(RADIATOR) Xsupplicant Radiator EAP_TLS problems
Lopez, A.
a.lopez at tue.nl
Mon Jan 12 04:12:16 CST 2004
Hi Mike,
I installed and configured FreeRadius in order to find out what's going on with Xsupplicant.
FreeRadius (EAP-TLS) works also fine with Windows 802.1x client, therefore I assume it is well configured.
Below there is the output generated by both Xsupplicant and FreeRadius. It is strange because Xsupplicant says that authentication was performed properly but, after that, it seems to try to authenticate again without succeeding.
Perhaps this information is more useful.
Thanks again for your collaboration.
Alex
====================================
Xsupplicant log:
Omni:/home/alex# xsupplicant -i eth1 -d 8
Calling do_eapol, with device eth1
Setup on device eth1 complete
(EAPMD5) Initalized
(EAPMS-CHAP) Initalized
Done with init.
Loading profile for test from /etc/1x/1x.conf.
Sending EAPOL-Start #1
## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
Please Enter Your Password :
ACQUIRED
## eap_decode_packet ##: Got an EAP request
### Type is 13, length: 6
Loading certificate /etc/1x/certs/certs_amuse/root.pem . . .
(TLS)Loaded root certificate /etc/1x/certs/certs_amuse/root.pem and dirctory (null)
--- SSL : before/connect initialization
--- SSL : before/connect initialization
--- SSL : SSLv3 write client hello A
--- SSL : SSLv3 read server hello A
Destination : 0:40:96:31:d:73
AUTHENTICATING
## eap_decode_packet ##: Got an EAP request
### Type is 13, length: 1034
(EAPTTLS) Saved packet fragment.
Destination : 0:40:96:31:d:73
## eap_decode_packet ##: Got an EAP request
### Type is 13, length: 1034
(EAPTTLS) Saved packet fragment.
Destination : 0:40:96:31:d:73
## eap_decode_packet ##: Got an EAP request
### Type is 13, length: 12
(EAPTTLS) Saved packet fragment.
16 3 1 0 4a 2 0 0 46 3 1 40 2 6c 6a 15
--- SSL : SSLv3 read server hello A
--- SSL : SSLv3 read server certificate A
--- SSL : SSLv3 read server certificate request A
--- SSL : SSLv3 read server done A
--- SSL : SSLv3 write client certificate A
--- SSL : SSLv3 write client key exchange A
--- SSL : SSLv3 write certificate verify A
--- SSL : SSLv3 write change cipher spec A
--- SSL : SSLv3 write finished A
--- SSL : SSLv3 flush data
--- SSL : SSLv3 read finished A
Destination : 0:40:96:31:d:73
## eap_decode_packet ##: Got an EAP request
### Type is 13, length: 6
Destination : 0:40:96:31:d:73
## eap_decode_packet ##: Got an EAP request
### Type is 13, length: 69
(EAPTTLS) Saved packet fragment.
14 3 1 0 1 1 16 3 1 0 30 90 ed b1 cc 91
--- SSL : SSLv3 read finished A
--- SSL : SSL negotiation finished successfully
--- SSL : SSL negotiation finished successfully
Destination : 0:40:96:31:d:73
## eap_decode_packet ##: Got an EAP success
Authentication Succeeded
AUTHENTICATED
After iv:
EAPOL Key processed: broadcast [1] (5 bytes)
After check signature...
Successfully set WEP key [1]
After iv:
EAPOL Key processed: unicast [4] (5 bytes)
After check signature...
Internet Software Consortium DHCP Client 2.0pl5
Copyright 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium.
All rights reserved.
Please contribute if you find this software useful.
For info, please visit http://www.isc.org/dhcp-contrib.html
Successfully set WEP key [4]
Successfully set the WEP transmit key [4]
## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
ACQUIRED
## eap_decode_packet ##: Got an EAP request
### Type is 13, length: 6
--- SSL : before/connect initialization
--- SSL : before/connect initialization
--- SSL : SSLv3 write client hello A
--- SSL : SSLv3 read server hello A
Destination : 0:40:96:31:d:73
AUTHENTICATING
## eap_decode_packet ##: Got an EAP request
### Type is 13, length: 1034
(EAPTTLS) Saved packet fragment.
Destination : 0:40:96:31:d:73
Listening on LPF/eth1/00:02:2d:02:92:be
Sending on LPF/eth1/00:02:2d:02:92:be
Sending on Socket/fallback/fallback-net
You do not appear to be associated to a wireless network!
## eap_decode_packet ##: Got an EAP request
### Type is 13, length: 1034
(EAPTTLS) Saved packet fragment.
Destination : 44:44:44:44:44:44
## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
ACQUIRED
## eap_decode_packet ##: Got an EAP request
### Type is 13, length: 6
--- SSL : SSLv3 read server hello A
Destination : 0:40:96:31:d:73
AUTHENTICATING
DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 8
receive_packet failed on eth1: Network is down
## eap_decode_packet ##: Got an EAP failure
Failed to Authenticate
CONNECTING
## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
ACQUIRED
## eap_decode_packet ##: Got an EAP request
### Type is 13, length: 6
--- SSL : SSLv3 read server hello A
Destination : 0:40:96:31:d:73
AUTHENTICATING
## eap_decode_packet ##: Got an EAP failure
Failed to Authenticate
CONNECTING
## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
ACQUIRED
## eap_decode_packet ##: Got an EAP request
### Type is 13, length: 6
--- SSL : SSLv3 read server hello A
Destination : 0:40:96:31:d:73
AUTHENTICATING
## eap_decode_packet ##: Got an EAP failure
Failed to Authenticate
CONNECTING
## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
ACQUIRED
## eap_decode_packet ##: Got an EAP request
### Type is 13, length: 6
--- SSL : SSLv3 read server hello A
Destination : 0:40:96:31:d:73
AUTHENTICATING
DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 19
## eap_decode_packet ##: Got an EAP failure
Failed to Authenticate
CONNECTING
## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
ACQUIRED
## eap_decode_packet ##: Got an EAP request
### Type is 13, length: 6
--- SSL : SSLv3 read server hello A
Destination : 0:40:96:31:d:73
AUTHENTICATING
## eap_decode_packet ##: Got an EAP failure
Failed to Authenticate
CONNECTING
## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
ACQUIRED
## eap_decode_packet ##: Got an EAP request
### Type is 13, length: 6
--- SSL : SSLv3 read server hello A
Destination : 0:40:96:31:d:73
AUTHENTICATING
## eap_decode_packet ##: Got an EAP failure
Failed to Authenticate
CONNECTING
## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
ACQUIRED
## eap_decode_packet ##: Got an EAP request
### Type is 13, length: 6
--- SSL : SSLv3 read server hello A
Destination : 0:40:96:31:d:73
AUTHENTICATING
## eap_decode_packet ##: Got an EAP failure
Failed to Authenticate
CONNECTING
## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
ACQUIRED
## eap_decode_packet ##: Got an EAP request
### Type is 13, length: 6
--- SSL : SSLv3 read server hello A
Destination : 0:40:96:31:d:73
AUTHENTICATING
## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
ACQUIRED
## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
===================================
FreeRADIUS log:
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /etc/raddb/proxy.conf
Config: including file: /etc/raddb/clients.conf
Config: including file: /etc/raddb/snmp.conf
Config: including file: /etc/raddb/sql.conf
main: prefix = "/usr/local"
main: localstatedir = "/usr/local/var"
main: logdir = "/usr/local/var/log/radius"
main: libdir = "/usr/local/lib"
main: radacctdir = "/usr/local/var/log/radius/radacct"
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = "/usr/local/var/log/radius/radius.log"
main: log_auth = no
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
main: user = "(null)"
main: group = "(null)"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: checkrad = "/usr/local/sbin/checkrad"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = yes
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will go away soon.
read_config_files: reading clients
Using deprecated clients file. Support for this will go away soon.
read_config_files: reading realms
Using deprecated realms file. Support for this will go away soon.
radiusd: entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = "crypt"
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: passwd = "(null)"
mschap: authtype = "MS-CHAP"
Module: Instantiated mschap (mschap)
Module: Loaded System
unix: cache = no
unix: passwd = "(null)"
unix: shadow = "(null)"
unix: group = "(null)"
unix: radwtmp = "/usr/local/var/log/radius/radwtmp"
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
eap: default_eap_type = "tls"
eap: timer_expire = 60
rlm_eap: Loaded and initialized the type md5
rlm_eap: Loaded and initialized the type leap
tls: rsa_key_exchange = no
tls: dh_key_exchange = yes
tls: rsa_key_length = 512
tls: dh_key_length = 512
tls: verify_depth = 0
tls: CA_path = "(null)"
tls: pem_file_type = yes
tls: private_key_file = "/etc/1x/server_silmarillion.pem"
tls: certificate_file = "/etc/1x/server_silmarillion.pem"
tls: CA_file = "/etc/1x/root.pem"
tls: private_key_password = "serverpwd"
tls: dh_file = "/etc/1x/DH"
tls: random_file = "/etc/1x/random"
tls: fragment_size = 1024
tls: include_length = yes
rlm_eap_tls: conf N ctx stored
rlm_eap: Loaded and initialized the type tls
Module: Instantiated eap (eap)
Module: Loaded preprocess
preprocess: huntgroups = "/etc/raddb/huntgroups"
preprocess: hints = "/etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
Module: Instantiated realm (suffix)
Module: Loaded files
files: usersfile = "/etc/raddb/users"
files: acctusersfile = "/etc/raddb/acct_users"
files: preproxy_usersfile = "/etc/raddb/preproxy_users"
files: compat = "no"
Module: Instantiated files (files)
Module: Loaded Acct-Unique-Session-Id
acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port-Id"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded detail
detail: detailfile = "/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename = "/usr/local/var/log/radius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: case_sensitive = yes
radutmp: check_with_nas = yes
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on IP address *, ports 1812/udp and 1813/udp, with proxy on 1814/udp.
