(RADIATOR) Problem with PEAP authentication
Hugh Irvine
hugh at open.com.au
Sun Feb 22 22:35:45 CST 2004
Hello Nuno -
I would suggest first of all upgrading to Radiator 3.8 (plus the latest
patches).
Once you have done that please send me another trace 4 debug showing
the startup messages plus the radius request processing.
BTW - we are in Australia and it is now Monday afternoon.
regards
Hugh
On 23 Feb 2004, at 04:58, Nuno Rodrigues wrote:
> Hello!
>
> I tried to authenticate a Laptop WinXP_SP1 (with
> Odyssey Client Manager suplicant) in one Cisco AP1100
> (IOS 12.2(13)JA1) with Radiator (3.7.1 + patches) using
> PEAP and MSCHAP-V2, but the process always fail.
>
> With the Odyssey client, my file localusers.log
> register that the anonymous user connects OK (i try to
> connect with user teste5 at domain.com) but my connection
> fail:
> ...
> Sun Feb 22 17:16:05 2004:Access-Request from anonimous
> at 172.29.3.1:OK
> Sun Feb 22 17:16:10 2004:Access-Request from anonimous
> at 172.29.3.1:OK
> ...
>
> When Odyssey is on status "waiting to authenticate",
> the "Last Authentication results" gives the message:
> "Client and Server could not agree on authentication
> method".
>
> I attach my radius.cfg and radiuslog in hope that
> someone can help me...
>
> Thanks,
> Nuno.
>
> My radius.cfg:
>
> #AP de Teste
> <Client 172.29.3.1>
> Secret XXXXXXX
> Identifier LocalUser
> </Client>
>
> <AuthLog FILE>
> Identifier localusers
> Filename %L/localusers.log
> SuccessFormat %l:%T from %U at %N:OK
> FailureFormat %l:%T from %U at %N:FAIL
> LogSuccess 1
> LogFailure 1
> </AuthLog>
>
> #Pedidos internos vindos de um tunel PEAP
> <Handler TunnelledByPEAP=1>
> # RewriteUsername s/^([^@]+).*/$1/
> <AuthBy FILE>
> Filename /etc/radius/users-peap
> EAPType MSCHAP-V2
> AddToReply User-Name=%u
> </AuthBy>
> AuthLog localusers
> </Handler>
>
>
> <Handler Realm = domain.com>
> # RewriteUsername s/^([^@]+).*/$1/
> MaxSessions 1
> <AuthBy FILE>
> Filename /etc/radius/users-peap
> EAPType PEAP, TTLS, TLS
> EAPTLS_CAFile /etc/radius/cert/cacert.pem
> EAPTLS_CertificateFile
> /etc/radius/cert/cert-srv.pem
> EAPTLS_CertificateType PEM
> EAPTLS_PrivateKeyFile
> /etc/radius/cert/cert-srv.pem
> EAPTLS_PrivateKeyPassword whatever
> EAPTLS_MaxFragmentSize 1000
> AutoMPPEKeys
> SSLeayTrace 4
> </AuthBy>
> </Handler>
>
>
> My Radius LogFile:
>
> ...
> Sun Feb 22 17:15:58 2004: DEBUG: Packet dump:
> *** Received from 172.29.3.1 port 21649 ....
> Code: Access-Request
> Identifier: 130
> Authentic:
> }<10><23><206><151><172>x<3><175><19>jB`D<185><220>
> Attributes:
> User-Name = "teste5 at domain.com"
> Framed-MTU = 1400
> Called-Station-Id = "000f.247a.c750"
> Calling-Station-Id = "0060.1df1.76d5"
> Message-Authenticator =
> <23><240><235><218>O<131><202>N<218><243>z<147><230>P<22>y
> EAP-Message = <2><1><0><18><1>teste5 at domain.com
> NAS-Port-Type = Wireless-IEEE-802-11
> NAS-Port = 364
> Service-Type = Framed
> NAS-IP-Address = 172.29.3.1
>
> Sun Feb 22 17:15:58 2004: DEBUG: Handling request with
> Handler 'Realm = domain.com'
> Sun Feb 22 17:15:58 2004: DEBUG: Deleting session for
> teste5 at domain.com, 172.29.3.1, 364
> Sun Feb 22 17:15:58 2004: DEBUG: Handling with
> Radius::AuthFILE:
> Sun Feb 22 17:15:58 2004: DEBUG: Handling with EAP:
> code 2, 1, 18
> Sun Feb 22 17:15:58 2004: DEBUG: Response type 1
> Sun Feb 22 17:15:58 2004: DEBUG: EAP result: 3, EAP
> PEAP Challenge
> Sun Feb 22 17:15:58 2004: DEBUG: Access challenged for
> teste5 at domain.com: EAP PEAP Challenge
> Sun Feb 22 17:15:58 2004: DEBUG: Packet dump:
> *** Sending to 172.29.3.1 port 21649 ....
> Code: Access-Challenge
> Identifier: 130
> Authentic:
> }<10><23><206><151><172>x<3><175><19>jB`D<185><220>
> Attributes:
> EAP-Message = <1><2><0><6><25>!
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>
> Sun Feb 22 17:15:58 2004: DEBUG: Packet dump:
> *** Received from 172.29.3.1 port 21649 ....
> Code: Access-Request
> Identifier: 131
> Authentic:
> <239>Z<234><134><31><247><143><5><130><254>Y(E<13>N,
> Attributes:
> User-Name = "teste5 at domain.com"
> Framed-MTU = 1400
> Called-Station-Id = "000f.247a.c750"
> Calling-Station-Id = "0060.1df1.76d5"
> Message-Authenticator =
> !<194>T,<241>w<236>#<139><17>j<132><2><207>8<235>
> EAP-Message =
> <2><2><0>b<25><129><0><0><0>X<22><3><1><0>S<1><0><0>O<3><1>@8<228><201>
> #}<221><175>_<183><246><255>b<238><20><169>;9&c<217>a<188>`[!
> <31><207>/
> <12><183><136><0><0>(<0><22><0><19><0>f<0><21><0><18><0><10><0><5><0><4
> ><0><9><0>c<0>e<0>`<0>b<0>a<0>d<0><20><0><17><0><3><0><6><0><8><1><0>
> NAS-Port-Type = Wireless-IEEE-802-11
> NAS-Port = 364
> Service-Type = Framed
> NAS-IP-Address = 172.29.3.1
>
> Sun Feb 22 17:15:58 2004: DEBUG: Handling request with
> Handler 'Realm = domain.com'
> Sun Feb 22 17:15:58 2004: DEBUG: Deleting session for
> teste5 at domain.com, 172.29.3.1, 364
> Sun Feb 22 17:15:58 2004: DEBUG: Handling with
> Radius::AuthFILE:
> Sun Feb 22 17:15:58 2004: DEBUG: Handling with EAP:
> code 2, 2, 98
> Sun Feb 22 17:15:58 2004: DEBUG: Response type 25
> Sun Feb 22 17:15:58 2004: DEBUG: EAP TLS SSL_accept
> result: -1, 2, 8576
> Sun Feb 22 17:15:58 2004: DEBUG: EAP result: 3, EAP
> PEAP Challenge
> Sun Feb 22 17:15:58 2004: DEBUG: Access challenged for
> teste5 at domain.com: EAP PEAP Challenge
> Sun Feb 22 17:15:58 2004: DEBUG: Packet dump:
> *** Sending to 172.29.3.1 port 21649 ....
