Данный функционал доступен начиная с версии ПО 1.30.0 для устройств WLC-15, ESR-15, WLC-30, ESR-30, WLC-3200, ESR-3200, vWLC.
Введение
Начиная с версии 1.30 появилась возможность оперативно производить troubleshooting RADIUS-пакетов в таких схемах, как:
Команда show radius debug
Команда расположена в debug view.
Запуск команды без каких либо опций выводит всю отладочную информацию RADIUS с таймаутом 60 секунд.
Для того чтобы принудительно остановить работу команды, необходимо нажать комбинацию клавиш Ctrl+C.
Есть возможность использовать опции.
wlc-15# debug wlc-15(debug)# show brasd Show BRAS configuration Show configuration information cpu Show CPU related statistics debug Show debug configuration parameters ipc-hub Show IPC-HUB information licence Show licence inforamtion memory Show memory related information radius-debug Show raddebug information <<<-------------------------- wlc-15(debug)# show radius-debug
Опции
file
Данная опция позволяет записать результат выполнения команды в файл с произвольным названием и сохранить его для последующего анализа.
При использовании данной опции отсутствует вывод отладочной информации в терминал, информация записывается только в файл.
Файл возможно сохранить в:
- flash:data/ – встроенный flash-накопитель устройства;
- usb://usb_name:/ – внешний USB-накопитель;
- mmc://mmc_name:/ – внешний MicroSD-накопитель;
- hdd://hdd_name:/ – внешний SSD\HDD-накопитель, форм-фактора 2.5 дюйма.
MicroSD-слот поддержан на устройствах WLC-30, WLC-3200, ESR-3200.
SSD\HDD-накопитель форм-фактора 2.5 дюйма, поддержан на устройствах WLC-15, WLC-30, WLC-3200, ESR-3200.
Пример опции file
#Запись отладочной информации RADIUS в файл с названием test-file на внутренний flash-накопитель устройства wlc-30(debug)# show radius-debug file flash:data/test-file.txt Total lines written: 1339 File saved wlc-30# dir flash:data/ Name Type Size Last modified ---------------------------------------------------------- ---------- -------- -- ------------------------- test-file.txt File 106.64 KB Thu Nov 21 12:07:29 2024 #Выгрузка файла на tftp-сервер для последующего анализа wlc-30r# copy flash:data/test-file.txt tftp://100.110.0.214:/test-file.txt |******************************************| 100% (106kB) Success!
ip-address
Данная опция позволяет осуществлять вывод отладочной RADIUS-информации от конкретного IPv4-адреса RADIUS-клиента.
Опция ip-address задается в формате A.B.C.D.
Пример опции ip-address
wlc-30(debug)# show radius-debug ip-address A.B.C.D IP address of client wlc-30-failover(debug)# show radius-debug ip-address 100.129.56.1
timeout
Данная опция задает таймаут выполнения команды show radius debug. Работа команды автоматически завершается по истечении заданного времени.
Опция timeout задается в диапазоне 0-1200 сек.
В случае если опция не указана, значение по умолчанию 60 сек.
Если задать значение timeout = 0, команда будет выполнятся бесконечно.
Для завершения выполнения команды необходимо нажать комбинацию клавиш Ctrl+C.
Пример опции timeout
#Выполнение команды с опцией timeout, равной 600 сек wlc-30(debug)# show radius-debug timeout 600
user
Данная опция позволяет осуществлять вывод отладочной RADIUS-информации конкретного пользователя (атрибут User-Name).
Опция username задается строкой от 1 до 50 символов.
Пример опции username
#Вывод radius-debug для пользователя tester wlc-30(debug)#show radius-debug username tester
Примеры вывода команды show radius debug
При успешном подключении клиента с авторизацией на локальном RADIUS-сервере
wlc-15#
wlc-15# debug
wlc-15(debug)# show radius-debug username tester ip-address 100.129.56.1 timeout 600
(33) Thu Nov 21 15:34:09 2024: Debug: Received Access-Request Id 31 from 100.129.56.1:37236 to 100.129.58.1:1812 length 259
(33) Thu Nov 21 15:34:09 2024: Debug: User-Name = "tester"
(33) Thu Nov 21 15:34:09 2024: Debug: NAS-IP-Address = 100.129.56.1
(33) Thu Nov 21 15:34:09 2024: Debug: Eltex-Domain = "default"
(33) Thu Nov 21 15:34:09 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(33) Thu Nov 21 15:34:09 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(33) Thu Nov 21 15:34:09 2024: Debug: NAS-Port-Type = Wireless-802.11
(33) Thu Nov 21 15:34:09 2024: Debug: NAS-Port-Id = "10"
(33) Thu Nov 21 15:34:09 2024: Debug: Service-Type = Framed-User
(33) Thu Nov 21 15:34:09 2024: Debug: NAS-Port = 1
(33) Thu Nov 21 15:34:09 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(33) Thu Nov 21 15:34:09 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(33) Thu Nov 21 15:34:09 2024: Debug: Acct-Session-Id = "073DA111-08E53DB2"
(33) Thu Nov 21 15:34:09 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(33) Thu Nov 21 15:34:09 2024: Debug: WLAN-Group-Cipher = 1027076
(33) Thu Nov 21 15:34:09 2024: Debug: WLAN-AKM-Suite = 1027073
(33) Thu Nov 21 15:34:09 2024: Debug: Eltex-AP-Domain = "with-gre"
(33) Thu Nov 21 15:34:09 2024: Debug: Framed-MTU = 1400
(33) Thu Nov 21 15:34:09 2024: Debug: EAP-Message = 0x0285000b01746573746572
(33) Thu Nov 21 15:34:09 2024: Debug: Message-Authenticator = 0x204ffb9b5a0f9dcf0b9e1ca3cd13c639
(33) Thu Nov 21 15:34:09 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/_default
(33) Thu Nov 21 15:34:09 2024: Debug: authorize {
(33) Thu Nov 21 15:34:09 2024: Debug: policy filter_username {
(33) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name) {
(33) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name) -> TRUE
(33) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name) {
(33) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ / /) {
(33) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ / /) -> FALSE
(33) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(33) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(33) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /\.\./ ) {
(33) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(33) Thu Nov 21 15:34:09 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(33) Thu Nov 21 15:34:09 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(33) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /\.$/) {
(33) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(33) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /@\./) {
(33) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(33) Thu Nov 21 15:34:09 2024: Debug: } # if (&User-Name) = notfound
(33) Thu Nov 21 15:34:09 2024: Debug: } # policy filter_username = notfound
(33) Thu Nov 21 15:34:09 2024: Debug: [preprocess] = ok
(33) Thu Nov 21 15:34:09 2024: Debug: [chap] = noop
(33) Thu Nov 21 15:34:09 2024: Debug: [mschap] = noop
(33) Thu Nov 21 15:34:09 2024: Debug: [digest] = noop
(33) Thu Nov 21 15:34:09 2024: Debug: suffix: Checking for suffix after "@"
(33) Thu Nov 21 15:34:09 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(33) Thu Nov 21 15:34:09 2024: Debug: suffix: No such realm "NULL"
(33) Thu Nov 21 15:34:09 2024: Debug: [suffix] = noop
(33) Thu Nov 21 15:34:09 2024: Debug: files_multi: users: Matched entry DEFAULT at line 1
(33) Thu Nov 21 15:34:09 2024: Debug: files_multi: users: Matched entry tester at line 5
(33) Thu Nov 21 15:34:09 2024: Debug: [files_multi] = ok
(33) Thu Nov 21 15:34:09 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) {
(33) Thu Nov 21 15:34:09 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) -> FALSE
(33) Thu Nov 21 15:34:09 2024: Debug: else {
(33) Thu Nov 21 15:34:09 2024: Debug: eap: Peer sent EAP Response (code 2) ID 133 length 11
(33) Thu Nov 21 15:34:09 2024: Debug: eap: EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
(33) Thu Nov 21 15:34:09 2024: Debug: [eap] = ok
(33) Thu Nov 21 15:34:09 2024: Debug: } # else = ok
(33) Thu Nov 21 15:34:09 2024: Debug: if (ok) {
(33) Thu Nov 21 15:34:09 2024: Debug: if (ok) -> TRUE
(33) Thu Nov 21 15:34:09 2024: Debug: if (ok) {
(33) Thu Nov 21 15:34:09 2024: Debug: return
(33) Thu Nov 21 15:34:09 2024: Debug: } # if (ok) = ok
(33) Thu Nov 21 15:34:09 2024: Debug: } # authorize = ok
(33) Thu Nov 21 15:34:09 2024: Debug: Found Auth-Type = eap
(33) Thu Nov 21 15:34:09 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(33) Thu Nov 21 15:34:09 2024: Debug: authenticate {
(33) Thu Nov 21 15:34:09 2024: Debug: eap: Peer sent packet with method EAP Identity (1)
(33) Thu Nov 21 15:34:09 2024: Debug: eap: Calling submodule eap_peap to process data
(33) Thu Nov 21 15:34:09 2024: Debug: eap_peap: (TLS) Initiating new session
(33) Thu Nov 21 15:34:09 2024: Debug: eap: Sending EAP Request (code 1) ID 134 length 6
(33) Thu Nov 21 15:34:09 2024: Debug: eap: EAP session adding &reply:State = 0xd6c6d814d640c1da
(33) Thu Nov 21 15:34:09 2024: Debug: [eap] = handled
(33) Thu Nov 21 15:34:09 2024: Debug: } # authenticate = handled
(33) Thu Nov 21 15:34:09 2024: Debug: Using Post-Auth-Type Challenge
(33) Thu Nov 21 15:34:09 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(33) Thu Nov 21 15:34:09 2024: Debug: Challenge { ... } # empty sub-section is ignored
(33) Thu Nov 21 15:34:09 2024: Debug: session-state: Saving cached attributes
(33) Thu Nov 21 15:34:09 2024: Debug: Framed-MTU = 1004
(33) Thu Nov 21 15:34:09 2024: Debug: Sent Access-Challenge Id 31 from 100.129.58.1:1812 to 100.129.56.1:37236 length 76
(33) Thu Nov 21 15:34:09 2024: Debug: Eltex-Tls-Enabled = 0
(33) Thu Nov 21 15:34:09 2024: Debug: EAP-Message = 0x018600061920
(33) Thu Nov 21 15:34:09 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(33) Thu Nov 21 15:34:09 2024: Debug: State = 0xd6c6d814d640c1da517e6b54cde2f128
(33) Thu Nov 21 15:34:09 2024: Debug: Finished request
(34) Thu Nov 21 15:34:09 2024: Debug: Received Access-Request Id 32 from 100.129.56.1:37236 to 100.129.58.1:1812 length 427
(34) Thu Nov 21 15:34:09 2024: Debug: User-Name = "tester"
(34) Thu Nov 21 15:34:09 2024: Debug: NAS-IP-Address = 100.129.56.1
(34) Thu Nov 21 15:34:09 2024: Debug: Eltex-Domain = "default"
(34) Thu Nov 21 15:34:09 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(34) Thu Nov 21 15:34:09 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(34) Thu Nov 21 15:34:09 2024: Debug: NAS-Port-Type = Wireless-802.11
(34) Thu Nov 21 15:34:09 2024: Debug: NAS-Port-Id = "10"
(34) Thu Nov 21 15:34:09 2024: Debug: Service-Type = Framed-User
(34) Thu Nov 21 15:34:09 2024: Debug: NAS-Port = 1
(34) Thu Nov 21 15:34:09 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(34) Thu Nov 21 15:34:09 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(34) Thu Nov 21 15:34:09 2024: Debug: Acct-Session-Id = "073DA111-08E53DB2"
(34) Thu Nov 21 15:34:09 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(34) Thu Nov 21 15:34:09 2024: Debug: WLAN-Group-Cipher = 1027076
(34) Thu Nov 21 15:34:09 2024: Debug: WLAN-AKM-Suite = 1027073
(34) Thu Nov 21 15:34:09 2024: Debug: Eltex-AP-Domain = "with-gre"
(34) Thu Nov 21 15:34:09 2024: Debug: Framed-MTU = 1400
(34) Thu Nov 21 15:34:09 2024: Debug: EAP-Message = 0x028600a119800000009716030100920100008e0303673ef08120eff9f8ebe08572c925c8194ba8df959e2ec704e8933241538475fe00002c00ffc02cc02bc024c023c00ac009c008c030c02fc00
(34) Thu Nov 21 15:34:09 2024: Debug: State = 0xd6c6d814d640c1da517e6b54cde2f128
(34) Thu Nov 21 15:34:09 2024: Debug: Message-Authenticator = 0xe9d462619fab68ba99b3766d0517073d
(34) Thu Nov 21 15:34:09 2024: Debug: Restoring &session-state
(34) Thu Nov 21 15:34:09 2024: Debug: &session-state:Framed-MTU = 1004
(34) Thu Nov 21 15:34:09 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/_default
(34) Thu Nov 21 15:34:09 2024: Debug: authorize {
(34) Thu Nov 21 15:34:09 2024: Debug: policy filter_username {
(34) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name) {
(34) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name) -> TRUE
(34) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name) {
(34) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ / /) {
(34) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ / /) -> FALSE
(34) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(34) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(34) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /\.\./ ) {
(34) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(34) Thu Nov 21 15:34:09 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(34) Thu Nov 21 15:34:09 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(34) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /\.$/) {
(34) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(34) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /@\./) {
(34) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(34) Thu Nov 21 15:34:09 2024: Debug: } # if (&User-Name) = notfound
(34) Thu Nov 21 15:34:09 2024: Debug: } # policy filter_username = notfound
(34) Thu Nov 21 15:34:09 2024: Debug: [preprocess] = ok
(34) Thu Nov 21 15:34:09 2024: Debug: [chap] = noop
(34) Thu Nov 21 15:34:09 2024: Debug: [mschap] = noop
(34) Thu Nov 21 15:34:09 2024: Debug: [digest] = noop
(34) Thu Nov 21 15:34:09 2024: Debug: suffix: Checking for suffix after "@"
(34) Thu Nov 21 15:34:09 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(34) Thu Nov 21 15:34:09 2024: Debug: suffix: No such realm "NULL"
(34) Thu Nov 21 15:34:09 2024: Debug: [suffix] = noop
(34) Thu Nov 21 15:34:09 2024: Debug: files_multi: users: Matched entry DEFAULT at line 1
(34) Thu Nov 21 15:34:09 2024: Debug: files_multi: users: Matched entry tester at line 5
(34) Thu Nov 21 15:34:09 2024: Debug: [files_multi] = ok
(34) Thu Nov 21 15:34:09 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) {
(34) Thu Nov 21 15:34:09 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) -> FALSE
(34) Thu Nov 21 15:34:09 2024: Debug: else {
(34) Thu Nov 21 15:34:09 2024: Debug: eap: Peer sent EAP Response (code 2) ID 134 length 161
(34) Thu Nov 21 15:34:09 2024: Debug: eap: Continuing tunnel setup
(34) Thu Nov 21 15:34:09 2024: Debug: [eap] = ok
(34) Thu Nov 21 15:34:09 2024: Debug: } # else = ok
(34) Thu Nov 21 15:34:09 2024: Debug: if (ok) {
(34) Thu Nov 21 15:34:09 2024: Debug: if (ok) -> TRUE
(34) Thu Nov 21 15:34:09 2024: Debug: if (ok) {
(34) Thu Nov 21 15:34:09 2024: Debug: return
(34) Thu Nov 21 15:34:09 2024: Debug: } # if (ok) = ok
(34) Thu Nov 21 15:34:09 2024: Debug: } # authorize = ok
(34) Thu Nov 21 15:34:09 2024: Debug: Found Auth-Type = eap
(34) Thu Nov 21 15:34:09 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(34) Thu Nov 21 15:34:09 2024: Debug: authenticate {
(34) Thu Nov 21 15:34:09 2024: Debug: eap: Expiring EAP session with state 0xba2ef008bae3e943
(34) Thu Nov 21 15:34:09 2024: Debug: eap: Expiring EAP session with state 0xd6c6d814d640c1da
(34) Thu Nov 21 15:34:09 2024: Debug: eap: Finished EAP session with state 0xd6c6d814d640c1da
(34) Thu Nov 21 15:34:09 2024: Debug: eap: Previous EAP request found for state 0xd6c6d814d640c1da, released from the list
(34) Thu Nov 21 15:34:09 2024: Debug: eap: Peer sent packet with method EAP PEAP (25)
(34) Thu Nov 21 15:34:09 2024: Debug: eap: Calling submodule eap_peap to process data
(34) Thu Nov 21 15:34:09 2024: Debug: eap_peap: (TLS) EAP Peer says that the final record size will be 151 bytes
(34) Thu Nov 21 15:34:09 2024: Debug: eap_peap: (TLS) EAP Got all data (151 bytes)
(34) Thu Nov 21 15:34:09 2024: Debug: eap_peap: (TLS) Handshake state - before/accept initialization
(34) Thu Nov 21 15:34:09 2024: Debug: eap_peap: (TLS) Handshake state - Server before/accept initialization
(34) Thu Nov 21 15:34:09 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 read client hello A
(34) Thu Nov 21 15:34:09 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 write server hello A
(34) Thu Nov 21 15:34:09 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 write certificate A
(34) Thu Nov 21 15:34:09 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 write key exchange A
(34) Thu Nov 21 15:34:09 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 write server done A
(34) Thu Nov 21 15:34:09 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 flush data
(34) Thu Nov 21 15:34:09 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 read client certificate A
(34) Thu Nov 21 15:34:09 2024: Debug: eap_peap: (TLS) Server : Need to read more data: SSLv3 read client key exchange A
(34) Thu Nov 21 15:34:09 2024: Debug: eap_peap: (TLS) Server : Need to read more data: SSLv3 read client key exchange A
(34) Thu Nov 21 15:34:09 2024: Debug: eap_peap: (TLS) In Handshake Phase
(34) Thu Nov 21 15:34:09 2024: Debug: eap: Sending EAP Request (code 1) ID 135 length 1014
(34) Thu Nov 21 15:34:09 2024: Debug: eap: EAP session adding &reply:State = 0xd6c6d814d741c1da
(34) Thu Nov 21 15:34:09 2024: Debug: [eap] = handled
(34) Thu Nov 21 15:34:09 2024: Debug: } # authenticate = handled
(34) Thu Nov 21 15:34:09 2024: Debug: Using Post-Auth-Type Challenge
(34) Thu Nov 21 15:34:09 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(34) Thu Nov 21 15:34:09 2024: Debug: Challenge { ... } # empty sub-section is ignored
(34) Thu Nov 21 15:34:09 2024: Debug: session-state: Saving cached attributes
(34) Thu Nov 21 15:34:09 2024: Debug: Framed-MTU = 1004
(34) Thu Nov 21 15:34:09 2024: Debug: Sent Access-Challenge Id 32 from 100.129.58.1:1812 to 100.129.56.1:37236 length 1092
(34) Thu Nov 21 15:34:09 2024: Debug: Eltex-Tls-Enabled = 0
(34) Thu Nov 21 15:34:09 2024: Debug: EAP-Message = 0x018703f619c00000090f1603030039020000350303056c34d7a2cd4443bf84fdb3787baa9f1292763bb392ba213491760b839487e900c03000000dff01000100000b00040300010216030307710
(34) Thu Nov 21 15:34:09 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(34) Thu Nov 21 15:34:09 2024: Debug: State = 0xd6c6d814d741c1da517e6b54cde2f128
(34) Thu Nov 21 15:34:09 2024: Debug: Finished request
(35) Thu Nov 21 15:34:09 2024: Debug: Received Access-Request Id 33 from 100.129.56.1:37236 to 100.129.58.1:1812 length 272
(35) Thu Nov 21 15:34:09 2024: Debug: User-Name = "tester"
(35) Thu Nov 21 15:34:09 2024: Debug: NAS-IP-Address = 100.129.56.1
(35) Thu Nov 21 15:34:09 2024: Debug: Eltex-Domain = "default"
(35) Thu Nov 21 15:34:09 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(35) Thu Nov 21 15:34:09 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(35) Thu Nov 21 15:34:09 2024: Debug: NAS-Port-Type = Wireless-802.11
(35) Thu Nov 21 15:34:09 2024: Debug: NAS-Port-Id = "10"
(35) Thu Nov 21 15:34:09 2024: Debug: Service-Type = Framed-User
(35) Thu Nov 21 15:34:09 2024: Debug: NAS-Port = 1
(35) Thu Nov 21 15:34:09 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(35) Thu Nov 21 15:34:09 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(35) Thu Nov 21 15:34:09 2024: Debug: Acct-Session-Id = "073DA111-08E53DB2"
(35) Thu Nov 21 15:34:09 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(35) Thu Nov 21 15:34:09 2024: Debug: WLAN-Group-Cipher = 1027076
(35) Thu Nov 21 15:34:09 2024: Debug: WLAN-AKM-Suite = 1027073
(35) Thu Nov 21 15:34:09 2024: Debug: Eltex-AP-Domain = "with-gre"
(35) Thu Nov 21 15:34:09 2024: Debug: Framed-MTU = 1400
(35) Thu Nov 21 15:34:09 2024: Debug: EAP-Message = 0x028700061900
(35) Thu Nov 21 15:34:09 2024: Debug: State = 0xd6c6d814d741c1da517e6b54cde2f128
(35) Thu Nov 21 15:34:09 2024: Debug: Message-Authenticator = 0x9211bd5236d0093375733c66b58cd3c9
(35) Thu Nov 21 15:34:09 2024: Debug: Restoring &session-state
(35) Thu Nov 21 15:34:09 2024: Debug: &session-state:Framed-MTU = 1004
(35) Thu Nov 21 15:34:09 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/_default
(35) Thu Nov 21 15:34:09 2024: Debug: authorize {
(35) Thu Nov 21 15:34:09 2024: Debug: policy filter_username {
(35) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name) {
(35) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name) -> TRUE
(35) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name) {
(35) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ / /) {
(35) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ / /) -> FALSE
(35) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(35) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(35) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /\.\./ ) {
(35) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(35) Thu Nov 21 15:34:09 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(35) Thu Nov 21 15:34:09 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(35) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /\.$/) {
(35) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(35) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /@\./) {
(35) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(35) Thu Nov 21 15:34:09 2024: Debug: } # if (&User-Name) = notfound
(35) Thu Nov 21 15:34:09 2024: Debug: } # policy filter_username = notfound
(35) Thu Nov 21 15:34:09 2024: Debug: [preprocess] = ok
(35) Thu Nov 21 15:34:09 2024: Debug: [chap] = noop
(35) Thu Nov 21 15:34:09 2024: Debug: [mschap] = noop
(35) Thu Nov 21 15:34:09 2024: Debug: [digest] = noop
(35) Thu Nov 21 15:34:09 2024: Debug: suffix: Checking for suffix after "@"
(35) Thu Nov 21 15:34:09 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(35) Thu Nov 21 15:34:09 2024: Debug: suffix: No such realm "NULL"
(35) Thu Nov 21 15:34:09 2024: Debug: [suffix] = noop
(35) Thu Nov 21 15:34:09 2024: Debug: files_multi: users: Matched entry DEFAULT at line 1
(35) Thu Nov 21 15:34:09 2024: Debug: files_multi: users: Matched entry tester at line 5
(35) Thu Nov 21 15:34:09 2024: Debug: [files_multi] = ok
(35) Thu Nov 21 15:34:09 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) {
(35) Thu Nov 21 15:34:09 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) -> FALSE
(35) Thu Nov 21 15:34:09 2024: Debug: else {
(35) Thu Nov 21 15:34:09 2024: Debug: eap: Peer sent EAP Response (code 2) ID 135 length 6
(35) Thu Nov 21 15:34:09 2024: Debug: eap: Continuing tunnel setup
(35) Thu Nov 21 15:34:09 2024: Debug: [eap] = ok
(35) Thu Nov 21 15:34:09 2024: Debug: } # else = ok
(35) Thu Nov 21 15:34:09 2024: Debug: if (ok) {
(35) Thu Nov 21 15:34:09 2024: Debug: if (ok) -> TRUE
(35) Thu Nov 21 15:34:09 2024: Debug: if (ok) {
(35) Thu Nov 21 15:34:09 2024: Debug: return
(35) Thu Nov 21 15:34:09 2024: Debug: } # if (ok) = ok
(35) Thu Nov 21 15:34:09 2024: Debug: } # authorize = ok
(35) Thu Nov 21 15:34:09 2024: Debug: Found Auth-Type = eap
(35) Thu Nov 21 15:34:09 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(35) Thu Nov 21 15:34:09 2024: Debug: authenticate {
(35) Thu Nov 21 15:34:09 2024: Debug: eap: Expiring EAP session with state 0xd6c6d814d741c1da
(35) Thu Nov 21 15:34:09 2024: Debug: eap: Finished EAP session with state 0xd6c6d814d741c1da
(35) Thu Nov 21 15:34:09 2024: Debug: eap: Previous EAP request found for state 0xd6c6d814d741c1da, released from the list
(35) Thu Nov 21 15:34:09 2024: Debug: eap: Peer sent packet with method EAP PEAP (25)
(35) Thu Nov 21 15:34:09 2024: Debug: eap: Calling submodule eap_peap to process data
(35) Thu Nov 21 15:34:09 2024: Debug: eap_peap: (TLS) Peer ACKed our handshake fragment
(35) Thu Nov 21 15:34:09 2024: Debug: eap: Sending EAP Request (code 1) ID 136 length 1010
