(RADIATOR) running into snags trying to get EAP-FAST working

Jim Veneskey jvene at cisco.com
Wed Feb 13 06:36:21 CST 2008


Hi Hugh,
I am running radiusd from the command line now - that is how I am seeing 
the TLS not initialised issue...

 >>> Tue Feb 12 15:36:17 2008: DEBUG: EAP result: 2, TLS not initialised
 >>> Tue Feb 12 15:36:17 2008: DEBUG: AuthBy FILE result: IGNORE, TLS not
 >>> initialised

My wireless client seems to get to the point where it wants to provision 
a PAC, and then things break after that.

I am not getting any errors (Perl) that might suggest I am missing a 
module, but this morning I added HMAC_SHA1, just in case.  No difference.

Attached is the complete output that I am seeing thus far.

I am using the eap_fast.cfg sample config (copied to 
/etc/radiator/radius.cfg) w/out any alterations, and I simply added a 
test user to the "users" file, using the original user as a template:

> widevaio        User-Password=widevaio
>                 Service-Type = Framed-User,
>                 Framed-Protocol = PPP,
>                 Framed-IP-Netmask = 255.255.255.255,
>                 Framed-Routing = None,
>                 Framed-MTU = 1500,
>                 Framed-Compression = Van-Jacobson-TCP-IP


Complete log showing the failure follows.

Thanks,

Jim





Wed Feb 13 07:30:26 2008: DEBUG: Finished reading configuration file 
'/etc/radiator/radius.cfg'
Wed Feb 13 07:30:26 2008: DEBUG: Reading dictionary file './dictionary'
Wed Feb 13 07:30:26 2008: DEBUG: Creating authentication port 0.0.0.0:1645
Wed Feb 13 07:30:26 2008: DEBUG: Creating accounting port 0.0.0.0:1646
Wed Feb 13 07:30:26 2008: NOTICE: Server started: Radiator 4.0 on 
deathwing (LOCKED)
Wed Feb 13 07:30:30 2008: DEBUG: Packet dump:
*** Received from 192.168.50.15 port 32770 ....
Code:       Access-Request
Identifier: 205
Authentic:  4<183><247><178><138><243><173>/<215>1Gw<201>!^<233>
Attributes:
         User-Name = "PEAP-00-40-96-A4-4E-24"
         Calling-Station-Id = "00-40-96-A4-4E-24"
         Called-Station-Id = "00-0B-FC-FB-7F-20:leaper"
         NAS-Port = 29
         NAS-IP-Address = 192.168.50.15
         NAS-Identifier = "cntl3750-w"
         Airespace-WLAN-Id = 6
         Service-Type = Framed-User
         Framed-MTU = 1300
         NAS-Port-Type = Wireless-IEEE-802-11
         EAP-Message = <2><2><0><27><1>PEAP-00-40-96-A4-4E-24
         Message-Authenticator = 
<128><160><214><190>m<166><255>=<173>y<198><9>ie<149>>

Wed Feb 13 07:30:30 2008: DEBUG: Handling request with Handler ''
Wed Feb 13 07:30:30 2008: DEBUG:  Deleting session for 
PEAP-00-40-96-A4-4E-24, 192.168.50.15, 29
Wed Feb 13 07:30:30 2008: DEBUG: Handling with Radius::AuthFILE:
Wed Feb 13 07:30:30 2008: DEBUG: Handling with EAP: code 2, 2, 27, 1
Wed Feb 13 07:30:30 2008: DEBUG: Response type 1
Wed Feb 13 07:30:30 2008: DEBUG: EAP result: 3, EAP-FAST Challenge
Wed Feb 13 07:30:30 2008: DEBUG: AuthBy FILE result: CHALLENGE, EAP-FAST 
Challenge
Wed Feb 13 07:30:30 2008: DEBUG: Access challenged for 
PEAP-00-40-96-A4-4E-24: EAP-FAST Challenge
Wed Feb 13 07:30:30 2008: DEBUG: Packet dump:
*** Sending to 192.168.50.15 port 32770 ....
Code:       Access-Challenge
Identifier: 205
Authentic:  4<183><247><178><138><243><173>/<215>1Gw<201>!^<233>
Attributes:
         EAP-Message = <1><3><0> 
+!<0><4><0><9>deathwing<0><7><0><9>deathwing
         Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Wed Feb 13 07:30:34 2008: DEBUG: Packet dump:
*** Received from 192.168.50.15 port 32770 ....
Code:       Access-Request
Identifier: 206
Authentic:  <247><188>*<25><193><201><218><160><233>?<206>4<218>};<26>
Attributes:
         User-Name = "PEAP-00-40-96-A4-4E-24"
         Calling-Station-Id = "00-40-96-A4-4E-24"
         Called-Station-Id = "00-0B-FC-FB-7F-20:leaper"
         NAS-Port = 29
         NAS-IP-Address = 192.168.50.15
         NAS-Identifier = "cntl3750-w"
         Airespace-WLAN-Id = 6
         Service-Type = Framed-User
         Framed-MTU = 1300
         NAS-Port-Type = Wireless-IEEE-802-11
         EAP-Message = 
<2><3><0>8+<1><22><3><1><0>-<1><0><0>)<3><1>G<178><227><128><178><190><191><140><192><20><207><193><229>F;<213>"V<2>Kbm<175><11><226>X<4><5><178>p<163><245><0><0><2><0>4<1><0>
         Message-Authenticator = 
<190><153><187><9>#7l<217><170>~<28><157><206><140><153><178>