> Code: Access-Challenge
> Identifier: 131
> Authentic:
> <239>Z<234><134><31><247><143><5><130><254>Y(E<13>N,
> Attributes:
> EAP-Message =
> <1><3><3><216><25><129><0><0><3><206><22><3><1><0>J<2><0><0>F<3><1>@8<2
> 27><206><202>8<213>n<190>P<148><244>=<214>\Y<222>q<193><14><30><2><163>
> <254>R<25><196><151><145><239><133><23>
> 0<185><139>pt<148>U-
> <225>m<23>)<208>'c<212><247><241><254>@<20>N>i<8><169><153>8<130><10>%e
> <0><10><0><22><3><1><2><219><11><0><2><215><0><2><212><0><2><209>0<130>
> <2><205>0<130><2>6<160><3><2><1><2><2><1><2>0<13><6><9>*<134>H<134><247
> ><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15
> ><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<3
> 0>0<28><6><3>U<4><10><19><21>OSC
> Demo Certificates1!0<31><6><3>U<4><11><19><24>Test
> Certificate Sec
> EAP-Message = tion1/0-<6><3>U<4><3><19>&OSC
> Test CA (do not use in production)1
> 0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30>
> <23><13>030227061500Z<23><13>040227061500Z0u1<11>0<9><6><3>U<4><6><19><
> 2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9
> >Melbourne1<24>0<22><6><3>U<4><10><19><15>My
> Test
> Company1%0#<6><3>U<4><3><19><28>test.server.some.company.com0<129><159>
> 0<13><6><9>*<134>H<134><247><13><1><1>
> EAP-Message =
> <1><5><0><3><129><141><0>0<129><137><2><129><129><0><196><186>)<217><24
> 5><205><159>@<144><133><177><255>0<165><3><215>cGR<136><231><253>9<193>
> <13><255>m@<220>y^<160><244><236>Sa'<198>^<231><158>4<156>"<242>IS<151>
> <30><211>$<142><196>!}R<146><166><129>yh<17><162><207><196><0><171>5s<1
> 87><229><139>2<250><146><1><187><207><226><203>5<251><178><1><212><178>
> <141><219>O<253><134><213>N|<172>:
> J<23><173><161><191><141><25>&<198>Fi<17><181><137>Fy<0><177><210><215>
> <186>x<141><197><212>s<145><235>\<164><8>!
> <2><3><1><0><1><163><23>0<21>0<19><6><3>U<29>%<4><12>0<10><6><8>+<6><1>
> <5><5><7><3><1>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0><3><129><
> 129><0><20>m<159><141><185><184><252><248><201>FM<195>PB(^<127>3<24><13
> 6><172><19><211><137><132>EF<170>9<236>^<187><146><253><171><200><183><
> 230><148><142><21>_<9>^<227><10>3<162><186><214><206><197>Tq<219><4>r<2
> 39>?<1><16><203>
> EAP-Message =
> T<0><161>wm<173>S<4><0>)<141><209><<197>tT<228><150>P<156><22>^zes^<202
> >u<161><176>F3=<4><200><229><154>q<146><194>cy<23>z*o><219><28><206>t<1
> 96><188><3><195>.%<19>mD<242><149><237>O<138><193><22><3><1><0><154><13
> ><0><0><146><2><1><2><0><141><0><139>0<129><136>1<11>0<9><6><3>U<4><6><
> 19><2>PT1<17>0<15><6><3>U<4><8><19><8>Portugal1<17>0<15><6><3>U<4><7><1
> 9><8>Braganca1<12>0<10><6><3>U<4><10><19><3>IPB1<13>0<11><6><3>U<4><11>
> <19><4>CCOM1<26>0<24><6><3>U<4><3><19><17>venus.ccom.domain.com1<26>0<2
> 4><6><9>*<134>H<134><247><13><1><9><1><22><11>ccom at domain.com<14><0><0>
> <0>
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>
> Sun Feb 22 17:15:58 2004: DEBUG: Packet dump:
> *** Received from 172.29.3.1 port 21649 ....
> Code: Access-Request
> Identifier: 132
> Authentic: g!<221>S<224><9><7>iGA'<249>vO<161><243>
> Attributes:
> User-Name = "teste5 at domain.com"
> Framed-MTU = 1400
> Called-Station-Id = "000f.247a.c750"
> Calling-Station-Id = "0060.1df1.76d5"
> Message-Authenticator =
> <31><208>Ux7?k<169>+<199><9>Za<231><12><145>
> EAP-Message =
> <2><3><0><212><25><129><0><0><0><202><22><3><1><0><7><11><0><0><3><0><0
> ><0><22><3><1><0><134><16><0><0><130><0><128>#CS<220><233>*<191><155>i<
> 146><246><131>+9o<159><137><27>5<235>l<240><169><209><201>i<170><156><2
> 34><142>J<168><179><211>C~d<226><209><6><192><233><252><199>cO<204><165
> ><249><6><215><250><183><251><152><29><149><176><182><172><1><235><9><1
> 45>a<221><226>67l<148>?
> <212><8><189><231><182><208><23>l<143><188>)G3~<209>;
> <149><199><240><135><248>$Bc<18><208><5><180><29>tH<188><152><10><135><
> 177><192><27>0<147><8><164><1><13><249><144><188><252>A<186><135><239><
> 237><154>Dd<20><3><1><0><1><1><22><3><1><0>(<202><199><201><179><173><1
> 57>8<15><213><0><158>8`<249>C<148>^<250><210>mGIR<134><208><23>v5<139><
> 232><140>[<190>=<156><198><138><221><188><192>
> NAS-Port-Type = Wireless-IEEE-802-11
> NAS-Port = 364
> Service-Type = Framed
> NAS-IP-Address = 172.29.3.1
>
> Sun Feb 22 17:15:58 2004: DEBUG: Handling request with
> Handler 'Realm = domain.com'
> Sun Feb 22 17:15:58 2004: DEBUG: Deleting session for
> teste5 at domain.com, 172.29.3.1, 364
> Sun Feb 22 17:15:58 2004: DEBUG: Handling with
> Radius::AuthFILE:
> Sun Feb 22 17:15:58 2004: DEBUG: Handling with EAP:
> code 2, 3, 212
> Sun Feb 22 17:15:58 2004: DEBUG: Response type 25
> Sun Feb 22 17:15:58 2004: DEBUG: EAP TLS SSL_accept
> result: 1, 0, 3
> Sun Feb 22 17:15:58 2004: DEBUG: EAP result: 3, EAP
> PEAP Challenge
> Sun Feb 22 17:15:58 2004: DEBUG: Access challenged for
> teste5 at domain.com: EAP PEAP Challenge
> Sun Feb 22 17:15:58 2004: DEBUG: Packet dump:
> *** Sending to 172.29.3.1 port 21649 ....