(35) Thu Nov 21 15:34:09 2024: Debug: eap: EAP session adding &reply:State = 0xd6c6d814d44ec1da
(35) Thu Nov 21 15:34:09 2024: Debug: [eap] = handled
(35) Thu Nov 21 15:34:09 2024: Debug: } # authenticate = handled
(35) Thu Nov 21 15:34:09 2024: Debug: Using Post-Auth-Type Challenge
(35) Thu Nov 21 15:34:09 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(35) Thu Nov 21 15:34:09 2024: Debug: Challenge { ... } # empty sub-section is ignored
(35) Thu Nov 21 15:34:09 2024: Debug: session-state: Saving cached attributes
(35) Thu Nov 21 15:34:09 2024: Debug: Framed-MTU = 1004
(35) Thu Nov 21 15:34:09 2024: Debug: Sent Access-Challenge Id 33 from 100.129.58.1:1812 to 100.129.56.1:37236 length 1086
(35) Thu Nov 21 15:34:09 2024: Debug: Eltex-Tls-Enabled = 0
(35) Thu Nov 21 15:34:09 2024: Debug: EAP-Message = 0x018803f21940300d06092a864886f70d01010b0500308181310b3009060355040613025255310f300d06035504080c065275737369613114301206035504070c0b4e6f766f7369626972736b314
(35) Thu Nov 21 15:34:09 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(35) Thu Nov 21 15:34:09 2024: Debug: State = 0xd6c6d814d44ec1da517e6b54cde2f128
(35) Thu Nov 21 15:34:09 2024: Debug: Finished request
(36) Thu Nov 21 15:34:09 2024: Debug: Received Access-Request Id 34 from 100.129.56.1:37236 to 100.129.58.1:1812 length 272
(36) Thu Nov 21 15:34:09 2024: Debug: User-Name = "tester"
(36) Thu Nov 21 15:34:09 2024: Debug: NAS-IP-Address = 100.129.56.1
(36) Thu Nov 21 15:34:09 2024: Debug: Eltex-Domain = "default"
(36) Thu Nov 21 15:34:09 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(36) Thu Nov 21 15:34:09 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(36) Thu Nov 21 15:34:09 2024: Debug: NAS-Port-Type = Wireless-802.11
(36) Thu Nov 21 15:34:09 2024: Debug: NAS-Port-Id = "10"
(36) Thu Nov 21 15:34:09 2024: Debug: Service-Type = Framed-User
(36) Thu Nov 21 15:34:09 2024: Debug: NAS-Port = 1
(36) Thu Nov 21 15:34:09 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(36) Thu Nov 21 15:34:09 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(36) Thu Nov 21 15:34:09 2024: Debug: Acct-Session-Id = "073DA111-08E53DB2"
(36) Thu Nov 21 15:34:09 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(36) Thu Nov 21 15:34:09 2024: Debug: WLAN-Group-Cipher = 1027076
(36) Thu Nov 21 15:34:09 2024: Debug: WLAN-AKM-Suite = 1027073
(36) Thu Nov 21 15:34:09 2024: Debug: Eltex-AP-Domain = "with-gre"
(36) Thu Nov 21 15:34:09 2024: Debug: Framed-MTU = 1400
(36) Thu Nov 21 15:34:09 2024: Debug: EAP-Message = 0x028800061900
(36) Thu Nov 21 15:34:09 2024: Debug: State = 0xd6c6d814d44ec1da517e6b54cde2f128
(36) Thu Nov 21 15:34:09 2024: Debug: Message-Authenticator = 0x4bf2d8459c4ec1c30e777a67d2369bc6
(36) Thu Nov 21 15:34:09 2024: Debug: Restoring &session-state
(36) Thu Nov 21 15:34:09 2024: Debug: &session-state:Framed-MTU = 1004
(36) Thu Nov 21 15:34:09 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/_default
(36) Thu Nov 21 15:34:09 2024: Debug: authorize {
(36) Thu Nov 21 15:34:09 2024: Debug: policy filter_username {
(36) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name) {
(36) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name) -> TRUE
(36) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name) {
(36) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ / /) {
(36) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ / /) -> FALSE
(36) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(36) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(36) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /\.\./ ) {
(36) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(36) Thu Nov 21 15:34:09 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(36) Thu Nov 21 15:34:09 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(36) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /\.$/) {
(36) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(36) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /@\./) {
(36) Thu Nov 21 15:34:09 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(36) Thu Nov 21 15:34:09 2024: Debug: } # if (&User-Name) = notfound
(36) Thu Nov 21 15:34:09 2024: Debug: } # policy filter_username = notfound
(36) Thu Nov 21 15:34:09 2024: Debug: [preprocess] = ok
(36) Thu Nov 21 15:34:09 2024: Debug: [chap] = noop
(36) Thu Nov 21 15:34:09 2024: Debug: [mschap] = noop
(36) Thu Nov 21 15:34:09 2024: Debug: [digest] = noop
(36) Thu Nov 21 15:34:09 2024: Debug: suffix: Checking for suffix after "@"
(36) Thu Nov 21 15:34:09 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(36) Thu Nov 21 15:34:09 2024: Debug: suffix: No such realm "NULL"
(36) Thu Nov 21 15:34:09 2024: Debug: [suffix] = noop
(36) Thu Nov 21 15:34:09 2024: Debug: files_multi: users: Matched entry DEFAULT at line 1
(36) Thu Nov 21 15:34:09 2024: Debug: files_multi: users: Matched entry tester at line 5
(36) Thu Nov 21 15:34:09 2024: Debug: [files_multi] = ok
(36) Thu Nov 21 15:34:09 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) {
(36) Thu Nov 21 15:34:09 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) -> FALSE
(36) Thu Nov 21 15:34:09 2024: Debug: else {
(36) Thu Nov 21 15:34:09 2024: Debug: eap: Peer sent EAP Response (code 2) ID 136 length 6
(36) Thu Nov 21 15:34:09 2024: Debug: eap: Continuing tunnel setup
(36) Thu Nov 21 15:34:09 2024: Debug: [eap] = ok
(36) Thu Nov 21 15:34:09 2024: Debug: } # else = ok
(36) Thu Nov 21 15:34:09 2024: Debug: if (ok) {
(36) Thu Nov 21 15:34:09 2024: Debug: if (ok) -> TRUE
(36) Thu Nov 21 15:34:09 2024: Debug: if (ok) {
(36) Thu Nov 21 15:34:09 2024: Debug: return
(36) Thu Nov 21 15:34:09 2024: Debug: } # if (ok) = ok
(36) Thu Nov 21 15:34:09 2024: Debug: } # authorize = ok
(36) Thu Nov 21 15:34:09 2024: Debug: Found Auth-Type = eap
(36) Thu Nov 21 15:34:09 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(36) Thu Nov 21 15:34:09 2024: Debug: authenticate {
(36) Thu Nov 21 15:34:09 2024: Debug: eap: Expiring EAP session with state 0xd6c6d814d44ec1da
(36) Thu Nov 21 15:34:09 2024: Debug: eap: Finished EAP session with state 0xd6c6d814d44ec1da
(36) Thu Nov 21 15:34:09 2024: Debug: eap: Previous EAP request found for state 0xd6c6d814d44ec1da, released from the list
(36) Thu Nov 21 15:34:09 2024: Debug: eap: Peer sent packet with method EAP PEAP (25)
(36) Thu Nov 21 15:34:09 2024: Debug: eap: Calling submodule eap_peap to process data
(36) Thu Nov 21 15:34:09 2024: Debug: eap_peap: (TLS) Peer ACKed our handshake fragment
(36) Thu Nov 21 15:34:09 2024: Debug: eap: Sending EAP Request (code 1) ID 137 length 317
(36) Thu Nov 21 15:34:09 2024: Debug: eap: EAP session adding &reply:State = 0xd6c6d814d54fc1da
(36) Thu Nov 21 15:34:09 2024: Debug: [eap] = handled
(36) Thu Nov 21 15:34:09 2024: Debug: } # authenticate = handled
(36) Thu Nov 21 15:34:09 2024: Debug: Using Post-Auth-Type Challenge
(36) Thu Nov 21 15:34:09 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(36) Thu Nov 21 15:34:09 2024: Debug: Challenge { ... } # empty sub-section is ignored
(36) Thu Nov 21 15:34:09 2024: Debug: session-state: Saving cached attributes
(36) Thu Nov 21 15:34:09 2024: Debug: Framed-MTU = 1004
(36) Thu Nov 21 15:34:09 2024: Debug: Sent Access-Challenge Id 34 from 100.129.58.1:1812 to 100.129.56.1:37236 length 389
(36) Thu Nov 21 15:34:09 2024: Debug: Eltex-Tls-Enabled = 0
(36) Thu Nov 21 15:34:09 2024: Debug: EAP-Message = 0x0189013d1900e90c33a738cccf02dda76e56ee53e2d612e830debd251974be17a02cf62e886c47c93fc1456ba275123e040101005b94113a376be5c27367f6df21134e38b494e5442b45800d7a0
(36) Thu Nov 21 15:34:09 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(36) Thu Nov 21 15:34:09 2024: Debug: State = 0xd6c6d814d54fc1da517e6b54cde2f128
(36) Thu Nov 21 15:34:09 2024: Debug: Finished request
(37) Thu Nov 21 15:34:14 2024: Debug: Received Access-Request Id 35 from 100.129.56.1:37236 to 100.129.58.1:1812 length 402
(37) Thu Nov 21 15:34:14 2024: Debug: User-Name = "tester"
(37) Thu Nov 21 15:34:14 2024: Debug: NAS-IP-Address = 100.129.56.1
(37) Thu Nov 21 15:34:14 2024: Debug: Eltex-Domain = "default"
(37) Thu Nov 21 15:34:14 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(37) Thu Nov 21 15:34:14 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(37) Thu Nov 21 15:34:14 2024: Debug: NAS-Port-Type = Wireless-802.11
(37) Thu Nov 21 15:34:14 2024: Debug: NAS-Port-Id = "10"
(37) Thu Nov 21 15:34:14 2024: Debug: Service-Type = Framed-User
(37) Thu Nov 21 15:34:14 2024: Debug: NAS-Port = 1
(37) Thu Nov 21 15:34:14 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(37) Thu Nov 21 15:34:14 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(37) Thu Nov 21 15:34:14 2024: Debug: Acct-Session-Id = "073DA111-08E53DB2"
(37) Thu Nov 21 15:34:14 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(37) Thu Nov 21 15:34:14 2024: Debug: WLAN-Group-Cipher = 1027076
(37) Thu Nov 21 15:34:14 2024: Debug: WLAN-AKM-Suite = 1027073
(37) Thu Nov 21 15:34:14 2024: Debug: Eltex-AP-Domain = "with-gre"
(37) Thu Nov 21 15:34:14 2024: Debug: Framed-MTU = 1400
(37) Thu Nov 21 15:34:14 2024: Debug: EAP-Message = 0x0289008819800000007e1603030046100000424104062f114b734c6fa21c06e87a7576c15cbf6f7f8dbf30c1c52d6f726e78f24d06bd1b075797550030c6117b5d1ce0f5b9a41b13705938f833d
(37) Thu Nov 21 15:34:14 2024: Debug: State = 0xd6c6d814d54fc1da517e6b54cde2f128
(37) Thu Nov 21 15:34:14 2024: Debug: Message-Authenticator = 0xef09f27e663784fbc4d7fb0b23be3fdd
(37) Thu Nov 21 15:34:14 2024: Debug: Restoring &session-state
(37) Thu Nov 21 15:34:14 2024: Debug: &session-state:Framed-MTU = 1004
(37) Thu Nov 21 15:34:14 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/_default
(37) Thu Nov 21 15:34:14 2024: Debug: authorize {
(37) Thu Nov 21 15:34:14 2024: Debug: policy filter_username {
(37) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) {
(37) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) -> TRUE
(37) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) {
(37) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ / /) {
(37) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ / /) -> FALSE
(37) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(37) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(37) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.\./ ) {
(37) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(37) Thu Nov 21 15:34:14 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(37) Thu Nov 21 15:34:14 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(37) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.$/) {
(37) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(37) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@\./) {
(37) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(37) Thu Nov 21 15:34:14 2024: Debug: } # if (&User-Name) = notfound
(37) Thu Nov 21 15:34:14 2024: Debug: } # policy filter_username = notfound
(37) Thu Nov 21 15:34:14 2024: Debug: [preprocess] = ok
(37) Thu Nov 21 15:34:14 2024: Debug: [chap] = noop
(37) Thu Nov 21 15:34:14 2024: Debug: [mschap] = noop
(37) Thu Nov 21 15:34:14 2024: Debug: [digest] = noop
(37) Thu Nov 21 15:34:14 2024: Debug: suffix: Checking for suffix after "@"
(37) Thu Nov 21 15:34:14 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(37) Thu Nov 21 15:34:14 2024: Debug: suffix: No such realm "NULL"
(37) Thu Nov 21 15:34:14 2024: Debug: [suffix] = noop
(37) Thu Nov 21 15:34:14 2024: Debug: files_multi: users: Matched entry DEFAULT at line 1
(37) Thu Nov 21 15:34:14 2024: Debug: files_multi: users: Matched entry tester at line 5
(37) Thu Nov 21 15:34:14 2024: Debug: [files_multi] = ok
(37) Thu Nov 21 15:34:14 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) {
(37) Thu Nov 21 15:34:14 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) -> FALSE
(37) Thu Nov 21 15:34:14 2024: Debug: else {
(37) Thu Nov 21 15:34:14 2024: Debug: eap: Peer sent EAP Response (code 2) ID 137 length 136
(37) Thu Nov 21 15:34:14 2024: Debug: eap: Continuing tunnel setup
(37) Thu Nov 21 15:34:14 2024: Debug: [eap] = ok
(37) Thu Nov 21 15:34:14 2024: Debug: } # else = ok
(37) Thu Nov 21 15:34:14 2024: Debug: if (ok) {
(37) Thu Nov 21 15:34:14 2024: Debug: if (ok) -> TRUE
(37) Thu Nov 21 15:34:14 2024: Debug: if (ok) {
(37) Thu Nov 21 15:34:14 2024: Debug: return
(37) Thu Nov 21 15:34:14 2024: Debug: } # if (ok) = ok
(37) Thu Nov 21 15:34:14 2024: Debug: } # authorize = ok
(37) Thu Nov 21 15:34:14 2024: Debug: Found Auth-Type = eap
(37) Thu Nov 21 15:34:14 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(37) Thu Nov 21 15:34:14 2024: Debug: authenticate {
(37) Thu Nov 21 15:34:14 2024: Debug: eap: Expiring EAP session with state 0xd6c6d814d54fc1da
(37) Thu Nov 21 15:34:14 2024: Debug: eap: Finished EAP session with state 0xd6c6d814d54fc1da
(37) Thu Nov 21 15:34:14 2024: Debug: eap: Previous EAP request found for state 0xd6c6d814d54fc1da, released from the list
(37) Thu Nov 21 15:34:14 2024: Debug: eap: Peer sent packet with method EAP PEAP (25)
(37) Thu Nov 21 15:34:14 2024: Debug: eap: Calling submodule eap_peap to process data
(37) Thu Nov 21 15:34:14 2024: Debug: eap_peap: (TLS) EAP Peer says that the final record size will be 126 bytes
(37) Thu Nov 21 15:34:14 2024: Debug: eap_peap: (TLS) EAP Got all data (126 bytes)
(37) Thu Nov 21 15:34:14 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 read client key exchange A
(37) Thu Nov 21 15:34:14 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 read certificate verify A
(37) Thu Nov 21 15:34:14 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 read finished A
(37) Thu Nov 21 15:34:14 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 write change cipher spec A
(37) Thu Nov 21 15:34:14 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 write finished A
(37) Thu Nov 21 15:34:14 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 flush data
(37) Thu Nov 21 15:34:14 2024: Debug: eap_peap: (TLS) Handshake state - SSL negotiation finished successfully
(37) Thu Nov 21 15:34:14 2024: Debug: eap_peap: (TLS) Connection Established
(37) Thu Nov 21 15:34:14 2024: Debug: eap_peap: TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(37) Thu Nov 21 15:34:14 2024: Debug: eap_peap: TLS-Session-Version = "TLS 1.2"
(37) Thu Nov 21 15:34:14 2024: Debug: eap: Sending EAP Request (code 1) ID 138 length 57
(37) Thu Nov 21 15:34:14 2024: Debug: eap: EAP session adding &reply:State = 0xd6c6d814d24cc1da
(37) Thu Nov 21 15:34:14 2024: Debug: [eap] = handled
(37) Thu Nov 21 15:34:14 2024: Debug: } # authenticate = handled
(37) Thu Nov 21 15:34:14 2024: Debug: Using Post-Auth-Type Challenge
(37) Thu Nov 21 15:34:14 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(37) Thu Nov 21 15:34:14 2024: Debug: Challenge { ... } # empty sub-section is ignored
(37) Thu Nov 21 15:34:14 2024: Debug: session-state: Saving cached attributes
(37) Thu Nov 21 15:34:14 2024: Debug: Framed-MTU = 1004
(37) Thu Nov 21 15:34:14 2024: Debug: TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(37) Thu Nov 21 15:34:14 2024: Debug: TLS-Session-Version = "TLS 1.2"
(37) Thu Nov 21 15:34:14 2024: Debug: Sent Access-Challenge Id 35 from 100.129.58.1:1812 to 100.129.56.1:37236 length 127
(37) Thu Nov 21 15:34:14 2024: Debug: Eltex-Tls-Enabled = 0
(37) Thu Nov 21 15:34:14 2024: Debug: EAP-Message = 0x018a00391900140303000101160303002889966e719344ac9746988eefda7798137249678c7732156f51c4a6312581ae9dfb5cab5b1ab182eb
(37) Thu Nov 21 15:34:14 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(37) Thu Nov 21 15:34:14 2024: Debug: State = 0xd6c6d814d24cc1da517e6b54cde2f128
(37) Thu Nov 21 15:34:14 2024: Debug: Finished request
(38) Thu Nov 21 15:34:14 2024: Debug: Received Access-Request Id 36 from 100.129.56.1:37236 to 100.129.58.1:1812 length 272
(38) Thu Nov 21 15:34:14 2024: Debug: User-Name = "tester"
(38) Thu Nov 21 15:34:14 2024: Debug: NAS-IP-Address = 100.129.56.1
(38) Thu Nov 21 15:34:14 2024: Debug: Eltex-Domain = "default"
(38) Thu Nov 21 15:34:14 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(38) Thu Nov 21 15:34:14 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(38) Thu Nov 21 15:34:14 2024: Debug: NAS-Port-Type = Wireless-802.11
(38) Thu Nov 21 15:34:14 2024: Debug: NAS-Port-Id = "10"
(38) Thu Nov 21 15:34:14 2024: Debug: Service-Type = Framed-User
(38) Thu Nov 21 15:34:14 2024: Debug: NAS-Port = 1
(38) Thu Nov 21 15:34:14 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(38) Thu Nov 21 15:34:14 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(38) Thu Nov 21 15:34:14 2024: Debug: Acct-Session-Id = "073DA111-08E53DB2"
(38) Thu Nov 21 15:34:14 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(38) Thu Nov 21 15:34:14 2024: Debug: WLAN-Group-Cipher = 1027076
(38) Thu Nov 21 15:34:14 2024: Debug: WLAN-AKM-Suite = 1027073
(38) Thu Nov 21 15:34:14 2024: Debug: Eltex-AP-Domain = "with-gre"
(38) Thu Nov 21 15:34:14 2024: Debug: Framed-MTU = 1400
(38) Thu Nov 21 15:34:14 2024: Debug: EAP-Message = 0x028a00061900
(38) Thu Nov 21 15:34:14 2024: Debug: State = 0xd6c6d814d24cc1da517e6b54cde2f128
(38) Thu Nov 21 15:34:14 2024: Debug: Message-Authenticator = 0x55540bd1180d2b71ccb2613611147157
(38) Thu Nov 21 15:34:14 2024: Debug: Restoring &session-state
(38) Thu Nov 21 15:34:14 2024: Debug: &session-state:Framed-MTU = 1004
(38) Thu Nov 21 15:34:14 2024: Debug: &session-state:TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(38) Thu Nov 21 15:34:14 2024: Debug: &session-state:TLS-Session-Version = "TLS 1.2"
(38) Thu Nov 21 15:34:14 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/_default
(38) Thu Nov 21 15:34:14 2024: Debug: authorize {
(38) Thu Nov 21 15:34:14 2024: Debug: policy filter_username {
(38) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) {
(38) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) -> TRUE
(38) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) {
(38) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ / /) {
(38) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ / /) -> FALSE
(38) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(38) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(38) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.\./ ) {
(38) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(38) Thu Nov 21 15:34:14 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(38) Thu Nov 21 15:34:14 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(38) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.$/) {
(38) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(38) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@\./) {
(38) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(38) Thu Nov 21 15:34:14 2024: Debug: } # if (&User-Name) = notfound
(38) Thu Nov 21 15:34:14 2024: Debug: } # policy filter_username = notfound
(38) Thu Nov 21 15:34:14 2024: Debug: [preprocess] = ok
(38) Thu Nov 21 15:34:14 2024: Debug: [chap] = noop
(38) Thu Nov 21 15:34:14 2024: Debug: [mschap] = noop
(38) Thu Nov 21 15:34:14 2024: Debug: [digest] = noop
(38) Thu Nov 21 15:34:14 2024: Debug: suffix: Checking for suffix after "@"
(38) Thu Nov 21 15:34:14 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(38) Thu Nov 21 15:34:14 2024: Debug: suffix: No such realm "NULL"
(38) Thu Nov 21 15:34:14 2024: Debug: [suffix] = noop
(38) Thu Nov 21 15:34:14 2024: Debug: files_multi: users: Matched entry DEFAULT at line 1
(38) Thu Nov 21 15:34:14 2024: Debug: files_multi: users: Matched entry tester at line 5
(38) Thu Nov 21 15:34:14 2024: Debug: [files_multi] = ok
(38) Thu Nov 21 15:34:14 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) {
(38) Thu Nov 21 15:34:14 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) -> FALSE
(38) Thu Nov 21 15:34:14 2024: Debug: else {
(38) Thu Nov 21 15:34:14 2024: Debug: eap: Peer sent EAP Response (code 2) ID 138 length 6
(38) Thu Nov 21 15:34:14 2024: Debug: eap: Continuing tunnel setup
(38) Thu Nov 21 15:34:14 2024: Debug: [eap] = ok
(38) Thu Nov 21 15:34:14 2024: Debug: } # else = ok
(38) Thu Nov 21 15:34:14 2024: Debug: if (ok) {
(38) Thu Nov 21 15:34:14 2024: Debug: if (ok) -> TRUE
(38) Thu Nov 21 15:34:14 2024: Debug: if (ok) {
(38) Thu Nov 21 15:34:14 2024: Debug: return
(38) Thu Nov 21 15:34:14 2024: Debug: } # if (ok) = ok
(38) Thu Nov 21 15:34:14 2024: Debug: } # authorize = ok
(38) Thu Nov 21 15:34:14 2024: Debug: Found Auth-Type = eap
(38) Thu Nov 21 15:34:14 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(38) Thu Nov 21 15:34:14 2024: Debug: authenticate {
(38) Thu Nov 21 15:34:14 2024: Debug: eap: Expiring EAP session with state 0xd6c6d814d24cc1da
(38) Thu Nov 21 15:34:14 2024: Debug: eap: Finished EAP session with state 0xd6c6d814d24cc1da
(38) Thu Nov 21 15:34:14 2024: Debug: eap: Previous EAP request found for state 0xd6c6d814d24cc1da, released from the list
(38) Thu Nov 21 15:34:14 2024: Debug: eap: Peer sent packet with method EAP PEAP (25)
(38) Thu Nov 21 15:34:14 2024: Debug: eap: Calling submodule eap_peap to process data
(38) Thu Nov 21 15:34:14 2024: Debug: eap_peap: (TLS) Peer ACKed our handshake fragment. handshake is finished
(38) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Session established. Decoding tunneled attributes
(38) Thu Nov 21 15:34:14 2024: Debug: eap_peap: PEAP state TUNNEL ESTABLISHED
(38) Thu Nov 21 15:34:14 2024: Debug: eap: Sending EAP Request (code 1) ID 139 length 40
(38) Thu Nov 21 15:34:14 2024: Debug: eap: EAP session adding &reply:State = 0xd6c6d814d34dc1da
(38) Thu Nov 21 15:34:14 2024: Debug: [eap] = handled
(38) Thu Nov 21 15:34:14 2024: Debug: } # authenticate = handled
(38) Thu Nov 21 15:34:14 2024: Debug: Using Post-Auth-Type Challenge
(38) Thu Nov 21 15:34:14 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(38) Thu Nov 21 15:34:14 2024: Debug: Challenge { ... } # empty sub-section is ignored
(38) Thu Nov 21 15:34:14 2024: Debug: session-state: Saving cached attributes
(38) Thu Nov 21 15:34:14 2024: Debug: Framed-MTU = 1004
(38) Thu Nov 21 15:34:14 2024: Debug: TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(38) Thu Nov 21 15:34:14 2024: Debug: TLS-Session-Version = "TLS 1.2"
(38) Thu Nov 21 15:34:14 2024: Debug: Sent Access-Challenge Id 36 from 100.129.58.1:1812 to 100.129.56.1:37236 length 110
(38) Thu Nov 21 15:34:14 2024: Debug: Eltex-Tls-Enabled = 0
(38) Thu Nov 21 15:34:14 2024: Debug: EAP-Message = 0x018b00281900170303001d89966e719344ac98f850f361870d173ed36fe65f614390b1e5ab900f07
(38) Thu Nov 21 15:34:14 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(38) Thu Nov 21 15:34:14 2024: Debug: State = 0xd6c6d814d34dc1da517e6b54cde2f128
(38) Thu Nov 21 15:34:14 2024: Debug: Finished request
(39) Thu Nov 21 15:34:14 2024: Debug: Received Access-Request Id 37 from 100.129.56.1:37236 to 100.129.58.1:1812 length 308
(39) Thu Nov 21 15:34:14 2024: Debug: User-Name = "tester"
(39) Thu Nov 21 15:34:14 2024: Debug: NAS-IP-Address = 100.129.56.1
(39) Thu Nov 21 15:34:14 2024: Debug: Eltex-Domain = "default"
