Fwd: (RADIATOR) Help me with 802.1x on AlliedTelesyn switch please
Pavel Paprok
ppaprok at applet.cz
Mon Feb 2 07:22:53 CST 2004
yes, firmware is recent - AT-S39 v3.2.0 firmware update.
as wrotten in software release notes there is 802.1x support
since fw 3.1.0. (3.1.1 and 3.2.0 has no new features), there stay:
"Two types of RADIUS servers have been verified as fully
compatible with this feature: Funk Software Steel-Belted Radius
and Free Radius. Two types of 802.1x clients have been
verified to be fully-compatible: Microsoft WinXP client
and Meeting House Aegis client."
all info on product page:
http://www.alliedtelesyn.com/allied/support/viewproductsupport.asp?id=637&type=&dosearch=1&sub=0&product=AT%2D8012M&back=true&country=2&lang=en
i really need to get it work with radiator
pavel
Mike McCauley wrote:
>Hello Pabel,
>
>thanks for sending more complete logs.
>
>>From close examination of the log, I can see that Radiator sends the first
>part of the server certificate back to the client, but then, instead of
>sending an acknowledgement, the client again sends another EAP identity. This
>is incorrect behaviour.
>
>I seriously suspect that there is a problem with the AT-8012M firmware. Can
>you confirm the correct firmware version with Allied?
>
>Cheers.
>
>
>On Mon, 2 Feb 2004 06:31 pm, Hugh Irvine wrote:
>
>
>
>>Begin forwarded message:
>>
>>
>>>From: Pavel Paprok <ppaprok at applet.cz>
>>>Date: 31 January 2004 08:18:06 GMT+11:00
>>>To: Mike McCauley <mikem at open.com.au>
>>>Cc: radiator at open.com.au
>>>Subject: Re: (RADIATOR) Help me with 802.1x on AlliedTelesyn switch
>>>please
>>>
>>>Mike McCauley wrote:
>>>
>>>
>>>>Hello Pavel,
>>>>
>>>>I cant tell exactly what the problem is at this stage. It would help
>>>>if you sent more of the Radiator log file, since the part you sent
>>>>only covers the beginning of the authentication process.
>>>>
>>>>
>>>hallo,
>>>in this message i replaced old logs by new created logs - a bit
>>>longer....
>>>my config was still exactly same except MaxFragmentSize reduced to 800
>>>but with no effect.
>>>
>>>also i add log from successfull 802.1x connection to other switch -
>>>HPProCurve
>>>- for compare - from exactly same radiator server and xsupplicant
>>>station, HP switch
>>>only on different ip. these logs are on end of this message if you
>>>want to see...
>>>
>>>
>>>
>>>>Since your Radiator works with other APs and the same clients, and
>>>>since this AP is supposed to work with FreeRadius, you might consider
>>>>reducing the size of EAPTLS_MaxFragmentSize to less than 1024, try
>>>>say 1000 or 800?
>>>>
>>>>
>>>of course, i try all possible values of this parameter from 512 to 4k
>>>but no advance...
>>>
>>>bye,
>>>pavel
>>>
>>>
>>>
>>>>Cheers.
>>>>
>>>>On Fri, 30 Jan 2004 04:38 am, Pavel Paprok wrote:
>>>>
>>>>
>>>>>Hallo,
>>>>>
>>>>>I just trying to authorise ethernet ports on manageable switch
>>>>>Allied Telesyn AT-8012M (latest software AT-S39, v3.2.0)
>>>>>with enabled 802.1x by EAP/PEAP/MSCHAPv2.
>>>>>radius is Radiator v3.8 one server licensed, system is RedHat9.
>>>>>supplicant is latest xsupplicant (v0.8b) but with native
>>>>>WinXP clients auth do not work too.
>>>>>certificates are from test suite of radiator.
>>>>>
>>>>>there should be no general error in my radiator configuration because
>>>>>exactly same 802.1x eap configuration with ports of other ethernet
>>>>>switches we use, wired (HP Procurve 2412,...) or wireless AP
>>>>>(DLink,..)
>>>>>works good (with same xsupplicants and WinXP 802.1x system clients).
>>>>>
>>>>>very basic radius configuration on Allied should be also ok because
>>>>>when authorising of serial console account (manage prompt) from the
>>>>>radius
>>>>>it works properly, but not on its ethernet ports thru 802.1x
>>>>>eap/peapmschapv2.
>>>>>(auth of its serial console from config below removed for simplicity)
>>>>>
>>>>>in manual of AlliedTelesyn switch wrotten that its 802.1x was tested
>>>>>with
>>>>>WinXP clients and FreeRadius radius server - but Radiator should
>>>>>be in 802.1x better, are so?
>>>>>
>>>>>Please help, what should I try next to get it run?
>>>>>
>>>>>thanks,
>>>>>Pavel
>>>>>
>>>>>--------------------------------------------------------------
>>>>>here is log from x supplicant:
>>>>>
>>>>>
>>>[root at pp2 root]# xsupplicant -i eth1 -d 5
>>>Calling do_eapol, with device eth1
>>>Setup on device eth1 complete
>>>(EAPMD5) Initalized
>>>(EAPMS-CHAP) Initalized
>>>Done with init.
>>>Sending EAPOL-Start #1
>>>## eap_decode_packet ##: Got an EAP request
>>>## eap_decode_packet ##: Type is Identity
>>>Connection Established, authenticating...
>>>ACQUIRED
>>>## eap_decode_packet ##: Got an EAP failure
>>>Failed to Authenticate
>>>CONNECTING
>>>## eap_decode_packet ##: Got an EAP request
>>>## eap_decode_packet ##: Type is Identity
>>>Connection Established, authenticating...
>>>ACQUIRED
>>>## eap_decode_packet ##: Got an EAP request
>>>## eap_decode_packet ##: Type is Identity
>>>Connection Established, authenticating...
>>>## eap_decode_packet ##: Got an EAP request
>>>### Type is 25, length: 6
>>>Loading certificate /etc/1x/certs/CAroot.pem . . .
>>>(TLS)Loaded root certificate /etc/1x/certs/CAroot.pem and dirctory
>>>(null)
>>> --- SSL : before/connect initialization
>>> --- SSL : before/connect initialization
>>> --- SSL : SSLv3 write client hello A
>>> --- SSL : SSLv3 read server hello A
>>>Destination : 1:80:c2:0:0:3
>>>AUTHENTICATING
>>>
>>>
>>>...here it stay ~ 20 .. 30 sec
>>>
>>>
>>>## eap_decode_packet ##: Got an EAP request
>>>## eap_decode_packet ##: Type is Identity
>>>Connection Established, authenticating...
>>>ACQUIRED
>>>
>>>
>>>... here it stay again ~ 20 sec
>>>
>>>
>>>## eap_decode_packet ##: Got an EAP failure
>>>Failed to Authenticate
>>>CONNECTING
>>>## eap_decode_packet ##: Got an EAP request
>>>## eap_decode_packet ##: Type is Identity
>>>Connection Established, authenticating...
>>>ACQUIRED
>>>## eap_decode_packet ##: Got an EAP failure
>>>Failed to Authenticate
>>>CONNECTING
>>>## eap_decode_packet ##: Got an EAP request
>>>## eap_decode_packet ##: Type is Identity
>>>Connection Established, authenticating...
>>>ACQUIRED
>>>## eap_decode_packet ##: Got an EAP request
>>>## eap_decode_packet ##: Type is Identity
>>>Connection Established, authenticating...
>>>## eap_decode_packet ##: Got an EAP request
>>>## eap_decode_packet ##: Type is Identity
>>>Connection Established, authenticating...
>>>## eap_decode_packet ##: Got an EAP failure
>>>Failed to Authenticate
>>>CONNECTING
>>>## eap_decode_packet ##: Got an EAP request
>>>## eap_decode_packet ##: Type is Identity
>>>Connection Established, authenticating...
>>>ACQUIRED
>>>## eap_decode_packet ##: Got an EAP request
>>>## eap_decode_packet ##: Type is Identity
>>>Connection Established, authenticating...
>>>## eap_decode_packet ##: Got an EAP request
>>>### Type is 25, length: 6
>>> --- SSL : SSLv3 read server hello A
>>>Destination : 1:80:c2:0:0:3
>>>AUTHENTICATING
>>>(EAPMD5) Cleaning up.
>>>(EAPMS-CHAP) Cleaning up.
>>>[root at pp2 root]#
>>>
>>>... end was because i stopped xsupplicant
>>>
>>>
>>>LOG FROM RADIATOR:
>>>
>>>
>>>Fri Jan 30 21:10:23 2004: DEBUG: Reading users file
>>>/etc/radiator/outerEAPusers
>>>Fri Jan 30 21:10:23 2004: DEBUG: Finished reading configuration file
>>>'/etc/radiator/radius.cfg'
>>>Fri Jan 30 21:10:23 2004: DEBUG: Reading dictionary file
>>>'/etc/radiator/dictionary'
>>>Fri Jan 30 21:10:23 2004: DEBUG: Creating authentication port
>>>0.0.0.0:1812
>>>Fri Jan 30 21:10:23 2004: DEBUG: Creating accounting port 0.0.0.0:1813
>>>Fri Jan 30 21:10:23 2004: NOTICE: Server started: Radiator 3.8 on
>>>data.applet.cz
>>>Fri Jan 30 21:10:28 2004: DEBUG: Packet dump:
>>>*** Received from a.b.c.d port 516 ....