> Code: Access-Challenge
> Identifier: 132
> Authentic: g!<221>S<224><9><7>iGA'<249>vO<161><243>
> Attributes:
> EAP-Message =
> <1><4><0>=<25><129><0><0><0>3<20><3><1><0><1><1><22><3><1><0>(<165><13>
> <12><27>.<15>p<201>*<226><132><143><234>><148><215><227><241><177>Q<165
> ><14><207><146><16><167><16><0><151><210><185>:
> <19><243><160><167><147><150><128><31>
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>
> Sun Feb 22 17:15:58 2004: DEBUG: Packet dump:
> *** Received from 172.29.3.1 port 21649 ....
> Code: Access-Request
> Identifier: 133
> Authentic:
> <175>p<227><243><170><27><6>%><190>9<141><129>f<10>9
> Attributes:
> User-Name = "teste5 at domain.com"
> Framed-MTU = 1400
> Called-Station-Id = "000f.247a.c750"
> Calling-Station-Id = "0060.1df1.76d5"
> Message-Authenticator =
> <207>X<226><21><28><222><208>Sa<136><20>U<180>My<228>
> EAP-Message = <2><4><0><6><25><1>
> NAS-Port-Type = Wireless-IEEE-802-11
> NAS-Port = 364
> Service-Type = Framed
> NAS-IP-Address = 172.29.3.1
>
> Sun Feb 22 17:15:58 2004: DEBUG: Handling request with
> Handler 'Realm = domain.com'
> Sun Feb 22 17:15:58 2004: DEBUG: Deleting session for
> teste5 at domain.com, 172.29.3.1, 364
> Sun Feb 22 17:15:58 2004: DEBUG: Handling with
> Radius::AuthFILE:
> Sun Feb 22 17:15:58 2004: DEBUG: Handling with EAP:
> code 2, 4, 6
> Sun Feb 22 17:15:58 2004: DEBUG: Response type 25
> Sun Feb 22 17:15:58 2004: DEBUG: EAP result: 3, EAP
> PEAP Challenge
> Sun Feb 22 17:15:58 2004: DEBUG: Access challenged for
> teste5 at domain.com: EAP PEAP Challenge
> Sun Feb 22 17:15:58 2004: DEBUG: Packet dump:
> *** Sending to 172.29.3.1 port 21649 ....
> Code: Access-Challenge
> Identifier: 133
> Authentic:
> <175>p<227><243><170><27><6>%><190>9<141><129>f<10>9
> Attributes:
> EAP-Message =
> <1><5><0>H<25><1><23><3><1><0><24><200>[<174><137>m<142>r<195>y<144><24
> 4><196>g<12>d<197>'<247><153>K<205>T<226><163><23><3><1><0>
> <175><248>&<132><164><235>F&<172><238><251><200>4p<177><182>4<235>Ot<23
> 4><172><30>nd<30><253><146><184><162><195><221>
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>
> Sun Feb 22 17:15:58 2004: DEBUG: Packet dump:
> *** Received from 172.29.3.1 port 21649 ....
> Code: Access-Request
> Identifier: 134
> Authentic:
> <195>LP<207><142><131><8><236>-<129><247>rz<171><199><166>
> Attributes:
> User-Name = "teste5 at domain.com"
> Framed-MTU = 1400
> Called-Station-Id = "000f.247a.c750"
> Calling-Station-Id = "0060.1df1.76d5"
> Message-Authenticator =
> R<149><246>{SLV<160><198>7<183><244><127>fd~
> EAP-Message =
> <2><5><0>3<25><1><23><3><1><0>(<237>s<134><156>I.<216><141>B<197><154><
> 219><203><146><26><1>M<216><127><3><210><139>1<9><1><135>Ok<129><197><1
> 94><237><229><22><140><153>i<245><232><23>
> NAS-Port-Type = Wireless-IEEE-802-11
> NAS-Port = 364
> Service-Type = Framed
> NAS-IP-Address = 172.29.3.1
>
> Sun Feb 22 17:15:58 2004: DEBUG: Handling request with
> Handler 'Realm = domain.com'
> Sun Feb 22 17:15:58 2004: DEBUG: Deleting session for
> teste5 at domain.com, 172.29.3.1, 364
> Sun Feb 22 17:15:58 2004: DEBUG: Handling with
> Radius::AuthFILE:
> Sun Feb 22 17:15:58 2004: DEBUG: Handling with EAP:
> code 2, 5, 51
> Sun Feb 22 17:15:58 2004: DEBUG: Response type 25
> Sun Feb 22 17:15:58 2004: DEBUG: EAP PEAP inner
> authentication request for anonimous
> Sun Feb 22 17:15:58 2004: DEBUG: PEAP Tunnelled request
> Packet dump:
> Code: Access-Request
> Identifier: UNDEF
> Authentic:
> ~B<198><137>DG<188>0<128><184><142><254><183><197>M<3>
> Attributes:
> EAP-Message = <2><0><0><18><1>teste5 at domain.com
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
> User-Name = "anonimous"
> NAS-IP-Address = 172.29.3.1
> NAS-Port = 364
> Calling-Station-Id = "0060.1df1.76d5"
>
> Sun Feb 22 17:15:58 2004: DEBUG: Handling request with
> Handler 'TunnelledByPEAP=1'
> Sun Feb 22 17:15:58 2004: DEBUG: Deleting session for
> , 172.29.3.1, 364
> Sun Feb 22 17:15:58 2004: DEBUG: Handling with
> Radius::AuthFILE:
> Sun Feb 22 17:15:58 2004: DEBUG: Handling with EAP:
> code 2, 0, 18
> Sun Feb 22 17:15:58 2004: DEBUG: Response type 1
> Sun Feb 22 17:15:58 2004: DEBUG: EAP result: 3, EAP
> MSCHAP-V2 Challenge
> Sun Feb 22 17:15:58 2004: DEBUG: Access challenged for
> anonimous: EAP MSCHAP-V2 Challenge
> Sun Feb 22 17:15:58 2004: DEBUG: EAP result: 3, EAP
> PEAP inner authentication redespatched to a Handler
> Sun Feb 22 17:15:58 2004: DEBUG: Access challenged for
> teste5 at domain.com: EAP PEAP inner authentication
> redespatched to a Handler
> Sun Feb 22 17:15:58 2004: DEBUG: Packet dump:
> *** Sending to 172.29.3.1 port 21649 ....
> Code: Access-Challenge
> Identifier: 134
> Authentic:
> <195>LP<207><142><131><8><236>-<129><247>rz<171><199><166>
> Attributes:
> EAP-Message =
> <1><6><0>`<25><1><23><3><1><0><24>+,<199><25><206><175><254><192><187><
> 127><207><170><219>?<226><12>
> <2><238>0J<24><220><194><23><3><1><0>8/<169><131><168><190>y/
> <4><187>N<19>c<149><180><162>#<174><9><183><180><198>T1<251>%<183>+N<24
> ><241>-<191>|<137><31><127>;
> n<179>`<134><247>l<240>=<12><139><139><165>gB<254><236><216>y<210>
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>
> Sun Feb 22 17:16:04 2004: DEBUG: Packet dump:
> *** Received from 172.29.3.1 port 21649 ....