Ready to process requests.
rad_recv: Access-Request packet from host 131.155.193.92:1533,
id=230, length=148
User-Name = "a.lopez at amuse_tls.nl"
NAS-IP-Address = 131.155.193.92
Called-Station-Id = "004096310d73"
Calling-Station-Id = "00022d0292be"
NAS-Identifier = "ap340-2"
NAS-Port = 29
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x0201001901612e6c6f70657a40616d7573655f746c732e6e6c
Message-Authenticator = 0x43e9e7cd71e564d81273e308c317d3e3
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for reques
t 0
modcall[authorize]: module "chap" returns noop for request 0
rlm_eap: EAP packet type notification id 1 length 25
rlm_eap: EAP Start not found
modcall[authorize]: module "eap" returns updated for request
0
rlm_realm: Looking up realm "amuse_tls.nl" for User-Name =
"a.lopez at amuse_tls.nl"
rlm_realm: No such realm "amuse_tls.nl"
modcall[authorize]: module "suffix" returns noop for request
0
users: Matched a.lopez at amuse_tls.nl at 65
modcall[authorize]: module "files" returns ok for request 0
modcall[authorize]: module "mschap" returns noop for request
0
modcall: group authorize returns updated for request 0
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate for request 0
rlm_eap: EAP packet type notification id 1 length 25
rlm_eap: EAP Start not found
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
modcall[authenticate]: module "eap" returns ok for request 0
modcall: group authenticate returns ok for request 0
Sending Access-Challenge of id 230 to 131.155.193.92:1533
EAP-Message = 0x010200060d20
Message-Authenticator = 0x00000000000000000000000000000
000
State = 0x1d3b6d2d6a4580c6352fc87686fb166226700240d4f32
e47cd6c323b23f3c5be0b24d922
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 131.155.193.92:1534,
id=231, length=271
User-Name = "a.lopez at amuse_tls.nl"
NAS-IP-Address = 131.155.193.92
Called-Station-Id = "004096310d73"
Calling-Station-Id = "00022d0292be"
NAS-Identifier = "ap340-2"
NAS-Port = 29
Framed-MTU = 1400
State = 0x1d3b6d2d6a4580c6352fc87686fb166226700240d4f32e47cd6c323b23f3c5be0b24d922
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x0202006e0d8000000064160301005f0100005b030140027105b95826853a0614abd1ef3b0dbe172d028897dc4f2a0510034d31d3da00003400390038003500160013000a00330032002f006600050004006300620061001500120009006500640060001400110008000600030100
Message-Authenticator = 0xe542746891bba76a9eefd91485c69e73
modcall: entering group authorize for request 1
modcall[authorize]: module "preprocess" returns ok for request 1
modcall[authorize]: module "chap" returns noop for request 1
rlm_eap: EAP packet type notification id 2 length 110
rlm_eap: EAP Start not found
modcall[authorize]: module "eap" returns updated for request 1
rlm_realm: Looking up realm "amuse_tls.nl" for User-Name = "a.lopez at amuse_tls.nl"
rlm_realm: No such realm "amuse_tls.nl"
modcall[authorize]: module "suffix" returns noop for request 1
users: Matched a.lopez at amuse_tls.nl at 65
modcall[authorize]: module "files" returns ok for request 1
modcall[authorize]: module "mschap" returns noop for request 1
modcall: group authorize returns updated for request 1
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate for request 1
rlm_eap: EAP packet type notification id 2 length 110
rlm_eap: EAP Start not found
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Authenticate
rlm_eap_tls: Length Included
undefined: before/accept initialization
TLS_accept: before/accept initialization
rlm_eap_tls: <<< TLS 1.0 Handshake [length 005f], ClientHello
TLS_accept: SSLv3 read client hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
TLS_accept: SSLv3 write server hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 06e9], Certificate
TLS_accept: SSLv3 write certificate A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 00c0], CertificateRequest
TLS_accept: SSLv3 write certificate request A
TLS_accept: SSLv3 flush data
TLS_accept:error in SSLv3 read client certificate A
rlm_eap_tls: SSL_read Error
Error code is ..... 2
SSL Error ..... 2
modcall[authenticate]: module "eap" returns ok for request 1
modcall: group authenticate returns ok for request 1
Sending Access-Challenge of id 231 to 131.155.193.92:1534
EAP-Message = 0x0103040a0dc000000802160301004a020000460301400270269ad1120efb18793812685cefb95c5dd12fb80ce61d67d6f711fbe7cb20648d38f6fc3d3e3846bdf405a1b3be926b9c6527fbd26e6cc75b0e8464b0280e00350016030106e90b0006e50006e20002f3308202ef30820258a003020102020101300d06092a864886f70d01010405003081ae310b3009060355040613024e4c311430120603550408130b4e65746865726c616e6473311230100603550407130945696e64686f76656e312a3028060355040a1321546563686e697363686520556e697665727369746569742045696e64686f76656e3110300e060355040b13075454452d45
EAP-Message = 0x434f311830160603550403140f73696c6d6172696c6c696f6e5f6361311d301b06092a864886f70d010901160e612e6c6f70657a407475652e6e6c301e170d3033313231393133303630315a170d3034313231383133303630315a3081b2310b3009060355040613024e4c311430120603550408130b4e65746865726c616e6473311230100603550407130945696e64686f76656e312a3028060355040a1321546563686e697363686520556e697665727369746569742045696e64686f76656e3110300e060355040b13075454452d45434f311c301a060355040314137365727665725f73696c6d6172696c6c696f6e311d301b06092a864886f70d
EAP-Message = 0x010901160e612e6c6f70657a407475652e6e6c30819f300d06092a864886f70d010101050003818d0030818902818100c1d96b5184619337233d264facee95bc1cac85452abb8fac4b5021c254fde659de720b141628d66f3ca6abadba27b9595713ff0e7a53e727429c55ef1b54579f3ba086ff5ca498739b90fa1c6e0b7d2d8108c5bfd6ac7bf18e0ca39f744667c52c74511478905fd35e1fd8c87dc83e8145d2871de801c026928cf74b2537eca70203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d010104050003818100a179cef2b6b29a0f10b545b58e2ebdf9dfa13baed3942e5f074df0de
EAP-Message = 0xc1589094ac85ece28d0e845a3e93a4153f6a3a345c4506eb438df5cb701fa4ae349c378713e2285d80231dc743f59a388d5f851fb6906d1344c76cff9faa382af0f922fd0b1994f8af4b21f790fdf15763ba4b5cec1ef2b9ee45804b2b749a40fe2e6fee0003e9308203e53082034ea00
0603550408130b4e65746865726c616e6473311230100603550407130945696e64686f76656e312a3028060355040a1321546563686e697363686520556e697665727369746569742045696e64686f76656e3110300e060355040b13075454452d4543
EAP-Message = 0x4f311830160603550403140f73696c6d6172696c6c69
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x1fa069f3ca50064925b41f71cffb0ad72670024004c686da1bf1c43440752c5eda79cfff
Finished request 1
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 131.155.193.92:1535, id=232, length=167
User-Name = "a.lopez at amuse_tls.nl"
NAS-IP-Address = 131.155.193.92
Called-Station-Id = "004096310d73"
Calling-Station-Id = "00022d0292be"
NAS-Identifier = "ap340-2"
NAS-Port = 29
Framed-MTU = 1400
State = 0x1fa069f3ca50064925b41f71cffb0ad72670024004c686da1bf1c43440752c5eda79cfff
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x020300060d00
Message-Authenticator = 0x98438802272f7a4f17f7c611d7b06e0e
modcall: entering group authorize for request 2
modcall[authorize]: module "preprocess" returns ok for request 2
modcall[authorize]: module "chap" returns noop for request 2
rlm_eap: EAP packet type notification id 3 length 6
rlm_eap: EAP Start not found
modcall[authorize]: module "eap" returns updated for request 2
rlm_realm: Looking up realm "amuse_tls.nl" for User-Name = "a.lopez at amuse_tls.nl"
rlm_realm: No such realm "amuse_tls.nl"
modcall[authorize]: module "suffix" returns noop for request 2
users: Matched a.lopez at amuse_tls.nl at 65
modcall[authorize]: module "files" returns ok for request 2
modcall[authorize]: module "mschap" returns noop for request 2
modcall: group authorize returns updated for request 2
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate for request 2
rlm_eap: EAP packet type notification id 3 length 6
rlm_eap: EAP Start not found
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Authenticate
rlm_eap_tls: Received EAP-TLS ACK message
modcall[authenticate]: module "eap" returns ok for request 2
modcall: group authenticate returns ok for request 2
Sending Access-Challenge of id 232 to 131.155.193.92:1535
EAP-Message = 0x0104040a0dc0000008026f6e5f6361311d301b06092a864886f70d010901160e612e6c6f70657a407475652e6e6c301e170d3033313231393133303532385a170d3034303131383133303532385a3081ae310b3009060355040613024e4c311430120603550408130b4e65746865726c616e6473311230100603550407130945696e64686f76656e312a3028060355040a1321546563686e697363686520556e697665727369746569742045696e64686f76656e3110300e060355040b13075454452d45434f311830160603550403140f73696c6d6172696c6c696f6e5f6361311d301b06092a864886f70d010901160e612e6c6f70657a407475652e