>>>Code: Access-Request
>>>Identifier: 49
>>>Authentic: <136><150><30>Q<236><19><188>m<146><31><142>Jg<160><209>7
>>>Attributes:
>>> User-Name = "wifi"
>>> NAS-IP-Address = a.b.c.d
>>> NAS-Port = 3
>>> Called-Station-Id = "00:0C:46:22:71:20"
>>> Calling-Station-Id = "00:30:4F:20:F1:54"
>>> Framed-MTU = 1400
>>> NAS-Port-Type = Ethernet
>>> Connect-Info = "100Mbps"
>>> EAP-Message = <2><164><0><9><1>wifi
>>> Message-Authenticator =
>>><199><156>a<169>2y'<242><187><201>@*'<187><10>r
>>>
>>>Fri Jan 30 21:10:28 2004: DEBUG: Handling request with Handler ''
>>>Fri Jan 30 21:10:28 2004: DEBUG: Deleting session for wifi, a.b.c.d, 3
>>>Fri Jan 30 21:10:28 2004: DEBUG: Handling with Radius::AuthFILE:
>>>Fri Jan 30 21:10:28 2004: DEBUG: Handling with EAP: code 2, 164, 9
>>>Fri Jan 30 21:10:28 2004: DEBUG: Response type 1
>>>Fri Jan 30 21:10:28 2004: DEBUG: EAP result: 3, EAP PEAP Challenge
>>>Fri Jan 30 21:10:28 2004: DEBUG: Access challenged for wifi: EAP PEAP
>>>Challenge
>>>Fri Jan 30 21:10:28 2004: DEBUG: Packet dump:
>>>*** Sending to a.b.c.d port 516 ....
>>>Code: Access-Challenge
>>>Identifier: 49
>>>Authentic: <136><150><30>Q<236><19><188>m<146><31><142>Jg<160><209>7
>>>Attributes:
>>> EAP-Message = <1><165><0><6><25>!
>>> Message-Authenticator =
>>><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>>>
>>>
>>>
>>>Fri Jan 30 21:10:28 2004: DEBUG: Packet dump:
>>>*** Received from a.b.c.d port 516 ....
>>>Code: Access-Request
>>>Identifier: 51
>>>Authentic: X<28><138><228><24><18>jG<157><193><233><241><204><198>g7
>>>Attributes:
>>> User-Name = "wifi"
>>> NAS-IP-Address = a.b.c.d
>>> NAS-Port = 3
>>> Called-Station-Id = "00:0C:46:22:71:20"
>>> Calling-Station-Id = "00:30:4F:20:F1:54"
>>> Framed-MTU = 1400
>>> NAS-Port-Type = Ethernet
>>> Connect-Info = "100Mbps"
>>> EAP-Message =
>>><2><165><0>n<25><129><0><0><0>d<22><3><1><0>_<1><0><0>[<3><1>@<26><186>
>>>8F<6><177><135><208><190><148><254><[<248>j<10><17><201><139><8><189><1
>>>61><227><22><145>u8<133>)<163><175><0><0>4<0>9<0>8<0>5<0><22><0><19><0>
>>><10><0>3<0>2<0>/
>>><0>f<0><5><0><4><0>c<0>b<0>a<0><21><0><18><0><9><0>e<0>d<0>`<0><20><0><
>>>17><0><8><0><6><0><3><1><0>
>>> Message-Authenticator =
>>>^<132><22><142>M<235>j<152><24><234><153><184>z<17><19><210>
>>>
>>>Fri Jan 30 21:10:28 2004: DEBUG: Handling request with Handler ''
>>>Fri Jan 30 21:10:28 2004: DEBUG: Deleting session for wifi, a.b.c.d, 3
>>>Fri Jan 30 21:10:28 2004: DEBUG: Handling with Radius::AuthFILE:
>>>Fri Jan 30 21:10:28 2004: DEBUG: Handling with EAP: code 2, 165, 110
>>>Fri Jan 30 21:10:28 2004: DEBUG: Response type 25
>>>Fri Jan 30 21:10:28 2004: DEBUG: EAP TLS SSL_accept result: -1, 2, 8576
>>>Fri Jan 30 21:10:28 2004: DEBUG: EAP result: 3, EAP PEAP Challenge
>>>Fri Jan 30 21:10:28 2004: DEBUG: Access challenged for wifi: EAP PEAP
>>>Challenge
>>>Fri Jan 30 21:10:28 2004: DEBUG: Packet dump:
>>>*** Sending to a.b.c.d port 516 ....
>>>Code: Access-Challenge
>>>Identifier: 51
>>>Authentic: X<28><138><228><24><18>jG<157><193><233><241><204><198>g7
>>>Attributes:
>>> EAP-Message =
>>><1><166><3>*<25><193><0><0><8>P<22><3><1><0>J<2><0><0>F<3><1>@<26><186>
>>>4h|<243>I<135><247><152><140><127>\C\<207><201><240><247><128>N<205><18
>>>6><136>t<204><214><204>pcX
>>><211>{i<254><0><146>GEIt<197>s<134><164>WE3I<229>E<128><231><15>f]J<28>
>>><161><196><222><193>Y<0>5<0><22><3><1><7><27><11><0><7><23><0><7><20><0
>>>
>>>
>>>
>>>><2><209>0<130><2><205>0<130><2>6<160><3><2><1><2><2><1><2>0<13><6><9>*
>>>>
>>>>
>>><134>H<134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19
>>>
>>>
>>>
>>>><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19>
>>>>
>>>>
>>><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC Demo
>>>Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate Sec
>>> EAP-Message = tion1/0-<6><3>U<4><3><19>&OSC Test CA (do not use
>>>in production)1
>>>0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30>
>>><23><13>030227061500Z<23><13>040227061500Z0u1<11>0<9><6><3>U<4><6><19><
>>>2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9
>>>
>>>
>>>
>>>>Melbourne1<24>0<22><6><3>U<4><10><19><15>My Test
>>>>
>>>>
>>>Company1%0#<6><3>U<4><3><19><28>test.server.some.company.com0<129><159>
>>>0<13><6><9>*<134>H<134><247><13><1><1>
>>> EAP-Message =
>>><1><5><0><3><129><141><0>0<129><137><2><129><129><0><196><186>)<217><24
>>>5><205><159>@<144><133><177><255>0<165><3><215>cGR<136><231><253>9<193>
>>><13><255>m@<220>y^<160><244><236>Sa'<198>^<231><158>4<156>"<242>IS<151>
>>><30><211>$<142><196>!}R<146><166><129>yh<17><162><207><196><0><171>5s<1
>>>87><229><139>2<250><146><1><187><207><226><203>5<251><178><1><212><178>
>>><141><219>O<253><134><213>N|<172>:
>>>J<23><173><161><191><141><25>&<198>Fi<17><181><137>Fy<0><177><210><215>
>>><186>x<141><197><212>s<145><235>\<164><8>!
>>><2><3><1><0><1><163><23>0<21>0<19><6><3>U<29>%<4><12>0<10><6><8>+<6><1>
>>><5><5><7><3><1>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0><3><129><
>>>129><0><20>m<159><141><185><184><252><248><201>FM<195>PB(^<127>3<24><13
>>>6><172><19><211><137><132>EF<170>9<236>^<187><146><253><171><200><183><
>>>230><148><142><21>_<9>^<227><10>3<162><186><214><206><197>Tq<219><4>r<2
>>>39>?<1><16><203>
>>> EAP-Message =
>>>T<0><161>wm<173>S<4><0>)<141><209><<197>tT<228><150>P<156><22>^zes^<202
>>>
>>>
>>>
>>>>u<161><176>F3=<4><200><229><154>q<146><194>cy<23>z*o><219><28><206>t
>>>>
>>>>
>>> Message-Authenticator =
>>><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>>>
>>>Fri Jan 30 21:11:29 2004: DEBUG: Packet dump:
>>>*** Received from a.b.c.d port 516 ....
>>>Code: Access-Request
>>>Identifier: 55
>>>Authentic:
>>><151><136><183><6><213>N<227><8><165><160><196>%<248><156><166><11>
>>>Attributes:
>>> User-Name = "wifi"
>>> NAS-IP-Address = a.b.c.d
>>> NAS-Port = 3
>>> Called-Station-Id = "00:0C:46:22:71:20"
>>> Calling-Station-Id = "00:30:4F:20:F1:54"
>>> Framed-MTU = 1400
>>> NAS-Port-Type = Ethernet
>>> Connect-Info = "100Mbps"
>>> EAP-Message = <2><169><0><9><1>wifi
>>> Message-Authenticator = r<214>vt<240>y%<150>K^=-<241><191><<212>
>>>
>>>Fri Jan 30 21:11:29 2004: DEBUG: Handling request with Handler ''
>>>Fri Jan 30 21:11:29 2004: DEBUG: Deleting session for wifi, a.b.c.d, 3
>>>Fri Jan 30 21:11:29 2004: DEBUG: Handling with Radius::AuthFILE:
>>>Fri Jan 30 21:11:29 2004: DEBUG: Handling with EAP: code 2, 169, 9
>>>Fri Jan 30 21:11:29 2004: DEBUG: Response type 1
>>>Fri Jan 30 21:11:29 2004: DEBUG: Resuming session for
>>>Radius::Context=HASH(0x857b140)
>>>
>>>Fri Jan 30 21:11:29 2004: DEBUG: EAP result: 3, EAP PEAP Challenge
>>>Fri Jan 30 21:11:29 2004: DEBUG: Access challenged for wifi: EAP PEAP
>>>Challenge
>>>Fri Jan 30 21:11:29 2004: DEBUG: Packet dump:
>>>*** Sending to a.b.c.d port 516 ....