> Code: Access-Request
> Identifier: 135
> Authentic:
> 2<209>%<169><219>%<16>_<218><233>@<143><150>7<221>8
> Attributes:
> User-Name = "teste5 at domain.com"
> Framed-MTU = 1400
> Called-Station-Id = "000f.247a.c750"
> Calling-Station-Id = "0060.1df1.76d5"
> Message-Authenticator =
> z<i<223><189><178><23>y<221><27><214>6O<219><254><11>
> EAP-Message =
> <2><6><0>c<25><1><23><3><1><0>Xg<238><130><225><218><168><251><232><166
> ><134>?<138>!
> <174>=<239><21><143>\<207>AI<207><154><128><158><190><208><240><237>Bl<
> 242><231>#<16><204>(<9>w'<205>:Oh<20>e<29>,<183>y<223>{!
> r<240>s$<159>M<8>Q<207><231><206><248><136><245><173>Q<158>s!
> <147>M<28>v<28><25><252>g<14>8N<31>-<239><135>
> NAS-Port-Type = Wireless-IEEE-802-11
> NAS-Port = 364
> Service-Type = Framed
> NAS-IP-Address = 172.29.3.1
>
> Sun Feb 22 17:16:04 2004: DEBUG: Handling request with
> Handler 'Realm = domain.com'
> Sun Feb 22 17:16:04 2004: DEBUG: Deleting session for
> teste5 at domain.com, 172.29.3.1, 364
> Sun Feb 22 17:16:04 2004: DEBUG: Handling with
> Radius::AuthFILE:
> Sun Feb 22 17:16:04 2004: DEBUG: Handling with EAP:
> code 2, 6, 99
> Sun Feb 22 17:16:04 2004: DEBUG: Response type 25
> Sun Feb 22 17:16:04 2004: DEBUG: EAP PEAP inner
> authentication request for anonimous
> Sun Feb 22 17:16:04 2004: DEBUG: PEAP Tunnelled request
> Packet dump:
> Code: Access-Request
> Identifier: UNDEF
> Authentic: <14><241>K`<141>V<164><247>-%lz<170>+<25><28>
> Attributes:
> EAP-Message =
> <2><1><0>A<26><2><1><0><1<11>b[<230><200><188><216><180><145>J<211>2<27
> >^X<15><0><0><0><0><0><0><0><0><165><230><204>p<16>^$<192>4<6><247>U*<1
> 61>q<218>m<186>ky6<193>(<190><0>teste5
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
> User-Name = "anonimous"
> NAS-IP-Address = 172.29.3.1
> NAS-Port = 364
> Calling-Station-Id = "0060.1df1.76d5"
>
> Sun Feb 22 17:16:04 2004: DEBUG: Handling request with
> Handler 'TunnelledByPEAP=1'
> Sun Feb 22 17:16:04 2004: DEBUG: Deleting session for
> , 172.29.3.1, 364
> Sun Feb 22 17:16:04 2004: DEBUG: Handling with
> Radius::AuthFILE:
> Sun Feb 22 17:16:04 2004: DEBUG: Handling with EAP:
> code 2, 1, 65
> Sun Feb 22 17:16:04 2004: DEBUG: Response type 26
> Sun Feb 22 17:16:04 2004: DEBUG: Radius::AuthFILE looks
> for match with teste5 at domain.com
> Sun Feb 22 17:16:04 2004: DEBUG: Radius::AuthFILE ACCEPT:
> Sun Feb 22 17:16:04 2004: DEBUG: EAP result: 3, EAP
> MSCHAP V2 Challenge: Success
> Sun Feb 22 17:16:04 2004: DEBUG: Access challenged for
> anonimous: EAP MSCHAP V2 Challenge: Success
> Sun Feb 22 17:16:04 2004: DEBUG: EAP result: 3, EAP
> PEAP inner authentication redespatched to a Handler
> Sun Feb 22 17:16:04 2004: DEBUG: Access challenged for
> teste5 at domain.com: EAP PEAP inner authentication
> redespatched to a Handler
> Sun Feb 22 17:16:04 2004: DEBUG: Packet dump:
> *** Sending to 172.29.3.1 port 21649 ....
> Code: Access-Challenge
> Identifier: 135
> Authentic:
> 2<209>%<169><219>%<16>_<218><233>@<143><150>7<221>8
> Attributes:
> EAP-Message =
> <1><7><0><128><25><1><23><3><1><0><24><146><144>Z<183><30><143>G<251>T<
> 238><+<11>X1<211>p$*<244><18><233>x<196><23><3><1><0>X<17><227><234>$:
> {<224>*5j<28><190><166>~n<185><207><203><186><197>g<239><191><226><187>
> T<242><180><237><252><-
> %<142><184><194>0j<180><208>$<27>N<208>d[<195>i<145><231><135><228><178
> >I<238><218><176>k<151><153>uJ<195>_<148><195><234><248><217>R<252>[H}<
> 178>y<183><175><189><255>4"<160>8<204><135>?<251>
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>
> Sun Feb 22 17:16:05 2004: DEBUG: Packet dump:
> *** Received from 172.29.3.1 port 21649 ....
> Code: Access-Request
> Identifier: 136
> Authentic:
> &p<153><193>x<151>o<232>TC<210><204><176><194>^V
> Attributes:
> User-Name = "teste5 at domain.com"
> Framed-MTU = 1400
> Called-Station-Id = "000f.247a.c750"
> Calling-Station-Id = "0060.1df1.76d5"
> Message-Authenticator =
> LjH<206><139><162><26><226><190>,.K<150><220><13><164>
> EAP-Message = <2><7><0>+<25><1><23><3><1><0>
> <149>A<253><140><199><202>,@<150>-:
> <223><171><176><208>%U<159><22>^<134><240>-5uM<252><5>n<20>A<242>
> NAS-Port-Type = Wireless-IEEE-802-11
> NAS-Port = 364
> Service-Type = Framed
> NAS-IP-Address = 172.29.3.1
>
> Sun Feb 22 17:16:05 2004: DEBUG: Handling request with
> Handler 'Realm = domain.com'
> Sun Feb 22 17:16:05 2004: DEBUG: Deleting session for
> teste5 at domain.com, 172.29.3.1, 364
> Sun Feb 22 17:16:05 2004: DEBUG: Handling with
> Radius::AuthFILE:
> Sun Feb 22 17:16:05 2004: DEBUG: Handling with EAP:
> code 2, 7, 43
> Sun Feb 22 17:16:05 2004: DEBUG: Response type 25
> Sun Feb 22 17:16:05 2004: DEBUG: EAP PEAP inner
> authentication request for anonimous
> Sun Feb 22 17:16:05 2004: DEBUG: PEAP Tunnelled request
> Packet dump:
> Code: Access-Request
> Identifier: UNDEF
> Authentic: <6>6Ih<134><200><185>n3<154>_<221><18><163>Y"
> Attributes:
> EAP-Message = <2><2><0><6><26><3>
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
> User-Name = "anonimous"
> NAS-IP-Address = 172.29.3.1
> NAS-Port = 364
> Calling-Station-Id = "0060.1df1.76d5"
>
> Sun Feb 22 17:16:05 2004: DEBUG: Handling request with
> Handler 'TunnelledByPEAP=1'
> Sun Feb 22 17:16:05 2004: DEBUG: Deleting session for
> , 172.29.3.1, 364
> Sun Feb 22 17:16:05 2004: DEBUG: Handling with
> Radius::AuthFILE:
> Sun Feb 22 17:16:05 2004: DEBUG: Handling with EAP:
> code 2, 2, 6
> Sun Feb 22 17:16:05 2004: DEBUG: Response type 26
> Sun Feb 22 17:16:05 2004: DEBUG: EAP result: 0,
> Sun Feb 22 17:16:05 2004: DEBUG: Access accepted for
> anonimous
> Sun Feb 22 17:16:05 2004: DEBUG: EAP result: 3, EAP
> PEAP inner authentication redespatched to a Handler
> Sun Feb 22 17:16:05 2004: DEBUG: Access challenged for
> teste5 at domain.com: EAP PEAP inner authentication
> redespatched to a Handler
> Sun Feb 22 17:16:05 2004: DEBUG: Packet dump:
> *** Sending to 172.29.3.1 port 21649 ....
