sep 24 03:03:10 2010 : Debug: virtual_server = "inner-tunnel"
359. Fri Sep 24 03:03:10 2010 : Debug: include_length = yes
360. Fri Sep 24 03:03:10 2010 : Debug: }
361. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to sub-module rlm_eap_peap
362. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating eap-peap
363. Fri Sep 24 03:03:10 2010 : Debug: peap {
364. Fri Sep 24 03:03:10 2010 : Debug: default_eap_type = "mschapv2"
365. Fri Sep 24 03:03:10 2010 : Debug: copy_request_to_tunnel = no
366. Fri Sep 24 03:03:10 2010 : Debug: use_tunneled_reply = no
367. Fri Sep 24 03:03:10 2010 : Debug: proxy_tunneled_request_as_eap = yes
368. Fri Sep 24 03:03:10 2010 : Debug: virtual_server = "inner-tunnel"
369. Fri Sep 24 03:03:10 2010 : Debug: }
370. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to sub-module
371. rlm_eap_mschapv2
372. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating eap-mschapv2
373. Fri Sep 24 03:03:10 2010 : Debug: mschapv2 {
374. Fri Sep 24 03:03:10 2010 : Debug: with_ntdomain_hack = no
375. Fri Sep 24 03:03:10 2010 : Debug: }
376. Fri Sep 24 03:03:10 2010 : Debug: Module: Checking authorize {...} for
377. more modules to load
378. Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_realm, checking if it's
379. valid)
380. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_realm
381. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module "suffix"
382. from file /usr/local/etc/raddb/modules/realm
383. Fri Sep 24 03:03:10 2010 : Debug: realm suffix {
384. Fri Sep 24 03:03:10 2010 : Debug: format = "suffix"
385. Fri Sep 24 03:03:10 2010 : Debug: delimiter = "@"
386. Fri Sep 24 03:03:10 2010 : Debug: ignore_default = no
387. Fri Sep 24 03:03:10 2010 : Debug: ignore_null = no
388. Fri Sep 24 03:03:10 2010 : Debug: }
389. Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_files, checking if it's
390. valid)
391. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_files
392. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module "files"
393. from file /usr/local/etc/raddb/modules/files
394. Fri Sep 24 03:03:10 2010 : Debug: files {
395. Fri Sep 24 03:03:10 2010 : Debug: usersfile = "/usr/local/etc/raddb/users"
396. Fri Sep 24 03:03:10 2010 : Debug: acctusersfile =
397. "/usr/local/etc/raddb/acct_users"
398. Fri Sep 24 03:03:10 2010 : Debug: preproxy_usersfile =
399. "/usr/local/etc/raddb/preproxy_users"
400. Fri Sep 24 03:03:10 2010 : Debug: compat = "no"
401. Fri Sep 24 03:03:10 2010 : Debug: }
402. Fri Sep 24 03:03:10 2010 : Debug: Module: Checking session {...} for more
403. modules to load
404. Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_radutmp, checking if
405. it's valid)
406. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_radutmp
407. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module "radutmp"
408. from file /usr/local/etc/raddb/modules/radutmp
409. Fri Sep 24 03:03:10 2010 : Debug: radutmp {
410. Fri Sep 24 03:03:10 2010 : Debug: filename =
411. "/usr/local/var/log/radius/radutmp"
412. Fri Sep 24 03:03:10 2010 : Debug: username = "%{User-Name}"
413. Fri Sep 24 03:03:10 2010 : Debug: case_sensitive = yes
414. Fri Sep 24 03:03:10 2010 : Debug: check_with_nas = yes
415. Fri Sep 24 03:03:10 2010 : Debug: perm = 384
416. Fri Sep 24 03:03:10 2010 : Debug: callerid = yes
417. Fri Sep 24 03:03:10 2010 : Debug: }
418. Fri Sep 24 03:03:10 2010 : Debug: Module: Checking post-proxy {...} for
419. more modules to load
420. Fri Sep 24 03:03:10 2010 : Debug: Module: Checking post-auth {...} for
421. more modules to load
422. Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_attr_filter, checking if
423. it's valid)
424. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_attr_filter
425. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module
426. "attr_filter.access_reject" from file
427. /usr/local/etc/raddb/modules/attr_filter
428. Fri Sep 24 03:03:10 2010 : Debug: attr_filter attr_filter.access_reject {
429. Fri Sep 24 03:03:10 2010 : Debug: attrsfile =
430. "/usr/local/etc/raddb/attrs.access_reject"
431. Fri Sep 24 03:03:10 2010 : Debug: key = "%{User-Name}"
432. Fri Sep 24 03:03:10 2010 : Debug: }
433. Fri Sep 24 03:03:10 2010 : Debug: } # modules
434. Fri Sep 24 03:03:10 2010 : Debug: } # server
435. Fri Sep 24 03:03:10 2010 : Debug: server { # from file
436. /usr/local/etc/raddb/radiusd.conf
437. Fri Sep 24 03:03:10 2010 : Debug: modules {
438. Fri Sep 24 03:03:10 2010 : Debug: Module: Checking authenticate {...} for
439. more modules to load
440. Fri Sep 24 03:03:10 2010 : Debug: Module: Checking authorize {...} for
441. more modules to load
442. Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_preprocess, checking if
443. it's valid)
444. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_preprocess
445. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module
446. "preprocess" from file /usr/local/etc/raddb/modules/preprocess
447. Fri Sep 24 03:03:10 2010 : Debug: preprocess {
448. Fri Sep 24 03:03:10 2010 : Debug: huntgroups =
449. "/usr/local/etc/raddb/huntgroups"
450. Fri Sep 24 03:03:10 2010 : Debug: hints = "/usr/local/etc/raddb/hints"
451. Fri Sep 24 03:03:10 2010 : Debug: with_ascend_hack = no
452. Fri Sep 24 03:03:10 2010 : Debug: ascend_channels_per_line = 23
453. Fri Sep 24 03:03:10 2010 : Debug: with_ntdomain_hack = no
454. Fri Sep 24 03:03:10 2010 : Debug: with_specialix_jetstream_hack = no
455. Fri Sep 24 03:03:10 2010 : Debug: with_cisco_vsa_hack = no
456. Fri Sep 24 03:03:10 2010 : Debug: with_alvarion_vsa_hack = no
457. Fri Sep 24 03:03:10 2010 : Debug: }
458. Fri Sep 24 03:03:10 2010 : Debug: Module: Checking preacct {...} for more
459. modules to load
460. Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_acct_unique, checking if
461. it's valid)
462. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_acct_unique
463. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module
464. "acct_unique" from file /usr/local/etc/raddb/modules/acct_unique
465. Fri Sep 24 03:03:10 2010 : Debug: acct_unique {
466. Fri Sep 24 03:03:10 2010 : Debug: key = "User-Name, Acct-Session-Id,
467. NAS-IP-Address, Client-IP-Address, NAS-Port"
468. Fri Sep 24 03:03:10 2010 : Debug: }
469. Fri Sep 24 03:03:10 2010 : Debug: Module: Checking accounting {...} for
470. more modules to load
471. Fri Sep 24 03:03:10 2010 : Debug: (Loaded rlm_detail, checking if it's
472. valid)
473. Fri Sep 24 03:03:10 2010 : Debug: Module: Linked to module rlm_detail
474. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module "detail"
475. from file /usr/local/etc/raddb/modules/detail
476. Fri Sep 24 03:03:10 2010 : Debug: detail {
477. Fri Sep 24 03:03:10 2010 : Debug: detailfile =
478. "/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
479. Fri Sep 24 03:03:10 2010 : Debug: header = "%t"
480. Fri Sep 24 03:03:10 2010 : Debug: detailperm = 384
481. Fri Sep 24 03:03:10 2010 : Debug: dirperm = 493
482. Fri Sep 24 03:03:10 2010 : Debug: locking = no
483. Fri Sep 24 03:03:10 2010 : Debug: log_packet_header = no
484. Fri Sep 24 03:03:10 2010 : Debug: }
485. Fri Sep 24 03:03:10 2010 : Debug: Module: Instantiating module
486. "attr_filter.accounting_response" from file
487. /usr/local/etc/raddb/modules/attr_filter
488. Fri Sep 24 03:03:10 2010 : Debug: attr_filter
489. attr_filter.accounting_response {
490. Fri Sep 24 03:03:10 2010 : Debug: attrsfile =
491. "/usr/local/etc/raddb/attrs.accounting_response"
492. Fri Sep 24 03:03:10 2010 : Debug: key = "%{User-Name}"
493. Fri Sep 24 03:03:10 2010 : Debug: }
494. Fri Sep 24 03:03:10 2010 : Debug: Module: Checking session {...} for more
495. modules to load
496. Fri Sep 24 03:03:10 2010 : Debug: Module: Checking post-proxy {...} for
497. more modules to load
498. Fri Sep 24 03:03:10 2010 : Debug: Module: Checking post-auth {...} for
499. more modules to load
500. Fri Sep 24 03:03:10 2010 : Debug: } # modules
501. Fri Sep 24 03:03:10 2010 : Debug: } # server
502. Fri Sep 24 03:03:10 2010 : Debug: radiusd: #### Opening IP addresses and
503. Ports ####
504. Fri Sep 24 03:03:10 2010 : Debug: listen {
505. Fri Sep 24 03:03:10 2010 : Debug: type = "auth"
506. Fri Sep 24 03:03:10 2010 : Debug: ipv6addr = :: IPv6 address [::]
507. Fri Sep 24 03:03:10 2010 : Debug: port = 0
508. Fri Sep 24 03:03:10 2010 : Debug: }
509. Fri Sep 24 03:03:10 2010 : Debug: listen {
510. Fri Sep 24 03:03:10 2010 : Debug: type = "acct"
511. Fri Sep 24 03:03:10 2010 : Debug: ipv6addr = :: IPv6 address [::]
512. Fri Sep 24 03:03:10 2010 : Debug: port = 0
513. Fri Sep 24 03:03:10 2010 : Debug: }
514. Fri Sep 24 03:03:10 2010 : Debug: listen {
515. Fri Sep 24 03:03:10 2010 : Debug: type = "control"
516. Fri Sep 24 03:03:10 2010 : Debug: listen {
517. Fri Sep 24 03:03:10 2010 : Debug: socket =
518. "/usr/local/var/run/radiusd/radiusd.sock"
519. Fri Sep 24 03:03:10 2010 : Debug: }
520. Fri Sep 24 03:03:10 2010 : Debug: }
521. Fri Sep 24 03:03:10 2010 : Debug: Listening on authentication address ::
522. port 1812
523. Fri Sep 24 03:03:10 2010 : Debug: Listening on accounting address :: port
524. 1813
525. Fri Sep 24 03:03:10 2010 : Debug: Listening on command file
526. /usr/local/var/run/radiusd/radiusd.sock
527. Fri Sep 24 03:03:10 2010 : Debug: Listening on proxy address :: port 1814
528. Fri Sep 24 03:03:10 2010 : Info: Ready to process requests.
529.  
530. (snip)
531.  
532. rad_recv: Access-Request packet from host 2001:db94::2 port 53023, id=1,
533. length=189
534. User-Name = "anonymous"
535. NAS-IPv6-Address = 2001:db4::2
536. NAS-Identifier = "panosAP-TD4"
537. NAS-Port = 1
538. Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
539. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
540. Framed-MTU = 1400
541. NAS-Port-Type = Wireless-802.11
542. Connect-Info = "CONNECT 54Mbps 802.11g"
543. EAP-Message = 0x02c6000e01616e6f6e796d6f7573
544. Message-Authenticator = 0xbc939da0f8f0ae045e3b34aacc8b8f4e
545. Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
546. /usr/local/etc/raddb/sites-enabled/default
547. Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
548. Fri Sep 24 03:05:03 2010 : Info: ++[preprocess] returns ok
549. Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
550. Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
551. Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name =
552. "anonymous", looking up realm NULL
553. Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
554. Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
555. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 198
556. length 14
557. Fri Sep 24 03:05:03 2010 : Info: [eap] No EAP Start, assuming it's an
558. on-going EAP conversation
559. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns updated
560. Fri Sep 24 03:05:03 2010 : Info: ++[unix] returns notfound
561. Fri Sep 24 03:05:03 2010 : Info: ++[files] returns noop
562. Fri Sep 24 03:05:03 2010 : Info: ++[expiration] returns noop
563. Fri Sep 24 03:05:03 2010 : Info: ++[logintime] returns noop
564. Fri Sep 24 03:05:03 2010 : Info: [pap] WARNING! No "known good" password
565. found for the user. Authentication may fail because of this.
566. Fri Sep 24 03:05:03 2010 : Info: ++[pap] returns noop
567. Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
568. Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
569. /usr/local/etc/raddb/sites-enabled/default
570. Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
571. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP Identity
572. Fri Sep 24 03:05:03 2010 : Info: [eap] processing type md5
573. Fri Sep 24 03:05:03 2010 : Debug: rlm_eap_md5: Issuing Challenge
574. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
575. Sending Access-Challenge of id 1 to 2001:db94::2 port 53023
576. EAP-Message = 0x01c700160410b24dea7476eef075ebba4dc5b9a1810d
577. Message-Authenticator = 0x00000000000000000000000000000000
578. State = 0x99bafb26997dff4e6a5f6a02067ddfc7
579. Fri Sep 24 03:05:03 2010 : Info: Finished request 6.
580. Fri Sep 24 03:05:03 2010 : Debug: Going to the next request
581. Fri Sep 24 03:05:03 2010 : Debug: Waking up in 4.9 seconds.
582. rad_recv: Access-Request packet from host 2001:db94::2 port 53023, id=2,
583. length=199
584. User-Name = "anonymous"
585. NAS-IPv6-Address = 2001:db4::2
586. NAS-Identifier = "panosAP-TD4"
587. NAS-Port = 1
588. Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
589. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
590. Framed-MTU = 1400
591. NAS-Port-Type = Wireless-802.11
592. Connect-Info = "CONNECT 54Mbps 802.11g"
593. EAP-Message = 0x02c700060315
594. State = 0x99bafb26997dff4e6a5f6a02067ddfc7
595. Message-Authenticator = 0xbc62a592dd256c3906a7afc1f4bea280
596. Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
597. /usr/local/etc/raddb/sites-enabled/default
598. Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
599. Fri Sep 24 03:05:03 2010 : Info: ++[preprocess] returns ok
600. Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
601. Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
602. Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name =
603. "anonymous", looking up realm NULL
604. Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
605. Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
606. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 199
607. length 6
608. Fri Sep 24 03:05:03 2010 : Info: [eap] No EAP Start, assuming it's an
609. on-going EAP conversation
610. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns updated
611. Fri Sep 24 03:05:03 2010 : Info: ++[unix] returns notfound
612. Fri Sep 24 03:05:03 2010 : Info: ++[files] returns noop
613. Fri Sep 24 03:05:03 2010 : Info: ++[expiration] returns noop
614. Fri Sep 24 03:05:03 2010 : Info: ++[logintime] returns noop
615. Fri Sep 24 03:05:03 2010 : Info: [pap] WARNING! No "known good" password
616. found for the user. Authentication may fail because of this.
