[RADIATOR] Problem Radiator configuration WIMAX

Heikki Vatiainen hvn at open.com.au
Wed Mar 2 15:48:03 CST 2011


On 03/02/2011 06:08 PM, Augusto Cabrera wrote:
> 
> Hi I am configuring WiMAX radiator for authentication with the CPES are
> zyxel, but I have authentication errors please i need help, the setup I
> have is the following:

Hello,

can you tell us a bit more what the problem is? From the log below it
looks like there are TTLS authentication Access-Requests and
Access-Challenges, but there is no clear error as far as I can tell.

If the error is TTLS authentication not finishing, you should check the
client configuration. Please check that the clients trust this root
certificate:

EAPTLS_CAFile /etc/radiator/certificados/cacert.pem

It is possible that the client does not recognize or trust the root
certificate and for that reasons stops the authentication process. It
looks like the TTLS inner authentication does not start so you should
concentrate on the certificate setup.

Thanks!
Heikki


> [root at wimax radiator]# vi radius.cfg
> 
> # wimax.cfg
> #
> # Example Radiator configuration file.
> # This very simple file will allow you to get started with
> # a simple WiMAX system. You can then add and change features.
> # We suggest you start simple, prove to yourself that it
> # works and then develop a more complicated configuration.
> #Foreground
> #LogStdout
> DefineFormattedGlobalVar RadiatorDir /etc/radiator
> LogDir %{GlobalVar:RadiatorDir}/logs
> DbDir  %{GlobalVar:RadiatorDir}/raddb
> LogFile  %L/%Y-%m-%d-radius.txt
> RewriteUsername tr/A-Z/a-z/
> RewriteUsername s/\s+//g
> DictionaryFile  %{GlobalVar:RadiatorDir}/dictionary
> 
> # User a lower trace level in production systems:
> Trace           4
> AuthPort 1812
> AcctPort 1813
> 
> # You will probably want to add other Clients to suit your site,
> # one for each NAS you want to work with
> #<Client DEFAULT>
> #       Secret  mysecret
> #       DupInterval 0
> #</Client>
> 
> 
> # Definicion del CLIENTE WIMAX HUAWEI - CUE
> <Client 3.3.3.3>
>         Secret  wimaxwimax
>         Identifier WIMAX
>         DupInterval 5
> </Client>
> 
> 
> <Client 200.55.224.5>
>         Secret  mysecret
>         Identifier totoracocha
>         SNMPCommunity ras
>         IgnoreAcctSignature
> #       DupInterval 0
> </Client>
> 
> 
> 
> 
> # This works with the sample SQL tables created by
> # goodies/wimax.sql
> # test with goodies/wimaxtest as a simple test client
> <Realm DEFAULT>
>        # Implement MS Revocation List using a table in the SQL database
>        # Other modules such as SQl can be used. Required by
> Alcatel-Lucent
>        AuthByPolicy ContinueWhileAccept
>        <AuthBy SQL>
>                 # Details for accessing the SQL database that contains
>                 # user/device passwords, Device-Sessions etc.
>                 # This should match the username created in wimax.sql
>                 DBSource dbi:mysql:wimax
>                 DBUsername      mikem
>                 DBAuth          fred
>                 NoEAP
>                 Blacklist
>                 AuthenticateAttribute Calling-Station-Id
>                 AuthSelect select reason from blacklist where nai=%0
>        </AuthBy>
> 
>         <AuthBy WIMAX>
>                 Identifier      AAA-WIMAX
>                 # Details for accessing the SQL database that contains
>                 # user/device passwords, Device-Sessions etc.
>                 # This should match the username created in wimax.sql
>                 DBSource dbi:mysql:wimax
>                 DBUsername      mikem
>                 DBAuth          fred
> 
>                 # The max lifetime of eack key, in seconds.
>                 # Defaults to 3600 seconds (1 hour)
>                 #KeyLifetime 3600
> 
>                 # If WiMAX-DHCPv4-Server or WiMAX-DHCPv6-Server are set
>                 # in the reply, AuthBY WIMAX wil automatically generate
>                 # a DHCP key for that address, and wil provide that key
>                 # if the DHCP server later asks for it
>                 AddToReplyIfNotExist WiMAX-DHCPv4-Server=1.2.3.4
> 
>                 # Indicates whether to honour various hotlining options
>                 # If any are set, and the subscription has a
> hotlineprofile
>                 # then appropriate columns will be returned from the
>                 # hotlineprofiles table
>                 # They are also used to set the Hotlining capabilities
>                 # in WiMAX-Capability
>                 ProfileHotlining
>                 #RulebasedHotlining
>                 HTTPRedirectionHotlining
>                 IPRedirectionHotlining
> 
>                 # WiMAX is required to handle at least TTLS
>                 # We can handle any tpe that generates MSK and EMSK
>                 EAPType TTLS, TLS, PEAP, MSCHAP-V2, PSK, PAX, FAST, SIM,
> AKA
>                 EAPTLS_CAFile /etc/radiator/certificados/cacert.pem
>                 EAPTLS_CertificateFile
> /etc/radiator/certificados/servidor-cert.pem
>                 EAPTLS_CertificateType PEM
>                 EAPTLS_PrivateKeyFile
> /etc/radiator/certificados/serv-priv.pem
>                 EAPTLS_PrivateKeyPassword quitomiciudad
> 
>                 # Try to match a certificate CN against an attribute in
> the
>                 # incoming request. If matched, return the match else
> undef
>                 # Called like EAPTLS_CommonNameHook($cn, $username,
> $identity, $p)
>                 # This example attempts to match the CN against the
>                 # Calling-Station-Id, as rewuired by some WiMAX devices.
>                 # EAPTLS_CommonNameHook sub {my $cn = $_[0]; my $p =
> $_[3]; return $cn if $cn eq $p->get_attr('Calling-Station-Id'); return
> undef;}
> 
>                 # IF HAPassword is defined, the the HA must send this
> password
>                 # in requests sent to this HAAA. The HA must be
> configured to
>                 # send this password, otherwise its requests will be
> REJECTed
>                 HAPassword mysecret
> 
>                 # You can alter the authentication query with
> AuthSelect, and
>                 # process extra columns with AuthColumnDef. Replies
> attrs
>                 # WiMAX-Packet-Flow-Descriptor and WiMAX-QoS-Descriptor
> will be
>                 # converted from ASCII to binary format.
>                 #AuthSelect select subscription.psk, subscription.cui,
> subscription.hotlineprofile, replyprofile.reply from
> subscription,replyprofile  where subscription.nai=? and
> replyprofile.profile=subscription.replyprofile
>                 #AuthColumnDef    3,GENERIC,reply
> 
>                 # You can add support for simple accounting using
>                 # AcctSQLStatement the same as AuthBy SQL
>                 #AccountingTable        ACCOUNTING
>                 #AcctColumnDef  USERNAME,User-Name
>                 # etc....
