(RADIATOR) Help me with 802.1x on AlliedTelesyn switch please

Pavel Paprok ppaprok at applet.cz
Fri Jan 30 15:18:06 CST 2004


Mike McCauley wrote:

>Hello Pavel,
>
>I cant tell exactly what the problem is at this stage. It would help if you 
>sent more of the Radiator log file, since the part you sent only covers the 
>beginning of the authentication process. 
>  
>
hallo,
in this message i replaced old logs by new created logs - a bit longer....
my config was still exactly same except MaxFragmentSize reduced to 800
but with no effect.

also i add log from successfull 802.1x connection to other switch - 
HPProCurve
- for compare - from exactly same radiator server and xsupplicant 
station, HP switch
only on different ip. these logs are on end of this message if you want 
to see...

>Since your Radiator works with other APs and the same clients, and since this 
>AP is supposed to work with FreeRadius, you might consider reducing the size 
>of EAPTLS_MaxFragmentSize to less than 1024, try say 1000 or 800?
>
of course, i try all possible values of this parameter from 512 to 4k 
but no advance...

bye,
pavel

>
>Cheers.
>
>On Fri, 30 Jan 2004 04:38 am, Pavel Paprok wrote:
>  
>
>>Hallo,
>>
>>I just trying to authorise ethernet ports on manageable switch
>>Allied Telesyn AT-8012M (latest software AT-S39, v3.2.0)
>>with enabled 802.1x by EAP/PEAP/MSCHAPv2.
>>radius is Radiator v3.8 one server licensed, system is RedHat9.
>>supplicant is latest xsupplicant (v0.8b) but with native
>>WinXP clients auth do not work too.
>>certificates are from test suite of radiator.
>>
>>there should be no general error in my radiator configuration because
>>exactly same 802.1x eap configuration with ports of other ethernet
>>switches we use, wired (HP Procurve 2412,...) or wireless AP (DLink,..)
>>works good (with same xsupplicants and WinXP 802.1x system clients).
>>
>>very basic radius configuration on Allied should be also ok because
>>when authorising of serial console account (manage prompt) from the radius
>>it works properly, but not on its ethernet ports thru 802.1x
>>eap/peapmschapv2.
>>(auth of its serial console from config below removed for simplicity)
>>
>>in manual of AlliedTelesyn switch wrotten that its 802.1x was tested with
>>WinXP clients and FreeRadius radius server - but Radiator should
>>be in 802.1x better, are so?
>>
>>Please help, what should I try next to get it run?
>>
>>thanks,
>>Pavel
>>
>>--------------------------------------------------------------
>>here is log from x supplicant:
>>
>>    
>>
[root at pp2 root]# xsupplicant -i eth1 -d 5
Calling do_eapol, with device eth1
Setup on device eth1 complete
(EAPMD5) Initalized
(EAPMS-CHAP) Initalized
Done with init.
Sending EAPOL-Start #1
## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
ACQUIRED
## eap_decode_packet ##: Got an EAP failure
Failed to Authenticate
CONNECTING
## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
ACQUIRED
## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
## eap_decode_packet ##: Got an EAP request
### Type is 25, length: 6
Loading certificate /etc/1x/certs/CAroot.pem . . .
(TLS)Loaded root certificate /etc/1x/certs/CAroot.pem and dirctory (null)
     --- SSL : before/connect initialization
     --- SSL : before/connect initialization
     --- SSL : SSLv3 write client hello A
     --- SSL : SSLv3 read server hello A
Destination : 1:80:c2:0:0:3
AUTHENTICATING


...here it stay  ~ 20 .. 30 sec


## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
ACQUIRED


... here it stay again ~ 20 sec


## eap_decode_packet ##: Got an EAP failure
Failed to Authenticate
CONNECTING
## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
ACQUIRED
## eap_decode_packet ##: Got an EAP failure
Failed to Authenticate
CONNECTING
## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
ACQUIRED
## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
## eap_decode_packet ##: Got an EAP failure
Failed to Authenticate
CONNECTING
## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
ACQUIRED
## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
## eap_decode_packet ##: Got an EAP request
### Type is 25, length: 6
     --- SSL : SSLv3 read server hello A
Destination : 1:80:c2:0:0:3
AUTHENTICATING
(EAPMD5) Cleaning up.
(EAPMS-CHAP) Cleaning up.
[root at pp2 root]#

... end was because i stopped xsupplicant


LOG FROM RADIATOR:


Fri Jan 30 21:10:23 2004: DEBUG: Reading users file 
/etc/radiator/outerEAPusers
Fri Jan 30 21:10:23 2004: DEBUG: Finished reading configuration file 
'/etc/radiator/radius.cfg'
Fri Jan 30 21:10:23 2004: DEBUG: Reading dictionary file 
'/etc/radiator/dictionary'
Fri Jan 30 21:10:23 2004: DEBUG: Creating authentication port 0.0.0.0:1812
Fri Jan 30 21:10:23 2004: DEBUG: Creating accounting port 0.0.0.0:1813
Fri Jan 30 21:10:23 2004: NOTICE: Server started: Radiator 3.8 on 
data.applet.cz
Fri Jan 30 21:10:28 2004: DEBUG: Packet dump:
*** Received from a.b.c.d port 516 ....
Code:       Access-Request
Identifier: 49
Authentic:  <136><150><30>Q<236><19><188>m<146><31><142>Jg<160><209>7
Attributes:
        User-Name = "wifi"
        NAS-IP-Address = a.b.c.d
        NAS-Port = 3
        Called-Station-Id = "00:0C:46:22:71:20"
        Calling-Station-Id = "00:30:4F:20:F1:54"
        Framed-MTU = 1400
        NAS-Port-Type = Ethernet
        Connect-Info = "100Mbps"
        EAP-Message = <2><164><0><9><1>wifi
        Message-Authenticator = 
<199><156>a<169>2y'<242><187><201>@*'<187><10>r

Fri Jan 30 21:10:28 2004: DEBUG: Handling request with Handler ''
Fri Jan 30 21:10:28 2004: DEBUG:  Deleting session for wifi, a.b.c.d, 3
Fri Jan 30 21:10:28 2004: DEBUG: Handling with Radius::AuthFILE:
Fri Jan 30 21:10:28 2004: DEBUG: Handling with EAP: code 2, 164, 9
Fri Jan 30 21:10:28 2004: DEBUG: Response type 1
Fri Jan 30 21:10:28 2004: DEBUG: EAP result: 3, EAP PEAP Challenge
Fri Jan 30 21:10:28 2004: DEBUG: Access challenged for wifi: EAP PEAP 
Challenge
Fri Jan 30 21:10:28 2004: DEBUG: Packet dump:
*** Sending to a.b.c.d port 516 ....
Code:       Access-Challenge
Identifier: 49
Authentic:  <136><150><30>Q<236><19><188>m<146><31><142>Jg<160><209>7
Attributes:
        EAP-Message = <1><165><0><6><25>!
        Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>



Fri Jan 30 21:10:28 2004: DEBUG: Packet dump:
*** Received from a.b.c.d port 516 ....
Code:       Access-Request
Identifier: 51
Authentic:  X<28><138><228><24><18>jG<157><193><233><241><204><198>g7
Attributes:
        User-Name = "wifi"
        NAS-IP-Address = a.b.c.d
        NAS-Port = 3
        Called-Station-Id = "00:0C:46:22:71:20"
        Calling-Station-Id = "00:30:4F:20:F1:54"
        Framed-MTU = 1400
        NAS-Port-Type = Ethernet
        Connect-Info = "100Mbps"
        EAP-Message = 
<2><165><0>n<25><129><0><0><0>d<22><3><1><0>_<1><0><0>[<3><1>@<26><186>8F<6><177><135><208><190><148><254><[<248>j<10><17><201><139><8><189><161><227><22><145>u8<133>)<163><175><0><0>4<0>9<0>8<0>5<0><22><0><19><0><10><0>3<0>2<0>/<0>f<0><5><0><4><0>c<0>b<0>a<0><21><0><18><0><9><0>e<0>d<0>`<0><20><0><17><0><8><0><6><0><3><1><0>
        Message-Authenticator = 
^<132><22><142>M<235>j<152><24><234><153><184>z<17><19><210>