617. Fri Sep 24 03:05:03 2010 : Info: ++[pap] returns noop
618. Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
619. Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
620. /usr/local/etc/raddb/sites-enabled/default
621. Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
622. Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
623. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP NAK
624. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP-NAK asked for EAP-Type/ttls
625. Fri Sep 24 03:05:03 2010 : Info: [eap] processing type tls
626. Fri Sep 24 03:05:03 2010 : Info: [tls] Flushing SSL sessions (of #0)
627. Fri Sep 24 03:05:03 2010 : Info: [tls] Initiate
628. Fri Sep 24 03:05:03 2010 : Info: [tls] Start returned 1
629. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
630. Sending Access-Challenge of id 2 to 2001:db94::2 port 53023
631. EAP-Message = 0x01c800061520
632. Message-Authenticator = 0x00000000000000000000000000000000
633. State = 0x99bafb269872ee4e6a5f6a02067ddfc7
634. Fri Sep 24 03:05:03 2010 : Info: Finished request 7.
635. Fri Sep 24 03:05:03 2010 : Debug: Going to the next request
636. Fri Sep 24 03:05:03 2010 : Debug: Waking up in 4.9 seconds.
637. rad_recv: Access-Request packet from host 2001:db94::2 port 53023, id=3,
638. length=324
639. User-Name = "anonymous"
640. NAS-IPv6-Address = 2001:db4::2
641. NAS-Identifier = "panosAP-TD4"
642. NAS-Port = 1
643. Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
644. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
645. Framed-MTU = 1400
646. NAS-Port-Type = Wireless-802.11
647. Connect-Info = "CONNECT 54Mbps 802.11g"
648. EAP-Message =
649. 0x02c80083150016030100780100007403014c9c0729a84a62c0ca33f7502905ecb2c08507df42a7172259265df7d7ad9e7020abb5e51b3c9ba4b6914ac420be25409297232e70af28eca704f4f4e3d228745a002600390038003500160013000a00330032002f0005000400150012000900140011000800060003020100000400230000
650. State = 0x99bafb269872ee4e6a5f6a02067ddfc7
651. Message-Authenticator = 0x1e88933acfaa7c848cb66a67b864c705
652. Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
653. /usr/local/etc/raddb/sites-enabled/default
654. Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
655. Fri Sep 24 03:05:03 2010 : Info: ++[preprocess] returns ok
656. Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
657. Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
658. Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name =
659. "anonymous", looking up realm NULL
660. Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
661. Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
662. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 200
663. length 131
664. Fri Sep 24 03:05:03 2010 : Info: [eap] Continuing tunnel setup.
665. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns ok
666. Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
667. Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
668. /usr/local/etc/raddb/sites-enabled/default
669. Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
670. Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
671. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP/ttls
672. Fri Sep 24 03:05:03 2010 : Info: [eap] processing type ttls
673. Fri Sep 24 03:05:03 2010 : Info: [ttls] Authenticate
674. Fri Sep 24 03:05:03 2010 : Info: [ttls] processing EAP-TLS
675. Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_verify returned 7
676. Fri Sep 24 03:05:03 2010 : Info: [ttls] Done initial handshake
677. Fri Sep 24 03:05:03 2010 : Info: [ttls] (other): before/accept
678. initialization
679. Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: before/accept
680. initialization
681. Fri Sep 24 03:05:03 2010 : Info: [ttls] <<< TLS 1.0 Handshake [length
682. 0078], ClientHello
683. Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: SSLv3 read client
684. hello A
685. Fri Sep 24 03:05:03 2010 : Info: [ttls] >>> TLS 1.0 Handshake [length
686. 004a], ServerHello
687. Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: SSLv3 write server
688. hello A
689. Fri Sep 24 03:05:03 2010 : Info: [ttls] >>> TLS 1.0 Handshake [length
690. 08b3], Certificate
691. Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: SSLv3 write
692. certificate A
693. Fri Sep 24 03:05:03 2010 : Info: [ttls] >>> TLS 1.0 Handshake [length
694. 020d], ServerKeyExchange
695. Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: SSLv3 write key
696. exchange A
697. Fri Sep 24 03:05:03 2010 : Info: [ttls] >>> TLS 1.0 Handshake [length
698. 0004], ServerHelloDone
699. Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: SSLv3 write server
700. done A
701. Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: SSLv3 flush data
702. Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: Need to read more
703. data: SSLv3 read client certificate A
704. Fri Sep 24 03:05:03 2010 : Debug: In SSL Handshake Phase
705. Fri Sep 24 03:05:03 2010 : Debug: In SSL Accept mode
706. Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_process returned 13
707. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
708. Sending Access-Challenge of id 3 to 2001:db94::2 port 53023
709. EAP-Message =
710. 0x01c9040015c000000b22160301004a0200004603014c9c074f0097aa401342bfbcf574f812122ef8b9c51e5bdc71484a48d908d8f0201d6029bbddba233cd443d692b968df093237d9ad982f9ccc8a2defcd3edeb24300390116030108b30b0008af0008ac0004633082045f30820347a003020102020900e8aa5d45ccde0ec2300d06092a864886f70d01010405003081b5310b300906035504061302554b3113301106035504080c0a4c616e636173686972653140303e060355040a0c37563654657374626564202d20436f6d707574696e67204465706172746d656e74202d204c616e63617374657220556e697665727369747931283026060355
711. EAP-Message =
712. 0x04030c1f43657274696669636174655f417574686f72697479407636746573746265643125302306092a864886f70d010901161670616e6f7340636f6d702e6c616e63732e61632e756b301e170d3130303432333136323330315a170d3230303432303136323330315a3081aa310b300906035504061302554b3113301106035504080c0a4c616e636173686972653140303e060355040a0c37563654657374626564202d20436f6d707574696e67204465706172746d656e74202d204c616e63617374657220556e6976657273697479311d301b06035504030c144141415f534552564552407636746573746265643125302306092a864886f70d01
713. EAP-Message =
714. 0x0901161670616e6f7340636f6d702e6c616e63732e61632e756b30820122300d06092a864886f70d01010105000382010f003082010a0282010100ee0aeb8ea5d83782523d2dce5297e8905e9fb3fa8c5f59cd3ee7903c9799c9679fa8c00ea9d6a86a195ec3d9bcd1e2dda95d48cd24bae78fef247a53410e45fbb0cfaf26edb8489afdd76d1da0e014ef60e79047d5c7f1055d6081827e1e1116b5c8a93e3aa744d93c65a5f9912735eeb5ebad5338065954c2fa12092a8f18d5e3a864466f3b4e43d6bdc1d42461151462237fdaccdb6a58e0ace9fcd82489e6ebbc24f2e986978856bff2b0c0043cbe680e1db409c30d5d3ef5e9bcc6bf6f58647e
715. EAP-Message =
716. 0x383eec7be5af4015b8597886a348514437646ee8b77a884eb593301352ddb7debd2669ab0e716cfad0ae1aae57e384bbc0d7fffee5ade1e3d8705e83af0b0203010001a37b307930090603551d1304023000302c06096086480186f842010d041f161d4f70656e53534c2047656e657261746564204365727469666963617465301d0603551d0e04160414cf045dee9ff9839327e2127c1cd2123521276d25301f0603551d23041830168014849d96ce9dce861838218a5b59371fff875735a0300d06092a864886f70d0101040500038201010059ca64550c6349a37715a7a235a35b75cc729c76346541184e00250167552ac941a1ce251a8f4d183a
717. EAP-Message = 0x9b34dfc90e812ab8c370f93d
718. Message-Authenticator = 0x00000000000000000000000000000000
719. State = 0x99bafb269b73ee4e6a5f6a02067ddfc7
720. Fri Sep 24 03:05:03 2010 : Info: Finished request 8.
721. Fri Sep 24 03:05:03 2010 : Debug: Going to the next request
722. Fri Sep 24 03:05:03 2010 : Debug: Waking up in 4.9 seconds.
723. rad_recv: Access-Request packet from host 2001:db94::2 port 53023, id=4,
724. length=199
725. User-Name = "anonymous"
726. NAS-IPv6-Address = 2001:db4::2
727. NAS-Identifier = "panosAP-TD4"
728. NAS-Port = 1
729. Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
730. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
731. Framed-MTU = 1400
732. NAS-Port-Type = Wireless-802.11
733. Connect-Info = "CONNECT 54Mbps 802.11g"
734. EAP-Message = 0x02c900061500
735. State = 0x99bafb269b73ee4e6a5f6a02067ddfc7
736. Message-Authenticator = 0x4a7a4676a9d48d484e7069d4a3419583
737. Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
738. /usr/local/etc/raddb/sites-enabled/default
739. Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
740. Fri Sep 24 03:05:03 2010 : Info: ++[preprocess] returns ok
741. Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
742. Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
743. Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name =
744. "anonymous", looking up realm NULL
745. Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
746. Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
747. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 201
748. length 6
749. Fri Sep 24 03:05:03 2010 : Info: [eap] Continuing tunnel setup.
750. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns ok
751. Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
752. Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
753. /usr/local/etc/raddb/sites-enabled/default
754. Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
755. Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
756. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP/ttls
757. Fri Sep 24 03:05:03 2010 : Info: [eap] processing type ttls
758. Fri Sep 24 03:05:03 2010 : Info: [ttls] Authenticate
759. Fri Sep 24 03:05:03 2010 : Info: [ttls] processing EAP-TLS
760. Fri Sep 24 03:05:03 2010 : Info: [ttls] Received TLS ACK
761. Fri Sep 24 03:05:03 2010 : Info: [ttls] ACK handshake fragment handler
762. Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_verify returned 1
763. Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_process returned 13
764. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
765. Sending Access-Challenge of id 4 to 2001:db94::2 port 53023
766. EAP-Message =
767. 0x01ca040015c000000b22b54a717c1c4d5a1534f04ae733127ca0a219db95ff2ed758f7dd656faa980983d7f9307d80bee7f974db5c97a18a53c028c43f13575d65598ff0e9418bc46d8bf9985a676bd0a0b8ecdeeb5f74fc978290752eecb7cb26d5b53b06b51cf7cf9ddaac4f5a5186b51ed94ac48cef701891e1430b2a1b97e46e48340954e2aa8e0ec3f8b1e54c0801c5e5553e3ca6b77e355016dc21bbbdcab0be50576aee230f95c466e8a9ef516e4b31ddf601edaba2dc36d0ec0f600c04db09c58dcfe04a9e934d1a9074e83ba83f870bcb0004433082043f30820327a003020102020900e8aa5d45ccde0ebc300d06092a864886f70d010105
768. EAP-Message =
769. 0x05003081b5310b300906035504061302554b3113301106035504080c0a4c616e636173686972653140303e060355040a0c37563654657374626564202d20436f6d707574696e67204465706172746d656e74202d204c616e63617374657220556e69766572736974793128302606035504030c1f43657274696669636174655f417574686f72697479407636746573746265643125302306092a864886f70d010901161670616e6f7340636f6d702e6c616e63732e61632e756b301e170d3130303432333136303235315a170d3230303432303136303235315a3081b5310b300906035504061302554b3113301106035504080c0a4c616e6361736869
770. EAP-Message =
771. 0x72653140303e060355040a0c37563654657374626564202d20436f6d707574696e67204465706172746d656e74202d204c616e63617374657220556e69766572736974793128302606035504030c1f43657274696669636174655f417574686f72697479407636746573746265643125302306092a864886f70d010901161670616e6f7340636f6d702e6c616e63732e61632e756b30820122300d06092a864886f70d01010105000382010f003082010a0282010100d5742265853cfb58e3d8cd30874e23e27bc0877bc78eb20fa83b76b8de968d67d281208c150741a750da0288710eac89b7b8d849664bfcb09ce2025a8b2974f462c3155774ee23
772. EAP-Message =
773. 0x07f5c9bc2a81b4c6d20035d869cb05bf391ff5f562a09d50669b1810ad91a8a06a59d7e411ee9ce6d8355c43c8aee3d25b3e937197f5b37ceeec9e9a987fb8aa14117c8dd7d6f599dd3be47b9db7bb8410e168e71a7512b22e833072ca1a6f2a9bfbb67c0c189d2eeca7a5f044a01909053c335647f28a09cee0bffbd8723b1406fd3fef247f2d100b0af9100a40ce0f770369461fe366294d9a8a84c7c17e0fc6e567b923af73a604c7b7c6773469f3e9e4921459f1b0e1e50203010001a350304e301d0603551d0e04160414849d96ce9dce861838218a5b59371fff875735a0301f0603551d23041830168014849d96ce9dce861838218a5b59371f
774. EAP-Message = 0xff875735a0300c0603551d13
775. Message-Authenticator = 0x00000000000000000000000000000000
776. State = 0x99bafb269a70ee4e6a5f6a02067ddfc7
777. Fri Sep 24 03:05:03 2010 : Info: Finished request 9.
778. Fri Sep 24 03:05:03 2010 : Debug: Going to the next request
779. Fri Sep 24 03:05:03 2010 : Debug: Waking up in 4.9 seconds.
780. rad_recv: Access-Request packet from host 2001:db94::2 port 53023, id=5,
781. length=199
782. User-Name = "anonymous"
783. NAS-IPv6-Address = 2001:db4::2
784. NAS-Identifier = "panosAP-TD4"
785. NAS-Port = 1
786. Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
787. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
788. Framed-MTU = 1400
789. NAS-Port-Type = Wireless-802.11
790. Connect-Info = "CONNECT 54Mbps 802.11g"
791. EAP-Message = 0x02ca00061500
792. State = 0x99bafb269a70ee4e6a5f6a02067ddfc7
793. Message-Authenticator = 0x391c8d60f8ef90c92e7dde8a33cdc327
794. Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
795. /usr/local/etc/raddb/sites-enabled/default
796. Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
797. Fri Sep 24 03:05:03 2010 : Info: ++[preprocess] returns ok
798. Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
799. Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
800. Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name =
801. "anonymous", looking up realm NULL
802. Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
803. Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
804. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 202
805. length 6
806. Fri Sep 24 03:05:03 2010 : Info: [eap] Continuing tunnel setup.
807. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns ok
808. Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
809. Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
810. /usr/local/etc/raddb/sites-enabled/default
811. Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
812. Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
813. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP/ttls
814. Fri Sep 24 03:05:03 2010 : Info: [eap] processing type ttls
815. Fri Sep 24 03:05:03 2010 : Info: [ttls] Authenticate
816. Fri Sep 24 03:05:03 2010 : Info: [ttls] processing EAP-TLS
817. Fri Sep 24 03:05:03 2010 : Info: [ttls] Received TLS ACK
818. Fri Sep 24 03:05:03 2010 : Info: [ttls] ACK handshake fragment handler
819. Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_verify returned 1
820. Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_process returned 13
821. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
822. Sending Access-Challenge of id 5 to 2001:db94::2 port 53023
823. EAP-Message =
824. 0x01cb0340158000000b22040530030101ff300d06092a864886f70d01010505000382010100a6706416cb639e79cd5d5c0376d4ddb46be58ee8d5248e8e6d86caddd81de83a01f43d671760d2086a4e492fc8f5234a557408e20d8e017bee88aacd57826b6722b2045419d0bd420e1b597682971e595a37c43ceb5a9e3461d13f6e4e3a02b3501afe1956456016bd459b24dcebf0a52667ede741be772f3eb8747020aba9c7c078cc473a640ad0c7b7b983d274b6b1c451e9151a85fb8e716e399d293b2dcb6c0fbc4ff8f30d197c252f8050104465acefdfc277a049bba2292a8c0f21793dc843c8f9c835353cc2bd8b4170ea01ace45a61dcf08010d2
825. EAP-Message =
826. 0xd86da3332fdd40d725ec1761e07c6d9e787e8c322b97f49ef3f6bc328c7a9861e08599150724d889160301020d0c0002090080a5c543e970288dbe9bb99a4eee9877d3afba38f8772ca0f8ffa5f78099716977289be3bb1803e30cf5010acaf7e0c37c8289cb2becd012470f81f55f64de937d1b4e5eccf843f5855485d3000605e0bdd9b8011eba710d73c823c96b5a92085cfb46c538d8d4c829a2b98a0d51b7351d84da1e6a77f2c4a9cad9ede08ddc1a6b0001020080085bac714701d0c7523f13b94fe253867fe343b4f894795e614815a0e49944b36b64fde3b02b545c73a70f4882e8067287f64dae5a00348b9a9dfb5b46ff2a013ef8edb6bd
827. EAP-Message =
828. 0x8b04cb591ba98b230e3b8b2d43d0f52c2f439cc96a73ea850d74d1d367c134903a7b014865a1242608ac06a5abc66007767fc3039a68abe0e02646010018776bd6c9ff5bb89381863ab760fdc24cd901326cfe8fd0a5727c8f0e9f01a6276754d764fb5f5e9163cbb446927221798ecdd913a3f3d836966bd16f77feb6c5dea214e2c8e1e32d0ff7b3e50313b3d8c34a383d0053bfbd57657c78579a11f7a6fb279f80c8f664bbb36071ad7c641108bbb6ebf0cbe719471b24bd08dca9f0812ab576bf6f8215e6102dee60ba1c5e28ad4a37cd023a9ceef6fd47981074ded80b1bc3b892a2be66fda8dd7e35dd326ed27489e5cc58a7f6b561dec4c44b
829. EAP-Message =
830. 0x2fb6338654e664af2b8bc66f111a58394c890a6f9b7b10948ea686e856983a594cbf3fc6c1abc802d06d2b1904a310c99a6920df4f477536c68c61fd4390f2bd16030100040e000000
