(RADIATOR) Not sure why this one does not work
Stewart, Bill
wjs-corp at kaman.com
Fri Apr 8 06:28:29 CDT 2005
I am trying to validate against a different domain now, and get the
following.
Fri Apr 8 07:14:57 2005: WARNING: Could not LogonUserNetworkMSCHAP (V2):
3221225581, 0, Logon failure: unknown user name or bad password.
Does this error come from the nt server? The laptop logs onto the
domain with no problem when I plug directly into the network, but fails when
using wireless against the radius server.
Thanks ahead of time,
Bill
RADIUS.CFG
# lsa_eap_peap.cfg
#
# Example Radiator configuration file.
# This very simple file will allow you to get started with
# PEAP authentication as used by Windows XP (starting with SP1)
# We suggest you start simple, prove to yourself that it
# works and then develop a more complicated configuration.
#
# This example will authenticate Wireless PEAP users from a Windows LSA,
which
# permits authentication against any Windows Active Directory Domain
# or NT Domain.
# It will accept requests from any client and try to handle request
# for any realm.
# To use this LSA, Radiator must be run on Windows as Administrator,
# or as a user that has the 'Act as part of the operating system' security
policy
# enabled.
# Note: AuthBy LSA is _only_ available on Windows 2000, 2003 and XP (not
Home edition).
#
# To use this example, Radiator must be run on Windows as Administrator,
# or as a user that has the 'Act as part of the operating system' security
policy
# enabled. This is not possible with Windows XP Home edition.
#
# Requires the Win32-Lsa perl module from Open System Consultants.
# Install the Win32-Lsa perl module using PPM and ActivePerl 5.6.1 like
this:
# ppm install --location=http://www.open.com.au/radiator/free-downloads
Win32-Lsa
#
# Users will only be authenticated if they have the 'Access this computer
from the network'
# security policy enabled. Their other account restrictions will also be
checked
# CHAP passwords can only be authenticated if the user has their
# 'Store password using reversible encryption' option enabled in their
Account
#
# In order to test this, you can user the sample test certificates
# supplied with Radiator. For production, you
# WILL need to install a real valid server certificate and
# key for Radiator to use. Runs with openssl on Unix and Windows.
#
# See radius.cfg for more complete examples of features and
# syntax, and refer to the reference manual for a complete description
# of all the features and syntax.
#
# Requires openssl and Net_SSLeay.
#
# You should consider this file to be a starting point only
# $Id: lsa_eap_peap.cfg,v 1.5 2004/06/06 04:08:13 mikem Exp $
#Foreground
LogStdout
LogDir c:/Program Files/Radiator
DbDir c:/Program Files/Radiator
# User a lower trace level in production systems:
Trace 4
AuthPort 1812
DictionaryFile %D/dictionary
# You will probably want to add other Clients to suit your site,
# one for each NAS you want to work with
<Client DEFAULT>
Secret mysecret
DupInterval 0
</Client>
<Client 149.158.3.250>
Secret newwidenet
</Client>
# This is where we autneticate a PEAP inner request, which will be an EAP
# request. The username of the inner request will be anonymous, although
# the identity of the EAP request will be the real username we are
# trying to authenticate.
<Handler TunnelledByPEAP=1>
# Authenticate with Windows LSA
<AuthBy LSA>
# Specifies which Windows Domain is ALWAYS to be used to
authenticate
# users (even if they specify a different domain in their
username).
# Empty string means the local machine only
# Special characters are supported. Can be an Active
# directory domain or a Windows NT domain controller
# domain name
# Empty string (the default) means the local machine
# Domain LAN_KCNT
Domain LAN_KITNT_NET
# Specifies the Windows Domain to use if the user does not
# specify a doain domain in their username.
# Special characters are supported. Can be an Active
# directory domain or a Windows NT domain controller
# domain name
# Empty string (the default) means the local machine
# DefaultDomain LAN_KCNT
DefaultDomain LAN_KITNT_NET
# You can check whether each user is the member of a windows
group
# with the Group parameter. If more than one Group is
specified, then the
# user must be a member of at least one of them. Requires
Win32::NetAdmin
# (which is installed by default with ActivePerl). If no
Group
# parameters are specified, then Group checks will not be
performed.
#Group Administrators
#Group Domain Users
# You can specify which domain controller will be used to
check group
# membership with the DomainController parameter. If no
Group parameters
# are specified, DomainController wil not be used. Defaults
to
# empty string, meaning the default controller of the host
where this
# instance of Radaitor is running.
# DomainController kcnt1.kaman.com
DomainController kitnt4.kaman.com
# This tells the PEAP client what types of inner EAP
requests
# we will honour
EAPType MSCHAP-V2
</AuthBy>
</Handler>
# The original PEAP request from a NAS will be sent to a matching
# Realm or Handler in the usual way, where it will be unpacked and the inner
authentication
# extracted.
# The inner authentication request will be sent again to a matching
# Realm or Handler. The special check item TunnelledByPEAP=1 can be used to
select
# a specific handler, or else you can use EAPAnonymous to set a username and
realm
# which can be used to select a Realm clause for the inner request.
# This allows you to select an inner authentication method based on Realm,
and/or the
# fact that they were tunnelled. You can therfore act just as a PEAP server,
or also
# act as the AAA/H home server, and authenticate PEAP requests locally or
proxy
# them to another remote server based on the realm of the inner
authenticaiton request.
# In this basic example, both the inner and outer authentication are
authenticated
# from a file by AuthBy FILE
<Handler>
<AuthBy FILE>
# The username of the outer authentication
# must be in this file to get anywhere. In this example,
# it requires an entry for 'anonymous' which is the standard
username
# in the outer requests, and it also requires an entry for
the
# actual user name who is trying to connect (ie the 'Login
name' entered
# in the Funk Odyssey 'Edit Profile Properties' page
Filename %D/users
# EAPType sets the EAP type(s) that Radiator will honour.
# Options are: MD5-Challenge, One-Time-Password
# Generic-Token, TLS, TTLS, PEAP, MSCHAP-V2
# Multiple types can be comma separated. With the default
(most
# preferred) type given first
EAPType PEAP
# EAPTLS_CAFile is the name of a file of CA certificates
# in PEM format. The file can contain several CA
certificates
# Radiator will first look in EAPTLS_CAFile then in
# EAPTLS_CAPath, so there usually is no need to set both
EAPTLS_CAFile %D/certificates/demoCA/cacert.pem
# EAPTLS_CAPath is the name of a directory containing CA
# certificates in PEM format. The files each contain one
# CA certificate. The files are looked up by the CA
# subject name hash value
EAPTLS_CAPath
# EAPTLS_CertificateFile is the name of a file containing
# the servers certificate. EAPTLS_CertificateType
# specifies the type of the file. Can be PEM or ASN1
# defaults to ASN1
EAPTLS_CertificateFile %D/certificates/cert-srv.pem
EAPTLS_CertificateType PEM
# EAPTLS_PrivateKeyFile is the name of the file containing
# the servers private key. It is sometimes in the same file
# as the server certificate (EAPTLS_CertificateFile)
# If the private key is encrypted (usually the case)
# then EAPTLS_PrivateKeyPassword is the key to descrypt it
EAPTLS_PrivateKeyFile %D/certificates/cert-srv.pem
EAPTLS_PrivateKeyPassword whatever
# EAPTLS_RandomFile is an optional file containing
# randdomness
EAPTLS_RandomFile %D/certificates/random
# EAPTLS_MaxFragmentSize sets the maximum TLS fragemt
# size that will be replied by Radiator. It must be small
# enough to fit in a single Radius request (ie less than
4096)
# and still leave enough space for other attributes
# Aironet APs seem to need a smaller MaxFragmentSize
# (eg 1024) than the default of 2048. Others need even
smaller sizes.
EAPTLS_MaxFragmentSize 1000
# EAPTLS_DHFile if set specifies the DH group file. It
# may be required if you need to use ephemeral DH keys.
EAPTLS_DHFile %D/certificates/cert/dh
# If EAPTLS_CRLCheck is set and the client presents a
certificate
# then Radiator will look for a certificate revocation list
(CRL)
# for the certificate issuer
# when authenticating each client. If a CRL file is not
found, or
# if the CRL says the certificate has neen revoked, the
authentication will
# fail with an error:
# SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
# One or more CRLs can be named with the EAPTLS_CRLFile
parameter.
# Alternatively, CRLs may follow a file naming convention:
# the hash of the issuer subject name
# and a suffix that depends on the serial number.
# eg ab1331b2.r0, ab1331b2.r1 etc.
# You can find out the hash of the issuer name in a CRL with
# openssl crl -in crl.pem -hash -noout
# CRLs with tis name convention
# will be searched in EAPTLS_CAPath, else in the openssl
# certificates directory typically /usr/local/openssl/certs/
# CRLs are expected to be in PEM format.
# A CRL files can be generated with openssl like this:
# openssl ca -gencrl -revoke cert-clt.pem
# openssl ca -gencrl -out crl.pem
# Use of these flags requires Net_SSLeay-1.21 or later
#EAPTLS_CRLCheck
#EAPTLS_CRLFile %D/certificates/crl.pem
#EAPTLS_CRLFile %D/certificates/revocations.pem
# Some clients, depending on their configuration, may
require you to specify
# MPPE send and receive keys. This _will_ be required if you
select
# 'Keys will be generated automatically for data privacy' in
the Funk Odyssey
# client Network Properties dialog.
# Automatically sets MS-MPPE-Send-Key and MS-MPPE-Recv-Key
# in the final Access-Accept
AutoMPPEKeys
# You can enable some warning messages from the Net::SSLeay
# module by setting SSLeayTrace to an integer from 1 to 4
# 1=ciphers, 2=trace, 3=dump data
SSLeayTrace 4
# You can configure the User-Name that will be used for the
inner
# authentication. Defaults to 'anonymous'. This can be
useful
# when proxying the inner authentication. If tehre is a
realm, it can
# be used to choose a local Realm to handle the inner
authentication.