Fri Jan 30 21:10:28 2004: DEBUG: Handling request with Handler ''
Fri Jan 30 21:10:28 2004: DEBUG:  Deleting session for wifi, a.b.c.d, 3
Fri Jan 30 21:10:28 2004: DEBUG: Handling with Radius::AuthFILE:
Fri Jan 30 21:10:28 2004: DEBUG: Handling with EAP: code 2, 165, 110
Fri Jan 30 21:10:28 2004: DEBUG: Response type 25
Fri Jan 30 21:10:28 2004: DEBUG: EAP TLS SSL_accept result: -1, 2, 8576
Fri Jan 30 21:10:28 2004: DEBUG: EAP result: 3, EAP PEAP Challenge
Fri Jan 30 21:10:28 2004: DEBUG: Access challenged for wifi: EAP PEAP 
Challenge
Fri Jan 30 21:10:28 2004: DEBUG: Packet dump:
*** Sending to a.b.c.d port 516 ....
Code:       Access-Challenge
Identifier: 51
Authentic:  X<28><138><228><24><18>jG<157><193><233><241><204><198>g7
Attributes:
        EAP-Message = 
<1><166><3>*<25><193><0><0><8>P<22><3><1><0>J<2><0><0>F<3><1>@<26><186>4h|<243>I<135><247><152><140><127>\C\<207><201><240><247><128>N<205><186><136>t<204><214><204>pcX 
<211>{i<254><0><146>GEIt<197>s<134><164>WE3I<229>E<128><231><15>f]J<28><161><196><222><193>Y<0>5<0><22><3><1><7><27><11><0><7><23><0><7><20><0><2><209>0<130><2><205>0<130><2>6<160><3><2><1><2><2><1><2>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC 
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate Sec
        EAP-Message = tion1/0-<6><3>U<4><3><19>&OSC Test CA (do not use 
in production)1 
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30><23><13>030227061500Z<23><13>040227061500Z0u1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<24>0<22><6><3>U<4><10><19><15>My 
Test 
Company1%0#<6><3>U<4><3><19><28>test.server.some.company.com0<129><159>0<13><6><9>*<134>H<134><247><13><1><1>
        EAP-Message = 
<1><5><0><3><129><141><0>0<129><137><2><129><129><0><196><186>)<217><245><205><159>@<144><133><177><255>0<165><3><215>cGR<136><231><253>9<193><13><255>m@<220>y^<160><244><236>Sa'<198>^<231><158>4<156>"<242>IS<151><30><211>$<142><196>!}R<146><166><129>yh<17><162><207><196><0><171>5s<187><229><139>2<250><146><1><187><207><226><203>5<251><178><1><212><178><141><219>O<253><134><213>N|<172>:J<23><173><161><191><141><25>&<198>Fi<17><181><137>Fy<0><177><210><215><186>x<141><197><212>s<145><235>\<164><8>!<2><3><1><0><1><163><23>0<21>0<19><6><3>U<29>%<4><12>0<10><6><8>+<6><1><5><5><7><3><1>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0><3><129><129><0><20>m<159><141><185><184><252><248><201>FM<195>PB(^<127>3<24><136><172><19><211><137><132>EF<170>9<236>^<187><146><253><171><200><183><230><148><142><21>_<9>^<227><10>3<162><186><214><206><197>Tq<219><4>r<239>?<1><16><203>
        EAP-Message = 
T<0><161>wm<173>S<4><0>)<141><209><<197>tT<228><150>P<156><22>^zes^<202>u<161><176>F3=<4><200><229><154>q<146><194>cy<23>z*o><219><28><206>t
        Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Fri Jan 30 21:11:29 2004: DEBUG: Packet dump:
*** Received from a.b.c.d port 516 ....
Code:       Access-Request
Identifier: 55
Authentic:  
<151><136><183><6><213>N<227><8><165><160><196>%<248><156><166><11>
Attributes:
        User-Name = "wifi"
        NAS-IP-Address = a.b.c.d
        NAS-Port = 3
        Called-Station-Id = "00:0C:46:22:71:20"
        Calling-Station-Id = "00:30:4F:20:F1:54"
        Framed-MTU = 1400
        NAS-Port-Type = Ethernet
        Connect-Info = "100Mbps"
        EAP-Message = <2><169><0><9><1>wifi
        Message-Authenticator = r<214>vt<240>y%<150>K^=-<241><191><<212>

Fri Jan 30 21:11:29 2004: DEBUG: Handling request with Handler ''
Fri Jan 30 21:11:29 2004: DEBUG:  Deleting session for wifi, a.b.c.d, 3
Fri Jan 30 21:11:29 2004: DEBUG: Handling with Radius::AuthFILE:
Fri Jan 30 21:11:29 2004: DEBUG: Handling with EAP: code 2, 169, 9
Fri Jan 30 21:11:29 2004: DEBUG: Response type 1
Fri Jan 30 21:11:29 2004: DEBUG: Resuming session for 
Radius::Context=HASH(0x857b140)

Fri Jan 30 21:11:29 2004: DEBUG: EAP result: 3, EAP PEAP Challenge
Fri Jan 30 21:11:29 2004: DEBUG: Access challenged for wifi: EAP PEAP 
Challenge
Fri Jan 30 21:11:29 2004: DEBUG: Packet dump:
*** Sending to a.b.c.d port 516 ....
Code:       Access-Challenge
Identifier: 55
Authentic:  
<151><136><183><6><213>N<227><8><165><160><196>%<248><156><166><11>
Attributes:
        EAP-Message = <1><170><0><6><25>!
        Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Fri Jan 30 21:11:29 2004: DEBUG: Packet dump:
*** Received from a.b.c.d port 516 ....
Code:       Access-Request
Identifier: 57
Authentic:  <6>x<9><127>$k<228>3P<<230><219>JH<183>v
Attributes:
        User-Name = "wifi"
        NAS-IP-Address = a.b.c.d
        NAS-Port = 3
        Called-Station-Id = "00:0C:46:22:71:20"
        Calling-Station-Id = "00:30:4F:20:F1:54"
        Framed-MTU = 1400
        NAS-Port-Type = Ethernet
        Connect-Info = "100Mbps"
        EAP-Message = <2><170><0><6><25><1>
        Message-Authenticator = u<242>THJ<214><131>,<17><195>$<9>c<19>*<174>

Fri Jan 30 21:11:29 2004: DEBUG: Handling request with Handler ''
Fri Jan 30 21:11:29 2004: DEBUG:  Deleting session for wifi, a.b.c.d, 3
Fri Jan 30 21:11:29 2004: DEBUG: Handling with Radius::AuthFILE:
Fri Jan 30 21:11:29 2004: DEBUG: Handling with EAP: code 2, 170, 6
Fri Jan 30 21:11:29 2004: DEBUG: Response type 25
Fri Jan 30 21:11:29 2004: DEBUG: EAP result: 2, EAP PEAP Nothing to read 
or write
Fri Jan 30 21:11:57 2004: NOTICE: SIGTERM received: stopping
        EAP-Message = <1><170><0><6><25>!
        Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Fri Jan 30 21:11:29 2004: DEBUG: Packet dump:
*** Received from a.b.c.d port 516 ....
Code:       Access-Request
Identifier: 57
Authentic:  <6>x<9><127>$k<228>3P<<230><219>JH<183>v
Attributes:
        User-Name = "wifi"
        NAS-IP-Address = a.b.c.d
        NAS-Port = 3
        Called-Station-Id = "00:0C:46:22:71:20"
        Calling-Station-Id = "00:30:4F:20:F1:54"
        Framed-MTU = 1400
        NAS-Port-Type = Ethernet
        Connect-Info = "100Mbps"
        EAP-Message = <2><170><0><6><25><1>
        Message-Authenticator = u<242>THJ<214><131>,<17><195>$<9>c<19>*<174>