Wed Feb 13 07:30:34 2008: DEBUG: Handling request with Handler ''
Wed Feb 13 07:30:34 2008: DEBUG:  Deleting session for 
PEAP-00-40-96-A4-4E-24, 192.168.50.15, 29
Wed Feb 13 07:30:34 2008: DEBUG: Handling with Radius::AuthFILE:
Wed Feb 13 07:30:34 2008: DEBUG: Handling with EAP: code 2, 3, 56, 43
Wed Feb 13 07:30:34 2008: DEBUG: Response type 43
Wed Feb 13 07:30:34 2008: DEBUG: Enable Server-Unauthenticated 
Provisioning mode
Wed Feb 13 07:30:34 2008: DEBUG: EAP-FAST a new PAC will be provisioned
Wed Feb 13 07:30:34 2008: DEBUG: EAP-FAST SSL_accept result: -1, 2, 8576
Wed Feb 13 07:30:34 2008: DEBUG: EAP result: 3, EAP-FAST Challenge
Wed Feb 13 07:30:34 2008: DEBUG: AuthBy FILE result: CHALLENGE, EAP-FAST 
Challenge
Wed Feb 13 07:30:34 2008: DEBUG: Access challenged for 
PEAP-00-40-96-A4-4E-24: EAP-FAST Challenge
Wed Feb 13 07:30:34 2008: DEBUG: Packet dump:
*** Sending to 192.168.50.15 port 32770 ....
Code:       Access-Challenge
Identifier: 206
Authentic:  <247><188>*<25><193><201><218><160><233>?<206>4<218>};<26>
Attributes:
         EAP-Message = 
<1><4><2>r+<129><0><0><2>h<22><3><1><0>J<2><0><0>F<3><1>G<178><226><234><227>[<145>aj=<182>1<208><145><250><200><148><162><23><245><154><231><6><174><239>ue<235><14><161>c<160> 
{<215>$c<164><10><247><127>0g~<172>U<213><181>4<179><161><149><22><253>.<241><23>-<155>N<30>2<28><21><9><0>4<0><22><3><1><2><11><12><0><2><7><1><0><255><255><255><255><255><255><255><255><201><15><218><162>!h<194>4<196><198>b<139><128><220><28><209>)<2>N<8><138>g<204>t<2><11><190><166>;<19><155>"QJ<8>y<142>4<4><221><239><149><25><179><205>:C<27>0+<10>m<242>_<20>7O<225>5mmQ<194>E<228><133><181>vb^~<198><244>LB<233><166>7<237>k<11><255>\<182><244><6><183><237><238>8k<251>Z<137><159><165><174><159>$<17>|K<31><230>I(fQ<236><228>[=<194><0>|<184><161>c<191><5><152><218>H6<28>U<211><154>i<22>?<168><253>$<207>_<131>e]#<220><163><173><150><28>
         EAP-Message = b<243>V 
<133>R<187><158><213>)<7>p<150><150>mg<12>5NJ<188><152><4><241>tl<8><202><24>!|2<144>^F.6<206>;<227><158>w,<24><14><134><3><155>'<131><162><236><7><162><143><181><197>]<240>oLR<201><222>+<203><246><149>X<23><24>9<149>I|<234><149>j<229><21><210>&<24><152><250><5><16><21>r<142>Z<138><172><170>h<255><255><255><255><255><255><255><255><0><1><2><1><0>\uv 
<185>:<17><198>:Z<20>%<2>~<147><228>#<220><225><245>=<158><222><149><170><199>z<152>z<144><196>@<136>b<208><132>a<7>L<230>E<134>O<196><214><129>(f<164><219><137>&a<131><222>@*<194><195><236><212>EU"<218><161><230>z<254><5>^X<252><139><185><240>{<182>P-<5><210>+<12>\_&Y<196><18>x<130><227>t<18><151>6<237>=`<21>pY<10><225><225><29><18>I&<153>n<255>Ht<155><146><5>|8~Y"<172><208><165>Rl<165><228><17><3><131><31><201><149><11> 
<151>^<17>Z<169><131><9>
         EAP-Message = 
<133><154><144><28><5><4>?8<154><30><18>K<155><133><246><172><192>#,<242><i<239><200>UmZZ<165><245>!<15><184><7><207>&<146>5<199><143>J<187><140><196><17><23><237><177><205><208><0>b<249><25>nQ<193><203>c<14>u,<6><204><170><228><136><246>bc<170><236>%Z<21>Y&<14><163><206><186><30>{Avn<5>S<140><203><145>,<220>^<215><128><248>S<249><246>x[<154><214>0<240> 
^<140><174>,<22><3><1><0><4><14><0><0><0>
         Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Wed Feb 13 07:30:35 2008: DEBUG: Packet dump:
*** Received from 192.168.50.15 port 32770 ....
Code:       Access-Request
Identifier: 207
Authentic:  =<18>Z<250>|<7><214>C<204><189><167>x=n<172>C
Attributes:
         User-Name = "PEAP-00-40-96-A4-4E-24"
         Calling-Station-Id = "00-40-96-A4-4E-24"
         Called-Station-Id = "00-0B-FC-FB-7F-20:leaper"
         NAS-Port = 29
         NAS-IP-Address = 192.168.50.15
         NAS-Identifier = "cntl3750-w"
         Airespace-WLAN-Id = 6
         Service-Type = Framed-User
         Framed-MTU = 1300
         NAS-Port-Type = Wireless-IEEE-802-11
         EAP-Message = 
<2><4><1>L+<1><22><3><1><1><6><16><0><1><2><1><0>w<155>}|@<165>"E<253>}<192><2>Z<149><214><134>Z,<192><29><163>~=V<188>%<238><<142><179><208>o<224><247>y<206>>N<25>}DT 
g<203>gM<136>y<236><140>G7<255><228><246><176>]<243>YKo<160><228>w&<241><207><190><143><132>)<193>#<174>Z;;<140><22><230><18><228>p<245><169>hL<163><188><177><156>PY<7>LO<142><22><138><178>s<171>:$<7>1%x<237>`<181><247><30><161><226><202>d<8><146><139><180>XN<127><188><233>'=Z$<178>Y<235><12>b<186><149>?{<195>l<173>\P<27><148>:<248><216>c^<30><20><224>X<147><154><15><240><223>iD<134>:<10><231><211>1F<132>q<28><176><24>i6<187><192><230><137>@\:q<174><12><149><172><200><251><161><178>Ij<215>w<149>3<168><149><160><147>Y,}<213>,<249><213>eG<168><206><165>w<6><188>hN<3><192>G<151><30>g0QVe<150><226><229>\&E
         EAP-Message = 
E<171>1B\O<9><250>H<168><253>D`<133><158>x<235><160>mH<20><3><1><0><1><1><22><3><1><0>0l<7><221><215>t<19><253><202>!z<229><203><5>(<222><24>_<168><174><15><217><144><163><127><162><132><19><147><242>s<196><162>T<225>a<2><203><154><240><142>D<210><252><183>r<127><219><7>
         Message-Authenticator = 
<252>I<29><28><14><184><203>,pF&<179><235>p<208><137>