(39) Thu Nov 21 15:34:14 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(39) Thu Nov 21 15:34:14 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(39) Thu Nov 21 15:34:14 2024: Debug: NAS-Port-Type = Wireless-802.11
(39) Thu Nov 21 15:34:14 2024: Debug: NAS-Port-Id = "10"
(39) Thu Nov 21 15:34:14 2024: Debug: Service-Type = Framed-User
(39) Thu Nov 21 15:34:14 2024: Debug: NAS-Port = 1
(39) Thu Nov 21 15:34:14 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(39) Thu Nov 21 15:34:14 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(39) Thu Nov 21 15:34:14 2024: Debug: Acct-Session-Id = "073DA111-08E53DB2"
(39) Thu Nov 21 15:34:14 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(39) Thu Nov 21 15:34:14 2024: Debug: WLAN-Group-Cipher = 1027076
(39) Thu Nov 21 15:34:14 2024: Debug: WLAN-AKM-Suite = 1027073
(39) Thu Nov 21 15:34:14 2024: Debug: Eltex-AP-Domain = "with-gre"
(39) Thu Nov 21 15:34:14 2024: Debug: Framed-MTU = 1400
(39) Thu Nov 21 15:34:14 2024: Debug: EAP-Message = 0x028b002a1900170303001f126f9cc4d1f2f8310e2667957637c36ced32de7781959f814e57e1addc11c0
(39) Thu Nov 21 15:34:14 2024: Debug: State = 0xd6c6d814d34dc1da517e6b54cde2f128
(39) Thu Nov 21 15:34:14 2024: Debug: Message-Authenticator = 0xd7700cfe8a99e9b13bb7d67c602ad766
(39) Thu Nov 21 15:34:14 2024: Debug: Restoring &session-state
(39) Thu Nov 21 15:34:14 2024: Debug: &session-state:Framed-MTU = 1004
(39) Thu Nov 21 15:34:14 2024: Debug: &session-state:TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(39) Thu Nov 21 15:34:14 2024: Debug: &session-state:TLS-Session-Version = "TLS 1.2"
(39) Thu Nov 21 15:34:14 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/_default
(39) Thu Nov 21 15:34:14 2024: Debug: authorize {
(39) Thu Nov 21 15:34:14 2024: Debug: policy filter_username {
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) {
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) -> TRUE
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) {
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ / /) {
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ / /) -> FALSE
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.\./ ) {
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(39) Thu Nov 21 15:34:14 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(39) Thu Nov 21 15:34:14 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.$/) {
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@\./) {
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(39) Thu Nov 21 15:34:14 2024: Debug: } # if (&User-Name) = notfound
(39) Thu Nov 21 15:34:14 2024: Debug: } # policy filter_username = notfound
(39) Thu Nov 21 15:34:14 2024: Debug: [preprocess] = ok
(39) Thu Nov 21 15:34:14 2024: Debug: [chap] = noop
(39) Thu Nov 21 15:34:14 2024: Debug: [mschap] = noop
(39) Thu Nov 21 15:34:14 2024: Debug: [digest] = noop
(39) Thu Nov 21 15:34:14 2024: Debug: suffix: Checking for suffix after "@"
(39) Thu Nov 21 15:34:14 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(39) Thu Nov 21 15:34:14 2024: Debug: suffix: No such realm "NULL"
(39) Thu Nov 21 15:34:14 2024: Debug: [suffix] = noop
(39) Thu Nov 21 15:34:14 2024: Debug: files_multi: users: Matched entry DEFAULT at line 1
(39) Thu Nov 21 15:34:14 2024: Debug: files_multi: users: Matched entry tester at line 5
(39) Thu Nov 21 15:34:14 2024: Debug: [files_multi] = ok
(39) Thu Nov 21 15:34:14 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) {
(39) Thu Nov 21 15:34:14 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) -> FALSE
(39) Thu Nov 21 15:34:14 2024: Debug: else {
(39) Thu Nov 21 15:34:14 2024: Debug: eap: Peer sent EAP Response (code 2) ID 139 length 42
(39) Thu Nov 21 15:34:14 2024: Debug: eap: Continuing tunnel setup
(39) Thu Nov 21 15:34:14 2024: Debug: [eap] = ok
(39) Thu Nov 21 15:34:14 2024: Debug: } # else = ok
(39) Thu Nov 21 15:34:14 2024: Debug: if (ok) {
(39) Thu Nov 21 15:34:14 2024: Debug: if (ok) -> TRUE
(39) Thu Nov 21 15:34:14 2024: Debug: if (ok) {
(39) Thu Nov 21 15:34:14 2024: Debug: return
(39) Thu Nov 21 15:34:14 2024: Debug: } # if (ok) = ok
(39) Thu Nov 21 15:34:14 2024: Debug: } # authorize = ok
(39) Thu Nov 21 15:34:14 2024: Debug: Found Auth-Type = eap
(39) Thu Nov 21 15:34:14 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(39) Thu Nov 21 15:34:14 2024: Debug: authenticate {
(39) Thu Nov 21 15:34:14 2024: Debug: eap: Expiring EAP session with state 0xd6c6d814d34dc1da
(39) Thu Nov 21 15:34:14 2024: Debug: eap: Finished EAP session with state 0xd6c6d814d34dc1da
(39) Thu Nov 21 15:34:14 2024: Debug: eap: Previous EAP request found for state 0xd6c6d814d34dc1da, released from the list
(39) Thu Nov 21 15:34:14 2024: Debug: eap: Peer sent packet with method EAP PEAP (25)
(39) Thu Nov 21 15:34:14 2024: Debug: eap: Calling submodule eap_peap to process data
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: (TLS) EAP Done initial handshake
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Session established. Decoding tunneled attributes
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: PEAP state WAITING FOR INNER IDENTITY
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Identity - tester
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Got inner identity 'tester'
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Setting default EAP type for tunneled EAP session
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Got tunneled request
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: EAP-Message = 0x028b000b01746573746572
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Setting User-Name to tester
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Sending tunneled request to inner-tunnel
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: EAP-Message = 0x028b000b01746573746572
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: User-Name = "tester"
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: NAS-IP-Address = 100.129.56.1
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Eltex-Domain = "default"
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: NAS-Identifier = "68:13:E2:35:D2:20"
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: NAS-Port-Type = Wireless-802.11
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: NAS-Port-Id = "10"
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Service-Type = Framed-User
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: NAS-Port = 1
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Connect-Info = "CONNECT 24Mbps 802.11a"
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Acct-Session-Id = "073DA111-08E53DB2"
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: WLAN-Pairwise-Cipher = 1027076
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: WLAN-Group-Cipher = 1027076
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: WLAN-AKM-Suite = 1027073
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Eltex-AP-Domain = "with-gre"
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Framed-MTU = 1400
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Event-Timestamp = "Nov 21 2024 15:34:14 GMT+7"
(39) Thu Nov 21 15:34:14 2024: Debug: Virtual server inner-tunnel received request
(39) Thu Nov 21 15:34:14 2024: Debug: EAP-Message = 0x028b000b01746573746572
(39) Thu Nov 21 15:34:14 2024: Debug: FreeRADIUS-Proxied-To = 127.0.0.1
(39) Thu Nov 21 15:34:14 2024: Debug: User-Name = "tester"
(39) Thu Nov 21 15:34:14 2024: Debug: NAS-IP-Address = 100.129.56.1
(39) Thu Nov 21 15:34:14 2024: Debug: Eltex-Domain = "default"
(39) Thu Nov 21 15:34:14 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(39) Thu Nov 21 15:34:14 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(39) Thu Nov 21 15:34:14 2024: Debug: NAS-Port-Type = Wireless-802.11
(39) Thu Nov 21 15:34:14 2024: Debug: NAS-Port-Id = "10"
(39) Thu Nov 21 15:34:14 2024: Debug: Service-Type = Framed-User
(39) Thu Nov 21 15:34:14 2024: Debug: NAS-Port = 1
(39) Thu Nov 21 15:34:14 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(39) Thu Nov 21 15:34:14 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(39) Thu Nov 21 15:34:14 2024: Debug: Acct-Session-Id = "073DA111-08E53DB2"
(39) Thu Nov 21 15:34:14 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(39) Thu Nov 21 15:34:14 2024: Debug: WLAN-Group-Cipher = 1027076
(39) Thu Nov 21 15:34:14 2024: Debug: WLAN-AKM-Suite = 1027073
(39) Thu Nov 21 15:34:14 2024: Debug: Eltex-AP-Domain = "with-gre"
(39) Thu Nov 21 15:34:14 2024: Debug: Framed-MTU = 1400
(39) Thu Nov 21 15:34:14 2024: Debug: Event-Timestamp = "Nov 21 2024 15:34:14 GMT+7"
(39) Thu Nov 21 15:34:14 2024: WARNING: Outer and inner identities are the same. User privacy is compromised.
(39) Thu Nov 21 15:34:14 2024: Debug: server inner-tunnel {
(39) Thu Nov 21 15:34:14 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/inner-tunnel
(39) Thu Nov 21 15:34:14 2024: Debug: authorize {
(39) Thu Nov 21 15:34:14 2024: Debug: policy filter_username {
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) {
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) -> TRUE
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) {
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ / /) {
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ / /) -> FALSE
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.\./ ) {
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(39) Thu Nov 21 15:34:14 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(39) Thu Nov 21 15:34:14 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.$/) {
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@\./) {
(39) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(39) Thu Nov 21 15:34:14 2024: Debug: } # if (&User-Name) = notfound
(39) Thu Nov 21 15:34:14 2024: Debug: } # policy filter_username = notfound
(39) Thu Nov 21 15:34:14 2024: Debug: [chap] = noop
(39) Thu Nov 21 15:34:14 2024: Debug: [mschap] = noop
(39) Thu Nov 21 15:34:14 2024: Debug: suffix: Checking for suffix after "@"
(39) Thu Nov 21 15:34:14 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(39) Thu Nov 21 15:34:14 2024: Debug: suffix: No such realm "NULL"
(39) Thu Nov 21 15:34:14 2024: Debug: [suffix] = noop
(39) Thu Nov 21 15:34:14 2024: Debug: eap: Peer sent EAP Response (code 2) ID 139 length 11
(39) Thu Nov 21 15:34:14 2024: Debug: eap: EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
(39) Thu Nov 21 15:34:14 2024: Debug: [eap] = ok
(39) Thu Nov 21 15:34:14 2024: Debug: } # authorize = ok
(39) Thu Nov 21 15:34:14 2024: Debug: Found Auth-Type = eap
(39) Thu Nov 21 15:34:14 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(39) Thu Nov 21 15:34:14 2024: Debug: authenticate {
(39) Thu Nov 21 15:34:14 2024: Debug: eap: Peer sent packet with method EAP Identity (1)
(39) Thu Nov 21 15:34:14 2024: Debug: eap: Calling submodule eap_mschapv2 to process data
(39) Thu Nov 21 15:34:14 2024: Debug: eap_mschapv2: Issuing Challenge
(39) Thu Nov 21 15:34:14 2024: Debug: eap: Sending EAP Request (code 1) ID 140 length 43
(39) Thu Nov 21 15:34:14 2024: Debug: eap: EAP session adding &reply:State = 0x73c34f14734f5598
(39) Thu Nov 21 15:34:14 2024: Debug: [eap] = handled
(39) Thu Nov 21 15:34:14 2024: Debug: } # authenticate = handled
(39) Thu Nov 21 15:34:14 2024: Debug: } # server inner-tunnel
(39) Thu Nov 21 15:34:14 2024: Debug: Virtual server sending reply
(39) Thu Nov 21 15:34:14 2024: Debug: EAP-Message = 0x018c002b1a018c00261029f35ca9eb06d27f3cb6a0fcbfbc9f98667265657261646975732d332e302e3235
(39) Thu Nov 21 15:34:14 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(39) Thu Nov 21 15:34:14 2024: Debug: State = 0x73c34f14734f5598209f4f525a078ea5
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Got tunneled reply code 11
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: EAP-Message = 0x018c002b1a018c00261029f35ca9eb06d27f3cb6a0fcbfbc9f98667265657261646975732d332e302e3235
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: State = 0x73c34f14734f5598209f4f525a078ea5
(39) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Got tunneled Access-Challenge
(39) Thu Nov 21 15:34:14 2024: Debug: eap: Sending EAP Request (code 1) ID 140 length 74
(39) Thu Nov 21 15:34:14 2024: Debug: eap: EAP session adding &reply:State = 0xd6c6d814d04ac1da
(39) Thu Nov 21 15:34:14 2024: Debug: [eap] = handled
(39) Thu Nov 21 15:34:14 2024: Debug: } # authenticate = handled
(39) Thu Nov 21 15:34:14 2024: Debug: Using Post-Auth-Type Challenge
(39) Thu Nov 21 15:34:14 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(39) Thu Nov 21 15:34:14 2024: Debug: Challenge { ... } # empty sub-section is ignored
(39) Thu Nov 21 15:34:14 2024: Debug: session-state: Saving cached attributes
(39) Thu Nov 21 15:34:14 2024: Debug: Framed-MTU = 1004
(39) Thu Nov 21 15:34:14 2024: Debug: TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(39) Thu Nov 21 15:34:14 2024: Debug: TLS-Session-Version = "TLS 1.2"
(39) Thu Nov 21 15:34:14 2024: Debug: Sent Access-Challenge Id 37 from 100.129.58.1:1812 to 100.129.56.1:37236 length 144
(39) Thu Nov 21 15:34:14 2024: Debug: Eltex-Tls-Enabled = 0
(39) Thu Nov 21 15:34:14 2024: Debug: EAP-Message = 0x018c004a1900170303003f89966e719344ac99e939d773930e064bd033b593033706bea8aec6d4cd24d0bf543cbad16b9719d94345c1eab84515cb6dd852bb943f855b6f710a6337cb1d
(39) Thu Nov 21 15:34:14 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(39) Thu Nov 21 15:34:14 2024: Debug: State = 0xd6c6d814d04ac1da517e6b54cde2f128
(39) Thu Nov 21 15:34:14 2024: Debug: Finished request
(40) Thu Nov 21 15:34:14 2024: Debug: Received Access-Request Id 38 from 100.129.56.1:37236 to 100.129.58.1:1812 length 362
(40) Thu Nov 21 15:34:14 2024: Debug: User-Name = "tester"
(40) Thu Nov 21 15:34:14 2024: Debug: NAS-IP-Address = 100.129.56.1
(40) Thu Nov 21 15:34:14 2024: Debug: Eltex-Domain = "default"
(40) Thu Nov 21 15:34:14 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(40) Thu Nov 21 15:34:14 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(40) Thu Nov 21 15:34:14 2024: Debug: NAS-Port-Type = Wireless-802.11
(40) Thu Nov 21 15:34:14 2024: Debug: NAS-Port-Id = "10"
(40) Thu Nov 21 15:34:14 2024: Debug: Service-Type = Framed-User
(40) Thu Nov 21 15:34:14 2024: Debug: NAS-Port = 1
(40) Thu Nov 21 15:34:14 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(40) Thu Nov 21 15:34:14 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(40) Thu Nov 21 15:34:14 2024: Debug: Acct-Session-Id = "073DA111-08E53DB2"
(40) Thu Nov 21 15:34:14 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(40) Thu Nov 21 15:34:14 2024: Debug: WLAN-Group-Cipher = 1027076
(40) Thu Nov 21 15:34:14 2024: Debug: WLAN-AKM-Suite = 1027073
(40) Thu Nov 21 15:34:14 2024: Debug: Eltex-AP-Domain = "with-gre"
(40) Thu Nov 21 15:34:14 2024: Debug: Framed-MTU = 1400
(40) Thu Nov 21 15:34:14 2024: Debug: EAP-Message = 0x028c006019001703030055126f9cc4d1f2f83261a51a42029098784c64cb1d267f8fc01cc65f9eae5cc6ffb7b2ad1e394575d739bf9f12051c16b587a1247b3c1ba27b02d868c470842e31031dc
(40) Thu Nov 21 15:34:14 2024: Debug: State = 0xd6c6d814d04ac1da517e6b54cde2f128
(40) Thu Nov 21 15:34:14 2024: Debug: Message-Authenticator = 0x3c5f1f1b33a3d189d133901ba166f8e4
(40) Thu Nov 21 15:34:14 2024: Debug: Restoring &session-state
(40) Thu Nov 21 15:34:14 2024: Debug: &session-state:Framed-MTU = 1004
(40) Thu Nov 21 15:34:14 2024: Debug: &session-state:TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(40) Thu Nov 21 15:34:14 2024: Debug: &session-state:TLS-Session-Version = "TLS 1.2"
(40) Thu Nov 21 15:34:14 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/_default
(40) Thu Nov 21 15:34:14 2024: Debug: authorize {
(40) Thu Nov 21 15:34:14 2024: Debug: policy filter_username {
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) {
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) -> TRUE
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) {
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ / /) {
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ / /) -> FALSE
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.\./ ) {
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(40) Thu Nov 21 15:34:14 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(40) Thu Nov 21 15:34:14 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.$/) {
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@\./) {
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(40) Thu Nov 21 15:34:14 2024: Debug: } # if (&User-Name) = notfound
(40) Thu Nov 21 15:34:14 2024: Debug: } # policy filter_username = notfound
(40) Thu Nov 21 15:34:14 2024: Debug: [preprocess] = ok
(40) Thu Nov 21 15:34:14 2024: Debug: [chap] = noop
(40) Thu Nov 21 15:34:14 2024: Debug: [mschap] = noop
(40) Thu Nov 21 15:34:14 2024: Debug: [digest] = noop
(40) Thu Nov 21 15:34:14 2024: Debug: suffix: Checking for suffix after "@"
(40) Thu Nov 21 15:34:14 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(40) Thu Nov 21 15:34:14 2024: Debug: suffix: No such realm "NULL"
(40) Thu Nov 21 15:34:14 2024: Debug: [suffix] = noop
(40) Thu Nov 21 15:34:14 2024: Debug: files_multi: users: Matched entry DEFAULT at line 1
(40) Thu Nov 21 15:34:14 2024: Debug: files_multi: users: Matched entry tester at line 5
(40) Thu Nov 21 15:34:14 2024: Debug: [files_multi] = ok
(40) Thu Nov 21 15:34:14 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) {
(40) Thu Nov 21 15:34:14 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) -> FALSE
(40) Thu Nov 21 15:34:14 2024: Debug: else {
(40) Thu Nov 21 15:34:14 2024: Debug: eap: Peer sent EAP Response (code 2) ID 140 length 96
(40) Thu Nov 21 15:34:14 2024: Debug: eap: Continuing tunnel setup
(40) Thu Nov 21 15:34:14 2024: Debug: [eap] = ok
(40) Thu Nov 21 15:34:14 2024: Debug: } # else = ok
(40) Thu Nov 21 15:34:14 2024: Debug: if (ok) {
(40) Thu Nov 21 15:34:14 2024: Debug: if (ok) -> TRUE
(40) Thu Nov 21 15:34:14 2024: Debug: if (ok) {
(40) Thu Nov 21 15:34:14 2024: Debug: return
(40) Thu Nov 21 15:34:14 2024: Debug: } # if (ok) = ok
(40) Thu Nov 21 15:34:14 2024: Debug: } # authorize = ok
(40) Thu Nov 21 15:34:14 2024: Debug: Found Auth-Type = eap
(40) Thu Nov 21 15:34:14 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(40) Thu Nov 21 15:34:14 2024: Debug: authenticate {
(40) Thu Nov 21 15:34:14 2024: Debug: eap: Expiring EAP session with state 0x73c34f14734f5598
(40) Thu Nov 21 15:34:14 2024: Debug: eap: Finished EAP session with state 0xd6c6d814d04ac1da
(40) Thu Nov 21 15:34:14 2024: Debug: eap: Previous EAP request found for state 0xd6c6d814d04ac1da, released from the list
(40) Thu Nov 21 15:34:14 2024: Debug: eap: Peer sent packet with method EAP PEAP (25)
(40) Thu Nov 21 15:34:14 2024: Debug: eap: Calling submodule eap_peap to process data
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: (TLS) EAP Done initial handshake
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Session established. Decoding tunneled attributes
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: PEAP state phase2
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: EAP method MSCHAPv2 (26)
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Got tunneled request
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: EAP-Message = 0x028c00411a028c003c31f49491c79b94785aea350343b0b0e1910000000000000000c5ae22e446e2f7e9a56cfd03b5a5fd6d08ca17d41d1a5f0300746573746572
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Setting User-Name to tester
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Sending tunneled request to inner-tunnel
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: EAP-Message = 0x028c00411a028c003c31f49491c79b94785aea350343b0b0e1910000000000000000c5ae22e446e2f7e9a56cfd03b5a5fd6d08ca17d41d1a5f0300746573746572
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: User-Name = "tester"
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: State = 0x73c34f14734f5598209f4f525a078ea5
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: NAS-IP-Address = 100.129.56.1
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Eltex-Domain = "default"
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: NAS-Identifier = "68:13:E2:35:D2:20"
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: NAS-Port-Type = Wireless-802.11
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: NAS-Port-Id = "10"
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Service-Type = Framed-User
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: NAS-Port = 1
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Connect-Info = "CONNECT 24Mbps 802.11a"
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Acct-Session-Id = "073DA111-08E53DB2"
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: WLAN-Pairwise-Cipher = 1027076
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: WLAN-Group-Cipher = 1027076
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: WLAN-AKM-Suite = 1027073
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Eltex-AP-Domain = "with-gre"
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Framed-MTU = 1400
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Event-Timestamp = "Nov 21 2024 15:34:14 GMT+7"
(40) Thu Nov 21 15:34:14 2024: Debug: Virtual server inner-tunnel received request
(40) Thu Nov 21 15:34:14 2024: Debug: EAP-Message = 0x028c00411a028c003c31f49491c79b94785aea350343b0b0e1910000000000000000c5ae22e446e2f7e9a56cfd03b5a5fd6d08ca17d41d1a5f0300746573746572
(40) Thu Nov 21 15:34:14 2024: Debug: FreeRADIUS-Proxied-To = 127.0.0.1
(40) Thu Nov 21 15:34:14 2024: Debug: User-Name = "tester"
(40) Thu Nov 21 15:34:14 2024: Debug: State = 0x73c34f14734f5598209f4f525a078ea5
(40) Thu Nov 21 15:34:14 2024: Debug: NAS-IP-Address = 100.129.56.1
(40) Thu Nov 21 15:34:14 2024: Debug: Eltex-Domain = "default"
(40) Thu Nov 21 15:34:14 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(40) Thu Nov 21 15:34:14 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(40) Thu Nov 21 15:34:14 2024: Debug: NAS-Port-Type = Wireless-802.11
(40) Thu Nov 21 15:34:14 2024: Debug: NAS-Port-Id = "10"
(40) Thu Nov 21 15:34:14 2024: Debug: Service-Type = Framed-User
(40) Thu Nov 21 15:34:14 2024: Debug: NAS-Port = 1
(40) Thu Nov 21 15:34:14 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(40) Thu Nov 21 15:34:14 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(40) Thu Nov 21 15:34:14 2024: Debug: Acct-Session-Id = "073DA111-08E53DB2"
(40) Thu Nov 21 15:34:14 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(40) Thu Nov 21 15:34:14 2024: Debug: WLAN-Group-Cipher = 1027076
(40) Thu Nov 21 15:34:14 2024: Debug: WLAN-AKM-Suite = 1027073
(40) Thu Nov 21 15:34:14 2024: Debug: Eltex-AP-Domain = "with-gre"
(40) Thu Nov 21 15:34:14 2024: Debug: Framed-MTU = 1400
(40) Thu Nov 21 15:34:14 2024: Debug: Event-Timestamp = "Nov 21 2024 15:34:14 GMT+7"
(40) Thu Nov 21 15:34:14 2024: WARNING: Outer and inner identities are the same. User privacy is compromised.
