Aller au contenu

FreeRadius + EAP-TTLS/PAP LDAP


Messages recommandés

Bonjour à tous

Je souhaite depuis un certain temps de configurer un serveur radius ainsi FreeRadius + EAP-TTLS/PAP LDAP avec VLAN Dynamique.

J'utilise Freeradius 2.1.5 patch depuis les sources et packager sous debian.

Debian 5.01

Hostapd 0.5.9

Ldap 2.1.3

xsupplicant 1.2.4 orig

J'ai déjà réussi a configurer le freeradius en mode EAP-TLS / LDAP

Tout fonctionnait correctement.

Maintenant je souhaite FreeRadius + EAP-TTLS/PAP LDAP avec VLAN Dynamique.

Voici les logs:

FREERADIUS:

FreeRADIUS Version 2.1.5, for host i486-pc-linux-gnu, built on Apr 6 2009 at 18:58:22

Copyright © 1999-2008 The FreeRADIUS server project and contributors.

There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A

PARTICULAR PURPOSE.

You may redistribute copies of FreeRADIUS under the terms of the

GNU General Public License v2.

Starting - reading configuration files ...

including configuration file /etc/freeradius/radiusd.conf

including configuration file /etc/freeradius/proxy.conf

including configuration file /etc/freeradius/clients.conf

including files in directory /etc/freeradius/modules/

including configuration file /etc/freeradius/modules/acct_unique

including configuration file /etc/freeradius/modules/always

including configuration file /etc/freeradius/modules/attr_filter

including configuration file /etc/freeradius/modules/attr_rewrite

including configuration file /etc/freeradius/modules/chap

including configuration file /etc/freeradius/modules/checkval

including configuration file /etc/freeradius/modules/counter

including configuration file /etc/freeradius/modules/detail

including configuration file /etc/freeradius/modules/detail.example.com

including configuration file /etc/freeradius/modules/detail.log

including configuration file /etc/freeradius/modules/digest

including configuration file /etc/freeradius/modules/echo

including configuration file /etc/freeradius/modules/etc_group

including configuration file /etc/freeradius/modules/exec

including configuration file /etc/freeradius/modules/expiration

including configuration file /etc/freeradius/modules/expr

including configuration file /etc/freeradius/modules/files

including configuration file /etc/freeradius/modules/inner-eap

including configuration file /etc/freeradius/modules/ippool

including configuration file /etc/freeradius/modules/krb5

including configuration file /etc/freeradius/modules/linelog

including configuration file /etc/freeradius/modules/logintime

including configuration file /etc/freeradius/modules/mac2ip

including configuration file /etc/freeradius/modules/mac2vlan

including configuration file /etc/freeradius/modules/mschap

including configuration file /etc/freeradius/modules/otp

including configuration file /etc/freeradius/modules/pam

including configuration file /etc/freeradius/modules/passwd

including configuration file /etc/freeradius/modules/perl

including configuration file /etc/freeradius/modules/policy

including configuration file /etc/freeradius/modules/preprocess

including configuration file /etc/freeradius/modules/radutmp

including configuration file /etc/freeradius/modules/realm

including configuration file /etc/freeradius/modules/smbpasswd

including configuration file /etc/freeradius/modules/smsotp

including configuration file /etc/freeradius/modules/sql_log

including configuration file /etc/freeradius/modules/sqlcounter_expire_on_login

including configuration file /etc/freeradius/modules/sradutmp

including configuration file /etc/freeradius/modules/unix

including configuration file /etc/freeradius/modules/wimax

including configuration file /etc/freeradius/modules/pap

including configuration file /etc/freeradius/modules/ldap

including configuration file /etc/freeradius/modules/ttls-eap

including configuration file /etc/freeradius/eap.conf

including configuration file /etc/freeradius/policy.conf

including files in directory /etc/freeradius/sites-enabled/

including configuration file /etc/freeradius/sites-enabled/default

including configuration file /etc/freeradius/sites-enabled/inner-tunnel

including configuration file /etc/freeradius/sites-enabled/control-socket

group = freerad

user = freerad

including dictionary file /etc/freeradius/dictionary

main {

prefix = "/usr"

localstatedir = "/var"

logdir = "/var/log/freeradius"

libdir = "/usr/lib/freeradius"

radacctdir = "/var/log/freeradius/radacct"

hostname_lookups = no

max_request_time = 30

cleanup_delay = 5

max_requests = 1024

allow_core_dumps = no

pidfile = "/var/run/freeradius/freeradius.pid"

checkrad = "/usr/sbin/checkrad"