Wed Feb 13 07:30:35 2008: DEBUG: Handling request with Handler ''
Wed Feb 13 07:30:35 2008: DEBUG:  Deleting session for 
PEAP-00-40-96-A4-4E-24, 192.168.50.15, 29
Wed Feb 13 07:30:35 2008: DEBUG: Handling with Radius::AuthFILE:
Wed Feb 13 07:30:35 2008: DEBUG: Handling with EAP: code 2, 4, 332, 43
Wed Feb 13 07:30:35 2008: DEBUG: Response type 43
Wed Feb 13 07:30:35 2008: DEBUG: EAP-FAST SSL_accept result: 1, 0, 3
Wed Feb 13 07:30:35 2008: DEBUG: EAP result: 3, EAP-FAST Challenge
Wed Feb 13 07:30:35 2008: DEBUG: AuthBy FILE result: CHALLENGE, EAP-FAST 
Challenge
Wed Feb 13 07:30:35 2008: DEBUG: Access challenged for 
PEAP-00-40-96-A4-4E-24: EAP-FAST Challenge
Wed Feb 13 07:30:35 2008: DEBUG: Packet dump:
*** Sending to 192.168.50.15 port 32770 ....
Code:       Access-Challenge
Identifier: 207
Authentic:  =<18>Z<250>|<7><214>C<204><189><167>x=n<172>C
Attributes:
         EAP-Message = 
<1><5><0>E+<129><0><0><0>;<20><3><1><0><1><1><22><3><1><0>0:<131><11><22><197><215><171><134>}"C\v<198>6K<25>I<150><185><221><139><12>3SY<248>P<250>gNE<218><128><131><2>m<177><138>b=<26>9d<173>)<24><23>
         Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Wed Feb 13 07:30:35 2008: DEBUG: Packet dump:
*** Received from 192.168.50.15 port 32770 ....
Code:       Access-Request
Identifier: 208
Authentic:  L<211><165><25><28><179><155>A<213><236>-<196><17><157><25>d
Attributes:
         User-Name = "PEAP-00-40-96-A4-4E-24"
         Calling-Station-Id = "00-40-96-A4-4E-24"
         Called-Station-Id = "00-0B-FC-FB-7F-20:leaper"
         NAS-Port = 29
         NAS-IP-Address = 192.168.50.15
         NAS-Identifier = "cntl3750-w"
         Airespace-WLAN-Id = 6
         Service-Type = Framed-User
         Framed-MTU = 1300
         NAS-Port-Type = Wireless-IEEE-802-11
         EAP-Message = <2><5><0><6>+<1>
         Message-Authenticator = 
<219><219>g"<226><239>N<31><152>5<242><29><255><24><185><170>