831. Message-Authenticator = 0x00000000000000000000000000000000
832. State = 0x99bafb269d71ee4e6a5f6a02067ddfc7
833. Fri Sep 24 03:05:03 2010 : Info: Finished request 10.
834. Fri Sep 24 03:05:03 2010 : Debug: Going to the next request
835. Fri Sep 24 03:05:03 2010 : Debug: Waking up in 4.9 seconds.
836. rad_recv: Access-Request packet from host 2001:db94::2 port 53023, id=6,
837. length=397
838. User-Name = "anonymous"
839. NAS-IPv6-Address = 2001:db4::2
840. NAS-Identifier = "panosAP-TD4"
841. NAS-Port = 1
842. Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
843. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
844. Framed-MTU = 1400
845. NAS-Port-Type = Wireless-802.11
846. Connect-Info = "CONNECT 54Mbps 802.11g"
847. EAP-Message =
848. 0x02cb00cc15001603010086100000820080a59ed1a177c08a8bf477372d4ccaa2dc914ba09985dde949ae05b52d725b8345c130986dc9a908e9103f41a73e4a1934f60cca114cd5c6f731196f0e239a399857266d427f24336da4a9293dc797c4a38c9b55949960d34b60d0262d7e1ed45de73f2fbf8446f16aa0900da601cd2b25cbe9d17c377814b68b0a2cc3c7cdede41403010001011603010030b52939824439a210d12904c64dd406bdae164f5af0f4fb12b527f0bfe4da40d5e5395c00c344d559fa373310602443a9
849. State = 0x99bafb269d71ee4e6a5f6a02067ddfc7
850. Message-Authenticator = 0xdee49be3b4f823a38c47792bce75d692
851. Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
852. /usr/local/etc/raddb/sites-enabled/default
853. Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
854. Fri Sep 24 03:05:03 2010 : Info: ++[preprocess] returns ok
855. Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
856. Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
857. Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name =
858. "anonymous", looking up realm NULL
859. Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
860. Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
861. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 203
862. length 204
863. Fri Sep 24 03:05:03 2010 : Info: [eap] Continuing tunnel setup.
864. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns ok
865. Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
866. Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
867. /usr/local/etc/raddb/sites-enabled/default
868. Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
869. Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
870. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP/ttls
871. Fri Sep 24 03:05:03 2010 : Info: [eap] processing type ttls
872. Fri Sep 24 03:05:03 2010 : Info: [ttls] Authenticate
873. Fri Sep 24 03:05:03 2010 : Info: [ttls] processing EAP-TLS
874. Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_verify returned 7
875. Fri Sep 24 03:05:03 2010 : Info: [ttls] Done initial handshake
876. Fri Sep 24 03:05:03 2010 : Info: [ttls] <<< TLS 1.0 Handshake [length
877. 0086], ClientKeyExchange
878. Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: SSLv3 read client
879. key exchange A
880. Fri Sep 24 03:05:03 2010 : Info: [ttls] <<< TLS 1.0 ChangeCipherSpec
881. [length 0001]
882. Fri Sep 24 03:05:03 2010 : Info: [ttls] <<< TLS 1.0 Handshake [length
883. 0010], Finished
884. Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: SSLv3 read finished A
885. Fri Sep 24 03:05:03 2010 : Info: [ttls] >>> TLS 1.0 ChangeCipherSpec
886. [length 0001]
887. Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: SSLv3 write change
888. cipher spec A
889. Fri Sep 24 03:05:03 2010 : Info: [ttls] >>> TLS 1.0 Handshake [length
890. 0010], Finished
891. Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: SSLv3 write
892. finished A
893. Fri Sep 24 03:05:03 2010 : Info: [ttls] TLS_accept: SSLv3 flush data
894. Fri Sep 24 03:05:03 2010 : Debug: SSL: adding session
895. 1d6029bbddba233cd443d692b968df093237d9ad982f9ccc8a2defcd3edeb243 to cache
896. Fri Sep 24 03:05:03 2010 : Info: [ttls] (other): SSL negotiation
897. finished successfully
898. Fri Sep 24 03:05:03 2010 : Debug: SSL Connection Established
899. Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_process returned 13
900. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
901. Sending Access-Challenge of id 6 to 2001:db94::2 port 53023
902. EAP-Message =
903. 0x01cc004515800000003b1403010001011603010030bf848bb49cadb5598fbf1f9f5b37b83cf91b47da0ed91fb37798ab7701ba08fc9b0bf3e9822e372604a9471e4ac5f6c1
904. Message-Authenticator = 0x00000000000000000000000000000000
905. State = 0x99bafb269c76ee4e6a5f6a02067ddfc7
906. Fri Sep 24 03:05:03 2010 : Info: Finished request 11.
907. Fri Sep 24 03:05:03 2010 : Debug: Going to the next request
908. Fri Sep 24 03:05:03 2010 : Debug: Waking up in 4.7 seconds.
909. rad_recv: Access-Request packet from host 2001:db94::2 port 53023, id=7,
910. length=289
911. User-Name = "anonymous"
912. NAS-IPv6-Address = 2001:db4::2
913. NAS-Identifier = "panosAP-TD4"
914. NAS-Port = 1
915. Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
916. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
917. Framed-MTU = 1400
918. NAS-Port-Type = Wireless-802.11
919. Connect-Info = "CONNECT 54Mbps 802.11g"
920. EAP-Message =
921. 0x02cc006015001703010020be70de01c0b538ef6b7d71d20fa7a0ea436bc87c636d40660f9daff6d7f64ecc1703010030314617d6eeb610a58d5eaeb178b8b78e7e474b51ab9c5734d7bb4491a9107f240850ad12c9f1bb01d5898ca8b7b58f96
922. State = 0x99bafb269c76ee4e6a5f6a02067ddfc7
923. Message-Authenticator = 0x9007bb4b96bca21108b04bd336325f0e
924. Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
925. /usr/local/etc/raddb/sites-enabled/default
926. Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
927. Fri Sep 24 03:05:03 2010 : Info: ++[preprocess] returns ok
928. Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
929. Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
930. Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name =
931. "anonymous", looking up realm NULL
932. Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
933. Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
934. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 204
935. length 96
936. Fri Sep 24 03:05:03 2010 : Info: [eap] Continuing tunnel setup.
937. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns ok
938. Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
939. Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
940. /usr/local/etc/raddb/sites-enabled/default
941. Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
942. Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
943. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP/ttls
944. Fri Sep 24 03:05:03 2010 : Info: [eap] processing type ttls
945. Fri Sep 24 03:05:03 2010 : Info: [ttls] Authenticate
946. Fri Sep 24 03:05:03 2010 : Info: [ttls] processing EAP-TLS
947. Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_verify returned 7
948. Fri Sep 24 03:05:03 2010 : Info: [ttls] Done initial handshake
949. Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_process returned 7
950. Fri Sep 24 03:05:03 2010 : Info: [ttls] Session established. Proceeding
951. to decode tunneled attributes.
952. Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled request
953. EAP-Message = 0x0200000801626f62
954. FreeRADIUS-Proxied-To = 127.0.0.1
955. Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled identity of bob
956. Fri Sep 24 03:05:03 2010 : Info: [ttls] Setting default EAP type for
957. tunneled EAP session.
958. Fri Sep 24 03:05:03 2010 : Info: [ttls] Sending tunneled request
959. EAP-Message = 0x0200000801626f62
960. FreeRADIUS-Proxied-To = 127.0.0.1
961. User-Name = "bob"
962. server inner-tunnel {
963. Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
964. /usr/local/etc/raddb/sites-enabled/inner-tunnel
965. Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
966. Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
967. Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
968. Fri Sep 24 03:05:03 2010 : Info: ++[unix] returns notfound
969. Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name = "bob",
970. looking up realm NULL
971. Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
972. Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
973. Fri Sep 24 03:05:03 2010 : Info: ++[control] returns noop
974. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 0 length 8
975. Fri Sep 24 03:05:03 2010 : Info: [eap] No EAP Start, assuming it's an
976. on-going EAP conversation
977. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns updated
978. Fri Sep 24 03:05:03 2010 : Info: [files] users: Matched entry bob at line 208
979. Fri Sep 24 03:05:03 2010 : Info: [files] expand: Hello, %{User-Name} ->
980. Hello, bob
981. Fri Sep 24 03:05:03 2010 : Info: ++[files] returns ok
982. Fri Sep 24 03:05:03 2010 : Info: ++[expiration] returns noop
983. Fri Sep 24 03:05:03 2010 : Info: ++[logintime] returns noop
984. Fri Sep 24 03:05:03 2010 : Info: [pap] WARNING: Auth-Type already set.
985. Not setting to PAP
986. Fri Sep 24 03:05:03 2010 : Info: ++[pap] returns noop
987. Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
988. Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
989. /usr/local/etc/raddb/sites-enabled/inner-tunnel
990. Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
991. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP Identity
992. Fri Sep 24 03:05:03 2010 : Info: [eap] processing type md5
993. Fri Sep 24 03:05:03 2010 : Debug: rlm_eap_md5: Issuing Challenge
994. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
995. } # server inner-tunnel
996. Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled reply code 11
997. Reply-Message = "Hello, bob"
998. EAP-Message = 0x010100160410580580cf130e9f4af4245cb49a0b4b15
999. Message-Authenticator = 0x00000000000000000000000000000000
1000. State = 0x016417860165132d66d2ec2917b35457
1001. Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled Access-Challenge
1002. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
1003. Sending Access-Challenge of id 7 to 2001:db94::2 port 53023
1004. EAP-Message =
1005. 0x01cd005f158000000055170301005073ef01144acbe69aa347b9d4c2ad4fe9f4c186765e48ac7dc7e611ef7b9306b561508253722e4185e71dcf2119ed7936cd20d76d3aba32fa54b2a34b515268489dd9b09a3c2445851afe58359777348c
1006. Message-Authenticator = 0x00000000000000000000000000000000
1007. State = 0x99bafb269f77ee4e6a5f6a02067ddfc7
1008. Fri Sep 24 03:05:03 2010 : Info: Finished request 12.
1009. Fri Sep 24 03:05:03 2010 : Debug: Going to the next request
1010. Fri Sep 24 03:05:03 2010 : Debug: Waking up in 4.7 seconds.
1011. rad_recv: Access-Request packet from host 2001:db94::2 port 53023, id=8,
1012. length=289
1013. User-Name = "anonymous"
1014. NAS-IPv6-Address = 2001:db4::2
1015. NAS-Identifier = "panosAP-TD4"
1016. NAS-Port = 1
1017. Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
1018. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
1019. Framed-MTU = 1400
1020. NAS-Port-Type = Wireless-802.11
1021. Connect-Info = "CONNECT 54Mbps 802.11g"
1022. EAP-Message =
1023. 0x02cd0060150017030100204914b182e06f5efa93940b0f609938323cc272cae90bf47efa588b7645789e5317030100307cddfec6d350c88a0b822038615c9fa2fa05a8e18cd3d9f65836ce604ec611ea563620964d290200f091e1242c7548e8
1024. State = 0x99bafb269f77ee4e6a5f6a02067ddfc7
1025. Message-Authenticator = 0x2d8e85c0cbc64e9f9dc952bb33b139ec
1026. Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
1027. /usr/local/etc/raddb/sites-enabled/default
1028. Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
1029. Fri Sep 24 03:05:03 2010 : Info: ++[preprocess] returns ok
1030. Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
1031. Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
1032. Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name =
1033. "anonymous", looking up realm NULL
1034. Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
1035. Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
1036. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 205
1037. length 96
1038. Fri Sep 24 03:05:03 2010 : Info: [eap] Continuing tunnel setup.
1039. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns ok
1040. Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
1041. Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
1042. /usr/local/etc/raddb/sites-enabled/default
1043. Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
1044. Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
1045. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP/ttls
1046. Fri Sep 24 03:05:03 2010 : Info: [eap] processing type ttls
1047. Fri Sep 24 03:05:03 2010 : Info: [ttls] Authenticate
1048. Fri Sep 24 03:05:03 2010 : Info: [ttls] processing EAP-TLS
1049. Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_verify returned 7
1050. Fri Sep 24 03:05:03 2010 : Info: [ttls] Done initial handshake
1051. Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_process returned 7
1052. Fri Sep 24 03:05:03 2010 : Info: [ttls] Session established. Proceeding
1053. to decode tunneled attributes.
1054. Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled request
1055. EAP-Message = 0x02010006031a
1056. FreeRADIUS-Proxied-To = 127.0.0.1
1057. Fri Sep 24 03:05:03 2010 : Info: [ttls] Sending tunneled request
1058. EAP-Message = 0x02010006031a
1059. FreeRADIUS-Proxied-To = 127.0.0.1
1060. User-Name = "bob"
1061. State = 0x016417860165132d66d2ec2917b35457
1062. server inner-tunnel {
1063. Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
1064. /usr/local/etc/raddb/sites-enabled/inner-tunnel
1065. Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
1066. Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
1067. Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
1068. Fri Sep 24 03:05:03 2010 : Info: ++[unix] returns notfound
1069. Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name = "bob",
1070. looking up realm NULL
1071. Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
1072. Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
1073. Fri Sep 24 03:05:03 2010 : Info: ++[control] returns noop
1074. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 1 length 6
1075. Fri Sep 24 03:05:03 2010 : Info: [eap] No EAP Start, assuming it's an
1076. on-going EAP conversation
1077. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns updated
1078. Fri Sep 24 03:05:03 2010 : Info: [files] users: Matched entry bob at line 208
1079. Fri Sep 24 03:05:03 2010 : Info: [files] expand: Hello, %{User-Name} ->
1080. Hello, bob
1081. Fri Sep 24 03:05:03 2010 : Info: ++[files] returns ok
1082. Fri Sep 24 03:05:03 2010 : Info: ++[expiration] returns noop
1083. Fri Sep 24 03:05:03 2010 : Info: ++[logintime] returns noop
1084. Fri Sep 24 03:05:03 2010 : Info: [pap] WARNING: Auth-Type already set.
1085. Not setting to PAP
1086. Fri Sep 24 03:05:03 2010 : Info: ++[pap] returns noop
1087. Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
1088. Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
1089. /usr/local/etc/raddb/sites-enabled/inner-tunnel
1090. Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
1091. Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
1092. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP NAK
1093. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP-NAK asked for EAP-Type/mschapv2
1094. Fri Sep 24 03:05:03 2010 : Info: [eap] processing type mschapv2
1095. Fri Sep 24 03:05:03 2010 : Debug: rlm_eap_mschapv2: Issuing Challenge
1096. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
1097. } # server inner-tunnel
1098. Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled reply code 11
1099. Reply-Message = "Hello, bob"
1100. EAP-Message = 0x0102001d1a0102001810d692a2ee05e87393a727b2b73f047a54626f62
1101. Message-Authenticator = 0x00000000000000000000000000000000
1102. State = 0x0164178600660d2d66d2ec2917b35457
1103. Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled Access-Challenge
1104. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
1105. Sending Access-Challenge of id 8 to 2001:db94::2 port 53023
1106. EAP-Message =
1107. 0x01ce004f1580000000451703010040799ae6221491ecc092ae92cc7031bc7931adfc645ab832e9244d190fc4d1bcc55570d97d76048dc842df6c0fdbac63564b3106146776a22cf431679cf0948761
1108. Message-Authenticator = 0x00000000000000000000000000000000
1109. State = 0x99bafb269e74ee4e6a5f6a02067ddfc7
1110. Fri Sep 24 03:05:03 2010 : Info: Finished request 13.
1111. Fri Sep 24 03:05:03 2010 : Debug: Going to the next request
1112. Fri Sep 24 03:05:03 2010 : Debug: Waking up in 4.7 seconds.
1113. rad_recv: Access-Request packet from host 2001:db94::2 port 53023, id=9,
1114. length=337
1115. User-Name = "anonymous"
1116. NAS-IPv6-Address = 2001:db4::2
1117. NAS-Identifier = "panosAP-TD4"
1118. NAS-Port = 1
1119. Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
1120. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
1121. Framed-MTU = 1400
1122. NAS-Port-Type = Wireless-802.11
1123. Connect-Info = "CONNECT 54Mbps 802.11g"
1124. EAP-Message =
1125. 0x02ce00901500170301002081ef17eaa35f86f20388449f822e0b64c0d8d50d16cf8c54c75c50774acbdac0170301006011f1ced1cc2318be21659c7630edc9611b89349e894c8cb425f6a87c85fc1f24c8be6f9b36fcc405ac2471e9bcb531b13c3ac2ebe8c358241ec9460d7d50a1ecc3d89aa5f3175eded4c6c2183efec5cf4aa85babe7848c7b8820047a258ce41c
1126. State = 0x99bafb269e74ee4e6a5f6a02067ddfc7
1127. Message-Authenticator = 0xdb5e4e4007c93b2e35761a7c57d498e8
1128. Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
1129. /usr/local/etc/raddb/sites-enabled/default
1130. Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
1131. Fri Sep 24 03:05:03 2010 : Info: ++[preprocess] returns ok
1132. Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
1133. Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
1134. Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name =
1135. "anonymous", looking up realm NULL
1136. Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
1137. Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
1138. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 206
1139. length 144
1140. Fri Sep 24 03:05:03 2010 : Info: [eap] Continuing tunnel setup.
1141. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns ok
1142. Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
1143. Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
1144. /usr/local/etc/raddb/sites-enabled/default
1145. Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
1146. Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
1147. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP/ttls
1148. Fri Sep 24 03:05:03 2010 : Info: [eap] processing type ttls
1149. Fri Sep 24 03:05:03 2010 : Info: [ttls] Authenticate
1150. Fri Sep 24 03:05:03 2010 : Info: [ttls] processing EAP-TLS
1151. Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_verify returned 7
1152. Fri Sep 24 03:05:03 2010 : Info: [ttls] Done initial handshake
1153. Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_process returned 7
1154. Fri Sep 24 03:05:03 2010 : Info: [ttls] Session established. Proceeding
1155. to decode tunneled attributes.