>>>Code: Access-Challenge
>>>Identifier: 55
>>>Authentic:
>>><151><136><183><6><213>N<227><8><165><160><196>%<248><156><166><11>
>>>Attributes:
>>> EAP-Message = <1><170><0><6><25>!
>>> Message-Authenticator =
>>><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>>>
>>>Fri Jan 30 21:11:29 2004: DEBUG: Packet dump:
>>>*** Received from a.b.c.d port 516 ....
>>>Code: Access-Request
>>>Identifier: 57
>>>Authentic: <6>x<9><127>$k<228>3P<<230><219>JH<183>v
>>>Attributes:
>>> User-Name = "wifi"
>>> NAS-IP-Address = a.b.c.d
>>> NAS-Port = 3
>>> Called-Station-Id = "00:0C:46:22:71:20"
>>> Calling-Station-Id = "00:30:4F:20:F1:54"
>>> Framed-MTU = 1400
>>> NAS-Port-Type = Ethernet
>>> Connect-Info = "100Mbps"
>>> EAP-Message = <2><170><0><6><25><1>
>>> Message-Authenticator =
>>>u<242>THJ<214><131>,<17><195>$<9>c<19>*<174>
>>>
>>>Fri Jan 30 21:11:29 2004: DEBUG: Handling request with Handler ''
>>>Fri Jan 30 21:11:29 2004: DEBUG: Deleting session for wifi, a.b.c.d, 3
>>>Fri Jan 30 21:11:29 2004: DEBUG: Handling with Radius::AuthFILE:
>>>Fri Jan 30 21:11:29 2004: DEBUG: Handling with EAP: code 2, 170, 6
>>>Fri Jan 30 21:11:29 2004: DEBUG: Response type 25
>>>Fri Jan 30 21:11:29 2004: DEBUG: EAP result: 2, EAP PEAP Nothing to
>>>read or write
>>>Fri Jan 30 21:11:57 2004: NOTICE: SIGTERM received: stopping
>>> EAP-Message = <1><170><0><6><25>!
>>> Message-Authenticator =
>>><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>>>
>>>Fri Jan 30 21:11:29 2004: DEBUG: Packet dump:
>>>*** Received from a.b.c.d port 516 ....
>>>Code: Access-Request
>>>Identifier: 57
>>>Authentic: <6>x<9><127>$k<228>3P<<230><219>JH<183>v
>>>Attributes:
>>> User-Name = "wifi"
>>> NAS-IP-Address = a.b.c.d
>>> NAS-Port = 3
>>> Called-Station-Id = "00:0C:46:22:71:20"
>>> Calling-Station-Id = "00:30:4F:20:F1:54"
>>> Framed-MTU = 1400
>>> NAS-Port-Type = Ethernet
>>> Connect-Info = "100Mbps"
>>> EAP-Message = <2><170><0><6><25><1>
>>> Message-Authenticator =
>>>u<242>THJ<214><131>,<17><195>$<9>c<19>*<174>
>>>
>>>Fri Jan 30 21:11:29 2004: DEBUG: Handling request with Handler ''
>>>Fri Jan 30 21:11:29 2004: DEBUG: Deleting session for wifi, a.b.c.d, 3
>>>Fri Jan 30 21:11:29 2004: DEBUG: Handling with Radius::AuthFILE:
>>>Fri Jan 30 21:11:29 2004: DEBUG: Handling with EAP: code 2, 170, 6
>>>Fri Jan 30 21:11:29 2004: DEBUG: Response type 25
>>>Fri Jan 30 21:11:29 2004: DEBUG: EAP result: 2, EAP PEAP Nothing to
>>>read or write
>>>Fri Jan 30 21:11:57 2004: NOTICE: SIGTERM received: stopping
>>>
>>>
>>>
>>>>>---------------------------------------------------------------------
>>>>>------
>>>>>---------------------------------- fragment of radiator config:
>>>>>
>>>>><Client a.b.c.d>
>>>>> Secret xxxxxx
>>>>> Identifier 8021xAllied
>>>>></Client>
>>>>><Handler Request-Type = Accounting-Request>
>>>>> <AuthBy SQL>
>>>>> DBSource dbi:mysql:radiator
>>>>> DBUsername radiator
>>>>> DBAuth xxxxx
>>>>> # Just accounting, no auth
>>>>> IgnoreAuthentication
>>>>> AuthSelect
>>>>> AccountingTable inetaccounting
>>>>> AcctColumnDef username,User-Name
>>>>> AcctColumnDef time_stamp,Timestamp,integer
>>>>> AcctColumnDef acctstatustype,Acct-Status-Type
>>>>> AcctColumnDef acctinputoctets,Acct-Input-Octets,integer
>>>>> AcctColumnDef acctoutputoctets,Acct-Output-Octets,integer
>>>>> AcctColumnDef acctsessiontime,Acct-Session-Time,integer
>>>>> AcctColumnDef acctterminatecause,Acct-Terminate-Cause
>>>>> AcctColumnDef nasidentifier,NAS-Identifier
>>>>> AcctColumnDef framedipaddress,Framed-IP-Address
>>>>> </AuthBy>
>>>>></Handler>
>>>>><Handler TunnelledByPEAP=1>
>>>>> <AuthBy SQL>
>>>>> DBSource dbi:mysql:radiator
>>>>> DBUsername radiator
>>>>> DBAuth xxxxx
>>>>> AuthSelect select password from inetusers where \
>>>>> username = %0 and locked = 0
>>>>> EAPType MSCHAP-V2
>>>>> </AuthBy>
>>>>></Handler>
>>>>><Handler>
>>>>> <AuthBy FILE>
>>>>> # outer auth file, only anonymous inside
>>>>> Filename /etc/radiator/outerEAPusers
>>>>> EAPType PEAP
>>>>> EAPTLS_CAFile %D/certificates/demoCA/cacert.pem
>>>>> EAPTLS_CertificateFile %D/certificates/cert-srv.pem
>>>>> EAPTLS_CertificateType PEM
>>>>> EAPTLS_PrivateKeyFile %D/certificates/cert-srv.pem
>>>>> EAPTLS_PrivateKeyPassword whatever
>>>>> EAPTLS_MaxFragmentSize 1024
>>>>> SSLeayTrace 4 # 1=ciphers, 2=trace, 3=dump data
>>>>> </AuthBy> # auth by file
>>>>></Handler>
>>>>>
>>>>>
>>>>>===
>>>>>Archive at http://www.open.com.au/archives/radiator/
>>>>>Announcements on radiator-announce at open.com.au
>>>>>To unsubscribe, email 'majordomo at open.com.au' with
>>>>>'unsubscribe radiator' in the body of the message.
>>>>>
>>>>>
>>>-----------------------------------------------------------------------
>>>----------------------------------
>>>
>>>XSUPPLICANT LOG FROM SUCCESSFULL AUTH WITH HP:
>>>
>>>[root at pp2 root]# xsupplicant -i eth1 -d 5
>>>Calling do_eapol, with device eth1
>>>Setup on device eth1 complete
>>>(EAPMD5) Initalized
>>>(EAPMS-CHAP) Initalized
>>>Done with init.
>>>Sending EAPOL-Start #1
>>>## eap_decode_packet ##: Got an EAP request
>>>## eap_decode_packet ##: Type is Identity
>>>Connection Established, authenticating...
>>>ACQUIRED
>>>## eap_decode_packet ##: Got an EAP request
>>>### Type is 25, length: 6
>>>Loading certificate /etc/1x/certs/CAroot.pem . . .
>>>(TLS)Loaded root certificate /etc/1x/certs/CAroot.pem and dirctory
>>>(null)
>>> --- SSL : before/connect initialization
>>> --- SSL : before/connect initialization
>>> --- SSL : SSLv3 write client hello A
>>> --- SSL : SSLv3 read server hello A
>>>Destination : 1:80:c2:0:0:3
>>>AUTHENTICATING
>>>## eap_decode_packet ##: Got an EAP request
>>>### Type is 25, length: 810
>>>(EAPTTLS) Saved packet fragment.
>>>Destination : 1:80:c2:0:0:3
>>>## eap_decode_packet ##: Got an EAP request
>>>### Type is 25, length: 806
>>>(EAPTTLS) Saved packet fragment.
>>>Destination : 1:80:c2:0:0:3
>>>## eap_decode_packet ##: Got an EAP request
>>>### Type is 25, length: 534
>>>(TTLS) Saved final data fragment!
>>>16 3 1 0 4a 2 0 0 46 3 1 40 1a bc 11 b6
>>> --- SSL : SSLv3 read server hello A
>>> --- SSL : SSLv3 read server certificate A
>>> --- SSL : SSLv3 read server certificate request A
>>> --- SSL : SSLv3 read server done A
>>> --- SSL : SSLv3 write client certificate A
>>> --- SSL : SSLv3 write client key exchange A
>>> --- SSL : SSLv3 write change cipher spec A
>>> --- SSL : SSLv3 write finished A
>>> --- SSL : SSLv3 flush data
>>> --- SSL : SSLv3 read finished A
>>>
>>>Destination : 1:80:c2:0:0:3
>>>## eap_decode_packet ##: Got an EAP request
>>>### Type is 25, length: 69
>>>(EAPTTLS) Saved packet fragment.