EAP-Message = 0x6e6c30819f300d06092a864886f70d010101050003818d0030818902818100c42a87d3ead296375da5d1f2811d76a30c70d7688bacea6fb3e3cd9f5e3ecfa5b60137996377f7ecf87cc2a322dc3e4b26a7018955440815409d004cffaed7cd4161254b016ec131f97b2898c760cd85597c58497d01e146a713db7109548cb00a0e22401184b80e2b31e75017f14def9708b29ae4b5aa96e464eb91484cbab50203010001a382010f3082010b301d0603551d0e041604145c2d88dadaf44eb20aa5e174aa96324cb25414753081db0603551d230481d33081d080145c2d88dadaf44eb20aa5e174aa96324cb2541475a181b4a481b13081ae310b300906
EAP-Message = 0x0355040613024e4c311430120603550408130b4e65746865726c616e6473311230100603550407130945696e64686f76656e312a3028060355040a1321546563686e697363686520556e697665727369746569742045696e64686f76656e3110300e060355040b13075454452d45434f311830160603550403140f73696c6d6172696c6c696f6e5f6361311d301b06092a864886f70d010901160e612e6c6f70657a407475652e6e6c820100300c0603551d13040530030101ff300d06092a864886f70d0101040500038181006962a093c7c6b4baa538d7a1a0cb68e4ffcca6f78fe72c66792b19c1e57ab046a8c407836e8a8a524a544419539cacf1
EAP-Message = 0x3fb6bf9ebf050b746c7bed7774634d4c792948906bc035717eb2e1d4113799989a1d940389379e5aaf22e8c0d5e9be1401ccd714a0ffd1d5197ef2374e85b43872d746e20d83a5c07cd28993f797b5f816030100c00d0000b802010200b300b13081ae310b3009060355040613024e4c311430120603550408130b4e65746865726c616e6473311230100603550407130945696e64686f76656e312a3028060355040a1321546563686e697363686520556e697665727369746569742045696e64686f76656e3110300e060355040b13075454452d45434f311830160603550403140f73696c6d6172696c6c696f6e5f6361311d301b06092a864886f7
EAP-Message = 0x0d010901160e612e6c6f70657a407475652e6e6c0e00
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x4fb309b16cf20a5d1bf8c0027c0a268f26700240da0c27a50b0a519828b00dc8764df73d
Finished request 2
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 131.155.193.92:1536, id=233, length=167
User-Name = "a.lopez at amuse_tls.nl"
NAS-IP-Address = 131.155.193.92
Called-Station-Id = "004096310d73"
Calling-Station-Id = "00022d0292be"
NAS-Identifier = "ap340-2"
NAS-Port = 29
Framed-MTU = 1400
State = 0x4fb309b16cf20a5d1bf8c0027c0a268f26700240da0c27a50b0a519828b00dc8764df73d
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x020400060d00
Message-Authenticator = 0x019d9f32d77d3a546ccebaa3740e1be9
modcall: entering group authorize for request 3
modcall[authorize]: module "preprocess" returns ok for request 3
modcall[authorize]: module "chap" returns noop for request 3
rlm_eap: EAP packet type notification id 4 length 6
rlm_eap: EAP Start not found
modcall[authorize]: module "eap" returns updated for request 3
rlm_realm: Looking up realm "amuse_tls.nl" for User-Name = "a.lopez at amuse_tls.nl"
rlm_realm: No such realm "amuse_tls.nl"
modcall[authorize]: module "suffix" returns noop for request 3
users: Matched a.lopez at amuse_tls.nl at 65
modcall[authorize]: module "files" returns ok for request 3
modcall[authorize]: module "mschap" returns noop for request 3
modcall: group authorize returns updated for request 3
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate for request 3
rlm_eap: EAP packet type notification id 4 length 6
rlm_eap: EAP Start not found
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Authenticate
rlm_eap_tls: Received EAP-TLS ACK message
modcall[authenticate]: module "eap" returns ok for request 3
modcall: group authenticate returns ok for request 3
Sending Access-Challenge of id 233 to 131.155.193.92:1536
EAP-Message = 0x0105000c0d80000008020000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x350847686fb667ce2198af7943ec81662670024006ed1311db3c022de2b6c7bdf6adebf4
Finished request 3
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 131.155.193.92:1537, id=234, length=1579
User-Name = "a.lopez at amuse_tls.nl"
NAS-IP-Address = 131.155.193.92
Called-Station-Id = "004096310d73"
Calling-Station-Id = "00022d0292be"
NAS-Identifier = "ap340-2"
NAS-Port = 29
Framed-MTU = 1400
State = 0x350847686fb667ce2198af7943ec81662670024006ed1311db3c022de2b6c7bdf6adebf4
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x020505800dc00000084016030106ea0b0006e60006e30002f4308202f030820259a003020102020102300d06092a864886f70d01010405003081ae310b3009060355040613024e4c311430120603550408130b4e65746865726c616e6473311230100603550407130945696e64686f76656e312a3028060355040a1321546563686e697363686520556e697665727369746569742045696e64686f76656e3110300e060355040b13075454452d45434f311830160603550403140f73696c6d6172696c6c696f6e5f6361311d301b06092a864886f70d010901160e612e6c6f70657a407475652e6e6c301e170d3033313231393133303730305a170d30
EAP-Message = 0x34313231383133303730305a3081b3310b3009060355040613024e4c311430120603550408130b4e65746865726c616e6473311230100603550407130945696e64686f76656e312a3028060355040a1321546563686e697363686520556e697665727369746569742045696e64686f76656e3110300e060355040b13075454452d45434f311d301b06035504031414612e6c6f70657a40616d7573655f746c732e6e6c311d301b06092a864886f70d010901160e612e6c6f70657a407475652e6e6c30819f300d06092a864886f70d010101050003818d0030818902818100b9295cdb943ac362e1e2649bdb672f17914501f1f40c1e2e3212138a93c7
EAP-Message = 0x9bb0bba9afd3301c1cd38da340b571dd993c7e98298234dbc4aadadbf4e8fc869f70614348ac52b28b62bc8b49df9d9f416b4ab8653a94af632eb27dfc2bd4b9310732220055f971e2c0841b8064d1158a3fceb90536b840a504e22fea364d51f8390203010001a317301530130603551
d25040c300a06082b06010505070302300d06092a864886f70d010104050003818100b4eb3b7f9be656c829537f6666cda18cf5908c587413d5de3a0c5530f9dc5ef2fb87596b0e61433c4db1b60d65b8b58daf227b3921bc32d5c9c6762deeeb173de30175e10c5f5de6bdc2931089026a4e59e3731004bc8a747eb51cb4221be9a52d6c115488daaccca628
EAP-Message = 0xb0001b56ecf90509847d92a25d3048f9a77b96298e4d0003e9308203e53082034ea003020102020100300d06092a864886f70d01010405003081ae310b3009060355040613024e4c311430120603550408130b4e65746865726c616e6473311230100603550407130945696e64686f76656e312a3028060355040a1321546563686e697363686520556e697665727369746569742045696e64686f76656e3110300e060355040b13075454452d45434f311830160603550403140f73696c6d6172696c6c696f6e5f6361311d301b06092a864886f70d010901160e612e6c6f70657a407475652e6e6c301e170d3033313231393133303532385a170d30
EAP-Message = 0x34303131383133303532385a3081ae310b3009060355040613024e4c311430120603550408130b4e65746865726c616e6473311230100603550407130945696e64686f76656e312a3028060355040a1321546563686e697363686520556e697665727369746569742045696e64686f76656e3110300e060355040b13075454452d45434f311830160603550403140f73696c6d6172696c6c696f6e5f6361311d301b06092a864886f70d010901160e612e6c6f70657a407475652e6e6c30819f300d06092a864886f70d010101050003818d0030818902818100c42a87d3ead296375da5d1f2811d76a30c70d7688bacea6fb3e3cd9f5e3ecfa5b60137
EAP-Message = 0x996377f7ecf87cc2a322dc3e4b26a7018955440815409d004cffaed7cd4161254b016ec131f97b2898c760cd85597c58497d01e146a713db7109548cb00a0e22401184b80e2b31e75017f14def9708b29ae4b5aa96e464eb91484cbab50203010001a382010f3082010b301d0603551d0e041604145c2d88dadaf44eb20aa5e174aa96324cb25414753081db060355
Message-Authenticator = 0x6fe2b702e0e5573af3195474b7bd242c
modcall: entering group authorize for request 4
modcall[authorize]: module "preprocess" returns ok for request 4
modcall[authorize]: module "chap" returns noop for request 4
rlm_eap: EAP packet type notification id 5 length 1408
rlm_eap: EAP Start not found
modcall[authorize]: module "eap" returns updated for request 4
rlm_realm: Looking up realm "amuse_tls.nl" for User-Name = "a.lopez at amuse_tls.nl"
rlm_realm: No such realm "amuse_tls.nl"
modcall[authorize]: module "suffix" returns noop for request 4
users: Matched a.lopez at amuse_tls.nl at 65
modcall[authorize]: module "files" returns ok for request 4
modcall[authorize]: module "mschap" returns noop for request 4
modcall: group authorize returns updated for request 4
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate for request 4
rlm_eap: EAP packet type notification id 5 length 1408
rlm_eap: EAP Start not found
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Authenticate
rlm_eap_tls: Received EAP-TLS First Fragment of the message
Total Length Included
modcall[authenticate]: module "eap" returns ok for request 4
modcall: group authenticate returns ok for request 4
Sending Access-Challenge of id 234 to 131.155.193.92:1537
EAP-Message = 0x010600060d00
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xdc3383c5273370c314162946cd362466277002401bc5aea1ea50a1f01d75109d980830bb
Finished request 4
Going to the next request
--- Walking the entire request list ---
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 131.155.193.92:1538, id=235, length=885
User-Name = "a.lopez at amuse_tls.nl"
NAS-IP-Address = 131.155.193.92