1156. Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled request
1157. EAP-Message =
1158. 0x0202003e1a02020039314b9d0bcb927fd60b15fdc2555060356500000000000000002702cd6a2d5ddc8564a53bb36a1a16650b716636eba5de9600626f62
1159. FreeRADIUS-Proxied-To = 127.0.0.1
1160. Fri Sep 24 03:05:03 2010 : Info: [ttls] Sending tunneled request
1161. EAP-Message =
1162. 0x0202003e1a02020039314b9d0bcb927fd60b15fdc2555060356500000000000000002702cd6a2d5ddc8564a53bb36a1a16650b716636eba5de9600626f62
1163. FreeRADIUS-Proxied-To = 127.0.0.1
1164. User-Name = "bob"
1165. State = 0x0164178600660d2d66d2ec2917b35457
1166. server inner-tunnel {
1167. Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
1168. /usr/local/etc/raddb/sites-enabled/inner-tunnel
1169. Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
1170. Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
1171. Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
1172. Fri Sep 24 03:05:03 2010 : Info: ++[unix] returns notfound
1173. Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name = "bob",
1174. looking up realm NULL
1175. Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
1176. Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
1177. Fri Sep 24 03:05:03 2010 : Info: ++[control] returns noop
1178. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 2
1179. length 62
1180. Fri Sep 24 03:05:03 2010 : Info: [eap] No EAP Start, assuming it's an
1181. on-going EAP conversation
1182. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns updated
1183. Fri Sep 24 03:05:03 2010 : Info: [files] users: Matched entry bob at line 208
1184. Fri Sep 24 03:05:03 2010 : Info: [files] expand: Hello, %{User-Name} ->
1185. Hello, bob
1186. Fri Sep 24 03:05:03 2010 : Info: ++[files] returns ok
1187. Fri Sep 24 03:05:03 2010 : Info: ++[expiration] returns noop
1188. Fri Sep 24 03:05:03 2010 : Info: ++[logintime] returns noop
1189. Fri Sep 24 03:05:03 2010 : Info: [pap] WARNING: Auth-Type already set.
1190. Not setting to PAP
1191. Fri Sep 24 03:05:03 2010 : Info: ++[pap] returns noop
1192. Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
1193. Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
1194. /usr/local/etc/raddb/sites-enabled/inner-tunnel
1195. Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
1196. Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
1197. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP/mschapv2
1198. Fri Sep 24 03:05:03 2010 : Info: [eap] processing type mschapv2
1199. Fri Sep 24 03:05:03 2010 : Info: [mschapv2] # Executing group from file
1200. /usr/local/etc/raddb/sites-enabled/inner-tunnel
1201. Fri Sep 24 03:05:03 2010 : Info: [mschapv2] +- entering group MS-CHAP {...}
1202. Fri Sep 24 03:05:03 2010 : Info: [mschap] Creating challenge hash with
1203. username: bob
1204. Fri Sep 24 03:05:03 2010 : Info: [mschap] Told to do MS-CHAPv2 for bob
1205. with NT-Password
1206. Fri Sep 24 03:05:03 2010 : Info: [mschap] adding MS-CHAPv2 MPPE keys
1207. Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns ok
1208. Fri Sep 24 03:05:03 2010 : Debug: MSCHAP Success
1209. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
1210. } # server inner-tunnel
1211. Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled reply code 11
1212. Reply-Message = "Hello, bob"
1213. EAP-Message =
1214. 0x010300331a0302002e533d39344246334136303833464235334639423241353046303138353635433346384233303735334443
1215. Message-Authenticator = 0x00000000000000000000000000000000
1216. State = 0x0164178603670d2d66d2ec2917b35457
1217. Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled Access-Challenge
1218. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns handled
1219. Sending Access-Challenge of id 9 to 2001:db94::2 port 53023
1220. EAP-Message =
1221. 0x01cf006f158000000065170301006045212d159c98d1f9eba9d87045a131f0fadcfbaf548839ccfe081efc4811a9d14d1ca2aa2cdc120538933193cdd136e40e7e360e7850790de27275d84ceafc19e2022eaf46e38f0ce92798ea388a4e3f9ee3223092330737f900bf92069381a6
1222. Message-Authenticator = 0x00000000000000000000000000000000
1223. State = 0x99bafb269175ee4e6a5f6a02067ddfc7
1224. Fri Sep 24 03:05:03 2010 : Info: Finished request 14.
1225. Fri Sep 24 03:05:03 2010 : Debug: Going to the next request
1226. Fri Sep 24 03:05:03 2010 : Debug: Waking up in 4.6 seconds.
1227. rad_recv: Access-Request packet from host 2001:db94::2 port 53023, id=10,
1228. length=289
1229. User-Name = "anonymous"
1230. NAS-IPv6-Address = 2001:db4::2
1231. NAS-Identifier = "panosAP-TD4"
1232. NAS-Port = 1
1233. Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
1234. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
1235. Framed-MTU = 1400
1236. NAS-Port-Type = Wireless-802.11
1237. Connect-Info = "CONNECT 54Mbps 802.11g"
1238. EAP-Message =
1239. 0x02cf0060150017030100209b9d0e23daea35b09b217bec4add24dbdd7f55e8e51ee1b46de2c10498a64eea17030100309f27e2a6d625397b6ca48fde6a56dd9db44f33f7a1a2f4a433aca8f711d608b349baa4e626a7b684d127fa727cf23d61
1240. State = 0x99bafb269175ee4e6a5f6a02067ddfc7
1241. Message-Authenticator = 0x42f626a6fd132e932dc5c0dda8f24874
1242. Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
1243. /usr/local/etc/raddb/sites-enabled/default
1244. Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
1245. Fri Sep 24 03:05:03 2010 : Info: ++[preprocess] returns ok
1246. Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
1247. Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
1248. Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name =
1249. "anonymous", looking up realm NULL
1250. Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
1251. Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
1252. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 207
1253. length 96
1254. Fri Sep 24 03:05:03 2010 : Info: [eap] Continuing tunnel setup.
1255. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns ok
1256. Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
1257. Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
1258. /usr/local/etc/raddb/sites-enabled/default
1259. Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
1260. Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
1261. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP/ttls
1262. Fri Sep 24 03:05:03 2010 : Info: [eap] processing type ttls
1263. Fri Sep 24 03:05:03 2010 : Info: [ttls] Authenticate
1264. Fri Sep 24 03:05:03 2010 : Info: [ttls] processing EAP-TLS
1265. Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_verify returned 7
1266. Fri Sep 24 03:05:03 2010 : Info: [ttls] Done initial handshake
1267. Fri Sep 24 03:05:03 2010 : Info: [ttls] eaptls_process returned 7
1268. Fri Sep 24 03:05:03 2010 : Info: [ttls] Session established. Proceeding
1269. to decode tunneled attributes.
1270. Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled request
1271. EAP-Message = 0x020300061a03
1272. FreeRADIUS-Proxied-To = 127.0.0.1
1273. Fri Sep 24 03:05:03 2010 : Info: [ttls] Sending tunneled request
1274. EAP-Message = 0x020300061a03
1275. FreeRADIUS-Proxied-To = 127.0.0.1
1276. User-Name = "bob"
1277. State = 0x0164178603670d2d66d2ec2917b35457
1278. server inner-tunnel {
1279. Fri Sep 24 03:05:03 2010 : Info: # Executing section authorize from file
1280. /usr/local/etc/raddb/sites-enabled/inner-tunnel
1281. Fri Sep 24 03:05:03 2010 : Info: +- entering group authorize {...}
1282. Fri Sep 24 03:05:03 2010 : Info: ++[chap] returns noop
1283. Fri Sep 24 03:05:03 2010 : Info: ++[mschap] returns noop
1284. Fri Sep 24 03:05:03 2010 : Info: ++[unix] returns notfound
1285. Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name = "bob",
1286. looking up realm NULL
1287. Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
1288. Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
1289. Fri Sep 24 03:05:03 2010 : Info: ++[control] returns noop
1290. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP packet type response id 3 length 6
1291. Fri Sep 24 03:05:03 2010 : Info: [eap] No EAP Start, assuming it's an
1292. on-going EAP conversation
1293. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns updated
1294. Fri Sep 24 03:05:03 2010 : Info: [files] users: Matched entry bob at line 208
1295. Fri Sep 24 03:05:03 2010 : Info: [files] expand: Hello, %{User-Name} ->
1296. Hello, bob
1297. Fri Sep 24 03:05:03 2010 : Info: ++[files] returns ok
1298. Fri Sep 24 03:05:03 2010 : Info: ++[expiration] returns noop
1299. Fri Sep 24 03:05:03 2010 : Info: ++[logintime] returns noop
1300. Fri Sep 24 03:05:03 2010 : Info: [pap] WARNING: Auth-Type already set.
1301. Not setting to PAP
1302. Fri Sep 24 03:05:03 2010 : Info: ++[pap] returns noop
1303. Fri Sep 24 03:05:03 2010 : Info: Found Auth-Type = EAP
1304. Fri Sep 24 03:05:03 2010 : Info: # Executing group from file
1305. /usr/local/etc/raddb/sites-enabled/inner-tunnel
1306. Fri Sep 24 03:05:03 2010 : Info: +- entering group authenticate {...}
1307. Fri Sep 24 03:05:03 2010 : Info: [eap] Request found, released from the list
1308. Fri Sep 24 03:05:03 2010 : Info: [eap] EAP/mschapv2
1309. Fri Sep 24 03:05:03 2010 : Info: [eap] processing type mschapv2
1310. Fri Sep 24 03:05:03 2010 : Info: [eap] Freeing handler
1311. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns ok
1312. Fri Sep 24 03:05:03 2010 : Info: WARNING: Empty post-auth section.
1313. Using default return values.
1314. Fri Sep 24 03:05:03 2010 : Info: # Executing section post-auth from file
1315. /usr/local/etc/raddb/sites-enabled/inner-tunnel
1316. } # server inner-tunnel
1317. Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled reply code 2
1318. Reply-Message = "Hello, bob"
1319. MS-MPPE-Encryption-Policy = 0x00000001
1320. MS-MPPE-Encryption-Types = 0x00000006
1321. MS-MPPE-Send-Key = 0x0e862e8c86b378eefa940cf437a147f8
1322. MS-MPPE-Recv-Key = 0xd701a18f6107c06a01b07b6dd677f587
1323. EAP-Message = 0x03030004
1324. Message-Authenticator = 0x00000000000000000000000000000000
1325. User-Name = "bob"
1326. Fri Sep 24 03:05:03 2010 : Info: [ttls] Got tunneled Access-Accept
1327. Fri Sep 24 03:05:03 2010 : Info: [ttls] Saving response in the cache
1328. Fri Sep 24 03:05:03 2010 : Info: [ttls] WARNING: No information to cache:
1329. session caching will be disabled for this session.
1330. Fri Sep 24 03:05:03 2010 : Debug: SSL: Removing session
1331. 1d6029bbddba233cd443d692b968df093237d9ad982f9ccc8a2defcd3edeb243 from the
1332. cache
1333. Fri Sep 24 03:05:03 2010 : Info: [eap] Freeing handler
1334. Fri Sep 24 03:05:03 2010 : Debug: rlm_eap_ttls: Freeing handler for user bob
1335. Fri Sep 24 03:05:03 2010 : Info: ++[eap] returns ok
1336. Fri Sep 24 03:05:03 2010 : Info: # Executing section post-auth from file
1337. /usr/local/etc/raddb/sites-enabled/default
1338. Fri Sep 24 03:05:03 2010 : Info: +- entering group post-auth {...}
1339. Fri Sep 24 03:05:03 2010 : Info: ++[exec] returns noop
1340. Sending Access-Accept of id 10 to 2001:db94::2 port 53023
1341. MS-MPPE-Recv-Key =
1342. 0x91d4566a07156dbc9e88b2dd3878690cbe92fb778530b8e6cca79ae845842549
1343. MS-MPPE-Send-Key =
1344. 0xaf3fec324ed40a8f780737deab4f661c44b3ca9ddb992cc1e45168cae3289798
1345. EAP-Message = 0x03cf0004
1346. Message-Authenticator = 0x00000000000000000000000000000000
1347. User-Name = "anonymous"
1348. Fri Sep 24 03:05:03 2010 : Info: Finished request 15.
1349. Fri Sep 24 03:05:03 2010 : Debug: Going to the next request
1350. Fri Sep 24 03:05:03 2010 : Debug: Waking up in 4.6 seconds.
1351. rad_recv: Accounting-Request packet from host 2001:db94::2 port 37825,
1352. id=11, length=180
1353. Acct-Session-Id = "4C9C079A-00000000"
1354. Acct-Status-Type = Start
1355. Acct-Authentic = RADIUS
1356. User-Name = "anonymous"
1357. NAS-IPv6-Address = 2001:db4::2
1358. NAS-Identifier = "panosAP-TD4"
1359. NAS-Port = 1
1360. Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
1361. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
1362. NAS-Port-Type = Wireless-802.11
1363. Connect-Info = "CONNECT 54Mbps 802.11g"
1364. Fri Sep 24 03:05:03 2010 : Info: # Executing section preacct from file
1365. /usr/local/etc/raddb/sites-enabled/default
1366. Fri Sep 24 03:05:03 2010 : Info: +- entering group preacct {...}
1367. Fri Sep 24 03:05:03 2010 : Info: ++[preprocess] returns ok
1368. Fri Sep 24 03:05:03 2010 : Info: [acct_unique] WARNING: Attribute
1369. Client-IP-Address was not found in request, unique ID MAY be inconsistent
1370. Fri Sep 24 03:05:03 2010 : Info: [acct_unique] WARNING: Attribute
1371. NAS-IP-Address was not found in request, unique ID MAY be inconsistent
1372. Fri Sep 24 03:05:03 2010 : Info: [acct_unique] Hashing 'NAS-Port =
1373. 1,,,Acct-Session-Id = "4C9C079A-00000000",User-Name = "anonymous"'
1374. Fri Sep 24 03:05:03 2010 : Info: [acct_unique] Acct-Unique-Session-ID =
1375. "2078f7bf6576f50c".