>>>14 3 1 0 1 1 16 3 1 0 30 cb 44 49 2a cb
>>> --- SSL : SSLv3 read finished A
>>> --- SSL : SSL negotiation finished successfully
>>> --- SSL : SSL negotiation finished successfully
>>>Destination : 1:80:c2:0:0:3
>>>## eap_decode_packet ##: Got an EAP request
>>>### Type is 25, length: 80
>>>Destination : 1:80:c2:0:0:3
>>>## eap_decode_packet ##: Got an EAP request
>>>### Type is 25, length: 112
>>>(EAPMS-CHAP) ID : 09
>>>Username = wifi -- Password = hifi
>>>Destination : 1:80:c2:0:0:3
>>>## eap_decode_packet ##: Got an EAP request
>>>### Type is 25, length: 144
>>>(EAPMS-CHAP) ID : 0a
>>>Username = wifi -- Password = hifi
>>>Destination : 1:80:c2:0:0:3
>>>## eap_decode_packet ##: Got an EAP request
>>>### Type is 25, length: 80
>>>Destination : 1:80:c2:0:0:3
>>>## eap_decode_packet ##: Got an EAP success
>>>Authentication Succeeded
>>>AUTHENTICATED
>>>Bingo!
>>>LOGOFF
>>>(EAPMD5) Cleaning up.
>>>(EAPMS-CHAP) Cleaning up.
>>>[root at pp2 root]#
>>>
>>>... all process is ok and take 2 - 3 sec
>>>
>>>
>>>
>>>RADIATOR LOG FROM SUCCESSFULL AUTH WITH HP:
>>>
>>>
>>>Fri Jan 30 21:18:21 2004: DEBUG: Reading users file
>>>/etc/radiator/outerEAPusers
>>>Fri Jan 30 21:18:21 2004: DEBUG: Finished reading configuration file
>>>'/etc/radiator/radius.cfg'
>>>Fri Jan 30 21:18:21 2004: DEBUG: Reading dictionary file
>>>'/etc/radiator/dictionary'
>>>Fri Jan 30 21:18:21 2004: DEBUG: Creating authentication port
>>>0.0.0.0:1812
>>>Fri Jan 30 21:18:21 2004: DEBUG: Creating accounting port 0.0.0.0:1813
>>>Fri Jan 30 21:18:21 2004: NOTICE: Server started: Radiator 3.8 on
>>>data.applet.cz
>>>Fri Jan 30 21:18:25 2004: DEBUG: Packet dump:
>>>*** Received from e.f.g.h port 1027 ....
>>>Code: Access-Request
>>>Identifier: 42
>>>Authentic: vw<228>M<2><19>PINo|<5>Z<139>h<129>
>>>Attributes:
>>> Framed-MTU = 1480
>>> NAS-IP-Address = e.f.g.h
>>> NAS-Identifier = "APPLET FM2 pater"
>>> User-Name = "wifi"
>>> Service-Type = Framed-User
>>> Framed-Protocol = PPP
>>> NAS-Port = 13
>>> NAS-Port-Type = Ethernet
>>> NAS-Port-Id = "13"
>>> Called-Station-Id = "00-08-83-95-fb-ed"
>>> Calling-Station-Id = "00-30-4f-20-f1-54"
>>> Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
>>> Tunnel-Type = 0:VLAN
>>> Tunnel-Medium-Type = 0:802
>>> Tunnel-Private-Group-ID = 5
>>> EAP-Message = <2><2><0><9><1>wifi
>>> Message-Authenticator = <3>C/<3><150>{<164>5m(<148>a<147>h<135>;
>>>
>>>Fri Jan 30 21:18:25 2004: DEBUG: Handling request with Handler ''
>>>Fri Jan 30 21:18:25 2004: DEBUG: Deleting session for wifi, e.f.g.h,
>>>13
>>>Fri Jan 30 21:18:25 2004: DEBUG: Handling with Radius::AuthFILE:
>>>Fri Jan 30 21:18:25 2004: DEBUG: Handling with EAP: code 2, 2, 9
>>>Fri Jan 30 21:18:25 2004: DEBUG: Response type 1
>>>Fri Jan 30 21:18:25 2004: DEBUG: EAP result: 3, EAP PEAP Challenge
>>>Fri Jan 30 21:18:25 2004: DEBUG: Access challenged for wifi: EAP PEAP
>>>Challenge
>>>Fri Jan 30 21:18:25 2004: DEBUG: Packet dump:
>>>*** Sending to e.f.g.h port 1027 ....
>>>Code: Access-Challenge
>>>Identifier: 42
>>>Authentic: vw<228>M<2><19>PINo|<5>Z<139>h<129>
>>>Attributes:
>>> EAP-Message = <1><3><0><6><25>!
>>> Message-Authenticator =
>>><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>>>
>>>Fri Jan 30 21:18:25 2004: DEBUG: Packet dump:
>>>*** Received from e.f.g.h port 1027 ....
>>>Code: Access-Request
>>>Identifier: 43
>>>Authentic: &g<20><189><178><3><128><185><254>_<172>u<10>{<152><241>
>>>Attributes:
>>> Framed-MTU = 1480
>>> NAS-IP-Address = e.f.g.h
>>> NAS-Identifier = "XXXXXX"
>>> User-Name = "wifi"
>>> Service-Type = Framed-User
>>> Framed-Protocol = PPP
>>> NAS-Port = 13
>>> NAS-Port-Type = Ethernet
>>> NAS-Port-Id = "13"
>>> Called-Station-Id = "00-08-83-95-fb-ed"
>>> Calling-Station-Id = "00-30-4f-20-f1-54"
>>> Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
>>> Tunnel-Type = 0:VLAN
>>> Tunnel-Medium-Type = 0:802
>>> Tunnel-Private-Group-ID = 5
>>> EAP-Message =
>>><2><3><0>n<25><129><0><0><0>d<22><3><1><0>_<1><0><0>[<3><1>@<26><188><2
>>>1><142><186>*<193>1<229><242><134><233><141><246>8<163><137><191><225><
>>>196>4<4>"<28>=<142><166><178><210><221>a<0><0>4<0>9<0>8<0>5<0><22><0><1
>>>9><0><10><0>3<0>2<0>/
>>><0>f<0><5><0><4><0>c<0>b<0>a<0><21><0><18><0><9><0>e<0>d<0>`<0><20><0><
>>>17><0><8><0><6><0><3><1><0>
>>> Message-Authenticator = <4>w<244><30>
>>>$<141>l<8><11><28><237>x"<248><197>
>>>Fri Jan 30 21:18:25 2004: DEBUG: Handling request with Handler ''
>>>Fri Jan 30 21:18:25 2004: DEBUG: Deleting session for wifi, e.f.g.h,
>>>13
>>>Fri Jan 30 21:18:25 2004: DEBUG: Handling with Radius::AuthFILE:
>>>Fri Jan 30 21:18:25 2004: DEBUG: Handling with EAP: code 2, 3, 110
>>>Fri Jan 30 21:18:25 2004: DEBUG: Response type 25
>>>Fri Jan 30 21:18:25 2004: DEBUG: EAP TLS SSL_accept result: -1, 2, 8576
>>>Fri Jan 30 21:18:25 2004: DEBUG: EAP result: 3, EAP PEAP Challenge
>>>Fri Jan 30 21:18:25 2004: DEBUG: Access challenged for wifi: EAP PEAP
>>>Challenge
>>>Fri Jan 30 21:18:25 2004: DEBUG: Packet dump:
>>>*** Sending to e.f.g.h port 1027 ....
>>>Code: Access-Challenge
>>>Identifier: 43
>>>Authentic: &g<20><189><178><3><128><185><254>_<172>u<10>{<152><241>
>>>Attributes:
>>> EAP-Message =
>>><1><4><3>*<25><193><0><0><8>P<22><3><1><0>J<2><0><0>F<3><1>@<26><188><1
>>>7><182><162><0><144><231><19><135><30>p<21><243>dl<233>)"W<234>*q<255>:
>>>mj<213><176>T<3>
>>>@N<157><133>h<222><22><1>SSS<212><216>g<243>-
>>>G,<30><137>E<179>SH~`<178><144><199>Sp/
>>><0>5<0><22><3><1><7><27><11><0><7><23><0><7><20><0><2><209>0<130><2><20
>>>5>0<130><2>6<160><3><2><1><2><2><1><2>0<13><6><9>*<134>H<134><247><13><
>>>1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3
>>>
>>>
>>>
>>>>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28
>>>><6><3>U<4><10><19><21>OSC Demo
>>>>
>>>>
>>>Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate Sec
>>> EAP-Message = tion1/0-<6><3>U<4><3><19>&OSC Test CA (do not use
>>>in production)1
>>>0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30>
>>><23><13>030227061500Z<23><13>040227061500Z0u1<11>0<9><6><3>U<4><6><19><
>>>2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9
>>>
>>>
>>>
>>>>Melbourne1<24>0<22><6><3>U<4><10><19><15>My Test
>>>>
>>>>
>>>Company1%0#<6><3>U<4><3><19><28>test.server.some.company.com0<129><159>
>>>0<13><6><9>*<134>H<134><247><13><1><1>
>>> EAP-Message =
>>><1><5><0><3><129><141><0>0<129><137><2><129><129><0><196><186>)<217><24
>>>5><205><159>@<144><133><177><255>0<165><3><215>cGR<136><231><253>9<193>
>>><13><255>m@<220>y^<160><244><236>Sa'<198>^<231><158>4<156>"<242>IS<151>
>>><30><211>$<142><196>!}R<146><166><129>yh<17><162><207><196><0><171>5s<1
>>>87><229><139>2<250><146><1><187><207><226><203>5<251><178><1><212><178>
>>><141><219>O<253><134><213>N|<172>:
>>>J<23><173><161><191><141><25>&<198>Fi<17><181><137>Fy<0><177><210><215>
>>><186>x<141><197><212>s<145><235>\<164><8>!