> 
>                 # You can customise other SQL queries using during WiMAX
>                 # processing with GetCachedKeyQuery,
> GetHotlineProfileQuery,
>                 # GetQosProfileQuery.
> 
>                 # MSKInMPPEKeys Forces the MSK to be encoded in
>                 # MS-MPPE-Send-Key and MS-MPPE-Recv-Key, as well as
>                 # the usual WiMAX-MSK reply attributes. This is required
>                 # by some non-compliant clients, such as some
> Alcatel-Lucent
>                 # devices.
>                 #MSKInMPPEKeys 1
>         </AuthBy>
> 
> </Realm>
> 
> <AuthBy RADMIN>
>         Identifier      AAA-SQL-CDMA
>         NoDefault
> #        MaxSessions 1
>          DefaultSimultaneousUse 1
> 
>         CaseInsensitivePasswords
>         RejectEmptyPassword
>         DBSource        dbi:mysql:radmin:localhost
>         DBUsername      radmin
>         DBAuth          radminpw
> #       AuthSelect select PASS_WORD,STATICADDRESS,TIMELEFT,\
>                 MAXLOGINS,SERVICENAME, BADLOGINS, VALIDFROM,\
>                 VALIDTO, CLASE \
>                 from RADUSERS where USERNAME=%0
> #       AuthColumnDef   0,Class,reply
>         AuthColumnDef   MAXLOGINS,reply
>         AccountingTable RADUSAGE
>         AcctColumnDef   USERNAME,User-Name
>         AcctColumnDef   TIME_STAMP,Event-Timestamp,integer
>         AcctColumnDef   ACCTSTATUSTYPE,Acct-Status-Type,integer
>         AcctColumnDef   ACCTDELAYTIME,Acct-Delay-Time,integer
>         AcctColumnDef   ACCTINPUTOCTETS,Acct-Input-Octets,integer
>         AcctColumnDef   ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
>         AcctColumnDef   ACCTSESSIONID,3GPP2-Correlation-Id
>         AcctColumnDef   ACCTSESSIONTIME,Acct-Session-Time,integer
>         AcctColumnDef   ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer
>         AcctColumnDef   NASIDENTIFIER,NAS-IP-Address
>         AcctColumnDef   NASPORT,Calling-Station-Id,integer
>         AcctColumnDef   FRAMEDIPADDRESS,Framed-IP-Address
>         MaxBadLogins    10
>         # Controlamos el tiempo m??mo de conexi??el usuario de acuerdo
> al horario siguiente
> #       AddToReply Session-Timeout = "until Time"
> </AuthBy>
> 
> 
> <Handler NAS-IP-Address=3.3.3.3, Realm=wimaxtest>
>         AuthByPolicy    ContinueWhileAccept
>         AuthBy          AAA-SQL-CDMA
>         Identifier      CDMA-NOCTURNO
>         RejectHasReason
>         AccountingHandled
> </Handler>
> 
> 
> # Handler para manejar WIMAX
> <Handler NAS-IP-Address=3.3.3.3, Realm=wimaxtest>
>         AuthByPolicy    ContinueWhileAccept
>         AuthBy          AAA-WIMAX
>         Identifier      AUTH-WIMAX
>         RejectHasReason
>         AccountingHandled
> </Handler>
> 
> # Handler para manejar WIMAX
> <Handler NAS-IP-Address=3.3.3.3>
>         AuthByPolicy    ContinueWhileAccept
>         AuthBy          AAA-WIMAX
>         Identifier      AUTH-WIMAX
>         RejectHasReason
>         AccountingHandled
> </Handler>
> 
> 
> 
> 
> 
> 
>  The logs I have are:
> 
> Code:       Access-Request
> Identifier: 50
> Authentic:  <0><0>\<204><0><0>l<239><0><0><23><152><0><0>8#
> Attributes:
> 	User-Name = "wimax at wimaxtest"
> 	NAS-IP-Address = 3.3.3.3
> 	Calling-Station-Id = "00256831312f"
> 	NAS-Identifier = "WASN9770"
> 	Event-Timestamp = 1298999964
> 	EAP-Message = <2>l<0><20><1>wimax at wimaxtest
> 	WiMAX-Capability = <1><5>1.1<2><3><2><3><3><1><5><3><1><4><3><1>
> 	WiMAX-BS-ID = 00000203f110
> 	WiMAX-GMT-Timezone-Offset = -18000
> 	NAS-Port-Type = Wireless-IEEE-802.16
> 	WiMAX-PPAC = <1><6><0><0><0>c
> 	Service-Type = Framed-User
> 	Message-Authenticator =
> <16><159>@<149><141><165>u<209>n1^<167><179><194>-B
> 
> Tue Mar  1 12:18:49 2011: DEBUG: Handling request with Handler
> 'Realm=DEFAULT', Identifier ''
> Tue Mar  1 12:18:49 2011: DEBUG:  Deleting session for wimax at wimaxtest,
> 3.3.3.3, 
> Tue Mar  1 12:18:49 2011: DEBUG: Handling with Radius::AuthSQL: 
> Tue Mar  1 12:18:49 2011: DEBUG: Handling with Radius::AuthSQL: 
> Tue Mar  1 12:18:49 2011: DEBUG: Query is: 'select reason from blacklist
> where nai='00256831312f'': 
> Tue Mar  1 12:18:49 2011: DEBUG: Radius::AuthSQL looks for match with
> 00256831312f [wimax at wimaxtest]
> Tue Mar  1 12:18:49 2011: DEBUG: Radius::AuthSQL REJECT: No such user:
> 00256831312f [wimax at wimaxtest]
> Tue Mar  1 12:18:49 2011: DEBUG: Query is: 'select reason from blacklist
> where nai='DEFAULT'': 
> Tue Mar  1 12:18:49 2011: DEBUG: AuthBy SQL result: ACCEPT, No such user
> Tue Mar  1 12:18:49 2011: DEBUG: Handling with Radius::AuthWIMAX:
> AAA-WIMAX
> Tue Mar  1 12:18:49 2011: DEBUG: Handling with Radius::AuthWIMAX:
> AAA-WIMAX
> Tue Mar  1 12:18:49 2011: DEBUG: Handling with EAP: code 2, 108, 20, 1
> Tue Mar  1 12:18:49 2011: DEBUG: Response type 1
> Tue Mar  1 12:18:49 2011: DEBUG: EAP result: 3, EAP TTLS Challenge
> Tue Mar  1 12:18:49 2011: DEBUG: AuthBy WIMAX result: CHALLENGE, EAP
> TTLS Challenge
> Tue Mar  1 12:18:49 2011: DEBUG: Access challenged for 00256831312f: EAP
> TTLS Challenge
> Tue Mar  1 12:18:49 2011: DEBUG: Packet dump:
> *** Sending to 3.3.3.3 port 10002 ....