Wed Feb 13 07:30:35 2008: DEBUG: Handling request with Handler ''
Wed Feb 13 07:30:35 2008: DEBUG:  Deleting session for 
PEAP-00-40-96-A4-4E-24, 192.168.50.15, 29
Wed Feb 13 07:30:35 2008: DEBUG: Handling with Radius::AuthFILE:
Wed Feb 13 07:30:35 2008: DEBUG: Handling with EAP: code 2, 5, 6, 43
Wed Feb 13 07:30:35 2008: DEBUG: Response type 43
Wed Feb 13 07:30:35 2008: DEBUG: EAP result: 3, EAP-FAST Challenge
Wed Feb 13 07:30:35 2008: DEBUG: AuthBy FILE result: CHALLENGE, EAP-FAST 
Challenge
Wed Feb 13 07:30:35 2008: DEBUG: Access challenged for 
PEAP-00-40-96-A4-4E-24: EAP-FAST Challenge
Wed Feb 13 07:30:35 2008: DEBUG: Packet dump:
*** Sending to 192.168.50.15 port 32770 ....
Code:       Access-Challenge
Identifier: 208
Authentic:  L<211><165><25><28><179><155>A<213><236>-<196><17><157><25>d
Attributes:
         EAP-Message = <1><6><0>++<1><23><3><1><0> 
<148>[<203>4=<187><243>t<24><206><166><152>4<210><220><148><22><5>#<236>H<246>}l<207>p<251><134><17><154><142>|
         Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Wed Feb 13 07:30:35 2008: DEBUG: Packet dump:
*** Received from 192.168.50.15 port 32770 ....
Code:       Access-Request
Identifier: 209
Authentic:  <184>q(<15>9<165><243><24><227>8"<229><244><252><223><163>
Attributes:
         User-Name = "PEAP-00-40-96-A4-4E-24"
         Calling-Station-Id = "00-40-96-A4-4E-24"
         Called-Station-Id = "00-0B-FC-FB-7F-20:leaper"
         NAS-Port = 29
         NAS-IP-Address = 192.168.50.15
         NAS-Identifier = "cntl3750-w"
         Airespace-WLAN-Id = 6
         Service-Type = Framed-User
         Framed-MTU = 1300
         NAS-Port-Type = Wireless-IEEE-802-11
         EAP-Message = 
<2><6><0>;+<1><23><3><1><0>0<1>[h<15><7>i<223><223><232>s<129><188><15><232>g~n<26><247><161><178>$<176><199><240><27><199><242><150><214>f<181><251><228>S<135>pO<146><185><4>V*<31><234><158><10><254>
         Message-Authenticator = 
<254><245><170>S|<207><208><142>E<145>g9<201><10>t<228>

Wed Feb 13 07:30:35 2008: DEBUG: Handling request with Handler ''
Wed Feb 13 07:30:35 2008: DEBUG:  Deleting session for 
PEAP-00-40-96-A4-4E-24, 192.168.50.15, 29
Wed Feb 13 07:30:35 2008: DEBUG: Handling with Radius::AuthFILE:
Wed Feb 13 07:30:35 2008: DEBUG: Handling with EAP: code 2, 6, 59, 43
Wed Feb 13 07:30:35 2008: DEBUG: Response type 43
Wed Feb 13 07:30:35 2008: DEBUG: EAP-FAST TLS data: 
8009000d0200000d01776964657661696f
Wed Feb 13 07:30:35 2008: DEBUG: EAP-FAST inner authentication request 
for anonymous
Wed Feb 13 07:30:35 2008: DEBUG: EAP-FAST Tunnelled request Packet dump:
Code:       Access-Request
Identifier: UNDEF
Authentic:  <202>6uB<242><167><247><174>-r<129>$E<169>n<26>
Attributes:
         EAP-Message = <2><0><0><13><1>widevaio
         Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
         User-Name = "anonymous"
         NAS-IP-Address = 192.168.50.15
         NAS-Identifier = "cntl3750-w"
         NAS-Port = 29
         Calling-Station-Id = "00-40-96-A4-4E-24"

Wed Feb 13 07:30:35 2008: DEBUG: Handling request with Handler ''
Wed Feb 13 07:30:35 2008: DEBUG:  Deleting session for anonymous, 
192.168.50.15, 29
Wed Feb 13 07:30:35 2008: DEBUG: Handling with Radius::AuthFILE:
Wed Feb 13 07:30:35 2008: DEBUG: Handling with EAP: code 2, 0, 13, 1
Wed Feb 13 07:30:35 2008: DEBUG: Response type 1
Wed Feb 13 07:30:35 2008: DEBUG: EAP result: 3, EAP MSCHAP-V2 Challenge
Wed Feb 13 07:30:35 2008: DEBUG: AuthBy FILE result: CHALLENGE, EAP 
MSCHAP-V2 Challenge
Wed Feb 13 07:30:35 2008: DEBUG: Access challenged for anonymous: EAP 
MSCHAP-V2 Challenge
Wed Feb 13 07:30:35 2008: DEBUG: Returned FAST inner Packet dump:
Code:       Access-Challenge
Identifier: UNDEF
Authentic:  <202>6uB<242><167><247><174>-r<129>$E<169>n<26>
Attributes:
         EAP-Message = 
<1><1><0>#<26><1><1><0><30><16>0<168><190><207>6<220>vP<5>|L<6><192>9<210><9>deathwing
         Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Wed Feb 13 07:30:35 2008: DEBUG: EAP result: 3, EAP-FAST inner 
authentication redespatched to a Handler
Wed Feb 13 07:30:35 2008: DEBUG: AuthBy FILE result: CHALLENGE, EAP-FAST 
inner authentication redespatched to a Handler
Wed Feb 13 07:30:35 2008: DEBUG: Access challenged for 
PEAP-00-40-96-A4-4E-24: EAP-FAST inner authentication redespatched to a 
Handler
Wed Feb 13 07:30:35 2008: DEBUG: Packet dump:
*** Sending to 192.168.50.15 port 32770 ....
Code:       Access-Challenge
Identifier: 209
Authentic:  <184>q(<15>9<165><243><24><227>8"<229><244><252><223><163>
Attributes:
         EAP-Message = 
<1><7><0>O+<129><0><0><0>E<23><3><1><0>@<178>F<233><130><246><200>`<225><213>y<6>$H<197><23><232>s<28><254>Tm<176>H<140>*2<198>5i<194><147><31><190><252><248><183>dU<219>^<213>g@<150><137><240><152>d<202><9>R<155><195><247><237><219><172><158>5<138><29><156><144>'
         Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Wed Feb 13 07:30:35 2008: DEBUG: Packet dump:
*** Received from 192.168.50.15 port 32770 ....
Code:       Access-Request
Identifier: 210
Authentic: 
<16><31><255><199><146><182>O<18><130><172><214><175><237><175>z<132>
Attributes:
         User-Name = "PEAP-00-40-96-A4-4E-24"
         Calling-Station-Id = "00-40-96-A4-4E-24"
         Called-Station-Id = "00-0B-FC-FB-7F-20:leaper"
         NAS-Port = 29
         NAS-IP-Address = 192.168.50.15
         NAS-Identifier = "cntl3750-w"
         Airespace-WLAN-Id = 6
         Service-Type = Framed-User
         Framed-MTU = 1300
         NAS-Port-Type = Wireless-IEEE-802-11
         EAP-Message = 
<2><7><0>k+<1><23><3><1><0>`<180>T<234><180><237><206>k$<150><185>Yt<151>e<181>G<127><156><215>4<178><25><162><244>v<141>/:3<219><221><173><176>Hv|<140><19><181><202><200><10><202><13><193>\<187>Vb<217><220><207>5D}<177><19><179><168><220><173><207><0>4<254><138>%E9<165><219><170><234><"<136><147><24>HX<151>xl<28>n<218><5><139>JH<192><152><203>K<244><221>
         Message-Authenticator = 
3F<135><186><237><172><172><231><175>"<16>s<23><232>4<219>