# %0 is replaced with the EAP identitiy
# EAPAnonymous anonymous at some.other.realm
# You can enable or disable support for TTLS Session
Resumption and
# PEAP Fast Reconnect with the EAPTLS_SessionResumption
flag.
# Default is enabled
#EAPTLS_SessionResumption 0
# You can limit how long after the initial session that a
session can be resumed
# with EAPTLS_SessionResumptionLimit (time in seconds).
Defaults to 43200
# (12 hours)
#EAPTLS_SessionResumptionLimit 10
</AuthBy>
</Handler>
LOGFILE
Fri Apr 8 07:14:30 2005: DEBUG: Finished reading configuration file
'C:\Program Files\Radiator\radius.cfg'
Fri Apr 8 07:14:30 2005: DEBUG: Reading dictionary file 'c:/Program
Files/Radiator/dictionary'
Fri Apr 8 07:14:30 2005: DEBUG: Creating authentication port 0.0.0.0:1812
Fri Apr 8 07:14:30 2005: DEBUG: Creating accounting port 0.0.0.0:1646
Fri Apr 8 07:14:30 2005: NOTICE: Server started: Radiator 3.12 on PC148
(LOCKED)
Fri Apr 8 07:14:52 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1193 ....
Code: Access-Request
Identifier: 47
Authentic: <26>x<0><0><181>i<0><0>-j<0><0>po<0><0>
Attributes:
User-Name = "00-01-f4-ec-97-29"
User-Password =
"<171><215><i<164><237><132>b;X<167><187><247><235><233>v"
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
Fri Apr 8 07:14:52 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:52 2005: DEBUG: Deleting session for 00-01-f4-ec-97-29,
149.158.3.250, 2
Fri Apr 8 07:14:52 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:52 2005: DEBUG: Reading users file c:/Program
Files/Radiator/users
Fri Apr 8 07:14:52 2005: DEBUG: Radius::AuthFILE looks for match with
00-01-f4-ec-97-29
Fri Apr 8 07:14:52 2005: DEBUG: AuthBy FILE result: REJECT, No such user
Fri Apr 8 07:14:52 2005: INFO: Access rejected for 00-01-f4-ec-97-29: No
such user
Fri Apr 8 07:14:52 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1193 ....
Code: Access-Reject
Identifier: 47
Authentic: <26>x<0><0><181>i<0><0>-j<0><0>po<0><0>
Attributes:
Reply-Message = "Request Denied"
Fri Apr 8 07:14:52 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1194 ....
Code: Access-Request
Identifier: 48
Authentic: <127>8<0><0><229>`<0><0><21><31><0><0>6R<0><0>
Attributes:
Message-Authenticator = <130><30>+$<198>Z<26><218>9<183>
<180><210><161><220><237>
User-Name = "LAN_KITNT_NET\HTFP01"
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
NAS-Port-Type = Wireless-IEEE-802-11
Calling-Station-Id = "00-01-f4-ec-97-29"
EAP-Message = <2><1><0><25><1>LAN_KITNT_NET\HTFP01
Framed-MTU = 1000
Fri Apr 8 07:14:52 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:52 2005: DEBUG: Deleting session for LAN_KITNT_NET\HTFP01,
149.158.3.250, 2
Fri Apr 8 07:14:52 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:52 2005: DEBUG: Handling with EAP: code 2, 1, 25
Fri Apr 8 07:14:52 2005: DEBUG: Response type 1
Fri Apr 8 07:14:52 2005: DEBUG: EAP result: 3, EAP PEAP Challenge
Fri Apr 8 07:14:52 2005: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP
Challenge
Fri Apr 8 07:14:52 2005: DEBUG: Access challenged for LAN_KITNT_NET\HTFP01:
EAP PEAP Challenge
Fri Apr 8 07:14:52 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1194 ....
Code: Access-Challenge
Identifier: 48
Authentic: <127>8<0><0><229>`<0><0><21><31><0><0>6R<0><0>
Attributes:
EAP-Message = <1><2><0><6><25>!
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Fri Apr 8 07:14:52 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1194 ....
Code: Access-Request
Identifier: 49
Authentic: <219>7<0><0><161>&<0><0><197>x<0><0>;2<0><0>
Attributes:
Message-Authenticator =
<20>8<163>C<128><248>I<140>wE<3><207><127><227><214>D
User-Name = "LAN_KITNT_NET\HTFP01"
State = ""
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
NAS-Port-Type = Wireless-IEEE-802-11
Calling-Station-Id = "00-01-f4-ec-97-29"
Framed-MTU = 1000
EAP-Message =
<2><2><0>P<25><128><0><0><0>F<22><3><1><0>A<1><0><0>=<3><1>BVd<179><137><154
><1><231><11><247><129><164>O<212><166><28><199><180><245>r<225>]<228><19><1
75>,<211><206><182>M<247>g<0><0><22><0><4><0><5><0><10><0><9><0>d<0>b<0><3><
0><6><0><19><0><18><0>c<1><0>
Fri Apr 8 07:14:52 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:52 2005: DEBUG: Deleting session for LAN_KITNT_NET\HTFP01,
149.158.3.250, 2
Fri Apr 8 07:14:52 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:52 2005: DEBUG: Handling with EAP: code 2, 2, 80
Fri Apr 8 07:14:52 2005: DEBUG: Response type 25
Fri Apr 8 07:14:52 2005: DEBUG: EAP TLS SSL_accept result: -1, 2, 8576
Fri Apr 8 07:14:52 2005: DEBUG: EAP result: 3, EAP PEAP Challenge
Fri Apr 8 07:14:52 2005: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP
Challenge
Fri Apr 8 07:14:52 2005: DEBUG: Access challenged for LAN_KITNT_NET\HTFP01:
EAP PEAP Challenge
Fri Apr 8 07:14:52 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1194 ....
Code: Access-Challenge
Identifier: 49
Authentic: <219>7<0><0><161>&<0><0><197>x<0><0>;2<0><0>
Attributes:
EAP-Message =
<1><3><3><222><25><128><0><0><3><212><22><3><1><0>J<2><0><0>F<3><1>BVg<172><
7><25><249>A<16><29><149><207><169><24><188>XR<160><151><195>JZ"<169><215>h<
221>.<150>zR<193>
^<228>3<230><213>^<151><211>+:<137>zb<193><169><141><197>><203><30><155><178
><219><178><6><7>
y4<10><5><146><0><4><0><22><3><1><2><219><11><0><2><215><0><2><212><0><2><20
9>0<130><2><205>0<130><2>6<160><3><2><1><2><2><1><2>0<13><6><9>*<134>H<134><
247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><
6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28>
<6><3>U<4><10><19><21>OSC Demo Certificates1!0<31><6><3>U<4><11><19><24>Test
Certificate Sec
EAP-Message = tion1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in
production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30><23><
13>040316080209Z<23><13>060316080209Z0u1<11>0<9><6><3>U<4><6><19><2>AU1<17>0
<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<24>
0<22><6><3>U<4><10><19><15>My Test
Company1%0#<6><3>U<4><3><19><28>test.server.some.company.com0<129><159>0<13>
<6><9>*<134>H<134><247><13><1><1>
EAP-Message =
<1><5><0><3><129><141><0>0<129><137><2><129><129><0><216>4<7><6><214><234>/<
241>.9<209><250>\y<1><149>[<215><24>e<133><15><223>d<176><132>Z<222>#<234><1
2>%<133>aF<28><20><24><218><160><197><239><237><136><222><218><138><6><19><2
47>}*3B<155><24>TE<18><240><194><220><164><183>9<192><176>/<16>HI<220><169>v
N<215>)<31><207><24><157><230>G<186>)<246>J<195><171><154><249><220>v<17><15
9><2>x<29><136><148>:b<170><254><4><207><183><144><210><251>+<233><135>0<212
>Y<207><158>N<226><136><12><132><143><250><182><218>W<2><3><1><0><1><163><23
>0<21>0<19><6><3>U<29>%<4><12>0<10><6><8>+<6><1><5><5><7><3><1>0<13><6><9>*<
134>H<134><247><13><1><1><4><5><0><3><129><129><0>n<23><196><159>c<165><188>
>q<129>X<13>=l?<174><155><170><162><189><20><25>az<19>o<202><250>|B8N<209><2
25><253>?hv<170><193><235><2>b<16><201>}<250>,<181>q<154>%<182><29><179>p<21
1><248>oba<
EAP-Message =
JP<13>p<12>+<154><199>1<16><208><138><21><141>'wrX<214>NUW<231><173><25>w<21
5><13><152><154>T<218><8><246><202>.<177>9s*<220><219>n"Gu<188><254><206>U?<
214>)<181>I2^<157><225><174><232>2e<185>k<131><22><3><1><0><160><13><0><0><1
52><2><1><2><0><147><0><145>0<129><142>1<11>0<9><6><3>U<4><6><19><2>us1<20>0
<18><6><3>U<4><8><19><11>Connecticut1<19>0<17><6><3>U<4><7><19><10>Bloomfiel
d1<26>0<24><6><3>U<4><10><19><17>Kaman
Corporation1<21>0<19><6><3>U<4><3><19><12>Bill
Stewart1!0<31><6><9>*<134>H<134><247><13><1><9><1><22><18>wjs-corp at kaman.com
<14><0><0><0>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Fri Apr 8 07:14:52 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1194 ....