Fri Jan 30 21:11:29 2004: DEBUG: Handling request with Handler ''
Fri Jan 30 21:11:29 2004: DEBUG:  Deleting session for wifi, a.b.c.d, 3
Fri Jan 30 21:11:29 2004: DEBUG: Handling with Radius::AuthFILE:
Fri Jan 30 21:11:29 2004: DEBUG: Handling with EAP: code 2, 170, 6
Fri Jan 30 21:11:29 2004: DEBUG: Response type 25
Fri Jan 30 21:11:29 2004: DEBUG: EAP result: 2, EAP PEAP Nothing to read 
or write
Fri Jan 30 21:11:57 2004: NOTICE: SIGTERM received: stopping
                                                                               


>>
>>---------------------------------------------------------------------------
>>---------------------------------- fragment of radiator config:
>>
>><Client a.b.c.d>
>>        Secret xxxxxx
>>        Identifier      8021xAllied
>></Client>
>><Handler Request-Type = Accounting-Request>
>>  <AuthBy SQL>
>>        DBSource        dbi:mysql:radiator
>>        DBUsername      radiator
>>        DBAuth          xxxxx
>>        # Just accounting, no auth
>>        IgnoreAuthentication
>>        AuthSelect
>>        AccountingTable inetaccounting
>>        AcctColumnDef   username,User-Name
>>        AcctColumnDef   time_stamp,Timestamp,integer
>>        AcctColumnDef   acctstatustype,Acct-Status-Type
>>        AcctColumnDef   acctinputoctets,Acct-Input-Octets,integer
>>        AcctColumnDef   acctoutputoctets,Acct-Output-Octets,integer
>>        AcctColumnDef   acctsessiontime,Acct-Session-Time,integer
>>        AcctColumnDef   acctterminatecause,Acct-Terminate-Cause
>>        AcctColumnDef   nasidentifier,NAS-Identifier
>>         AcctColumnDef   framedipaddress,Framed-IP-Address
>>    </AuthBy>
>></Handler>
>><Handler TunnelledByPEAP=1>
>>    <AuthBy SQL>
>>        DBSource        dbi:mysql:radiator
>>        DBUsername      radiator
>>        DBAuth          xxxxx
>>        AuthSelect select password from inetusers where \
>>             username = %0 and locked = 0
>>        EAPType MSCHAP-V2
>>   </AuthBy>
>></Handler>
>><Handler>
>>   <AuthBy FILE>
>>        # outer auth file, only anonymous inside
>>        Filename /etc/radiator/outerEAPusers
>>        EAPType PEAP
>>        EAPTLS_CAFile %D/certificates/demoCA/cacert.pem
>>        EAPTLS_CertificateFile %D/certificates/cert-srv.pem
>>        EAPTLS_CertificateType PEM
>>        EAPTLS_PrivateKeyFile %D/certificates/cert-srv.pem
>>        EAPTLS_PrivateKeyPassword whatever
>>        EAPTLS_MaxFragmentSize 1024
>>        SSLeayTrace 4    # 1=ciphers, 2=trace, 3=dump data
>>     </AuthBy>   # auth by file
>></Handler>
>>
>>
>>===
>>Archive at http://www.open.com.au/archives/radiator/
>>Announcements on radiator-announce at open.com.au
>>To unsubscribe, email 'majordomo at open.com.au' with
>>'unsubscribe radiator' in the body of the message.
>>    
>>
>
>  
>
---------------------------------------------------------------------------------------------------------

XSUPPLICANT LOG FROM SUCCESSFULL AUTH WITH HP:

[root at pp2 root]# xsupplicant -i eth1 -d 5
Calling do_eapol, with device eth1
Setup on device eth1 complete
(EAPMD5) Initalized
(EAPMS-CHAP) Initalized
Done with init.
Sending EAPOL-Start #1
## eap_decode_packet ##: Got an EAP request
## eap_decode_packet ##: Type is Identity
Connection Established, authenticating...
ACQUIRED
## eap_decode_packet ##: Got an EAP request
### Type is 25, length: 6
Loading certificate /etc/1x/certs/CAroot.pem . . .
(TLS)Loaded root certificate /etc/1x/certs/CAroot.pem and dirctory (null)
     --- SSL : before/connect initialization
     --- SSL : before/connect initialization
     --- SSL : SSLv3 write client hello A
     --- SSL : SSLv3 read server hello A
Destination : 1:80:c2:0:0:3
AUTHENTICATING
## eap_decode_packet ##: Got an EAP request
### Type is 25, length: 810
(EAPTTLS) Saved packet fragment.
Destination : 1:80:c2:0:0:3
## eap_decode_packet ##: Got an EAP request
### Type is 25, length: 806
(EAPTTLS) Saved packet fragment.
Destination : 1:80:c2:0:0:3
## eap_decode_packet ##: Got an EAP request
### Type is 25, length: 534
(TTLS) Saved final data fragment!
16 3 1 0 4a 2 0 0 46 3 1 40 1a bc 11 b6
     --- SSL : SSLv3 read server hello A
     --- SSL : SSLv3 read server certificate A
     --- SSL : SSLv3 read server certificate request A
     --- SSL : SSLv3 read server done A
     --- SSL : SSLv3 write client certificate A
     --- SSL : SSLv3 write client key exchange A
     --- SSL : SSLv3 write change cipher spec A
     --- SSL : SSLv3 write finished A
     --- SSL : SSLv3 flush data
     --- SSL : SSLv3 read finished A

Destination : 1:80:c2:0:0:3
## eap_decode_packet ##: Got an EAP request
### Type is 25, length: 69
(EAPTTLS) Saved packet fragment.
14 3 1 0 1 1 16 3 1 0 30 cb 44 49 2a cb
     --- SSL : SSLv3 read finished A
     --- SSL : SSL negotiation finished successfully
     --- SSL : SSL negotiation finished successfully
Destination : 1:80:c2:0:0:3
## eap_decode_packet ##: Got an EAP request
### Type is 25, length: 80
Destination : 1:80:c2:0:0:3
## eap_decode_packet ##: Got an EAP request
### Type is 25, length: 112
(EAPMS-CHAP) ID : 09
Username = wifi   --   Password = hifi
Destination : 1:80:c2:0:0:3
## eap_decode_packet ##: Got an EAP request
### Type is 25, length: 144
(EAPMS-CHAP) ID : 0a
Username = wifi   --   Password = hifi
Destination : 1:80:c2:0:0:3
## eap_decode_packet ##: Got an EAP request
### Type is 25, length: 80
Destination : 1:80:c2:0:0:3
## eap_decode_packet ##: Got an EAP success
Authentication Succeeded
AUTHENTICATED
Bingo!
LOGOFF
(EAPMD5) Cleaning up.
(EAPMS-CHAP) Cleaning up.
[root at pp2 root]#

... all process is ok and take 2 - 3 sec



RADIATOR LOG FROM SUCCESSFULL AUTH WITH HP:


Fri Jan 30 21:18:21 2004: DEBUG: Reading users file 
/etc/radiator/outerEAPusers
Fri Jan 30 21:18:21 2004: DEBUG: Finished reading configuration file 
'/etc/radiator/radius.cfg'
Fri Jan 30 21:18:21 2004: DEBUG: Reading dictionary file 
'/etc/radiator/dictionary'
Fri Jan 30 21:18:21 2004: DEBUG: Creating authentication port 0.0.0.0:1812
Fri Jan 30 21:18:21 2004: DEBUG: Creating accounting port 0.0.0.0:1813
Fri Jan 30 21:18:21 2004: NOTICE: Server started: Radiator 3.8 on 
data.applet.cz
Fri Jan 30 21:18:25 2004: DEBUG: Packet dump:
*** Received from e.f.g.h port 1027 ....
Code:       Access-Request
Identifier: 42
Authentic:  vw<228>M<2><19>PINo|<5>Z<139>h<129>
Attributes:
        Framed-MTU = 1480
        NAS-IP-Address = e.f.g.h
        NAS-Identifier = "APPLET FM2 pater"
        User-Name = "wifi"
        Service-Type = Framed-User
        Framed-Protocol = PPP
        NAS-Port = 13
        NAS-Port-Type = Ethernet
        NAS-Port-Id = "13"
        Called-Station-Id = "00-08-83-95-fb-ed"
        Calling-Station-Id = "00-30-4f-20-f1-54"
        Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
        Tunnel-Type = 0:VLAN
        Tunnel-Medium-Type = 0:802
        Tunnel-Private-Group-ID = 5
        EAP-Message = <2><2><0><9><1>wifi
        Message-Authenticator = <3>C/<3><150>{<164>5m(<148>a<147>h<135>;

Fri Jan 30 21:18:25 2004: DEBUG: Handling request with Handler ''
Fri Jan 30 21:18:25 2004: DEBUG:  Deleting session for wifi, e.f.g.h, 13
Fri Jan 30 21:18:25 2004: DEBUG: Handling with Radius::AuthFILE:
Fri Jan 30 21:18:25 2004: DEBUG: Handling with EAP: code 2, 2, 9
Fri Jan 30 21:18:25 2004: DEBUG: Response type 1
Fri Jan 30 21:18:25 2004: DEBUG: EAP result: 3, EAP PEAP Challenge
Fri Jan 30 21:18:25 2004: DEBUG: Access challenged for wifi: EAP PEAP 
Challenge
Fri Jan 30 21:18:25 2004: DEBUG: Packet dump:
*** Sending to e.f.g.h port 1027 ....
Code:       Access-Challenge
Identifier: 42
Authentic:  vw<228>M<2><19>PINo|<5>Z<139>h<129>
Attributes:
        EAP-Message = <1><3><0><6><25>!
        Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Fri Jan 30 21:18:25 2004: DEBUG: Packet dump:
*** Received from e.f.g.h port 1027 ....
Code:       Access-Request
Identifier: 43
Authentic:  &g<20><189><178><3><128><185><254>_<172>u<10>{<152><241>
Attributes:
        Framed-MTU = 1480
        NAS-IP-Address = e.f.g.h
        NAS-Identifier = "XXXXXX"
        User-Name = "wifi"
        Service-Type = Framed-User
        Framed-Protocol = PPP
        NAS-Port = 13
        NAS-Port-Type = Ethernet
        NAS-Port-Id = "13"
        Called-Station-Id = "00-08-83-95-fb-ed"
        Calling-Station-Id = "00-30-4f-20-f1-54"
        Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
        Tunnel-Type = 0:VLAN
        Tunnel-Medium-Type = 0:802
        Tunnel-Private-Group-ID = 5
        EAP-Message = 
<2><3><0>n<25><129><0><0><0>d<22><3><1><0>_<1><0><0>[<3><1>@<26><188><21><142><186>*<193>1<229><242><134><233><141><246>8<163><137><191><225><196>4<4>"<28>=<142><166><178><210><221>a<0><0>4<0>9<0>8<0>5<0><22><0><19><0><10><0>3<0>2<0>/<0>f<0><5><0><4><0>c<0>b<0>a<0><21><0><18><0><9><0>e<0>d<0>`<0><20><0><17><0><8><0><6><0><3><1><0>
        Message-Authenticator = <4>w<244><30> 
$<141>l<8><11><28><237>x"<248><197>
Fri Jan 30 21:18:25 2004: DEBUG: Handling request with Handler ''
Fri Jan 30 21:18:25 2004: DEBUG:  Deleting session for wifi, e.f.g.h, 13
Fri Jan 30 21:18:25 2004: DEBUG: Handling with Radius::AuthFILE:
Fri Jan 30 21:18:25 2004: DEBUG: Handling with EAP: code 2, 3, 110
Fri Jan 30 21:18:25 2004: DEBUG: Response type 25
Fri Jan 30 21:18:25 2004: DEBUG: EAP TLS SSL_accept result: -1, 2, 8576
Fri Jan 30 21:18:25 2004: DEBUG: EAP result: 3, EAP PEAP Challenge
Fri Jan 30 21:18:25 2004: DEBUG: Access challenged for wifi: EAP PEAP 
Challenge
Fri Jan 30 21:18:25 2004: DEBUG: Packet dump:
*** Sending to e.f.g.h port 1027 ....
Code:       Access-Challenge
Identifier: 43
Authentic:  &g<20><189><178><3><128><185><254>_<172>u<10>{<152><241>
Attributes:
        EAP-Message = 
<1><4><3>*<25><193><0><0><8>P<22><3><1><0>J<2><0><0>F<3><1>@<26><188><17><182><162><0><144><231><19><135><30>p<21><243>dl<233>)"W<234>*q<255>:mj<213><176>T<3> 
@N<157><133>h<222><22><1>SSS<212><216>g<243>-G,<30><137>E<179>SH~`<178><144><199>Sp/<0>5<0><22><3><1><7><27><11><0><7><23><0><7><20><0><2><209>0<130><2><205>0<130><2>6<160><3><2><1><2><2><1><2>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC 
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate Sec
        EAP-Message = tion1/0-<6><3>U<4><3><19>&OSC Test CA (do not use 
in production)1 
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30><23><13>030227061500Z<23><13>040227061500Z0u1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<24>0<22><6><3>U<4><10><19><15>My 
Test 
Company1%0#<6><3>U<4><3><19><28>test.server.some.company.com0<129><159>0<13><6><9>*<134>H<134><247><13><1><1>
        EAP-Message = 
<1><5><0><3><129><141><0>0<129><137><2><129><129><0><196><186>)<217><245><205><159>@<144><133><177><255>0<165><3><215>cGR<136><231><253>9<193><13><255>m@<220>y^<160><244><236>Sa'<198>^<231><158>4<156>"<242>IS<151><30><211>$<142><196>!}R<146><166><129>yh<17><162><207><196><0><171>5s<187><229><139>2<250><146><1><187><207><226><203>5<251><178><1><212><178><141><219>O<253><134><213>N|<172>:J<23><173><161><191><141><25>&<198>Fi<17><181><137>Fy<0><177><210><215><186>x<141><197><212>s<145><235>\<164><8>!<2><3><1><0><1><163><23>0<21>0<19><6><3>U<29>%<4><12>0<10><6><8>+<6><1><5><5><7><3><1>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0><3><129><129><0><20>m<159><141><185><184><252><248><201>FM<195>PB(^<127>3<24><136><172><19><211><137><132>EF<170>9<236>^<187><146><253><171><200><183><230><148><142><21>_<9>^<227><10>3<162><186><214><206><197>Tq<219><4>r<239>?<1><16><203>
        EAP-Message = 
T<0><161>wm<173>S<4><0>)<141><209><<197>tT<228><150>P<156><22>^zes^<202>u<161><176>F3=<4><200><229><154>q<146><194>cy<23>z*o><219><28><206>t
        Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Fri Jan 30 21:18:25 2004: DEBUG: Packet dump:
*** Received from e.f.g.h port 1027 ....
Code:       Access-Request
Identifier: 44
Authentic:  <214>WD-b<243><176>)<174>O<220><229><186>k<200>a
Attributes:
        Framed-MTU = 1480
        NAS-IP-Address = e.f.g.h
        NAS-Identifier = "XXXXXX"
        User-Name = "wifi"
        Service-Type = Framed-User
        Framed-Protocol = PPP
        NAS-Port = 13
        NAS-Port-Type = Ethernet
        NAS-Port-Id = "13"
        Called-Station-Id = "00-08-83-95-fb-ed"
        Calling-Station-Id = "00-30-4f-20-f1-54"
        Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
        Tunnel-Type = 0:VLAN
        Tunnel-Medium-Type = 0:802
        Tunnel-Private-Group-ID = 5
        EAP-Message = <2><4><0><6><25><1>
        Message-Authenticator = <215>2d<182><212>yp'^<129><31>D.)<225><8>