Wed Feb 13 07:30:35 2008: DEBUG: Handling request with Handler ''
Wed Feb 13 07:30:35 2008: DEBUG:  Deleting session for 
PEAP-00-40-96-A4-4E-24, 192.168.50.15, 29
Wed Feb 13 07:30:35 2008: DEBUG: Handling with Radius::AuthFILE:
Wed Feb 13 07:30:35 2008: DEBUG: Handling with EAP: code 2, 7, 107, 43
Wed Feb 13 07:30:35 2008: DEBUG: Response type 43
Wed Feb 13 07:30:35 2008: DEBUG: EAP-FAST TLS data: 
80090043020100431a0201003e3100000000000000000000000000000000000000000000000080600a211ace8435c30bfd2c53db9f9eaadf86132f501d5d00776964657661696f
Wed Feb 13 07:30:35 2008: DEBUG: EAP-FAST inner authentication request 
for anonymous
Wed Feb 13 07:30:35 2008: DEBUG: EAP-FAST Tunnelled request Packet dump:
Code:       Access-Request
Identifier: UNDEF
Authentic:  <236><131><158><154>H7<141>Q!<252>A<18><205>k<186><148>
Attributes:
         EAP-Message = 
<2><1><0>C<26><2><1><0>>1<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><128>`<10>!<26><206><132>5<195><11><253>,S<219><159><158><170><223><134><19>/P<29>]<0>widevaio
         Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
         User-Name = "anonymous"
         NAS-IP-Address = 192.168.50.15
         NAS-Identifier = "cntl3750-w"
         NAS-Port = 29
         Calling-Station-Id = "00-40-96-A4-4E-24"