1376. Fri Sep 24 03:05:03 2010 : Info: ++[acct_unique] returns ok
1377. Fri Sep 24 03:05:03 2010 : Info: [suffix] No '@' in User-Name =
1378. "anonymous", looking up realm NULL
1379. Fri Sep 24 03:05:03 2010 : Info: [suffix] No such realm "NULL"
1380. Fri Sep 24 03:05:03 2010 : Info: ++[suffix] returns noop
1381. Fri Sep 24 03:05:03 2010 : Info: ++[files] returns noop
1382. Fri Sep 24 03:05:03 2010 : Info: # Executing section accounting from file
1383. /usr/local/etc/raddb/sites-enabled/default
1384. Fri Sep 24 03:05:03 2010 : Info: +- entering group accounting {...}
1385. Fri Sep 24 03:05:03 2010 : Info: [detail] expand:
1386. /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d ->
1387. /usr/local/var/log/radius/radacct//detail-20100924
1388. Fri Sep 24 03:05:03 2010 : Info: [detail]
1389. /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
1390. expands to /usr/local/var/log/radius/radacct//detail-20100924
1391. Fri Sep 24 03:05:03 2010 : Info: [detail] expand: %t -> Fri Sep 24
1392. 03:05:03 2010
1393. Fri Sep 24 03:05:03 2010 : Info: ++[detail] returns ok
1394. Fri Sep 24 03:05:03 2010 : Info: [unix] IPv6 is not supported!
1395. Fri Sep 24 03:05:03 2010 : Info: ++[unix] returns noop
1396. Fri Sep 24 03:05:03 2010 : Debug: rlm_radutmp: IPv6 not supported!
1397. Fri Sep 24 03:05:03 2010 : Info: ++[radutmp] returns noop
1398. Fri Sep 24 03:05:03 2010 : Info: [attr_filter.accounting_response]
1399. expand: %{User-Name} -> anonymous
1400. Fri Sep 24 03:05:03 2010 : Debug: attr_filter: Matched entry DEFAULT at
1401. line 12
1402. Fri Sep 24 03:05:03 2010 : Info: ++[attr_filter.accounting_response]
1403. returns updated
1404. Sending Accounting-Response of id 11 to 2001:db94::2 port 37825
1405. Fri Sep 24 03:05:03 2010 : Info: Finished request 16.
1406. Fri Sep 24 03:05:03 2010 : Info: Cleaning up request 16 ID 11 with
1407. timestamp +113
1408. Fri Sep 24 03:05:03 2010 : Debug: Going to the next request
1409. Fri Sep 24 03:05:03 2010 : Debug: Waking up in 4.5 seconds.
1410. Fri Sep 24 03:05:08 2010 : Info: Cleaning up request 6 ID 1 with timestamp
1411. +113
1412. Fri Sep 24 03:05:08 2010 : Info: Cleaning up request 7 ID 2 with timestamp
1413. +113
1414. Fri Sep 24 03:05:08 2010 : Info: Cleaning up request 8 ID 3 with timestamp
1415. +113
1416. Fri Sep 24 03:05:08 2010 : Info: Cleaning up request 9 ID 4 with timestamp
1417. +113
1418. Fri Sep 24 03:05:08 2010 : Info: Cleaning up request 10 ID 5 with
1419. timestamp +113
1420. Fri Sep 24 03:05:08 2010 : Debug: Waking up in 0.1 seconds.
1421. Fri Sep 24 03:05:08 2010 : Info: Cleaning up request 11 ID 6 with
1422. timestamp +113
1423. Fri Sep 24 03:05:08 2010 : Info: Cleaning up request 12 ID 7 with
1424. timestamp +113
1425. Fri Sep 24 03:05:08 2010 : Info: Cleaning up request 13 ID 8 with
1426. timestamp +113
1427. Fri Sep 24 03:05:08 2010 : Info: Cleaning up request 14 ID 9 with
1428. timestamp +113
1429. Fri Sep 24 03:05:08 2010 : Info: Cleaning up request 15 ID 10 with
1430. timestamp +113
1431. Fri Sep 24 03:05:08 2010 : Info: Ready to process requests.
1432. rad_recv: Accounting-Request packet from host 2001:db94::2 port 37825,
1433. id=12, length=222
1434. Acct-Session-Id = "4C9C079A-00000000"
1435. Acct-Status-Type = Stop
1436. Acct-Authentic = RADIUS
1437. User-Name = "anonymous"
1438. NAS-IPv6-Address = 2001:db4::2
1439. NAS-Identifier = "panosAP-TD4"
1440. NAS-Port = 1
1441. Called-Station-Id = "00-1B-2F-2C-AE-45:panos_secure"
1442. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
1443. NAS-Port-Type = Wireless-802.11
1444. Connect-Info = "CONNECT 54Mbps 802.11g"
1445. Acct-Session-Time = 108
1446. Acct-Input-Packets = 30
1447. Acct-Output-Packets = 15
1448. Acct-Input-Octets = 4210
1449. Acct-Output-Octets = 4298
1450. Event-Timestamp = "Sep 24 2010 03:09:32 BST"
1451. Acct-Terminate-Cause = User-Request
1452. Fri Sep 24 03:06:51 2010 : Info: # Executing section preacct from file
1453. /usr/local/etc/raddb/sites-enabled/default
1454. Fri Sep 24 03:06:51 2010 : Info: +- entering group preacct {...}
1455. Fri Sep 24 03:06:51 2010 : Info: ++[preprocess] returns ok
1456. Fri Sep 24 03:06:51 2010 : Info: [acct_unique] WARNING: Attribute
1457. Client-IP-Address was not found in request, unique ID MAY be inconsistent
1458. Fri Sep 24 03:06:51 2010 : Info: [acct_unique] WARNING: Attribute
1459. NAS-IP-Address was not found in request, unique ID MAY be inconsistent
1460. Fri Sep 24 03:06:51 2010 : Info: [acct_unique] Hashing 'NAS-Port =
1461. 1,,,Acct-Session-Id = "4C9C079A-00000000",User-Name = "anonymous"'
1462. Fri Sep 24 03:06:51 2010 : Info: [acct_unique] Acct-Unique-Session-ID =
1463. "2078f7bf6576f50c".
1464. Fri Sep 24 03:06:51 2010 : Info: ++[acct_unique] returns ok
1465. Fri Sep 24 03:06:51 2010 : Info: [suffix] No '@' in User-Name =
1466. "anonymous", looking up realm NULL
1467. Fri Sep 24 03:06:51 2010 : Info: [suffix] No such realm "NULL"
1468. Fri Sep 24 03:06:51 2010 : Info: ++[suffix] returns noop
1469. Fri Sep 24 03:06:51 2010 : Info: ++[files] returns noop
1470. Fri Sep 24 03:06:51 2010 : Info: # Executing section accounting from file
1471. /usr/local/etc/raddb/sites-enabled/default
1472. Fri Sep 24 03:06:51 2010 : Info: +- entering group accounting {...}
1473. Fri Sep 24 03:06:51 2010 : Info: [detail] expand:
1474. /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d ->
1475. /usr/local/var/log/radius/radacct//detail-20100924
1476. Fri Sep 24 03:06:51 2010 : Info: [detail]
1477. /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
1478. expands to /usr/local/var/log/radius/radacct//detail-20100924
1479. Fri Sep 24 03:06:51 2010 : Info: [detail] expand: %t -> Fri Sep 24
1480. 03:06:51 2010
1481. Fri Sep 24 03:06:51 2010 : Info: ++[detail] returns ok
1482. Fri Sep 24 03:06:51 2010 : Info: [unix] IPv6 is not supported!
1483. Fri Sep 24 03:06:51 2010 : Info: ++[unix] returns noop
1484. Fri Sep 24 03:06:51 2010 : Debug: rlm_radutmp: IPv6 not supported!
1485. Fri Sep 24 03:06:51 2010 : Info: ++[radutmp] returns noop
1486. Fri Sep 24 03:06:51 2010 : Info: [attr_filter.accounting_response]
1487. expand: %{User-Name} -> anonymous
1488. Fri Sep 24 03:06:51 2010 : Debug: attr_filter: Matched entry DEFAULT at
1489. line 12
1490. Fri Sep 24 03:06:51 2010 : Info: ++[attr_filter.accounting_response]
1491. returns updated
1492. Sending Accounting-Response of id 12 to 2001:db94::2 port 37825
1493. Fri Sep 24 03:06:51 2010 : Info: Finished request 17.
1494. Fri Sep 24 03:06:51 2010 : Info: Cleaning up request 17 ID 12 with
1495. timestamp +221
1496. Fri Sep 24 03:06:51 2010 : Debug: Going to the next request
1497. Fri Sep 24 03:06:51 2010 : Info: Ready to process requests.
1498. rad_recv: Access-Request packet from host 2001:db93::2 port 49667, id=1,
1499. length=190
1500. User-Name = "anonymous"
1501. NAS-IPv6-Address = 2001:db93::2
1502. NAS-Identifier = "panosAP-MR2"
1503. NAS-Port = 1
1504. Called-Station-Id = "00-1C-F0-9D-22-FF:panos_secure2"
1505. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
1506. Framed-MTU = 1400
1507. NAS-Port-Type = Wireless-802.11
1508. Connect-Info = "CONNECT 54Mbps 802.11g"
1509. EAP-Message = 0x02c6000e01616e6f6e796d6f7573
1510. Message-Authenticator = 0x476da40ad82a4621fc9f70edc29b270e
1511. Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
1512. /usr/local/etc/raddb/sites-enabled/default
1513. Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
1514. Fri Sep 24 03:06:55 2010 : Info: ++[preprocess] returns ok
1515. Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
1516. Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
1517. Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name =
1518. "anonymous", looking up realm NULL
1519. Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
1520. Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
1521. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 198
1522. length 14
1523. Fri Sep 24 03:06:55 2010 : Info: [eap] No EAP Start, assuming it's an
1524. on-going EAP conversation
1525. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns updated
1526. Fri Sep 24 03:06:55 2010 : Info: ++[unix] returns notfound
1527. Fri Sep 24 03:06:55 2010 : Info: ++[files] returns noop
1528. Fri Sep 24 03:06:55 2010 : Info: ++[expiration] returns noop
1529. Fri Sep 24 03:06:55 2010 : Info: ++[logintime] returns noop
1530. Fri Sep 24 03:06:55 2010 : Info: [pap] WARNING! No "known good" password
1531. found for the user. Authentication may fail because of this.
1532. Fri Sep 24 03:06:55 2010 : Info: ++[pap] returns noop
1533. Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
1534. Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
1535. /usr/local/etc/raddb/sites-enabled/default
1536. Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
1537. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP Identity
1538. Fri Sep 24 03:06:55 2010 : Info: [eap] processing type md5
1539. Fri Sep 24 03:06:55 2010 : Debug: rlm_eap_md5: Issuing Challenge
1540. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
1541. Sending Access-Challenge of id 1 to 2001:db93::2 port 49667
1542. EAP-Message = 0x01c7001604106a92fd4cb65176b4ffe56008ab18f454
1543. Message-Authenticator = 0x00000000000000000000000000000000
1544. State = 0xaff1e84caf36ecb5bb2c56933c8275f3
1545. Fri Sep 24 03:06:55 2010 : Info: Finished request 18.
1546. Fri Sep 24 03:06:55 2010 : Debug: Going to the next request
1547. Fri Sep 24 03:06:55 2010 : Debug: Waking up in 4.9 seconds.
1548. rad_recv: Access-Request packet from host 2001:db93::2 port 49667, id=2,
1549. length=200
1550. User-Name = "anonymous"
1551. NAS-IPv6-Address = 2001:db93::2
1552. NAS-Identifier = "panosAP-MR2"
1553. NAS-Port = 1
1554. Called-Station-Id = "00-1C-F0-9D-22-FF:panos_secure2"
1555. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
1556. Framed-MTU = 1400
1557. NAS-Port-Type = Wireless-802.11
1558. Connect-Info = "CONNECT 54Mbps 802.11g"
1559. EAP-Message = 0x02c700060315
1560. State = 0xaff1e84caf36ecb5bb2c56933c8275f3
1561. Message-Authenticator = 0x517088e29bb4bec052c925ac831105c7
1562. Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
1563. /usr/local/etc/raddb/sites-enabled/default
1564. Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
1565. Fri Sep 24 03:06:55 2010 : Info: ++[preprocess] returns ok
1566. Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
1567. Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
1568. Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name =
1569. "anonymous", looking up realm NULL
1570. Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
1571. Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
1572. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 199
1573. length 6
1574. Fri Sep 24 03:06:55 2010 : Info: [eap] No EAP Start, assuming it's an
1575. on-going EAP conversation
1576. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns updated
1577. Fri Sep 24 03:06:55 2010 : Info: ++[unix] returns notfound
1578. Fri Sep 24 03:06:55 2010 : Info: ++[files] returns noop
1579. Fri Sep 24 03:06:55 2010 : Info: ++[expiration] returns noop
1580. Fri Sep 24 03:06:55 2010 : Info: ++[logintime] returns noop
1581. Fri Sep 24 03:06:55 2010 : Info: [pap] WARNING! No "known good" password
1582. found for the user. Authentication may fail because of this.
1583. Fri Sep 24 03:06:55 2010 : Info: ++[pap] returns noop
1584. Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
1585. Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
1586. /usr/local/etc/raddb/sites-enabled/default
1587. Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
1588. Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
1589. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP NAK
1590. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP-NAK asked for EAP-Type/ttls
1591. Fri Sep 24 03:06:55 2010 : Info: [eap] processing type tls
1592. Fri Sep 24 03:06:55 2010 : Info: [tls] Initiate
1593. Fri Sep 24 03:06:55 2010 : Info: [tls] Start returned 1
1594. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
1595. Sending Access-Challenge of id 2 to 2001:db93::2 port 49667
1596. EAP-Message = 0x01c800061520
1597. Message-Authenticator = 0x00000000000000000000000000000000
1598. State = 0xaff1e84cae39fdb5bb2c56933c8275f3
1599. Fri Sep 24 03:06:55 2010 : Info: Finished request 19.
1600. Fri Sep 24 03:06:55 2010 : Debug: Going to the next request
1601. Fri Sep 24 03:06:55 2010 : Debug: Waking up in 4.9 seconds.
1602. rad_recv: Access-Request packet from host 2001:db93::2 port 49667, id=3,
1603. length=325
1604. User-Name = "anonymous"
1605. NAS-IPv6-Address = 2001:db93::2
1606. NAS-Identifier = "panosAP-MR2"
1607. NAS-Port = 1
1608. Called-Station-Id = "00-1C-F0-9D-22-FF:panos_secure2"
1609. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
1610. Framed-MTU = 1400
1611. NAS-Port-Type = Wireless-802.11
1612. Connect-Info = "CONNECT 54Mbps 802.11g"
1613. EAP-Message =
1614. 0x02c80083150016030100780100007403014c9c0799307635daf8a089e7d879144e57c1c991f353548fe2de5daf8393cc6e201d6029bbddba233cd443d692b968df093237d9ad982f9ccc8a2defcd3edeb243002600390038003500160013000a00330032002f0005000400150012000900140011000800060003020100000400230000