> Code: Access-Challenge
> Identifier: 136
> Authentic:
> &p<153><193>x<151>o<232>TC<210><204><176><194>^V
> Attributes:
> EAP-Message =
> <1><8><0>H<25><1><23><3><1><0><24><238><223>[<182>X<9><1><233><130><171
> ><137>e<250><232><233><128><203><135>=
> .<174>U7<23><3><1><0>
> <240>!
> <166><221>d<26><225>o<130><237><214>M<159><10><237>^g<18>K<209><201>pY<
> 10>G<180><147>@<129><23><137>|
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>
> Sun Feb 22 17:16:07 2004: DEBUG: Packet dump:
> *** Received from 172.29.3.1 port 21649 ....
> Code: Access-Request
> Identifier: 137
> Authentic: <21>=&Mc<189>_u-M<144><130><137><237><186><222>
> Attributes:
> User-Name = "teste5 at domain.com"
> Framed-MTU = 1400
> Called-Station-Id = "000f.247a.c750"
> Calling-Station-Id = "0060.1df1.76d5"
> Message-Authenticator =
> V<255><150><171>MalG<152><8><210><206><237><182><30>1
> EAP-Message = <2><8><0>+<25><1><23><3><1><0>
> i<137><23>c*(<24><171>f:
> <18><180><221><193><216>|<188><130>H<253>F<150>N9<16>a(7>b<183><182>
> NAS-Port-Type = Wireless-IEEE-802-11
> NAS-Port = 364
> Service-Type = Framed
> NAS-IP-Address = 172.29.3.1
>
> Sun Feb 22 17:16:07 2004: DEBUG: Handling request with
> Handler 'Realm = domain.com'
> Sun Feb 22 17:16:07 2004: DEBUG: Deleting session for
> teste5 at domain.com, 172.29.3.1, 364
> Sun Feb 22 17:16:07 2004: DEBUG: Handling with
> Radius::AuthFILE:
> Sun Feb 22 17:16:07 2004: DEBUG: Handling with EAP:
> code 2, 8, 43
> Sun Feb 22 17:16:07 2004: DEBUG: Response type 25
> Sun Feb 22 17:16:07 2004: DEBUG: EAP PEAP inner
> authentication request for anonimous
> Sun Feb 22 17:16:07 2004: DEBUG: PEAP Tunnelled request
> Packet dump:
> Code: Access-Request
> Identifier: UNDEF
> Authentic:
> <225><171>:sf<25><144><239><159>!<171>FA<134><231><144>
> Attributes:
> EAP-Message = <2><8><0><6><3><26>
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
> User-Name = "anonimous"
> NAS-IP-Address = 172.29.3.1
> NAS-Port = 364
> Calling-Station-Id = "0060.1df1.76d5"
>
> Sun Feb 22 17:16:07 2004: DEBUG: Handling request with
> Handler 'TunnelledByPEAP=1'
> Sun Feb 22 17:16:07 2004: DEBUG: Deleting session for
> , 172.29.3.1, 364
> Sun Feb 22 17:16:07 2004: DEBUG: Handling with
> Radius::AuthFILE:
> Sun Feb 22 17:16:07 2004: DEBUG: Handling with EAP:
> code 2, 8, 6
> Sun Feb 22 17:16:07 2004: DEBUG: Response type 3
> Sun Feb 22 17:16:07 2004: INFO: EAP Nak desires type 26
> Sun Feb 22 17:16:07 2004: DEBUG: EAP result: 3, EAP
> MSCHAP-V2 Challenge
> Sun Feb 22 17:16:07 2004: DEBUG: Access challenged for
> anonimous: EAP MSCHAP-V2 Challenge
> Sun Feb 22 17:16:07 2004: DEBUG: EAP result: 3, EAP
> PEAP inner authentication redespatched to a Handler
> Sun Feb 22 17:16:07 2004: DEBUG: Access challenged for
> teste5 at domain.com: EAP PEAP inner authentication
> redespatched to a Handler
> Sun Feb 22 17:16:07 2004: DEBUG: Packet dump:
> *** Sending to 172.29.3.1 port 21649 ....
> Code: Access-Challenge
> Identifier: 137
> Authentic: <21>=&Mc<189>_u-M<144><130><137><237><186><222>
> Attributes:
> EAP-Message =
> <1><9><0>`<25><1><23><3><1><0><24><153>s<185><198>m{J<243><238>Il<210>)
> !
> <218>+3poD<15><157><23><10><23><3><1><0>8<207>1<162><15><218><210>mxM<2
> 0><151>wI<231>4u<129><176><147>3<173><<223>HQ<2><216><200><172><177><18
> 3><183>}<138><185><130><212><180><169><241><229>Y%.<147>2Q<198><20><250
> >a<9>c~<249><164>
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>
> Sun Feb 22 17:16:08 2004: DEBUG: Packet dump:
> *** Received from 172.29.3.1 port 21649 ....