(40) Thu Nov 21 15:34:14 2024: Debug: server inner-tunnel {
(40) Thu Nov 21 15:34:14 2024: Debug: session-state: No cached attributes
(40) Thu Nov 21 15:34:14 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/inner-tunnel
(40) Thu Nov 21 15:34:14 2024: Debug: authorize {
(40) Thu Nov 21 15:34:14 2024: Debug: policy filter_username {
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) {
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) -> TRUE
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) {
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ / /) {
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ / /) -> FALSE
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.\./ ) {
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(40) Thu Nov 21 15:34:14 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(40) Thu Nov 21 15:34:14 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.$/) {
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@\./) {
(40) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(40) Thu Nov 21 15:34:14 2024: Debug: } # if (&User-Name) = notfound
(40) Thu Nov 21 15:34:14 2024: Debug: } # policy filter_username = notfound
(40) Thu Nov 21 15:34:14 2024: Debug: [chap] = noop
(40) Thu Nov 21 15:34:14 2024: Debug: [mschap] = noop
(40) Thu Nov 21 15:34:14 2024: Debug: suffix: Checking for suffix after "@"
(40) Thu Nov 21 15:34:14 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(40) Thu Nov 21 15:34:14 2024: Debug: suffix: No such realm "NULL"
(40) Thu Nov 21 15:34:14 2024: Debug: [suffix] = noop
(40) Thu Nov 21 15:34:14 2024: Debug: eap: Peer sent EAP Response (code 2) ID 140 length 65
(40) Thu Nov 21 15:34:14 2024: Debug: eap: No EAP Start, assuming it's an on-going EAP conversation
(40) Thu Nov 21 15:34:14 2024: Debug: [eap] = updated
(40) Thu Nov 21 15:34:14 2024: Debug: files_multi: users: Matched entry DEFAULT at line 1
(40) Thu Nov 21 15:34:14 2024: Debug: files_multi: users: Matched entry tester at line 5
(40) Thu Nov 21 15:34:14 2024: Debug: [files_multi] = ok
(40) Thu Nov 21 15:34:14 2024: Debug: [expiration] = noop
(40) Thu Nov 21 15:34:14 2024: Debug: [logintime] = noop
(40) Thu Nov 21 15:34:14 2024: WARNING: pap: Auth-Type already set. Not setting to PAP
(40) Thu Nov 21 15:34:14 2024: Debug: [pap] = noop
(40) Thu Nov 21 15:34:14 2024: Debug: } # authorize = updated
(40) Thu Nov 21 15:34:14 2024: Debug: Found Auth-Type = eap
(40) Thu Nov 21 15:34:14 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(40) Thu Nov 21 15:34:14 2024: Debug: authenticate {
(40) Thu Nov 21 15:34:14 2024: Debug: eap: Expiring EAP session with state 0x73c34f14734f5598
(40) Thu Nov 21 15:34:14 2024: Debug: eap: Finished EAP session with state 0x73c34f14734f5598
(40) Thu Nov 21 15:34:14 2024: Debug: eap: Previous EAP request found for state 0x73c34f14734f5598, released from the list
(40) Thu Nov 21 15:34:14 2024: Debug: eap: Peer sent packet with method EAP MSCHAPv2 (26)
(40) Thu Nov 21 15:34:14 2024: Debug: eap: Calling submodule eap_mschapv2 to process data
(40) Thu Nov 21 15:34:14 2024: Debug: eap_mschapv2: # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(40) Thu Nov 21 15:34:14 2024: Debug: eap_mschapv2: authenticate {
(40) Thu Nov 21 15:34:14 2024: Debug: mschap: Found Cleartext-Password, hashing to create NT-Password
(40) Thu Nov 21 15:34:14 2024: Debug: mschap: Creating challenge hash with username: tester
(40) Thu Nov 21 15:34:14 2024: Debug: mschap: Client is using MS-CHAPv2
(40) Thu Nov 21 15:34:14 2024: Debug: mschap: Adding MS-CHAPv2 MPPE keys
(40) Thu Nov 21 15:34:14 2024: Debug: eap_mschapv2: [mschap] = ok
(40) Thu Nov 21 15:34:14 2024: Debug: eap_mschapv2: } # authenticate = ok
(40) Thu Nov 21 15:34:14 2024: Debug: eap_mschapv2: MSCHAP Success
(40) Thu Nov 21 15:34:14 2024: Debug: eap: Sending EAP Request (code 1) ID 141 length 51
(40) Thu Nov 21 15:34:14 2024: Debug: eap: EAP session adding &reply:State = 0x73c34f14724e5598
(40) Thu Nov 21 15:34:14 2024: Debug: [eap] = handled
(40) Thu Nov 21 15:34:14 2024: Debug: } # authenticate = handled
(40) Thu Nov 21 15:34:14 2024: Debug: } # server inner-tunnel
(40) Thu Nov 21 15:34:14 2024: Debug: Virtual server sending reply
(40) Thu Nov 21 15:34:14 2024: Debug: Eltex-Tls-Enabled = 0
(40) Thu Nov 21 15:34:14 2024: Debug: EAP-Message = 0x018d00331a038c002e533d39354232443738333534413844394239323646343137334234443336433636443346353239323633
(40) Thu Nov 21 15:34:14 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(40) Thu Nov 21 15:34:14 2024: Debug: State = 0x73c34f14724e5598209f4f525a078ea5
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Got tunneled reply code 11
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Eltex-Tls-Enabled = 0
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: EAP-Message = 0x018d00331a038c002e533d39354232443738333534413844394239323646343137334234443336433636443346353239323633
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: State = 0x73c34f14724e5598209f4f525a078ea5
(40) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Got tunneled Access-Challenge
(40) Thu Nov 21 15:34:14 2024: Debug: eap: Sending EAP Request (code 1) ID 141 length 82
(40) Thu Nov 21 15:34:14 2024: Debug: eap: EAP session adding &reply:State = 0xd6c6d814d14bc1da
(40) Thu Nov 21 15:34:14 2024: Debug: [eap] = handled
(40) Thu Nov 21 15:34:14 2024: Debug: } # authenticate = handled
(40) Thu Nov 21 15:34:14 2024: Debug: Using Post-Auth-Type Challenge
(40) Thu Nov 21 15:34:14 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(40) Thu Nov 21 15:34:14 2024: Debug: Challenge { ... } # empty sub-section is ignored
(40) Thu Nov 21 15:34:14 2024: Debug: session-state: Saving cached attributes
(40) Thu Nov 21 15:34:14 2024: Debug: Framed-MTU = 1004
(40) Thu Nov 21 15:34:14 2024: Debug: TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(40) Thu Nov 21 15:34:14 2024: Debug: TLS-Session-Version = "TLS 1.2"
(40) Thu Nov 21 15:34:14 2024: Debug: Sent Access-Challenge Id 38 from 100.129.58.1:1812 to 100.129.56.1:37236 length 152
(40) Thu Nov 21 15:34:14 2024: Debug: Eltex-Tls-Enabled = 0
(40) Thu Nov 21 15:34:14 2024: Debug: EAP-Message = 0x018d00521900170303004789966e719344ac9af15a53fdbc7ddd326dbb2077c4408506c914b95ba44cd77fbb7e6cb22459ac676effd3c6f5765c6bd5c649e3c1d850390aa630ee9738d0ebfcae8
(40) Thu Nov 21 15:34:14 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(40) Thu Nov 21 15:34:14 2024: Debug: State = 0xd6c6d814d14bc1da517e6b54cde2f128
(40) Thu Nov 21 15:34:14 2024: Debug: Finished request
(41) Thu Nov 21 15:34:14 2024: Debug: Received Access-Request Id 39 from 100.129.56.1:37236 to 100.129.58.1:1812 length 303
(41) Thu Nov 21 15:34:14 2024: Debug: User-Name = "tester"
(41) Thu Nov 21 15:34:14 2024: Debug: NAS-IP-Address = 100.129.56.1
(41) Thu Nov 21 15:34:14 2024: Debug: Eltex-Domain = "default"
(41) Thu Nov 21 15:34:14 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(41) Thu Nov 21 15:34:14 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(41) Thu Nov 21 15:34:14 2024: Debug: NAS-Port-Type = Wireless-802.11
(41) Thu Nov 21 15:34:14 2024: Debug: NAS-Port-Id = "10"
(41) Thu Nov 21 15:34:14 2024: Debug: Service-Type = Framed-User
(41) Thu Nov 21 15:34:14 2024: Debug: NAS-Port = 1
(41) Thu Nov 21 15:34:14 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(41) Thu Nov 21 15:34:14 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(41) Thu Nov 21 15:34:14 2024: Debug: Acct-Session-Id = "073DA111-08E53DB2"
(41) Thu Nov 21 15:34:14 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(41) Thu Nov 21 15:34:14 2024: Debug: WLAN-Group-Cipher = 1027076
(41) Thu Nov 21 15:34:14 2024: Debug: WLAN-AKM-Suite = 1027073
(41) Thu Nov 21 15:34:14 2024: Debug: Eltex-AP-Domain = "with-gre"
(41) Thu Nov 21 15:34:14 2024: Debug: Framed-MTU = 1400
(41) Thu Nov 21 15:34:14 2024: Debug: EAP-Message = 0x028d00251900170303001a126f9cc4d1f2f833c2f45c7003974c78f59be6590bd4cd7aef19
(41) Thu Nov 21 15:34:14 2024: Debug: State = 0xd6c6d814d14bc1da517e6b54cde2f128
(41) Thu Nov 21 15:34:14 2024: Debug: Message-Authenticator = 0xdf7e4ecdc69f4f27b35460f818113c1b
(41) Thu Nov 21 15:34:14 2024: Debug: Restoring &session-state
(41) Thu Nov 21 15:34:14 2024: Debug: &session-state:Framed-MTU = 1004
(41) Thu Nov 21 15:34:14 2024: Debug: &session-state:TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(41) Thu Nov 21 15:34:14 2024: Debug: &session-state:TLS-Session-Version = "TLS 1.2"
(41) Thu Nov 21 15:34:14 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/_default
(41) Thu Nov 21 15:34:14 2024: Debug: authorize {
(41) Thu Nov 21 15:34:14 2024: Debug: policy filter_username {
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) {
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) -> TRUE
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) {
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ / /) {
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ / /) -> FALSE
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.\./ ) {
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(41) Thu Nov 21 15:34:14 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(41) Thu Nov 21 15:34:14 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.$/) {
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@\./) {
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(41) Thu Nov 21 15:34:14 2024: Debug: } # if (&User-Name) = notfound
(41) Thu Nov 21 15:34:14 2024: Debug: } # policy filter_username = notfound
(41) Thu Nov 21 15:34:14 2024: Debug: [preprocess] = ok
(41) Thu Nov 21 15:34:14 2024: Debug: [chap] = noop
(41) Thu Nov 21 15:34:14 2024: Debug: [mschap] = noop
(41) Thu Nov 21 15:34:14 2024: Debug: [digest] = noop
(41) Thu Nov 21 15:34:14 2024: Debug: suffix: Checking for suffix after "@"
(41) Thu Nov 21 15:34:14 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(41) Thu Nov 21 15:34:14 2024: Debug: suffix: No such realm "NULL"
(41) Thu Nov 21 15:34:14 2024: Debug: [suffix] = noop
(41) Thu Nov 21 15:34:14 2024: Debug: files_multi: users: Matched entry DEFAULT at line 1
(41) Thu Nov 21 15:34:14 2024: Debug: files_multi: users: Matched entry tester at line 5
(41) Thu Nov 21 15:34:14 2024: Debug: [files_multi] = ok
(41) Thu Nov 21 15:34:14 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) {
(41) Thu Nov 21 15:34:14 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) -> FALSE
(41) Thu Nov 21 15:34:14 2024: Debug: else {
(41) Thu Nov 21 15:34:14 2024: Debug: eap: Peer sent EAP Response (code 2) ID 141 length 37
(41) Thu Nov 21 15:34:14 2024: Debug: eap: Continuing tunnel setup
(41) Thu Nov 21 15:34:14 2024: Debug: [eap] = ok
(41) Thu Nov 21 15:34:14 2024: Debug: } # else = ok
(41) Thu Nov 21 15:34:14 2024: Debug: if (ok) {
(41) Thu Nov 21 15:34:14 2024: Debug: if (ok) -> TRUE
(41) Thu Nov 21 15:34:14 2024: Debug: if (ok) {
(41) Thu Nov 21 15:34:14 2024: Debug: return
(41) Thu Nov 21 15:34:14 2024: Debug: } # if (ok) = ok
(41) Thu Nov 21 15:34:14 2024: Debug: } # authorize = ok
(41) Thu Nov 21 15:34:14 2024: Debug: Found Auth-Type = eap
(41) Thu Nov 21 15:34:14 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(41) Thu Nov 21 15:34:14 2024: Debug: authenticate {
(41) Thu Nov 21 15:34:14 2024: Debug: eap: Expiring EAP session with state 0x73c34f14724e5598
(41) Thu Nov 21 15:34:14 2024: Debug: eap: Finished EAP session with state 0xd6c6d814d14bc1da
(41) Thu Nov 21 15:34:14 2024: Debug: eap: Previous EAP request found for state 0xd6c6d814d14bc1da, released from the list
(41) Thu Nov 21 15:34:14 2024: Debug: eap: Peer sent packet with method EAP PEAP (25)
(41) Thu Nov 21 15:34:14 2024: Debug: eap: Calling submodule eap_peap to process data
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: (TLS) EAP Done initial handshake
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Session established. Decoding tunneled attributes
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: PEAP state phase2
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: EAP method MSCHAPv2 (26)
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Got tunneled request
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: EAP-Message = 0x028d00061a03
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Setting User-Name to tester
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Sending tunneled request to inner-tunnel
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: EAP-Message = 0x028d00061a03
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: User-Name = "tester"
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: State = 0x73c34f14724e5598209f4f525a078ea5
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: NAS-IP-Address = 100.129.56.1
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Eltex-Domain = "default"
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: NAS-Identifier = "68:13:E2:35:D2:20"
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: NAS-Port-Type = Wireless-802.11
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: NAS-Port-Id = "10"
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Service-Type = Framed-User
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: NAS-Port = 1
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Connect-Info = "CONNECT 24Mbps 802.11a"
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Acct-Session-Id = "073DA111-08E53DB2"
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: WLAN-Pairwise-Cipher = 1027076
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: WLAN-Group-Cipher = 1027076
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: WLAN-AKM-Suite = 1027073
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Eltex-AP-Domain = "with-gre"
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Framed-MTU = 1400
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Event-Timestamp = "Nov 21 2024 15:34:14 GMT+7"
(41) Thu Nov 21 15:34:14 2024: Debug: Virtual server inner-tunnel received request
(41) Thu Nov 21 15:34:14 2024: Debug: EAP-Message = 0x028d00061a03
(41) Thu Nov 21 15:34:14 2024: Debug: FreeRADIUS-Proxied-To = 127.0.0.1
(41) Thu Nov 21 15:34:14 2024: Debug: User-Name = "tester"
(41) Thu Nov 21 15:34:14 2024: Debug: State = 0x73c34f14724e5598209f4f525a078ea5
(41) Thu Nov 21 15:34:14 2024: Debug: NAS-IP-Address = 100.129.56.1
(41) Thu Nov 21 15:34:14 2024: Debug: Eltex-Domain = "default"
(41) Thu Nov 21 15:34:14 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(41) Thu Nov 21 15:34:14 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(41) Thu Nov 21 15:34:14 2024: Debug: NAS-Port-Type = Wireless-802.11
(41) Thu Nov 21 15:34:14 2024: Debug: NAS-Port-Id = "10"
(41) Thu Nov 21 15:34:14 2024: Debug: Service-Type = Framed-User
(41) Thu Nov 21 15:34:14 2024: Debug: NAS-Port = 1
(41) Thu Nov 21 15:34:14 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(41) Thu Nov 21 15:34:14 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(41) Thu Nov 21 15:34:14 2024: Debug: Acct-Session-Id = "073DA111-08E53DB2"
(41) Thu Nov 21 15:34:14 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(41) Thu Nov 21 15:34:14 2024: Debug: WLAN-Group-Cipher = 1027076
(41) Thu Nov 21 15:34:14 2024: Debug: WLAN-AKM-Suite = 1027073
(41) Thu Nov 21 15:34:14 2024: Debug: Eltex-AP-Domain = "with-gre"
(41) Thu Nov 21 15:34:14 2024: Debug: Framed-MTU = 1400
(41) Thu Nov 21 15:34:14 2024: Debug: Event-Timestamp = "Nov 21 2024 15:34:14 GMT+7"
(41) Thu Nov 21 15:34:14 2024: WARNING: Outer and inner identities are the same. User privacy is compromised.
(41) Thu Nov 21 15:34:14 2024: Debug: server inner-tunnel {
(41) Thu Nov 21 15:34:14 2024: Debug: session-state: No cached attributes
(41) Thu Nov 21 15:34:14 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/inner-tunnel
(41) Thu Nov 21 15:34:14 2024: Debug: authorize {
(41) Thu Nov 21 15:34:14 2024: Debug: policy filter_username {
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) {
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) -> TRUE
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) {
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ / /) {
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ / /) -> FALSE
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.\./ ) {
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(41) Thu Nov 21 15:34:14 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(41) Thu Nov 21 15:34:14 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.$/) {
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@\./) {
(41) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(41) Thu Nov 21 15:34:14 2024: Debug: } # if (&User-Name) = notfound
(41) Thu Nov 21 15:34:14 2024: Debug: } # policy filter_username = notfound
(41) Thu Nov 21 15:34:14 2024: Debug: [chap] = noop
(41) Thu Nov 21 15:34:14 2024: Debug: [mschap] = noop
(41) Thu Nov 21 15:34:14 2024: Debug: suffix: Checking for suffix after "@"
(41) Thu Nov 21 15:34:14 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(41) Thu Nov 21 15:34:14 2024: Debug: suffix: No such realm "NULL"
(41) Thu Nov 21 15:34:14 2024: Debug: [suffix] = noop
(41) Thu Nov 21 15:34:14 2024: Debug: eap: Peer sent EAP Response (code 2) ID 141 length 6
(41) Thu Nov 21 15:34:14 2024: Debug: eap: No EAP Start, assuming it's an on-going EAP conversation
(41) Thu Nov 21 15:34:14 2024: Debug: [eap] = updated
(41) Thu Nov 21 15:34:14 2024: Debug: files_multi: users: Matched entry DEFAULT at line 1
(41) Thu Nov 21 15:34:14 2024: Debug: files_multi: users: Matched entry tester at line 5
(41) Thu Nov 21 15:34:14 2024: Debug: [files_multi] = ok
(41) Thu Nov 21 15:34:14 2024: Debug: [expiration] = noop
(41) Thu Nov 21 15:34:14 2024: Debug: [logintime] = noop
(41) Thu Nov 21 15:34:14 2024: WARNING: pap: Auth-Type already set. Not setting to PAP
(41) Thu Nov 21 15:34:14 2024: Debug: [pap] = noop
(41) Thu Nov 21 15:34:14 2024: Debug: } # authorize = updated
(41) Thu Nov 21 15:34:14 2024: Debug: Found Auth-Type = eap
(41) Thu Nov 21 15:34:14 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(41) Thu Nov 21 15:34:14 2024: Debug: authenticate {
(41) Thu Nov 21 15:34:14 2024: Debug: eap: Expiring EAP session with state 0x73c34f14724e5598
(41) Thu Nov 21 15:34:14 2024: Debug: eap: Finished EAP session with state 0x73c34f14724e5598
(41) Thu Nov 21 15:34:14 2024: Debug: eap: Previous EAP request found for state 0x73c34f14724e5598, released from the list
(41) Thu Nov 21 15:34:14 2024: Debug: eap: Peer sent packet with method EAP MSCHAPv2 (26)
(41) Thu Nov 21 15:34:14 2024: Debug: eap: Calling submodule eap_mschapv2 to process data
(41) Thu Nov 21 15:34:14 2024: Debug: eap: Sending EAP Success (code 3) ID 141 length 4
(41) Thu Nov 21 15:34:14 2024: Debug: eap: Freeing handler
(41) Thu Nov 21 15:34:14 2024: Debug: [eap] = ok
(41) Thu Nov 21 15:34:14 2024: Debug: } # authenticate = ok
(41) Thu Nov 21 15:34:14 2024: Debug: # Executing section post-auth from file /etc/raddb/sites-enabled/inner-tunnel
(41) Thu Nov 21 15:34:14 2024: Debug: post-auth {
(41) Thu Nov 21 15:34:14 2024: Debug: if (0) {
(41) Thu Nov 21 15:34:14 2024: Debug: if (0) -> FALSE
(41) Thu Nov 21 15:34:14 2024: Debug: } # post-auth = noop
(41) Thu Nov 21 15:34:14 2024: Debug: } # server inner-tunnel
(41) Thu Nov 21 15:34:14 2024: Debug: Virtual server sending reply
(41) Thu Nov 21 15:34:14 2024: Debug: Eltex-Tls-Enabled = 0
(41) Thu Nov 21 15:34:14 2024: Debug: MS-MPPE-Encryption-Policy = Encryption-Allowed
(41) Thu Nov 21 15:34:14 2024: Debug: MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
(41) Thu Nov 21 15:34:14 2024: Debug: MS-MPPE-Send-Key = 0xa1b0f8364771b07393ee9c7191c09627
(41) Thu Nov 21 15:34:14 2024: Debug: MS-MPPE-Recv-Key = 0xcf76ef2300c319b73c9c69ad346871db
(41) Thu Nov 21 15:34:14 2024: Debug: EAP-Message = 0x038d0004
(41) Thu Nov 21 15:34:14 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(41) Thu Nov 21 15:34:14 2024: Debug: User-Name = "tester"
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Got tunneled reply code 2
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Eltex-Tls-Enabled = 0
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: MS-MPPE-Encryption-Policy = Encryption-Allowed
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: MS-MPPE-Send-Key = 0xa1b0f8364771b07393ee9c7191c09627
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: MS-MPPE-Recv-Key = 0xcf76ef2300c319b73c9c69ad346871db
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: EAP-Message = 0x038d0004
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: User-Name = "tester"
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Tunneled authentication was successful
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: SUCCESS
(41) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Saving tunneled attributes for later
(41) Thu Nov 21 15:34:14 2024: Debug: eap: Sending EAP Request (code 1) ID 142 length 46
(41) Thu Nov 21 15:34:14 2024: Debug: eap: EAP session adding &reply:State = 0xd6c6d814de48c1da
(41) Thu Nov 21 15:34:14 2024: Debug: [eap] = handled
(41) Thu Nov 21 15:34:14 2024: Debug: } # authenticate = handled
(41) Thu Nov 21 15:34:14 2024: Debug: Using Post-Auth-Type Challenge
(41) Thu Nov 21 15:34:14 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(41) Thu Nov 21 15:34:14 2024: Debug: Challenge { ... } # empty sub-section is ignored
(41) Thu Nov 21 15:34:14 2024: Debug: session-state: Saving cached attributes
(41) Thu Nov 21 15:34:14 2024: Debug: Framed-MTU = 1004
(41) Thu Nov 21 15:34:14 2024: Debug: TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(41) Thu Nov 21 15:34:14 2024: Debug: TLS-Session-Version = "TLS 1.2"
(41) Thu Nov 21 15:34:14 2024: Debug: Sent Access-Challenge Id 39 from 100.129.58.1:1812 to 100.129.56.1:37236 length 116
(41) Thu Nov 21 15:34:14 2024: Debug: Eltex-Tls-Enabled = 0
(41) Thu Nov 21 15:34:14 2024: Debug: EAP-Message = 0x018e002e1900170303002389966e719344ac9b8267c67f9750e7bb519cb3f6257935d203dc4994d8e9d0d2b36a60
(41) Thu Nov 21 15:34:14 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(41) Thu Nov 21 15:34:14 2024: Debug: State = 0xd6c6d814de48c1da517e6b54cde2f128
(41) Thu Nov 21 15:34:14 2024: Debug: Finished request
(42) Thu Nov 21 15:34:14 2024: Debug: Received Access-Request Id 40 from 100.129.56.1:37236 to 100.129.58.1:1812 length 312
(42) Thu Nov 21 15:34:14 2024: Debug: User-Name = "tester"
(42) Thu Nov 21 15:34:14 2024: Debug: NAS-IP-Address = 100.129.56.1
(42) Thu Nov 21 15:34:14 2024: Debug: Eltex-Domain = "default"
(42) Thu Nov 21 15:34:14 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(42) Thu Nov 21 15:34:14 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(42) Thu Nov 21 15:34:14 2024: Debug: NAS-Port-Type = Wireless-802.11
(42) Thu Nov 21 15:34:14 2024: Debug: NAS-Port-Id = "10"
(42) Thu Nov 21 15:34:14 2024: Debug: Service-Type = Framed-User
(42) Thu Nov 21 15:34:14 2024: Debug: NAS-Port = 1
(42) Thu Nov 21 15:34:14 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(42) Thu Nov 21 15:34:14 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(42) Thu Nov 21 15:34:14 2024: Debug: Acct-Session-Id = "073DA111-08E53DB2"
(42) Thu Nov 21 15:34:14 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(42) Thu Nov 21 15:34:14 2024: Debug: WLAN-Group-Cipher = 1027076
(42) Thu Nov 21 15:34:14 2024: Debug: WLAN-AKM-Suite = 1027073
(42) Thu Nov 21 15:34:14 2024: Debug: Eltex-AP-Domain = "with-gre"
(42) Thu Nov 21 15:34:14 2024: Debug: Framed-MTU = 1400
(42) Thu Nov 21 15:34:14 2024: Debug: EAP-Message = 0x028e002e19001703030023126f9cc4d1f2f83408287a1e257f531796457aef03f619f341ea20ffc3f42c04759a27
(42) Thu Nov 21 15:34:14 2024: Debug: State = 0xd6c6d814de48c1da517e6b54cde2f128
(42) Thu Nov 21 15:34:14 2024: Debug: Message-Authenticator = 0x48ba664f6a34ca3f75cf6dc1827a2fea
(42) Thu Nov 21 15:34:14 2024: Debug: Restoring &session-state
(42) Thu Nov 21 15:34:14 2024: Debug: &session-state:Framed-MTU = 1004
(42) Thu Nov 21 15:34:14 2024: Debug: &session-state:TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(42) Thu Nov 21 15:34:14 2024: Debug: &session-state:TLS-Session-Version = "TLS 1.2"
(42) Thu Nov 21 15:34:14 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/_default
(42) Thu Nov 21 15:34:14 2024: Debug: authorize {
(42) Thu Nov 21 15:34:14 2024: Debug: policy filter_username {