1615. State = 0xaff1e84cae39fdb5bb2c56933c8275f3
1616. Message-Authenticator = 0xbc77bb511c10e5e10ef4000caea44a1d
1617. Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
1618. /usr/local/etc/raddb/sites-enabled/default
1619. Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
1620. Fri Sep 24 03:06:55 2010 : Info: ++[preprocess] returns ok
1621. Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
1622. Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
1623. Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name =
1624. "anonymous", looking up realm NULL
1625. Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
1626. Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
1627. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 200
1628. length 131
1629. Fri Sep 24 03:06:55 2010 : Info: [eap] Continuing tunnel setup.
1630. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns ok
1631. Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
1632. Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
1633. /usr/local/etc/raddb/sites-enabled/default
1634. Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
1635. Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
1636. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP/ttls
1637. Fri Sep 24 03:06:55 2010 : Info: [eap] processing type ttls
1638. Fri Sep 24 03:06:55 2010 : Info: [ttls] Authenticate
1639. Fri Sep 24 03:06:55 2010 : Info: [ttls] processing EAP-TLS
1640. Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_verify returned 7
1641. Fri Sep 24 03:06:55 2010 : Info: [ttls] Done initial handshake
1642. Fri Sep 24 03:06:55 2010 : Info: [ttls] (other): before/accept
1643. initialization
1644. Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: before/accept
1645. initialization
1646. Fri Sep 24 03:06:55 2010 : Info: [ttls] <<< TLS 1.0 Handshake [length
1647. 0078], ClientHello
1648. Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: SSLv3 read client
1649. hello A
1650. Fri Sep 24 03:06:55 2010 : Info: [ttls] >>> TLS 1.0 Handshake [length
1651. 004a], ServerHello
1652. Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: SSLv3 write server
1653. hello A
1654. Fri Sep 24 03:06:55 2010 : Info: [ttls] >>> TLS 1.0 Handshake [length
1655. 08b3], Certificate
1656. Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: SSLv3 write
1657. certificate A
1658. Fri Sep 24 03:06:55 2010 : Info: [ttls] >>> TLS 1.0 Handshake [length
1659. 020d], ServerKeyExchange
1660. Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: SSLv3 write key
1661. exchange A
1662. Fri Sep 24 03:06:55 2010 : Info: [ttls] >>> TLS 1.0 Handshake [length
1663. 0004], ServerHelloDone
1664. Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: SSLv3 write server
1665. done A
1666. Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: SSLv3 flush data
1667. Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: Need to read more
1668. data: SSLv3 read client certificate A
1669. Fri Sep 24 03:06:55 2010 : Debug: In SSL Handshake Phase
1670. Fri Sep 24 03:06:55 2010 : Debug: In SSL Accept mode
1671. Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_process returned 13
1672. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
1673. Sending Access-Challenge of id 3 to 2001:db93::2 port 49667
1674. EAP-Message =
1675. 0x01c9040015c000000b22160301004a0200004603014c9c07bf5d3eac966232db81394677734520bab4adae4b6c25ffdd48fa6466b22069c204b29e84878591c19645ed74c1ff4b656c30f66adad78d268df65d2e1d1400390116030108b30b0008af0008ac0004633082045f30820347a003020102020900e8aa5d45ccde0ec2300d06092a864886f70d01010405003081b5310b300906035504061302554b3113301106035504080c0a4c616e636173686972653140303e060355040a0c37563654657374626564202d20436f6d707574696e67204465706172746d656e74202d204c616e63617374657220556e697665727369747931283026060355
1676. EAP-Message =
1677. 0x04030c1f43657274696669636174655f417574686f72697479407636746573746265643125302306092a864886f70d010901161670616e6f7340636f6d702e6c616e63732e61632e756b301e170d3130303432333136323330315a170d3230303432303136323330315a3081aa310b300906035504061302554b3113301106035504080c0a4c616e636173686972653140303e060355040a0c37563654657374626564202d20436f6d707574696e67204465706172746d656e74202d204c616e63617374657220556e6976657273697479311d301b06035504030c144141415f534552564552407636746573746265643125302306092a864886f70d01
1678. EAP-Message =
1679. 0x0901161670616e6f7340636f6d702e6c616e63732e61632e756b30820122300d06092a864886f70d01010105000382010f003082010a0282010100ee0aeb8ea5d83782523d2dce5297e8905e9fb3fa8c5f59cd3ee7903c9799c9679fa8c00ea9d6a86a195ec3d9bcd1e2dda95d48cd24bae78fef247a53410e45fbb0cfaf26edb8489afdd76d1da0e014ef60e79047d5c7f1055d6081827e1e1116b5c8a93e3aa744d93c65a5f9912735eeb5ebad5338065954c2fa12092a8f18d5e3a864466f3b4e43d6bdc1d42461151462237fdaccdb6a58e0ace9fcd82489e6ebbc24f2e986978856bff2b0c0043cbe680e1db409c30d5d3ef5e9bcc6bf6f58647e
1680. EAP-Message =
1681. 0x383eec7be5af4015b8597886a348514437646ee8b77a884eb593301352ddb7debd2669ab0e716cfad0ae1aae57e384bbc0d7fffee5ade1e3d8705e83af0b0203010001a37b307930090603551d1304023000302c06096086480186f842010d041f161d4f70656e53534c2047656e657261746564204365727469666963617465301d0603551d0e04160414cf045dee9ff9839327e2127c1cd2123521276d25301f0603551d23041830168014849d96ce9dce861838218a5b59371fff875735a0300d06092a864886f70d0101040500038201010059ca64550c6349a37715a7a235a35b75cc729c76346541184e00250167552ac941a1ce251a8f4d183a
1682. EAP-Message = 0x9b34dfc90e812ab8c370f93d
1683. Message-Authenticator = 0x00000000000000000000000000000000
1684. State = 0xaff1e84cad38fdb5bb2c56933c8275f3
1685. Fri Sep 24 03:06:55 2010 : Info: Finished request 20.
1686. Fri Sep 24 03:06:55 2010 : Debug: Going to the next request
1687. Fri Sep 24 03:06:55 2010 : Debug: Waking up in 4.9 seconds.
1688. rad_recv: Access-Request packet from host 2001:db93::2 port 49667, id=4,
1689. length=200
1690. User-Name = "anonymous"
1691. NAS-IPv6-Address = 2001:db93::2
1692. NAS-Identifier = "panosAP-MR2"
1693. NAS-Port = 1
1694. Called-Station-Id = "00-1C-F0-9D-22-FF:panos_secure2"
1695. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
1696. Framed-MTU = 1400
1697. NAS-Port-Type = Wireless-802.11
1698. Connect-Info = "CONNECT 54Mbps 802.11g"
1699. EAP-Message = 0x02c900061500
1700. State = 0xaff1e84cad38fdb5bb2c56933c8275f3
1701. Message-Authenticator = 0x3dbce4e127e7652498b772996d75cc36
1702. Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
1703. /usr/local/etc/raddb/sites-enabled/default
1704. Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
1705. Fri Sep 24 03:06:55 2010 : Info: ++[preprocess] returns ok
1706. Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
1707. Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
1708. Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name =
1709. "anonymous", looking up realm NULL
1710. Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
1711. Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
1712. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 201
1713. length 6
1714. Fri Sep 24 03:06:55 2010 : Info: [eap] Continuing tunnel setup.
1715. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns ok
1716. Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
1717. Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
1718. /usr/local/etc/raddb/sites-enabled/default
1719. Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
1720. Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
1721. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP/ttls
1722. Fri Sep 24 03:06:55 2010 : Info: [eap] processing type ttls
1723. Fri Sep 24 03:06:55 2010 : Info: [ttls] Authenticate
1724. Fri Sep 24 03:06:55 2010 : Info: [ttls] processing EAP-TLS
1725. Fri Sep 24 03:06:55 2010 : Info: [ttls] Received TLS ACK
1726. Fri Sep 24 03:06:55 2010 : Info: [ttls] ACK handshake fragment handler
1727. Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_verify returned 1
1728. Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_process returned 13
1729. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
1730. Sending Access-Challenge of id 4 to 2001:db93::2 port 49667
1731. EAP-Message =
1732. 0x01ca040015c000000b22b54a717c1c4d5a1534f04ae733127ca0a219db95ff2ed758f7dd656faa980983d7f9307d80bee7f974db5c97a18a53c028c43f13575d65598ff0e9418bc46d8bf9985a676bd0a0b8ecdeeb5f74fc978290752eecb7cb26d5b53b06b51cf7cf9ddaac4f5a5186b51ed94ac48cef701891e1430b2a1b97e46e48340954e2aa8e0ec3f8b1e54c0801c5e5553e3ca6b77e355016dc21bbbdcab0be50576aee230f95c466e8a9ef516e4b31ddf601edaba2dc36d0ec0f600c04db09c58dcfe04a9e934d1a9074e83ba83f870bcb0004433082043f30820327a003020102020900e8aa5d45ccde0ebc300d06092a864886f70d010105
1733. EAP-Message =
1734. 0x05003081b5310b300906035504061302554b3113301106035504080c0a4c616e636173686972653140303e060355040a0c37563654657374626564202d20436f6d707574696e67204465706172746d656e74202d204c616e63617374657220556e69766572736974793128302606035504030c1f43657274696669636174655f417574686f72697479407636746573746265643125302306092a864886f70d010901161670616e6f7340636f6d702e6c616e63732e61632e756b301e170d3130303432333136303235315a170d3230303432303136303235315a3081b5310b300906035504061302554b3113301106035504080c0a4c616e6361736869
1735. EAP-Message =
1736. 0x72653140303e060355040a0c37563654657374626564202d20436f6d707574696e67204465706172746d656e74202d204c616e63617374657220556e69766572736974793128302606035504030c1f43657274696669636174655f417574686f72697479407636746573746265643125302306092a864886f70d010901161670616e6f7340636f6d702e6c616e63732e61632e756b30820122300d06092a864886f70d01010105000382010f003082010a0282010100d5742265853cfb58e3d8cd30874e23e27bc0877bc78eb20fa83b76b8de968d67d281208c150741a750da0288710eac89b7b8d849664bfcb09ce2025a8b2974f462c3155774ee23
1737. EAP-Message =
1738. 0x07f5c9bc2a81b4c6d20035d869cb05bf391ff5f562a09d50669b1810ad91a8a06a59d7e411ee9ce6d8355c43c8aee3d25b3e937197f5b37ceeec9e9a987fb8aa14117c8dd7d6f599dd3be47b9db7bb8410e168e71a7512b22e833072ca1a6f2a9bfbb67c0c189d2eeca7a5f044a01909053c335647f28a09cee0bffbd8723b1406fd3fef247f2d100b0af9100a40ce0f770369461fe366294d9a8a84c7c17e0fc6e567b923af73a604c7b7c6773469f3e9e4921459f1b0e1e50203010001a350304e301d0603551d0e04160414849d96ce9dce861838218a5b59371fff875735a0301f0603551d23041830168014849d96ce9dce861838218a5b59371f
1739. EAP-Message = 0xff875735a0300c0603551d13
1740. Message-Authenticator = 0x00000000000000000000000000000000
1741. State = 0xaff1e84cac3bfdb5bb2c56933c8275f3
1742. Fri Sep 24 03:06:55 2010 : Info: Finished request 21.
1743. Fri Sep 24 03:06:55 2010 : Debug: Going to the next request
1744. Fri Sep 24 03:06:55 2010 : Debug: Waking up in 4.9 seconds.
1745. rad_recv: Access-Request packet from host 2001:db93::2 port 49667, id=5,
1746. length=200
1747. User-Name = "anonymous"
1748. NAS-IPv6-Address = 2001:db93::2
1749. NAS-Identifier = "panosAP-MR2"
1750. NAS-Port = 1
1751. Called-Station-Id = "00-1C-F0-9D-22-FF:panos_secure2"
1752. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
1753. Framed-MTU = 1400
1754. NAS-Port-Type = Wireless-802.11
1755. Connect-Info = "CONNECT 54Mbps 802.11g"
1756. EAP-Message = 0x02ca00061500
1757. State = 0xaff1e84cac3bfdb5bb2c56933c8275f3
1758. Message-Authenticator = 0xd230b34c4dc6f0069398330675718a52
1759. Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
1760. /usr/local/etc/raddb/sites-enabled/default
1761. Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
1762. Fri Sep 24 03:06:55 2010 : Info: ++[preprocess] returns ok
1763. Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
1764. Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
1765. Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name =
1766. "anonymous", looking up realm NULL
1767. Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
1768. Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
1769. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 202
1770. length 6
1771. Fri Sep 24 03:06:55 2010 : Info: [eap] Continuing tunnel setup.
1772. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns ok
1773. Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
1774. Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
1775. /usr/local/etc/raddb/sites-enabled/default
1776. Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
1777. Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
1778. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP/ttls
1779. Fri Sep 24 03:06:55 2010 : Info: [eap] processing type ttls
1780. Fri Sep 24 03:06:55 2010 : Info: [ttls] Authenticate
1781. Fri Sep 24 03:06:55 2010 : Info: [ttls] processing EAP-TLS
1782. Fri Sep 24 03:06:55 2010 : Info: [ttls] Received TLS ACK
1783. Fri Sep 24 03:06:55 2010 : Info: [ttls] ACK handshake fragment handler
1784. Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_verify returned 1
1785. Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_process returned 13
1786. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
1787. Sending Access-Challenge of id 5 to 2001:db93::2 port 49667
1788. EAP-Message =
1789. 0x01cb0340158000000b22040530030101ff300d06092a864886f70d01010505000382010100a6706416cb639e79cd5d5c0376d4ddb46be58ee8d5248e8e6d86caddd81de83a01f43d671760d2086a4e492fc8f5234a557408e20d8e017bee88aacd57826b6722b2045419d0bd420e1b597682971e595a37c43ceb5a9e3461d13f6e4e3a02b3501afe1956456016bd459b24dcebf0a52667ede741be772f3eb8747020aba9c7c078cc473a640ad0c7b7b983d274b6b1c451e9151a85fb8e716e399d293b2dcb6c0fbc4ff8f30d197c252f8050104465acefdfc277a049bba2292a8c0f21793dc843c8f9c835353cc2bd8b4170ea01ace45a61dcf08010d2
1790. EAP-Message =
1791. 0xd86da3332fdd40d725ec1761e07c6d9e787e8c322b97f49ef3f6bc328c7a9861e08599150724d889160301020d0c0002090080a5c543e970288dbe9bb99a4eee9877d3afba38f8772ca0f8ffa5f78099716977289be3bb1803e30cf5010acaf7e0c37c8289cb2becd012470f81f55f64de937d1b4e5eccf843f5855485d3000605e0bdd9b8011eba710d73c823c96b5a92085cfb46c538d8d4c829a2b98a0d51b7351d84da1e6a77f2c4a9cad9ede08ddc1a6b0001020080689b60d0842c49efe7660824f3a75547684e21a6d7b963bdc027de7283d526ad6b204b5570d36bb5025c1f7a6cf8348fcf2417f13b9d252ae80f3c3a3c0172af61e5fb17e6
1792. EAP-Message =
1793. 0x0cdc50b8dd5ee1bcbfc4ed906c8c15dcf9d01bb6687b36ef6af2a89e0f6c0691c1a297382dc75d644aa24d59aee30c2f43c304d17a4a4e510808790100b3dfd1c9c34d66c0ee194c7a73004b51afc9ab45df80fe2a22f20a3798ac5ee9dde3ef913c5ba8f8bb5efc3b3ced62bfdb16bb974d385a6b943449ef9ee158e2c2b06f41519d5afadb99169f5ed7d19c4a2e4ab3051ce02641fb5b613117e6a169e0936bb8670443ab547412fadb9094e79480a198fc70bad82471f056a3746a96a998a55e47db7702aa66d8fef7cd3c3be4eb58ed82f24aefd582d0b5384ec238b26c156e7232da5d4c0f7206d1b1e6d43a5f95ed7dcca7d29dfb157b7e5075
1794. EAP-Message =
1795. 0x5c4784407b129b0ac7cf20e28afe1145be7186b6c4b8b4dd3e6f3fe55940fd7b4558109c8b3bc71f521772ea4c68cb0611beec3355f5c83264aa477fafb938da16030100040e000000
1796. Message-Authenticator = 0x00000000000000000000000000000000
1797. State = 0xaff1e84cab3afdb5bb2c56933c8275f3
1798. Fri Sep 24 03:06:55 2010 : Info: Finished request 22.
1799. Fri Sep 24 03:06:55 2010 : Debug: Going to the next request
1800. Fri Sep 24 03:06:55 2010 : Debug: Waking up in 4.9 seconds.
1801. rad_recv: Access-Request packet from host 2001:db93::2 port 49667, id=6,
1802. length=398
1803. User-Name = "anonymous"
1804. NAS-IPv6-Address = 2001:db93::2
1805. NAS-Identifier = "panosAP-MR2"
1806. NAS-Port = 1
1807. Called-Station-Id = "00-1C-F0-9D-22-FF:panos_secure2"
1808. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
1809. Framed-MTU = 1400
1810. NAS-Port-Type = Wireless-802.11
1811. Connect-Info = "CONNECT 54Mbps 802.11g"
1812. EAP-Message =
1813. 0x02cb00cc1500160301008610000082008091e67232e4a8d43d1a5dab6a356c24d193fe3a7d371c1e32425fee8fcec58a2adfe36b0b2457dea7d165ea9aa7fe8f0e6b75ff3ba8dbcc1a9c5c8727b5232170b91527aff29d8e228dc30a5002695560204a457be5b603366a1a00a065a7eee21d0ff73d4059171037c7bd42deeeddac9ef710cf72de6c47101eb4311d489f80140301000101160301003035000c8eb7309040534d659e9da84b67ae5f520c15023a70971e32c94f7c89c705167f36639b77cb80ae1e90f6ba245a