> Code: Access-Request
> Identifier: 138
> Authentic:
> <132><128>%<236><22><2><25><255><189><179><160>M<254>TH<132>
> Attributes:
> User-Name = "teste5 at domain.com"
> Framed-MTU = 1400
> Called-Station-Id = "000f.247a.c750"
> Calling-Station-Id = "0060.1df1.76d5"
> Message-Authenticator =
> W<6>]~<133><156><238><26>Y<199><246><255><143><175><189><132>
> EAP-Message =
> <2><9><0>c<25><1><23><3><1><0>X<207><222><22><209><154><176>-
> bg<12>><199>,<158>U<170>DD<240><187><243><7><171><174><171><178><248>M<
> 137><236><215><140>k<196>'<187><139><251>8<5><133>/
> <173><245><137>J[c3<1>I<3>E<157>uz"x<192><159>M<241><196><171>+5<188><1
> 30><167>Y<225>f<18><177><138><202>J9<154>6M{r.+W<154><199>
> NAS-Port-Type = Wireless-IEEE-802-11
> NAS-Port = 364
> Service-Type = Framed
> NAS-IP-Address = 172.29.3.1
>
> Sun Feb 22 17:16:08 2004: DEBUG: Handling request with
> Handler 'Realm = domain.com'
> Sun Feb 22 17:16:08 2004: DEBUG: Deleting session for
> teste5 at domain.com, 172.29.3.1, 364
> Sun Feb 22 17:16:08 2004: DEBUG: Handling with
> Radius::AuthFILE:
> Sun Feb 22 17:16:08 2004: DEBUG: Handling with EAP:
> code 2, 9, 99
> Sun Feb 22 17:16:08 2004: DEBUG: Response type 25
> Sun Feb 22 17:16:08 2004: DEBUG: EAP PEAP inner
> authentication request for anonimous
> Sun Feb 22 17:16:08 2004: DEBUG: PEAP Tunnelled request
> Packet dump:
> Code: Access-Request
> Identifier: UNDEF
> Authentic:
> <247>G<244><132><196><207><2><224><181><159><128><21><149><151><149><22
> 0>
> Attributes:
> EAP-Message =
> <2><9><0>A<26><2><9><0><1<7>I<146><7>/
> <242>Mn<26><219><127><213>h|<29>E<0><0><0><0><0><0><0><0><217><240>4G<2
> 04><216>gN<173><247><192><197>R<248>:4A<24><250><135>sm+<29><0>teste5
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
> User-Name = "anonimous"
> NAS-IP-Address = 172.29.3.1
> NAS-Port = 364
> Calling-Station-Id = "0060.1df1.76d5"
>
> Sun Feb 22 17:16:08 2004: DEBUG: Handling request with
> Handler 'TunnelledByPEAP=1'
> Sun Feb 22 17:16:08 2004: DEBUG: Deleting session for
> , 172.29.3.1, 364
> Sun Feb 22 17:16:08 2004: DEBUG: Handling with
> Radius::AuthFILE:
> Sun Feb 22 17:16:08 2004: DEBUG: Handling with EAP:
> code 2, 9, 65
> Sun Feb 22 17:16:08 2004: DEBUG: Response type 26
> Sun Feb 22 17:16:08 2004: DEBUG: Radius::AuthFILE looks
> for match with teste5 at domain.com
> Sun Feb 22 17:16:08 2004: DEBUG: Radius::AuthFILE ACCEPT:
> Sun Feb 22 17:16:08 2004: DEBUG: EAP result: 3, EAP
> MSCHAP V2 Challenge: Success
> Sun Feb 22 17:16:08 2004: DEBUG: Access challenged for
> anonimous: EAP MSCHAP V2 Challenge: Success
> Sun Feb 22 17:16:08 2004: DEBUG: EAP result: 3, EAP
> PEAP inner authentication redespatched to a Handler
> Sun Feb 22 17:16:08 2004: DEBUG: Access challenged for
> teste5 at domain.com: EAP PEAP inner authentication
> redespatched to a Handler
> Sun Feb 22 17:16:08 2004: DEBUG: Packet dump:
> *** Sending to 172.29.3.1 port 21649 ....
> Code: Access-Challenge
> Identifier: 138
> Authentic:
> <132><128>%<236><22><2><25><255><189><179><160>M<254>TH<132>
> Attributes:
> EAP-Message =
> <1><10><0><128><25><1><23><3><1><0><24>ciEH<180><145><232>c<158><144><2
> 20><216><185><227><29>|Z<155><242><244>f<12>`O<23><3><1><0>X<5><212><16
> 3><176><9>U<255><236><207><190><185><162>H<190><135>1&E<<155><4>a<239><
> 221>f<227><4><155><155>8_<236><246>o<166><254>7<235><9>E<172><3><241><2
> 39><17><166><<212><10>d<136>vU<171>an<23><174><154><30><16>.<142><233><
> 180><135><192>t<173><26>$@'j<144>
> jf[<2><141><247><193>u<16>4<206><128>
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>
> Sun Feb 22 17:16:10 2004: DEBUG: Packet dump:
> *** Received from 172.29.3.1 port 21649 ....
> Code: Access-Request
> Identifier: 139
> Authentic: <190><145>>.DU<4>JA<159>N<180>'<8>$T
> Attributes:
> User-Name = "teste5 at domain.com"
> Framed-MTU = 1400
> Called-Station-Id = "000f.247a.c750"
> Calling-Station-Id = "0060.1df1.76d5"
> Message-Authenticator = <161>a
> <157><141>M><176><11><211><233><147><180><209><13><164>
> EAP-Message = <2><10><0>+<25><1><23><3><1><0>
> .<243>@<188>1<136>.<221>+<8><160><198><139><162>
> <186>H<137><255><209>oD<203>Y<20>>>k<247><217><27><129>
> NAS-Port-Type = Wireless-IEEE-802-11
> NAS-Port = 364
> Service-Type = Framed
> NAS-IP-Address = 172.29.3.1
>
> Sun Feb 22 17:16:10 2004: DEBUG: Handling request with
> Handler 'Realm = domain.com'
> Sun Feb 22 17:16:10 2004: DEBUG: Deleting session for
> teste5 at domain.com, 172.29.3.1, 364
> Sun Feb 22 17:16:10 2004: DEBUG: Handling with
> Radius::AuthFILE:
> Sun Feb 22 17:16:10 2004: DEBUG: Handling with EAP:
> code 2, 10, 43
> Sun Feb 22 17:16:10 2004: DEBUG: Response type 25
> Sun Feb 22 17:16:10 2004: DEBUG: EAP PEAP inner
> authentication request for anonimous
> Sun Feb 22 17:16:10 2004: DEBUG: PEAP Tunnelled request
> Packet dump:
> Code: Access-Request
> Identifier: UNDEF
> Authentic:
> <191><12>gs<227>7<209><203><233>[<194><170><150>|$
> Attributes:
> EAP-Message = <2><10><0><6><26><3>
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
> User-Name = "anonimous"
> NAS-IP-Address = 172.29.3.1
> NAS-Port = 364
> Calling-Station-Id = "0060.1df1.76d5"
>
> Sun Feb 22 17:16:10 2004: DEBUG: Handling request with
> Handler 'TunnelledByPEAP=1'
> Sun Feb 22 17:16:10 2004: DEBUG: Deleting session for
> , 172.29.3.1, 364
> Sun Feb 22 17:16:10 2004: DEBUG: Handling with
> Radius::AuthFILE:
> Sun Feb 22 17:16:10 2004: DEBUG: Handling with EAP:
> code 2, 10, 6
> Sun Feb 22 17:16:10 2004: DEBUG: Response type 26
> Sun Feb 22 17:16:10 2004: DEBUG: EAP result: 0,
> Sun Feb 22 17:16:10 2004: DEBUG: Access accepted for
> anonimous
> Sun Feb 22 17:16:10 2004: DEBUG: EAP result: 3, EAP
> PEAP inner authentication redespatched to a Handler
> Sun Feb 22 17:16:10 2004: DEBUG: Access challenged for
> teste5 at domain.com: EAP PEAP inner authentication
> redespatched to a Handler
> Sun Feb 22 17:16:10 2004: DEBUG: Packet dump:
> *** Sending to 172.29.3.1 port 21649 ....