Fri Jan 30 21:18:25 2004: DEBUG: Handling request with Handler ''
Fri Jan 30 21:18:25 2004: DEBUG:  Deleting session for wifi, e.f.g.h, 13
Fri Jan 30 21:18:25 2004: DEBUG: Handling with Radius::AuthFILE:
Fri Jan 30 21:18:25 2004: DEBUG: Handling with EAP: code 2, 4, 6
Fri Jan 30 21:18:25 2004: DEBUG: Response type 25
Fri Jan 30 21:18:25 2004: DEBUG: EAP result: 3, EAP PEAP Challenge
Fri Jan 30 21:18:25 2004: DEBUG: Access challenged for wifi: EAP PEAP 
Challenge
Fri Jan 30 21:18:25 2004: DEBUG: Packet dump:
*** Sending to e.f.g.h port 1027 ....
Code:       Access-Challenge
Identifier: 44
Authentic:  <214>WD-b<243><176>)<174>O<220><229><186>k<200>a
Attributes:
        EAP-Message = 
<1><5><3>&<25>A<196><188><3><195>.%<19>mD<242><149><237>O<138><193><0><4>=0<130><4>90<130><3><162><160><3><2><1><2><2><1><0>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC 
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate 
Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in production)1 
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open
        EAP-Message = 
.com.au0<30><23><13>030227061411Z<23><13>050226061411Z0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC 
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate 
Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in production)1 
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<129><159>0<13><6><9>*<134>
        EAP-Message = 
H<134><247><13><1><1><1><5><0><3><129><141><0>0<129><137><2><129><129><0><193>@h<28><185>'<7><254><247>{9<233><245>3S<209>=<173>>c<144>Z<239>?b<150><224><171><219><170><170>i<226><251><234>\Jwi<210><141><249><141><148><224>|<188>V<24><209><8><223>f?<149><172><6><226><18><232>1<249><227>$<176>G<164>'Y<193><160>$n<160>e<153>V<166>x<2><162><<244><4><225>T>n<18><<204><210><135><162>T<16><221><6>Pn<9>7<141><197><160><197><245><155>6<3><172><154>p<230><210>Z<159><149><192>C<255><154><220><149><3>*<156>q<2><3><1><0><1><163><130><1>+0<130><1>'0<29><6><3>U<29><14><4><22><4><20><180><27><24>R'<27><169>)<152><148>o<139>c<198><6>9\<249>s<196>0<129><247><6><3>U<29>#<4><129><239>0<129><236><128><20><180><27><24>R'<27><169>)<152><148>o<139>c<198><6>9\<249>s<196><161><129><208><164><129><205>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0
        EAP-Message = 
<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>
        Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Fri Jan 30 21:18:26 2004: DEBUG: Packet dump:
*** Received from e.f.g.h port 1027 ....
Code:       Access-Request
Identifier: 45
Authentic:  <134>Gt<157><18><227><224><153>^?<12>Uj[<248><209>
Attributes:
          EAP-Message = 
<1><5><3>&<25>A<196><188><3><195>.%<19>mD<242><149><237>O<138><193><0><4>=0<130><4>90<130><3><162><160><3><2><1><2><2><1><0>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC 
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate 
Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in production)1 
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open
        EAP-Message = 
.com.au0<30><23><13>030227061411Z<23><13>050226061411Z0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC 
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate 
Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in production)1 
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<129><159>0<13><6><9>*<134>
        EAP-Message = 
H<134><247><13><1><1><1><5><0><3><129><141><0>0<129><137><2><129><129><0><193>@h<28><185>'<7><254><247>{9<233><245>3S<209>=<173>>c<144>Z<239>?b<150><224><171><219><170><170>i<226><251><234>\Jwi<210><141><249><141><148><224>|<188>V<24><209><8><223>f?<149><172><6><226><18><232>1<249><227>$<176>G<164>'Y<193><160>$n<160>e<153>V<166>x<2><162><<244><4><225>T>n<18><<204><210><135><162>T<16><221><6>Pn<9>7<141><197><160><197><245><155>6<3><172><154>p<230><210>Z<159><149><192>C<255><154><220><149><3>*<156>q<2><3><1><0><1><163><130><1>+0<130><1>'0<29><6><3>U<29><14><4><22><4><20><180><27><24>R'<27><169>)<152><148>o<139>c<198><6>9\<249>s<196>0<129><247><6><3>U<29>#<4><129><239>0<129><236><128><20><180><27><24>R'<27><169>)<152><148>o<139>c<198><6>9\<249>s<196><161><129><208><164><129><205>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0
        EAP-Message = 
<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>
        Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Fri Jan 30 21:18:26 2004: DEBUG: Packet dump:
*** Received from e.f.g.h port 1027 ....
Code:       Access-Request
Identifier: 45
Authentic:  <134>Gt<157><18><227><224><153>^?<12>Uj[<248><209>
Attributes:
        Framed-MTU = 1480
         NAS-IP-Address = e.f.g.h
        NAS-Identifier = "XXXXXX"
        User-Name = "wifi"
        Service-Type = Framed-User
        Framed-Protocol = PPP
        NAS-Port = 13
        NAS-Port-Type = Ethernet
        NAS-Port-Id = "13"
        Called-Station-Id = "00-08-83-95-fb-ed"
        Calling-Station-Id = "00-30-4f-20-f1-54"
        Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
        Tunnel-Type = 0:VLAN
        Tunnel-Medium-Type = 0:802
        Tunnel-Private-Group-ID = 5
        EAP-Message = <2><5><0><6><25><1>
        Message-Authenticator = 
<18>/<218><214><230><213>sTf9<206><150><207>a<186><219>