Called-Station-Id = "004096310d73"
Calling-Station-Id = "00022d0292be"
NAS-Identifier = "ap340-2"
NAS-Port = 29
Framed-MTU = 1400
State = 0xdc3383c5273370c314162946cd362466277002401bc5aea1ea50a1f01d75109d980830bb
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x020602d00d001d230481d33081d080145c2d88dadaf44eb20aa5e174aa96324cb2541475a181b4a481b13081ae310b3009060355040613024e4c311430120603550408130b4e65746865726c616e6473311230100603550407130945696e64686f76656e312a3028060355040a1321546563686e697363686520556e697665727369746569742045696e64686f76656e3110300e060355040b13075454452d45434f311830160603550403140f73696c6d6172696c6c696f6e5f6361311d301b06092a864886f70d010901160e612e6c6f70657a407475652e6e6c820100300c0603551d13040530030101ff300d06092a864886f70d01010405000381
EAP-Message = 0x81006962a093c7c6b4baa538d7a1a0cb68e4ffcca6f78fe72c66792b19c1e57ab046a8c407836e8a8a524a544419539cacf13fb6bf9ebf050b746c7bed7774634d4c792948906bc035717eb2e1d4113799989a1d940389379e5aaf22e8c0d5e9be1401ccd714a0ffd1d5197ef2374e85b--More--(19%)
43872d746e20d83a5c07cd28993f797b5f816030100861000008200807a9cf8e349c5825ff9a2c96de09aec269557ea13948256fc268dabfa2898cffe919615b8d3be0725d18af518fce9a133763fba3469cb986ed214de97f87e5ed545279746914776240609fa5de3c810d75ecc5bea0b12f4e45a9cc8a0f3097087eec3a5908a34537ce84b4d1d0a0bb7df
EAP-Message = 0x04ff52a777baeb9b88eba5c7c365e36716030100860f000082008093e6fd67bcd34b0635473dc6cddc63a06e25a21ce55f058a35f1eff1056c42e2f6aaea9265b52e134bef239b8ef484618376299228e7c8c7499b36d3bf91964fb483772319dfa28399a83a9ac26d0d8a7cf6621207db0d2aacae80d8fa6f5a5caee4fbfb70d3cce6713920ed46789678fe617fbd1bf7bdd19ef6fa2a5c3b1a92140301000101160301003024f05d323035cac274f1b0089f8a1aa12ee28ad978a1a5b5d1d2d90500f4f7413e431501bb0ef2cee83159eaa126956c
Message-Authenticator = 0xa9e9c18561ac003f6e40f74d037e0c9b
modcall: entering group authorize for request 5
modcall[authorize]: module "preprocess" returns ok for request 5
modcall[authorize]: module "chap" returns noop for request 5
rlm_eap: EAP packet type notification id 6 length 720
rlm_eap: EAP Start not found
modcall[authorize]: module "eap" returns updated for request 5
rlm_realm: Looking up realm "amuse_tls.nl" for User-Name = "a.lopez at amuse_tls.nl"
rlm_realm: No such realm "amuse_tls.nl"
modcall[authorize]: module "suffix" returns noop for request 5
users: Matched a.lopez at amuse_tls.nl at 65
modcall[authorize]: module "files" returns ok for request 5
modcall[authorize]: module "mschap" returns noop for request 5
modcall: group authorize returns updated for request 5
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate for request 5
rlm_eap: EAP packet type notification id 6 length 720
rlm_eap: EAP Start not found
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Authenticate
rlm_eap_tls: <<< TLS 1.0 Handshake [length 06ea], Certificate
chain-depth=1,
error=0
--> User-Name = a.lopez at amuse_tls.nl
--> BUF-Name = silmarillion_ca
--> subject = /C=NL/ST=Netherlands/L=Eindhoven/O=Technische Universiteit Eindhoven/
OU=TTE-ECO/CN=silmarillion_ca/emailAddress=a.lopez at tue.nl
--> issuer = /C=NL/ST=Netherlands/L=Eindhoven/O=Technische Universiteit Eindhoven/OU=TTE-ECO/CN=silmarillion_ca/emailAddress=a.lopez at tue.nl
--> verify return:1
chain-depth=0,
error=0
--> User-Name = a.lopez at amuse_tls.nl
--> BUF-Name = a.lopez at amuse_tls.nl
--> subject = /C=NL/ST=Netherlands/L=Eindhoven/O=Technische Universiteit Eindhoven/OU=TTE-ECO/CN=a.lopez at amuse_tls.nl/emailAddress=a.lopez at tue.nl
--> issuer = /C=NL/ST=Netherlands/L=Eindhoven/O=Technische Universiteit Eindhoven/OU=TTE-ECO/CN=silmarillion_ca/emailAddress=a.lopez at tue.nl
--> verify return:1
TLS_accept: SSLv3 read client certificate A
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
TLS_accept: SSLv3 read client key exchange A
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], CertificateVerify
TLS_accept: SSLv3 read certificate verify A
rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001]
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 read finished A
rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001]
TLS_accept: SSLv3 write change cipher spec A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 write finished A
TLS_accept: SSLv3 flush data
undefined: SSL negotiation finished successfully
rlm_eap_tls: SSL_read Error
Error code is ..... 2
SSL Error ..... 2
modcall[authenticate]: module "eap" returns ok for request 5
modcall: group authenticate returns ok for request 5
Sending Access-Challenge of id 235 to 131.155.193.92:1538
EAP-Message = 0x010700450d800000003b1403010001011603010030ccfadfbd2a755b049f71ab1dac25abd8b23ac2016e99c566271f28b0a5a66f8e0bf6155336c47101203a3e5f95a2d5bb
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x91c5ec40e0bf7ca91f82199fa5328fdd277002407e7d0785bf060b6d03bb5caa9535c15b
Finished request 5
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 131.155.193.92:1539, id=236, length=167
User-Name = "a.lopez at amuse_tls.nl"
NAS-IP-Address = 131.155.193.92
Called-Station-Id = "004096310d73"
Calling-Station-Id = "00022d0292be"
NAS-Identifier = "ap340-2"
NAS-Port = 29
Framed-MTU = 1400
State = 0x91c5ec40e0bf7ca91f82199fa5328fdd277002407e7d0785bf060b6d03bb5caa9535c15b
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x020700060d00
Message-Authenticator = 0x0a6689de38c6a05079c1b41d111459a1
modcall: entering group authorize for request 6
modcall[authorize]: module "preprocess" returns ok for request 6
modcall[authorize]: module "chap" returns noop for request 6
rlm_eap: EAP packet type notification id 7 length 6
rlm_eap: EAP Start not found
modcall[authorize]: module "eap" returns updated for request 6
rlm_realm: Looking up realm "amuse_tls.nl" for User-Name = "a.lopez at amuse_tls.nl"
rlm_realm: No such realm "amuse_tls.nl"
modcall[authorize]: module "suffix" returns noop for request 6
users: Matched a.lopez at amuse_tls.nl at 65
modcall[authorize]: module "files" returns ok for request 6
modcall[authorize]: module "mschap" returns noop for request 6
modcall: group authorize returns updated for request 6
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate for request 6
rlm_eap: EAP packet type notification id 7 length 6
rlm_eap: EAP Start not found
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Authenticate
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap: Freeing handler
modcall[authenticate]: module "eap" returns ok for request 6
modcall: group authenticate returns ok for request 6
Sending Access-Accept of id 236 to 131.155.193.92:1539
MS-MPPE-Recv-Key = 0xb59f45a79823ccaa4df121444c9070051343528d9ece4621c76992629186600e
MS-MPPE-Send-Key = 0x91c9c85b0ca44a087207c5a1dc1506186e7900378397059042d4356413d58773
EAP-Message = 0x03070004
Message-Authenticator = 0x00000000000000000000000000000000
Finished request 6
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 131.155.193.92:1540, id=237, length=148
User-Name = "a.lopez at amuse_tls.nl"
NAS-IP-Address = 131.155.193.92
Called-Station-Id = "004096310d73"
Calling-Station-Id = "00022d0292be"
NAS-Identifier = "ap340-2"
NAS-Port = 29
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x0200001901612e6c6f70657a40616d7573655f746c732e6e6c
Message-Authenticator = 0xd7685ba98debe806ead7a32da463dc15
modcall: entering group authorize for request 7
modcall[authorize]: module "preprocess" returns ok for request 7
modcall[authorize]: module "chap" returns noop for request 7
rlm_eap: EAP packet type notification id 0 length 25
rlm_eap: EAP Start not found
modcall[authorize]: module "eap" returns updated for request 7
rlm_realm: Looking up realm "amuse_tls.nl" for User-Name = "a.lopez at amuse_tls.nl"
rlm_realm: No such realm "amuse_tls.nl"
modcall[authorize]: module "suffix" returns noop for request 7
users: Matched a.lopez at amuse_tls.nl at 65
modcall[authorize]: module "files" returns ok for request 7
modcall[authorize]: module "mschap" returns noop for request 7
modcall: group authorize returns updated for request 7
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate for request 7
rlm_eap: EAP packet type notification id 0 length 25
rlm_eap: EAP Start not found
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
modcall[authenticate]: module "eap" returns ok for request 7
modcall: group authenticate returns ok for request 7
Sending Access-Challenge of id 237 to 131.155.193.92:1540
EAP-Message = 0x010100060d20
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xd1d5ae30de056ab3d41d71431d5358a728700240e8807ad76343a59291a27a027438c321
Finished request 7
Going to the next request
--- Walking the entire request list ---
Waking up in 4 seconds...