Code: Access-Request
Identifier: 50
Authentic: <147>W<0><0>i<127><0><0><184>><0><0>IJ<0><0>
Attributes:
Message-Authenticator =
3<29><225><184><27><211><225><216><149>0<25><142>B<178><20>M
User-Name = "LAN_KITNT_NET\HTFP01"
State = ""
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
NAS-Port-Type = Wireless-IEEE-802-11
Calling-Station-Id = "00-01-f4-ec-97-29"
Framed-MTU = 1000
EAP-Message =
<2><3><0><199><25><128><0><0><0><189><22><3><1><0><141><11><0><0><3><0><0><0
><16><0><0><130><0><128><160><181><175>,<194>w<214>[>anXT<241>;<233><173><15
9><232><146><213><185><150>sO<188>x<131><237><146><184><189>3<142><153>N9<19
3><232>2<150>K<178>-<243><25><176><31>M<180><205><173>3Y<202><134><158><145>
6<21><153>8<244><128><200><193>G<172>f*<31><139><221>c<191><<219><158><145>B
<151>=G<19>Wy7<204><133><151>.<137><145>f}<245><144><208><205>2<13>b<241><28
><134>H4<7><210><128><148>JT<163><144>z<138><157>]E<181><169><248><254>}
<146>G<20><3><1><0><1><1><22><3><1><0>
<163><2><132>#<196>?<208><216><132>t7qP<254><212><21>!}<171><25><208><220><1
53><148><26><226><189>,<0><236><161>5
Fri Apr 8 07:14:52 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:52 2005: DEBUG: Deleting session for LAN_KITNT_NET\HTFP01,
149.158.3.250, 2
Fri Apr 8 07:14:52 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:52 2005: DEBUG: Handling with EAP: code 2, 3, 199
Fri Apr 8 07:14:52 2005: DEBUG: Response type 25
Fri Apr 8 07:14:52 2005: DEBUG: EAP TLS SSL_accept result: 1, 0, 3
Fri Apr 8 07:14:52 2005: DEBUG: EAP result: 3, EAP PEAP Challenge
Fri Apr 8 07:14:52 2005: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP
Challenge
Fri Apr 8 07:14:52 2005: DEBUG: Access challenged for LAN_KITNT_NET\HTFP01:
EAP PEAP Challenge
Fri Apr 8 07:14:52 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1194 ....
Code: Access-Challenge
Identifier: 50
Authentic: <147>W<0><0>i<127><0><0><184>><0><0>IJ<0><0>
Attributes:
EAP-Message =
<1><4><0>5<25><128><0><0><0>+<20><3><1><0><1><1><22><3><1><0>
<243><226><10><13>%<189><145><210>W<202>N<184>^zw3<143>V+<175><137><26><132>
<25><227>Uo<170><249><133><219>8
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Fri Apr 8 07:14:52 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1194 ....
Code: Access-Request
Identifier: 51
Authentic: <159>W<0><0><221><13><0><0>C<21><0><0><129>><0><0>
Attributes:
Message-Authenticator =
u<15><255><138><145><187><234><246><161><159><180>$xG<176><241>
User-Name = "LAN_KITNT_NET\HTFP01"
State = ""
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
NAS-Port-Type = Wireless-IEEE-802-11
Calling-Station-Id = "00-01-f4-ec-97-29"
Framed-MTU = 1000
EAP-Message = <2><4><0><6><25><0>
Fri Apr 8 07:14:52 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:52 2005: DEBUG: Deleting session for LAN_KITNT_NET\HTFP01,
149.158.3.250, 2
Fri Apr 8 07:14:52 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:52 2005: DEBUG: Handling with EAP: code 2, 4, 6
Fri Apr 8 07:14:52 2005: DEBUG: Response type 25
Fri Apr 8 07:14:52 2005: DEBUG: EAP result: 3, EAP PEAP Challenge
Fri Apr 8 07:14:52 2005: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP
Challenge
Fri Apr 8 07:14:52 2005: DEBUG: Access challenged for LAN_KITNT_NET\HTFP01:
EAP PEAP Challenge
Fri Apr 8 07:14:52 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1194 ....
Code: Access-Challenge
Identifier: 51
Authentic: <159>W<0><0><221><13><0><0>C<21><0><0><129>><0><0>
Attributes:
EAP-Message =
<1><5><0><28><25><0><23><3><1><0><17><151><216>si5<179><252><233>g<252><20><
190>s<144><200><152><228>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Fri Apr 8 07:14:52 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1194 ....
Code: Access-Request
Identifier: 52
Authentic: <209><14><0><0><30>s<0><0><202>L<0><0><24>:<0><0>
Attributes:
Message-Authenticator =
<222>oNy<249><140><153><194>t<144>[<134><179>J<206>+
User-Name = "LAN_KITNT_NET\HTFP01"
State = ""
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
NAS-Port-Type = Wireless-IEEE-802-11
Calling-Station-Id = "00-01-f4-ec-97-29"
Framed-MTU = 1000
EAP-Message =
<2><5><0>0<25><0><23><3><1><0>%<130><5><214><29>c<227>zf<150>"<253><26><141>
<225><180><223><130>3<154><6>XS<165><191><255>L\<27>"T<197><222>ylX<253>A
Fri Apr 8 07:14:52 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:52 2005: DEBUG: Deleting session for LAN_KITNT_NET\HTFP01,
149.158.3.250, 2
Fri Apr 8 07:14:52 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:52 2005: DEBUG: Handling with EAP: code 2, 5, 48
Fri Apr 8 07:14:52 2005: DEBUG: Response type 25
Fri Apr 8 07:14:52 2005: DEBUG: EAP PEAP inner authentication request for
anonymous
Fri Apr 8 07:14:52 2005: DEBUG: PEAP Tunnelled request Packet dump:
Code: Access-Request
Identifier: UNDEF
Authentic: <175><197><240><153>D\-<195>\<165><175><3><211><17><134>]
Attributes:
EAP-Message = <2><5><0><21><1>LAN_KITNT_NET\HTFP01
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
User-Name = "anonymous"
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
Calling-Station-Id = "00-01-f4-ec-97-29"
Fri Apr 8 07:14:52 2005: DEBUG: Handling request with Handler
'TunnelledByPEAP=1'
Fri Apr 8 07:14:52 2005: DEBUG: Deleting session for , 149.158.3.250, 2
Fri Apr 8 07:14:52 2005: DEBUG: Handling with Radius::AuthLSA:
Fri Apr 8 07:14:52 2005: DEBUG: Handling with EAP: code 2, 5, 21
Fri Apr 8 07:14:52 2005: DEBUG: Response type 1
Fri Apr 8 07:14:52 2005: DEBUG: EAP result: 3, EAP MSCHAP-V2 Challenge
Fri Apr 8 07:14:52 2005: DEBUG: AuthBy LSA result: CHALLENGE, EAP MSCHAP-V2
Challenge
Fri Apr 8 07:14:52 2005: DEBUG: Access challenged for anonymous: EAP
MSCHAP-V2 Challenge
Fri Apr 8 07:14:52 2005: DEBUG: EAP result: 3, EAP PEAP inner
authentication redespatched to a Handler
Fri Apr 8 07:14:52 2005: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP
inner authentication redespatched to a Handler
Fri Apr 8 07:14:52 2005: DEBUG: Access challenged for LAN_KITNT_NET\HTFP01:
EAP PEAP inner authentication redespatched to a Handler
Fri Apr 8 07:14:52 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1194 ....
Code: Access-Challenge
Identifier: 52
Authentic: <209><14><0><0><30>s<0><0><202>L<0><0><24>:<0><0>
Attributes:
EAP-Message =
<1><6><0>6<25><0><23><3><1><0>+[<227><219><244><162><152>R<204>^<248><140>ow
eF<221><31><240><159><241><213><163>f<173><205>'<131><132><166><224><217><20
2>,lf<148><23>Z<19><15><146><162><4>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Fri Apr 8 07:14:53 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1194 ....
Code: Access-Request
Identifier: 53
Authentic: <230>[<0><0><228><24><0><0><165>w<0><0><209>,<0><0>
Attributes:
Message-Authenticator =
X<142><187><228>/<178>I<165>r<220><128><229><188>n0<155>
User-Name = "LAN_KITNT_NET\HTFP01"
State = ""
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
NAS-Port-Type = Wireless-IEEE-802-11
Calling-Station-Id = "00-01-f4-ec-97-29"
Framed-MTU = 1000
EAP-Message =
<2><6><0>f<25><0><23><3><1><0>[{<215><207><183>6<31><209><227><185><<150><15
9><28><244><3><138>1Z<6><137>*D<171><200>a<224><205><193>e<216><129><26>k<1>
<164><236>k<168><7><163><8><162>ue<232><182><19><244><23><232><25><147>t\eN:
<200><179><1>CVr<210><208><25><21>r<161>&-<214><194><191><194><23><161><241>
<152>d<136>D<226><19><244>_<197>dC<211><245>
Fri Apr 8 07:14:53 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:53 2005: DEBUG: Deleting session for LAN_KITNT_NET\HTFP01,
149.158.3.250, 2
Fri Apr 8 07:14:53 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:53 2005: DEBUG: Handling with EAP: code 2, 6, 102
Fri Apr 8 07:14:53 2005: DEBUG: Response type 25
Fri Apr 8 07:14:53 2005: DEBUG: EAP PEAP inner authentication request for
anonymous
Fri Apr 8 07:14:53 2005: DEBUG: PEAP Tunnelled request Packet dump:
Code: Access-Request
Identifier: UNDEF
Authentic: <162>m<132><248><135>SR4X<223><2>C<149><166><12><133>
Attributes:
EAP-Message =
<2><6><0>K<26><2><6><0>J1<247><192><189>s%<216><217><28>a<248><131><172>0<18
6>p<236><0><0><0><0><0><0><0><0><150><191><171>X<0><2><175><21>/#<192><19><3
0>,<254><245><8>3g<174>5<129>$<251><0>LAN_KITNT_NET\HTFP01
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
User-Name = "anonymous"
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
Calling-Station-Id = "00-01-f4-ec-97-29"
Fri Apr 8 07:14:53 2005: DEBUG: Handling request with Handler
'TunnelledByPEAP=1'
Fri Apr 8 07:14:53 2005: DEBUG: Deleting session for , 149.158.3.250, 2
Fri Apr 8 07:14:53 2005: DEBUG: Handling with Radius::AuthLSA:
Fri Apr 8 07:14:53 2005: DEBUG: Handling with EAP: code 2, 6, 75
Fri Apr 8 07:14:53 2005: DEBUG: Response type 26
Fri Apr 8 07:14:53 2005: DEBUG: Radius::AuthLSA looks for match with
LAN_KITNT_NET\HTFP01
Fri Apr 8 07:14:53 2005: DEBUG: Radius::AuthLSA ACCEPT:
Fri Apr 8 07:14:53 2005: WARNING: Could not LogonUserNetworkMSCHAP (V2):
3221225581, 0, Logon failure: unknown user name or bad password.