>>><2><3><1><0><1><163><23>0<21>0<19><6><3>U<29>%<4><12>0<10><6><8>+<6><1>
>>><5><5><7><3><1>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0><3><129><
>>>129><0><20>m<159><141><185><184><252><248><201>FM<195>PB(^<127>3<24><13
>>>6><172><19><211><137><132>EF<170>9<236>^<187><146><253><171><200><183><
>>>230><148><142><21>_<9>^<227><10>3<162><186><214><206><197>Tq<219><4>r<2
>>>39>?<1><16><203>
>>> EAP-Message =
>>>T<0><161>wm<173>S<4><0>)<141><209><<197>tT<228><150>P<156><22>^zes^<202
>>>
>>>
>>>
>>>>u<161><176>F3=<4><200><229><154>q<146><194>cy<23>z*o><219><28><206>t
>>>>
>>>>
>>> Message-Authenticator =
>>><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>>>
>>>Fri Jan 30 21:18:25 2004: DEBUG: Packet dump:
>>>*** Received from e.f.g.h port 1027 ....
>>>Code: Access-Request
>>>Identifier: 44
>>>Authentic: <214>WD-b<243><176>)<174>O<220><229><186>k<200>a
>>>Attributes:
>>> Framed-MTU = 1480
>>> NAS-IP-Address = e.f.g.h
>>> NAS-Identifier = "XXXXXX"
>>> User-Name = "wifi"
>>> Service-Type = Framed-User
>>> Framed-Protocol = PPP
>>> NAS-Port = 13
>>> NAS-Port-Type = Ethernet
>>> NAS-Port-Id = "13"
>>> Called-Station-Id = "00-08-83-95-fb-ed"
>>> Calling-Station-Id = "00-30-4f-20-f1-54"
>>> Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
>>> Tunnel-Type = 0:VLAN
>>> Tunnel-Medium-Type = 0:802
>>> Tunnel-Private-Group-ID = 5
>>> EAP-Message = <2><4><0><6><25><1>
>>> Message-Authenticator =
>>><215>2d<182><212>yp'^<129><31>D.)<225><8>
>>>
>>>Fri Jan 30 21:18:25 2004: DEBUG: Handling request with Handler ''
>>>Fri Jan 30 21:18:25 2004: DEBUG: Deleting session for wifi, e.f.g.h,
>>>13
>>>Fri Jan 30 21:18:25 2004: DEBUG: Handling with Radius::AuthFILE:
>>>Fri Jan 30 21:18:25 2004: DEBUG: Handling with EAP: code 2, 4, 6
>>>Fri Jan 30 21:18:25 2004: DEBUG: Response type 25
>>>Fri Jan 30 21:18:25 2004: DEBUG: EAP result: 3, EAP PEAP Challenge
>>>Fri Jan 30 21:18:25 2004: DEBUG: Access challenged for wifi: EAP PEAP
>>>Challenge
>>>Fri Jan 30 21:18:25 2004: DEBUG: Packet dump:
>>>*** Sending to e.f.g.h port 1027 ....
>>>Code: Access-Challenge
>>>Identifier: 44
>>>Authentic: <214>WD-b<243><176>)<174>O<220><229><186>k<200>a
>>>Attributes:
>>> EAP-Message =
>>><1><5><3>&<25>A<196><188><3><195>.%<19>mD<242><149><237>O<138><193><0><
>>>4>=0<130><4>90<130><3><162><160><3><2><1><2><2><1><0>0<13><6><9>*<134>H
>>><134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU
>>>1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Mel
>>>bourne1<30>0<28><6><3>U<4><10><19><21>OSC Demo
>>>Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate
>>>Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in production)1
>>>0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open
>>> EAP-Message =
>>>.com.au0<30><23><13>030227061411Z<23><13>050226061411Z0<129><202>1<11>0
>>><9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<1
>>>6><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
>>>Demo Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate
>>>Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in production)1
>>>0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<129
>>>
>>>
>>>
>>>><159>0<13><6><9>*<134>
>>>>
>>>>
>>> EAP-Message =
>>>H<134><247><13><1><1><1><5><0><3><129><141><0>0<129><137><2><129><129><
>>>0><193>@h<28><185>'<7><254><247>{9<233><245>3S<209>=<173>>c<144>Z<239>?
>>>b<150><224><171><219><170><170>i<226><251><234>\Jwi<210><141><249><141>
>>><148><224>|<188>V<24><209><8><223>f?
>>><149><172><6><226><18><232>1<249><227>$<176>G<164>'Y<193><160>$n<160>e<
>>>153>V<166>x<2><162><<244><4><225>T>n<18><<204><210><135><162>T<16><221>
>>><6>Pn<9>7<141><197><160><197><245><155>6<3><172><154>p<230><210>Z<159><
>>>149><192>C<255><154><220><149><3>*<156>q<2><3><1><0><1><163><130><1>+0<
>>>130><1>'0<29><6><3>U<29><14><4><22><4><20><180><27><24>R'<27><169>)<152
>>>
>>>
>>>
>>>><148>o<139>c<198><6>9\<249>s<196>0<129><247><6><3>U<29>#<4><129><239>0
>>>>
>>>>
>>><129><236><128><20><180><27><24>R'<27><169>)<152><148>o<139>c<198><6>9\
>>><249>s<196><161><129><208><164><129><205>0<129><202>1<11>0<9><6><3>U<4>
>>><6><19><2>AU1<17>0
>>> EAP-Message =
>>><15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne
>>>1<30>0<28><6><3>U<4><10><19><21>
>>> Message-Authenticator =
>>><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>>>
>>>Fri Jan 30 21:18:26 2004: DEBUG: Packet dump:
>>>*** Received from e.f.g.h port 1027 ....
>>>Code: Access-Request
>>>Identifier: 45
>>>Authentic: <134>Gt<157><18><227><224><153>^?<12>Uj[<248><209>
>>>Attributes:
>>> EAP-Message =
>>><1><5><3>&<25>A<196><188><3><195>.%<19>mD<242><149><237>O<138><193><0><
>>>4>=0<130><4>90<130><3><162><160><3><2><1><2><2><1><0>0<13><6><9>*<134>H
>>><134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU
>>>1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Mel
>>>bourne1<30>0<28><6><3>U<4><10><19><21>OSC Demo
>>>Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate
>>>Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in production)1
>>>0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open
>>> EAP-Message =
>>>.com.au0<30><23><13>030227061411Z<23><13>050226061411Z0<129><202>1<11>0
>>><9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<1
>>>6><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
>>>Demo Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate
>>>Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in production)1
>>>0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<129
>>>
>>>
>>>
>>>><159>0<13><6><9>*<134>
>>>>
>>>>
>>> EAP-Message =
>>>H<134><247><13><1><1><1><5><0><3><129><141><0>0<129><137><2><129><129><
>>>0><193>@h<28><185>'<7><254><247>{9<233><245>3S<209>=<173>>c<144>Z<239>?
>>>b<150><224><171><219><170><170>i<226><251><234>\Jwi<210><141><249><141>
>>><148><224>|<188>V<24><209><8><223>f?
>>><149><172><6><226><18><232>1<249><227>$<176>G<164>'Y<193><160>$n<160>e<
>>>153>V<166>x<2><162><<244><4><225>T>n<18><<204><210><135><162>T<16><221>
>>><6>Pn<9>7<141><197><160><197><245><155>6<3><172><154>p<230><210>Z<159><
>>>149><192>C<255><154><220><149><3>*<156>q<2><3><1><0><1><163><130><1>+0<
>>>130><1>'0<29><6><3>U<29><14><4><22><4><20><180><27><24>R'<27><169>)<152
>>>
>>>
>>>
>>>><148>o<139>c<198><6>9\<249>s<196>0<129><247><6><3>U<29>#<4><129><239>0
>>>>
>>>>
>>><129><236><128><20><180><27><24>R'<27><169>)<152><148>o<139>c<198><6>9\
>>><249>s<196><161><129><208><164><129><205>0<129><202>1<11>0<9><6><3>U<4>
>>><6><19><2>AU1<17>0
>>> EAP-Message =
>>><15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne
>>>1<30>0<28><6><3>U<4><10><19><21>
>>> Message-Authenticator =
>>><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>>>
>>>Fri Jan 30 21:18:26 2004: DEBUG: Packet dump:
>>>*** Received from e.f.g.h port 1027 ....