(42) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) {
(42) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) -> TRUE
(42) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name) {
(42) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ / /) {
(42) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ / /) -> FALSE
(42) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(42) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(42) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.\./ ) {
(42) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(42) Thu Nov 21 15:34:14 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(42) Thu Nov 21 15:34:14 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(42) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.$/) {
(42) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(42) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@\./) {
(42) Thu Nov 21 15:34:14 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(42) Thu Nov 21 15:34:14 2024: Debug: } # if (&User-Name) = notfound
(42) Thu Nov 21 15:34:14 2024: Debug: } # policy filter_username = notfound
(42) Thu Nov 21 15:34:14 2024: Debug: [preprocess] = ok
(42) Thu Nov 21 15:34:14 2024: Debug: [chap] = noop
(42) Thu Nov 21 15:34:14 2024: Debug: [mschap] = noop
(42) Thu Nov 21 15:34:14 2024: Debug: [digest] = noop
(42) Thu Nov 21 15:34:14 2024: Debug: suffix: Checking for suffix after "@"
(42) Thu Nov 21 15:34:14 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(42) Thu Nov 21 15:34:14 2024: Debug: suffix: No such realm "NULL"
(42) Thu Nov 21 15:34:14 2024: Debug: [suffix] = noop
(42) Thu Nov 21 15:34:14 2024: Debug: files_multi: users: Matched entry DEFAULT at line 1
(42) Thu Nov 21 15:34:14 2024: Debug: files_multi: users: Matched entry tester at line 5
(42) Thu Nov 21 15:34:14 2024: Debug: [files_multi] = ok
(42) Thu Nov 21 15:34:14 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) {
(42) Thu Nov 21 15:34:14 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) -> FALSE
(42) Thu Nov 21 15:34:14 2024: Debug: else {
(42) Thu Nov 21 15:34:14 2024: Debug: eap: Peer sent EAP Response (code 2) ID 142 length 46
(42) Thu Nov 21 15:34:14 2024: Debug: eap: Continuing tunnel setup
(42) Thu Nov 21 15:34:14 2024: Debug: [eap] = ok
(42) Thu Nov 21 15:34:14 2024: Debug: } # else = ok
(42) Thu Nov 21 15:34:14 2024: Debug: if (ok) {
(42) Thu Nov 21 15:34:14 2024: Debug: if (ok) -> TRUE
(42) Thu Nov 21 15:34:14 2024: Debug: if (ok) {
(42) Thu Nov 21 15:34:14 2024: Debug: return
(42) Thu Nov 21 15:34:14 2024: Debug: } # if (ok) = ok
(42) Thu Nov 21 15:34:14 2024: Debug: } # authorize = ok
(42) Thu Nov 21 15:34:14 2024: Debug: Found Auth-Type = eap
(42) Thu Nov 21 15:34:14 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(42) Thu Nov 21 15:34:14 2024: Debug: authenticate {
(42) Thu Nov 21 15:34:14 2024: Debug: eap: Expiring EAP session with state 0xd6c6d814de48c1da
(42) Thu Nov 21 15:34:14 2024: Debug: eap: Finished EAP session with state 0xd6c6d814de48c1da
(42) Thu Nov 21 15:34:14 2024: Debug: eap: Previous EAP request found for state 0xd6c6d814de48c1da, released from the list
(42) Thu Nov 21 15:34:14 2024: Debug: eap: Peer sent packet with method EAP PEAP (25)
(42) Thu Nov 21 15:34:14 2024: Debug: eap: Calling submodule eap_peap to process data
(42) Thu Nov 21 15:34:14 2024: Debug: eap_peap: (TLS) EAP Done initial handshake
(42) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Session established. Decoding tunneled attributes
(42) Thu Nov 21 15:34:14 2024: Debug: eap_peap: PEAP state send tlv success
(42) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Received EAP-TLV response
(42) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Success
(42) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Using saved attributes from the original Access-Accept
(42) Thu Nov 21 15:34:14 2024: Debug: eap_peap: Eltex-Tls-Enabled = 0
(42) Thu Nov 21 15:34:14 2024: Debug: eap_peap: User-Name = "tester"
(42) Thu Nov 21 15:34:14 2024: Debug: eap: Sending EAP Success (code 3) ID 142 length 4
(42) Thu Nov 21 15:34:14 2024: Debug: eap: Freeing handler
(42) Thu Nov 21 15:34:14 2024: Debug: [eap] = ok
(42) Thu Nov 21 15:34:14 2024: Debug: } # authenticate = ok
(42) Thu Nov 21 15:34:14 2024: Debug: # Executing section post-auth from file /etc/raddb/sites-enabled/_default
(42) Thu Nov 21 15:34:14 2024: Debug: post-auth {
(42) Thu Nov 21 15:34:14 2024: Debug: if (session-state:User-Name && reply:User-Name && request:User-Name && (reply:User-Name == request:User-Name)) {
(42) Thu Nov 21 15:34:14 2024: Debug: if (session-state:User-Name && reply:User-Name && request:User-Name && (reply:User-Name == request:User-Name)) -> FALSE
(42) Thu Nov 21 15:34:14 2024: Debug: update {
(42) Thu Nov 21 15:34:14 2024: Debug: } # update = noop
(42) Thu Nov 21 15:34:14 2024: Debug: [exec] = noop
(42) Thu Nov 21 15:34:14 2024: Debug: policy remove_reply_message_if_eap {
(42) Thu Nov 21 15:34:14 2024: Debug: if (&reply:EAP-Message && &reply:Reply-Message) {
(42) Thu Nov 21 15:34:14 2024: Debug: if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE
(42) Thu Nov 21 15:34:14 2024: Debug: else {
(42) Thu Nov 21 15:34:14 2024: Debug: [noop] = noop
(42) Thu Nov 21 15:34:14 2024: Debug: } # else = noop
(42) Thu Nov 21 15:34:14 2024: Debug: } # policy remove_reply_message_if_eap = noop
(42) Thu Nov 21 15:34:14 2024: Debug: if (EAP-Key-Name && &reply:EAP-Session-Id) {
(42) Thu Nov 21 15:34:14 2024: Debug: if (EAP-Key-Name && &reply:EAP-Session-Id) -> FALSE
(42) Thu Nov 21 15:34:14 2024: Debug: update reply {
(42) Thu Nov 21 15:34:14 2024: Debug: } # update reply = noop
(42) Thu Nov 21 15:34:14 2024: Debug: } # post-auth = noop
(42) Thu Nov 21 15:34:14 2024: Debug: Sent Access-Accept Id 40 from 100.129.58.1:1812 to 100.129.56.1:37236 length 198 <------------------------------------------------ Access-Accept пользователь успешно авторизован
(42) Thu Nov 21 15:34:14 2024: Debug: Eltex-Tls-Enabled = 0
(42) Thu Nov 21 15:34:14 2024: Debug: Eltex-Tls-Enabled = 0
(42) Thu Nov 21 15:34:14 2024: Debug: User-Name = "tester"
(42) Thu Nov 21 15:34:14 2024: Debug: MS-MPPE-Recv-Key = 0xf396c52ff7d711df6e4a0d232d3224dc45afe1533f7042754905fe2081b10869
(42) Thu Nov 21 15:34:14 2024: Debug: MS-MPPE-Send-Key = 0x37006c121c188e56215bda352b9806ea837ecd042cae84dfb7cc7815d5f15802
(42) Thu Nov 21 15:34:14 2024: Debug: EAP-Message = 0x038e0004
(42) Thu Nov 21 15:34:14 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(42) Thu Nov 21 15:34:14 2024: Debug: Framed-MTU += 1004
(42) Thu Nov 21 15:34:14 2024: Debug: Finished request
(33) Thu Nov 21 15:34:14 2024: Debug: Cleaning up request packet ID 31 with timestamp +8808
(34) Thu Nov 21 15:34:14 2024: Debug: Cleaning up request packet ID 32 with timestamp +8808
(35) Thu Nov 21 15:34:14 2024: Debug: Cleaning up request packet ID 33 with timestamp +8808
(36) Thu Nov 21 15:34:14 2024: Debug: Cleaning up request packet ID 34 with timestamp +8808
(37) Thu Nov 21 15:34:19 2024: Debug: Cleaning up request packet ID 35 with timestamp +8813
(38) Thu Nov 21 15:34:19 2024: Debug: Cleaning up request packet ID 36 with timestamp +8813
(39) Thu Nov 21 15:34:19 2024: Debug: Cleaning up request packet ID 37 with timestamp +8813
(40) Thu Nov 21 15:34:19 2024: Debug: Cleaning up request packet ID 38 with timestamp +8813
(41) Thu Nov 21 15:34:19 2024: Debug: Cleaning up request packet ID 39 with timestamp +8813
(42) Thu Nov 21 15:34:19 2024: Debug: Cleaning up request packet ID 40 with timestamp +8813
При неуспешном подключении клиента с авторизацией на локальном RADIUS-сервере
wlc-15#
wlc-15# debug
wlc-15(debug)# show radius-debug username tester ip-address 100.129.56.1 timeout 600
(43) Thu Nov 21 15:38:09 2024: Debug: Received Access-Request Id 41 from 100.129.56.1:37236 to 100.129.58.1:1812 length 259
(43) Thu Nov 21 15:38:09 2024: Debug: User-Name = "tester"
(43) Thu Nov 21 15:38:09 2024: Debug: NAS-IP-Address = 100.129.56.1
(43) Thu Nov 21 15:38:09 2024: Debug: Eltex-Domain = "default"
(43) Thu Nov 21 15:38:09 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(43) Thu Nov 21 15:38:09 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(43) Thu Nov 21 15:38:09 2024: Debug: NAS-Port-Type = Wireless-802.11
(43) Thu Nov 21 15:38:09 2024: Debug: NAS-Port-Id = "10"
(43) Thu Nov 21 15:38:09 2024: Debug: Service-Type = Framed-User
(43) Thu Nov 21 15:38:09 2024: Debug: NAS-Port = 1
(43) Thu Nov 21 15:38:09 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(43) Thu Nov 21 15:38:09 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(43) Thu Nov 21 15:38:09 2024: Debug: Acct-Session-Id = "FA94FFC0-B7DB1A4A"
(43) Thu Nov 21 15:38:09 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(43) Thu Nov 21 15:38:09 2024: Debug: WLAN-Group-Cipher = 1027076
(43) Thu Nov 21 15:38:09 2024: Debug: WLAN-AKM-Suite = 1027073
(43) Thu Nov 21 15:38:09 2024: Debug: Eltex-AP-Domain = "with-gre"
(43) Thu Nov 21 15:38:09 2024: Debug: Framed-MTU = 1400
(43) Thu Nov 21 15:38:09 2024: Debug: EAP-Message = 0x0246000b01746573746572
(43) Thu Nov 21 15:38:09 2024: Debug: Message-Authenticator = 0x8052997bb00c324abe23685055e7e121
(43) Thu Nov 21 15:38:09 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/_default
(43) Thu Nov 21 15:38:09 2024: Debug: authorize {
(43) Thu Nov 21 15:38:09 2024: Debug: policy filter_username {
(43) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name) {
(43) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name) -> TRUE
(43) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name) {
(43) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ / /) {
(43) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ / /) -> FALSE
(43) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(43) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(43) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /\.\./ ) {
(43) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(43) Thu Nov 21 15:38:09 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(43) Thu Nov 21 15:38:09 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(43) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /\.$/) {
(43) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(43) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /@\./) {
(43) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(43) Thu Nov 21 15:38:09 2024: Debug: } # if (&User-Name) = notfound
(43) Thu Nov 21 15:38:09 2024: Debug: } # policy filter_username = notfound
(43) Thu Nov 21 15:38:09 2024: Debug: [preprocess] = ok
(43) Thu Nov 21 15:38:09 2024: Debug: [chap] = noop
(43) Thu Nov 21 15:38:09 2024: Debug: [mschap] = noop
(43) Thu Nov 21 15:38:09 2024: Debug: [digest] = noop
(43) Thu Nov 21 15:38:09 2024: Debug: suffix: Checking for suffix after "@"
(43) Thu Nov 21 15:38:09 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(43) Thu Nov 21 15:38:09 2024: Debug: suffix: No such realm "NULL"
(43) Thu Nov 21 15:38:09 2024: Debug: [suffix] = noop
(43) Thu Nov 21 15:38:09 2024: Debug: files_multi: users: Matched entry DEFAULT at line 1
(43) Thu Nov 21 15:38:09 2024: Debug: files_multi: users: Matched entry tester at line 5
(43) Thu Nov 21 15:38:09 2024: Debug: [files_multi] = ok
(43) Thu Nov 21 15:38:09 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) {
(43) Thu Nov 21 15:38:09 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) -> FALSE
(43) Thu Nov 21 15:38:09 2024: Debug: else {
(43) Thu Nov 21 15:38:09 2024: Debug: eap: Peer sent EAP Response (code 2) ID 70 length 11
(43) Thu Nov 21 15:38:09 2024: Debug: eap: EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
(43) Thu Nov 21 15:38:09 2024: Debug: [eap] = ok
(43) Thu Nov 21 15:38:09 2024: Debug: } # else = ok
(43) Thu Nov 21 15:38:09 2024: Debug: if (ok) {
(43) Thu Nov 21 15:38:09 2024: Debug: if (ok) -> TRUE
(43) Thu Nov 21 15:38:09 2024: Debug: if (ok) {
(43) Thu Nov 21 15:38:09 2024: Debug: return
(43) Thu Nov 21 15:38:09 2024: Debug: } # if (ok) = ok
(43) Thu Nov 21 15:38:09 2024: Debug: } # authorize = ok
(43) Thu Nov 21 15:38:09 2024: Debug: Found Auth-Type = eap
(43) Thu Nov 21 15:38:09 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(43) Thu Nov 21 15:38:09 2024: Debug: authenticate {
(43) Thu Nov 21 15:38:09 2024: Debug: eap: Peer sent packet with method EAP Identity (1)
(43) Thu Nov 21 15:38:09 2024: Debug: eap: Calling submodule eap_peap to process data
(43) Thu Nov 21 15:38:09 2024: Debug: eap_peap: (TLS) Initiating new session
(43) Thu Nov 21 15:38:09 2024: Debug: eap: Sending EAP Request (code 1) ID 71 length 6
(43) Thu Nov 21 15:38:09 2024: Debug: eap: EAP session adding &reply:State = 0xe972c5d8e935dca6
(43) Thu Nov 21 15:38:09 2024: Debug: [eap] = handled
(43) Thu Nov 21 15:38:09 2024: Debug: } # authenticate = handled
(43) Thu Nov 21 15:38:09 2024: Debug: Using Post-Auth-Type Challenge
(43) Thu Nov 21 15:38:09 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(43) Thu Nov 21 15:38:09 2024: Debug: Challenge { ... } # empty sub-section is ignored
(43) Thu Nov 21 15:38:09 2024: Debug: session-state: Saving cached attributes
(43) Thu Nov 21 15:38:09 2024: Debug: Framed-MTU = 1004
(43) Thu Nov 21 15:38:09 2024: Debug: Sent Access-Challenge Id 41 from 100.129.58.1:1812 to 100.129.56.1:37236 length 76
(43) Thu Nov 21 15:38:09 2024: Debug: Eltex-Tls-Enabled = 0
(43) Thu Nov 21 15:38:09 2024: Debug: EAP-Message = 0x014700061920
(43) Thu Nov 21 15:38:09 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(43) Thu Nov 21 15:38:09 2024: Debug: State = 0xe972c5d8e935dca62745240ad035bf82
(43) Thu Nov 21 15:38:09 2024: Debug: Finished request
(44) Thu Nov 21 15:38:09 2024: Debug: Received Access-Request Id 42 from 100.129.56.1:37236 to 100.129.58.1:1812 length 427
(44) Thu Nov 21 15:38:09 2024: Debug: User-Name = "tester"
(44) Thu Nov 21 15:38:09 2024: Debug: NAS-IP-Address = 100.129.56.1
(44) Thu Nov 21 15:38:09 2024: Debug: Eltex-Domain = "default"
(44) Thu Nov 21 15:38:09 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(44) Thu Nov 21 15:38:09 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(44) Thu Nov 21 15:38:09 2024: Debug: NAS-Port-Type = Wireless-802.11
(44) Thu Nov 21 15:38:09 2024: Debug: NAS-Port-Id = "10"
(44) Thu Nov 21 15:38:09 2024: Debug: Service-Type = Framed-User
(44) Thu Nov 21 15:38:09 2024: Debug: NAS-Port = 1
(44) Thu Nov 21 15:38:09 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(44) Thu Nov 21 15:38:09 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(44) Thu Nov 21 15:38:09 2024: Debug: Acct-Session-Id = "FA94FFC0-B7DB1A4A"
(44) Thu Nov 21 15:38:09 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(44) Thu Nov 21 15:38:09 2024: Debug: WLAN-Group-Cipher = 1027076
(44) Thu Nov 21 15:38:09 2024: Debug: WLAN-AKM-Suite = 1027073
(44) Thu Nov 21 15:38:09 2024: Debug: Eltex-AP-Domain = "with-gre"
(44) Thu Nov 21 15:38:09 2024: Debug: Framed-MTU = 1400
(44) Thu Nov 21 15:38:09 2024: Debug: EAP-Message = 0x024700a119800000009716030100920100008e0303673ef170064c92e3d9f914a8c17727c881d308d40f531afb93baaaf9f565df9700002c00ffc02cc02bc024c023c00ac009c008c030c02fc00
(44) Thu Nov 21 15:38:09 2024: Debug: State = 0xe972c5d8e935dca62745240ad035bf82
(44) Thu Nov 21 15:38:09 2024: Debug: Message-Authenticator = 0xeb9ce4f152d26f14fe009617feb33a71
(44) Thu Nov 21 15:38:09 2024: Debug: Restoring &session-state
(44) Thu Nov 21 15:38:09 2024: Debug: &session-state:Framed-MTU = 1004
(44) Thu Nov 21 15:38:09 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/_default
(44) Thu Nov 21 15:38:09 2024: Debug: authorize {
(44) Thu Nov 21 15:38:09 2024: Debug: policy filter_username {
(44) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name) {
(44) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name) -> TRUE
(44) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name) {
(44) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ / /) {
(44) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ / /) -> FALSE
(44) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(44) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(44) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /\.\./ ) {
(44) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(44) Thu Nov 21 15:38:09 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(44) Thu Nov 21 15:38:09 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(44) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /\.$/) {
(44) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(44) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /@\./) {
(44) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(44) Thu Nov 21 15:38:09 2024: Debug: } # if (&User-Name) = notfound
(44) Thu Nov 21 15:38:09 2024: Debug: } # policy filter_username = notfound
(44) Thu Nov 21 15:38:09 2024: Debug: [preprocess] = ok
(44) Thu Nov 21 15:38:09 2024: Debug: [chap] = noop
(44) Thu Nov 21 15:38:09 2024: Debug: [mschap] = noop
(44) Thu Nov 21 15:38:09 2024: Debug: [digest] = noop
(44) Thu Nov 21 15:38:09 2024: Debug: suffix: Checking for suffix after "@"
(44) Thu Nov 21 15:38:09 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(44) Thu Nov 21 15:38:09 2024: Debug: suffix: No such realm "NULL"
(44) Thu Nov 21 15:38:09 2024: Debug: [suffix] = noop
(44) Thu Nov 21 15:38:09 2024: Debug: files_multi: users: Matched entry DEFAULT at line 1
(44) Thu Nov 21 15:38:09 2024: Debug: files_multi: users: Matched entry tester at line 5
(44) Thu Nov 21 15:38:09 2024: Debug: [files_multi] = ok
(44) Thu Nov 21 15:38:09 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) {
(44) Thu Nov 21 15:38:09 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) -> FALSE
(44) Thu Nov 21 15:38:09 2024: Debug: else {
(44) Thu Nov 21 15:38:09 2024: Debug: eap: Peer sent EAP Response (code 2) ID 71 length 161
(44) Thu Nov 21 15:38:09 2024: Debug: eap: Continuing tunnel setup
(44) Thu Nov 21 15:38:09 2024: Debug: [eap] = ok
(44) Thu Nov 21 15:38:09 2024: Debug: } # else = ok
(44) Thu Nov 21 15:38:09 2024: Debug: if (ok) {
(44) Thu Nov 21 15:38:09 2024: Debug: if (ok) -> TRUE
(44) Thu Nov 21 15:38:09 2024: Debug: if (ok) {
(44) Thu Nov 21 15:38:09 2024: Debug: return
(44) Thu Nov 21 15:38:09 2024: Debug: } # if (ok) = ok
(44) Thu Nov 21 15:38:09 2024: Debug: } # authorize = ok
(44) Thu Nov 21 15:38:09 2024: Debug: Found Auth-Type = eap
(44) Thu Nov 21 15:38:09 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(44) Thu Nov 21 15:38:09 2024: Debug: authenticate {
(44) Thu Nov 21 15:38:09 2024: Debug: eap: Expiring EAP session with state 0xe972c5d8e935dca6
(44) Thu Nov 21 15:38:09 2024: Debug: eap: Finished EAP session with state 0xe972c5d8e935dca6
(44) Thu Nov 21 15:38:09 2024: Debug: eap: Previous EAP request found for state 0xe972c5d8e935dca6, released from the list
(44) Thu Nov 21 15:38:09 2024: Debug: eap: Peer sent packet with method EAP PEAP (25)
(44) Thu Nov 21 15:38:09 2024: Debug: eap: Calling submodule eap_peap to process data
(44) Thu Nov 21 15:38:09 2024: Debug: eap_peap: (TLS) EAP Peer says that the final record size will be 151 bytes
(44) Thu Nov 21 15:38:09 2024: Debug: eap_peap: (TLS) EAP Got all data (151 bytes)
(44) Thu Nov 21 15:38:09 2024: Debug: eap_peap: (TLS) Handshake state - before/accept initialization
(44) Thu Nov 21 15:38:09 2024: Debug: eap_peap: (TLS) Handshake state - Server before/accept initialization
(44) Thu Nov 21 15:38:09 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 read client hello A
(44) Thu Nov 21 15:38:09 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 write server hello A
(44) Thu Nov 21 15:38:09 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 write certificate A
(44) Thu Nov 21 15:38:09 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 write key exchange A
(44) Thu Nov 21 15:38:09 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 write server done A
(44) Thu Nov 21 15:38:09 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 flush data
(44) Thu Nov 21 15:38:09 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 read client certificate A
(44) Thu Nov 21 15:38:09 2024: Debug: eap_peap: (TLS) Server : Need to read more data: SSLv3 read client key exchange A
(44) Thu Nov 21 15:38:09 2024: Debug: eap_peap: (TLS) Server : Need to read more data: SSLv3 read client key exchange A
(44) Thu Nov 21 15:38:09 2024: Debug: eap_peap: (TLS) In Handshake Phase
(44) Thu Nov 21 15:38:09 2024: Debug: eap: Sending EAP Request (code 1) ID 72 length 1014
(44) Thu Nov 21 15:38:09 2024: Debug: eap: EAP session adding &reply:State = 0xe972c5d8e83adca6
(44) Thu Nov 21 15:38:09 2024: Debug: [eap] = handled
(44) Thu Nov 21 15:38:09 2024: Debug: } # authenticate = handled
(44) Thu Nov 21 15:38:09 2024: Debug: Using Post-Auth-Type Challenge
(44) Thu Nov 21 15:38:09 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(44) Thu Nov 21 15:38:09 2024: Debug: Challenge { ... } # empty sub-section is ignored
(44) Thu Nov 21 15:38:09 2024: Debug: session-state: Saving cached attributes
(44) Thu Nov 21 15:38:09 2024: Debug: Framed-MTU = 1004
(44) Thu Nov 21 15:38:09 2024: Debug: Sent Access-Challenge Id 42 from 100.129.58.1:1812 to 100.129.56.1:37236 length 1092
(44) Thu Nov 21 15:38:09 2024: Debug: Eltex-Tls-Enabled = 0
(44) Thu Nov 21 15:38:09 2024: Debug: EAP-Message = 0x014803f619c00000090f1603030039020000350303ca841ca7fba6fa59e4b8f03b2de4c392f99af02b133d18a559f4ca89b0e0c3ca00c03000000dff01000100000b00040300010216030307710
(44) Thu Nov 21 15:38:09 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(44) Thu Nov 21 15:38:09 2024: Debug: State = 0xe972c5d8e83adca62745240ad035bf82
(44) Thu Nov 21 15:38:09 2024: Debug: Finished request
(45) Thu Nov 21 15:38:09 2024: Debug: Received Access-Request Id 43 from 100.129.56.1:37236 to 100.129.58.1:1812 length 272
(45) Thu Nov 21 15:38:09 2024: Debug: User-Name = "tester"
(45) Thu Nov 21 15:38:09 2024: Debug: NAS-IP-Address = 100.129.56.1
(45) Thu Nov 21 15:38:09 2024: Debug: Eltex-Domain = "default"
(45) Thu Nov 21 15:38:09 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(45) Thu Nov 21 15:38:09 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(45) Thu Nov 21 15:38:09 2024: Debug: NAS-Port-Type = Wireless-802.11
(45) Thu Nov 21 15:38:09 2024: Debug: NAS-Port-Id = "10"
(45) Thu Nov 21 15:38:09 2024: Debug: Service-Type = Framed-User
(45) Thu Nov 21 15:38:09 2024: Debug: NAS-Port = 1
(45) Thu Nov 21 15:38:09 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(45) Thu Nov 21 15:38:09 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(45) Thu Nov 21 15:38:09 2024: Debug: Acct-Session-Id = "FA94FFC0-B7DB1A4A"
(45) Thu Nov 21 15:38:09 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(45) Thu Nov 21 15:38:09 2024: Debug: WLAN-Group-Cipher = 1027076
(45) Thu Nov 21 15:38:09 2024: Debug: WLAN-AKM-Suite = 1027073
(45) Thu Nov 21 15:38:09 2024: Debug: Eltex-AP-Domain = "with-gre"
(45) Thu Nov 21 15:38:09 2024: Debug: Framed-MTU = 1400
(45) Thu Nov 21 15:38:09 2024: Debug: EAP-Message = 0x024800061900
(45) Thu Nov 21 15:38:09 2024: Debug: State = 0xe972c5d8e83adca62745240ad035bf82
(45) Thu Nov 21 15:38:09 2024: Debug: Message-Authenticator = 0x79778347b42853902dd172864da20b91
(45) Thu Nov 21 15:38:09 2024: Debug: Restoring &session-state
(45) Thu Nov 21 15:38:09 2024: Debug: &session-state:Framed-MTU = 1004
(45) Thu Nov 21 15:38:09 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/_default
(45) Thu Nov 21 15:38:09 2024: Debug: authorize {
(45) Thu Nov 21 15:38:09 2024: Debug: policy filter_username {
(45) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name) {
(45) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name) -> TRUE
(45) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name) {
(45) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ / /) {
(45) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ / /) -> FALSE
(45) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(45) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(45) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /\.\./ ) {
(45) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(45) Thu Nov 21 15:38:09 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(45) Thu Nov 21 15:38:09 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(45) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /\.$/) {