rad_recv: Access-Request packet from host 131.155.193.92:1541, id=238, length=271
User-Name = "a.lopez at amuse_tls.nl"
NAS-IP-Address = 131.155.193.92
Called-Station-Id = "004096310d73"
Calling-Station-Id = "00022d0292be"
NAS-Identifier = "ap340-2"
NAS-Port = 29
Framed-MTU = 1400
State = 0xd1d5ae30de056ab3d41d71431d5358a728700240e8807ad76343a59291a27a027438c321
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x0201006e0d8000000064160301005f0100005b0301400271071da94672bad0f8f4cca7b43e922998c135c90403c50bc5c67ae75f6f00003400390038003500160013000a00330032002f006600050004006300620061001500120009006500640060001400110008000600030100
Message-Authenticator = 0x82618b8001d9e3e2befa8c65d26f5ac2
modcall: entering group authorize for request 8
modcall[authorize]: module "preprocess" returns ok for request 8
modcall[authorize]: module "chap" returns noop for request 8
rlm_eap: EAP packet type notification id 1 length 110
rlm_eap: EAP Start not found
modcall[authorize]: module "eap" returns updated for request 8
rlm_realm: Looking up realm "amuse_tls.nl" for User-Name = "a.lopez at amuse_tls.nl"
rlm_realm: No such realm "amuse_tls.nl"
modcall[authorize]: module "suffix" returns noop for request 8
users: Matched a.lopez at amuse_tls.nl at 65
modcall[authorize]: module "files" returns ok for request 8
modcall[authorize]: module "mschap" returns noop for request 8
modcall: group authorize returns updated for request 8
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate for request 8
rlm_eap: EAP packet type notification id 1 length 110
rlm_eap: EAP Start not found
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Authenticate
rlm_eap_tls: Length Included
undefined: before/accept initialization
TLS_accept: before/accept initialization
rlm_eap_tls: <<< TLS 1.0 Handshake [length 005f], ClientHello
TLS_accept: SSLv3 read client hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
TLS_accept: SSLv3 write server hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 06e9], Certificate
TLS_accept: SSLv3 write certificate A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 00c0], CertificateRequest
TLS_accept: SSLv3 write certificate request A
TLS_accept: SSLv3 flush data
TLS_accept:error in SSLv3 read client certificate A
rlm_eap_tls: SSL_read Error
Error code is ..... 2
SSL Error ..... 2
modcall[authenticate]: module "eap" returns ok for request 8
modcall: group authenticate returns ok for request 8
Sending Access-Challenge of id 238 to 131.155.193.92:1541
EAP-Message = 0x0102040a0dc000000802160301004a02000046030140027028ebc51af87d64e51c4d8162fcde5c55a3614794796268ad48b8b59ef020d349b0e3abb0e1894acf52811348defa7b1203612bc41df97def0d23c39415d300350016030106e90b0006e50006e20002f3308202ef30820258a003020102020101300d06092a864886f70d01010405003081ae310b3009060355040613024e4c311430120603550408130b4e65746865726c616e6473311230100603550407130945696e64686f76656e312a3028060355040a1321546563686e697363686520556e697665727369746569742045696e64686f76656e3110300e060355040b13075454452d45
EAP-Message = 0x434f311830160603550403140f73696c6d6172696c6c696f6e5f6361311d301b06092a864886f70d010901160e612e6c6f70657a407475652e6e6c301e170d3033313231393133303630315a170d3034313231383133303630315a3081b2310b3009060355040613024e4c311430120603550408130b4e65746865726c616e6473311230100603550407130945696e64686f76656e312a3028060355040a1321546563686e697363686520556e697665727369746569742045696e64686f76656e3110300e060355040b13075454452d45434f311c301a060355040314137365727665725f73696c6d6172696c6c696f6e311d301b06092a864886f70d
EAP-Message = 0x010901160e612e6c6f70657a407475652e6e6c30819f300d06092a864886f70d010101050003818d0030818902818100c1d96b5184619337233d264facee95bc1cac85452abb8fac4b5021c254fde659de720b141628d66f3ca6abadba27b9595713ff0e7a53e727429c55ef1b54579f3ba086ff5ca498739b90fa1c6e0b7d2d8108c5bfd6ac7bf18e0ca39f744667c52c74511478905fd35e1fd8c87dc83e8145d2871de801c026928cf74b2537eca70203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d010104050003818100a179cef2b6b29a0f10b545b58e2ebdf9dfa13baed3942e5f074df0de
EAP-Message = 0xc1589094ac85ece28d0e845a3e93a4153f6a3a345c4506eb438df5cb701fa4ae349c378713e2285d80231dc743f59a388d5f851fb6906d1344c76cff9faa382af0f922fd0b1994f8af4b21f790fdf15763ba4b5cec1ef2b9ee45804b2b749a40fe2e6fee0003e9308203e53082034ea003020102020100300d06092a864886f70d01010405003081ae310b3009060355040613024e4c311430120603550408130b4e65746865726c616e6473311230100603550407130945696e64686f76656e312a3028060355040a1321546563686e697363686520556e697665727369746569742045696e64686f76656e3110300e060355040b13075454452d4543
EAP-Message = 0x4f311830160603550403140f73696c6d6172696c6c69
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xc5468798369d26e7469cc34357c144ef28700240359a5564b9530e26e05be66f22ec23b2
Finished request 8
Going to the next request
Waking up in 4 seconds...
rad_recv: Access-Request packet from host 131.155.193.92:1542, id=239, length=167
User-Name = "a.lopez at amuse_tls.nl"
NAS-IP-Address = 131.155.193.92
Called-Station-Id = "004096310d73"
Calling-Station-Id = "00022d0292be"
NAS-Identifier = "ap340-2"
NAS-Port = 29
Framed-MTU = 1400
State = 0xc5468798369d26e7469cc34357c144ef28700240359a5564b9530e26e05be66f22ec23b2
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x020200060d00
-----Original Message-----
From: Mike McCauley
To: Lopez, A.; radiator at open.com.au
Sent: 1/11/2004 11:16 AM
Subject: Re: (RADIATOR) Xsupplicant Radiator EAP_TLS problems
Hello Alex,
Im not sure what is going on here.
Looks like Radiator is send back its certificate fine, but then the
client
does not send its certificate.
I suspect that there is a problem innthe clinet: either it does not like
the
servers certificate, or else it cant access or decode it own
certificate.
Suggest you have a close look at the XSupplicant log.
We have tested Radiator against XSupplicant and TLS successfully here.
Cheers.
On Sat, 10 Jan 2004 01:21 am, Lopez, A. wrote:
> Dear all,
> I am trying to make EAP-TLS work between Xsupplicant and Radiator. But
I
> am having some problems.
> I generated the certidficates using Openssl and authentication works
> perfectly when authenticating against Radiator from a windows
> supplicant. The problem only appears when using Xsupplicant (under
> GNU/Debian).
> In my notebook I installed:
> Xsupplicant 0.8b
> Openssl 0.9.7b
> Libpcap 0.7.2
> Lindnet 1.7
> Below there is the 1.conf I used for Xsupplicant and the output
> generated by Radiator during the authentication process.
> I would appreciate any idea.
> Thanks in advance
> Alex
>
> /etc/1x/1x.conf
> --------------------------
> default : id = a.lopez at amuse_tls.nl
> default : cert = /etc/1x/certs/certs_amuse/a.lopez at amuse_tls.nl.der
> default : key = /etc/1x/certs/certs_amuse/a.lopez at amuse_tls.nl.pem
> default : root = /etc/1x/certs/certs_amuse/root.pem
> default :auth = EAP
> default : pref = tls
> default : random_file = /dev/random
> default : after_auth = "/bin/echo I authenticated"
>
> =================================
>
> RADIATOR OUTPUT:
> ------------------------
> Fri Jan 9 14:12:25 2004: DEBUG: Reading users file
> /etc/radiator/users_tls
> Fri Jan 9 14:12:25 2004: DEBUG: Reading users file
/etc/radiator/users
> Fri Jan 9 14:12:25 2004: DEBUG: Reading users file
/etc/radiator/users
> Fri Jan 9 14:12:25 2004: DEBUG: Finished reading configuration file
> '/etc/radiator/radius.cfg'
> This Radiator license will expire on 2004-02-01
> This Radiator license will stop operating after 1000 requests
> To purchase an unlimited full source version of Radiator, see
> http://www.open.com.au/ordering.html
> To extend your evaluation period, contact admin at open.com.au
>
> Fri Jan 9 14:12:25 2004: DEBUG: Reading dictionary file
> '/etc/radiator/dictionary'
> Fri Jan 9 14:12:26 2004: DEBUG: Creating authentication port
> 0.0.0.0:1812
> Fri Jan 9 14:12:26 2004: DEBUG: Creating accounting port 0.0.0.0:1813
> Fri Jan 9 14:12:26 2004: NOTICE: Server started: Radiator 3.7.1 on
> phoenix (EVALUATION)
> Fri Jan 9 14:13:54 2004: DEBUG: Packet dump:
> *** Received from 131.155.193.92 port 1035 ....