>>>Code: Access-Request
>>>Identifier: 45
>>>Authentic: <134>Gt<157><18><227><224><153>^?<12>Uj[<248><209>
>>>Attributes:
>>> Framed-MTU = 1480
>>> NAS-IP-Address = e.f.g.h
>>> NAS-Identifier = "XXXXXX"
>>> User-Name = "wifi"
>>> Service-Type = Framed-User
>>> Framed-Protocol = PPP
>>> NAS-Port = 13
>>> NAS-Port-Type = Ethernet
>>> NAS-Port-Id = "13"
>>> Called-Station-Id = "00-08-83-95-fb-ed"
>>> Calling-Station-Id = "00-30-4f-20-f1-54"
>>> Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
>>> Tunnel-Type = 0:VLAN
>>> Tunnel-Medium-Type = 0:802
>>> Tunnel-Private-Group-ID = 5
>>> EAP-Message = <2><5><0><6><25><1>
>>> Message-Authenticator =
>>><18>/<218><214><230><213>sTf9<206><150><207>a<186><219>
>>>
>>>Fri Jan 30 21:18:26 2004: DEBUG: Handling request with Handler ''
>>>Fri Jan 30 21:18:26 2004: DEBUG: Deleting session for wifi, e.f.g.h,
>>>13
>>>Fri Jan 30 21:18:26 2004: DEBUG: Handling with Radius::AuthFILE:
>>>Fri Jan 30 21:18:26 2004: DEBUG: Handling with EAP: code 2, 5, 6
>>>Fri Jan 30 21:18:26 2004: DEBUG: Response type 25
>>>Fri Jan 30 21:18:26 2004: DEBUG: EAP result: 3, EAP PEAP Challenge
>>>Fri Jan 30 21:18:26 2004: DEBUG: Access challenged for wifi: EAP PEAP
>>>Challenge
>>>Fri Jan 30 21:18:26 2004: DEBUG: Packet dump:
>>>*** Sending to e.f.g.h port 1027 ....
>>>Code: Access-Challenge
>>>Identifier: 45
>>>Authentic: <134>Gt<157><18><227><224><153>^?<12>Uj[<248><209>
>>>Attributes:
>>> EAP-Message = <1><6><2><22><25><1>OSC Demo
>>>Certificates1!0<31><6><3>U<4><11><19><24>Test
>>>Certificate Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in
>>>production)1 0<30><6><9>*<1
>>>34>H<134><247><13><1><9><1><22><17>mikem at open.com.au<130><1><0>0<12><6>
>>><3>U<29><19><4><5>0<3><1>
>>><1><255>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0><3><129><129><0>
>>>A<130>4<253><23>-<13><9><
>>>9><222>3<19><171>aj<23><187><195>gs<145><194>w<164>1m#<242>t<233><144><
>>>146>&g<162><190><234><145
>>>
>>>
>>>
>>>>H<159><10>^6IQ<223><219><193>@><204>b<245><12><6><133><147><132><192>f
>>>>
>>>>
>>>U<165><197><180>k<136>:<8
>>>
>>>
>>>
>>>><198><152><165>*
>>>>
>>>>
>>> EAP-Message =
>>>%<221><237><188><23><251><255><172>'n<142>H<25>q<173>t<215><212><221><2
>>>39>
>>><20>FZyd<205><240>Wbd<143><139>q]h<236><127><16><143>tA<163>4I<236><230
>>>
>>>
>>>
>>>><147><218>><175>B^<130><
>>>>
>>>>
>>>0>*9<22><3><1><0><220><13><0><0><212><2><1><2><0><207><0><205>0<129><20
>>>2>1<11>0<9><6><3>U<4><6><
>>>19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><1
>>>9><9>Melbourne1<30>0<28><
>>>6><3>U<4><10><19><21>OSC Demo
>>>Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate Section1
>>>/0-<6><3>U<4><3><19>&OSC Test CA (do not use in production)1
>>>0<30><6><9>*<134>H<134>
>>> EAP-Message =
>>><247><13><1><9><1><22><17>mikem at open.com.au<14><0><0><0>
>>> Message-Authenticator =
>>><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>>>
>>>Fri Jan 30 21:18:26 2004: DEBUG: Packet dump:
>>>*** Received from e.f.g.h port 1027 ....
>>>Code: Access-Request
>>>Identifier: 46
>>>Authentic: 67<164><13><194><211><16><9><14>/<<197><26>K(A
>>>Attributes:
>>> Framed-MTU = 1480
>>> NAS-IP-Address = e.f.g.h
>>> NAS-Identifier = "XXXXXX"
>>> User-Name = "wifi"
>>> Service-Type = Framed-User
>>> Framed-Protocol = PPP
>>> NAS-Port = 13
>>> NAS-Port-Type = Ethernet
>>> NAS-Port-Id = "13"
>>> Called-Station-Id = "00-08-83-95-fb-ed"
>>> Calling-Station-Id = "00-30-4f-20-f1-54"
>>> Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
>>> Tunnel-Type = 0:VLAN
>>> Tunnel-Medium-Type = 0:802
>>> Tunnel-Private-Group-ID = 5
>>> EAP-Message =
>>><2><6><0><220><25><129><0><0><0><210><22><3><1><0><7><11><0><0><3><0><0
>>>
>>>
>>>
>>>><0><22><3><1><0><134><16><0><0><130><0><128>g<249><15>d<211><13>FX<251
>>>>0<22><150><185><204><183>aiIss`<180><208><152><236>s@
>>>>
>>>>
>>><213><196>:<139><28><7>
>>><148><157>'<136><183>l<242><21><183><182><237>O<168>#<203>"l<162><150>3
>>><168><199><13><254><157><28><148><150><211><172><199>><165><127><174>X1
>>><18><172><9>{"<218>0<130><151><211><2><179><178>FR<182>a<234>w]<17><215
>>>
>>>
>>>
>>>><{T<206><155><137><144><25><196>T<209><189><149><198><167><187><173>U<
>>>>
>>>>
>>>186><245><163><162><2><18>u>/
>>><135><198>Y<227><227><201>M<20><3><1><0><1><1><22><3><1><0>0<151><252><
>>>10><204><172><19>Z`*E<31>N<172><14>.<163><226><225>wuD:
>>><188><31><237><238>S<144><13><145><148><248><214>{<223>H<16>(<184><4>J<
>>>132><163>Ua<184><1>l
>>> Message-Authenticator =
>>>?I<19>O<235><<217><26><155>%<157>H<237><226>?<27>
>>>
>>>Fri Jan 30 21:18:26 2004: DEBUG: Handling request with Handler ''
>>>Fri Jan 30 21:18:26 2004: DEBUG: Deleting session for wifi, e.f.g.h,
>>>13
>>>Fri Jan 30 21:18:26 2004: DEBUG: Handling with Radius::AuthFILE:
>>>Fri Jan 30 21:18:26 2004: DEBUG: Handling with EAP: code 2, 6, 220
>>>Fri Jan 30 21:18:26 2004: DEBUG: Response type 25
>>>Fri Jan 30 21:18:26 2004: DEBUG: EAP TLS SSL_accept result: 1, 0, 3
>>>Fri Jan 30 21:18:26 2004: DEBUG: EAP result: 3, EAP PEAP Challenge
>>>Fri Jan 30 21:18:26 2004: DEBUG: Access challenged for wifi: EAP PEAP
>>>Challenge
>>>Fri Jan 30 21:18:26 2004: DEBUG: Packet dump:
>>>*** Sending to e.f.g.h port 1027 ....
>>>Code: Access-Challenge
>>>Identifier: 46
>>>Authentic: 67<164><13><194><211><16><9><14>/<<197><26>K(A
>>>Attributes:
>>> EAP-Message =
>>><1><7><0>E<25><129><0><0><0>;
>>><20><3><1><0><1><1><22><3><1><0>0<203>DI*<203>g<245><240><213>P<232>Y7<
>>>15><197><248><225><9>9_f<232><181>R<203><246>Ys<19><148><140><237>^~Y<2
>>>25><184>:WU<246><178>44U",<225>
>>> Message-Authenticator =
>>><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>>>
>>>Fri Jan 30 21:18:26 2004: DEBUG: Packet dump:
>>>*** Received from e.f.g.h port 1027 ....
>>>Code: Access-Request
>>>Identifier: 47
>>>Authentic: <230>'<212>}r<195>@y<190><31>l5<202>;X<177>
>>>Attributes:
>>> Framed-MTU = 1480
>>> NAS-IP-Address = e.f.g.h
>>> NAS-Identifier = "XXXXXXX"
>>> User-Name = "wifi"
>>> Service-Type = Framed-User
>>> Framed-Protocol = PPP
>>> NAS-Port = 13
>>> NAS-Port-Type = Ethernet
>>> NAS-Port-Id = "13"
>>> Called-Station-Id = "00-08-83-95-fb-ed"
>>> Calling-Station-Id = "00-30-4f-20-f1-54"
>>> Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
>>> Tunnel-Type = 0:VLAN
>>> Tunnel-Medium-Type = 0:802
>>> Tunnel-Private-Group-ID = 5
>>> EAP-Message = <2><7><0><6><25><1>
>>> Message-Authenticator =
>>><243><164><164>S<220><8>s<152><154>P<246><154><242><9><178><164>
>>>
>>>Fri Jan 30 21:18:26 2004: DEBUG: Handling request with Handler ''
>>>Fri Jan 30 21:18:26 2004: DEBUG: Deleting session for wifi, e.f.g.h,
>>>13
>>>Fri Jan 30 21:18:26 2004: DEBUG: Handling with Radius::AuthFILE:
>>>Fri Jan 30 21:18:26 2004: DEBUG: Handling with EAP: code 2, 7, 6
>>>Fri Jan 30 21:18:26 2004: DEBUG: Response type 25
>>>Fri Jan 30 21:18:26 2004: DEBUG: EAP result: 3, EAP PEAP Challenge
>>>Fri Jan 30 21:18:26 2004: DEBUG: Access challenged for wifi: EAP PEAP
>>>Challenge
>>>Fri Jan 30 21:18:26 2004: DEBUG: Packet dump:
>>>*** Sending to e.f.g.h port 1027 ....