Fri Jan 30 21:18:26 2004: DEBUG: Handling request with Handler ''
Fri Jan 30 21:18:26 2004: DEBUG:  Deleting session for wifi, e.f.g.h, 13
Fri Jan 30 21:18:26 2004: DEBUG: Handling with Radius::AuthFILE:
Fri Jan 30 21:18:26 2004: DEBUG: Handling with EAP: code 2, 5, 6
Fri Jan 30 21:18:26 2004: DEBUG: Response type 25
Fri Jan 30 21:18:26 2004: DEBUG: EAP result: 3, EAP PEAP Challenge
Fri Jan 30 21:18:26 2004: DEBUG: Access challenged for wifi: EAP PEAP 
Challenge
Fri Jan 30 21:18:26 2004: DEBUG: Packet dump:
*** Sending to e.f.g.h port 1027 ....
Code:       Access-Challenge
Identifier: 45
Authentic:  <134>Gt<157><18><227><224><153>^?<12>Uj[<248><209>
Attributes:
        EAP-Message = <1><6><2><22><25><1>OSC Demo 
Certificates1!0<31><6><3>U<4><11><19><24>Test
 Certificate Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in 
production)1 0<30><6><9>*<1
34>H<134><247><13><1><9><1><22><17>mikem at open.com.au<130><1><0>0<12><6><3>U<29><19><4><5>0<3><1>
<1><255>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0><3><129><129><0>A<130>4<253><23>-<13><9><
9><222>3<19><171>aj<23><187><195>gs<145><194>w<164>1m#<242>t<233><144><146>&g<162><190><234><145
 >H<159><10>^6IQ<223><219><193>@><204>b<245><12><6><133><147><132><192>fU<165><197><180>k<136>:<8
 ><198><152><165>*
        EAP-Message = 
%<221><237><188><23><251><255><172>'n<142>H<25>q<173>t<215><212><221><239>
<20>FZyd<205><240>Wbd<143><139>q]h<236><127><16><143>tA<163>4I<236><230><147><218>><175>B^<130><
0>*9<22><3><1><0><220><13><0><0><212><2><1><2><0><207><0><205>0<129><202>1<11>0<9><6><3>U<4><6><
19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><
6><3>U<4><10><19><21>OSC Demo 
Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate Section1
/0-<6><3>U<4><3><19>&OSC Test CA (do not use in production)1 
0<30><6><9>*<134>H<134>
        EAP-Message = 
<247><13><1><9><1><22><17>mikem at open.com.au<14><0><0><0>
        Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Fri Jan 30 21:18:26 2004: DEBUG: Packet dump:
*** Received from e.f.g.h port 1027 ....
Code:       Access-Request
Identifier: 46
Authentic:  67<164><13><194><211><16><9><14>/<<197><26>K(A
Attributes:
        Framed-MTU = 1480
        NAS-IP-Address = e.f.g.h
        NAS-Identifier = "XXXXXX"
        User-Name = "wifi"
        Service-Type = Framed-User
        Framed-Protocol = PPP
        NAS-Port = 13
        NAS-Port-Type = Ethernet
        NAS-Port-Id = "13"
        Called-Station-Id = "00-08-83-95-fb-ed"
        Calling-Station-Id = "00-30-4f-20-f1-54"
        Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
        Tunnel-Type = 0:VLAN
        Tunnel-Medium-Type = 0:802
        Tunnel-Private-Group-ID = 5
        EAP-Message = 
<2><6><0><220><25><129><0><0><0><210><22><3><1><0><7><11><0><0><3><0><0><0><22><3><1><0><134><16><0><0><130><0><128>g<249><15>d<211><13>FX<251>0<22><150><185><204><183>aiIss`<180><208><152><236>s@ 
<213><196>:<139><28><7> 
<148><157>'<136><183>l<242><21><183><182><237>O<168>#<203>"l<162><150>3<168><199><13><254><157><28><148><150><211><172><199>><165><127><174>X1<18><172><9>{"<218>0<130><151><211><2><179><178>FR<182>a<234>w]<17><215><{T<206><155><137><144><25><196>T<209><189><149><198><167><187><173>U<186><245><163><162><2><18>u>/<135><198>Y<227><227><201>M<20><3><1><0><1><1><22><3><1><0>0<151><252><10><204><172><19>Z`*E<31>N<172><14>.<163><226><225>wuD:<188><31><237><238>S<144><13><145><148><248><214>{<223>H<16>(<184><4>J<132><163>Ua<184><1>l
        Message-Authenticator = 
?I<19>O<235><<217><26><155>%<157>H<237><226>?<27>

Fri Jan 30 21:18:26 2004: DEBUG: Handling request with Handler ''
Fri Jan 30 21:18:26 2004: DEBUG:  Deleting session for wifi, e.f.g.h, 13
Fri Jan 30 21:18:26 2004: DEBUG: Handling with Radius::AuthFILE:
Fri Jan 30 21:18:26 2004: DEBUG: Handling with EAP: code 2, 6, 220
Fri Jan 30 21:18:26 2004: DEBUG: Response type 25
Fri Jan 30 21:18:26 2004: DEBUG: EAP TLS SSL_accept result: 1, 0, 3
Fri Jan 30 21:18:26 2004: DEBUG: EAP result: 3, EAP PEAP Challenge
Fri Jan 30 21:18:26 2004: DEBUG: Access challenged for wifi: EAP PEAP 
Challenge
Fri Jan 30 21:18:26 2004: DEBUG: Packet dump:
*** Sending to e.f.g.h port 1027 ....
Code:       Access-Challenge
Identifier: 46
Authentic:  67<164><13><194><211><16><9><14>/<<197><26>K(A
Attributes:
        EAP-Message = 
<1><7><0>E<25><129><0><0><0>;<20><3><1><0><1><1><22><3><1><0>0<203>DI*<203>g<245><240><213>P<232>Y7<15><197><248><225><9>9_f<232><181>R<203><246>Ys<19><148><140><237>^~Y<225><184>:WU<246><178>44U",<225>
        Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Fri Jan 30 21:18:26 2004: DEBUG: Packet dump:
*** Received from e.f.g.h port 1027 ....
Code:       Access-Request
Identifier: 47
Authentic:  <230>'<212>}r<195>@y<190><31>l5<202>;X<177>
Attributes:
        Framed-MTU = 1480
        NAS-IP-Address = e.f.g.h
        NAS-Identifier = "XXXXXXX"
        User-Name = "wifi"
        Service-Type = Framed-User
        Framed-Protocol = PPP
        NAS-Port = 13
        NAS-Port-Type = Ethernet
        NAS-Port-Id = "13"
        Called-Station-Id = "00-08-83-95-fb-ed"
        Calling-Station-Id = "00-30-4f-20-f1-54"
        Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
        Tunnel-Type = 0:VLAN
        Tunnel-Medium-Type = 0:802
        Tunnel-Private-Group-ID = 5
        EAP-Message = <2><7><0><6><25><1>
        Message-Authenticator = 
<243><164><164>S<220><8>s<152><154>P<246><154><242><9><178><164>

Fri Jan 30 21:18:26 2004: DEBUG: Handling request with Handler ''
Fri Jan 30 21:18:26 2004: DEBUG:  Deleting session for wifi, e.f.g.h, 13
Fri Jan 30 21:18:26 2004: DEBUG: Handling with Radius::AuthFILE:
Fri Jan 30 21:18:26 2004: DEBUG: Handling with EAP: code 2, 7, 6
Fri Jan 30 21:18:26 2004: DEBUG: Response type 25
Fri Jan 30 21:18:26 2004: DEBUG: EAP result: 3, EAP PEAP Challenge
Fri Jan 30 21:18:26 2004: DEBUG: Access challenged for wifi: EAP PEAP 
Challenge
Fri Jan 30 21:18:26 2004: DEBUG: Packet dump:
*** Sending to e.f.g.h port 1027 ....
Code:       Access-Challenge
Identifier: 47
Authentic:  <230>'<212>}r<195>@y<190><31>l5<202>;X<177>
Attributes:
        EAP-Message = <1><8><0>P<25><1><23><3><1><0> 
<189><169><159><137><190>Q+<208>f<4><136><224>u<167><239><130><3><128>jc<31><9><234><221><7>jn="B<1><164><23><3><1><0> 
<242>$<<214><238><215><192><20><210><141>c<197>2<0><207><139><147><206><231>Y<186><221><214>r<197>4<218>?<233>r^`
        Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Fri Jan 30 21:18:27 2004: DEBUG: Packet dump:
*** Received from e.f.g.h port 1027 ....
Code:       Access-Request
Identifier: 48
Authentic:  <150><23><4><237>"<179>p<233>n<15><156><165>z+<136>!
Attributes:
        Framed-MTU = 1480
        NAS-IP-Address = e.f.g.h
        NAS-Identifier = "XXXXXXX"
        User-Name = "wifi"
        Service-Type = Framed-User
        Framed-Protocol = PPP
        NAS-Port = 13
        NAS-Port-Type = Ethernet
        NAS-Port-Id = "13"
        Called-Station-Id = "00-08-83-95-fb-ed"
        Calling-Station-Id = "00-30-4f-20-f1-54"
        Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
        Tunnel-Type = 0:VLAN
        Tunnel-Medium-Type = 0:802
        Tunnel-Private-Group-ID = 5
        EAP-Message = <2><8><0>P<25><1><23><3><1><0> 
<234><251><162><188>i<151><194><175>Y<17><135><147><0><231><246><199><165>9#<205>(> 
<203><246><136>`<206><252><239><226>I<23><3><1><0> 
<147><200>v<238><199><163>"V2CEa<3><199><216><21><18><5><22><26><246><248>b<12>#CZ<0><243>Y<162><253>
        Message-Authenticator = 
<237>*<204><234><247><248><6>5N<221><229><140><12>N<208>b