> Code: Access-Challenge
> Identifier: 139
> Authentic: <190><145>>.DU<4>JA<159>N<180>'<8>$T
> Attributes:
> EAP-Message =
> <1><11><0>H<25><1><23><3><1><0><24><214><243>R'Fo<172><203><217><219><1
> >:I<30>dQJ<209>jn><10>D<160><23><3><1><0>
> w<198>j<149><182><253>J<145>[<245><142>[<192><145><13><172>]<165><236><
> 212>#<197><4><218><206>Z<131><11>@'<149><154>
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>
> Sun Feb 22 17:16:41 2004: DEBUG: Packet dump:
> *** Received from 172.29.3.1 port 21649 ....
> Code: Access-Request
> Identifier: 140
> Authentic: [<210><135>c`<178>%<237><230><173>JL)<134>n}
> Attributes:
> User-Name = "teste5 at domain.com"
> Framed-MTU = 1400
> Called-Station-Id = "000f.247a.c750"
> Calling-Station-Id = "0060.1df1.76d5"
> Message-Authenticator =
> <17><29><188>#<131><185><151><140><157>'<183><162><168><5><233><29>
> EAP-Message = <2><2><0><18><1>teste5 at domain.com
> NAS-Port-Type = Wireless-IEEE-802-11
> NAS-Port = 364
> Service-Type = Framed
> NAS-IP-Address = 172.29.3.1
>
> Sun Feb 22 17:16:41 2004: DEBUG: Handling request with
> Handler 'Realm = domain.com'
> Sun Feb 22 17:16:41 2004: DEBUG: Deleting session for
> teste5 at domain.com, 172.29.3.1, 364
> Sun Feb 22 17:16:41 2004: DEBUG: Handling with
> Radius::AuthFILE:
> Sun Feb 22 17:16:41 2004: DEBUG: Handling with EAP:
> code 2, 2, 18
> Sun Feb 22 17:16:41 2004: DEBUG: Response type 1
> Sun Feb 22 17:16:41 2004: DEBUG: Resuming session for
> Radius::Context=HASH(0x8576770)
>
> Sun Feb 22 17:16:41 2004: DEBUG: EAP result: 3, EAP
> PEAP Challenge
> Sun Feb 22 17:16:41 2004: DEBUG: Access challenged for
> teste5 at domain.com: EAP PEAP Challenge
> Sun Feb 22 17:16:41 2004: DEBUG: Packet dump:
> *** Sending to 172.29.3.1 port 21649 ....
> Code: Access-Challenge
> Identifier: 140
> Authentic: [<210><135>c`<178>%<237><230><173>JL)<134>n}
> Attributes:
> EAP-Message = <1><3><0><6><25>!
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>
> Sun Feb 22 17:16:41 2004: DEBUG: Packet dump:
> *** Received from 172.29.3.1 port 21649 ....
> Code: Access-Request
> Identifier: 141
> Authentic:
> R<127><255><7>JhV<181><188>3<194><214><209>|<215>m
> Attributes:
> User-Name = "teste5 at domain.com"
> Framed-MTU = 1400
> Called-Station-Id = "000f.247a.c750"
> Calling-Station-Id = "0060.1df1.76d5"
> Message-Authenticator =
> <242><161><217><225><208><239><153><190><28><231>hG<250><13>$<
> EAP-Message =
> <2><3><0>b<25><129><0><0><0>X<22><3><1><0>S<1><0><0>O<3><1>@8<228><244>
> <220><158><137>-
> <251><176><132><211><247><246><15><233><198>Z<171><180><169><13><137><9
> ><23>LS<141><245>=<135><198><0><0>(<0><22><0><19><0>f<0><21><0><18><0><
> 10><0><5><0><4><0><9><0>c<0>e<0>`<0>b<0>a<0>d<0><20><0><17><0><3><0><6>
> <0><8><1><0>
> NAS-Port-Type = Wireless-IEEE-802-11
> NAS-Port = 364
> Service-Type = Framed
> NAS-IP-Address = 172.29.3.1
>
> Sun Feb 22 17:16:41 2004: DEBUG: Handling request with
> Handler 'Realm = domain.com'
> Sun Feb 22 17:16:41 2004: DEBUG: Deleting session for
> teste5 at domain.com, 172.29.3.1, 364
> Sun Feb 22 17:16:41 2004: DEBUG: Handling with
> Radius::AuthFILE:
> Sun Feb 22 17:16:41 2004: DEBUG: Handling with EAP:
> code 2, 3, 98
> Sun Feb 22 17:16:41 2004: DEBUG: Response type 25
> Sun Feb 22 17:16:41 2004: DEBUG: EAP TLS SSL_accept
> result: -1, 2, 8576
> Sun Feb 22 17:16:41 2004: DEBUG: EAP result: 3, EAP
> PEAP Challenge
> Sun Feb 22 17:16:41 2004: DEBUG: Access challenged for
> teste5 at domain.com: EAP PEAP Challenge
> Sun Feb 22 17:16:41 2004: DEBUG: Packet dump:
> *** Sending to 172.29.3.1 port 21649 ....
> Code: Access-Challenge
> Identifier: 141
> Authentic:
> R<127><255><7>JhV<181><188>3<194><214><209>|<215>m
> Attributes:
> EAP-Message =
> <1><4><3><216><25><129><0><0><3><206><22><3><1><0>J<2><0><0>F<3><1>@8<2
> 27><249>2<134>;
> s<30>4<205><0>.wR<237><254>T<29><211><209>a<198><127><250>]<140><233>-
> <250><5><199>
> :B<139><242><174><11><227>!
> <195><228>$<189><173><213><132><143><184><14><237><244>F<210>dA<172>}<2
> 38><5>t<222><174><25><0><10><0><22><3><1><2><219><11><0><2><215><0><2><
> 212><0><2><209>0<130><2><205>0<130><2>6<160><3><2><1><2><2><1><2>0<13><
> 6><9>*<134>H<134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4>
> <6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><
> 7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
> Demo Certificates1!0<31><6><3>U<4><11><19><24>Test
> Certificate Sec
> EAP-Message = tion1/0-<6><3>U<4><3><19>&OSC
> Test CA (do not use in production)1
> 0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30>
> <23><13>030227061500Z<23><13>040227061500Z0u1<11>0<9><6><3>U<4><6><19><
> 2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9
> >Melbourne1<24>0<22><6><3>U<4><10><19><15>My
> Test
> Company1%0#<6><3>U<4><3><19><28>test.server.some.company.com0<129><159>
> 0<13><6><9>*<134>H<134><247><13><1><1>
> EAP-Message =
> <1><5><0><3><129><141><0>0<129><137><2><129><129><0><196><186>)<217><24
> 5><205><159>@<144><133><177><255>0<165><3><215>cGR<136><231><253>9<193>
> <13><255>m@<220>y^<160><244><236>Sa'<198>^<231><158>4<156>"<242>IS<151>
> <30><211>$<142><196>!}R<146><166><129>yh<17><162><207><196><0><171>5s<1
> 87><229><139>2<250><146><1><187><207><226><203>5<251><178><1><212><178>
> <141><219>O<253><134><213>N|<172>:
> J<23><173><161><191><141><25>&<198>Fi<17><181><137>Fy<0><177><210><215>
> <186>x<141><197><212>s<145><235>\<164><8>!