> 
> Packet length = 46
> 0b 32 00 2e f1 44 7a fa 47 8e c7 8e 1e 42 d8 c9
> f9 05 6e a9 4f 08 01 6d 00 06 15 20 50 12 db ab
> 08 42 3b ad 54 06 28 02 a9 da 50 d9 ee 92
> Code:       Access-Challenge
> Identifier: 50
> Authentic:  <241>Dz<250>G<142><199><142><30>B<216><201><249><5>n<169>
> Attributes:
> 	EAP-Message = <1>m<0><6><21> 
> 	Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
> 
> Tue Mar  1 12:18:49 2011: DEBUG: Rewrote user name to wimax at wimaxtest
> Tue Mar  1 12:18:49 2011: DEBUG: Rewrote user name to wimax at wimaxtest
> Tue Mar  1 12:18:49 2011: DEBUG: Packet dump:
> *** Received from 3.3.3.3 port 10002 ....
> 
> Packet length = 266
> 01 33 01 0a 00 00 03 55 00 00 1d 83 00 00 55 2b
> 00 00 61 d9 01 11 77 69 6d 61 78 40 77 69 6d 61
> 78 74 65 73 74 04 06 03 03 03 03 1f 0e 30 30 32
> 35 36 38 33 31 33 31 32 66 20 0a 57 41 53 4e 39
> 37 37 30 37 06 4d 6d 2a 9c 4f 58 02 6d 00 56 15
> 80 00 00 00 4c 16 03 01 00 47 01 00 00 43 03 01
> 00 00 d8 11 7a dc 33 17 0c 8a 36 41 e1 4b d1 cb
> 5e 05 8e 9b 3f ac 19 a9 b6 fe 83 d4 cd 1f 7f 88
> 00 00 1c 00 2f 00 35 00 0a 00 05 00 04 00 39 00
> 38 00 16 00 13 00 33 00 32 00 09 00 15 00 12 01
> 00 1a 1a 00 00 60 b5 01 14 00 01 05 31 2e 31 02
> 03 02 03 03 01 05 03 01 04 03 01 1a 15 00 00 60
> b5 2e 0f 00 30 30 30 30 30 32 30 33 66 31 31 30
> 1a 0d 00 00 60 b5 03 07 00 ff ff b9 b0 3d 06 00
> 00 00 1b 1a 0f 00 00 60 b5 23 09 00 01 06 00 00
> 00 63 06 06 00 00 00 02 50 12 0f 8b ab 2d 26 4f
> 9b 5b d9 72 4e 27 00 fe 41 4f
> Code:       Access-Request
> Identifier: 51
> Authentic:  <0><0><3>U<0><0><29><131><0><0>U+<0><0>a<217>
> Attributes:
> 	User-Name = "wimax at wimaxtest"
> 	NAS-IP-Address = 3.3.3.3
> 	Calling-Station-Id = "00256831312f"
> 	NAS-Identifier = "WASN9770"
> 	Event-Timestamp = 1298999964
> 	EAP-Message =
> <2>m<0>V<21><128><0><0><0>L<22><3><1><0>G<1><0><0>C<3><1><0><0><216><17>
> z<220>3<23><12><138>6A<225>K<209><203>^<5><142><155>?<172><25><169><182>
> <254><131><212><205><31><127><136><0><0><28><0>/<0>5<0><10><0><5><0><4><
> 0>9<0>8<0><22><0><19><0>3<0>2<0><9><0><21><0><18><1><0>
> 	WiMAX-Capability = <1><5>1.1<2><3><2><3><3><1><5><3><1><4><3><1>
> 	WiMAX-BS-ID = 00000203f110
> 	WiMAX-GMT-Timezone-Offset = -18000
> 	NAS-Port-Type = Wireless-IEEE-802.16
> 	WiMAX-PPAC = <1><6><0><0><0>c
> 	Service-Type = Framed-User
> 	Message-Authenticator =
> <15><139><171>-&O<155>[<217>rN'<0><254>AO
> 
> Tue Mar  1 12:18:49 2011: DEBUG: Handling request with Handler
> 'Realm=DEFAULT', Identifier ''
> Tue Mar  1 12:18:49 2011: DEBUG:  Deleting session for wimax at wimaxtest,
> 3.3.3.3, 
> Tue Mar  1 12:18:49 2011: DEBUG: Handling with Radius::AuthSQL: 
> Tue Mar  1 12:18:49 2011: DEBUG: Handling with Radius::AuthSQL: 
> Tue Mar  1 12:18:49 2011: DEBUG: Query is: 'select reason from blacklist
> where nai='00256831312f'': 
> Tue Mar  1 12:18:49 2011: DEBUG: Radius::AuthSQL looks for match with
> 00256831312f [wimax at wimaxtest]
> Tue Mar  1 12:18:49 2011: DEBUG: Radius::AuthSQL REJECT: No such user:
> 00256831312f [wimax at wimaxtest]
> Tue Mar  1 12:18:49 2011: DEBUG: Query is: 'select reason from blacklist
> where nai='DEFAULT'': 
> Tue Mar  1 12:18:49 2011: DEBUG: AuthBy SQL result: ACCEPT, No such user
> Tue Mar  1 12:18:49 2011: DEBUG: Handling with Radius::AuthWIMAX:
> AAA-WIMAX
> Tue Mar  1 12:18:49 2011: DEBUG: Handling with Radius::AuthWIMAX:
> AAA-WIMAX
> Tue Mar  1 12:18:49 2011: DEBUG: Handling with EAP: code 2, 109, 86, 21
> Tue Mar  1 12:18:49 2011: DEBUG: Response type 21
> Tue Mar  1 12:18:49 2011: DEBUG: EAP TTLS data, 24576, 109, -1
> Tue Mar  1 12:18:49 2011: DEBUG: EAP TTLS SSL_accept result: -1, 2, 8576
> Tue Mar  1 12:18:49 2011: DEBUG: EAP result: 3, EAP TTLS Challenge
> Tue Mar  1 12:18:49 2011: DEBUG: AuthBy WIMAX result: CHALLENGE, EAP
> TTLS Challenge
> Tue Mar  1 12:18:49 2011: DEBUG: Access challenged for 00256831312f: EAP
> TTLS Challenge
> Tue Mar  1 12:18:49 2011: DEBUG: Packet dump:
> *** Sending to 3.3.3.3 port 10002 ....