Fri Apr 8 07:14:53 2005: DEBUG: EAP result: 1, EAP MSCHAP-V2 Authentication
failure
Fri Apr 8 07:14:53 2005: DEBUG: AuthBy LSA result: REJECT, EAP MSCHAP-V2
Authentication failure
Fri Apr 8 07:14:53 2005: INFO: Access rejected for anonymous: EAP MSCHAP-V2
Authentication failure
Fri Apr 8 07:14:53 2005: DEBUG: EAP result: 3, EAP PEAP inner
authentication redespatched to a Handler
Fri Apr 8 07:14:53 2005: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP
inner authentication redespatched to a Handler
Fri Apr 8 07:14:53 2005: DEBUG: Access challenged for LAN_KITNT_NET\HTFP01:
EAP PEAP inner authentication redespatched to a Handler
Fri Apr 8 07:14:53 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1194 ....
Code: Access-Challenge
Identifier: 53
Authentic: <230>[<0><0><228><24><0><0><165>w<0><0><209>,<0><0>
Attributes:
EAP-Message =
<1><7><0>&<25><0><23><3><1><0><27>q<223>'<188>d<27><177><222><24><228>-=<30>
%<29><201>P<224><191>`<207>_<140>Y<236> ~
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Fri Apr 8 07:14:53 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1194 ....
Code: Access-Request
Identifier: 54
Authentic: N<27><0><0>_<1><0><0><208>r<0><0>>d<0><0>
Attributes:
Message-Authenticator =
9d<233>,<208><177>)V!<151><<237><158><183><16><174>
User-Name = "LAN_KITNT_NET\HTFP01"
State = ""
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
NAS-Port-Type = Wireless-IEEE-802-11
Calling-Station-Id = "00-01-f4-ec-97-29"
Framed-MTU = 1000
EAP-Message =
<2><7><0>&<25><0><23><3><1><0><27>)A<252><9>LR<4><176><232><198><172><196><1
9><247><176><255>|<211>o|<<136>V<23>E<242><29>
Fri Apr 8 07:14:53 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:53 2005: DEBUG: Deleting session for LAN_KITNT_NET\HTFP01,
149.158.3.250, 2
Fri Apr 8 07:14:53 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:53 2005: DEBUG: Handling with EAP: code 2, 7, 38
Fri Apr 8 07:14:53 2005: DEBUG: Response type 25
Fri Apr 8 07:14:53 2005: DEBUG: EAP result: 1, PEAP Authentication Failure
Fri Apr 8 07:14:53 2005: DEBUG: AuthBy FILE result: REJECT, PEAP
Authentication Failure
Fri Apr 8 07:14:53 2005: INFO: Access rejected for LAN_KITNT_NET\HTFP01:
PEAP Authentication Failure
Fri Apr 8 07:14:53 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1194 ....
Code: Access-Reject
Identifier: 54
Authentic: N<27><0><0>_<1><0><0><208>r<0><0>>d<0><0>
Attributes:
EAP-Message = <4><7><0><4>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Reply-Message = "Request Denied"
Fri Apr 8 07:14:55 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1195 ....
Code: Access-Request
Identifier: 55
Authentic: k[<0><0><226>D<0><0>y:<0><0><21>f<0><0>
Attributes:
User-Name = "00-01-f4-ec-97-29"
User-Password = "XK<194><149>n|<233><137>I<185>@<213>*<135>h<188>"
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
Fri Apr 8 07:14:55 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:55 2005: DEBUG: Deleting session for 00-01-f4-ec-97-29,
149.158.3.250, 2
Fri Apr 8 07:14:55 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:55 2005: DEBUG: Radius::AuthFILE looks for match with
00-01-f4-ec-97-29
Fri Apr 8 07:14:55 2005: DEBUG: AuthBy FILE result: REJECT, No such user
Fri Apr 8 07:14:55 2005: INFO: Access rejected for 00-01-f4-ec-97-29: No
such user
Fri Apr 8 07:14:55 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1195 ....
Code: Access-Reject
Identifier: 55
Authentic: k[<0><0><226>D<0><0>y:<0><0><21>f<0><0>
Attributes:
Reply-Message = "Request Denied"
Fri Apr 8 07:14:55 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1196 ....
Code: Access-Request
Identifier: 56
Authentic: 6 <0><0><209>-<0><0><168>z<0><0>7x<0><0>
Attributes:
Message-Authenticator =
<30><233>@<167>J<200><183><246>@<238><24><175>8<199>!<183>
User-Name = "LAN_KITNT_NET\HTFP01"
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
NAS-Port-Type = Wireless-IEEE-802-11
Calling-Station-Id = "00-01-f4-ec-97-29"
EAP-Message = <2><1><0><25><1>LAN_KITNT_NET\HTFP01
Framed-MTU = 1000
Fri Apr 8 07:14:55 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:55 2005: DEBUG: Deleting session for LAN_KITNT_NET\HTFP01,
149.158.3.250, 2
Fri Apr 8 07:14:55 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:55 2005: DEBUG: Handling with EAP: code 2, 1, 25
Fri Apr 8 07:14:55 2005: DEBUG: Response type 1
Fri Apr 8 07:14:55 2005: DEBUG: EAP result: 3, EAP PEAP Challenge
Fri Apr 8 07:14:55 2005: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP
Challenge
Fri Apr 8 07:14:55 2005: DEBUG: Access challenged for LAN_KITNT_NET\HTFP01:
EAP PEAP Challenge
Fri Apr 8 07:14:55 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1196 ....
Code: Access-Challenge
Identifier: 56
Authentic: 6 <0><0><209>-<0><0><168>z<0><0>7x<0><0>
Attributes:
EAP-Message = <1><2><0><6><25>!
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Fri Apr 8 07:14:55 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1196 ....
Code: Access-Request
Identifier: 57
Authentic: W,<0><0>9}<0><0>"g<0><0>2S<0><0>
Attributes:
Message-Authenticator =
I<199><221><4>!<26><218><200>eR~<184><133><129><228><186>
User-Name = "LAN_KITNT_NET\HTFP01"
State = ""
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
NAS-Port-Type = Wireless-IEEE-802-11
Calling-Station-Id = "00-01-f4-ec-97-29"
Framed-MTU = 1000
EAP-Message =
<2><2><0>P<25><128><0><0><0>F<22><3><1><0>A<1><0><0>=<3><1>BVd<182><186><185
><244><156><204>]<182><202><185><7><211>Y<202><251><29>;<188>o}J3<12><191><1
5>G<153><127>f<0><0><22><0><4><0><5><0><10><0><9><0>d<0>b<0><3><0><6><0><19>
<0><18><0>c<1><0>
Fri Apr 8 07:14:55 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:55 2005: DEBUG: Deleting session for LAN_KITNT_NET\HTFP01,
149.158.3.250, 2
Fri Apr 8 07:14:55 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:55 2005: DEBUG: Handling with EAP: code 2, 2, 80
Fri Apr 8 07:14:55 2005: DEBUG: Response type 25
Fri Apr 8 07:14:55 2005: DEBUG: EAP TLS SSL_accept result: -1, 2, 8576
Fri Apr 8 07:14:55 2005: DEBUG: EAP result: 3, EAP PEAP Challenge
Fri Apr 8 07:14:55 2005: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP
Challenge
Fri Apr 8 07:14:55 2005: DEBUG: Access challenged for LAN_KITNT_NET\HTFP01:
EAP PEAP Challenge
Fri Apr 8 07:14:55 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1196 ....