>>>Code: Access-Challenge
>>>Identifier: 47
>>>Authentic: <230>'<212>}r<195>@y<190><31>l5<202>;X<177>
>>>Attributes:
>>> EAP-Message = <1><8><0>P<25><1><23><3><1><0>
>>><189><169><159><137><190>Q+<208>f<4><136><224>u<167><239><130><3><128>j
>>>c<31><9><234><221><7>jn="B<1><164><23><3><1><0>
>>><242>$<<214><238><215><192><20><210><141>c<197>2<0><207><139><147><206>
>>><231>Y<186><221><214>r<197>4<218>?<233>r^`
>>> Message-Authenticator =
>>><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>>>
>>>Fri Jan 30 21:18:27 2004: DEBUG: Packet dump:
>>>*** Received from e.f.g.h port 1027 ....
>>>Code: Access-Request
>>>Identifier: 48
>>>Authentic: <150><23><4><237>"<179>p<233>n<15><156><165>z+<136>!
>>>Attributes:
>>> Framed-MTU = 1480
>>> NAS-IP-Address = e.f.g.h
>>> NAS-Identifier = "XXXXXXX"
>>> User-Name = "wifi"
>>> Service-Type = Framed-User
>>> Framed-Protocol = PPP
>>> NAS-Port = 13
>>> NAS-Port-Type = Ethernet
>>> NAS-Port-Id = "13"
>>> Called-Station-Id = "00-08-83-95-fb-ed"
>>> Calling-Station-Id = "00-30-4f-20-f1-54"
>>> Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
>>> Tunnel-Type = 0:VLAN
>>> Tunnel-Medium-Type = 0:802
>>> Tunnel-Private-Group-ID = 5
>>> EAP-Message = <2><8><0>P<25><1><23><3><1><0>
>>><234><251><162><188>i<151><194><175>Y<17><135><147><0><231><246><199><1
>>>65>9#<205>(> <203><246><136>`<206><252><239><226>I<23><3><1><0>
>>><147><200>v<238><199><163>"V2CEa<3><199><216><21><18><5><22><26><246><2
>>>48>b<12>#CZ<0><243>Y<162><253>
>>> Message-Authenticator =
>>><237>*<204><234><247><248><6>5N<221><229><140><12>N<208>b
>>>
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling request with Handler ''
>>>Fri Jan 30 21:18:27 2004: DEBUG: Deleting session for wifi, e.f.g.h,
>>>13
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling with Radius::AuthFILE:
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling with EAP: code 2, 8, 80
>>>Fri Jan 30 21:18:27 2004: DEBUG: Response type 25
>>>Fri Jan 30 21:18:27 2004: DEBUG: EAP PEAP inner authentication request
>>>for anonymous
>>>Fri Jan 30 21:18:27 2004: DEBUG: PEAP Tunnelled request Packet dump:
>>>Code: Access-Request
>>>Identifier: UNDEF
>>>Authentic: {<134><221><5><137>A<254><212><232>#_<240>&snr
>>>Attributes:
>>> EAP-Message = <2><0><0><9><1>wifi
>>> Message-Authenticator =
>>><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>>> User-Name = "anonymous"
>>> NAS-IP-Address = e.f.g.h
>>> NAS-Identifier = "XXXXXXX"
>>> NAS-Port = 13
>>> Calling-Station-Id = "00-30-4f-20-f1-54"
>>>
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling request with Handler
>>>'TunnelledByPEAP=1'
>>>Fri Jan 30 21:18:27 2004: DEBUG: Deleting session for , e.f.g.h, 13
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling with Radius::AuthSQL
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling with Radius::AuthSQL:
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling with EAP: code 2, 0, 9
>>>Fri Jan 30 21:18:27 2004: DEBUG: Response type 1
>>>Fri Jan 30 21:18:27 2004: DEBUG: EAP result: 3, EAP MSCHAP-V2 Challenge
>>>Fri Jan 30 21:18:27 2004: DEBUG: Access challenged for anonymous: EAP
>>>MSCHAP-V2 Challenge
>>>Fri Jan 30 21:18:27 2004: DEBUG: EAP result: 3, EAP PEAP inner
>>>authentication redespatched to a Handler
>>>Fri Jan 30 21:18:27 2004: DEBUG: Access challenged for wifi: EAP PEAP
>>>inner authentication redespatched to a Handler
>>>Fri Jan 30 21:18:27 2004: DEBUG: Packet dump:
>>>*** Sending to e.f.g.h port 1027 ....
>>>Code: Access-Challenge
>>>Identifier: 48
>>>Authentic: <150><23><4><237>"<179>p<233>n<15><156><165>z+<136>!
>>>Attributes:
>>> EAP-Message = <1><9><0>p<25><1><23><3><1><0>
>>><245><208><201>=<245>><196><212><171><169><184><152>G<192><190>P<150><2
>>>01>$<246><207><224>vY<7><146><238>K<191><191><9><164><23><3><1><0>@<242
>>>
>>>
>>>
>>>>v<194><182><191>"<189>&K<230>2e<29>r<222>f<193><211>r<238>B<133><244>/
>>>>
>>>>
>>><214><210><130><23><218><246>H<12>3<246><130><169><159>R<171><14><6><23
>>>
>>>
>>>
>>>><199><201><20><209>>v<184><236>E<22>(<225><24>b<177>z<170><216><191><1
>>>>
>>>>
>>>76><216>"
>>> Message-Authenticator =
>>><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>>>
>>>Fri Jan 30 21:18:27 2004: DEBUG: Packet dump:
>>>*** Received from e.f.g.h port 1027 ....
>>>Code: Access-Request
>>>Identifier: 49
>>>Authentic: F<7>4]<210><163><160>Y<30><255><204><21>*<27><184><145>
>>>Attributes:
>>> Framed-MTU = 1480
>>> NAS-IP-Address = e.f.g.h
>>> NAS-Identifier = "XXXXXXX"
>>> User-Name = "wifi"
>>> Service-Type = Framed-User
>>> Framed-Protocol = PPP
>>> NAS-Port = 13
>>> NAS-Port-Type = Ethernet
>>> NAS-Port-Id = "13"
>>> Called-Station-Id = "00-08-83-95-fb-ed"
>>> Calling-Station-Id = "00-30-4f-20-f1-54"
>>> Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
>>> Tunnel-Type = 0:VLAN
>>> Tunnel-Medium-Type = 0:802
>>> Tunnel-Private-Group-ID = 5
>>> EAP-Message = <2><9><0><144><25><1><23><3><1><0>
>>>`<224>MO<0><31><237>q<132><226><19><146
>>>
>>>
>>>
>>>><173>~+
>>>>
>>>>
>>><201><128>UG<2>n<152><242><128><22><187><214>b0<242><23><23><3><1><0>`5
>>><152>r-<19>p!_<2
>>>31><235>MjIc<215><235><200>G\<230>~<211>h>d<137><165><166>o<139>`<187><
>>>212>{<223>J<165><13>Cc<15
>>>9><149>[-
>>><182><179><21><221><181>~Y<131><175><162><236><9><154><239>Q<190>+<20><
>>>143><203><187>=<
>>>8>J<166>c<252><197>L<173>}<127>J<25>Jo<146><135><149><157><198>g<237><1
>>>40><253>U;<190><150><Fh
>>> Message-Authenticator =
>>><149>|<200>x<217>E<171><197>7<236><226><192>!s<140>U
>>>
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling request with Handler ''
>>>Fri Jan 30 21:18:27 2004: DEBUG: Deleting session for wifi, e.f.g.h,
>>>13
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling with Radius::AuthFILE:
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling with EAP: code 2, 9, 144
>>>Fri Jan 30 21:18:27 2004: DEBUG: Response type 25
>>>Fri Jan 30 21:18:27 2004: DEBUG: EAP PEAP inner authentication request
>>>for anonymous
>>>Fri Jan 30 21:18:27 2004: DEBUG: PEAP Tunnelled request Packet dump:
>>>Code: Access-Request
>>>Identifier: UNDEF
>>>Authentic: q2<232><250><210>y<142><240><10>HAI/<8><140>"
>>>Attributes:
>>> EAP-Message =
>>><2><1><0>@<26><2><1><0>11<29><216><225><23><243><0><229>*da<152>$0<147>
>>><22
>>>1><141><0><0><0><0><0><0><0><0>c<241><219><189>LC<230><218><194><134><2
>>>3><177><17><24><151>@]<15
>>>6><131>49<4>p<140><0>wifi
>>> Message-Authenticator =
>>><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>>> User-Name = "anonymous"
>>> NAS-IP-Address = e.f.g.h
>>> NAS-Identifier = "XXXXXXX"
>>> NAS-Port = 13
>>> Calling-Station-Id = "00-30-4f-20-f1-54"
>>>
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling request with Handler
>>>'TunnelledByPEAP=1'
>>>Fri Jan 30 21:18:27 2004: DEBUG: Deleting session for , e.f.g.h, 13
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling with Radius::AuthSQL
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling with Radius::AuthSQL:
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling with EAP: code 2, 1, 64
>>>Fri Jan 30 21:18:27 2004: DEBUG: Response type 26
>>>Fri Jan 30 21:18:27 2004: DEBUG: Query is: 'select password from
>>>inetusers where username = 'wif
>>>i' and locked = 0':
>>>
>>>Fri Jan 30 21:18:27 2004: DEBUG: Radius::AuthSQL looks for match with
>>>wifi
>>>Fri Jan 30 21:18:27 2004: DEBUG: Radius::AuthSQL ACCEPT:
>>>Fri Jan 30 21:18:27 2004: DEBUG: EAP result: 3, EAP MSCHAP V2
>>>Challenge: Success
>>>Fri Jan 30 21:18:27 2004: DEBUG: Access challenged for anonymous: EAP
>>>MSCHAP V2 Challenge: Success
>>>Fri Jan 30 21:18:27 2004: DEBUG: EAP result: 3, EAP PEAP inner
>>>authentication redespatched to a Handler
>>>Fri Jan 30 21:18:27 2004: DEBUG: Access challenged for wifi: EAP PEAP
>>>inner authentication redespatched to a Handler
>>>Fri Jan 30 21:18:27 2004: DEBUG: Packet dump:
>>>*** Sending to e.f.g.h port 1027 ....