> 
> Packet length = 2114
> 0b 33 08 42 07 a9 c1 d9 a3 c6 83 cd 42 50 76 17
> 7d 9e 32 5d 4f ff 01 6e 08 0a 15 c0 00 00 08 ad
> 16 03 01 00 4a 02 00 00 46 03 01 4d 6d 2a 79 09
> 45 93 c8 56 21 3b e5 8f 98 ff 89 d7 bc 98 03 11
> 6f 60 57 bc 72 84 55 36 47 e5 0e 20 44 81 d5 cf
> f7 bb 64 77 c4 c4 9e 95 52 ed de c7 ae b5 c3 d7
> a1 60 7a 94 59 4b 77 fe 47 11 39 41 00 2f 00 16
> 03 01 08 50 0b 00 08 4c 00 08 49 00 03 85 30 82
> 03 81 30 82 02 69 a0 03 02 01 02 02 09 00 cd a9
> 41 5c 02 d2 f1 4f 30 0d 06 09 2a 86 48 86 f7 0d
> 01 01 05 05 00 30 81 99 31 0b 30 09 06 03 55 04
> 06 13 02 45 43 31 0e 30 0c 06 03 55 04 08 13 05
> 41 7a 75 61 79 31 0f 30 0d 06 03 55 04 07 13 06
> 43 75 65 6e 63 61 31 10 30 0e 06 03 55 04 0a 13
> 07 45 54 41 50 41 45 50 31 17 30 15 06 03 55 04
> 0b 13 0e 43 6f 6d 75 6e 69 63 61 63 69 6f 6e 65
> 73 31 1b 30 19 06 03 55 04 03 13 12 77 69 6d 61
> 78 2e 65 4f ff 74 61 70 61 6e 65 74 2e 6e 65 74
> 31 21 30 1f 06 09 2a 86 48 86 f7 0d 01 09 01 16
> 12 77 69 6d 61 78 40 65 74 61 70 61 6e 65 74 2e
> 6e 65 74 30 1e 17 0d 31 31 30 32 31 35 31 36 32
> 32 34 30 5a 17 0d 32 31 30 32 31 32 31 36 32 32
> 34 30 5a 30 3f 31 1c 30 1a 06 0a 09 92 26 89 93
> f2 2c 64 01 19 16 0c 65 74 61 70 61 6e 65 74 2e
> 6e 65 74 31 0c 30 0a 06 03 55 04 0b 13 03 63 6f
> 6d 31 11 30 0f 06 03 55 04 03 13 08 65 74 61 70
> 61 6e 65 74 30 82 01 22 30 0d 06 09 2a 86 48 86
> f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a
> 02 82 01 01 00 d2 62 14 ab 68 09 80 4e 5c 5a e2
> 29 a7 01 8c 3f 2b fb 1d 06 39 a6 0f 35 51 54 8b
> 28 56 5d 8f c4 da ff d0 91 21 33 56 bf 2b 1c 22
> 1a a1 29 19 fd 49 74 9c 67 97 3a 00 2a 52 08 e6
> d6 fb a6 26 6e ce ee 7e 74 7a 95 33 16 01 37 7c
> c6 08 4f ff ae 70 c4 22 63 59 0d 90 04 4b d5 08
> d2 a9 ab 64 ad ea fb 3c 33 cc a1 d5 02 ed e2 7b
> e7 0b 90 9f 04 5d 08 17 6a 53 28 3a af a8 7a 0b
> 1a ea 9a 76 ba 6a 94 a8 6b 56 bb 1f 9c b2 a1 b6
> 88 a8 c3 a6 59 bc 54 10 c7 00 f1 d8 ec 59 0f af
> a8 82 42 66 e4 95 47 36 8f 50 93 91 5b da 29 ca
> 37 da 08 96 56 6c 6a 19 f6 20 77 c3 4e d4 8b bd
> 74 89 c2 d6 56 24 2c 13 92 b4 a3 a2 17 29 76 97
> 61 79 95 28 3f 6c ee 3d 7b ee 53 95 0d 9e df b8
> 95 7c 0f a0 b9 b1 a5 f5 90 b5 cc 07 b2 b5 55 34
> 95 0d 70 69 c2 2f 6d 81 98 ab c2 9a 7c 53 c1 ee
> 4b 7f e0 c3 f8 0c 03 02 03 01 00 01 a3 25 30 23
> 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 13
> 06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05
> 07 03 01 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05
> 05 00 03 82 01 01 00 52 ae 29 b6 62 14 d2 c2 56
> b7 4f ff ed b2 43 bc d5 ad de a4 36 21 43 62 e7
> 73 ba 80 17 42 34 27 f9 fa 3c 17 4e 97 50 29 59
> 20 3c 6d 28 64 2e ba 6b c9 b0 66 30 d9 de a8 1a
> ed 6b 0e dc 90 0d 64 ea d2 2e 5a 6d 2d d2 39 21
> fd 9b e0 2f e8 a5 b1 0c 0d 12 68 5d 74 c2 96 6a
> fd cc 43 4c e6 68 45 a7 36 53 4c d6 4a 76 80 bb
> b3 89 60 e0 b9 3f 81 33 b3 d3 5e 06 ab b8 2c da
> d0 eb 5e 1c 02 06 76 4f 58 f7 f5 bc 70 3c da c6
> 3a fb f0 fa 2c 17 17 d1 33 37 1d 0b aa 50 a1 a9
> 85 3b 42 59 9e aa 8d 71 7a 77 46 01 fb 72 fd 27
> 73 29 07 c5 4a bd cd ab 90 2a da 2c 0f a4 4c 2f
> 45 70 26 a0 3f 4f 54 58 60 f1 eb ba 5d af 00 ce
> 34 23 a8 d4 16 6c 17 9c 90 dd b3 4b d7 d3 35 3e
> 07 0b fb df 06 74 02 08 08 ea c5 c9 ce 35 3d 52
> d7 a5 b4 89 d2 7b 29 f8 7c cf b8 8d 85 58 25 7d
> 98 38 9f 88 9d 13 7d ae 82 00 04 be 30 82 04 ba
> 4f ff 30 82 03 a2 a0 03 02 01 02 02 09 00 fd 09
> d2 fe 86 fb da bc 30 0d 06 09 2a 86 48 86 f7 0d
> 01 01 05 05 00 30 81 99 31 0b 30 09 06 03 55 04
> 06 13 02 45 43 31 0e 30 0c 06 03 55 04 08 13 05
> 41 7a 75 61 79 31 0f 30 0d 06 03 55 04 07 13 06
> 43 75 65 6e 63 61 31 10 30 0e 06 03 55 04 0a 13
> 07 45 54 41 50 41 45 50 31 17 30 15 06 03 55 04
> 0b 13 0e 43 6f 6d 75 6e 69 63 61 63 69 6f 6e 65
> 73 31 1b 30 19 06 03 55 04 03 13 12 77 69 6d 61
> 78 2e 65 74 61 70 61 6e 65 74 2e 6e 65 74 31 21
> 30 1f 06 09 2a 86 48 86 f7 0d 01 09 01 16 12 77
> 69 6d 61 78 40 65 74 61 70 61 6e 65 74 2e 6e 65
> 74 30 1e 17 0d 31 31 30 32 31 35 31 35 34 33 32
> 38 5a 17 0d 32 31 30 32 31 32 31 35 34 33 32 38
> 5a 30 81 99 31 0b 30 09 06 03 55 04 06 13 02 45
> 43 31 0e 30 0c 06 03 55 04 08 13 05 41 7a 75 4f
> ff 61 79 31 0f 30 0d 06 03 55 04 07 13 06 43 75
> 65 6e 63 61 31 10 30 0e 06 03 55 04 0a 13 07 45
> 54 41 50 41 45 50 31 17 30 15 06 03 55 04 0b 13
> 0e 43 6f 6d 75 6e 69 63 61 63 69 6f 6e 65 73 31
> 1b 30 19 06 03 55 04 03 13 12 77 69 6d 61 78 2e
> 65 74 61 70 61 6e 65 74 2e 6e 65 74 31 21 30 1f
> 06 09 2a 86 48 86 f7 0d 01 09 01 16 12 77 69 6d
> 61 78 40 65 74 61 70 61 6e 65 74 2e 6e 65 74 30
> 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01
> 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00
> a0 da bd a9 ad 92 47 8c 21 0d 50 08 5f e1 d2 e7
> 81 a4 3b 7b bc 75 a4 1b d9 61 7c 5c 22 12 dc 7d
> 95 09 bf 28 08 93 a6 64 11 85 1d 29 12 4b d2 be
> eb d9 48 95 f9 4c 21 d2 25 eb 87 68 0e 1c 8d 13
> d4 c8 9f af f6 3a 30 64 3e b3 95 a0 28 ee 0b 26
> 51 3d 93 79 dd d1 8f 5f d4 ee 66 48 13 d5 4f ff