Code: Access-Challenge
Identifier: 57
Authentic: W,<0><0>9}<0><0>"g<0><0>2S<0><0>
Attributes:
EAP-Message =
<1><3><3><222><25><128><0><0><3><212><22><3><1><0>J<2><0><0>F<3><1>BVg<175><
7><1><185><222><11><241><202><174><232><150><172><162><197><191><160>w<233><
166><248>(8<172>7P<241>M<29>E
<246><210>OdT<253>?8<237><246>R5h<190>D<173>~R<197><241><216><15><231>s<18>Y
y<140><13><141><148><25><0><4><0><22><3><1><2><219><11><0><2><215><0><2><212
><0><2><209>0<130><2><205>0<130><2>6<160><3><2><1><2><2><1><2>0<13><6><9>*<1
34>H<134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1
<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne
1<30>0<28><6><3>U<4><10><19><21>OSC Demo
Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate Sec
EAP-Message = tion1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in
production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30><23><
13>040316080209Z<23><13>060316080209Z0u1<11>0<9><6><3>U<4><6><19><2>AU1<17>0
<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<24>
0<22><6><3>U<4><10><19><15>My Test
Company1%0#<6><3>U<4><3><19><28>test.server.some.company.com0<129><159>0<13>
<6><9>*<134>H<134><247><13><1><1>
EAP-Message =
<1><5><0><3><129><141><0>0<129><137><2><129><129><0><216>4<7><6><214><234>/<
241>.9<209><250>\y<1><149>[<215><24>e<133><15><223>d<176><132>Z<222>#<234><1
2>%<133>aF<28><20><24><218><160><197><239><237><136><222><218><138><6><19><2
47>}*3B<155><24>TE<18><240><194><220><164><183>9<192><176>/<16>HI<220><169>v
N<215>)<31><207><24><157><230>G<186>)<246>J<195><171><154><249><220>v<17><15
9><2>x<29><136><148>:b<170><254><4><207><183><144><210><251>+<233><135>0<212
>Y<207><158>N<226><136><12><132><143><250><182><218>W<2><3><1><0><1><163><23
>0<21>0<19><6><3>U<29>%<4><12>0<10><6><8>+<6><1><5><5><7><3><1>0<13><6><9>*<
134>H<134><247><13><1><1><4><5><0><3><129><129><0>n<23><196><159>c<165><188>
>q<129>X<13>=l?<174><155><170><162><189><20><25>az<19>o<202><250>|B8N<209><2
25><253>?hv<170><193><235><2>b<16><201>}<250>,<181>q<154>%<182><29><179>p<21
1><248>oba<
EAP-Message =
JP<13>p<12>+<154><199>1<16><208><138><21><141>'wrX<214>NUW<231><173><25>w<21
5><13><152><154>T<218><8><246><202>.<177>9s*<220><219>n"Gu<188><254><206>U?<
214>)<181>I2^<157><225><174><232>2e<185>k<131><22><3><1><0><160><13><0><0><1
52><2><1><2><0><147><0><145>0<129><142>1<11>0<9><6><3>U<4><6><19><2>us1<20>0
<18><6><3>U<4><8><19><11>Connecticut1<19>0<17><6><3>U<4><7><19><10>Bloomfiel
d1<26>0<24><6><3>U<4><10><19><17>Kaman
Corporation1<21>0<19><6><3>U<4><3><19><12>Bill
Stewart1!0<31><6><9>*<134>H<134><247><13><1><9><1><22><18>wjs-corp at kaman.com
<14><0><0><0>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Fri Apr 8 07:14:55 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1196 ....
Code: Access-Request
Identifier: 58
Authentic: <250>%<0><0><186>N<0><0>c<12><0><0>U<7><0><0>
Attributes:
Message-Authenticator =
<190><237><171><230><212><154><202>/><253><223><150><139>pi<188>
User-Name = "LAN_KITNT_NET\HTFP01"
State = ""
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
NAS-Port-Type = Wireless-IEEE-802-11
Calling-Station-Id = "00-01-f4-ec-97-29"
Framed-MTU = 1000
EAP-Message =
<2><3><0><199><25><128><0><0><0><189><22><3><1><0><141><11><0><0><3><0><0><0
><16><0><0><130><0><128><190><216>6{<165><22><221>_Qp<134><183>z<250><236><1
93><189><208>Y[9<240><127><185><154><16><15>O<235><154>`<251><220><252><185>
<138>/<1><146><179>M<137><157><28><159><145>,VT<154>{zS<161>CR<224><196><11>
<251>ffFnn<219>l#<128>)<20><242><23><22><222><16><193><249><20><2>E<175><230
><250><12>/MF<207><127><211>FiR<199><210><244><232>L<223>)<30><199>L<156>Wd<
238><147>4<29><13><224>De<164><228><144>t<247><206><151><157><196><224>l\<18
5><20><3><1><0><1><1><22><3><1><0>
<8><147><214><30>|<151>Q<13><156><5><199><127><198><239>_<171><14><211>Mk<18
1><171><22><159><229><132><248><218><176><202><202><252>
Fri Apr 8 07:14:55 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:55 2005: DEBUG: Deleting session for LAN_KITNT_NET\HTFP01,
149.158.3.250, 2
Fri Apr 8 07:14:55 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:55 2005: DEBUG: Handling with EAP: code 2, 3, 199
Fri Apr 8 07:14:55 2005: DEBUG: Response type 25
Fri Apr 8 07:14:55 2005: DEBUG: EAP TLS SSL_accept result: 1, 0, 3
Fri Apr 8 07:14:55 2005: DEBUG: EAP result: 3, EAP PEAP Challenge
Fri Apr 8 07:14:55 2005: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP
Challenge
Fri Apr 8 07:14:55 2005: DEBUG: Access challenged for LAN_KITNT_NET\HTFP01:
EAP PEAP Challenge
Fri Apr 8 07:14:55 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1196 ....
Code: Access-Challenge
Identifier: 58
Authentic: <250>%<0><0><186>N<0><0>c<12><0><0>U<7><0><0>
Attributes:
EAP-Message =
<1><4><0>5<25><128><0><0><0>+<20><3><1><0><1><1><22><3><1><0>
VmN<1>V<169><187><142><224><249>!Ko<223><195><135><244>l%#<242><191><144>9OQ
<188><17><152><155>gl
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Fri Apr 8 07:14:55 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1196 ....
Code: Access-Request
Identifier: 59
Authentic: <137>w<0><0>QN<0><0>T<127><0><0><228>@<0><0>
Attributes:
Message-Authenticator =
<150>&Y<16>S]<158>l<238>g<9>3<144><155><150><235>
User-Name = "LAN_KITNT_NET\HTFP01"
State = ""
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
NAS-Port-Type = Wireless-IEEE-802-11
Calling-Station-Id = "00-01-f4-ec-97-29"
Framed-MTU = 1000
EAP-Message = <2><4><0><6><25><0>
Fri Apr 8 07:14:55 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:55 2005: DEBUG: Deleting session for LAN_KITNT_NET\HTFP01,
149.158.3.250, 2
Fri Apr 8 07:14:55 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:55 2005: DEBUG: Handling with EAP: code 2, 4, 6
Fri Apr 8 07:14:55 2005: DEBUG: Response type 25
Fri Apr 8 07:14:55 2005: DEBUG: EAP result: 3, EAP PEAP Challenge
Fri Apr 8 07:14:55 2005: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP
Challenge
Fri Apr 8 07:14:55 2005: DEBUG: Access challenged for LAN_KITNT_NET\HTFP01:
EAP PEAP Challenge
Fri Apr 8 07:14:55 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1196 ....
Code: Access-Challenge
Identifier: 59
Authentic: <137>w<0><0>QN<0><0>T<127><0><0><228>@<0><0>
Attributes:
EAP-Message =
<1><5><0><28><25><0><23><3><1><0><17><166>E<208>7b`<198><5>_<152>4<194>(<168
>o<165><144>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Fri Apr 8 07:14:55 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1196 ....
Code: Access-Request
Identifier: 60
Authentic: <183>6<0><0>v@<0><0>3Y<0><0><145>s<0><0>
Attributes:
Message-Authenticator =
<153><144><161>9<18><148><177><238>`<193><208>D=M<161>o
User-Name = "LAN_KITNT_NET\HTFP01"
State = ""
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
NAS-Port-Type = Wireless-IEEE-802-11
Calling-Station-Id = "00-01-f4-ec-97-29"
Framed-MTU = 1000
EAP-Message =
<2><5><0>0<25><0><23><3><1><0>%dV<29><134><130>F&<210>$<28><196>j<217><25><1
88>1<136>-<238><191>n<243>uM<180>p<182><128><166>U^<227>I<230><196>4<157>
Fri Apr 8 07:14:55 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:55 2005: DEBUG: Deleting session for LAN_KITNT_NET\HTFP01,
149.158.3.250, 2
Fri Apr 8 07:14:55 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:55 2005: DEBUG: Handling with EAP: code 2, 5, 48
Fri Apr 8 07:14:55 2005: DEBUG: Response type 25
Fri Apr 8 07:14:55 2005: DEBUG: EAP PEAP inner authentication request for
anonymous
Fri Apr 8 07:14:55 2005: DEBUG: PEAP Tunnelled request Packet dump:
Code: Access-Request
Identifier: UNDEF
Authentic: 9<223><210>D<155>`<196><222><23>><153><193>+&t<150>
Attributes:
EAP-Message = <2><5><0><21><1>LAN_KITNT_NET\HTFP01
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
User-Name = "anonymous"
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
Calling-Station-Id = "00-01-f4-ec-97-29"
Fri Apr 8 07:14:55 2005: DEBUG: Handling request with Handler
'TunnelledByPEAP=1'
Fri Apr 8 07:14:55 2005: DEBUG: Deleting session for , 149.158.3.250, 2
Fri Apr 8 07:14:55 2005: DEBUG: Handling with Radius::AuthLSA:
Fri Apr 8 07:14:55 2005: DEBUG: Handling with EAP: code 2, 5, 21
Fri Apr 8 07:14:55 2005: DEBUG: Response type 1
Fri Apr 8 07:14:55 2005: DEBUG: EAP result: 3, EAP MSCHAP-V2 Challenge
Fri Apr 8 07:14:55 2005: DEBUG: AuthBy LSA result: CHALLENGE, EAP MSCHAP-V2
Challenge
Fri Apr 8 07:14:55 2005: DEBUG: Access challenged for anonymous: EAP
MSCHAP-V2 Challenge
Fri Apr 8 07:14:55 2005: DEBUG: EAP result: 3, EAP PEAP inner
authentication redespatched to a Handler
Fri Apr 8 07:14:55 2005: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP
inner authentication redespatched to a Handler
Fri Apr 8 07:14:55 2005: DEBUG: Access challenged for LAN_KITNT_NET\HTFP01:
EAP PEAP inner authentication redespatched to a Handler
Fri Apr 8 07:14:55 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1196 ....
Code: Access-Challenge
Identifier: 60
Authentic: <183>6<0><0>v@<0><0>3Y<0><0><145>s<0><0>
Attributes:
EAP-Message =
<1><6><0>6<25><0><23><3><1><0>+<158>KGt<8><240><134>l<138><253><163>XL<167>y
<196><224>{x<131><178>0<128>N<4><227>X<235><251><154><249>N<240><170><221>R<
241><215>p<22><246>o<15>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Fri Apr 8 07:14:55 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1196 ....