> Code: Access-Request
> Identifier: 5
> Authentic:
> <233>,<246><157>.<209><178><150><24>8<255><25><185><151><30><161>
> Attributes:
> User-Name = "a.lopez at amuse_tls.nl"
> NAS-IP-Address = 131.155.193.92
> Called-Station-Id = "004096310d73"
> Calling-Station-Id = "00022d0292be"
> NAS-Identifier = "ap340-2"
> NAS-Port = 29
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-IEEE-802-11
> EAP-Message = <2><0><0><25><1>a.lopez at amuse_tls.nl
> Message-Authenticator =
> <200><181><130><228>DP<195><234><152><140>T<229><24><24><201>`
>
> Fri Jan 9 14:13:54 2004: DEBUG: Handling request with Handler
> 'Realm=amuse_tls.nl'
> Fri Jan 9 14:13:54 2004: DEBUG: Deleting session for
> a.lopez at amuse_tls.nl, 131.155.193.92, 29
> Fri Jan 9 14:13:54 2004: DEBUG: Handling with Radius::AuthFILE:
> Fri Jan 9 14:13:54 2004: DEBUG: Handling with EAP: code 2, 0, 25
> Fri Jan 9 14:13:54 2004: DEBUG: Response type 1
> Fri Jan 9 14:13:55 2004: DEBUG: EAP result: 3, EAP TLS Challenge
> Fri Jan 9 14:13:55 2004: DEBUG: Access challenged for
> a.lopez at amuse_tls.nl: EAP TLS Challenge
> Fri Jan 9 14:13:55 2004: DEBUG: Packet dump:
> *** Sending to 131.155.193.92 port 1035 ....
> Code: Access-Challenge
> Identifier: 5
> Authentic:
> <233>,<246><157>.<209><178><150><24>8<255><25><185><151><30><161>
> Attributes:
> EAP-Message = <1><1><0><6><13>
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>
> Fri Jan 9 14:13:55 2004: DEBUG: Packet dump:
> *** Received from 131.155.193.92 port 1036 ....
> Code: Access-Request
> Identifier: 6
> Authentic:
> <247><214><254><245><146>p<189><133><221><24><183><178><177>:<11><192>
> Attributes:
> User-Name = "a.lopez at amuse_tls.nl"
> NAS-IP-Address = 131.155.193.92
> Called-Station-Id = "004096310d73"
> Calling-Station-Id = "00022d0292be"
> NAS-Identifier = "ap340-2"
> NAS-Port = 29
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-IEEE-802-11
> EAP-Message =
>
<2><1><0>n<13><128><0><0><0>d<22><3><1><0>_<1><0><0>[<3><1>?<254><169><2
> 37>k<233><229>|<206>I<248><166>
>
U<25><208><130>M<237><229><188><218><152><210><187>Y<9><219><172><139><2
> 28><141><22><0><0>4<0>9<0>8<0>5<0><22><0><19><0><10><
>
0>3<0>2<0>/<0>f<0><5><0><4><0>c<0>b<0>a<0><21><0><18><0><9><0>e<0>d<0>`<
> 0><20><0><17><0><8><0><6><0><3><1><0>
>
> Message-Authenticator =
> <15><180><202><136><208>;<153>Q<224><29>}Z<243>K<7><21>
>
> Fri Jan 9 14:13:55 2004: DEBUG: Handling request with Handler
> 'Realm=amuse_tls.nl'
> Fri Jan 9 14:13:55 2004: DEBUG: Deleting session for
> a.lopez at amuse_tls.nl, 131.155.193.92, 29
> Fri Jan 9 14:13:55 2004: DEBUG: Handling with Radius::AuthFILE:
> Fri Jan 9 14:13:55 2004: DEBUG: Handling with EAP: code 2, 1, 110
> Fri Jan 9 14:13:55 2004: DEBUG: Response type 13
> Fri Jan 9 14:13:55 2004: DEBUG: EAP result: 3, EAP TLS Challenge
> Fri Jan 9 14:13:55 2004: DEBUG: Access challenged for
> a.lopez at amuse_tls.nl: EAP TLS Challenge
> Fri Jan 9 14:13:55 2004: DEBUG: Packet dump:
> *** Sending to 131.155.193.92 port 1036 ....
> Code: Access-Challenge
> Identifier: 6
> Authentic:
> <247><214><254><245><146>p<189><133><221><24><183><178><177>:<11><192>
> Attributes:
> EAP-Message =
>
<1><2><4><10><13><192><0><0><8><2><22><3><1><0>J<2><0><0>F<3><1>?<254><1
> 69><19><213><19>s<234><181><128
>
> ><253>3~<204><146><134>{y<237>Za<171>y.<252>Z<135>j<138><212>I<199>
>
> <159><17>)5<217><156><183><213>Z<136><193><137><175>DTMHa
>
<129><166><242>!y<146><229>VQ<189>+<183><153><30><0>5<0><22><3><1><6><23
> 3><11><0><6><229><0><6><226><0><2><243>0<130><2><239>
>
0<130><2>X<160><3><2><1><2><2><1><1>0<13><6><9>*<134>H<134><247><13><1><
> 1><4><5><0>0<129><174>1<11>0<9><6><3>U<4><6><19><2>NL
>
1<20>0<18><6><3>U<4><8><19><11>Netherlands1<18>0<16><6><3>U<4><7><19><9>
> Eindhoven1*0(<6><3>U<4><10><19>!Technische Universite it
> Eindhoven1<16>0<14><6><3>U<4><11><19><7>TTE-E
>
> EAP-Message =
>
CO1<24>0<22><6><3>U<4><3><20><15>silmarillion_ca1<29>0<27><6><9>*<134>H<
> 134><247><13><1><9><1><22><14>a
>
.lopez at tue.nl0<30><23><13>031219130601Z<23><13>041218130601Z0<129><178>1
> <11>0<9><6><3>U<4><6><19><2>NL1<20>0<18><6><3>U<4><8>
>
<19><11>Netherlands1<18>0<16><6><3>U<4><7><19><9>Eindhoven1*0(<6><3>U<4>
> <10><19>!Technische Universiteit Eindhoven1<16>0<14><
>
6><3>U<4><11><19><7>TTE-ECO1<28>0<26><6><3>U<4><3><20><19>server_silmari
> llion1<29>0<27><6><9>*<134>H<134><247><13>
>
> EAP-Message =
>
<1><9><1><22><14>a.lopez at tue.nl0<129><159>0<13><6><9>*<134>H<134><247><1
> 3><1><1><1><5><0><3><129><141><
>
0>0<129><137><2><129><129><0><193><217>kQ<132>a<147>7#=&O<172><238><149>
> <188><28><172><133>E*<187><143><172>KP!<194>T<253><23
>
0>Y<222>r<11><20><22>(<214>o<<166><171><173><186>'<185>YW<19><255><14>zS
> <231>'B<156>U<239><27>TW<159>;<160><134><255>\<164><1
>
52>s<155><144><250><28>n<11>}-<129><8><197><191><214><172>{<241><142><12
>
> ><163><159>tFg<197>,tQ<20>x<144>_<211>^<31><216><200>
>
>
}<200>><129>E<210><135><29><232><1><192>&<146><140><247>K%7<236><167><2>
> <3><1><0><1><163><23>0<21>0<19><6><3>U<29>%<4><12>0<1
>
0><6><8>+<6><1><5><5><7><3><1>0<13><6><9>*<134>H<134><247><13><1><1><4><
> 5><0><3><129><129><0><161>y<206><242><182><178><154><
>
15><16><181>E<181><142>.<189><249><223><161>;<174><211><148>._<7>M<240><
> 222>
>
> EAP-Message =
>
<193>X<144><148><172><133><236><226><141><14><132>Z><147><164><21>?j:4\E
> <6><235>C<141><245><203>p<31><1
>
64><174>4<156>7<135><19><226>(]<128>#<29><199>C<245><154>8<141>_<133><31
>
> ><182><144>m<19>D<199>l<255><159><170>8*<240><249>"<2
>
>
53><11><25><148><248><175>K!<247><144><253><241>Wc<186>K\<236><30><242><
> 185><238>E<128>K+t<154>@<254>.o<238><0><3><233>0<130>
>
<3><229>0<130><3>N<160><3><2><1><2><2><1><0>0<13><6><9>*<134>H<134><247>
> <13><1><1><4><5><0>0<129><174>1<11>0<9><6><3>U<4><6><
>
19><2>NL1<20>0<18><6><3>U<4><8><19><11>Netherlands1<18>0<16><6><3>U<4><7
>
> ><19><9>Eindhoven1*0(<6><3>U<4><10><19>!Technische Un iversiteit
>
> Eindhoven1<16>0<14><6><3>U<4><11><19><7>TTE-EC
>
> EAP-Message = O1<24>0<22><6><3>U<4><3><20><15>silmarilli
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>
> Fri Jan 9 14:13:55 2004: DEBUG: Packet dump:
> *** Received from 131.155.193.92 port 1037 ....