> fd 1e d4 f3 51 77 e0 41 7f 2c a2 d5 60 38 6c 20
> a4 f6 67 b4 5c 44 de 11 c4 6e 07 74 bd c9 04 6d
> 8c f0 77 8a da 2d 46 df 63 ea 73 af 7e 77 b0 88
> e5 77 6d d6 1d 05 ec 8e e2 d4 00 4e 60 d1 30 0e
> 96 e8 86 98 49 30 29 a6 46 91 49 9c 20 b5 d4 63
> 8e 46 1a d6 36 e7 0f 46 23 7a 7a 38 10 52 88 95
> 85 e5 19 33 7e fa 67 78 19 2c 9d 26 9e 4e bc e5
> 30 28 e1 37 0f c3 2f f2 7f b2 76 51 8b e7 22 1a
> 79 7a ab 0a 88 a4 d6 5c d0 90 11 06 31 00 b5 0d
> 01 52 69 0c a6 44 82 a4 46 02 b1 2a 5e d0 05 c1
> ef 65 02 03 01 00 01 a3 82 01 01 30 81 fe 30 1d
> 06 03 55 1d 0e 04 16 04 14 56 7d b9 5f 1a ef 1d
> 3a 55 76 94 d3 c1 b3 f0 2c 4d 3c 0c fd 30 81 ce
> 06 03 55 1d 23 04 81 c6 30 81 c3 80 14 56 7d b9
> 5f 1a ef 1d 3a 55 76 94 d3 c1 b3 f0 2c 4d 3c 0c
> fd a1 81 9f a4 81 9c 30 81 99 31 0b 30 4f ff 09
> 06 03 55 04 06 13 02 45 43 31 0e 30 0c 06 03 55
> 04 08 13 05 41 7a 75 61 79 31 0f 30 0d 06 03 55
> 04 07 13 06 43 75 65 6e 63 61 31 10 30 0e 06 03
> 55 04 0a 13 07 45 54 41 50 41 45 50 31 17 30 15
> 06 03 55 04 0b 13 0e 43 6f 6d 75 6e 69 63 61 63
> 69 6f 6e 65 73 31 1b 30 19 06 03 55 04 03 13 12
> 77 69 6d 61 78 2e 65 74 61 70 61 6e 65 74 2e 6e
> 65 74 31 21 30 1f 06 09 2a 86 48 86 f7 0d 01 09
> 01 16 12 77 69 6d 61 78 40 65 74 61 70 61 6e 65
> 74 2e 6e 65 74 82 09 00 fd 09 d2 fe 86 fb da bc
> 30 0c 06 03 55 1d 13 04 05 30 03 01 01 ff 30 0d
> 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 82 01
> 01 00 6c c6 d9 5f 09 74 fa 6f 4c 5d c8 19 72 4e
> fc f2 4c 74 02 d2 ec 8e b0 a8 61 9b 13 bf ff 92
> f6 a9 79 08 f7 69 6e fc 9d 1b 97 66 f4 86 34 cf
> bf ab 07 46 f3 b3 0f 2c 29 ed cd 50 4f 24 0f 1a
> f3 0b d4 6e 19 7e 9a 76 b0 ed 81 9c 42 34 6b 49
> 62 80 d0 56 5b f1 b9 12 9a 78 0e e4 8b 2e 9d a5
> 50 12 48 0d 81 be ef d6 ff 51 1d 9f e4 6f 2e fb
> 7e 30
> Code:       Access-Challenge
> Identifier: 51
> Authentic:  <7><169><193><217><163><198><131><205>BPv<23>}<158>2]
> Attributes:
> 	EAP-Message =
> <1>n<8><10><21><192><0><0><8><173><22><3><1><0>J<2><0><0>F<3><1>Mm*y<9>E
> <147><200>V!;<229><143><152><255><137><215><188><152><3><17>o`W<188>r<13
> 2>U6G<229><14>
> D<129><213><207><247><187>dw<196><196><158><149>R<237><222><199><174><18
> 1><195><215><161>`z<148>YKw<254>G<17>9A<0>/<0><22><3><1><8>P<11><0><8>L<
> 0><8>I<0><3><133>0<130><3><129>0<130><2>i<160><3><2><1><2><2><9><0><205>
> <169>A\<2><210><241>O0<13><6><9>*<134>H<134><247><13><1><1><5><5><0>0<12
> 9><153>1<11>0<9><6><3>U<4><6><19><2>EC1<14>0<12><6><3>U<4><8><19><5>Azua
> y1<15>0<13><6><3>U<4><7><19><6>Cuenca1<16>0<14><6><3>U<4><10><19><7>ETAP
> AEP1<23>0<21><6><3>U<4><11><19><14>Comunicaciones1<27>0<25><6><3>U<4><3>
> <19><18>wimax.e
> 	EAP-Message =
> tapanet.net1!0<31><6><9>*<134>H<134><247><13><1><9><1><22><18>wimax at etap
> anet.net0<30><23><13>110215162240Z<23><13>210212162240Z0?1<28>0<26><6><1
> 0><9><146>&<137><147><242>,d<1><25><22><12>etapanet.net1<12>0<10><6><3>U
> <4><11><19><3>com1<17>0<15><6><3>U<4><3><19><8>etapanet0<130><1>"0<13><6
>> <9>*<134>H<134><247><13><1><1><1><5><0><3><130><1><15><0>0<130><1><10><
> 2><130><1><1><0><210>b<20><171>h<9><128>N\Z<226>)<167><1><140>?+<251><29
>> <6>9<166><15>5QT<139>(V]<143><196><218><255><208><145>!3V<191>+<28>"<26
>> <161>)<25><253>It<156>g<151>:<0>*R<8><230><214><251><166>&n<206><238>~t
> z<149>3<22><1>7|<198><8>
> 	EAP-Message =
> <174>p<196>"cY<13><144><4>K<213><8><210><169><171>d<173><234><251><3<204
>> <161><213><2><237><226>{<231><11><144><159><4>]<8><23>jS(:<175><168>z<1
> 1><26><234><154>v<186>j<148><168>kV<187><31><156><178><161><182><136><16
> 8><195><166>Y<188>T<16><199><0><241><216><236>Y<15><175><168><130>Bf<228
>> <149>G6<143>P<147><145>[<218>)<202>7<218><8><150>Vlj<25><246>
> w<195>N<212><139><189>t<137><194><214>V$,<19><146><180><163><162><23>)v<
> 151>ay<149>(?l<238>={<238>S<149><13><158><223><184><149>|<15><160><185><
> 177><165><245><144><181><204><7><178><181>U4<149><13>pi<194>/m<129><152>
> <171><194><154>|S<193><238>K<127><224><195><248><12><3><2><3><1><0><1><1
> 63>%0#0<12><6><3>U<29><19><1><1><255><4><2>0<0>0<19><6><3>U<29>%<4><12>0
> <10><6><8>+<6><1><5><5><7><3><1>0<13><6><9>*<134>H<134><247><13><1><1><5
>> <5><0><3><130><1><1><0>R<174>)<182>b<20><210><194>V<183>
> 	EAP-Message =
> <237><178>C<188><213><173><222><164>6!Cb<231>s<186><128><23>B4'<249><250
>> <<23>N<151>P)Y
> <m(d.<186>k<201><176>f0<217><222><168><26><237>k<14><220><144><13>d<234>
> <210>.Zm-<210>9!<253><155><224>/<232><165><177><12><13><18>h]t<194><150>
> j<253><204>CL<230>hE<167>6SL<214>Jv<128><187><179><137>`<224><185>?<129>
> 3<179><211>^<6><171><184>,<218><208><235>^<28><2><6>vOX<247><245><188>p<
> <218><198>:<251><240><250>,<23><23><209>37<29><11><170>P<161><169><133>;
> BY<158><170><141>qzwF<1><251>r<253>'s)<7><197>J<189><205><171><144>*<218
>> ,<15><164>L/Ep&<160>?OTX`<241><235><186>]<175><0><206>4#<168><212><22>l
> <23><156><144><221><179>K<215><211>5><7><11><251><223><6>t<2><8><8><234>