>>>Code: Access-Challenge
>>>Identifier: 49
>>>Authentic: F<7>4]<210><163><160>Y<30><255><204><21>*<27><184><145>
>>>Attributes:
>>> EAP-Message = <1><10><0><144><25><1><23><3><1><0>
>>><149>Q$<23><202><190><149><174>&<138><15>KE<6><240>\oJ'b<210><244><194>
>>>H3dFs<188>7$<136><23><3><1><0>`<9><143><143>U<194>,<216><30>"<157><237>
>>><221><170>8<167>J{<199>B<134>^<129><141><165><219><230>2?
>>><173>V<231><164><144><134>b<204><152>yy<255>{6<226>'<212>\<184>U<173><2
>>>19>6<245><136><252><23><208>qC<243>^"<178>+<185><28><10>&<131>.y<198><2
>>>12><6>7<9><255>.<253><127>o<225><236>v<229>\<154><172><24>3<26>V<201><1
>>>0><246><245><252>
>>> Message-Authenticator =
>>><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>>>
>>>Fri Jan 30 21:18:27 2004: DEBUG: Packet dump:
>>>*** Received from e.f.g.h port 1027 ....
>>>Code: Access-Request
>>>Identifier: 50
>>>Authentic:
>>><246><247>d<205><130><147><208><201><206><239><252><133><218><11><232><
>>>1>
>>>Attributes:
>>> Framed-MTU = 1480
>>> NAS-IP-Address = e.f.g.h
>>> NAS-Identifier = "XXXXXXX"
>>> User-Name = "wifi"
>>> Service-Type = Framed-User
>>> Framed-Protocol = PPP
>>> NAS-Port = 13
>>> NAS-Port-Type = Ethernet
>>> NAS-Port-Id = "13"
>>> Called-Station-Id = "00-08-83-95-fb-ed"
>>> Calling-Station-Id = "00-30-4f-20-f1-54"
>>> Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
>>> Tunnel-Type = 0:VLAN
>>> Tunnel-Medium-Type = 0:802
>>> Tunnel-Private-Group-ID = 5
>>> EAP-Message = <2><10><0>P<25><1><23><3><1><0>
>>><231><0><246>p<148>L/
>>><240><129><3>k@<140>x<129><6><167><214><210>d$<9><238>O<175>w:
>>><150>^<3>!<147><23><3><1><0>
>>><217><244>&<237><<175>Q<149><216><199>Z=k<5>~<1><210><5><169><242><18><
>>>172><250><242><196><0><19><255><208>B<137><139>
>>> Message-Authenticator =
>>>p<235><220><220><219>E<150>l<236>8<238>'/<211>a<172>
>>>
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling request with Handler ''
>>>Fri Jan 30 21:18:27 2004: DEBUG: Deleting session for wifi, e.f.g.h,
>>>13
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling with Radius::AuthFILE:
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling with EAP: code 2, 10, 80
>>>Fri Jan 30 21:18:27 2004: DEBUG: Response type 25
>>>Fri Jan 30 21:18:27 2004: DEBUG: EAP PEAP inner authentication request
>>>for anonymous
>>>Fri Jan 30 21:18:27 2004: DEBUG: PEAP Tunnelled request Packet dump:
>>>Code: Access-Request
>>>Identifier: UNDEF
>>>Authentic:
>>>U$<172><211><235><156><148><226><173><208><252><142><232><174><167><19>
>>>Attributes:
>>> EAP-Message = <2><2><0><7><26><3>
>>> Message-Authenticator =
>>><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>>> User-Name = "anonymous"
>>> NAS-IP-Address = e.f.g.h
>>> NAS-Identifier = "XXXXXXX"
>>> NAS-Port = 13
>>> Calling-Station-Id = "00-30-4f-20-f1-54"
>>>
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling request with Handler
>>>'TunnelledByPEAP=1'
>>>Fri Jan 30 21:18:27 2004: DEBUG: Deleting session for , e.f.g.h, 13
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling with Radius::AuthSQL
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling with Radius::AuthSQL:
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling with EAP: code 2, 2, 7
>>>Fri Jan 30 21:18:27 2004: DEBUG: Response type 26
>>>Fri Jan 30 21:18:27 2004: DEBUG: EAP result: 0,
>>>Fri Jan 30 21:18:27 2004: DEBUG: Access accepted for anonymous
>>>Fri Jan 30 21:18:27 2004: DEBUG: EAP result: 3, EAP PEAP inner
>>>authentication redespatched to a Handler
>>>Fri Jan 30 21:18:27 2004: DEBUG: Access challenged for wifi: EAP PEAP
>>>inner authentication redespatched to a Handler
>>>Fri Jan 30 21:18:27 2004: DEBUG: Packet dump:
>>>*** Sending to e.f.g.h port 1027 ....
>>>Code: Access-Challenge
>>>Identifier: 50
>>>Authentic:
>>><246><247>d<205><130><147><208><201><206><239><252><133><218><11><232><
>>>1>
>>>Attributes:
>>> EAP-Message = <1><11><0>P<25><1><23><3><1><0>
>>><31><221>H<162><173><149>]<234><17><249><10>0<238><194><229><186><197>g
>>><242><248><7>5<130>&<18><154><25><226><229>S<134><171><23><3><1><0>
>>><224><188><15>5<30>'<205><7>p=5<230><194><238><206>N{<204>k<192>#<4><18
>>>7><202><Z<241><248><174><210><184><235>
>>> Message-Authenticator =
>>><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>>>
>>>Fri Jan 30 21:18:27 2004: DEBUG: Packet dump:
>>>*** Received from e.f.g.h port 1027 ....
>>>Code: Access-Request
>>>Identifier: 51
>>>Authentic: <166><231><148>=2<131><0>9~<223>,<245><138><251><24>q
>>>Attributes:
>>> Framed-MTU = 1480
>>> NAS-IP-Address = e.f.g.h
>>> NAS-Identifier = "XXXXXXX"
>>> User-Name = "wifi"
>>> Service-Type = Framed-User
>>> Framed-Protocol = PPP
>>> NAS-Port = 13
>>> NAS-Port-Type = Ethernet
>>> NAS-Port-Id = "13"
>>> Called-Station-Id = "00-08-83-95-fb-ed"
>>> Calling-Station-Id = "00-30-4f-20-f1-54"
>>> Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
>>> Tunnel-Type = 0:VLAN
>>> Tunnel-Medium-Type = 0:802
>>> Tunnel-Private-Group-ID = 5
>>> EAP-Message = <2><11><0>P<25><1><23><3><1><0>
>>>j<168><19><206><4><176><143><128><128><245><212><138><22><224>I<226><13
>>>8><17>h<183><178><236>&<217><<167>&<127>F<172>C<167><23><3><1><0>
>>>*F<234>!
>>><14>Fmx<26><150><229><18><237><199><131>Tm<178><216><232><129><255><183
>>>
>>>
>>>
>>>><131><251>#<226>VawI<4>
>>>>
>>>>
>>> Message-Authenticator =
>>><162>JO<192><22>p<198><194>C<238>G<158>|E<29>(
>>>
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling request with Handler ''
>>>Fri Jan 30 21:18:27 2004: DEBUG: Deleting session for wifi, e.f.g.h,
>>>13
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling with Radius::AuthFILE:
>>>Fri Jan 30 21:18:27 2004: DEBUG: Handling with EAP: code 2, 11, 80
>>>Fri Jan 30 21:18:27 2004: DEBUG: Response type 25
>>>Fri Jan 30 21:18:27 2004: DEBUG: EAP result: 0,
>>>Fri Jan 30 21:18:27 2004: DEBUG: Access accepted for wifi
>>>Fri Jan 30 21:18:27 2004: DEBUG: Packet dump:
>>>*** Sending to e.f.g.h port 1027 ....
>>>Code: Access-Accept
>>>Identifier: 51
>>>Authentic: <166><231><148>=2<131><0>9~<223>,<245><138><251><24>q
>>>Attributes:
>>> EAP-Message = <3><11><0><4>
>>> Message-Authenticator =
>>><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>>>
>>>
>>>
>>>===
>>>Archive at http://www.open.com.au/archives/radiator/
>>>Announcements on radiator-announce at open.com.au
>>>To unsubscribe, email 'majordomo at open.com.au' with
>>>'unsubscribe radiator' in the body of the message.
>>>
>>>
>>NB: have you included a copy of your configuration file (no secrets),
>>together with a trace 4 debug showing what is happening?
>>
>>
>
>
>
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list