(45) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(45) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /@\./) {
(45) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(45) Thu Nov 21 15:38:09 2024: Debug: } # if (&User-Name) = notfound
(45) Thu Nov 21 15:38:09 2024: Debug: } # policy filter_username = notfound
(45) Thu Nov 21 15:38:09 2024: Debug: [preprocess] = ok
(45) Thu Nov 21 15:38:09 2024: Debug: [chap] = noop
(45) Thu Nov 21 15:38:09 2024: Debug: [mschap] = noop
(45) Thu Nov 21 15:38:09 2024: Debug: [digest] = noop
(45) Thu Nov 21 15:38:09 2024: Debug: suffix: Checking for suffix after "@"
(45) Thu Nov 21 15:38:09 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(45) Thu Nov 21 15:38:09 2024: Debug: suffix: No such realm "NULL"
(45) Thu Nov 21 15:38:09 2024: Debug: [suffix] = noop
(45) Thu Nov 21 15:38:09 2024: Debug: files_multi: users: Matched entry DEFAULT at line 1
(45) Thu Nov 21 15:38:09 2024: Debug: files_multi: users: Matched entry tester at line 5
(45) Thu Nov 21 15:38:09 2024: Debug: [files_multi] = ok
(45) Thu Nov 21 15:38:09 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) {
(45) Thu Nov 21 15:38:09 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) -> FALSE
(45) Thu Nov 21 15:38:09 2024: Debug: else {
(45) Thu Nov 21 15:38:09 2024: Debug: eap: Peer sent EAP Response (code 2) ID 72 length 6
(45) Thu Nov 21 15:38:09 2024: Debug: eap: Continuing tunnel setup
(45) Thu Nov 21 15:38:09 2024: Debug: [eap] = ok
(45) Thu Nov 21 15:38:09 2024: Debug: } # else = ok
(45) Thu Nov 21 15:38:09 2024: Debug: if (ok) {
(45) Thu Nov 21 15:38:09 2024: Debug: if (ok) -> TRUE
(45) Thu Nov 21 15:38:09 2024: Debug: if (ok) {
(45) Thu Nov 21 15:38:09 2024: Debug: return
(45) Thu Nov 21 15:38:09 2024: Debug: } # if (ok) = ok
(45) Thu Nov 21 15:38:09 2024: Debug: } # authorize = ok
(45) Thu Nov 21 15:38:09 2024: Debug: Found Auth-Type = eap
(45) Thu Nov 21 15:38:09 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(45) Thu Nov 21 15:38:09 2024: Debug: authenticate {
(45) Thu Nov 21 15:38:09 2024: Debug: eap: Expiring EAP session with state 0xe972c5d8e83adca6
(45) Thu Nov 21 15:38:09 2024: Debug: eap: Finished EAP session with state 0xe972c5d8e83adca6
(45) Thu Nov 21 15:38:09 2024: Debug: eap: Previous EAP request found for state 0xe972c5d8e83adca6, released from the list
(45) Thu Nov 21 15:38:09 2024: Debug: eap: Peer sent packet with method EAP PEAP (25)
(45) Thu Nov 21 15:38:09 2024: Debug: eap: Calling submodule eap_peap to process data
(45) Thu Nov 21 15:38:09 2024: Debug: eap_peap: (TLS) Peer ACKed our handshake fragment
(45) Thu Nov 21 15:38:09 2024: Debug: eap: Sending EAP Request (code 1) ID 73 length 1010
(45) Thu Nov 21 15:38:09 2024: Debug: eap: EAP session adding &reply:State = 0xe972c5d8eb3bdca6
(45) Thu Nov 21 15:38:09 2024: Debug: [eap] = handled
(45) Thu Nov 21 15:38:09 2024: Debug: } # authenticate = handled
(45) Thu Nov 21 15:38:09 2024: Debug: Using Post-Auth-Type Challenge
(45) Thu Nov 21 15:38:09 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(45) Thu Nov 21 15:38:09 2024: Debug: Challenge { ... } # empty sub-section is ignored
(45) Thu Nov 21 15:38:09 2024: Debug: session-state: Saving cached attributes
(45) Thu Nov 21 15:38:09 2024: Debug: Framed-MTU = 1004
(45) Thu Nov 21 15:38:09 2024: Debug: Sent Access-Challenge Id 43 from 100.129.58.1:1812 to 100.129.56.1:37236 length 1086
(45) Thu Nov 21 15:38:09 2024: Debug: Eltex-Tls-Enabled = 0
(45) Thu Nov 21 15:38:09 2024: Debug: EAP-Message = 0x014903f21940300d06092a864886f70d01010b0500308181310b3009060355040613025255310f300d06035504080c065275737369613114301206035504070c0b4e6f766f7369626972736b314
(45) Thu Nov 21 15:38:09 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(45) Thu Nov 21 15:38:09 2024: Debug: State = 0xe972c5d8eb3bdca62745240ad035bf82
(45) Thu Nov 21 15:38:09 2024: Debug: Finished request
(46) Thu Nov 21 15:38:09 2024: Debug: Received Access-Request Id 44 from 100.129.56.1:37236 to 100.129.58.1:1812 length 272
(46) Thu Nov 21 15:38:09 2024: Debug: User-Name = "tester"
(46) Thu Nov 21 15:38:09 2024: Debug: NAS-IP-Address = 100.129.56.1
(46) Thu Nov 21 15:38:09 2024: Debug: Eltex-Domain = "default"
(46) Thu Nov 21 15:38:09 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(46) Thu Nov 21 15:38:09 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(46) Thu Nov 21 15:38:09 2024: Debug: NAS-Port-Type = Wireless-802.11
(46) Thu Nov 21 15:38:09 2024: Debug: NAS-Port-Id = "10"
(46) Thu Nov 21 15:38:09 2024: Debug: Service-Type = Framed-User
(46) Thu Nov 21 15:38:09 2024: Debug: NAS-Port = 1
(46) Thu Nov 21 15:38:09 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(46) Thu Nov 21 15:38:09 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(46) Thu Nov 21 15:38:09 2024: Debug: Acct-Session-Id = "FA94FFC0-B7DB1A4A"
(46) Thu Nov 21 15:38:09 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(46) Thu Nov 21 15:38:09 2024: Debug: WLAN-Group-Cipher = 1027076
(46) Thu Nov 21 15:38:09 2024: Debug: WLAN-AKM-Suite = 1027073
(46) Thu Nov 21 15:38:09 2024: Debug: Eltex-AP-Domain = "with-gre"
(46) Thu Nov 21 15:38:09 2024: Debug: Framed-MTU = 1400
(46) Thu Nov 21 15:38:09 2024: Debug: EAP-Message = 0x024900061900
(46) Thu Nov 21 15:38:09 2024: Debug: State = 0xe972c5d8eb3bdca62745240ad035bf82
(46) Thu Nov 21 15:38:09 2024: Debug: Message-Authenticator = 0xf6921fdf077bcefe93465d0622df347d
(46) Thu Nov 21 15:38:09 2024: Debug: Restoring &session-state
(46) Thu Nov 21 15:38:09 2024: Debug: &session-state:Framed-MTU = 1004
(46) Thu Nov 21 15:38:09 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/_default
(46) Thu Nov 21 15:38:09 2024: Debug: authorize {
(46) Thu Nov 21 15:38:09 2024: Debug: policy filter_username {
(46) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name) {
(46) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name) -> TRUE
(46) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name) {
(46) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ / /) {
(46) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ / /) -> FALSE
(46) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(46) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(46) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /\.\./ ) {
(46) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(46) Thu Nov 21 15:38:09 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(46) Thu Nov 21 15:38:09 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(46) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /\.$/) {
(46) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(46) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /@\./) {
(46) Thu Nov 21 15:38:09 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(46) Thu Nov 21 15:38:09 2024: Debug: } # if (&User-Name) = notfound
(46) Thu Nov 21 15:38:09 2024: Debug: } # policy filter_username = notfound
(46) Thu Nov 21 15:38:09 2024: Debug: [preprocess] = ok
(46) Thu Nov 21 15:38:09 2024: Debug: [chap] = noop
(46) Thu Nov 21 15:38:09 2024: Debug: [mschap] = noop
(46) Thu Nov 21 15:38:09 2024: Debug: [digest] = noop
(46) Thu Nov 21 15:38:09 2024: Debug: suffix: Checking for suffix after "@"
(46) Thu Nov 21 15:38:09 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(46) Thu Nov 21 15:38:09 2024: Debug: suffix: No such realm "NULL"
(46) Thu Nov 21 15:38:09 2024: Debug: [suffix] = noop
(46) Thu Nov 21 15:38:09 2024: Debug: files_multi: users: Matched entry DEFAULT at line 1
(46) Thu Nov 21 15:38:09 2024: Debug: files_multi: users: Matched entry tester at line 5
(46) Thu Nov 21 15:38:09 2024: Debug: [files_multi] = ok
(46) Thu Nov 21 15:38:09 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) {
(46) Thu Nov 21 15:38:09 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) -> FALSE
(46) Thu Nov 21 15:38:09 2024: Debug: else {
(46) Thu Nov 21 15:38:09 2024: Debug: eap: Peer sent EAP Response (code 2) ID 73 length 6
(46) Thu Nov 21 15:38:09 2024: Debug: eap: Continuing tunnel setup
(46) Thu Nov 21 15:38:09 2024: Debug: [eap] = ok
(46) Thu Nov 21 15:38:09 2024: Debug: } # else = ok
(46) Thu Nov 21 15:38:09 2024: Debug: if (ok) {
(46) Thu Nov 21 15:38:09 2024: Debug: if (ok) -> TRUE
(46) Thu Nov 21 15:38:09 2024: Debug: if (ok) {
(46) Thu Nov 21 15:38:09 2024: Debug: return
(46) Thu Nov 21 15:38:09 2024: Debug: } # if (ok) = ok
(46) Thu Nov 21 15:38:09 2024: Debug: } # authorize = ok
(46) Thu Nov 21 15:38:09 2024: Debug: Found Auth-Type = eap
(46) Thu Nov 21 15:38:09 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(46) Thu Nov 21 15:38:09 2024: Debug: authenticate {
(46) Thu Nov 21 15:38:09 2024: Debug: eap: Expiring EAP session with state 0xe972c5d8eb3bdca6
(46) Thu Nov 21 15:38:09 2024: Debug: eap: Finished EAP session with state 0xe972c5d8eb3bdca6
(46) Thu Nov 21 15:38:09 2024: Debug: eap: Previous EAP request found for state 0xe972c5d8eb3bdca6, released from the list
(46) Thu Nov 21 15:38:09 2024: Debug: eap: Peer sent packet with method EAP PEAP (25)
(46) Thu Nov 21 15:38:09 2024: Debug: eap: Calling submodule eap_peap to process data
(46) Thu Nov 21 15:38:09 2024: Debug: eap_peap: (TLS) Peer ACKed our handshake fragment
(46) Thu Nov 21 15:38:09 2024: Debug: eap: Sending EAP Request (code 1) ID 74 length 317
(46) Thu Nov 21 15:38:09 2024: Debug: eap: EAP session adding &reply:State = 0xe972c5d8ea38dca6
(46) Thu Nov 21 15:38:09 2024: Debug: [eap] = handled
(46) Thu Nov 21 15:38:09 2024: Debug: } # authenticate = handled
(46) Thu Nov 21 15:38:09 2024: Debug: Using Post-Auth-Type Challenge
(46) Thu Nov 21 15:38:09 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(46) Thu Nov 21 15:38:09 2024: Debug: Challenge { ... } # empty sub-section is ignored
(46) Thu Nov 21 15:38:09 2024: Debug: session-state: Saving cached attributes
(46) Thu Nov 21 15:38:09 2024: Debug: Framed-MTU = 1004
(46) Thu Nov 21 15:38:09 2024: Debug: Sent Access-Challenge Id 44 from 100.129.58.1:1812 to 100.129.56.1:37236 length 389
(46) Thu Nov 21 15:38:09 2024: Debug: Eltex-Tls-Enabled = 0
(46) Thu Nov 21 15:38:09 2024: Debug: EAP-Message = 0x014a013d1900a271db240af40070d8383b0d1499a92f76240efa2e5f0b75bd61c25c5693938ffab6c28685e5a9a7e9ff04010100ace6e0163e6295adb6a28327b5c00395e2f0feb4841f3283a70
(46) Thu Nov 21 15:38:09 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(46) Thu Nov 21 15:38:09 2024: Debug: State = 0xe972c5d8ea38dca62745240ad035bf82
(46) Thu Nov 21 15:38:09 2024: Debug: Finished request
(47) Thu Nov 21 15:38:12 2024: Debug: Received Access-Request Id 45 from 100.129.56.1:37236 to 100.129.58.1:1812 length 402
(47) Thu Nov 21 15:38:12 2024: Debug: User-Name = "tester"
(47) Thu Nov 21 15:38:12 2024: Debug: NAS-IP-Address = 100.129.56.1
(47) Thu Nov 21 15:38:12 2024: Debug: Eltex-Domain = "default"
(47) Thu Nov 21 15:38:12 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(47) Thu Nov 21 15:38:12 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(47) Thu Nov 21 15:38:12 2024: Debug: NAS-Port-Type = Wireless-802.11
(47) Thu Nov 21 15:38:12 2024: Debug: NAS-Port-Id = "10"
(47) Thu Nov 21 15:38:12 2024: Debug: Service-Type = Framed-User
(47) Thu Nov 21 15:38:12 2024: Debug: NAS-Port = 1
(47) Thu Nov 21 15:38:12 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(47) Thu Nov 21 15:38:12 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(47) Thu Nov 21 15:38:12 2024: Debug: Acct-Session-Id = "FA94FFC0-B7DB1A4A"
(47) Thu Nov 21 15:38:12 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(47) Thu Nov 21 15:38:12 2024: Debug: WLAN-Group-Cipher = 1027076
(47) Thu Nov 21 15:38:12 2024: Debug: WLAN-AKM-Suite = 1027073
(47) Thu Nov 21 15:38:12 2024: Debug: Eltex-AP-Domain = "with-gre"
(47) Thu Nov 21 15:38:12 2024: Debug: Framed-MTU = 1400
(47) Thu Nov 21 15:38:12 2024: Debug: EAP-Message = 0x024a008819800000007e160303004610000042410423f5d337b5ef95bd6246a2ed3b77f78a23b18c6bd143580437c050474e879456d5b30c5455791886532fda426c319f25f52de4bb73688c706
(47) Thu Nov 21 15:38:12 2024: Debug: State = 0xe972c5d8ea38dca62745240ad035bf82
(47) Thu Nov 21 15:38:12 2024: Debug: Message-Authenticator = 0x4fbfe35b822dd4f23cd00967ab5c653a
(47) Thu Nov 21 15:38:12 2024: Debug: Restoring &session-state
(47) Thu Nov 21 15:38:12 2024: Debug: &session-state:Framed-MTU = 1004
(47) Thu Nov 21 15:38:12 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/_default
(47) Thu Nov 21 15:38:12 2024: Debug: authorize {
(47) Thu Nov 21 15:38:12 2024: Debug: policy filter_username {
(47) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name) {
(47) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name) -> TRUE
(47) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name) {
(47) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ / /) {
(47) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ / /) -> FALSE
(47) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(47) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(47) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.\./ ) {
(47) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(47) Thu Nov 21 15:38:12 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(47) Thu Nov 21 15:38:12 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(47) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.$/) {
(47) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(47) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@\./) {
(47) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(47) Thu Nov 21 15:38:12 2024: Debug: } # if (&User-Name) = notfound
(47) Thu Nov 21 15:38:12 2024: Debug: } # policy filter_username = notfound
(47) Thu Nov 21 15:38:12 2024: Debug: [preprocess] = ok
(47) Thu Nov 21 15:38:12 2024: Debug: [chap] = noop
(47) Thu Nov 21 15:38:12 2024: Debug: [mschap] = noop
(47) Thu Nov 21 15:38:12 2024: Debug: [digest] = noop
(47) Thu Nov 21 15:38:12 2024: Debug: suffix: Checking for suffix after "@"
(47) Thu Nov 21 15:38:12 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(47) Thu Nov 21 15:38:12 2024: Debug: suffix: No such realm "NULL"
(47) Thu Nov 21 15:38:12 2024: Debug: [suffix] = noop
(47) Thu Nov 21 15:38:12 2024: Debug: files_multi: users: Matched entry DEFAULT at line 1
(47) Thu Nov 21 15:38:12 2024: Debug: files_multi: users: Matched entry tester at line 5
(47) Thu Nov 21 15:38:12 2024: Debug: [files_multi] = ok
(47) Thu Nov 21 15:38:12 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) {
(47) Thu Nov 21 15:38:12 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) -> FALSE
(47) Thu Nov 21 15:38:12 2024: Debug: else {
(47) Thu Nov 21 15:38:12 2024: Debug: eap: Peer sent EAP Response (code 2) ID 74 length 136
(47) Thu Nov 21 15:38:12 2024: Debug: eap: Continuing tunnel setup
(47) Thu Nov 21 15:38:12 2024: Debug: [eap] = ok
(47) Thu Nov 21 15:38:12 2024: Debug: } # else = ok
(47) Thu Nov 21 15:38:12 2024: Debug: if (ok) {
(47) Thu Nov 21 15:38:12 2024: Debug: if (ok) -> TRUE
(47) Thu Nov 21 15:38:12 2024: Debug: if (ok) {
(47) Thu Nov 21 15:38:12 2024: Debug: return
(47) Thu Nov 21 15:38:12 2024: Debug: } # if (ok) = ok
(47) Thu Nov 21 15:38:12 2024: Debug: } # authorize = ok
(47) Thu Nov 21 15:38:12 2024: Debug: Found Auth-Type = eap
(47) Thu Nov 21 15:38:12 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(47) Thu Nov 21 15:38:12 2024: Debug: authenticate {
(47) Thu Nov 21 15:38:12 2024: Debug: eap: Expiring EAP session with state 0xe972c5d8ea38dca6
(47) Thu Nov 21 15:38:12 2024: Debug: eap: Finished EAP session with state 0xe972c5d8ea38dca6
(47) Thu Nov 21 15:38:12 2024: Debug: eap: Previous EAP request found for state 0xe972c5d8ea38dca6, released from the list
(47) Thu Nov 21 15:38:12 2024: Debug: eap: Peer sent packet with method EAP PEAP (25)
(47) Thu Nov 21 15:38:12 2024: Debug: eap: Calling submodule eap_peap to process data
(47) Thu Nov 21 15:38:12 2024: Debug: eap_peap: (TLS) EAP Peer says that the final record size will be 126 bytes
(47) Thu Nov 21 15:38:12 2024: Debug: eap_peap: (TLS) EAP Got all data (126 bytes)
(47) Thu Nov 21 15:38:12 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 read client key exchange A
(47) Thu Nov 21 15:38:12 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 read certificate verify A
(47) Thu Nov 21 15:38:12 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 read finished A
(47) Thu Nov 21 15:38:12 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 write change cipher spec A
(47) Thu Nov 21 15:38:12 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 write finished A
(47) Thu Nov 21 15:38:12 2024: Debug: eap_peap: (TLS) Handshake state - Server SSLv3 flush data
(47) Thu Nov 21 15:38:12 2024: Debug: eap_peap: (TLS) Handshake state - SSL negotiation finished successfully
(47) Thu Nov 21 15:38:12 2024: Debug: eap_peap: (TLS) Connection Established
(47) Thu Nov 21 15:38:12 2024: Debug: eap_peap: TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(47) Thu Nov 21 15:38:12 2024: Debug: eap_peap: TLS-Session-Version = "TLS 1.2"
(47) Thu Nov 21 15:38:12 2024: Debug: eap: Sending EAP Request (code 1) ID 75 length 57
(47) Thu Nov 21 15:38:12 2024: Debug: eap: EAP session adding &reply:State = 0xe972c5d8ed39dca6
(47) Thu Nov 21 15:38:12 2024: Debug: [eap] = handled
(47) Thu Nov 21 15:38:12 2024: Debug: } # authenticate = handled
(47) Thu Nov 21 15:38:12 2024: Debug: Using Post-Auth-Type Challenge
(47) Thu Nov 21 15:38:12 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(47) Thu Nov 21 15:38:12 2024: Debug: Challenge { ... } # empty sub-section is ignored
(47) Thu Nov 21 15:38:12 2024: Debug: session-state: Saving cached attributes
(47) Thu Nov 21 15:38:12 2024: Debug: Framed-MTU = 1004
(47) Thu Nov 21 15:38:12 2024: Debug: TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(47) Thu Nov 21 15:38:12 2024: Debug: TLS-Session-Version = "TLS 1.2"
(47) Thu Nov 21 15:38:12 2024: Debug: Sent Access-Challenge Id 45 from 100.129.58.1:1812 to 100.129.56.1:37236 length 127
(47) Thu Nov 21 15:38:12 2024: Debug: Eltex-Tls-Enabled = 0
(47) Thu Nov 21 15:38:12 2024: Debug: EAP-Message = 0x014b00391900140303000101160303002849b195ac8c59a1d46333e916107a84e292a43db7f6e5836b59c8c37cb7d0dfcd69f685b829e7ab69
(47) Thu Nov 21 15:38:12 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(47) Thu Nov 21 15:38:12 2024: Debug: State = 0xe972c5d8ed39dca62745240ad035bf82
(47) Thu Nov 21 15:38:12 2024: Debug: Finished request
(48) Thu Nov 21 15:38:12 2024: Debug: Received Access-Request Id 46 from 100.129.56.1:37236 to 100.129.58.1:1812 length 272
(48) Thu Nov 21 15:38:12 2024: Debug: User-Name = "tester"
(48) Thu Nov 21 15:38:12 2024: Debug: NAS-IP-Address = 100.129.56.1
(48) Thu Nov 21 15:38:12 2024: Debug: Eltex-Domain = "default"
(48) Thu Nov 21 15:38:12 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(48) Thu Nov 21 15:38:12 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(48) Thu Nov 21 15:38:12 2024: Debug: NAS-Port-Type = Wireless-802.11
(48) Thu Nov 21 15:38:12 2024: Debug: NAS-Port-Id = "10"
(48) Thu Nov 21 15:38:12 2024: Debug: Service-Type = Framed-User
(48) Thu Nov 21 15:38:12 2024: Debug: NAS-Port = 1
(48) Thu Nov 21 15:38:12 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(48) Thu Nov 21 15:38:12 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(48) Thu Nov 21 15:38:12 2024: Debug: Acct-Session-Id = "FA94FFC0-B7DB1A4A"
(48) Thu Nov 21 15:38:12 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(48) Thu Nov 21 15:38:12 2024: Debug: WLAN-Group-Cipher = 1027076
(48) Thu Nov 21 15:38:12 2024: Debug: WLAN-AKM-Suite = 1027073
(48) Thu Nov 21 15:38:12 2024: Debug: Eltex-AP-Domain = "with-gre"
(48) Thu Nov 21 15:38:12 2024: Debug: Framed-MTU = 1400
(48) Thu Nov 21 15:38:12 2024: Debug: EAP-Message = 0x024b00061900
(48) Thu Nov 21 15:38:12 2024: Debug: State = 0xe972c5d8ed39dca62745240ad035bf82
(48) Thu Nov 21 15:38:12 2024: Debug: Message-Authenticator = 0x82dd95a5c92c2f3fc07f730d829f740f
(48) Thu Nov 21 15:38:12 2024: Debug: Restoring &session-state
(48) Thu Nov 21 15:38:12 2024: Debug: &session-state:Framed-MTU = 1004
(48) Thu Nov 21 15:38:12 2024: Debug: &session-state:TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(48) Thu Nov 21 15:38:12 2024: Debug: &session-state:TLS-Session-Version = "TLS 1.2"
(48) Thu Nov 21 15:38:12 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/_default
(48) Thu Nov 21 15:38:12 2024: Debug: authorize {
(48) Thu Nov 21 15:38:12 2024: Debug: policy filter_username {
(48) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name) {
(48) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name) -> TRUE
(48) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name) {
(48) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ / /) {
(48) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ / /) -> FALSE
(48) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(48) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(48) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.\./ ) {
(48) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(48) Thu Nov 21 15:38:12 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(48) Thu Nov 21 15:38:12 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(48) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.$/) {
(48) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(48) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@\./) {
(48) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(48) Thu Nov 21 15:38:12 2024: Debug: } # if (&User-Name) = notfound
(48) Thu Nov 21 15:38:12 2024: Debug: } # policy filter_username = notfound
(48) Thu Nov 21 15:38:12 2024: Debug: [preprocess] = ok
(48) Thu Nov 21 15:38:12 2024: Debug: [chap] = noop
(48) Thu Nov 21 15:38:12 2024: Debug: [mschap] = noop
(48) Thu Nov 21 15:38:12 2024: Debug: [digest] = noop
(48) Thu Nov 21 15:38:12 2024: Debug: suffix: Checking for suffix after "@"
(48) Thu Nov 21 15:38:12 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(48) Thu Nov 21 15:38:12 2024: Debug: suffix: No such realm "NULL"
(48) Thu Nov 21 15:38:12 2024: Debug: [suffix] = noop
(48) Thu Nov 21 15:38:12 2024: Debug: files_multi: users: Matched entry DEFAULT at line 1
(48) Thu Nov 21 15:38:12 2024: Debug: files_multi: users: Matched entry tester at line 5
(48) Thu Nov 21 15:38:12 2024: Debug: [files_multi] = ok
(48) Thu Nov 21 15:38:12 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) {
(48) Thu Nov 21 15:38:12 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) -> FALSE
(48) Thu Nov 21 15:38:12 2024: Debug: else {
(48) Thu Nov 21 15:38:12 2024: Debug: eap: Peer sent EAP Response (code 2) ID 75 length 6
(48) Thu Nov 21 15:38:12 2024: Debug: eap: Continuing tunnel setup
(48) Thu Nov 21 15:38:12 2024: Debug: [eap] = ok
(48) Thu Nov 21 15:38:12 2024: Debug: } # else = ok
(48) Thu Nov 21 15:38:12 2024: Debug: if (ok) {
(48) Thu Nov 21 15:38:12 2024: Debug: if (ok) -> TRUE
(48) Thu Nov 21 15:38:12 2024: Debug: if (ok) {
(48) Thu Nov 21 15:38:12 2024: Debug: return
(48) Thu Nov 21 15:38:12 2024: Debug: } # if (ok) = ok
(48) Thu Nov 21 15:38:12 2024: Debug: } # authorize = ok
(48) Thu Nov 21 15:38:12 2024: Debug: Found Auth-Type = eap
(48) Thu Nov 21 15:38:12 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(48) Thu Nov 21 15:38:12 2024: Debug: authenticate {
(48) Thu Nov 21 15:38:12 2024: Debug: eap: Expiring EAP session with state 0xe972c5d8ed39dca6
(48) Thu Nov 21 15:38:12 2024: Debug: eap: Finished EAP session with state 0xe972c5d8ed39dca6
(48) Thu Nov 21 15:38:12 2024: Debug: eap: Previous EAP request found for state 0xe972c5d8ed39dca6, released from the list
(48) Thu Nov 21 15:38:12 2024: Debug: eap: Peer sent packet with method EAP PEAP (25)
(48) Thu Nov 21 15:38:12 2024: Debug: eap: Calling submodule eap_peap to process data
(48) Thu Nov 21 15:38:12 2024: Debug: eap_peap: (TLS) Peer ACKed our handshake fragment. handshake is finished
(48) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Session established. Decoding tunneled attributes
(48) Thu Nov 21 15:38:12 2024: Debug: eap_peap: PEAP state TUNNEL ESTABLISHED
(48) Thu Nov 21 15:38:12 2024: Debug: eap: Sending EAP Request (code 1) ID 76 length 40
(48) Thu Nov 21 15:38:12 2024: Debug: eap: EAP session adding &reply:State = 0xe972c5d8ec3edca6
(48) Thu Nov 21 15:38:12 2024: Debug: [eap] = handled
(48) Thu Nov 21 15:38:12 2024: Debug: } # authenticate = handled
(48) Thu Nov 21 15:38:12 2024: Debug: Using Post-Auth-Type Challenge