> <197><201><206>5=R<215><165><180><137><210>{)<248>|<207><184><141><133>X
> %}<152>8<159><136><157><19>}<174><130><0><4><190>0<130><4><186>
> 	EAP-Message =
> 0<130><3><162><160><3><2><1><2><2><9><0><253><9><210><254><134><251><218
>> <188>0<13><6><9>*<134>H<134><247><13><1><1><5><5><0>0<129><153>1<11>0<9
>> <6><3>U<4><6><19><2>EC1<14>0<12><6><3>U<4><8><19><5>Azuay1<15>0<13><6><
> 3>U<4><7><19><6>Cuenca1<16>0<14><6><3>U<4><10><19><7>ETAPAEP1<23>0<21><6
>> <3>U<4><11><19><14>Comunicaciones1<27>0<25><6><3>U<4><3><19><18>wimax.e
> tapanet.net1!0<31><6><9>*<134>H<134><247><13><1><9><1><22><18>wimax at etap
> anet.net0<30><23><13>110215154328Z<23><13>210212154328Z0<129><153>1<11>0
> <9><6><3>U<4><6><19><2>EC1<14>0<12><6><3>U<4><8><19><5>Azu
> 	EAP-Message =
> ay1<15>0<13><6><3>U<4><7><19><6>Cuenca1<16>0<14><6><3>U<4><10><19><7>ETA
> PAEP1<23>0<21><6><3>U<4><11><19><14>Comunicaciones1<27>0<25><6><3>U<4><3
>> <19><18>wimax.etapanet.net1!0<31><6><9>*<134>H<134><247><13><1><9><1><2
> 2><18>wimax at etapanet.net0<130><1>"0<13><6><9>*<134>H<134><247><13><1><1>
> <1><5><0><3><130><1><15><0>0<130><1><10><2><130><1><1><0><160><218><189>
> <169><173><146>G<140>!<13>P<8>_<225><210><231><129><164>;{<188>u<164><27
>> <217>a|\"<18><220>}<149><9><191>(<8><147><166>d<17><133><29>)<18>K<210>
> <190><235><217>H<149><249>L!<210>%<235><135>h<14><28><141><19><212><200>
> <159><175><246>:0d><179><149><160>(<238><11>&Q=<147>y<221><209><143>_<21
> 2><238>fH<19><213>
> 	EAP-Message = <253><30><212><243>Qw<224>A<127>,<162><213>`8l
> <164><246>g<180>\D<222><17><196>n<7>t<189><201><4>m<140><240>w<138><218>
> -F<223>c<234>s<175>~w<176><136><229>wm<214><29><5><236><142><226><212><0
>> N`<209>0<14><150><232><134><152>I0)<166>F<145>I<156>
> <181><212>c<142>F<26><214>6<231><15>F#zz8<16>R<136><149><133><229><25>3~
> <250>gx<25>,<157>&<158>N<188><229>0(<225>7<15><195>/<242><127><178>vQ<13
> 9><231>"<26>yz<171><10><136><164><214>\<208><144><17><6>1<0><181><13><1>
> Ri<12><166>D<130><164>F<2><177>*^<208><5><193><239>e<2><3><1><0><1><163>
> <130><1><1>0<129><254>0<29><6><3>U<29><14><4><22><4><20>V}<185>_<26><239
>> <29>:Uv<148><211><193><179><240>,M<<12><253>0<129><206><6><3>U<29>#<4><
> 129><198>0<129><195><128><20>V}<185>_<26><239><29>:Uv<148><211><193><179
>> <240>,M<<12><253><161><129><159><164><129><156>0<129><153>1<11>0
> 	EAP-Message =
> <9><6><3>U<4><6><19><2>EC1<14>0<12><6><3>U<4><8><19><5>Azuay1<15>0<13><6
>> <3>U<4><7><19><6>Cuenca1<16>0<14><6><3>U<4><10><19><7>ETAPAEP1<23>0<21>
> <6><3>U<4><11><19><14>Comunicaciones1<27>0<25><6><3>U<4><3><19><18>wimax
> .etapanet.net1!0<31><6><9>*<134>H<134><247><13><1><9><1><22><18>wimax at et
> apanet.net<130><9><0><253><9><210><254><134><251><218><188>0<12><6><3>U<
> 29><19><4><5>0<3><1><1><255>0<13><6><9>*<134>H<134><247><13><1><1><5><5>
> <0><3><130><1><1><0>l<198><217>_<9>t<250>oL]<200><25>rN<252><242>Lt<2><2
> 10><236><142><176><168>a<155><19><191><255><146><246><169>y<8><247>in<25
> 2><157><27><151>f<244><134>4<207><191><171><7>F<243><179><15>,)<237><205
>> P
> 	EAP-Message =
> <15><26><243><11><212>n<25>~<154>v<176><237><129><156>B4kIb<128><208>V[<
> 241><185><18><154>x<14><228><139>.<157><165>
> 	Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
> 
> Tue Mar  1 12:18:49 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:18:50 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:18:51 2011: DEBUG: Monitor received command: ID
> Tue Mar  1 12:18:51 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:18:52 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:18:53 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:18:54 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:18:55 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:18:56 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:18:57 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:18:58 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:18:59 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:19:00 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:19:01 2011: DEBUG: Monitor received command: ID
> Tue Mar  1 12:19:01 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:19:02 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:19:03 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:19:04 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:19:05 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:19:06 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:19:07 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:19:08 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:19:09 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:19:10 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:19:11 2011: DEBUG: Monitor received command: ID
> Tue Mar  1 12:19:11 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:19:12 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:19:13 2011: DEBUG: Monitor received command: STATS .