Code: Access-Request
Identifier: 61
Authentic: Ip<0><0><245>o<0><0>C<6><0><0><187>A<0><0>
Attributes:
Message-Authenticator =
<175><205><19><5>Z!<5><204><182><184>ht<160><16>`<237>
User-Name = "LAN_KITNT_NET\HTFP01"
State = ""
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
NAS-Port-Type = Wireless-IEEE-802-11
Calling-Station-Id = "00-01-f4-ec-97-29"
Framed-MTU = 1000
EAP-Message =
<2><6><0>f<25><0><23><3><1><0>[/<183>J<187>zf<133><169><0><198><221>I<255><1
53>37Nt<30>D<163>a<217><27><173><18><11><165><135>'<154><132>t<168><229><153
><213>W<185>I<183>f<247><0><253><179>6<244>C<130>N<160><162><178>8<240>[<195
><18><164><134><228><228><249>i<216>/<221><142><179>j<245>R<211><183><192>L<
201><232>AW<19>!~<202>b<209><154><224><198>x
Fri Apr 8 07:14:55 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:55 2005: DEBUG: Deleting session for LAN_KITNT_NET\HTFP01,
149.158.3.250, 2
Fri Apr 8 07:14:55 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:55 2005: DEBUG: Handling with EAP: code 2, 6, 102
Fri Apr 8 07:14:55 2005: DEBUG: Response type 25
Fri Apr 8 07:14:55 2005: DEBUG: EAP PEAP inner authentication request for
anonymous
Fri Apr 8 07:14:55 2005: DEBUG: PEAP Tunnelled request Packet dump:
Code: Access-Request
Identifier: UNDEF
Authentic: #<222>nK<17><17>[X)<222>E<249>(1v<174>
Attributes:
EAP-Message =
<2><6><0>K<26><2><6><0>J1X<204><199>KQ<222><213>hA<160><246><10>.:<131><254>
<0><0><0><0><0><0><0><0><5><159><151><213>A<31><190><218>LOHj<136><189><250>
<248><249>9)3<210>T<2>Q<0>LAN_KITNT_NET\HTFP01
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
User-Name = "anonymous"
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
Calling-Station-Id = "00-01-f4-ec-97-29"
Fri Apr 8 07:14:55 2005: DEBUG: Handling request with Handler
'TunnelledByPEAP=1'
Fri Apr 8 07:14:55 2005: DEBUG: Deleting session for , 149.158.3.250, 2
Fri Apr 8 07:14:55 2005: DEBUG: Handling with Radius::AuthLSA:
Fri Apr 8 07:14:55 2005: DEBUG: Handling with EAP: code 2, 6, 75
Fri Apr 8 07:14:55 2005: DEBUG: Response type 26
Fri Apr 8 07:14:55 2005: DEBUG: Radius::AuthLSA looks for match with
LAN_KITNT_NET\HTFP01
Fri Apr 8 07:14:55 2005: DEBUG: Radius::AuthLSA ACCEPT:
Fri Apr 8 07:14:55 2005: WARNING: Could not LogonUserNetworkMSCHAP (V2):
3221225581, 0, Logon failure: unknown user name or bad password.
Fri Apr 8 07:14:55 2005: DEBUG: EAP result: 1, EAP MSCHAP-V2 Authentication
failure
Fri Apr 8 07:14:55 2005: DEBUG: AuthBy LSA result: REJECT, EAP MSCHAP-V2
Authentication failure
Fri Apr 8 07:14:55 2005: INFO: Access rejected for anonymous: EAP MSCHAP-V2
Authentication failure
Fri Apr 8 07:14:55 2005: DEBUG: EAP result: 3, EAP PEAP inner
authentication redespatched to a Handler
Fri Apr 8 07:14:55 2005: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP
inner authentication redespatched to a Handler
Fri Apr 8 07:14:55 2005: DEBUG: Access challenged for LAN_KITNT_NET\HTFP01:
EAP PEAP inner authentication redespatched to a Handler
Fri Apr 8 07:14:55 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1196 ....
Code: Access-Challenge
Identifier: 61
Authentic: Ip<0><0><245>o<0><0>C<6><0><0><187>A<0><0>
Attributes:
EAP-Message =
<1><7><0>&<25><0><23><3><1><0><27><131><189><161><203><128>Yo<177>Lo<25><145
>q<172><227><247>_<216>Cy@`@h<138>><174>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Fri Apr 8 07:14:55 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1196 ....
Code: Access-Request
Identifier: 62
Authentic: <167>d<0><0><140><29><0><0>3S<0><0>f<27><0><0>
Attributes:
Message-Authenticator =
<9>ok<226>a<206>5<156><194><6><196>Z<198><218><197><202>
User-Name = "LAN_KITNT_NET\HTFP01"
State = ""
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
NAS-Port-Type = Wireless-IEEE-802-11
Calling-Station-Id = "00-01-f4-ec-97-29"
Framed-MTU = 1000
EAP-Message =
<2><7><0>&<25><0><23><3><1><0><27><149><161><28><167>Fv<214><21><150><226>4<
214>n<166>O<22><164><191><236>3}<204>_<134><7><249><157>
Fri Apr 8 07:14:55 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:55 2005: DEBUG: Deleting session for LAN_KITNT_NET\HTFP01,
149.158.3.250, 2
Fri Apr 8 07:14:55 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:55 2005: DEBUG: Handling with EAP: code 2, 7, 38
Fri Apr 8 07:14:55 2005: DEBUG: Response type 25
Fri Apr 8 07:14:55 2005: DEBUG: EAP result: 1, PEAP Authentication Failure
Fri Apr 8 07:14:55 2005: DEBUG: AuthBy FILE result: REJECT, PEAP
Authentication Failure
Fri Apr 8 07:14:55 2005: INFO: Access rejected for LAN_KITNT_NET\HTFP01:
PEAP Authentication Failure
Fri Apr 8 07:14:55 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1196 ....
Code: Access-Reject
Identifier: 62
Authentic: <167>d<0><0><140><29><0><0>3S<0><0>f<27><0><0>
Attributes:
EAP-Message = <4><7><0><4>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Reply-Message = "Request Denied"
Fri Apr 8 07:14:56 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1197 ....
Code: Access-Request
Identifier: 63
Authentic: <162><13><0><0>h<9><0><0><201><21><0><0><127>i<0><0>
Attributes:
User-Name = "00-01-f4-ec-97-29"
User-Password =
"<27><252><158><163><137>D<136>Y<242>c<175>f<198><185><218><159>"
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
Fri Apr 8 07:14:56 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:56 2005: DEBUG: Deleting session for 00-01-f4-ec-97-29,
149.158.3.250, 2
Fri Apr 8 07:14:56 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:56 2005: DEBUG: Radius::AuthFILE looks for match with
00-01-f4-ec-97-29
Fri Apr 8 07:14:56 2005: DEBUG: AuthBy FILE result: REJECT, No such user
Fri Apr 8 07:14:56 2005: INFO: Access rejected for 00-01-f4-ec-97-29: No
such user
Fri Apr 8 07:14:56 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1197 ....
Code: Access-Reject
Identifier: 63
Authentic: <162><13><0><0>h<9><0><0><201><21><0><0><127>i<0><0>
Attributes:
Reply-Message = "Request Denied"
Fri Apr 8 07:14:56 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1198 ....
Code: Access-Request
Identifier: 64
Authentic: Q<20><0><0><132><5><0><0>0.<0><0><205>6<0><0>
Attributes:
Message-Authenticator =
&<193><31>F<228><233><8><177><175><+<173><184><193><2><31>
User-Name = "LAN_KITNT_NET\HTFP01"
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
NAS-Port-Type = Wireless-IEEE-802-11
Calling-Station-Id = "00-01-f4-ec-97-29"
EAP-Message = <2><1><0><25><1>LAN_KITNT_NET\HTFP01
Framed-MTU = 1000
Fri Apr 8 07:14:56 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:56 2005: DEBUG: Deleting session for LAN_KITNT_NET\HTFP01,
149.158.3.250, 2
Fri Apr 8 07:14:56 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:56 2005: DEBUG: Handling with EAP: code 2, 1, 25
Fri Apr 8 07:14:56 2005: DEBUG: Response type 1
Fri Apr 8 07:14:56 2005: DEBUG: EAP result: 3, EAP PEAP Challenge
Fri Apr 8 07:14:56 2005: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP
Challenge
Fri Apr 8 07:14:56 2005: DEBUG: Access challenged for LAN_KITNT_NET\HTFP01:
EAP PEAP Challenge
Fri Apr 8 07:14:56 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1198 ....
Code: Access-Challenge
Identifier: 64
Authentic: Q<20><0><0><132><5><0><0>0.<0><0><205>6<0><0>
Attributes:
EAP-Message = <1><2><0><6><25>!
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Fri Apr 8 07:14:56 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1198 ....
Code: Access-Request
Identifier: 65
Authentic: <246>L<0><0>FY<0><0><174>E<0><0><252><10><0><0>
Attributes:
Message-Authenticator = <179><22>%<171>=N<31>C;v-<187>uq<177><168>
User-Name = "LAN_KITNT_NET\HTFP01"
State = ""
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
NAS-Port-Type = Wireless-IEEE-802-11
Calling-Station-Id = "00-01-f4-ec-97-29"
Framed-MTU = 1000
EAP-Message =
<2><2><0>P<25><128><0><0><0>F<22><3><1><0>A<1><0><0>=<3><1>BVd<184>J<160>K<1
1><10><13><246>`<243><211><219><152>>E
@<239>$b<239><204>cdth<192><252><228><0><0><22><0><4><0><5><0><10><0><9><0>d
<0>b<0><3><0><6><0><19><0><18><0>c<1><0>
Fri Apr 8 07:14:56 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:56 2005: DEBUG: Deleting session for LAN_KITNT_NET\HTFP01,
149.158.3.250, 2
Fri Apr 8 07:14:56 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:56 2005: DEBUG: Handling with EAP: code 2, 2, 80
Fri Apr 8 07:14:56 2005: DEBUG: Response type 25
Fri Apr 8 07:14:56 2005: DEBUG: EAP TLS SSL_accept result: -1, 2, 8576
Fri Apr 8 07:14:56 2005: DEBUG: EAP result: 3, EAP PEAP Challenge
Fri Apr 8 07:14:56 2005: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP
Challenge
Fri Apr 8 07:14:56 2005: DEBUG: Access challenged for LAN_KITNT_NET\HTFP01:
EAP PEAP Challenge
Fri Apr 8 07:14:56 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1198 ....