(48) Thu Nov 21 15:38:12 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(48) Thu Nov 21 15:38:12 2024: Debug: Challenge { ... } # empty sub-section is ignored
(48) Thu Nov 21 15:38:12 2024: Debug: session-state: Saving cached attributes
(48) Thu Nov 21 15:38:12 2024: Debug: Framed-MTU = 1004
(48) Thu Nov 21 15:38:12 2024: Debug: TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(48) Thu Nov 21 15:38:12 2024: Debug: TLS-Session-Version = "TLS 1.2"
(48) Thu Nov 21 15:38:12 2024: Debug: Sent Access-Challenge Id 46 from 100.129.58.1:1812 to 100.129.56.1:37236 length 110
(48) Thu Nov 21 15:38:12 2024: Debug: Eltex-Tls-Enabled = 0
(48) Thu Nov 21 15:38:12 2024: Debug: EAP-Message = 0x014c00281900170303001d49b195ac8c59a1d55225d2729e22fe21d9a67c0216924b115c80a1327d
(48) Thu Nov 21 15:38:12 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(48) Thu Nov 21 15:38:12 2024: Debug: State = 0xe972c5d8ec3edca62745240ad035bf82
(48) Thu Nov 21 15:38:12 2024: Debug: Finished request
(49) Thu Nov 21 15:38:12 2024: Debug: Received Access-Request Id 47 from 100.129.56.1:37236 to 100.129.58.1:1812 length 308
(49) Thu Nov 21 15:38:12 2024: Debug: User-Name = "tester"
(49) Thu Nov 21 15:38:12 2024: Debug: NAS-IP-Address = 100.129.56.1
(49) Thu Nov 21 15:38:12 2024: Debug: Eltex-Domain = "default"
(49) Thu Nov 21 15:38:12 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(49) Thu Nov 21 15:38:12 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(49) Thu Nov 21 15:38:12 2024: Debug: NAS-Port-Type = Wireless-802.11
(49) Thu Nov 21 15:38:12 2024: Debug: NAS-Port-Id = "10"
(49) Thu Nov 21 15:38:12 2024: Debug: Service-Type = Framed-User
(49) Thu Nov 21 15:38:12 2024: Debug: NAS-Port = 1
(49) Thu Nov 21 15:38:12 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(49) Thu Nov 21 15:38:12 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(49) Thu Nov 21 15:38:12 2024: Debug: Acct-Session-Id = "FA94FFC0-B7DB1A4A"
(49) Thu Nov 21 15:38:12 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(49) Thu Nov 21 15:38:12 2024: Debug: WLAN-Group-Cipher = 1027076
(49) Thu Nov 21 15:38:12 2024: Debug: WLAN-AKM-Suite = 1027073
(49) Thu Nov 21 15:38:12 2024: Debug: Eltex-AP-Domain = "with-gre"
(49) Thu Nov 21 15:38:12 2024: Debug: Framed-MTU = 1400
(49) Thu Nov 21 15:38:12 2024: Debug: EAP-Message = 0x024c002a1900170303001ff8975c28e091e730066e4f736163e372fca19ec6aae10f9d73fabe9f52ebcf
(49) Thu Nov 21 15:38:12 2024: Debug: State = 0xe972c5d8ec3edca62745240ad035bf82
(49) Thu Nov 21 15:38:12 2024: Debug: Message-Authenticator = 0x97ee747668e390335d3a23fd13637129
(49) Thu Nov 21 15:38:12 2024: Debug: Restoring &session-state
(49) Thu Nov 21 15:38:12 2024: Debug: &session-state:Framed-MTU = 1004
(49) Thu Nov 21 15:38:12 2024: Debug: &session-state:TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(49) Thu Nov 21 15:38:12 2024: Debug: &session-state:TLS-Session-Version = "TLS 1.2"
(49) Thu Nov 21 15:38:12 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/_default
(49) Thu Nov 21 15:38:12 2024: Debug: authorize {
(49) Thu Nov 21 15:38:12 2024: Debug: policy filter_username {
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name) {
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name) -> TRUE
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name) {
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ / /) {
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ / /) -> FALSE
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.\./ ) {
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(49) Thu Nov 21 15:38:12 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(49) Thu Nov 21 15:38:12 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.$/) {
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@\./) {
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(49) Thu Nov 21 15:38:12 2024: Debug: } # if (&User-Name) = notfound
(49) Thu Nov 21 15:38:12 2024: Debug: } # policy filter_username = notfound
(49) Thu Nov 21 15:38:12 2024: Debug: [preprocess] = ok
(49) Thu Nov 21 15:38:12 2024: Debug: [chap] = noop
(49) Thu Nov 21 15:38:12 2024: Debug: [mschap] = noop
(49) Thu Nov 21 15:38:12 2024: Debug: [digest] = noop
(49) Thu Nov 21 15:38:12 2024: Debug: suffix: Checking for suffix after "@"
(49) Thu Nov 21 15:38:12 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(49) Thu Nov 21 15:38:12 2024: Debug: suffix: No such realm "NULL"
(49) Thu Nov 21 15:38:12 2024: Debug: [suffix] = noop
(49) Thu Nov 21 15:38:12 2024: Debug: files_multi: users: Matched entry DEFAULT at line 1
(49) Thu Nov 21 15:38:12 2024: Debug: files_multi: users: Matched entry tester at line 5
(49) Thu Nov 21 15:38:12 2024: Debug: [files_multi] = ok
(49) Thu Nov 21 15:38:12 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) {
(49) Thu Nov 21 15:38:12 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) -> FALSE
(49) Thu Nov 21 15:38:12 2024: Debug: else {
(49) Thu Nov 21 15:38:12 2024: Debug: eap: Peer sent EAP Response (code 2) ID 76 length 42
(49) Thu Nov 21 15:38:12 2024: Debug: eap: Continuing tunnel setup
(49) Thu Nov 21 15:38:12 2024: Debug: [eap] = ok
(49) Thu Nov 21 15:38:12 2024: Debug: } # else = ok
(49) Thu Nov 21 15:38:12 2024: Debug: if (ok) {
(49) Thu Nov 21 15:38:12 2024: Debug: if (ok) -> TRUE
(49) Thu Nov 21 15:38:12 2024: Debug: if (ok) {
(49) Thu Nov 21 15:38:12 2024: Debug: return
(49) Thu Nov 21 15:38:12 2024: Debug: } # if (ok) = ok
(49) Thu Nov 21 15:38:12 2024: Debug: } # authorize = ok
(49) Thu Nov 21 15:38:12 2024: Debug: Found Auth-Type = eap
(49) Thu Nov 21 15:38:12 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(49) Thu Nov 21 15:38:12 2024: Debug: authenticate {
(49) Thu Nov 21 15:38:12 2024: Debug: eap: Expiring EAP session with state 0xe972c5d8ec3edca6
(49) Thu Nov 21 15:38:12 2024: Debug: eap: Finished EAP session with state 0xe972c5d8ec3edca6
(49) Thu Nov 21 15:38:12 2024: Debug: eap: Previous EAP request found for state 0xe972c5d8ec3edca6, released from the list
(49) Thu Nov 21 15:38:12 2024: Debug: eap: Peer sent packet with method EAP PEAP (25)
(49) Thu Nov 21 15:38:12 2024: Debug: eap: Calling submodule eap_peap to process data
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: (TLS) EAP Done initial handshake
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Session established. Decoding tunneled attributes
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: PEAP state WAITING FOR INNER IDENTITY
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Identity - tester
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Got inner identity 'tester'
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Setting default EAP type for tunneled EAP session
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Got tunneled request
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: EAP-Message = 0x024c000b01746573746572
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Setting User-Name to tester
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Sending tunneled request to inner-tunnel
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: EAP-Message = 0x024c000b01746573746572
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: User-Name = "tester"
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: NAS-IP-Address = 100.129.56.1
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Eltex-Domain = "default"
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: NAS-Identifier = "68:13:E2:35:D2:20"
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: NAS-Port-Type = Wireless-802.11
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: NAS-Port-Id = "10"
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Service-Type = Framed-User
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: NAS-Port = 1
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Connect-Info = "CONNECT 24Mbps 802.11a"
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Acct-Session-Id = "FA94FFC0-B7DB1A4A"
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: WLAN-Pairwise-Cipher = 1027076
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: WLAN-Group-Cipher = 1027076
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: WLAN-AKM-Suite = 1027073
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Eltex-AP-Domain = "with-gre"
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Framed-MTU = 1400
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Event-Timestamp = "Nov 21 2024 15:38:12 GMT+7"
(49) Thu Nov 21 15:38:12 2024: Debug: Virtual server inner-tunnel received request
(49) Thu Nov 21 15:38:12 2024: Debug: EAP-Message = 0x024c000b01746573746572
(49) Thu Nov 21 15:38:12 2024: Debug: FreeRADIUS-Proxied-To = 127.0.0.1
(49) Thu Nov 21 15:38:12 2024: Debug: User-Name = "tester"
(49) Thu Nov 21 15:38:12 2024: Debug: NAS-IP-Address = 100.129.56.1
(49) Thu Nov 21 15:38:12 2024: Debug: Eltex-Domain = "default"
(49) Thu Nov 21 15:38:12 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(49) Thu Nov 21 15:38:12 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(49) Thu Nov 21 15:38:12 2024: Debug: NAS-Port-Type = Wireless-802.11
(49) Thu Nov 21 15:38:12 2024: Debug: NAS-Port-Id = "10"
(49) Thu Nov 21 15:38:12 2024: Debug: Service-Type = Framed-User
(49) Thu Nov 21 15:38:12 2024: Debug: NAS-Port = 1
(49) Thu Nov 21 15:38:12 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(49) Thu Nov 21 15:38:12 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(49) Thu Nov 21 15:38:12 2024: Debug: Acct-Session-Id = "FA94FFC0-B7DB1A4A"
(49) Thu Nov 21 15:38:12 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(49) Thu Nov 21 15:38:12 2024: Debug: WLAN-Group-Cipher = 1027076
(49) Thu Nov 21 15:38:12 2024: Debug: WLAN-AKM-Suite = 1027073
(49) Thu Nov 21 15:38:12 2024: Debug: Eltex-AP-Domain = "with-gre"
(49) Thu Nov 21 15:38:12 2024: Debug: Framed-MTU = 1400
(49) Thu Nov 21 15:38:12 2024: Debug: Event-Timestamp = "Nov 21 2024 15:38:12 GMT+7"
(49) Thu Nov 21 15:38:12 2024: WARNING: Outer and inner identities are the same. User privacy is compromised.
(49) Thu Nov 21 15:38:12 2024: Debug: server inner-tunnel {
(49) Thu Nov 21 15:38:12 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/inner-tunnel
(49) Thu Nov 21 15:38:12 2024: Debug: authorize {
(49) Thu Nov 21 15:38:12 2024: Debug: policy filter_username {
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name) {
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name) -> TRUE
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name) {
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ / /) {
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ / /) -> FALSE
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.\./ ) {
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(49) Thu Nov 21 15:38:12 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(49) Thu Nov 21 15:38:12 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.$/) {
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@\./) {
(49) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(49) Thu Nov 21 15:38:12 2024: Debug: } # if (&User-Name) = notfound
(49) Thu Nov 21 15:38:12 2024: Debug: } # policy filter_username = notfound
(49) Thu Nov 21 15:38:12 2024: Debug: [chap] = noop
(49) Thu Nov 21 15:38:12 2024: Debug: [mschap] = noop
(49) Thu Nov 21 15:38:12 2024: Debug: suffix: Checking for suffix after "@"
(49) Thu Nov 21 15:38:12 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(49) Thu Nov 21 15:38:12 2024: Debug: suffix: No such realm "NULL"
(49) Thu Nov 21 15:38:12 2024: Debug: [suffix] = noop
(49) Thu Nov 21 15:38:12 2024: Debug: eap: Peer sent EAP Response (code 2) ID 76 length 11
(49) Thu Nov 21 15:38:12 2024: Debug: eap: EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
(49) Thu Nov 21 15:38:12 2024: Debug: [eap] = ok
(49) Thu Nov 21 15:38:12 2024: Debug: } # authorize = ok
(49) Thu Nov 21 15:38:12 2024: Debug: Found Auth-Type = eap
(49) Thu Nov 21 15:38:12 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(49) Thu Nov 21 15:38:12 2024: Debug: authenticate {
(49) Thu Nov 21 15:38:12 2024: Debug: eap: Peer sent packet with method EAP Identity (1)
(49) Thu Nov 21 15:38:12 2024: Debug: eap: Calling submodule eap_mschapv2 to process data
(49) Thu Nov 21 15:38:12 2024: Debug: eap_mschapv2: Issuing Challenge
(49) Thu Nov 21 15:38:12 2024: Debug: eap: Sending EAP Request (code 1) ID 77 length 43
(49) Thu Nov 21 15:38:12 2024: Debug: eap: EAP session adding &reply:State = 0x39415d07390c47ca
(49) Thu Nov 21 15:38:12 2024: Debug: [eap] = handled
(49) Thu Nov 21 15:38:12 2024: Debug: } # authenticate = handled
(49) Thu Nov 21 15:38:12 2024: Debug: } # server inner-tunnel
(49) Thu Nov 21 15:38:12 2024: Debug: Virtual server sending reply
(49) Thu Nov 21 15:38:12 2024: Debug: EAP-Message = 0x014d002b1a014d002610e2e14d5f0898922ab87af7edb2f2ee9b667265657261646975732d332e302e3235
(49) Thu Nov 21 15:38:12 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(49) Thu Nov 21 15:38:12 2024: Debug: State = 0x39415d07390c47ca233427c848ccd003
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Got tunneled reply code 11
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: EAP-Message = 0x014d002b1a014d002610e2e14d5f0898922ab87af7edb2f2ee9b667265657261646975732d332e302e3235
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: State = 0x39415d07390c47ca233427c848ccd003
(49) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Got tunneled Access-Challenge
(49) Thu Nov 21 15:38:12 2024: Debug: eap: Sending EAP Request (code 1) ID 77 length 74
(49) Thu Nov 21 15:38:12 2024: Debug: eap: EAP session adding &reply:State = 0xe972c5d8ef3fdca6
(49) Thu Nov 21 15:38:12 2024: Debug: [eap] = handled
(49) Thu Nov 21 15:38:12 2024: Debug: } # authenticate = handled
(49) Thu Nov 21 15:38:12 2024: Debug: Using Post-Auth-Type Challenge
(49) Thu Nov 21 15:38:12 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(49) Thu Nov 21 15:38:12 2024: Debug: Challenge { ... } # empty sub-section is ignored
(49) Thu Nov 21 15:38:12 2024: Debug: session-state: Saving cached attributes
(49) Thu Nov 21 15:38:12 2024: Debug: Framed-MTU = 1004
(49) Thu Nov 21 15:38:12 2024: Debug: TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(49) Thu Nov 21 15:38:12 2024: Debug: TLS-Session-Version = "TLS 1.2"
(49) Thu Nov 21 15:38:12 2024: Debug: Sent Access-Challenge Id 47 from 100.129.58.1:1812 to 100.129.56.1:37236 length 144
(49) Thu Nov 21 15:38:12 2024: Debug: Eltex-Tls-Enabled = 0
(49) Thu Nov 21 15:38:12 2024: Debug: EAP-Message = 0x014d004a1900170303003f49b195ac8c59a1d654f33dca05bf20250b88cddeebc0c09887f71b8ff66130ef7a8826f1b8a520a6a2f7813901df73eba9f66ddbc6ff7e0ad4b8e944b839eb
(49) Thu Nov 21 15:38:12 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(49) Thu Nov 21 15:38:12 2024: Debug: State = 0xe972c5d8ef3fdca62745240ad035bf82
(49) Thu Nov 21 15:38:12 2024: Debug: Finished request
(50) Thu Nov 21 15:38:12 2024: Debug: Received Access-Request Id 48 from 100.129.56.1:37236 to 100.129.58.1:1812 length 362
(50) Thu Nov 21 15:38:12 2024: Debug: User-Name = "tester"
(50) Thu Nov 21 15:38:12 2024: Debug: NAS-IP-Address = 100.129.56.1
(50) Thu Nov 21 15:38:12 2024: Debug: Eltex-Domain = "default"
(50) Thu Nov 21 15:38:12 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(50) Thu Nov 21 15:38:12 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(50) Thu Nov 21 15:38:12 2024: Debug: NAS-Port-Type = Wireless-802.11
(50) Thu Nov 21 15:38:12 2024: Debug: NAS-Port-Id = "10"
(50) Thu Nov 21 15:38:12 2024: Debug: Service-Type = Framed-User
(50) Thu Nov 21 15:38:12 2024: Debug: NAS-Port = 1
(50) Thu Nov 21 15:38:12 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(50) Thu Nov 21 15:38:12 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(50) Thu Nov 21 15:38:12 2024: Debug: Acct-Session-Id = "FA94FFC0-B7DB1A4A"
(50) Thu Nov 21 15:38:12 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(50) Thu Nov 21 15:38:12 2024: Debug: WLAN-Group-Cipher = 1027076
(50) Thu Nov 21 15:38:12 2024: Debug: WLAN-AKM-Suite = 1027073
(50) Thu Nov 21 15:38:12 2024: Debug: Eltex-AP-Domain = "with-gre"
(50) Thu Nov 21 15:38:12 2024: Debug: Framed-MTU = 1400
(50) Thu Nov 21 15:38:12 2024: Debug: EAP-Message = 0x024d006019001703030055f8975c28e091e7313eb8678aa99ad357b0caf84c03afe5d765d6edcbc7f2a5241dfed39306b35428a04356f0b8c6da22c8941bc2f57eb2bc410888f59bbe7450557ec
(50) Thu Nov 21 15:38:12 2024: Debug: State = 0xe972c5d8ef3fdca62745240ad035bf82
(50) Thu Nov 21 15:38:12 2024: Debug: Message-Authenticator = 0xad80263807a5eb7abd7d2bba1f3c679d
(50) Thu Nov 21 15:38:12 2024: Debug: Restoring &session-state
(50) Thu Nov 21 15:38:12 2024: Debug: &session-state:Framed-MTU = 1004
(50) Thu Nov 21 15:38:12 2024: Debug: &session-state:TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(50) Thu Nov 21 15:38:12 2024: Debug: &session-state:TLS-Session-Version = "TLS 1.2"
(50) Thu Nov 21 15:38:12 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/_default
(50) Thu Nov 21 15:38:12 2024: Debug: authorize {
(50) Thu Nov 21 15:38:12 2024: Debug: policy filter_username {
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name) {
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name) -> TRUE
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name) {
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ / /) {
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ / /) -> FALSE
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.\./ ) {
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(50) Thu Nov 21 15:38:12 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(50) Thu Nov 21 15:38:12 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.$/) {
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@\./) {
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(50) Thu Nov 21 15:38:12 2024: Debug: } # if (&User-Name) = notfound
(50) Thu Nov 21 15:38:12 2024: Debug: } # policy filter_username = notfound
(50) Thu Nov 21 15:38:12 2024: Debug: [preprocess] = ok
(50) Thu Nov 21 15:38:12 2024: Debug: [chap] = noop
(50) Thu Nov 21 15:38:12 2024: Debug: [mschap] = noop
(50) Thu Nov 21 15:38:12 2024: Debug: [digest] = noop
(50) Thu Nov 21 15:38:12 2024: Debug: suffix: Checking for suffix after "@"
(50) Thu Nov 21 15:38:12 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(50) Thu Nov 21 15:38:12 2024: Debug: suffix: No such realm "NULL"
(50) Thu Nov 21 15:38:12 2024: Debug: [suffix] = noop
(50) Thu Nov 21 15:38:12 2024: Debug: files_multi: users: Matched entry DEFAULT at line 1
(50) Thu Nov 21 15:38:12 2024: Debug: files_multi: users: Matched entry tester at line 5
(50) Thu Nov 21 15:38:12 2024: Debug: [files_multi] = ok
(50) Thu Nov 21 15:38:12 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) {
(50) Thu Nov 21 15:38:12 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) -> FALSE
(50) Thu Nov 21 15:38:12 2024: Debug: else {
(50) Thu Nov 21 15:38:12 2024: Debug: eap: Peer sent EAP Response (code 2) ID 77 length 96
(50) Thu Nov 21 15:38:12 2024: Debug: eap: Continuing tunnel setup
(50) Thu Nov 21 15:38:12 2024: Debug: [eap] = ok
(50) Thu Nov 21 15:38:12 2024: Debug: } # else = ok
(50) Thu Nov 21 15:38:12 2024: Debug: if (ok) {
(50) Thu Nov 21 15:38:12 2024: Debug: if (ok) -> TRUE
(50) Thu Nov 21 15:38:12 2024: Debug: if (ok) {
(50) Thu Nov 21 15:38:12 2024: Debug: return
(50) Thu Nov 21 15:38:12 2024: Debug: } # if (ok) = ok
(50) Thu Nov 21 15:38:12 2024: Debug: } # authorize = ok
(50) Thu Nov 21 15:38:12 2024: Debug: Found Auth-Type = eap
(50) Thu Nov 21 15:38:12 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(50) Thu Nov 21 15:38:12 2024: Debug: authenticate {
(50) Thu Nov 21 15:38:12 2024: Debug: eap: Expiring EAP session with state 0x39415d07390c47ca
(50) Thu Nov 21 15:38:12 2024: Debug: eap: Finished EAP session with state 0xe972c5d8ef3fdca6
(50) Thu Nov 21 15:38:12 2024: Debug: eap: Previous EAP request found for state 0xe972c5d8ef3fdca6, released from the list
(50) Thu Nov 21 15:38:12 2024: Debug: eap: Peer sent packet with method EAP PEAP (25)
(50) Thu Nov 21 15:38:12 2024: Debug: eap: Calling submodule eap_peap to process data
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: (TLS) EAP Done initial handshake
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Session established. Decoding tunneled attributes
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: PEAP state phase2
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: EAP method MSCHAPv2 (26)
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Got tunneled request
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: EAP-Message = 0x024d00411a024d003c31307984efc4700161597ce2539f3e04340000000000000000857df15fd3dd3b9cd17cadd24bddbdbe25b1d02854c7371000746573746572
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Setting User-Name to tester
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Sending tunneled request to inner-tunnel
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: EAP-Message = 0x024d00411a024d003c31307984efc4700161597ce2539f3e04340000000000000000857df15fd3dd3b9cd17cadd24bddbdbe25b1d02854c7371000746573746572
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: User-Name = "tester"
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: State = 0x39415d07390c47ca233427c848ccd003
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: NAS-IP-Address = 100.129.56.1
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Eltex-Domain = "default"
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: NAS-Identifier = "68:13:E2:35:D2:20"
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: NAS-Port-Type = Wireless-802.11
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: NAS-Port-Id = "10"
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Service-Type = Framed-User
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: NAS-Port = 1
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Connect-Info = "CONNECT 24Mbps 802.11a"
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Acct-Session-Id = "FA94FFC0-B7DB1A4A"
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: WLAN-Pairwise-Cipher = 1027076
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: WLAN-Group-Cipher = 1027076
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: WLAN-AKM-Suite = 1027073
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Eltex-AP-Domain = "with-gre"
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Framed-MTU = 1400
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Event-Timestamp = "Nov 21 2024 15:38:12 GMT+7"
(50) Thu Nov 21 15:38:12 2024: Debug: Virtual server inner-tunnel received request
(50) Thu Nov 21 15:38:12 2024: Debug: EAP-Message = 0x024d00411a024d003c31307984efc4700161597ce2539f3e04340000000000000000857df15fd3dd3b9cd17cadd24bddbdbe25b1d02854c7371000746573746572
(50) Thu Nov 21 15:38:12 2024: Debug: FreeRADIUS-Proxied-To = 127.0.0.1
(50) Thu Nov 21 15:38:12 2024: Debug: User-Name = "tester"
(50) Thu Nov 21 15:38:12 2024: Debug: State = 0x39415d07390c47ca233427c848ccd003
(50) Thu Nov 21 15:38:12 2024: Debug: NAS-IP-Address = 100.129.56.1
(50) Thu Nov 21 15:38:12 2024: Debug: Eltex-Domain = "default"
(50) Thu Nov 21 15:38:12 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(50) Thu Nov 21 15:38:12 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(50) Thu Nov 21 15:38:12 2024: Debug: NAS-Port-Type = Wireless-802.11
(50) Thu Nov 21 15:38:12 2024: Debug: NAS-Port-Id = "10"
(50) Thu Nov 21 15:38:12 2024: Debug: Service-Type = Framed-User
(50) Thu Nov 21 15:38:12 2024: Debug: NAS-Port = 1
(50) Thu Nov 21 15:38:12 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(50) Thu Nov 21 15:38:12 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(50) Thu Nov 21 15:38:12 2024: Debug: Acct-Session-Id = "FA94FFC0-B7DB1A4A"
(50) Thu Nov 21 15:38:12 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(50) Thu Nov 21 15:38:12 2024: Debug: WLAN-Group-Cipher = 1027076
(50) Thu Nov 21 15:38:12 2024: Debug: WLAN-AKM-Suite = 1027073
(50) Thu Nov 21 15:38:12 2024: Debug: Eltex-AP-Domain = "with-gre"
(50) Thu Nov 21 15:38:12 2024: Debug: Framed-MTU = 1400
(50) Thu Nov 21 15:38:12 2024: Debug: Event-Timestamp = "Nov 21 2024 15:38:12 GMT+7"
(50) Thu Nov 21 15:38:12 2024: WARNING: Outer and inner identities are the same. User privacy is compromised.