> <2><3><1><0><1><163><23>0<21>0<19><6><3>U<29>%<4><12>0<10><6><8>+<6><1>
> <5><5><7><3><1>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0><3><129><
> 129><0><20>m<159><141><185><184><252><248><201>FM<195>PB(^<127>3<24><13
> 6><172><19><211><137><132>EF<170>9<236>^<187><146><253><171><200><183><
> 230><148><142><21>_<9>^<227><10>3<162><186><214><206><197>Tq<219><4>r<2
> 39>?<1><16><203>
> EAP-Message =
> T<0><161>wm<173>S<4><0>)<141><209><<197>tT<228><150>P<156><22>^zes^<202
> >u<161><176>F3=<4><200><229><154>q<146><194>cy<23>z*o><219><28><206>t<1
> 96><188><3><195>.%<19>mD<242><149><237>O<138><193><22><3><1><0><154><13
> ><0><0><146><2><1><2><0><141><0><139>0<129><136>1<11>0<9><6><3>U<4><6><
> 19><2>PT1<17>0<15><6><3>U<4><8><19><8>Portugal1<17>0<15><6><3>U<4><7><1
> 9><8>Braganca1<12>0<10><6><3>U<4><10><19><3>IPB1<13>0<11><6><3>U<4><11>
> <19><4>CCOM1<26>0<24><6><3>U<4><3><19><17>venus.ccom.domain.com1<26>0<2
> 4><6><9>*<134>H<134><247><13><1><9><1><22><11>ccom at domain.com<14><0><0>
> <0>
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>
> Sun Feb 22 17:16:41 2004: DEBUG: Packet dump:
> *** Received from 172.29.3.1 port 21649 ....
> Code: Access-Request
> Identifier: 142
> Authentic:
> <208><245><11>0Y<232>4<162><227><167><220><161><235>BQ<238>
> Attributes:
> User-Name = "teste5 at domain.com"
> Framed-MTU = 1400
> Called-Station-Id = "000f.247a.c750"
> Calling-Station-Id = "0060.1df1.76d5"
> Message-Authenticator =
> <19>sB<27>8<155><240>I<203><17>7J<178><172>v:
> EAP-Message =
> <2><4><0><212><25><129><0><0><0><202><22><3><1><0><7><11><0><0><3><0><0
> ><0><22><3><1><0><134><16><0><0><130><0><128><145><161><149><161>|<189>
> <235><192>b<207><154>nQ`?
> I<232><155><242><190><21><246><223>AD<198><148><20>0x<189><20><181><135
> ><211><202><178>A<202><129><129><130>m<214><196><150><173><7><243><12>?
> <200>7.<191><217><236>w)<249><174><247>{UQPpa<244>T_<228>J<130>F<245><2
> 40><.<171><209>/[<194>v'<206><182><220>3<233>mi<170><191>/
> l<210><254><26>4<212><171>@<<130>-<137><21><186><224><195>>o<162>
> ~<201>?
> <193><7><5><163><142>}<161><205><141><20><3><1><0><1><1><22><3><1><0>(`
> <244><24>Z<26><230>x<190><227>H<166><173><3><128>A(o<143><213><150><185
> ><140><243><205>H<188><6>P<227><136>F<21><232>Ix<174><175><248>J<236>
> NAS-Port-Type = Wireless-IEEE-802-11
> NAS-Port = 364
> Service-Type = Framed
> NAS-IP-Address = 172.29.3.1
>
> Sun Feb 22 17:16:41 2004: DEBUG: Handling request with
> Handler 'Realm = domain.com'
> Sun Feb 22 17:16:41 2004: DEBUG: Deleting session for
> teste5 at domain.com, 172.29.3.1, 364
> Sun Feb 22 17:16:41 2004: DEBUG: Handling with
> Radius::AuthFILE:
> Sun Feb 22 17:16:41 2004: DEBUG: Handling with EAP:
> code 2, 4, 212
> Sun Feb 22 17:16:41 2004: DEBUG: Response type 25
> Sun Feb 22 17:16:41 2004: DEBUG: EAP TLS SSL_accept
> result: 1, 0, 3
> Sun Feb 22 17:16:41 2004: DEBUG: EAP result: 3, EAP
> PEAP Challenge
> Sun Feb 22 17:16:41 2004: DEBUG: Access challenged for
> teste5 at domain.com: EAP PEAP Challenge
> Sun Feb 22 17:16:41 2004: DEBUG: Packet dump:
> *** Sending to 172.29.3.1 port 21649 ....
> Code: Access-Challenge
> Identifier: 142
> Authentic:
> <208><245><11>0Y<232>4<162><227><167><220><161><235>BQ<238>
> Attributes:
> EAP-Message =
> <1><5><0>=<25><129><0><0><0>3<20><3><1><0><1><1><22><3><1><0>(b<21>\<24
> 6>"W\<206>)<195>Z<130><8><234>|<193><191>o<172>8G<220>0<26>@<136>Ad<212
> ><190><233><132>8<206><31>0<248><187>K<249>
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>
> Sun Feb 22 17:16:42 2004: DEBUG: Packet dump:
> *** Received from 172.29.3.1 port 21649 ....
> Code: Access-Request
> Identifier: 143
> Authentic:
> <173><203><189><254><227>~<214>W<134><189>r<165>J<28>l<180>
> Attributes:
> User-Name = "teste5 at domain.com"
> Framed-MTU = 1400
> Called-Station-Id = "000f.247a.c750"
> Calling-Station-Id = "0060.1df1.76d5"
> Message-Authenticator =
> <16>@<143><253><243>%<16>2<169>~<208><10><140><23><167>&
> EAP-Message = <2><5><0><6><25><1>
> NAS-Port-Type = Wireless-IEEE-802-11
> NAS-Port = 364
> Service-Type = Framed
> NAS-IP-Address = 172.29.3.1
>
> Sun Feb 22 17:16:42 2004: DEBUG: Handling request with
> Handler 'Realm = domain.com'
> Sun Feb 22 17:16:42 2004: DEBUG: Deleting session for
> teste5 at domain.com, 172.29.3.1, 364
> Sun Feb 22 17:16:42 2004: DEBUG: Handling with
> Radius::AuthFILE:
> Sun Feb 22 17:16:42 2004: DEBUG: Handling with EAP:
> code 2, 5, 6
> Sun Feb 22 17:16:42 2004: DEBUG: Response type 25
> Sun Feb 22 17:16:42 2004: DEBUG: EAP result: 3, EAP
> PEAP Challenge
> Sun Feb 22 17:16:42 2004: DEBUG: Access challenged for
> teste5 at domain.com: EAP PEAP Challenge
> Sun Feb 22 17:16:42 2004: DEBUG: Packet dump:
> *** Sending to 172.29.3.1 port 21649 ....
> Code: Access-Challenge
> Identifier: 143
> Authentic:
> <173><203><189><254><227>~<214>W<134><189>r<165>J<28>l<180>
> Attributes:
> EAP-Message =
> <1><6><0>H<25><1><23><3><1><0><24><240>H<140>>YI<221><130><18><127><181
> >CG<146><157>V<207>"<221><2><220><220><244>a<23><3><1><0>
> P<21><18><177>'<230><223><191>iWMy<133>{<13><249>I<201><171>[<173>&<137
> ><7><227><153><197><193>(L&<195>
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
> ...
>
>
> -------------------------------------------------
> Email Enviado utilizando o serviço MegaMail
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list