> Code: Access-Request
> Identifier: 7
> Authentic: <9><24>`J<194><160>r<201><144><137><175>K<151>#<166><171>
> Attributes:
> User-Name = "a.lopez at amuse_tls.nl"
> NAS-IP-Address = 131.155.193.92
> Called-Station-Id = "004096310d73"
> Calling-Station-Id = "00022d0292be"
> NAS-Identifier = "ap340-2"
> NAS-Port = 29
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-IEEE-802-11
> EAP-Message = <2><2><0><6><13><0>
> Message-Authenticator =
> <161><189><171><156><137><205><200><159><215>:Y<142>U<23><140>z
>
> Fri Jan 9 14:13:55 2004: DEBUG: Handling request with Handler
> 'Realm=amuse_tls.nl'
> Fri Jan 9 14:13:55 2004: DEBUG: Deleting session for
> a.lopez at amuse_tls.nl, 131.155.193.92, 29
> Fri Jan 9 14:13:55 2004: DEBUG: Handling with Radius::AuthFILE:
> Fri Jan 9 14:13:55 2004: DEBUG: Handling with EAP: code 2, 2, 6
> Fri Jan 9 14:13:55 2004: DEBUG: Response type 13
> Fri Jan 9 14:13:55 2004: DEBUG: EAP result: 3, EAP TLS Challenge
> Fri Jan 9 14:13:55 2004: DEBUG: Access challenged for
> a.lopez at amuse_tls.nl: EAP TLS Challenge
> Fri Jan 9 14:13:55 2004: DEBUG: Packet dump:
> *** Sending to 131.155.193.92 port 1037 ....
> Code: Access-Challenge
> Identifier: 7
> Authentic: <9><24>`J<194><160>r<201><144><137><175>K<151>#<166><171>
> Attributes:
> EAP-Message =
>
<1><3><4><6><13>@on_ca1<29>0<27><6><9>*<134>H<134><247><13><1><9><1><22>
> <14>a.lopez at tue.nl0<30><23><13>
>
031219130528Z<23><13>040118130528Z0<129><174>1<11>0<9><6><3>U<4><6><19><
> 2>NL1<20>0<18><6><3>U<4><8><19><11>Netherlands1<18>0<
> 16><6><3>U<4><7><19><9>Eindhoven1*0(<6><3>U<4><10><19>!Technische
> Universiteit Eindhoven1<16>0<14><6><3>U<4><11><19><7>TTE-EC
>
O1<24>0<22><6><3>U<4><3><20><15>silmarillion_ca1<29>0<27><6><9>*<134>H<1
> 34><247><13><1><9><1><22><14>a.lopez at tue.nl0<129>
>
> EAP-Message =
>
<159>0<13><6><9>*<134>H<134><247><13><1><1><1><5><0><3><129><141><0>0<12
> 9><137><2><129><129><0><196>*<1
>
35><211><234><210><150>7]<165><209><242><129><29>v<163><12>p<215>h<139><
> 172><234>o<179><227><205><159>^><207><165><182><1>7<1
>
53>cw<247><236><248>|<194><163>"<220>>K&<167><1><137>UD<8><21>@<157><0>L
> <255><174><215><205>Aa%K<1>n<193>1<249>{(<152><199>`<
>
205><133>Y|XI}<1><225>F<167><19><219>q<9>T<140><176><10><14>"@<17><132><
> 184><14>+1<231>P<23><241>M<239><151><8><178><154><228
>
>
><181><170><150><228>d<235><145>HL<186><181><2><3><1><0><1><163><130><1>
>
> <15>0<130><1><11>0<29><6><3>U<29><14><4><22><4><20>\-
>
<136><218><218><244>N<178><10><165><225>t<170><150>2L<178>T<20>u0<129><2
> 19><6><3>U<29>#<4><129><211>0<129><208><128><20>\-<13
>
6><218><218><244>N<178><10><165><225>t<170><150>2L<178>T<20>u<161><129><
> 180><164><129><177>0<129><174>1<11>0<9><6><3>U<4><6>
>
> EAP-Message =
>
<19><2>NL1<20>0<18><6><3>U<4><8><19><11>Netherlands1<18>0<16><6><3>U<4><
> 7><19><9>Eindhoven1*0(<6><3>U<4 ><10><19>!Technische Universiteit
>
Eindhoven1<16>0<14><6><3>U<4><11><19><7>TTE-ECO1<24>0<22><6><3>U<4><3><2
> 0><15>silmarillion_
>
ca1<29>0<27><6><9>*<134>H<134><247><13><1><9><1><22><14>a.lopez at tue.nl<1
> 30><1><0>0<12><6><3>U<29><19><4><5>0<3><1><1><255>0<1
>
3><6><9>*<134>H<134><247><13><1><1><4><5><0><3><129><129><0>ib<160><147>
> <199><198><180><186><165>8<215><161><160><203>h<228><
>
255><204><166><247><143><231>,fy+<25><193><229>z<176>F<168><196><7><131>
> n<138><138>RJTD<25>S<156><172><241>?<182><191><158>
>
> EAP-Message =
>
<191><5><11>tl{<237>wtcMLy)H<144>k<192>5q~<178><225><212><17>7<153><152>
> <154><29><148><3><137>7<158>Z<1
>
75>"<232><192><213><233><190><20><1><204><215><20><160><255><209><213><2
> 5>~<242>7N<133><180>8r<215>F<226><13><131><165><192>|
>
<210><137><147><247><151><181><248><22><3><1><0><192><13><0><0><184><2><
> 1><2><0><179><0><177>0<129><174>1<11>0<9><6><3>U<4><6
>
>
><19><2>NL1<20>0<18><6><3>U<4><8><19><11>Netherlands1<18>0<16><6><3>U<4>
>
> <7><19><9>Eindhoven1*0(<6><3>U<4><10><19>!Technische Universiteit
>
Eindhoven1<16>0<14><6><3>U<4><11><19><7>TTE-ECO1<24>0<22><6><3>U<4><3><2
> 0><15>silmarillion_ca1<29>0<27><6><9>*<1 34>H<134><247><13><1><9><1>
>
> EAP-Message = <22><14>a.lopez at tue.nl<14><0>
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>
> Fri Jan 9 14:13:56 2004: DEBUG: Packet dump:
> *** Received from 131.155.193.92 port 1038 ....
> Code: Access-Request
> Identifier: 8
> Authentic:
> <142><21><200><145><176><24><188>RO<193><246>~<188><15><<172>
> Attributes:
> User-Name = "a.lopez at amuse_tls.nl"
> NAS-IP-Address = 131.155.193.92
> Called-Station-Id = "004096310d73"
> Calling-Station-Id = "00022d0292be"
> NAS-Identifier = "ap340-2"
> NAS-Port = 29
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-IEEE-802-11
> EAP-Message = <2><3><0><6><13><0>
> Message-Authenticator =
> W<223>2<136>><153><160>a<172><173>H<15><226><148><237>I
>
> Fri Jan 9 14:13:56 2004: DEBUG: Handling request with Handler
> 'Realm=amuse_tls.nl'
> Fri Jan 9 14:13:56 2004: DEBUG: Deleting session for
> a.lopez at amuse_tls.nl, 131.155.193.92, 29
> Fri Jan 9 14:13:56 2004: DEBUG: Handling with Radius::AuthFILE:
> Fri Jan 9 14:13:56 2004: DEBUG: Handling with EAP: code 2, 3, 6
> Fri Jan 9 14:13:56 2004: DEBUG: Response type 13
> Fri Jan 9 14:13:56 2004: DEBUG: EAP result: 3, EAP TLS Challenge
> Fri Jan 9 14:13:56 2004: DEBUG: Access challenged for
> a.lopez at amuse_tls.nl: EAP TLS Challenge
> Fri Jan 9 14:13:56 2004: DEBUG: Packet dump:
> *** Sending to 131.155.193.92 port 1038 ....
> Code: Access-Challenge
> Identifier: 8
> Authentic:
> <142><21><200><145><176><24><188>RO<193><246>~<188><15><<172>
> Attributes:
> EAP-Message = <1><4><0><8><13><0><0><0>
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>
> Fri Jan 9 14:13:56 2004: DEBUG: Packet dump:
> *** Received from 131.155.193.92 port 1039 ....
> Code: Access-Request
> Identifier: 9
> Authentic: f<249><168><236><130>%<167>t<252>N<198>K<2><247>Y<11>
> Attributes:
> User-Name = "a.lopez at amuse_tls.nl"
> NAS-IP-Address = 131.155.193.92
> Called-Station-Id = "004096310d73"
> Calling-Station-Id = "00022d0292be"
> NAS-Identifier = "ap340-2"
> NAS-Port = 29
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-IEEE-802-11
> EAP-Message = <2><4><0><6><13><0>
> Message-Authenticator =
> <169><132>%h<239><217><5>!<197><239>pU<154><179>jx
>
> Fri Jan 9 14:13:56 2004: DEBUG: Handling request with Handler
> 'Realm=amuse_tls.nl'
> Fri Jan 9 14:13:56 2004: DEBUG: Deleting session for
> a.lopez at amuse_tls.nl, 131.155.193.92, 29
> Fri Jan 9 14:13:56 2004: DEBUG: Handling with Radius::AuthFILE:
> Fri Jan 9 14:13:56 2004: DEBUG: Handling with EAP: code 2, 4, 6
> Fri Jan 9 14:13:56 2004: DEBUG: Response type 13
> Fri Jan 9 14:13:56 2004: DEBUG: EAP result: 2, EAP TLS Nothing to
read
> or write
> Fri Jan 9 14:13:57 2004: DEBUG: Packet dump:
> *** Received from 131.155.193.92 port 1039 ....