Code: Access-Challenge
Identifier: 65
Authentic: <246>L<0><0>FY<0><0><174>E<0><0><252><10><0><0>
Attributes:
EAP-Message =
<1><3><3><222><25><128><0><0><3><212><22><3><1><0>J<2><0><0>F<3><1>BVg<176><
243><252>nV<159><184><178>(<210><243>B<248><192><246>[<221>Tn}<249>b<182><20
9>^/W<208><255>
<191>F#<25>2<187><197><166>x<164>ETf<27>~<161><227>?4<162><214><22><20><148>
d<175><129><204><200>!<158><158><0><4><0><22><3><1><2><219><11><0><2><215><0
><2><212><0><2><209>0<130><2><205>0<130><2>6<160><3><2><1><2><2><1><2>0<13><
6><9>*<134>H<134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><1
9><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>M
elbourne1<30>0<28><6><3>U<4><10><19><21>OSC Demo
Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate Sec
EAP-Message = tion1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in
production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30><23><
13>040316080209Z<23><13>060316080209Z0u1<11>0<9><6><3>U<4><6><19><2>AU1<17>0
<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<24>
0<22><6><3>U<4><10><19><15>My Test
Company1%0#<6><3>U<4><3><19><28>test.server.some.company.com0<129><159>0<13>
<6><9>*<134>H<134><247><13><1><1>
EAP-Message =
<1><5><0><3><129><141><0>0<129><137><2><129><129><0><216>4<7><6><214><234>/<
241>.9<209><250>\y<1><149>[<215><24>e<133><15><223>d<176><132>Z<222>#<234><1
2>%<133>aF<28><20><24><218><160><197><239><237><136><222><218><138><6><19><2
47>}*3B<155><24>TE<18><240><194><220><164><183>9<192><176>/<16>HI<220><169>v
N<215>)<31><207><24><157><230>G<186>)<246>J<195><171><154><249><220>v<17><15
9><2>x<29><136><148>:b<170><254><4><207><183><144><210><251>+<233><135>0<212
>Y<207><158>N<226><136><12><132><143><250><182><218>W<2><3><1><0><1><163><23
>0<21>0<19><6><3>U<29>%<4><12>0<10><6><8>+<6><1><5><5><7><3><1>0<13><6><9>*<
134>H<134><247><13><1><1><4><5><0><3><129><129><0>n<23><196><159>c<165><188>
>q<129>X<13>=l?<174><155><170><162><189><20><25>az<19>o<202><250>|B8N<209><2
25><253>?hv<170><193><235><2>b<16><201>}<250>,<181>q<154>%<182><29><179>p<21
1><248>oba<
EAP-Message =
JP<13>p<12>+<154><199>1<16><208><138><21><141>'wrX<214>NUW<231><173><25>w<21
5><13><152><154>T<218><8><246><202>.<177>9s*<220><219>n"Gu<188><254><206>U?<
214>)<181>I2^<157><225><174><232>2e<185>k<131><22><3><1><0><160><13><0><0><1
52><2><1><2><0><147><0><145>0<129><142>1<11>0<9><6><3>U<4><6><19><2>us1<20>0
<18><6><3>U<4><8><19><11>Connecticut1<19>0<17><6><3>U<4><7><19><10>Bloomfiel
d1<26>0<24><6><3>U<4><10><19><17>Kaman
Corporation1<21>0<19><6><3>U<4><3><19><12>Bill
Stewart1!0<31><6><9>*<134>H<134><247><13><1><9><1><22><18>wjs-corp at kaman.com
<14><0><0><0>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Fri Apr 8 07:14:56 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1198 ....
Code: Access-Request
Identifier: 66
Authentic: j5<0><0><28><25><0><0><149>(<0><0><181>e<0><0>
Attributes:
Message-Authenticator =
<10>T<138><229><21><218>%<139>6<236><236>'e<224><16>f
User-Name = "LAN_KITNT_NET\HTFP01"
State = ""
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
NAS-Port-Type = Wireless-IEEE-802-11
Calling-Station-Id = "00-01-f4-ec-97-29"
Framed-MTU = 1000
EAP-Message =
<2><3><0><199><25><128><0><0><0><189><22><3><1><0><141><11><0><0><3><0><0><0
><16><0><0><130><0><128>-<169><6>]<28><237><149><164><213><252><250><252><30
>y<245>c<211><181><154><234><147>j<166><255><7><8>t<145><28><152><151>8<148>
=<211>pX<5>[<138>m<5>5C<245>1<206><218><7><8>na<212><234><233><147>:[<134><1
90>t<200><165>f<18>y<246><198><166><191><21>X<202>-<29><162><237><180><25>EW
8<189>pe<252>x<173>hf<203><207><222>i<230>9<227><223><150>]<208><169><14><28
><132>m`<227><146><210>:d<140><189><229><221>77<241><189>6<247>?[<244>[}<203
><20><3><1><0><1><1><22><3><1><0>
Z<156><144><255>J<177>F<161>G<183><18>Vh<203><3>*Q$<29>D88N<218><199>p%<1><2
7>X<254><185>
Fri Apr 8 07:14:57 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:57 2005: DEBUG: Deleting session for LAN_KITNT_NET\HTFP01,
149.158.3.250, 2
Fri Apr 8 07:14:57 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:57 2005: DEBUG: Handling with EAP: code 2, 3, 199
Fri Apr 8 07:14:57 2005: DEBUG: Response type 25
Fri Apr 8 07:14:57 2005: DEBUG: EAP TLS SSL_accept result: 1, 0, 3
Fri Apr 8 07:14:57 2005: DEBUG: EAP result: 3, EAP PEAP Challenge
Fri Apr 8 07:14:57 2005: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP
Challenge
Fri Apr 8 07:14:57 2005: DEBUG: Access challenged for LAN_KITNT_NET\HTFP01:
EAP PEAP Challenge
Fri Apr 8 07:14:57 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1198 ....
Code: Access-Challenge
Identifier: 66
Authentic: j5<0><0><28><25><0><0><149>(<0><0><181>e<0><0>
Attributes:
EAP-Message =
<1><4><0>5<25><128><0><0><0>+<20><3><1><0><1><1><22><3><1><0>
m<246>Wz<130><163>`<184><10><163><181><144>l<14><248><204><30>P<220>CK<29>p<
14><249><8>9c<225>!<195>@
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Fri Apr 8 07:14:57 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1198 ....
Code: Access-Request
Identifier: 67
Authentic: <228>#<0><0>*P<0><0><132>]<0><0><19>g<0><0>
Attributes:
Message-Authenticator =
<159><244><154><11><6><243><182>g-$Y^R<133><221>c
User-Name = "LAN_KITNT_NET\HTFP01"
State = ""
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
NAS-Port-Type = Wireless-IEEE-802-11
Calling-Station-Id = "00-01-f4-ec-97-29"
Framed-MTU = 1000
EAP-Message = <2><4><0><6><25><0>
Fri Apr 8 07:14:57 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:57 2005: DEBUG: Deleting session for LAN_KITNT_NET\HTFP01,
149.158.3.250, 2
Fri Apr 8 07:14:57 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:57 2005: DEBUG: Handling with EAP: code 2, 4, 6
Fri Apr 8 07:14:57 2005: DEBUG: Response type 25
Fri Apr 8 07:14:57 2005: DEBUG: EAP result: 3, EAP PEAP Challenge
Fri Apr 8 07:14:57 2005: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP
Challenge
Fri Apr 8 07:14:57 2005: DEBUG: Access challenged for LAN_KITNT_NET\HTFP01:
EAP PEAP Challenge
Fri Apr 8 07:14:57 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1198 ....
Code: Access-Challenge
Identifier: 67
Authentic: <228>#<0><0>*P<0><0><132>]<0><0><19>g<0><0>
Attributes:
EAP-Message = <1><5><0><28><25><0><23><3><1><0><17><198>
q<<214>.<176><163>-<154><203>+$<192><236>~<191>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Fri Apr 8 07:14:57 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1198 ....