Wed Feb 13 07:30:35 2008: DEBUG: Handling request with Handler ''
Wed Feb 13 07:30:35 2008: DEBUG:  Deleting session for anonymous, 
192.168.50.15, 29
Wed Feb 13 07:30:35 2008: DEBUG: Handling with Radius::AuthFILE:
Wed Feb 13 07:30:35 2008: DEBUG: Handling with EAP: code 2, 1, 67, 26
Wed Feb 13 07:30:35 2008: DEBUG: Response type 26
Wed Feb 13 07:30:35 2008: DEBUG: Reading users file ./users
Wed Feb 13 07:30:35 2008: DEBUG: Radius::AuthFILE looks for match with 
widevaio [anonymous]
Wed Feb 13 07:30:35 2008: DEBUG: Radius::AuthFILE ACCEPT: : widevaio 
[anonymous]
Wed Feb 13 07:30:35 2008: DEBUG: EAP result: 3, EAP MSCHAP V2 Challenge: 
Success
Wed Feb 13 07:30:35 2008: DEBUG: AuthBy FILE result: CHALLENGE, EAP 
MSCHAP V2 Challenge: Success
Wed Feb 13 07:30:35 2008: DEBUG: Access challenged for anonymous: EAP 
MSCHAP V2 Challenge: Success
Wed Feb 13 07:30:35 2008: DEBUG: Returned FAST inner Packet dump:
Code:       Access-Challenge
Identifier: UNDEF
Authentic:  <236><131><158><154>H7<141>Q!<252>A<18><205>k<186><148>
Attributes:
         EAP-Message = 
<1><2><0>=<26><3><1><0>8S=172094BBA465A2D1DEA2B48895943942D9D13330 M=success
         Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Wed Feb 13 07:30:35 2008: DEBUG: EAP result: 3, EAP-FAST inner 
authentication redespatched to a Handler
Wed Feb 13 07:30:35 2008: DEBUG: AuthBy FILE result: CHALLENGE, EAP-FAST 
inner authentication redespatched to a Handler
Wed Feb 13 07:30:35 2008: DEBUG: Access challenged for 
PEAP-00-40-96-A4-4E-24: EAP-FAST inner authentication redespatched to a 
Handler
Wed Feb 13 07:30:35 2008: DEBUG: Packet dump:
*** Sending to 192.168.50.15 port 32770 ....
Code:       Access-Challenge
Identifier: 210
Authentic: 
<16><31><255><199><146><182>O<18><130><172><214><175><237><175>z<132>
Attributes:
         EAP-Message = 
<1><8><0>o+<129><0><0><0>e<23><3><1><0>`<241>P`<232><30>Nm>u!<201><17>#iW+<248><208><133><156>.<163><5>j2<156>GN<4><251>,<193><132>^<131><G*~<207><179><11><253>A<231><17><235><233>m<185>=F?Y<246><238>$<0>b<165>3V?<173>!s<217>?s<137><173>Zt<211><194><238><197><159><149><155>4<174><217><168><133>a<152>.<20>`<139><192>~$<169><191>
         Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Wed Feb 13 07:30:35 2008: DEBUG: Packet dump:
*** Received from 192.168.50.15 port 32770 ....
Code:       Access-Request
Identifier: 211
Authentic:  <133><187><141><171><214><5><26>:<23><162><210><148><173><221>Rs
Attributes:
         User-Name = "PEAP-00-40-96-A4-4E-24"
         Calling-Station-Id = "00-40-96-A4-4E-24"
         Called-Station-Id = "00-0B-FC-FB-7F-20:leaper"
         NAS-Port = 29
         NAS-IP-Address = 192.168.50.15
         NAS-Identifier = "cntl3750-w"
         Airespace-WLAN-Id = 6
         Service-Type = Framed-User
         Framed-MTU = 1300
         NAS-Port-Type = Wireless-IEEE-802-11
         EAP-Message = <2><8><0>++<1><23><3><1><0> 
<190><177><171><251><134><197><144>8<166><151><176>"t<21><255><197>p<199>{<223>IeW<240>?<154>J<212>9T<158><223>
         Message-Authenticator = 
g<132><157><173><7>e<134>I<164><174><155><246><132>C<252>9

Wed Feb 13 07:30:35 2008: DEBUG: Handling request with Handler ''
Wed Feb 13 07:30:35 2008: DEBUG:  Deleting session for 
PEAP-00-40-96-A4-4E-24, 192.168.50.15, 29
Wed Feb 13 07:30:35 2008: DEBUG: Handling with Radius::AuthFILE:
Wed Feb 13 07:30:35 2008: DEBUG: Handling with EAP: code 2, 8, 43, 43
Wed Feb 13 07:30:35 2008: DEBUG: Response type 43
Wed Feb 13 07:30:35 2008: DEBUG: EAP-FAST TLS data: 80090006020200061a03
Wed Feb 13 07:30:35 2008: DEBUG: EAP-FAST inner authentication request 
for anonymous
Wed Feb 13 07:30:35 2008: DEBUG: EAP-FAST Tunnelled request Packet dump:
Code:       Access-Request
Identifier: UNDEF
Authentic: 
<230>N<204><133><213>5<232><228><164><247><241><208><237><15>c<132>
Attributes:
         EAP-Message = <2><2><0><6><26><3>
         Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
         User-Name = "anonymous"
         NAS-IP-Address = 192.168.50.15
         NAS-Identifier = "cntl3750-w"
         NAS-Port = 29
         Calling-Station-Id = "00-40-96-A4-4E-24"