debug_level = 0

proxy_requests = no

log {

stripped_names = yes

auth = yes

auth_badpass = yes

auth_goodpass = yes

}

security {

max_attributes = 0

reject_delay = 1

status_server = yes

}

}

radiusd: #### Loading Realms and Home Servers ####

proxy server {

retry_delay = 5

retry_count = 3

default_fallback = no

dead_time = 120

wake_all_if_all_dead = no

}

home_server localhost {

ipaddr = 127.0.0.1

port = 1812

type = "auth"

secret = "testing123"

response_window = 20

max_outstanding = 65536

require_message_authenticator = no

zombie_period = 40

status_check = "status-server"

ping_interval = 30

check_interval = 30

num_answers_to_alive = 3

num_pings_to_alive = 3

revive_interval = 120

status_check_timeout = 4

irt = 2

mrt = 16

mrc = 5

mrd = 30

}

home_server_pool my_auth_failover {

type = fail-over

home_server = localhost

}

realm example.com {

auth_pool = my_auth_failover

}

realm LOCAL {

}

radiusd: #### Loading Clients ####

client 127.0.0.1 {

require_message_authenticator = no

secret = "testing123"

shortname = "nas"

nastype = "other"

}

client 172.168.1.1 {

require_message_authenticator = yes

secret = "testing123"

shortname = "nas"

nastype = "other"

}

radiusd: #### Instantiating modules ####

instantiate {

Module: Linked to module rlm_exec

Module: Instantiating exec

exec {

wait = no

input_pairs = "request"

shell_escape = yes

}

Module: Linked to module rlm_expr

Module: Instantiating expr

}

radiusd: #### Loading Virtual Servers ####

server inner-tunnel {

modules {

Module: Checking authenticate {...} for more modules to load

Module: Linked to module rlm_pap

Module: Instantiating pap

pap {

encryption_scheme = "clear"

auto_header = no

}

Module: Linked to module rlm_ldap

Module: Instantiating openldap

ldap openldap {

server = "127.0.0.1"

port = 389

password = ""

identity = ""

net_timeout = 5

timeout = 5

timelimit = 5

tls_mode = no

start_tls = no

tls_require_cert = "allow"

tls {

start_tls = no

require_cert = "allow"

}

basedn = "dc=thales,dc=com"

filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"

base_filter = "(objectclass=inetorgperson)"

auto_header = no

access_attr_used_for_allow = yes

groupname_attribute = "cn"

groupmembership_filter = "(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))"

dictionary_mapping = "/etc/freeradius/ldap.attrmap"