Fri Jan 30 21:18:27 2004: DEBUG: Handling request with Handler ''
Fri Jan 30 21:18:27 2004: DEBUG:  Deleting session for wifi, e.f.g.h, 13
Fri Jan 30 21:18:27 2004: DEBUG: Handling with Radius::AuthFILE:
Fri Jan 30 21:18:27 2004: DEBUG: Handling with EAP: code 2, 8, 80
Fri Jan 30 21:18:27 2004: DEBUG: Response type 25
Fri Jan 30 21:18:27 2004: DEBUG: EAP PEAP inner authentication request 
for anonymous
Fri Jan 30 21:18:27 2004: DEBUG: PEAP Tunnelled request Packet dump:
Code:       Access-Request
Identifier: UNDEF
Authentic:  {<134><221><5><137>A<254><212><232>#_<240>&snr
Attributes:
        EAP-Message = <2><0><0><9><1>wifi
        Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
        User-Name = "anonymous"
        NAS-IP-Address = e.f.g.h
        NAS-Identifier = "XXXXXXX"
        NAS-Port = 13
        Calling-Station-Id = "00-30-4f-20-f1-54"

Fri Jan 30 21:18:27 2004: DEBUG: Handling request with Handler 
'TunnelledByPEAP=1'
Fri Jan 30 21:18:27 2004: DEBUG:  Deleting session for , e.f.g.h, 13
Fri Jan 30 21:18:27 2004: DEBUG: Handling with Radius::AuthSQL
Fri Jan 30 21:18:27 2004: DEBUG: Handling with Radius::AuthSQL:
Fri Jan 30 21:18:27 2004: DEBUG: Handling with EAP: code 2, 0, 9
Fri Jan 30 21:18:27 2004: DEBUG: Response type 1
Fri Jan 30 21:18:27 2004: DEBUG: EAP result: 3, EAP MSCHAP-V2 Challenge
Fri Jan 30 21:18:27 2004: DEBUG: Access challenged for anonymous: EAP 
MSCHAP-V2 Challenge
Fri Jan 30 21:18:27 2004: DEBUG: EAP result: 3, EAP PEAP inner 
authentication redespatched to a Handler
Fri Jan 30 21:18:27 2004: DEBUG: Access challenged for wifi: EAP PEAP 
inner authentication redespatched to a Handler
Fri Jan 30 21:18:27 2004: DEBUG: Packet dump:
*** Sending to e.f.g.h port 1027 ....
Code:       Access-Challenge
Identifier: 48
Authentic:  <150><23><4><237>"<179>p<233>n<15><156><165>z+<136>!
Attributes:
        EAP-Message = <1><9><0>p<25><1><23><3><1><0> 
<245><208><201>=<245>><196><212><171><169><184><152>G<192><190>P<150><201>$<246><207><224>vY<7><146><238>K<191><191><9><164><23><3><1><0>@<242>v<194><182><191>"<189>&K<230>2e<29>r<222>f<193><211>r<238>B<133><244>/<214><210><130><23><218><246>H<12>3<246><130><169><159>R<171><14><6><23><199><201><20><209>>v<184><236>E<22>(<225><24>b<177>z<170><216><191><176><216>"
        Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Fri Jan 30 21:18:27 2004: DEBUG: Packet dump:
*** Received from e.f.g.h port 1027 ....
Code:       Access-Request
Identifier: 49
Authentic:  F<7>4]<210><163><160>Y<30><255><204><21>*<27><184><145>
Attributes:
        Framed-MTU = 1480
        NAS-IP-Address = e.f.g.h
        NAS-Identifier = "XXXXXXX"
        User-Name = "wifi"
        Service-Type = Framed-User
        Framed-Protocol = PPP
        NAS-Port = 13
        NAS-Port-Type = Ethernet
        NAS-Port-Id = "13"
        Called-Station-Id = "00-08-83-95-fb-ed"
        Calling-Station-Id = "00-30-4f-20-f1-54"
        Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
        Tunnel-Type = 0:VLAN
        Tunnel-Medium-Type = 0:802
        Tunnel-Private-Group-ID = 5
        EAP-Message = <2><9><0><144><25><1><23><3><1><0> 
`<224>MO<0><31><237>q<132><226><19><146
 ><173>~+ 
<201><128>UG<2>n<152><242><128><22><187><214>b0<242><23><23><3><1><0>`5<152>r-<19>p!_<2
31><235>MjIc<215><235><200>G\<230>~<211>h>d<137><165><166>o<139>`<187><212>{<223>J<165><13>Cc<15
9><149>[-<182><179><21><221><181>~Y<131><175><162><236><9><154><239>Q<190>+<20><143><203><187>=<
8>J<166>c<252><197>L<173>}<127>J<25>Jo<146><135><149><157><198>g<237><140><253>U;<190><150><Fh
        Message-Authenticator = 
<149>|<200>x<217>E<171><197>7<236><226><192>!s<140>U

Fri Jan 30 21:18:27 2004: DEBUG: Handling request with Handler ''
Fri Jan 30 21:18:27 2004: DEBUG:  Deleting session for wifi, e.f.g.h, 13
Fri Jan 30 21:18:27 2004: DEBUG: Handling with Radius::AuthFILE:
Fri Jan 30 21:18:27 2004: DEBUG: Handling with EAP: code 2, 9, 144
Fri Jan 30 21:18:27 2004: DEBUG: Response type 25
Fri Jan 30 21:18:27 2004: DEBUG: EAP PEAP inner authentication request 
for anonymous
Fri Jan 30 21:18:27 2004: DEBUG: PEAP Tunnelled request Packet dump:
Code:       Access-Request
Identifier: UNDEF
Authentic:  q2<232><250><210>y<142><240><10>HAI/<8><140>"
Attributes:
        EAP-Message = 
<2><1><0>@<26><2><1><0>11<29><216><225><23><243><0><229>*da<152>$0<147><22
1><141><0><0><0><0><0><0><0><0>c<241><219><189>LC<230><218><194><134><23><177><17><24><151>@]<15
6><131>49<4>p<140><0>wifi
        Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
        User-Name = "anonymous"
        NAS-IP-Address = e.f.g.h
        NAS-Identifier = "XXXXXXX"
        NAS-Port = 13
        Calling-Station-Id = "00-30-4f-20-f1-54"

Fri Jan 30 21:18:27 2004: DEBUG: Handling request with Handler 
'TunnelledByPEAP=1'
Fri Jan 30 21:18:27 2004: DEBUG:  Deleting session for , e.f.g.h, 13
Fri Jan 30 21:18:27 2004: DEBUG: Handling with Radius::AuthSQL
Fri Jan 30 21:18:27 2004: DEBUG: Handling with Radius::AuthSQL:
Fri Jan 30 21:18:27 2004: DEBUG: Handling with EAP: code 2, 1, 64
Fri Jan 30 21:18:27 2004: DEBUG: Response type 26
Fri Jan 30 21:18:27 2004: DEBUG: Query is: 'select password from 
inetusers where username = 'wif
i' and locked = 0':