1814. State = 0xaff1e84cab3afdb5bb2c56933c8275f3
1815. Message-Authenticator = 0x90d642f99f8ed29ccad6af4727438ad5
1816. Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
1817. /usr/local/etc/raddb/sites-enabled/default
1818. Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
1819. Fri Sep 24 03:06:55 2010 : Info: ++[preprocess] returns ok
1820. Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
1821. Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
1822. Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name =
1823. "anonymous", looking up realm NULL
1824. Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
1825. Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
1826. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 203
1827. length 204
1828. Fri Sep 24 03:06:55 2010 : Info: [eap] Continuing tunnel setup.
1829. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns ok
1830. Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
1831. Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
1832. /usr/local/etc/raddb/sites-enabled/default
1833. Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
1834. Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
1835. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP/ttls
1836. Fri Sep 24 03:06:55 2010 : Info: [eap] processing type ttls
1837. Fri Sep 24 03:06:55 2010 : Info: [ttls] Authenticate
1838. Fri Sep 24 03:06:55 2010 : Info: [ttls] processing EAP-TLS
1839. Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_verify returned 7
1840. Fri Sep 24 03:06:55 2010 : Info: [ttls] Done initial handshake
1841. Fri Sep 24 03:06:55 2010 : Info: [ttls] <<< TLS 1.0 Handshake [length
1842. 0086], ClientKeyExchange
1843. Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: SSLv3 read client
1844. key exchange A
1845. Fri Sep 24 03:06:55 2010 : Info: [ttls] <<< TLS 1.0 ChangeCipherSpec
1846. [length 0001]
1847. Fri Sep 24 03:06:55 2010 : Info: [ttls] <<< TLS 1.0 Handshake [length
1848. 0010], Finished
1849. Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: SSLv3 read finished A
1850. Fri Sep 24 03:06:55 2010 : Info: [ttls] >>> TLS 1.0 ChangeCipherSpec
1851. [length 0001]
1852. Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: SSLv3 write change
1853. cipher spec A
1854. Fri Sep 24 03:06:55 2010 : Info: [ttls] >>> TLS 1.0 Handshake [length
1855. 0010], Finished
1856. Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: SSLv3 write
1857. finished A
1858. Fri Sep 24 03:06:55 2010 : Info: [ttls] TLS_accept: SSLv3 flush data
1859. Fri Sep 24 03:06:55 2010 : Debug: SSL: adding session
1860. 69c204b29e84878591c19645ed74c1ff4b656c30f66adad78d268df65d2e1d14 to cache
1861. Fri Sep 24 03:06:55 2010 : Info: [ttls] (other): SSL negotiation
1862. finished successfully
1863. Fri Sep 24 03:06:55 2010 : Debug: SSL Connection Established
1864. Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_process returned 13
1865. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
1866. Sending Access-Challenge of id 6 to 2001:db93::2 port 49667
1867. EAP-Message =
1868. 0x01cc004515800000003b1403010001011603010030c15a5c33615dc708af694cdac7ea4a1d9574181114b8dc5d06640f9b54f1ad45898fcf10f04c4e40856c75f1aeb60c6b
1869. Message-Authenticator = 0x00000000000000000000000000000000
1870. State = 0xaff1e84caa3dfdb5bb2c56933c8275f3
1871. Fri Sep 24 03:06:55 2010 : Info: Finished request 23.
1872. Fri Sep 24 03:06:55 2010 : Debug: Going to the next request
1873. Fri Sep 24 03:06:55 2010 : Debug: Waking up in 4.8 seconds.
1874. rad_recv: Access-Request packet from host 2001:db93::2 port 49667, id=7,
1875. length=290
1876. User-Name = "anonymous"
1877. NAS-IPv6-Address = 2001:db93::2
1878. NAS-Identifier = "panosAP-MR2"
1879. NAS-Port = 1
1880. Called-Station-Id = "00-1C-F0-9D-22-FF:panos_secure2"
1881. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
1882. Framed-MTU = 1400
1883. NAS-Port-Type = Wireless-802.11
1884. Connect-Info = "CONNECT 54Mbps 802.11g"
1885. EAP-Message =
1886. 0x02cc006015001703010020ed8d6cc4f6dd4cf77ba03035fc780a3eea8bf767882b6fed37e0fb9909e0c9ca17030100305d0db2e22560aa385ec2921ad94bbec29b1aac58f2e18fbbe38ae014cfa325fb8602774d9779de78cca99c93722717b6
1887. State = 0xaff1e84caa3dfdb5bb2c56933c8275f3
1888. Message-Authenticator = 0x00ec82537df67437161837129a80e00b
1889. Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
1890. /usr/local/etc/raddb/sites-enabled/default
1891. Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
1892. Fri Sep 24 03:06:55 2010 : Info: ++[preprocess] returns ok
1893. Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
1894. Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
1895. Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name =
1896. "anonymous", looking up realm NULL
1897. Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
1898. Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
1899. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 204
1900. length 96
1901. Fri Sep 24 03:06:55 2010 : Info: [eap] Continuing tunnel setup.
1902. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns ok
1903. Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
1904. Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
1905. /usr/local/etc/raddb/sites-enabled/default
1906. Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
1907. Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
1908. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP/ttls
1909. Fri Sep 24 03:06:55 2010 : Info: [eap] processing type ttls
1910. Fri Sep 24 03:06:55 2010 : Info: [ttls] Authenticate
1911. Fri Sep 24 03:06:55 2010 : Info: [ttls] processing EAP-TLS
1912. Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_verify returned 7
1913. Fri Sep 24 03:06:55 2010 : Info: [ttls] Done initial handshake
1914. Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_process returned 7
1915. Fri Sep 24 03:06:55 2010 : Info: [ttls] Session established. Proceeding
1916. to decode tunneled attributes.
1917. Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled request
1918. EAP-Message = 0x0200000801626f62
1919. FreeRADIUS-Proxied-To = 127.0.0.1
1920. Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled identity of bob
1921. Fri Sep 24 03:06:55 2010 : Info: [ttls] Setting default EAP type for
1922. tunneled EAP session.
1923. Fri Sep 24 03:06:55 2010 : Info: [ttls] Sending tunneled request
1924. EAP-Message = 0x0200000801626f62
1925. FreeRADIUS-Proxied-To = 127.0.0.1
1926. User-Name = "bob"
1927. server inner-tunnel {
1928. Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
1929. /usr/local/etc/raddb/sites-enabled/inner-tunnel
1930. Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
1931. Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
1932. Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
1933. Fri Sep 24 03:06:55 2010 : Info: ++[unix] returns notfound
1934. Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name = "bob",
1935. looking up realm NULL
1936. Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
1937. Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
1938. Fri Sep 24 03:06:55 2010 : Info: ++[control] returns noop
1939. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 0 length 8
1940. Fri Sep 24 03:06:55 2010 : Info: [eap] No EAP Start, assuming it's an
1941. on-going EAP conversation
1942. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns updated
1943. Fri Sep 24 03:06:55 2010 : Info: [files] users: Matched entry bob at line 208
1944. Fri Sep 24 03:06:55 2010 : Info: [files] expand: Hello, %{User-Name} ->
1945. Hello, bob
1946. Fri Sep 24 03:06:55 2010 : Info: ++[files] returns ok
1947. Fri Sep 24 03:06:55 2010 : Info: ++[expiration] returns noop
1948. Fri Sep 24 03:06:55 2010 : Info: ++[logintime] returns noop
1949. Fri Sep 24 03:06:55 2010 : Info: [pap] WARNING: Auth-Type already set.
1950. Not setting to PAP
1951. Fri Sep 24 03:06:55 2010 : Info: ++[pap] returns noop
1952. Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
1953. Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
1954. /usr/local/etc/raddb/sites-enabled/inner-tunnel
1955. Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
1956. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP Identity
1957. Fri Sep 24 03:06:55 2010 : Info: [eap] processing type md5
1958. Fri Sep 24 03:06:55 2010 : Debug: rlm_eap_md5: Issuing Challenge
1959. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
1960. } # server inner-tunnel
1961. Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled reply code 11
1962. Reply-Message = "Hello, bob"
1963. EAP-Message = 0x010100160410066543bfbd219873b468f4b298dba6f7
1964. Message-Authenticator = 0x00000000000000000000000000000000
1965. State = 0xb966de05b967dae4c45b57a72400cd2f
1966. Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled Access-Challenge
1967. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
1968. Sending Access-Challenge of id 7 to 2001:db93::2 port 49667
1969. EAP-Message =
1970. 0x01cd005f1580000000551703010050f16015b0873d10bdb192db0b235829a7bc51f8d51fa50e0ed2ac3a3d27655dcb76871d85cf10fc611a8f7a83339f16b5da33a38e05864edccb4e8d55744d51bbf6d0f3dc31dd9599f7c421c755e72755
1971. Message-Authenticator = 0x00000000000000000000000000000000
1972. State = 0xaff1e84ca93cfdb5bb2c56933c8275f3
1973. Fri Sep 24 03:06:55 2010 : Info: Finished request 24.
1974. Fri Sep 24 03:06:55 2010 : Debug: Going to the next request
1975. Fri Sep 24 03:06:55 2010 : Debug: Waking up in 4.8 seconds.
1976. rad_recv: Access-Request packet from host 2001:db93::2 port 49667, id=8,
1977. length=290
1978. User-Name = "anonymous"
1979. NAS-IPv6-Address = 2001:db93::2
1980. NAS-Identifier = "panosAP-MR2"
1981. NAS-Port = 1
1982. Called-Station-Id = "00-1C-F0-9D-22-FF:panos_secure2"
1983. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
1984. Framed-MTU = 1400
1985. NAS-Port-Type = Wireless-802.11
1986. Connect-Info = "CONNECT 54Mbps 802.11g"
1987. EAP-Message =
1988. 0x02cd006015001703010020564b8c2db33d4de032e2986a4c062505dd70e5375381ef12122976faa320855b17030100306a0c5586def74a0253457fc9463597512f7cb70e874613f8a98f73b8aed83d264daa63ec8cae155b35faa618f03be4b5
1989. State = 0xaff1e84ca93cfdb5bb2c56933c8275f3
1990. Message-Authenticator = 0x03ab117f121c55e5bd94a682ea0ed90e
1991. Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
1992. /usr/local/etc/raddb/sites-enabled/default
1993. Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
1994. Fri Sep 24 03:06:55 2010 : Info: ++[preprocess] returns ok
1995. Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
1996. Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
1997. Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name =
1998. "anonymous", looking up realm NULL
1999. Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
2000. Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
2001. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 205
2002. length 96
2003. Fri Sep 24 03:06:55 2010 : Info: [eap] Continuing tunnel setup.
2004. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns ok
2005. Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
2006. Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
2007. /usr/local/etc/raddb/sites-enabled/default
2008. Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
2009. Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
2010. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP/ttls
2011. Fri Sep 24 03:06:55 2010 : Info: [eap] processing type ttls
2012. Fri Sep 24 03:06:55 2010 : Info: [ttls] Authenticate
2013. Fri Sep 24 03:06:55 2010 : Info: [ttls] processing EAP-TLS
2014. Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_verify returned 7
2015. Fri Sep 24 03:06:55 2010 : Info: [ttls] Done initial handshake
2016. Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_process returned 7
2017. Fri Sep 24 03:06:55 2010 : Info: [ttls] Session established. Proceeding
2018. to decode tunneled attributes.
2019. Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled request
2020. EAP-Message = 0x02010006031a
2021. FreeRADIUS-Proxied-To = 127.0.0.1
2022. Fri Sep 24 03:06:55 2010 : Info: [ttls] Sending tunneled request
2023. EAP-Message = 0x02010006031a
2024. FreeRADIUS-Proxied-To = 127.0.0.1
2025. User-Name = "bob"
2026. State = 0xb966de05b967dae4c45b57a72400cd2f
2027. server inner-tunnel {
2028. Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
2029. /usr/local/etc/raddb/sites-enabled/inner-tunnel
2030. Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
2031. Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
2032. Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
2033. Fri Sep 24 03:06:55 2010 : Info: ++[unix] returns notfound
2034. Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name = "bob",
2035. looking up realm NULL
2036. Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
2037. Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
2038. Fri Sep 24 03:06:55 2010 : Info: ++[control] returns noop
2039. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 1 length 6
2040. Fri Sep 24 03:06:55 2010 : Info: [eap] No EAP Start, assuming it's an
2041. on-going EAP conversation
2042. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns updated
2043. Fri Sep 24 03:06:55 2010 : Info: [files] users: Matched entry bob at line 208
2044. Fri Sep 24 03:06:55 2010 : Info: [files] expand: Hello, %{User-Name} ->
2045. Hello, bob
2046. Fri Sep 24 03:06:55 2010 : Info: ++[files] returns ok
2047. Fri Sep 24 03:06:55 2010 : Info: ++[expiration] returns noop
2048. Fri Sep 24 03:06:55 2010 : Info: ++[logintime] returns noop
2049. Fri Sep 24 03:06:55 2010 : Info: [pap] WARNING: Auth-Type already set.
2050. Not setting to PAP
2051. Fri Sep 24 03:06:55 2010 : Info: ++[pap] returns noop
2052. Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
2053. Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
2054. /usr/local/etc/raddb/sites-enabled/inner-tunnel
2055. Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
2056. Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
2057. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP NAK
2058. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP-NAK asked for EAP-Type/mschapv2
2059. Fri Sep 24 03:06:55 2010 : Info: [eap] processing type mschapv2
2060. Fri Sep 24 03:06:55 2010 : Debug: rlm_eap_mschapv2: Issuing Challenge
2061. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
2062. } # server inner-tunnel
2063. Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled reply code 11
2064. Reply-Message = "Hello, bob"
2065. EAP-Message = 0x0102001d1a010200181001fb51383905981d78c1e685ac1b7a9a626f62
2066. Message-Authenticator = 0x00000000000000000000000000000000
2067. State = 0xb966de05b864c4e4c45b57a72400cd2f
2068. Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled Access-Challenge
2069. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
2070. Sending Access-Challenge of id 8 to 2001:db93::2 port 49667
2071. EAP-Message =
2072. 0x01ce004f1580000000451703010040888ee00df3d809dc650dc52e4e5051117a559a4dc935734f816ccaccbfd618813a45020275b5c6c76073047ea5530faac8a8869580e60481903f8d9bac3e7c12
2073. Message-Authenticator = 0x00000000000000000000000000000000
2074. State = 0xaff1e84ca83ffdb5bb2c56933c8275f3
2075. Fri Sep 24 03:06:55 2010 : Info: Finished request 25.
2076. Fri Sep 24 03:06:55 2010 : Debug: Going to the next request
2077. Fri Sep 24 03:06:55 2010 : Debug: Waking up in 4.8 seconds.
2078. rad_recv: Access-Request packet from host 2001:db93::2 port 49667, id=9,
2079. length=338
2080. User-Name = "anonymous"
2081. NAS-IPv6-Address = 2001:db93::2
2082. NAS-Identifier = "panosAP-MR2"
2083. NAS-Port = 1
2084. Called-Station-Id = "00-1C-F0-9D-22-FF:panos_secure2"
2085. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
2086. Framed-MTU = 1400
2087. NAS-Port-Type = Wireless-802.11
2088. Connect-Info = "CONNECT 54Mbps 802.11g"
2089. EAP-Message =
2090. 0x02ce0090150017030100206d5f383875f521035af9dcc22871cc8de5cafce984d72beb827680df007abec717030100602f9a2a45530f14333dfb3b1cdf5b37ed13cabe4d08d82629cb29cad6e1c685764d85019a3eab82b2a0f1693cd3115e3f10426dd94cec61e335a8e1a6c0febcb42ff3435f2c34d8a04dbe6c8930fb6a5d0799adc5084430acbca67fd99e8b3324
2091. State = 0xaff1e84ca83ffdb5bb2c56933c8275f3
2092. Message-Authenticator = 0x98997bc6575e3c744ce2f1a3245fd3ee
2093. Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
2094. /usr/local/etc/raddb/sites-enabled/default
2095. Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
2096. Fri Sep 24 03:06:55 2010 : Info: ++[preprocess] returns ok
2097. Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
2098. Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
2099. Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name =
2100. "anonymous", looking up realm NULL
2101. Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
2102. Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
2103. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 206
2104. length 144
2105. Fri Sep 24 03:06:55 2010 : Info: [eap] Continuing tunnel setup.
2106. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns ok
2107. Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
2108. Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
2109. /usr/local/etc/raddb/sites-enabled/default
2110. Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
2111. Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
2112. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP/ttls
2113. Fri Sep 24 03:06:55 2010 : Info: [eap] processing type ttls
2114. Fri Sep 24 03:06:55 2010 : Info: [ttls] Authenticate
2115. Fri Sep 24 03:06:55 2010 : Info: [ttls] processing EAP-TLS
2116. Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_verify returned 7
2117. Fri Sep 24 03:06:55 2010 : Info: [ttls] Done initial handshake
2118. Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_process returned 7
2119. Fri Sep 24 03:06:55 2010 : Info: [ttls] Session established. Proceeding
2120. to decode tunneled attributes.