Code: Access-Request
Identifier: 68
Authentic: <206>R<0><0><250><20><0><0><169>Z<0><0>6B<0><0>
Attributes:
Message-Authenticator =
<201>#0<171><150><22><175><20><235>b<17>I<213>+<143>e
User-Name = "LAN_KITNT_NET\HTFP01"
State = ""
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
NAS-Port-Type = Wireless-IEEE-802-11
Calling-Station-Id = "00-01-f4-ec-97-29"
Framed-MTU = 1000
EAP-Message =
<2><5><0>0<25><0><23><3><1><0>%<177>{<157><5><25>f<28><2><0><193><159>.<192>
<158>N<16><246><25><149><30><236><187><202><167>z<184>-<177><184>d<190><132>
<129><211>a4A
Fri Apr 8 07:14:57 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:57 2005: DEBUG: Deleting session for LAN_KITNT_NET\HTFP01,
149.158.3.250, 2
Fri Apr 8 07:14:57 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:57 2005: DEBUG: Handling with EAP: code 2, 5, 48
Fri Apr 8 07:14:57 2005: DEBUG: Response type 25
Fri Apr 8 07:14:57 2005: DEBUG: EAP PEAP inner authentication request for
anonymous
Fri Apr 8 07:14:57 2005: DEBUG: PEAP Tunnelled request Packet dump:
Code: Access-Request
Identifier: UNDEF
Authentic: <254>t~<194>M<168>"*<254>T<144>uvr<212>,
Attributes:
EAP-Message = <2><5><0><21><1>LAN_KITNT_NET\HTFP01
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
User-Name = "anonymous"
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
Calling-Station-Id = "00-01-f4-ec-97-29"
Fri Apr 8 07:14:57 2005: DEBUG: Handling request with Handler
'TunnelledByPEAP=1'
Fri Apr 8 07:14:57 2005: DEBUG: Deleting session for , 149.158.3.250, 2
Fri Apr 8 07:14:57 2005: DEBUG: Handling with Radius::AuthLSA:
Fri Apr 8 07:14:57 2005: DEBUG: Handling with EAP: code 2, 5, 21
Fri Apr 8 07:14:57 2005: DEBUG: Response type 1
Fri Apr 8 07:14:57 2005: DEBUG: EAP result: 3, EAP MSCHAP-V2 Challenge
Fri Apr 8 07:14:57 2005: DEBUG: AuthBy LSA result: CHALLENGE, EAP MSCHAP-V2
Challenge
Fri Apr 8 07:14:57 2005: DEBUG: Access challenged for anonymous: EAP
MSCHAP-V2 Challenge
Fri Apr 8 07:14:57 2005: DEBUG: EAP result: 3, EAP PEAP inner
authentication redespatched to a Handler
Fri Apr 8 07:14:57 2005: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP
inner authentication redespatched to a Handler
Fri Apr 8 07:14:57 2005: DEBUG: Access challenged for LAN_KITNT_NET\HTFP01:
EAP PEAP inner authentication redespatched to a Handler
Fri Apr 8 07:14:57 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1198 ....
Code: Access-Challenge
Identifier: 68
Authentic: <206>R<0><0><250><20><0><0><169>Z<0><0>6B<0><0>
Attributes:
EAP-Message =
<1><6><0>6<25><0><23><3><1><0>+%n6<249><160><171>>V<173>2<178><170>=<127><15
0><16><205><223><215><160><149><23><184><243>?<227><228><183>fg<145><0><176>
m<129>8<228><136>uS/<6><20>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Fri Apr 8 07:14:57 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1198 ....
Code: Access-Request
Identifier: 69
Authentic: eN<0><0><224><<0><0><182>R<0><0><135>L<0><0>
Attributes:
Message-Authenticator =
<13><158>a<171><145>UC.&<31>u<11>V<251><227>-
User-Name = "LAN_KITNT_NET\HTFP01"
State = ""
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
NAS-Port-Type = Wireless-IEEE-802-11
Calling-Station-Id = "00-01-f4-ec-97-29"
Framed-MTU = 1000
EAP-Message =
<2><6><0>f<25><0><23><3><1><0>[~<182><149><195><215>o<255><254>i<189>H<13>"<
163>:<253>'<10>$<18><149>p:<245><159><255>ae<164>*n<236><139><163><0><238><1
71>,x.<158><10>%<202><231><16><228><189>H<8>GE<177><228><227><134><183><236>
i<135><154><151>o<194><23><158><185><200><154><203><30><12><131><28>u<5>-<17
6>]<239>~M <16>FL?<214>Y<242>R
Fri Apr 8 07:14:57 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:57 2005: DEBUG: Deleting session for LAN_KITNT_NET\HTFP01,
149.158.3.250, 2
Fri Apr 8 07:14:57 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:57 2005: DEBUG: Handling with EAP: code 2, 6, 102
Fri Apr 8 07:14:57 2005: DEBUG: Response type 25
Fri Apr 8 07:14:57 2005: DEBUG: EAP PEAP inner authentication request for
anonymous
Fri Apr 8 07:14:57 2005: DEBUG: PEAP Tunnelled request Packet dump:
Code: Access-Request
Identifier: UNDEF
Authentic: <181><200><217>P<231><196><251>Q<164>^<133>=<132><10><250>v
Attributes:
EAP-Message =
<2><6><0>K<26><2><6><0>J1<252><213><245><174><149><253><214><201><164><153>(
H<209><131>B<242><0><0><0><0><0><0><0><0><155><236>Iv<154>SL<247>`p<168>;<21
5>l<5>k<151>3<4><133><145>3<192>y<0>LAN_KITNT_NET\HTFP01
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
User-Name = "anonymous"
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
Calling-Station-Id = "00-01-f4-ec-97-29"
Fri Apr 8 07:14:57 2005: DEBUG: Handling request with Handler
'TunnelledByPEAP=1'
Fri Apr 8 07:14:57 2005: DEBUG: Deleting session for , 149.158.3.250, 2
Fri Apr 8 07:14:57 2005: DEBUG: Handling with Radius::AuthLSA:
Fri Apr 8 07:14:57 2005: DEBUG: Handling with EAP: code 2, 6, 75
Fri Apr 8 07:14:57 2005: DEBUG: Response type 26
Fri Apr 8 07:14:57 2005: DEBUG: Radius::AuthLSA looks for match with
LAN_KITNT_NET\HTFP01
Fri Apr 8 07:14:57 2005: DEBUG: Radius::AuthLSA ACCEPT:
Fri Apr 8 07:14:57 2005: WARNING: Could not LogonUserNetworkMSCHAP (V2):
3221225581, 0, Logon failure: unknown user name or bad password.
Fri Apr 8 07:14:57 2005: DEBUG: EAP result: 1, EAP MSCHAP-V2 Authentication
failure
Fri Apr 8 07:14:57 2005: DEBUG: AuthBy LSA result: REJECT, EAP MSCHAP-V2
Authentication failure
Fri Apr 8 07:14:57 2005: INFO: Access rejected for anonymous: EAP MSCHAP-V2
Authentication failure
Fri Apr 8 07:14:57 2005: DEBUG: EAP result: 3, EAP PEAP inner
authentication redespatched to a Handler
Fri Apr 8 07:14:57 2005: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP
inner authentication redespatched to a Handler
Fri Apr 8 07:14:57 2005: DEBUG: Access challenged for LAN_KITNT_NET\HTFP01:
EAP PEAP inner authentication redespatched to a Handler
Fri Apr 8 07:14:57 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1198 ....
Code: Access-Challenge
Identifier: 69
Authentic: eN<0><0><224><<0><0><182>R<0><0><135>L<0><0>
Attributes:
EAP-Message =
<1><7><0>&<25><0><23><3><1><0><27><176><189><185>|<210><133>w<26><183>H<7><2
2><174>x<181><251>)<21>5<135>O<243>u<185>y!<188>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Fri Apr 8 07:14:57 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1198 ....
Code: Access-Request
Identifier: 70
Authentic: <19> <0><0>.Z<0><0><164>U<0><0><200>5<0><0>
Attributes:
Message-Authenticator =
<19><147>s<138>t<174><<16>|1t<241><161>,g<187>
User-Name = "LAN_KITNT_NET\HTFP01"
State = ""
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
NAS-Port-Type = Wireless-IEEE-802-11
Calling-Station-Id = "00-01-f4-ec-97-29"
Framed-MTU = 1000
EAP-Message =
<2><7><0>&<25><0><23><3><1><0><27><173>7<140>-<5><247><130>5e<206><151>I<220
><229>[<243>[<192><249><29><247> <229><189><212><12><235>
Fri Apr 8 07:14:57 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:14:57 2005: DEBUG: Deleting session for LAN_KITNT_NET\HTFP01,
149.158.3.250, 2
Fri Apr 8 07:14:57 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:14:57 2005: DEBUG: Handling with EAP: code 2, 7, 38
Fri Apr 8 07:14:57 2005: DEBUG: Response type 25
Fri Apr 8 07:14:57 2005: DEBUG: EAP result: 1, PEAP Authentication Failure
Fri Apr 8 07:14:57 2005: DEBUG: AuthBy FILE result: REJECT, PEAP
Authentication Failure
Fri Apr 8 07:14:57 2005: INFO: Access rejected for LAN_KITNT_NET\HTFP01:
PEAP Authentication Failure
Fri Apr 8 07:14:57 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1198 ....
Code: Access-Reject
Identifier: 70
Authentic: <19> <0><0>.Z<0><0><164>U<0><0><200>5<0><0>
Attributes:
EAP-Message = <4><7><0><4>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Reply-Message = "Request Denied"
Fri Apr 8 07:15:53 2005: DEBUG: Packet dump:
*** Received from 149.158.3.250 port 1199 ....
Code: Access-Request
Identifier: 71
Authentic: n5<0><0><9>M<0><0><3>3<0><0><196>><0><0>
Attributes:
User-Name = "00-01-f4-ec-97-29"
User-Password =
"A<135><3><149><142><225><166>'y<22><155><11><130>(<128>H"
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
Fri Apr 8 07:15:53 2005: DEBUG: Handling request with Handler ''
Fri Apr 8 07:15:53 2005: DEBUG: Deleting session for 00-01-f4-ec-97-29,
149.158.3.250, 2
Fri Apr 8 07:15:53 2005: DEBUG: Handling with Radius::AuthFILE:
Fri Apr 8 07:15:53 2005: DEBUG: Radius::AuthFILE looks for match with
00-01-f4-ec-97-29
Fri Apr 8 07:15:53 2005: DEBUG: AuthBy FILE result: REJECT, No such user
Fri Apr 8 07:15:53 2005: INFO: Access rejected for 00-01-f4-ec-97-29: No
such user
Fri Apr 8 07:15:53 2005: DEBUG: Packet dump:
*** Sending to 149.158.3.250 port 1199 ....
Code: Access-Reject
Identifier: 71
Authentic: n5<0><0><9>M<0><0><3>3<0><0><196>><0><0>
Attributes:
Reply-Message = "Request Denied"
Bill Stewart :-)
Kaman Corporation
1332 Blue Hills Avenue
Bloomfield, Connecticut, 06002
(860) 243-7058
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list