> Tue Mar  1 12:19:14 2011: DEBUG: Rewrote user name to wimax at wimaxtest
> Tue Mar  1 12:19:14 2011: DEBUG: Rewrote user name to wimax at wimaxtest
> Tue Mar  1 12:19:14 2011: DEBUG: Packet dump:
> *** Received from 3.3.3.3 port 10032 ....
> 
> Packet length = 200
> 01 26 00 c8 00 00 25 0b 00 00 13 9b 00 00 3f 15
> 00 00 72 63 01 11 77 69 6d 61 78 40 77 69 6d 61
> 78 74 65 73 74 04 06 03 03 03 03 1f 0e 30 30 32
> 35 36 38 33 31 33 31 32 66 20 0a 57 41 53 4e 39
> 37 37 30 37 06 4d 6d 2a b5 4f 16 02 8a 00 14 01
> 77 69 6d 61 78 40 77 69 6d 61 78 74 65 73 74 1a
> 1a 00 00 60 b5 01 14 00 01 05 31 2e 31 02 03 02
> 03 03 01 05 03 01 04 03 01 1a 15 00 00 60 b5 2e
> 0f 00 30 30 30 30 30 32 30 33 66 31 31 30 1a 0d
> 00 00 60 b5 03 07 00 ff ff b9 b0 3d 06 00 00 00
> 1b 1a 0f 00 00 60 b5 23 09 00 01 06 00 00 00 63
> 06 06 00 00 00 02 50 12 db a1 8a 64 de 8b 14 b9
> 51 9e c7 b5 27 aa 60 09
> Code:       Access-Request
> Identifier: 38
> Authentic:  <0><0>%<11><0><0><19><155><0><0>?<21><0><0>rc
> Attributes:
> 	User-Name = "wimax at wimaxtest"
> 	NAS-IP-Address = 3.3.3.3
> 	Calling-Station-Id = "00256831312f"
> 	NAS-Identifier = "WASN9770"
> 	Event-Timestamp = 1298999989
> 	EAP-Message = <2><138><0><20><1>wimax at wimaxtest
> 	WiMAX-Capability = <1><5>1.1<2><3><2><3><3><1><5><3><1><4><3><1>
> 	WiMAX-BS-ID = 00000203f110
> 	WiMAX-GMT-Timezone-Offset = -18000
> 	NAS-Port-Type = Wireless-IEEE-802.16
> 	WiMAX-PPAC = <1><6><0><0><0>c
> 	Service-Type = Framed-User
> 	Message-Authenticator =
> <219><161><138>d<222><139><20><185>Q<158><199><181>'<170>`<9>
> 
> Tue Mar  1 12:19:14 2011: DEBUG: Handling request with Handler
> 'Realm=DEFAULT', Identifier ''
> Tue Mar  1 12:19:14 2011: DEBUG:  Deleting session for wimax at wimaxtest,
> 3.3.3.3, 
> Tue Mar  1 12:19:14 2011: DEBUG: Handling with Radius::AuthSQL: 
> Tue Mar  1 12:19:14 2011: DEBUG: Handling with Radius::AuthSQL: 
> Tue Mar  1 12:19:14 2011: DEBUG: Query is: 'select reason from blacklist
> where nai='00256831312f'': 
> Tue Mar  1 12:19:14 2011: DEBUG: Radius::AuthSQL looks for match with
> 00256831312f [wimax at wimaxtest]
> Tue Mar  1 12:19:14 2011: DEBUG: Radius::AuthSQL REJECT: No such user:
> 00256831312f [wimax at wimaxtest]
> Tue Mar  1 12:19:14 2011: DEBUG: Query is: 'select reason from blacklist
> where nai='DEFAULT'': 
> Tue Mar  1 12:19:14 2011: DEBUG: AuthBy SQL result: ACCEPT, No such user
> Tue Mar  1 12:19:14 2011: DEBUG: Handling with Radius::AuthWIMAX:
> AAA-WIMAX
> Tue Mar  1 12:19:14 2011: DEBUG: Handling with Radius::AuthWIMAX:
> AAA-WIMAX
> Tue Mar  1 12:19:14 2011: DEBUG: Handling with EAP: code 2, 138, 20, 1
> Tue Mar  1 12:19:14 2011: DEBUG: Response type 1
> Tue Mar  1 12:19:14 2011: DEBUG: EAP result: 3, EAP TTLS Challenge
> Tue Mar  1 12:19:14 2011: DEBUG: AuthBy WIMAX result: CHALLENGE, EAP
> TTLS Challenge
> Tue Mar  1 12:19:14 2011: DEBUG: Access challenged for 00256831312f: EAP
> TTLS Challenge
> Tue Mar  1 12:19:14 2011: DEBUG: Packet dump:
> *** Sending to 3.3.3.3 port 10032 ....
> 
> Packet length = 46
> 0b 26 00 2e 26 06 db eb 4e 09 cc fe ed 92 98 ce
> 73 ce a8 e5 4f 08 01 8b 00 06 15 20 50 12 c6 71
> 4c 46 98 0a fe bb 88 76 e4 82 36 64 cd 0c
> Code:       Access-Challenge
> Identifier: 38
> Authentic:
> &<6><219><235>N<9><204><254><237><146><152><206>s<206><168><229>
> Attributes:
> 	EAP-Message = <1><139><0><6><21> 
> 	Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
> 
> Tue Mar  1 12:19:14 2011: DEBUG: Rewrote user name to wimax at wimaxtest
> Tue Mar  1 12:19:14 2011: DEBUG: Rewrote user name to wimax at wimaxtest
> Tue Mar  1 12:19:14 2011: DEBUG: Packet dump:
> *** Received from 3.3.3.3 port 10032 ....