Wed Feb 13 07:30:35 2008: DEBUG: Handling request with Handler ''
Wed Feb 13 07:30:35 2008: DEBUG:  Deleting session for anonymous, 
192.168.50.15, 29
Wed Feb 13 07:30:35 2008: DEBUG: Handling with Radius::AuthFILE:
Wed Feb 13 07:30:35 2008: DEBUG: Handling with EAP: code 2, 2, 6, 26
Wed Feb 13 07:30:35 2008: DEBUG: Response type 26
Wed Feb 13 07:30:35 2008: DEBUG: EAP result: 0,
Wed Feb 13 07:30:35 2008: DEBUG: AuthBy FILE result: ACCEPT,
Wed Feb 13 07:30:35 2008: DEBUG: Access accepted for anonymous
Wed Feb 13 07:30:35 2008: DEBUG: Returned FAST inner Packet dump:
Code:       Access-Accept
Identifier: UNDEF
Authentic: 
<230>N<204><133><213>5<232><228><164><247><241><208><237><15>c<132>
Attributes:
         Service-Type = Framed-User
         Framed-Protocol = PPP
         Framed-IP-Netmask = 255.255.255.255
         Framed-Routing = None
         Framed-MTU = 1500
         Framed-Compression = Van-Jacobson-TCP-IP
         MS-MPPE-Send-Key = 
9<240><23><198>U-<24><203><196><147><11><149>kr;<228>
         MS-MPPE-Recv-Key = 
zL<169>%<7>c<251><197><7><159><156><177>k<167><165><161>
         EAP-Message = <3><2><0><4>
         Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Wed Feb 13 07:30:35 2008: DEBUG: EAP result: 3, EAP-FAST inner 
authentication redespatched to a Handler
Wed Feb 13 07:30:35 2008: DEBUG: AuthBy FILE result: CHALLENGE, EAP-FAST 
inner authentication redespatched to a Handler
Wed Feb 13 07:30:35 2008: DEBUG: Access challenged for 
PEAP-00-40-96-A4-4E-24: EAP-FAST inner authentication redespatched to a 
Handler
Wed Feb 13 07:30:35 2008: DEBUG: Packet dump:
*** Sending to 192.168.50.15 port 32770 ....
Code:       Access-Challenge
Identifier: 211
Authentic:  <133><187><141><171><214><5><26>:<23><162><210><148><173><221>Rs
Attributes:
         EAP-Message = 
<1><9><0>o+<129><0><0><0>e<23><3><1><0>`<131><201><218>k:<182><20>{<219><250>Vh<242>Af<157><156><166>1*m<151>Uf<223>H<245>D(t<145><215>L45<222><161><220>#1<164>*<178><214>#<144>p<229>/p<251>e<136>pj%[><182><212><245><149><164>Tl<163><238>{<5><11>B<232><134>Q(<24>1?<189><250>wV,<139><167><167><208>!'<166><29><131><136><151>B<224>
         Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Wed Feb 13 07:30:35 2008: DEBUG: Packet dump:
*** Received from 192.168.50.15 port 32770 ....
Code:       Access-Request
Identifier: 212
Authentic:  <229><249>?<227>Z<164><214>t<176><146>IN4<206><218><132>
Attributes:
         User-Name = "PEAP-00-40-96-A4-4E-24"
         Calling-Station-Id = "00-40-96-A4-4E-24"
         Called-Station-Id = "00-0B-FC-FB-7F-20:leaper"
         NAS-Port = 29
         NAS-IP-Address = 192.168.50.15
         NAS-Identifier = "cntl3750-w"
         Airespace-WLAN-Id = 6
         Service-Type = Framed-User
         Framed-MTU = 1300
         NAS-Port-Type = Wireless-IEEE-802-11
         EAP-Message = 
<2><9><0>k+<1><23><3><1><0>`<223>)<242><177>_<9>+"<190><150><255><209><128><236><217>Br<164><218><130>4<197>9<174><4><197><223>f^<17><29>Y<252><244>b<150><131><185><203><172>ZBw)<222>3<29>q<182><16><216><8><154><217><169><149><128><204>l<151>+l<254><217><204><240><212> 
'<170><205>/<159><230>ZdQ<175><175><4><135><236>-/<17>[<215>.<189>o<199><188>r<155><28><143>
         Message-Authenticator = 
F<178><168><248><248><130>A<161><173><235><255><200><31>e<192>n

Wed Feb 13 07:30:35 2008: DEBUG: Handling request with Handler ''
Wed Feb 13 07:30:35 2008: DEBUG:  Deleting session for 
PEAP-00-40-96-A4-4E-24, 192.168.50.15, 29
Wed Feb 13 07:30:35 2008: DEBUG: Handling with Radius::AuthFILE:
Wed Feb 13 07:30:35 2008: DEBUG: Handling with EAP: code 2, 9, 107, 43
Wed Feb 13 07:30:35 2008: DEBUG: Response type 43
Wed Feb 13 07:30:35 2008: DEBUG: EAP-FAST TLS data: 
800a00020001800c003800010101cd6c4e8a9fb41a4b42a8e905fc890538350f09a37cbda9d12c125883aef47591fc5bfcc8a5d9ea8bea16372f137fcc3a732b2105
Wed Feb 13 07:30:35 2008: DEBUG: EAP-FAST Provisioning a new PAC
Wed Feb 13 07:30:35 2008: DEBUG: EAP result: 3, EAP-FAST PAC Provision
Wed Feb 13 07:30:35 2008: DEBUG: AuthBy FILE result: CHALLENGE, EAP-FAST 
PAC Provision
Wed Feb 13 07:30:35 2008: DEBUG: Access challenged for 
PEAP-00-40-96-A4-4E-24: EAP-FAST PAC Provision
Wed Feb 13 07:30:35 2008: DEBUG: Packet dump:
*** Sending to 192.168.50.15 port 32770 ....
Code:       Access-Challenge
Identifier: 212
Authentic:  <229><249>?<227>Z<164><214>t<176><146>IN4<206><218><132>
Attributes:
         EAP-Message = 
<1><10><0><175>+<129><0><0><0><165><23><3><1><0><160><225>,<221>'GW<177>D<209><252><188><220><254>U<153>L<6>h<177>Ab*v<1><132><190><250><153><138><130><195><219><149><250><146>;#<169><182><132><171><142><242>1f<144><180><181>xuU<194><145>_*<234><192><147><243>T<222>v<141>r<132><156>R<155>j'<177><240><241><240>Z<254><6><159><181><205><5><157><172><27>gz<213><18>L<28><243><31><155><240>Nr^<9><196><221>$<<0>)^u<240><173>N<234>X<14><167><246><8><8>K&<175><208><10><244><168>W<237>}<149><136><154>_&&&s<127><209><251>em<232><155><231><168><204><14>S<131><178><20><251>~'<160><164><160><244><28><223><159>+
         Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Wed Feb 13 07:30:35 2008: DEBUG: Packet dump:
*** Received from 192.168.50.15 port 32770 ....
Code:       Access-Request
Identifier: 213
Authentic:  <22>%X<215>?<194><133>F<192><168><229>|<8><224>Z<149>
Attributes:
         User-Name = "PEAP-00-40-96-A4-4E-24"
         Calling-Station-Id = "00-40-96-A4-4E-24"
         Called-Station-Id = "00-0B-FC-FB-7F-20:leaper"
         NAS-Port = 29
         NAS-IP-Address = 192.168.50.15
         NAS-Identifier = "cntl3750-w"
         Airespace-WLAN-Id = 6
         Service-Type = Framed-User
         Framed-MTU = 1300
         NAS-Port-Type = Wireless-IEEE-802-11
         EAP-Message = <2><10><0>++<1><23><3><1><0> 
 >XS<206>&8<245><146><134><185><175><155><13><174><208>P'<31><183><132>e<20>b<171><148>H<2><23><253>xMS
         Message-Authenticator = 
<140>[<154><206><219>HwmF<16><184><209><8><178><249><15>