2121. Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled request
2122. EAP-Message =
2123. 0x0202003e1a02020039317e2e08ca0e19795cc9877434d3b182630000000000000000f77973b633d6ccf223a817759f2f8c8a3aaa2c93601ea69300626f62
2124. FreeRADIUS-Proxied-To = 127.0.0.1
2125. Fri Sep 24 03:06:55 2010 : Info: [ttls] Sending tunneled request
2126. EAP-Message =
2127. 0x0202003e1a02020039317e2e08ca0e19795cc9877434d3b182630000000000000000f77973b633d6ccf223a817759f2f8c8a3aaa2c93601ea69300626f62
2128. FreeRADIUS-Proxied-To = 127.0.0.1
2129. User-Name = "bob"
2130. State = 0xb966de05b864c4e4c45b57a72400cd2f
2131. server inner-tunnel {
2132. Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
2133. /usr/local/etc/raddb/sites-enabled/inner-tunnel
2134. Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
2135. Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
2136. Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
2137. Fri Sep 24 03:06:55 2010 : Info: ++[unix] returns notfound
2138. Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name = "bob",
2139. looking up realm NULL
2140. Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
2141. Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
2142. Fri Sep 24 03:06:55 2010 : Info: ++[control] returns noop
2143. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 2
2144. length 62
2145. Fri Sep 24 03:06:55 2010 : Info: [eap] No EAP Start, assuming it's an
2146. on-going EAP conversation
2147. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns updated
2148. Fri Sep 24 03:06:55 2010 : Info: [files] users: Matched entry bob at line 208
2149. Fri Sep 24 03:06:55 2010 : Info: [files] expand: Hello, %{User-Name} ->
2150. Hello, bob
2151. Fri Sep 24 03:06:55 2010 : Info: ++[files] returns ok
2152. Fri Sep 24 03:06:55 2010 : Info: ++[expiration] returns noop
2153. Fri Sep 24 03:06:55 2010 : Info: ++[logintime] returns noop
2154. Fri Sep 24 03:06:55 2010 : Info: [pap] WARNING: Auth-Type already set.
2155. Not setting to PAP
2156. Fri Sep 24 03:06:55 2010 : Info: ++[pap] returns noop
2157. Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
2158. Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
2159. /usr/local/etc/raddb/sites-enabled/inner-tunnel
2160. Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
2161. Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
2162. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP/mschapv2
2163. Fri Sep 24 03:06:55 2010 : Info: [eap] processing type mschapv2
2164. Fri Sep 24 03:06:55 2010 : Info: [mschapv2] # Executing group from file
2165. /usr/local/etc/raddb/sites-enabled/inner-tunnel
2166. Fri Sep 24 03:06:55 2010 : Info: [mschapv2] +- entering group MS-CHAP {...}
2167. Fri Sep 24 03:06:55 2010 : Info: [mschap] Creating challenge hash with
2168. username: bob
2169. Fri Sep 24 03:06:55 2010 : Info: [mschap] Told to do MS-CHAPv2 for bob
2170. with NT-Password
2171. Fri Sep 24 03:06:55 2010 : Info: [mschap] adding MS-CHAPv2 MPPE keys
2172. Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns ok
2173. Fri Sep 24 03:06:55 2010 : Debug: MSCHAP Success
2174. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
2175. } # server inner-tunnel
2176. Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled reply code 11
2177. Reply-Message = "Hello, bob"
2178. EAP-Message =
2179. 0x010300331a0302002e533d32383636443443443232423933334338384336313633383638433544453633463246373046374346
2180. Message-Authenticator = 0x00000000000000000000000000000000
2181. State = 0xb966de05bb65c4e4c45b57a72400cd2f
2182. Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled Access-Challenge
2183. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns handled
2184. Sending Access-Challenge of id 9 to 2001:db93::2 port 49667
2185. EAP-Message =
2186. 0x01cf006f1580000000651703010060b4f3cddb2c24d6df96c12eac2ae30ebb92566a3b52f57f9667f024db5f0890a3d8fbf3e3044f2e61c26ad6a58fee1ed23c2101007be16647f76a1b5d4c3ce22dda8da199f489fde2eae5d1231a894645794970db323e1318f072231e1765a76c
2187. Message-Authenticator = 0x00000000000000000000000000000000
2188. State = 0xaff1e84ca73efdb5bb2c56933c8275f3
2189. Fri Sep 24 03:06:55 2010 : Info: Finished request 26.
2190. Fri Sep 24 03:06:55 2010 : Debug: Going to the next request
2191. Fri Sep 24 03:06:55 2010 : Debug: Waking up in 4.7 seconds.
2192. rad_recv: Access-Request packet from host 2001:db93::2 port 49667, id=10,
2193. length=290
2194. User-Name = "anonymous"
2195. NAS-IPv6-Address = 2001:db93::2
2196. NAS-Identifier = "panosAP-MR2"
2197. NAS-Port = 1
2198. Called-Station-Id = "00-1C-F0-9D-22-FF:panos_secure2"
2199. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
2200. Framed-MTU = 1400
2201. NAS-Port-Type = Wireless-802.11
2202. Connect-Info = "CONNECT 54Mbps 802.11g"
2203. EAP-Message =
2204. 0x02cf006015001703010020b4a4804ae6c506fa5a3823ff6f0c349660523ccdf8683b4b060f4d2707dc2def170301003043c4acfca040076c667f9a4f775b0ff0d8051dbd9e51f0018e53d8370a2c24b899fb8fc4dcb1a0c17bbc3e7e3a0b9bfc
2205. State = 0xaff1e84ca73efdb5bb2c56933c8275f3
2206. Message-Authenticator = 0x56e9ece90fceb38cbb47757941cf9ddc
2207. Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
2208. /usr/local/etc/raddb/sites-enabled/default
2209. Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
2210. Fri Sep 24 03:06:55 2010 : Info: ++[preprocess] returns ok
2211. Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
2212. Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
2213. Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name =
2214. "anonymous", looking up realm NULL
2215. Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
2216. Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
2217. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 207
2218. length 96
2219. Fri Sep 24 03:06:55 2010 : Info: [eap] Continuing tunnel setup.
2220. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns ok
2221. Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
2222. Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
2223. /usr/local/etc/raddb/sites-enabled/default
2224. Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
2225. Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
2226. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP/ttls
2227. Fri Sep 24 03:06:55 2010 : Info: [eap] processing type ttls
2228. Fri Sep 24 03:06:55 2010 : Info: [ttls] Authenticate
2229. Fri Sep 24 03:06:55 2010 : Info: [ttls] processing EAP-TLS
2230. Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_verify returned 7
2231. Fri Sep 24 03:06:55 2010 : Info: [ttls] Done initial handshake
2232. Fri Sep 24 03:06:55 2010 : Info: [ttls] eaptls_process returned 7
2233. Fri Sep 24 03:06:55 2010 : Info: [ttls] Session established. Proceeding
2234. to decode tunneled attributes.
2235. Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled request
2236. EAP-Message = 0x020300061a03
2237. FreeRADIUS-Proxied-To = 127.0.0.1
2238. Fri Sep 24 03:06:55 2010 : Info: [ttls] Sending tunneled request
2239. EAP-Message = 0x020300061a03
2240. FreeRADIUS-Proxied-To = 127.0.0.1
2241. User-Name = "bob"
2242. State = 0xb966de05bb65c4e4c45b57a72400cd2f
2243. server inner-tunnel {
2244. Fri Sep 24 03:06:55 2010 : Info: # Executing section authorize from file
2245. /usr/local/etc/raddb/sites-enabled/inner-tunnel
2246. Fri Sep 24 03:06:55 2010 : Info: +- entering group authorize {...}
2247. Fri Sep 24 03:06:55 2010 : Info: ++[chap] returns noop
2248. Fri Sep 24 03:06:55 2010 : Info: ++[mschap] returns noop
2249. Fri Sep 24 03:06:55 2010 : Info: ++[unix] returns notfound
2250. Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name = "bob",
2251. looking up realm NULL
2252. Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
2253. Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
2254. Fri Sep 24 03:06:55 2010 : Info: ++[control] returns noop
2255. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP packet type response id 3 length 6
2256. Fri Sep 24 03:06:55 2010 : Info: [eap] No EAP Start, assuming it's an
2257. on-going EAP conversation
2258. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns updated
2259. Fri Sep 24 03:06:55 2010 : Info: [files] users: Matched entry bob at line 208
2260. Fri Sep 24 03:06:55 2010 : Info: [files] expand: Hello, %{User-Name} ->
2261. Hello, bob
2262. Fri Sep 24 03:06:55 2010 : Info: ++[files] returns ok
2263. Fri Sep 24 03:06:55 2010 : Info: ++[expiration] returns noop
2264. Fri Sep 24 03:06:55 2010 : Info: ++[logintime] returns noop
2265. Fri Sep 24 03:06:55 2010 : Info: [pap] WARNING: Auth-Type already set.
2266. Not setting to PAP
2267. Fri Sep 24 03:06:55 2010 : Info: ++[pap] returns noop
2268. Fri Sep 24 03:06:55 2010 : Info: Found Auth-Type = EAP
2269. Fri Sep 24 03:06:55 2010 : Info: # Executing group from file
2270. /usr/local/etc/raddb/sites-enabled/inner-tunnel
2271. Fri Sep 24 03:06:55 2010 : Info: +- entering group authenticate {...}
2272. Fri Sep 24 03:06:55 2010 : Info: [eap] Request found, released from the list
2273. Fri Sep 24 03:06:55 2010 : Info: [eap] EAP/mschapv2
2274. Fri Sep 24 03:06:55 2010 : Info: [eap] processing type mschapv2
2275. Fri Sep 24 03:06:55 2010 : Info: [eap] Freeing handler
2276. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns ok
2277. Fri Sep 24 03:06:55 2010 : Info: WARNING: Empty post-auth section.
2278. Using default return values.
2279. Fri Sep 24 03:06:55 2010 : Info: # Executing section post-auth from file
2280. /usr/local/etc/raddb/sites-enabled/inner-tunnel
2281. } # server inner-tunnel
2282. Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled reply code 2
2283. Reply-Message = "Hello, bob"
2284. MS-MPPE-Encryption-Policy = 0x00000001
2285. MS-MPPE-Encryption-Types = 0x00000006
2286. MS-MPPE-Send-Key = 0xc667dd0175a542bbc8769243d4f47c67
2287. MS-MPPE-Recv-Key = 0xb58dfec835f0ecefd4c4277f32706b78
2288. EAP-Message = 0x03030004
2289. Message-Authenticator = 0x00000000000000000000000000000000
2290. User-Name = "bob"
2291. Fri Sep 24 03:06:55 2010 : Info: [ttls] Got tunneled Access-Accept
2292. Fri Sep 24 03:06:55 2010 : Info: [ttls] Saving response in the cache
2293. Fri Sep 24 03:06:55 2010 : Info: [ttls] WARNING: No information to cache:
2294. session caching will be disabled for this session.
2295. Fri Sep 24 03:06:55 2010 : Debug: SSL: Removing session
2296. 69c204b29e84878591c19645ed74c1ff4b656c30f66adad78d268df65d2e1d14 from the
2297. cache
2298. Fri Sep 24 03:06:55 2010 : Info: [eap] Freeing handler
2299. Fri Sep 24 03:06:55 2010 : Debug: rlm_eap_ttls: Freeing handler for user bob
2300. Fri Sep 24 03:06:55 2010 : Info: ++[eap] returns ok
2301. Fri Sep 24 03:06:55 2010 : Info: # Executing section post-auth from file
2302. /usr/local/etc/raddb/sites-enabled/default
2303. Fri Sep 24 03:06:55 2010 : Info: +- entering group post-auth {...}
2304. Fri Sep 24 03:06:55 2010 : Info: ++[exec] returns noop
2305. Sending Access-Accept of id 10 to 2001:db93::2 port 49667
2306. MS-MPPE-Recv-Key =
2307. 0x84faf1a0e36f0f769f56ab0ac628622eb479ca87eae2bb989563b4a133172fe8
2308. MS-MPPE-Send-Key =
2309. 0xba374fdefbe520c26dfcb59013e12d4f23989b63215c29389850cc5d65146726
2310. EAP-Message = 0x03cf0004
2311. Message-Authenticator = 0x00000000000000000000000000000000
2312. User-Name = "anonymous"
2313. Fri Sep 24 03:06:55 2010 : Info: Finished request 27.
2314. Fri Sep 24 03:06:55 2010 : Debug: Going to the next request
2315. Fri Sep 24 03:06:55 2010 : Debug: Waking up in 4.7 seconds.
2316. rad_recv: Accounting-Request packet from host 2001:db93::2 port 33610,
2317. id=11, length=181
2318. Acct-Session-Id = "4C9C0536-00000000"
2319. Acct-Status-Type = Start
2320. Acct-Authentic = RADIUS
2321. User-Name = "anonymous"
2322. NAS-IPv6-Address = 2001:db93::2
2323. NAS-Identifier = "panosAP-MR2"
2324. NAS-Port = 1
2325. Called-Station-Id = "00-1C-F0-9D-22-FF:panos_secure2"
2326. Calling-Station-Id = "00-1B-2F-2C-AD-D9"
2327. NAS-Port-Type = Wireless-802.11
2328. Connect-Info = "CONNECT 54Mbps 802.11g"
2329. Fri Sep 24 03:06:55 2010 : Info: # Executing section preacct from file
2330. /usr/local/etc/raddb/sites-enabled/default
2331. Fri Sep 24 03:06:55 2010 : Info: +- entering group preacct {...}
2332. Fri Sep 24 03:06:55 2010 : Info: ++[preprocess] returns ok
2333. Fri Sep 24 03:06:55 2010 : Info: [acct_unique] WARNING: Attribute
2334. Client-IP-Address was not found in request, unique ID MAY be inconsistent
2335. Fri Sep 24 03:06:55 2010 : Info: [acct_unique] WARNING: Attribute
2336. NAS-IP-Address was not found in request, unique ID MAY be inconsistent
2337. Fri Sep 24 03:06:55 2010 : Info: [acct_unique] Hashing 'NAS-Port =
2338. 1,,,Acct-Session-Id = "4C9C0536-00000000",User-Name = "anonymous"'
2339. Fri Sep 24 03:06:55 2010 : Info: [acct_unique] Acct-Unique-Session-ID =
2340. "bee22e2205dd4cd8".
2341. Fri Sep 24 03:06:55 2010 : Info: ++[acct_unique] returns ok
2342. Fri Sep 24 03:06:55 2010 : Info: [suffix] No '@' in User-Name =
2343. "anonymous", looking up realm NULL
2344. Fri Sep 24 03:06:55 2010 : Info: [suffix] No such realm "NULL"
2345. Fri Sep 24 03:06:55 2010 : Info: ++[suffix] returns noop
2346. Fri Sep 24 03:06:55 2010 : Info: ++[files] returns noop
2347. Fri Sep 24 03:06:55 2010 : Info: # Executing section accounting from file
2348. /usr/local/etc/raddb/sites-enabled/default
2349. Fri Sep 24 03:06:55 2010 : Info: +- entering group accounting {...}
2350. Fri Sep 24 03:06:55 2010 : Info: [detail] expand:
2351. /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d ->
2352. /usr/local/var/log/radius/radacct//detail-20100924
2353. Fri Sep 24 03:06:55 2010 : Info: [detail]
2354. /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
2355. expands to /usr/local/var/log/radius/radacct//detail-20100924
2356. Fri Sep 24 03:06:55 2010 : Info: [detail] expand: %t -> Fri Sep 24
2357. 03:06:55 2010
2358. Fri Sep 24 03:06:55 2010 : Info: ++[detail] returns ok
2359. Fri Sep 24 03:06:55 2010 : Info: [unix] IPv6 is not supported!
2360. Fri Sep 24 03:06:55 2010 : Info: ++[unix] returns noop
2361. Fri Sep 24 03:06:55 2010 : Debug: rlm_radutmp: IPv6 not supported!
2362. Fri Sep 24 03:06:55 2010 : Info: ++[radutmp] returns noop
2363. Fri Sep 24 03:06:55 2010 : Info: [attr_filter.accounting_response]
2364. expand: %{User-Name} -> anonymous
2365. Fri Sep 24 03:06:55 2010 : Debug: attr_filter: Matched entry DEFAULT at
2366. line 12
2367. Fri Sep 24 03:06:55 2010 : Info: ++[attr_filter.accounting_response]
2368. returns updated
2369. Sending Accounting-Response of id 11 to 2001:db93::2 port 33610
2370. Fri Sep 24 03:06:55 2010 : Info: Finished request 28.
2371. Fri Sep 24 03:06:55 2010 : Info: Cleaning up request 28 ID 11 with
2372. timestamp +225
2373. Fri Sep 24 03:06:55 2010 : Debug: Going to the next request
2374. Fri Sep 24 03:06:55 2010 : Debug: Waking up in 4.6 seconds.
2375. Fri Sep 24 03:07:00 2010 : Info: Cleaning up request 18 ID 1 with
2376. timestamp +225
2377. Fri Sep 24 03:07:00 2010 : Info: Cleaning up request 19 ID 2 with
2378. timestamp +225