(50) Thu Nov 21 15:38:12 2024: Debug: server inner-tunnel {
(50) Thu Nov 21 15:38:12 2024: Debug: session-state: No cached attributes
(50) Thu Nov 21 15:38:12 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/inner-tunnel
(50) Thu Nov 21 15:38:12 2024: Debug: authorize {
(50) Thu Nov 21 15:38:12 2024: Debug: policy filter_username {
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name) {
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name) -> TRUE
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name) {
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ / /) {
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ / /) -> FALSE
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.\./ ) {
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(50) Thu Nov 21 15:38:12 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(50) Thu Nov 21 15:38:12 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.$/) {
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@\./) {
(50) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(50) Thu Nov 21 15:38:12 2024: Debug: } # if (&User-Name) = notfound
(50) Thu Nov 21 15:38:12 2024: Debug: } # policy filter_username = notfound
(50) Thu Nov 21 15:38:12 2024: Debug: [chap] = noop
(50) Thu Nov 21 15:38:12 2024: Debug: [mschap] = noop
(50) Thu Nov 21 15:38:12 2024: Debug: suffix: Checking for suffix after "@"
(50) Thu Nov 21 15:38:12 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(50) Thu Nov 21 15:38:12 2024: Debug: suffix: No such realm "NULL"
(50) Thu Nov 21 15:38:12 2024: Debug: [suffix] = noop
(50) Thu Nov 21 15:38:12 2024: Debug: eap: Peer sent EAP Response (code 2) ID 77 length 65
(50) Thu Nov 21 15:38:12 2024: Debug: eap: No EAP Start, assuming it's an on-going EAP conversation
(50) Thu Nov 21 15:38:12 2024: Debug: [eap] = updated
(50) Thu Nov 21 15:38:12 2024: Debug: files_multi: users: Matched entry DEFAULT at line 1
(50) Thu Nov 21 15:38:12 2024: Debug: files_multi: users: Matched entry tester at line 5
(50) Thu Nov 21 15:38:12 2024: Debug: [files_multi] = ok
(50) Thu Nov 21 15:38:12 2024: Debug: [expiration] = noop
(50) Thu Nov 21 15:38:12 2024: Debug: [logintime] = noop
(50) Thu Nov 21 15:38:12 2024: WARNING: pap: Auth-Type already set. Not setting to PAP
(50) Thu Nov 21 15:38:12 2024: Debug: [pap] = noop
(50) Thu Nov 21 15:38:12 2024: Debug: } # authorize = updated
(50) Thu Nov 21 15:38:12 2024: Debug: Found Auth-Type = eap
(50) Thu Nov 21 15:38:12 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(50) Thu Nov 21 15:38:12 2024: Debug: authenticate {
(50) Thu Nov 21 15:38:12 2024: Debug: eap: Expiring EAP session with state 0x39415d07390c47ca
(50) Thu Nov 21 15:38:12 2024: Debug: eap: Finished EAP session with state 0x39415d07390c47ca
(50) Thu Nov 21 15:38:12 2024: Debug: eap: Previous EAP request found for state 0x39415d07390c47ca, released from the list
(50) Thu Nov 21 15:38:12 2024: Debug: eap: Peer sent packet with method EAP MSCHAPv2 (26)
(50) Thu Nov 21 15:38:12 2024: Debug: eap: Calling submodule eap_mschapv2 to process data
(50) Thu Nov 21 15:38:12 2024: Debug: eap_mschapv2: # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(50) Thu Nov 21 15:38:12 2024: Debug: eap_mschapv2: authenticate {
(50) Thu Nov 21 15:38:12 2024: Debug: mschap: Found Cleartext-Password, hashing to create NT-Password
(50) Thu Nov 21 15:38:12 2024: Debug: mschap: Creating challenge hash with username: tester
(50) Thu Nov 21 15:38:12 2024: Debug: mschap: Client is using MS-CHAPv2
(50) Thu Nov 21 15:38:12 2024: ERROR: mschap: MS-CHAP2-Response is incorrect
(50) Thu Nov 21 15:38:12 2024: Debug: eap_mschapv2: [mschap] = reject
(50) Thu Nov 21 15:38:12 2024: Debug: eap_mschapv2: } # authenticate = reject
(50) Thu Nov 21 15:38:12 2024: Debug: eap: Sending EAP Failure (code 4) ID 77 length 4
(50) Thu Nov 21 15:38:12 2024: Debug: eap: Freeing handler
(50) Thu Nov 21 15:38:12 2024: Debug: [eap] = reject
(50) Thu Nov 21 15:38:12 2024: Debug: } # authenticate = reject
(50) Thu Nov 21 15:38:12 2024: Debug: Failed to authenticate the user
(50) Thu Nov 21 15:38:12 2024: Debug: Using Post-Auth-Type Reject
(50) Thu Nov 21 15:38:12 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(50) Thu Nov 21 15:38:12 2024: Debug: Post-Auth-Type REJECT {
(50) Thu Nov 21 15:38:12 2024: Debug: attr_filter.access_reject: EXPAND %{User-Name}
(50) Thu Nov 21 15:38:12 2024: Debug: attr_filter.access_reject: --> tester
(50) Thu Nov 21 15:38:12 2024: Debug: attr_filter.access_reject: Matched entry DEFAULT at line 11
(50) Thu Nov 21 15:38:12 2024: Debug: [attr_filter.access_reject] = updated
(50) Thu Nov 21 15:38:12 2024: Debug: update outer.session-state {
(50) Thu Nov 21 15:38:12 2024: Debug: } # update outer.session-state = noop
(50) Thu Nov 21 15:38:12 2024: Debug: } # Post-Auth-Type REJECT = updated
(50) Thu Nov 21 15:38:12 2024: Debug: } # server inner-tunnel
(50) Thu Nov 21 15:38:12 2024: Debug: Virtual server sending reply
(50) Thu Nov 21 15:38:12 2024: Debug: MS-CHAP-Error = "ME=691 R=1 C=b1c57ec11acb98cafda3f21162e8c4d8 V=3 M=Authentication rejected"
(50) Thu Nov 21 15:38:12 2024: Debug: EAP-Message = 0x044d0004
(50) Thu Nov 21 15:38:12 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Got tunneled reply code 3
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: MS-CHAP-Error = "ME=691 R=1 C=b1c57ec11acb98cafda3f21162e8c4d8 V=3 M=Authentication rejected"
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: EAP-Message = 0x044d0004
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Message-Authenticator = 0x00000000000000000000000000000000
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Tunneled authentication was rejected
(50) Thu Nov 21 15:38:12 2024: Debug: eap_peap: FAILURE
(50) Thu Nov 21 15:38:12 2024: Debug: eap: Sending EAP Request (code 1) ID 78 length 46
(50) Thu Nov 21 15:38:12 2024: Debug: eap: EAP session adding &reply:State = 0xe972c5d8ee3cdca6
(50) Thu Nov 21 15:38:12 2024: Debug: [eap] = handled
(50) Thu Nov 21 15:38:12 2024: Debug: } # authenticate = handled
(50) Thu Nov 21 15:38:12 2024: Debug: Using Post-Auth-Type Challenge
(50) Thu Nov 21 15:38:12 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(50) Thu Nov 21 15:38:12 2024: Debug: Challenge { ... } # empty sub-section is ignored
(50) Thu Nov 21 15:38:12 2024: Debug: session-state: Saving cached attributes
(50) Thu Nov 21 15:38:12 2024: Debug: Framed-MTU = 1004
(50) Thu Nov 21 15:38:12 2024: Debug: TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(50) Thu Nov 21 15:38:12 2024: Debug: TLS-Session-Version = "TLS 1.2"
(50) Thu Nov 21 15:38:12 2024: Debug: Module-Failure-Message := "mschap: MS-CHAP2-Response is incorrect"
(50) Thu Nov 21 15:38:12 2024: Debug: Sent Access-Challenge Id 48 from 100.129.58.1:1812 to 100.129.56.1:37236 length 116
(50) Thu Nov 21 15:38:12 2024: Debug: Eltex-Tls-Enabled = 0
(50) Thu Nov 21 15:38:12 2024: Debug: EAP-Message = 0x014e002e1900170303002349b195ac8c59a1d798bd355a6f14ba67c4d53f463ad1801366b41b485e42ff0ad36c50
(50) Thu Nov 21 15:38:12 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(50) Thu Nov 21 15:38:12 2024: Debug: State = 0xe972c5d8ee3cdca62745240ad035bf82
(50) Thu Nov 21 15:38:12 2024: Debug: Finished request
(51) Thu Nov 21 15:38:12 2024: Debug: Received Access-Request Id 49 from 100.129.56.1:37236 to 100.129.58.1:1812 length 312
(51) Thu Nov 21 15:38:12 2024: Debug: User-Name = "tester"
(51) Thu Nov 21 15:38:12 2024: Debug: NAS-IP-Address = 100.129.56.1
(51) Thu Nov 21 15:38:12 2024: Debug: Eltex-Domain = "default"
(51) Thu Nov 21 15:38:12 2024: Debug: NAS-Identifier = "68:13:E2:35:D2:20"
(51) Thu Nov 21 15:38:12 2024: Debug: Called-Station-Id = "68-13-E2-35-D2-20:TEST-SSID-WLC-15"
(51) Thu Nov 21 15:38:12 2024: Debug: NAS-Port-Type = Wireless-802.11
(51) Thu Nov 21 15:38:12 2024: Debug: NAS-Port-Id = "10"
(51) Thu Nov 21 15:38:12 2024: Debug: Service-Type = Framed-User
(51) Thu Nov 21 15:38:12 2024: Debug: NAS-Port = 1
(51) Thu Nov 21 15:38:12 2024: Debug: Calling-Station-Id = "DA-A7-8A-41-68-F5"
(51) Thu Nov 21 15:38:12 2024: Debug: Connect-Info = "CONNECT 24Mbps 802.11a"
(51) Thu Nov 21 15:38:12 2024: Debug: Acct-Session-Id = "FA94FFC0-B7DB1A4A"
(51) Thu Nov 21 15:38:12 2024: Debug: WLAN-Pairwise-Cipher = 1027076
(51) Thu Nov 21 15:38:12 2024: Debug: WLAN-Group-Cipher = 1027076
(51) Thu Nov 21 15:38:12 2024: Debug: WLAN-AKM-Suite = 1027073
(51) Thu Nov 21 15:38:12 2024: Debug: Eltex-AP-Domain = "with-gre"
(51) Thu Nov 21 15:38:12 2024: Debug: Framed-MTU = 1400
(51) Thu Nov 21 15:38:12 2024: Debug: EAP-Message = 0x024e002e19001703030023f8975c28e091e732883ca2d06dc3ca29c0cd107d25060443fde1b3547ef8345092780d
(51) Thu Nov 21 15:38:12 2024: Debug: State = 0xe972c5d8ee3cdca62745240ad035bf82
(51) Thu Nov 21 15:38:12 2024: Debug: Message-Authenticator = 0x6772704783a0e9f5592c63afe8b7a042
(51) Thu Nov 21 15:38:12 2024: Debug: Restoring &session-state
(51) Thu Nov 21 15:38:12 2024: Debug: &session-state:Framed-MTU = 1004
(51) Thu Nov 21 15:38:12 2024: Debug: &session-state:TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(51) Thu Nov 21 15:38:12 2024: Debug: &session-state:TLS-Session-Version = "TLS 1.2"
(51) Thu Nov 21 15:38:12 2024: Debug: &session-state:Module-Failure-Message := "mschap: MS-CHAP2-Response is incorrect"
(51) Thu Nov 21 15:38:12 2024: Debug: # Executing section authorize from file /etc/raddb/sites-enabled/_default
(51) Thu Nov 21 15:38:12 2024: Debug: authorize {
(51) Thu Nov 21 15:38:12 2024: Debug: policy filter_username {
(51) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name) {
(51) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name) -> TRUE
(51) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name) {
(51) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ / /) {
(51) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ / /) -> FALSE
(51) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) {
(51) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(51) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.\./ ) {
(51) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.\./ ) -> FALSE
(51) Thu Nov 21 15:38:12 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(51) Thu Nov 21 15:38:12 2024: Debug: if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(51) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.$/) {
(51) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /\.$/) -> FALSE
(51) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@\./) {
(51) Thu Nov 21 15:38:12 2024: Debug: if (&User-Name =~ /@\./) -> FALSE
(51) Thu Nov 21 15:38:12 2024: Debug: } # if (&User-Name) = notfound
(51) Thu Nov 21 15:38:12 2024: Debug: } # policy filter_username = notfound
(51) Thu Nov 21 15:38:12 2024: Debug: [preprocess] = ok
(51) Thu Nov 21 15:38:12 2024: Debug: [chap] = noop
(51) Thu Nov 21 15:38:12 2024: Debug: [mschap] = noop
(51) Thu Nov 21 15:38:12 2024: Debug: [digest] = noop
(51) Thu Nov 21 15:38:12 2024: Debug: suffix: Checking for suffix after "@"
(51) Thu Nov 21 15:38:12 2024: Debug: suffix: No '@' in User-Name = "tester", looking up realm NULL
(51) Thu Nov 21 15:38:12 2024: Debug: suffix: No such realm "NULL"
(51) Thu Nov 21 15:38:12 2024: Debug: [suffix] = noop
(51) Thu Nov 21 15:38:12 2024: Debug: files_multi: users: Matched entry DEFAULT at line 1
(51) Thu Nov 21 15:38:12 2024: Debug: files_multi: users: Matched entry tester at line 5
(51) Thu Nov 21 15:38:12 2024: Debug: [files_multi] = ok
(51) Thu Nov 21 15:38:12 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) {
(51) Thu Nov 21 15:38:12 2024: Debug: if (&reply:Eltex-Tls-Enabled == 1) -> FALSE
(51) Thu Nov 21 15:38:12 2024: Debug: else {
(51) Thu Nov 21 15:38:12 2024: Debug: eap: Peer sent EAP Response (code 2) ID 78 length 46
(51) Thu Nov 21 15:38:12 2024: Debug: eap: Continuing tunnel setup
(51) Thu Nov 21 15:38:12 2024: Debug: [eap] = ok
(51) Thu Nov 21 15:38:12 2024: Debug: } # else = ok
(51) Thu Nov 21 15:38:12 2024: Debug: if (ok) {
(51) Thu Nov 21 15:38:12 2024: Debug: if (ok) -> TRUE
(51) Thu Nov 21 15:38:12 2024: Debug: if (ok) {
(51) Thu Nov 21 15:38:12 2024: Debug: return
(51) Thu Nov 21 15:38:12 2024: Debug: } # if (ok) = ok
(51) Thu Nov 21 15:38:12 2024: Debug: } # authorize = ok
(51) Thu Nov 21 15:38:12 2024: Debug: Found Auth-Type = eap
(51) Thu Nov 21 15:38:12 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(51) Thu Nov 21 15:38:12 2024: Debug: authenticate {
(51) Thu Nov 21 15:38:12 2024: Debug: eap: Expiring EAP session with state 0xe972c5d8ee3cdca6
(51) Thu Nov 21 15:38:12 2024: Debug: eap: Finished EAP session with state 0xe972c5d8ee3cdca6
(51) Thu Nov 21 15:38:12 2024: Debug: eap: Previous EAP request found for state 0xe972c5d8ee3cdca6, released from the list
(51) Thu Nov 21 15:38:12 2024: Debug: eap: Peer sent packet with method EAP PEAP (25)
(51) Thu Nov 21 15:38:12 2024: Debug: eap: Calling submodule eap_peap to process data
(51) Thu Nov 21 15:38:12 2024: Debug: eap_peap: (TLS) EAP Done initial handshake
(51) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Session established. Decoding tunneled attributes
(51) Thu Nov 21 15:38:12 2024: Debug: eap_peap: PEAP state send tlv failure
(51) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Received EAP-TLV response
(51) Thu Nov 21 15:38:12 2024: ERROR: eap_peap: The users session was previously rejected: returning reject (again.)
(51) Thu Nov 21 15:38:12 2024: Debug: eap_peap: This means you need to read the PREVIOUS messages in the debug output
(51) Thu Nov 21 15:38:12 2024: Debug: eap_peap: to find out the reason why the user was rejected
(51) Thu Nov 21 15:38:12 2024: Debug: eap_peap: Look for "reject" or "fail". Those earlier messages will tell you
(51) Thu Nov 21 15:38:12 2024: Debug: eap_peap: what went wrong, and how to fix the problem
(51) Thu Nov 21 15:38:12 2024: ERROR: eap: Failed continuing EAP PEAP (25) session. EAP sub-module failed
(51) Thu Nov 21 15:38:12 2024: Debug: eap: Sending EAP Failure (code 4) ID 78 length 4
(51) Thu Nov 21 15:38:12 2024: Debug: eap: Failed in EAP select
(51) Thu Nov 21 15:38:12 2024: Debug: [eap] = invalid
(51) Thu Nov 21 15:38:12 2024: Debug: } # authenticate = invalid
(51) Thu Nov 21 15:38:12 2024: Debug: Failed to authenticate the user <<<-------------------------------------------------------------------------------- Пользователь не прошел аутентификацию
(51) Thu Nov 21 15:38:12 2024: Debug: Using Post-Auth-Type Reject
(51) Thu Nov 21 15:38:12 2024: Debug: # Executing group from file /etc/raddb/sites-enabled/_default
(51) Thu Nov 21 15:38:12 2024: Debug: Post-Auth-Type REJECT {
(51) Thu Nov 21 15:38:12 2024: Debug: attr_filter.access_reject: EXPAND %{User-Name}
(51) Thu Nov 21 15:38:12 2024: Debug: attr_filter.access_reject: --> tester
(51) Thu Nov 21 15:38:12 2024: Debug: attr_filter.access_reject: Matched entry DEFAULT at line 11
(51) Thu Nov 21 15:38:12 2024: Debug: [attr_filter.access_reject] = updated
(51) Thu Nov 21 15:38:12 2024: Debug: [eap] = noop
(51) Thu Nov 21 15:38:12 2024: Debug: policy remove_reply_message_if_eap {
(51) Thu Nov 21 15:38:12 2024: Debug: if (&reply:EAP-Message && &reply:Reply-Message) {
(51) Thu Nov 21 15:38:12 2024: Debug: if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE
(51) Thu Nov 21 15:38:12 2024: Debug: else {
(51) Thu Nov 21 15:38:12 2024: Debug: [noop] = noop
(51) Thu Nov 21 15:38:12 2024: Debug: } # else = noop
(51) Thu Nov 21 15:38:12 2024: Debug: } # policy remove_reply_message_if_eap = noop
(51) Thu Nov 21 15:38:12 2024: Debug: } # Post-Auth-Type REJECT = updated
(51) Thu Nov 21 15:38:12 2024: Debug: Delaying response for 1.000000 seconds
(51) Thu Nov 21 15:38:13 2024: Debug: Sending delayed response
(51) Thu Nov 21 15:38:13 2024: Debug: Sent Access-Reject Id 49 from 100.129.58.1:1812 to 100.129.56.1:37236 length 44 <<<-------------------------------------------------------------------------------- Acess-Reject
(51) Thu Nov 21 15:38:13 2024: Debug: EAP-Message = 0x044e0004
(51) Thu Nov 21 15:38:13 2024: Debug: Message-Authenticator = 0x00000000000000000000000000000000
(43) Thu Nov 21 15:38:14 2024: Debug: Cleaning up request packet ID 41 with timestamp +9048
(44) Thu Nov 21 15:38:14 2024: Debug: Cleaning up request packet ID 42 with timestamp +9048
(45) Thu Nov 21 15:38:14 2024: Debug: Cleaning up request packet ID 43 with timestamp +9048
(46) Thu Nov 21 15:38:14 2024: Debug: Cleaning up request packet ID 44 with timestamp +9048
(47) Thu Nov 21 15:38:17 2024: Debug: Cleaning up request packet ID 45 with timestamp +9051
(48) Thu Nov 21 15:38:17 2024: Debug: Cleaning up request packet ID 46 with timestamp +9051
(49) Thu Nov 21 15:38:17 2024: Debug: Cleaning up request packet ID 47 with timestamp +9051
(50) Thu Nov 21 15:38:17 2024: Debug: Cleaning up request packet ID 48 with timestamp +9051
(51) Thu Nov 21 15:38:17 2024: Debug: Cleaning up request packet ID 49 with timestamp +9051
В файл на flash:data/ и выгрузкой по tftp
wlc-15(debug)# show radius-debug username tester timeout 600 file flash:data/radius_debug.txt Total lines written: 2678 File saved wlc-15(debug)# end wlc-15# copy flash:data/radius_debug.txt tftp://100.110.0.214:/radius_debug.txt |******************************************| 100% (210kB) Success!
В файл на внешний USB
wlc-15(debug)# show radius-debug username tester timeout 600 file usb://103F-2D94:/test_radius_debug_usb.txt Total lines written: 1329 File saved wlc-15(debug)# end wlc-15# show storage-devices usb Name Filesystem Total, MB Used, MB Free, MB ------------------------------ ---------- ---------- ---------- ---------- 103F-2D94 vfat 7771.80 834.25 6937.55 wlc-15# dir usb://103F-2D94:/ Name Type Size Last modified ---------------------------------------------------------- ---------- -------- -- ------------------------- test_radius_debug_usb.txt File 105.24 KB Thu Nov 21 16:44:22 2024