Wed Feb 13 07:30:35 2008: DEBUG: Handling request with Handler ''
Wed Feb 13 07:30:35 2008: DEBUG:  Deleting session for 
PEAP-00-40-96-A4-4E-24, 192.168.50.15, 29
Wed Feb 13 07:30:35 2008: DEBUG: Handling with Radius::AuthFILE:
Wed Feb 13 07:30:35 2008: DEBUG: Handling with EAP: code 2, 10, 43, 43
Wed Feb 13 07:30:35 2008: DEBUG: Response type 43
Wed Feb 13 07:30:35 2008: DEBUG: EAP-FAST TLS data: 800300020002
Wed Feb 13 07:30:35 2008: ERR: EAP-FAST peer RESULT failure
Wed Feb 13 07:30:35 2008: DEBUG: EAP result: 2, EAP-FAST peer RESULT failure
Wed Feb 13 07:30:35 2008: DEBUG: AuthBy FILE result: IGNORE, EAP-FAST 
peer RESULT failure
Wed Feb 13 07:30:37 2008: DEBUG: Packet dump:
*** Received from 192.168.50.15 port 32770 ....
Code:       Access-Request
Identifier: 213
Authentic:  <22>%X<215>?<194><133>F<192><168><229>|<8><224>Z<149>
Attributes:
         User-Name = "PEAP-00-40-96-A4-4E-24"
         Calling-Station-Id = "00-40-96-A4-4E-24"
         Called-Station-Id = "00-0B-FC-FB-7F-20:leaper"
         NAS-Port = 29
         NAS-IP-Address = 192.168.50.15
         NAS-Identifier = "cntl3750-w"
         Airespace-WLAN-Id = 6
         Service-Type = Framed-User
         Framed-MTU = 1300
         NAS-Port-Type = Wireless-IEEE-802-11
         EAP-Message = <2><10><0>++<1><23><3><1><0> 
 >XS<206>&8<245><146><134><185><175><155><13><174><208>P'<31><183><132>e<20>b<171><148>H<2><23><253>xMS
         Message-Authenticator = 
<140>[<154><206><219>HwmF<16><184><209><8><178><249><15>

Wed Feb 13 07:30:37 2008: DEBUG: Handling request with Handler ''
Wed Feb 13 07:30:37 2008: DEBUG:  Deleting session for 
PEAP-00-40-96-A4-4E-24, 192.168.50.15, 29
Wed Feb 13 07:30:37 2008: DEBUG: Handling with Radius::AuthFILE:
Wed Feb 13 07:30:37 2008: DEBUG: Handling with EAP: code 2, 10, 43, 43
Wed Feb 13 07:30:37 2008: DEBUG: Response type 43
Wed Feb 13 07:30:37 2008: DEBUG: EAP result: 2, TLS not initialised
Wed Feb 13 07:30:37 2008: DEBUG: AuthBy FILE result: IGNORE, TLS not 
initialised
Wed Feb 13 07:30:39 2008: DEBUG: Packet dump:
*** Received from 192.168.50.15 port 32770 ....
Code:       Access-Request
Identifier: 213
Authentic:  <22>%X<215>?<194><133>F<192><168><229>|<8><224>Z<149>
Attributes:
         User-Name = "PEAP-00-40-96-A4-4E-24"
         Calling-Station-Id = "00-40-96-A4-4E-24"
         Called-Station-Id = "00-0B-FC-FB-7F-20:leaper"
         NAS-Port = 29
         NAS-IP-Address = 192.168.50.15
         NAS-Identifier = "cntl3750-w"
         Airespace-WLAN-Id = 6
         Service-Type = Framed-User
         Framed-MTU = 1300
         NAS-Port-Type = Wireless-IEEE-802-11
         EAP-Message = <2><10><0>++<1><23><3><1><0> 
 >XS<206>&8<245><146><134><185><175><155><13><174><208>P'<31><183><132>e<20>b<171><148>H<2><23><253>xMS
         Message-Authenticator = 
<140>[<154><206><219>HwmF<16><184><209><8><178><249><15>

Wed Feb 13 07:30:39 2008: DEBUG: Handling request with Handler ''
Wed Feb 13 07:30:39 2008: DEBUG:  Deleting session for 
PEAP-00-40-96-A4-4E-24, 192.168.50.15, 29
Wed Feb 13 07:30:39 2008: DEBUG: Handling with Radius::AuthFILE:
Wed Feb 13 07:30:39 2008: DEBUG: Handling with EAP: code 2, 10, 43, 43
Wed Feb 13 07:30:39 2008: DEBUG: Response type 43
Wed Feb 13 07:30:39 2008: DEBUG: EAP result: 2, TLS not initialised
Wed Feb 13 07:30:39 2008: DEBUG: AuthBy FILE result: IGNORE, TLS not 
initialised

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list