> Code: Access-Request
> Identifier: 9
> Authentic: f<249><168><236><130>%<167>t<252>N<198>K<2><247>Y<11>
> Attributes:
> User-Name = "a.lopez at amuse_tls.nl"
> NAS-IP-Address = 131.155.193.92
> Called-Station-Id = "004096310d73"
> Calling-Station-Id = "00022d0292be"
> NAS-Identifier = "ap340-2"
> NAS-Port = 29
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-IEEE-802-11
> EAP-Message = <2><4><0><6><13><0>
> Message-Authenticator =
> <169><132>%h<239><217><5>!<197><239>pU<154><179>jx
>
> Fri Jan 9 14:13:57 2004: INFO: Duplicate request id 9 received from
> 131.155.193.92(1039): ignored
> Fri Jan 9 14:13:58 2004: DEBUG: Packet dump:
> *** Received from 131.155.193.92 port 1039 ....
> Code: Access-Request
> Identifier: 9
> Authentic: f<249><168><236><130>%<167>t<252>N<198>K<2><247>Y<11>
> Attributes:
> User-Name = "a.lopez at amuse_tls.nl"
> NAS-IP-Address = 131.155.193.92
> Called-Station-Id = "004096310d73"
> Calling-Station-Id = "00022d0292be"
> NAS-Identifier = "ap340-2"
> NAS-Port = 29
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-IEEE-802-11
> EAP-Message = <2><4><0><6><13><0>
> Message-Authenticator =
> <169><132>%h<239><217><5>!<197><239>pU<154><179>jx
>
> Fri Jan 9 14:13:58 2004: DEBUG: Handling request with Handler
> 'Realm=amuse_tls.nl'
> Fri Jan 9 14:13:58 2004: DEBUG: Deleting session for
> a.lopez at amuse_tls.nl, 131.155.193.92, 29
> Fri Jan 9 14:13:58 2004: DEBUG: Handling with Radius::AuthFILE:
> Fri Jan 9 14:13:58 2004: DEBUG: Handling with EAP: code 2, 4, 6
> Fri Jan 9 14:13:58 2004: DEBUG: Response type 13
> Fri Jan 9 14:13:58 2004: DEBUG: EAP result: 2, EAP TLS Nothing to
read
> or write
> Fri Jan 9 14:13:59 2004: DEBUG: Packet dump:
> *** Received from 131.155.193.92 port 1039 ....
> Code: Access-Request
> Identifier: 9
> Authentic: f<249><168><236><130>%<167>t<252>N<198>K<2><247>Y<11>
> Attributes:
> User-Name = "a.lopez at amuse_tls.nl"
> NAS-IP-Address = 131.155.193.92
> Called-Station-Id = "004096310d73"
> Calling-Station-Id = "00022d0292be"
> NAS-Identifier = "ap340-2"
> NAS-Port = 29
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-IEEE-802-11
> EAP-Message = <2><4><0><6><13><0>
> Message-Authenticator =
> <169><132>%h<239><217><5>!<197><239>pU<154><179>jx
>
> Fri Jan 9 14:13:59 2004: INFO: Duplicate request id 9 received from
> 131.155.193.92(1039): ignored
> Fri Jan 9 14:14:00 2004: DEBUG: Packet dump:
> *** Received from 131.155.193.92 port 1039 ....
> Code: Access-Request
> Identifier: 9
> Authentic: f<249><168><236><130>%<167>t<252>N<198>K<2><247>Y<11>
> Attributes:
> User-Name = "a.lopez at amuse_tls.nl"
> NAS-IP-Address = 131.155.193.92
> Called-Station-Id = "004096310d73"
> Calling-Station-Id = "00022d0292be"
> NAS-Identifier = "ap340-2"
> NAS-Port = 29
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-IEEE-802-11
> EAP-Message = <2><4><0><6><13><0>
> Message-Authenticator =
> <169><132>%h<239><217><5>!<197><239>pU<154><179>jx
>
> Fri Jan 9 14:14:00 2004: DEBUG: Handling request with Handler
> 'Realm=amuse_tls.nl'
> Fri Jan 9 14:14:00 2004: DEBUG: Deleting session for
> a.lopez at amuse_tls.nl, 131.155.193.92, 29
> Fri Jan 9 14:14:00 2004: DEBUG: Handling with Radius::AuthFILE:
> Fri Jan 9 14:14:00 2004: DEBUG: Handling with EAP: code 2, 4, 6
> Fri Jan 9 14:14:00 2004: DEBUG: Response type 13
> Fri Jan 9 14:14:00 2004: DEBUG: EAP result: 2, EAP TLS Nothing to
read
> or write
> Fri Jan 9 14:14:01 2004: DEBUG: Packet dump:
> *** Received from 131.155.193.92 port 1039 ....
> Code: Access-Request
> Identifier: 9
> Authentic: f<249><168><236><130>%<167>t<252>N<198>K<2><247>Y<11>
> Attributes:
> User-Name = "a.lopez at amuse_tls.nl"
> NAS-IP-Address = 131.155.193.92
> Called-Station-Id = "004096310d73"
> Calling-Station-Id = "00022d0292be"
> NAS-Identifier = "ap340-2"
> NAS-Port = 29
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-IEEE-802-11
> EAP-Message = <2><4><0><6><13><0>
> Message-Authenticator =
> <169><132>%h<239><217><5>!<197><239>pU<154><179>jx
>
> Fri Jan 9 14:14:01 2004: INFO: Duplicate request id 9 received from
> 131.155.193.92(1039): ignored
> Fri Jan 9 14:14:02 2004: DEBUG: Packet dump:
> *** Received from 131.155.193.92 port 1039 ....
> Code: Access-Request
> Identifier: 9
> Authentic: f<249><168><236><130>%<167>t<252>N<198>K<2><247>Y<11>
> Attributes:
> User-Name = "a.lopez at amuse_tls.nl"
> NAS-IP-Address = 131.155.193.92
> Called-Station-Id = "004096310d73"
> Calling-Station-Id = "00022d0292be"
> NAS-Identifier = "ap340-2"
> NAS-Port = 29
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-IEEE-802-11
> EAP-Message = <2><4><0><6><13><0>
> Message-Authenticator =
> <169><132>%h<239><217><5>!<197><239>pU<154><179>jx
>
> Fri Jan 9 14:14:02 2004: DEBUG: Handling request with Handler
> 'Realm=amuse_tls.nl'
> Fri Jan 9 14:14:02 2004: DEBUG: Deleting session for
> a.lopez at amuse_tls.nl, 131.155.193.92, 29
> Fri Jan 9 14:14:02 2004: DEBUG: Handling with Radius::AuthFILE:
> Fri Jan 9 14:14:02 2004: DEBUG: Handling with EAP: code 2, 4, 6
> Fri Jan 9 14:14:02 2004: DEBUG: Response type 13
> Fri Jan 9 14:14:02 2004: DEBUG: EAP result: 2, EAP TLS Nothing to
read
> or write
> Fri Jan 9 14:14:03 2004: DEBUG: Packet dump:
> *** Received from 131.155.193.92 port 1039 ....
> Code: Access-Request
> Identifier: 9
> Authentic: f<249><168><236><130>%<167>t<252>N<198>K<2><247>Y<11>
> Attributes:
> User-Name = "a.lopez at amuse_tls.nl"
> NAS-IP-Address = 131.155.193.92
> Called-Station-Id = "004096310d73"
> Calling-Station-Id = "00022d0292be"
> NAS-Identifier = "ap340-2"
> NAS-Port = 29
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-IEEE-802-11
> EAP-Message = <2><4><0><6><13><0>
> Message-Authenticator =
> <169><132>%h<239><217><5>!<197><239>pU<154><179>jx
>
> Fri Jan 9 14:14:03 2004: INFO: Duplicate request id 9 received from
> 131.155.193.92(1039): ignored
> Fri Jan 9 14:14:04 2004: DEBUG: Packet dump:
> *** Received from 131.155.193.92 port 1039 ....
> Code: Access-Request
> Identifier: 9
> Authentic: f<249><168><236><130>%<167>t<252>N<198>K<2><247>Y<11>
> Attributes:
> User-Name = "a.lopez at amuse_tls.nl"
> NAS-IP-Address = 131.155.193.92
> Called-Station-Id = "004096310d73"
> Calling-Station-Id = "00022d0292be"
> NAS-Identifier = "ap340-2"
> NAS-Port = 29
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-IEEE-802-11
> EAP-Message = <2><4><0><6><13><0>
> Message-Authenticator =
> <169><132>%h<239><217><5>!<197><239>pU<154><179>jx
>
> Fri Jan 9 14:14:04 2004: DEBUG: Handling request with Handler
> 'Realm=amuse_tls.nl'
> Fri Jan 9 14:14:04 2004: DEBUG: Deleting session for
> a.lopez at amuse_tls.nl, 131.155.193.92, 29
> Fri Jan 9 14:14:04 2004: DEBUG: Handling with Radius::AuthFILE:
> Fri Jan 9 14:14:04 2004: DEBUG: Handling with EAP: code 2, 4, 6
> Fri Jan 9 14:14:04 2004: DEBUG: Response type 13
> Fri Jan 9 14:14:04 2004: DEBUG: EAP result: 2, EAP TLS Nothing to
read
> or write
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
--
Mike McCauley mikem at open.com.au
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia
http://www.open.com.au
Phone +61 7 5598-7474 Fax +61 7 5598-7070
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP etc on Unix, Windows, MacOS etc.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list