ldap_debug = 0

ldap_connections_number = 5

compare_check_items = no

do_xlat = yes

edir_account_policy_check = no

set_auth_type = no

}

rlm_ldap: Registering ldap_groupcmp for Ldap-Group

rlm_ldap: Creating new attribute openldap-Ldap-Group

rlm_ldap: Registering ldap_groupcmp for openldap-Ldap-Group

rlm_ldap: Registering ldap_xlat with xlat_name openldap

rlm_ldap: reading ldap<->radius mappings from file /etc/freeradius/ldap.attrmap

rlm_ldap: LDAP radiusCheckItem mapped to RADIUS $GENERIC$

rlm_ldap: LDAP radiusReplyItem mapped to RADIUS $GENERIC$

rlm_ldap: LDAP radiusAuthType mapped to RADIUS Auth-Type

rlm_ldap: LDAP radiusSimultaneousUse mapped to RADIUS Simultaneous-Use

rlm_ldap: LDAP radiusCalledStationId mapped to RADIUS Called-Station-Id

rlm_ldap: LDAP radiusCallingStationId mapped to RADIUS Calling-Station-Id

rlm_ldap: LDAP lmPassword mapped to RADIUS LM-Password

rlm_ldap: LDAP ntPassword mapped to RADIUS NT-Password

rlm_ldap: LDAP sambaLmPassword mapped to RADIUS LM-Password

rlm_ldap: LDAP sambaNtPassword mapped to RADIUS NT-Password

rlm_ldap: LDAP dBCSPwd mapped to RADIUS LM-Password

rlm_ldap: LDAP acctFlags mapped to RADIUS SMB-Account-CTRL-TEXT

rlm_ldap: LDAP radiusExpiration mapped to RADIUS Expiration

rlm_ldap: LDAP radiusNASIpAddress mapped to RADIUS NAS-IP-Address

rlm_ldap: LDAP radiusServiceType mapped to RADIUS Service-Type

rlm_ldap: LDAP radiusFramedProtocol mapped to RADIUS Framed-Protocol

rlm_ldap: LDAP radiusFramedIPAddress mapped to RADIUS Framed-IP-Address

rlm_ldap: LDAP radiusFramedIPNetmask mapped to RADIUS Framed-IP-Netmask

rlm_ldap: LDAP radiusFramedRoute mapped to RADIUS Framed-Route

rlm_ldap: LDAP radiusFramedRouting mapped to RADIUS Framed-Routing

rlm_ldap: LDAP radiusFilterId mapped to RADIUS Filter-Id

rlm_ldap: LDAP radiusFramedMTU mapped to RADIUS Framed-MTU

rlm_ldap: LDAP radiusFramedCompression mapped to RADIUS Framed-Compression

rlm_ldap: LDAP radiusLoginIPHost mapped to RADIUS Login-IP-Host

rlm_ldap: LDAP radiusLoginService mapped to RADIUS Login-Service

rlm_ldap: LDAP radiusLoginTCPPort mapped to RADIUS Login-TCP-Port

rlm_ldap: LDAP radiusCallbackNumber mapped to RADIUS Callback-Number

rlm_ldap: LDAP radiusCallbackId mapped to RADIUS Callback-Id

rlm_ldap: LDAP radiusFramedIPXNetwork mapped to RADIUS Framed-IPX-Network

rlm_ldap: LDAP radiusClass mapped to RADIUS Class

rlm_ldap: LDAP radiusSessionTimeout mapped to RADIUS Session-Timeout

rlm_ldap: LDAP radiusIdleTimeout mapped to RADIUS Idle-Timeout

rlm_ldap: LDAP radiusTerminationAction mapped to RADIUS Termination-Action

rlm_ldap: LDAP radiusLoginLATService mapped to RADIUS Login-LAT-Service

rlm_ldap: LDAP radiusLoginLATNode mapped to RADIUS Login-LAT-Node

rlm_ldap: LDAP radiusLoginLATGroup mapped to RADIUS Login-LAT-Group

rlm_ldap: LDAP radiusFramedAppleTalkLink mapped to RADIUS Framed-AppleTalk-Link

rlm_ldap: LDAP radiusFramedAppleTalkNetwork mapped to RADIUS Framed-AppleTalk-Network

rlm_ldap: LDAP radiusFramedAppleTalkZone mapped to RADIUS Framed-AppleTalk-Zone

rlm_ldap: LDAP radiusPortLimit mapped to RADIUS Port-Limit

rlm_ldap: LDAP radiusLoginLATPort mapped to RADIUS Login-LAT-Port

rlm_ldap: LDAP radiusReplyMessage mapped to RADIUS Reply-Message

conns: 0x9e20568

Module: Linked to module rlm_eap

Module: Instantiating eap

eap {

default_eap_type = "ttls"

timer_expire = 60

ignore_unknown_eap_types = no

cisco_accounting_username_bug = no

max_sessions = 2048

}

Module: Linked to sub-module rlm_eap_md5

Module: Instantiating eap-md5

Module: Linked to sub-module rlm_eap_leap

Module: Instantiating eap-leap

Module: Linked to sub-module rlm_eap_gtc

Module: Instantiating eap-gtc

gtc {

challenge = "password"

auth_type = "PAP"

}

Module: Linked to sub-module rlm_eap_tls

Module: Instantiating eap-tls

tls {

rsa_key_exchange = no

dh_key_exchange = no

rsa_key_length = 1024

dh_key_length = 1024

verify_depth = 1

pem_file_type = yes

private_key_file = "/etc/freeradius/certs/server.key"

certificate_file = "/etc/freeradius/certs/server.pem"

CA_file = "/etc/freeradius/certs/ca.pem"

private_key_password = "whatever"

dh_file = "/etc/freeradius/certs/dh"

random_file = "/etc/freeradius/certs/random"

fragment_size = 1024

include_length = yes

check_crl = no

check_cert_cn = "%{User-Name}"

make_cert_command = "/etc/freeradius/certs/bootstrap"

cache {

enable = no

lifetime = 24

max_entries = 255

}

}

Module: Linked to sub-module rlm_eap_ttls

Module: Instantiating eap-ttls

ttls {

default_eap_type = "gtc"

copy_request_to_tunnel = yes

use_tunneled_reply = no

}

Module: Checking authorize {...} for more modules to load

Module: Linked to module rlm_expiration

Module: Instantiating expiration

expiration {

reply-message = "Password Has Expired "