Fri Jan 30 21:18:27 2004: DEBUG: Radius::AuthSQL looks for match with wifi
Fri Jan 30 21:18:27 2004: DEBUG: Radius::AuthSQL ACCEPT:
Fri Jan 30 21:18:27 2004: DEBUG: EAP result: 3, EAP MSCHAP V2 Challenge: 
Success
Fri Jan 30 21:18:27 2004: DEBUG: Access challenged for anonymous: EAP 
MSCHAP V2 Challenge: Success
Fri Jan 30 21:18:27 2004: DEBUG: EAP result: 3, EAP PEAP inner 
authentication redespatched to a Handler
Fri Jan 30 21:18:27 2004: DEBUG: Access challenged for wifi: EAP PEAP 
inner authentication redespatched to a Handler
Fri Jan 30 21:18:27 2004: DEBUG: Packet dump:
*** Sending to e.f.g.h port 1027 ....
Code:       Access-Challenge
Identifier: 49
Authentic:  F<7>4]<210><163><160>Y<30><255><204><21>*<27><184><145>
Attributes:
        EAP-Message = <1><10><0><144><25><1><23><3><1><0> 
<149>Q$<23><202><190><149><174>&<138><15>KE<6><240>\oJ'b<210><244><194>H3dFs<188>7$<136><23><3><1><0>`<9><143><143>U<194>,<216><30>"<157><237><221><170>8<167>J{<199>B<134>^<129><141><165><219><230>2?<173>V<231><164><144><134>b<204><152>yy<255>{6<226>'<212>\<184>U<173><219>6<245><136><252><23><208>qC<243>^"<178>+<185><28><10>&<131>.y<198><212><6>7<9><255>.<253><127>o<225><236>v<229>\<154><172><24>3<26>V<201><10><246><245><252>
        Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Fri Jan 30 21:18:27 2004: DEBUG: Packet dump:
*** Received from e.f.g.h port 1027 ....
Code:       Access-Request
Identifier: 50
Authentic:  
<246><247>d<205><130><147><208><201><206><239><252><133><218><11><232><1>
Attributes:
        Framed-MTU = 1480
        NAS-IP-Address = e.f.g.h
        NAS-Identifier = "XXXXXXX"
        User-Name = "wifi"
        Service-Type = Framed-User
        Framed-Protocol = PPP
        NAS-Port = 13
        NAS-Port-Type = Ethernet
        NAS-Port-Id = "13"
        Called-Station-Id = "00-08-83-95-fb-ed"
        Calling-Station-Id = "00-30-4f-20-f1-54"
        Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
        Tunnel-Type = 0:VLAN
        Tunnel-Medium-Type = 0:802
        Tunnel-Private-Group-ID = 5
        EAP-Message = <2><10><0>P<25><1><23><3><1><0> 
<231><0><246>p<148>L/<240><129><3>k@<140>x<129><6><167><214><210>d$<9><238>O<175>w:<150>^<3>!<147><23><3><1><0> 
<217><244>&<237><<175>Q<149><216><199>Z=k<5>~<1><210><5><169><242><18><172><250><242><196><0><19><255><208>B<137><139>
        Message-Authenticator = 
p<235><220><220><219>E<150>l<236>8<238>'/<211>a<172>

Fri Jan 30 21:18:27 2004: DEBUG: Handling request with Handler ''
Fri Jan 30 21:18:27 2004: DEBUG:  Deleting session for wifi, e.f.g.h, 13
Fri Jan 30 21:18:27 2004: DEBUG: Handling with Radius::AuthFILE:
Fri Jan 30 21:18:27 2004: DEBUG: Handling with EAP: code 2, 10, 80
Fri Jan 30 21:18:27 2004: DEBUG: Response type 25
Fri Jan 30 21:18:27 2004: DEBUG: EAP PEAP inner authentication request 
for anonymous
Fri Jan 30 21:18:27 2004: DEBUG: PEAP Tunnelled request Packet dump:
Code:       Access-Request
Identifier: UNDEF
Authentic:  
U$<172><211><235><156><148><226><173><208><252><142><232><174><167><19>
Attributes:
        EAP-Message = <2><2><0><7><26><3>
        Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
        User-Name = "anonymous"
        NAS-IP-Address = e.f.g.h
        NAS-Identifier = "XXXXXXX"
        NAS-Port = 13
        Calling-Station-Id = "00-30-4f-20-f1-54"

Fri Jan 30 21:18:27 2004: DEBUG: Handling request with Handler 
'TunnelledByPEAP=1'
Fri Jan 30 21:18:27 2004: DEBUG:  Deleting session for , e.f.g.h, 13
Fri Jan 30 21:18:27 2004: DEBUG: Handling with Radius::AuthSQL
Fri Jan 30 21:18:27 2004: DEBUG: Handling with Radius::AuthSQL:
Fri Jan 30 21:18:27 2004: DEBUG: Handling with EAP: code 2, 2, 7
Fri Jan 30 21:18:27 2004: DEBUG: Response type 26
Fri Jan 30 21:18:27 2004: DEBUG: EAP result: 0,
Fri Jan 30 21:18:27 2004: DEBUG: Access accepted for anonymous
Fri Jan 30 21:18:27 2004: DEBUG: EAP result: 3, EAP PEAP inner 
authentication redespatched to a Handler
Fri Jan 30 21:18:27 2004: DEBUG: Access challenged for wifi: EAP PEAP 
inner authentication redespatched to a Handler
Fri Jan 30 21:18:27 2004: DEBUG: Packet dump:
*** Sending to e.f.g.h port 1027 ....
Code:       Access-Challenge
Identifier: 50
Authentic:  
<246><247>d<205><130><147><208><201><206><239><252><133><218><11><232><1>
Attributes:
        EAP-Message = <1><11><0>P<25><1><23><3><1><0> 
<31><221>H<162><173><149>]<234><17><249><10>0<238><194><229><186><197>g<242><248><7>5<130>&<18><154><25><226><229>S<134><171><23><3><1><0> 
<224><188><15>5<30>'<205><7>p=5<230><194><238><206>N{<204>k<192>#<4><187><202><Z<241><248><174><210><184><235>
        Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Fri Jan 30 21:18:27 2004: DEBUG: Packet dump:
*** Received from e.f.g.h port 1027 ....
Code:       Access-Request
Identifier: 51
Authentic:  <166><231><148>=2<131><0>9~<223>,<245><138><251><24>q
Attributes:
        Framed-MTU = 1480
        NAS-IP-Address = e.f.g.h
        NAS-Identifier = "XXXXXXX"
        User-Name = "wifi"
        Service-Type = Framed-User
        Framed-Protocol = PPP
        NAS-Port = 13
        NAS-Port-Type = Ethernet
        NAS-Port-Id = "13"
        Called-Station-Id = "00-08-83-95-fb-ed"
        Calling-Station-Id = "00-30-4f-20-f1-54"
        Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
        Tunnel-Type = 0:VLAN
        Tunnel-Medium-Type = 0:802
        Tunnel-Private-Group-ID = 5
        EAP-Message = <2><11><0>P<25><1><23><3><1><0> 
j<168><19><206><4><176><143><128><128><245><212><138><22><224>I<226><138><17>h<183><178><236>&<217><<167>&<127>F<172>C<167><23><3><1><0> 
*F<234>!<14>Fmx<26><150><229><18><237><199><131>Tm<178><216><232><129><255><183><131><251>#<226>VawI<4>
        Message-Authenticator = 
<162>JO<192><22>p<198><194>C<238>G<158>|E<29>(

Fri Jan 30 21:18:27 2004: DEBUG: Handling request with Handler ''
Fri Jan 30 21:18:27 2004: DEBUG:  Deleting session for wifi, e.f.g.h, 13
Fri Jan 30 21:18:27 2004: DEBUG: Handling with Radius::AuthFILE:
Fri Jan 30 21:18:27 2004: DEBUG: Handling with EAP: code 2, 11, 80
Fri Jan 30 21:18:27 2004: DEBUG: Response type 25
Fri Jan 30 21:18:27 2004: DEBUG: EAP result: 0,
Fri Jan 30 21:18:27 2004: DEBUG: Access accepted for wifi
Fri Jan 30 21:18:27 2004: DEBUG: Packet dump:
*** Sending to e.f.g.h port 1027 ....
Code:       Access-Accept
Identifier: 51
Authentic:  <166><231><148>=2<131><0>9~<223>,<245><138><251><24>q
Attributes:
        EAP-Message = <3><11><0><4>
        Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>



===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list