> 
> Packet length = 266
> 01 27 01 0a 00 00 1d b2 00 00 5a b2 00 00 60 c2
> 00 00 57 5b 01 11 77 69 6d 61 78 40 77 69 6d 61
> 78 74 65 73 74 04 06 03 03 03 03 1f 0e 30 30 32
> 35 36 38 33 31 33 31 32 66 20 0a 57 41 53 4e 39
> 37 37 30 37 06 4d 6d 2a b5 4f 58 02 8b 00 56 15
> 80 00 00 00 4c 16 03 01 00 47 01 00 00 43 03 01
> 00 00 d8 29 65 88 85 21 e0 03 20 46 4b b8 2f 48
> 61 24 c4 e8 93 14 b2 36 b1 1a 9a 27 8e d3 4a 84
> 00 00 1c 00 2f 00 35 00 0a 00 05 00 04 00 39 00
> 38 00 16 00 13 00 33 00 32 00 09 00 15 00 12 01
> 00 1a 1a 00 00 60 b5 01 14 00 01 05 31 2e 31 02
> 03 02 03 03 01 05 03 01 04 03 01 1a 15 00 00 60
> b5 2e 0f 00 30 30 30 30 30 32 30 33 66 31 31 30
> 1a 0d 00 00 60 b5 03 07 00 ff ff b9 b0 3d 06 00
> 00 00 1b 1a 0f 00 00 60 b5 23 09 00 01 06 00 00
> 00 63 06 06 00 00 00 02 50 12 4e 15 37 5e 78 a0
> 6e 32 9e 89 98 f0 7d b7 67 d7
> Code:       Access-Request
> Identifier: 39
> Authentic:  <0><0><29><178><0><0>Z<178><0><0>`<194><0><0>W[
> Attributes:
> 	User-Name = "wimax at wimaxtest"
> 	NAS-IP-Address = 3.3.3.3
> 	Calling-Station-Id = "00256831312f"
> 	NAS-Identifier = "WASN9770"
> 	Event-Timestamp = 1298999989
> 	EAP-Message =
> <2><139><0>V<21><128><0><0><0>L<22><3><1><0>G<1><0><0>C<3><1><0><0><216>
> )e<136><133>!<224><3>
> FK<184>/Ha$<196><232><147><20><178>6<177><26><154>'<142><211>J<132><0><0
>> <28><0>/<0>5<0><10><0><5><0><4><0>9<0>8<0><22><0><19><0>3<0>2<0><9><0><
> 21><0><18><1><0>
> 	WiMAX-Capability = <1><5>1.1<2><3><2><3><3><1><5><3><1><4><3><1>
> 	WiMAX-BS-ID = 00000203f110
> 	WiMAX-GMT-Timezone-Offset = -18000
> 	NAS-Port-Type = Wireless-IEEE-802.16
> 	WiMAX-PPAC = <1><6><0><0><0>c
> 	Service-Type = Framed-User
> 	Message-Authenticator =
> N<21>7^x<160>n2<158><137><152><240>}<183>g<215>
> 
> Tue Mar  1 12:19:14 2011: DEBUG: Handling request with Handler
> 'Realm=DEFAULT', Identifier ''
> Tue Mar  1 12:19:14 2011: DEBUG:  Deleting session for wimax at wimaxtest,
> 3.3.3.3, 
> Tue Mar  1 12:19:14 2011: DEBUG: Handling with Radius::AuthSQL: 
> Tue Mar  1 12:19:14 2011: DEBUG: Handling with Radius::AuthSQL: 
> Tue Mar  1 12:19:14 2011: DEBUG: Query is: 'select reason from blacklist
> where nai='00256831312f'': 
> Tue Mar  1 12:19:14 2011: DEBUG: Radius::AuthSQL looks for match with
> 00256831312f [wimax at wimaxtest]
> Tue Mar  1 12:19:14 2011: DEBUG: Radius::AuthSQL REJECT: No such user:
> 00256831312f [wimax at wimaxtest]
> Tue Mar  1 12:19:14 2011: DEBUG: Query is: 'select reason from blacklist
> where nai='DEFAULT'': 
> Tue Mar  1 12:19:14 2011: DEBUG: AuthBy SQL result: ACCEPT, No such user
> Tue Mar  1 12:19:14 2011: DEBUG: Handling with Radius::AuthWIMAX:
> AAA-WIMAX
> Tue Mar  1 12:19:14 2011: DEBUG: Handling with Radius::AuthWIMAX:
> AAA-WIMAX
> Tue Mar  1 12:19:14 2011: DEBUG: Handling with EAP: code 2, 139, 86, 21
> Tue Mar  1 12:19:14 2011: DEBUG: Response type 21
> Tue Mar  1 12:19:14 2011: DEBUG: EAP TTLS data, 24576, 139, -1
> Tue Mar  1 12:19:14 2011: DEBUG: EAP TTLS SSL_accept result: -1, 2, 8576
> Tue Mar  1 12:19:14 2011: DEBUG: EAP result: 3, EAP TTLS Challenge
> Tue Mar  1 12:19:14 2011: DEBUG: AuthBy WIMAX result: CHALLENGE, EAP
> TTLS Challenge
> Tue Mar  1 12:19:14 2011: DEBUG: Access challenged for 00256831312f: EAP
> TTLS Challenge
> Tue Mar  1 12:19:14 2011: DEBUG: Packet dump:
> *** Sending to 3.3.3.3 port 10032 ....
> 
> Packet length = 2114
> 0b 27 08 42 dc 90 cc 87 d5 0e 48 c1 8e d6 ba fe
> 56 85 c8 a8 4f ff 01 8c 08 0a 15 c0 00 00 08 ad
> 16 03 01 00 4a 02 00 00 46 03 01 4d 6d 2a 92 b0
> cb b6 e0 11 92 2e 76 27 3c 29 f9 e4 24 86 5e 32
> 37 77 8d 59 d5 67 cc 56 de fd 09 20 60 c6 99 3f
> 5d 3d ac a3 5c a2 f4 87 a8 cc f4 cb 38 a6 0c 6c
> 02 0c 9d 7b 74 48 9c 46 44 cc 66 a3 00 2f 00 16
> 03 01 08 50 0b 00 08 4c 00 08 49 00 03 85 30 82
> 03 81 30 82 02 69 a0 03 02 01 02 02 09 00 cd a9
> 
> 
> 
>       Saludos,
> 
> Augusto Cabrera Duffaut.
>   
> 
> 
> 
> 
> ------------------------------
> 
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
> 
> End of radiator Digest, Vol 22, Issue 2
> ***************************************
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator


-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.


More information about the radiator mailing list