}

Module: Linked to module rlm_logintime

Module: Instantiating logintime

logintime {

reply-message = "You are calling outside your allowed timespan "

minimum-timeout = 60

}

Module: Checking session {...} for more modules to load

Module: Linked to module rlm_radutmp

Module: Instantiating radutmp

radutmp {

filename = "/var/log/freeradius/radutmp"

username = "%{User-Name}"

case_sensitive = yes

check_with_nas = yes

perm = 384

callerid = yes

}

Module: Checking post-proxy {...} for more modules to load

Module: Checking post-auth {...} for more modules to load

Module: Linked to module rlm_attr_filter

Module: Instantiating attr_filter.access_reject

attr_filter attr_filter.access_reject {

attrsfile = "/etc/freeradius/attrs.access_reject"

key = "%{User-Name}"

}

}

}

modules {

Module: Checking authenticate {...} for more modules to load

Module: Checking authorize {...} for more modules to load

Module: Linked to module rlm_preprocess

Module: Instantiating preprocess

preprocess {

huntgroups = "/etc/freeradius/huntgroups"

hints = "/etc/freeradius/hints"

with_ascend_hack = no

ascend_channels_per_line = 23

with_ntdomain_hack = no

with_specialix_jetstream_hack = no

with_cisco_vsa_hack = no

with_alvarion_vsa_hack = no

}

Module: Linked to module rlm_detail

Module: Instantiating auth_log

detail auth_log {

detailfile = "/var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d"

header = "%t"

detailperm = 384

dirperm = 493

locking = no

log_packet_header = no

}

Module: Checking preacct {...} for more modules to load

Module: Linked to module rlm_acct_unique

Module: Instantiating acct_unique

acct_unique {

key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"

}

Module: Linked to module rlm_realm

Module: Instantiating suffix

realm suffix {

format = "suffix"

delimiter = "@"

ignore_default = no

ignore_null = no

}

Module: Linked to module rlm_files

Module: Instantiating files

files {

usersfile = "/etc/freeradius/users"

acctusersfile = "/etc/freeradius/acct_users"

preproxy_usersfile = "/etc/freeradius/preproxy_users"

compat = "no"

}

Module: Checking accounting {...} for more modules to load

Module: Instantiating detail

detail {

detailfile = "/var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d"

header = "%t"

detailperm = 384

dirperm = 493

locking = no

log_packet_header = no

}

Module: Linked to module rlm_unix

Module: Instantiating unix

unix {

radwtmp = "/var/log/freeradius/radwtmp"

}

Module: Instantiating attr_filter.accounting_response

attr_filter attr_filter.accounting_response {

attrsfile = "/etc/freeradius/attrs.accounting_response"

key = "%{User-Name}"

}

Module: Checking session {...} for more modules to load

Module: Checking post-auth {...} for more modules to load

}

radiusd: #### Opening IP addresses and Ports ####

listen {

type = "auth"

ipaddr = 172.168.1.254

port = 1812

}

listen {

type = "control"

listen {

socket = "/var/run/freeradius/freeradius.sock"

}

}

Listening on authentication address 172.168.1.254 port 1812

Listening on command file /var/run/freeradius/freeradius.sock

Ready to process requests.

rad_recv: Access-Request packet from host 172.168.1.1 port 34141, id=0, length=145

User-Name = "test"

NAS-IP-Address = 172.168.1.1

NAS-Identifier = "nas"

NAS-Port = 0

Called-Station-Id = "00-1E-90-9D-DA-65:"

Calling-Station-Id = "00-1C-25-CB-69-64"

Framed-MTU = 1400

NAS-Port-Type = Wireless-802.11

Connect-Info = "CONNECT 0Mbps 802.11"

EAP-Message = 0x020100090174657374

Message-Authenticator = 0x8cfb79126134288476a9213bbe5b1482

+- entering group authorize {...}

++[preprocess] returns ok

[auth_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/freeradius/radacct/172.168.1.1/auth-detail-20090525

[auth_log] /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/172.168.1.1/auth-detail-20090525

[auth_log] expand: %t -> Mon May 25 14:50:46 2009

++[auth_log] returns ok

[eap] EAP packet type response id 1 length 9

[eap] No EAP Start, assuming it's an on-going EAP conversation

++[eap] returns updated

[openldap] performing user authorization for test

[openldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details

[openldap] expand: (uid=%{Stripped-User-Name:-%{User-Name}}) -> (uid=test)

[openldap] expand: dc=thales,dc=com -> dc=thales,dc=com

rlm_ldap: ldap_get_conn: Checking Id: 0

rlm_ldap: ldap_get_conn: Got Id: 0

rlm_ldap: attempting LDAP reconnection

rlm_ldap: (re)connect to 127.0.0.1:389, authentication 0

rlm_ldap: bind as / to 127.0.0.1:389

rlm_ldap: waiting for bind result ...

rlm_ldap: Bind was successful

rlm_ldap: performing search in dc=thales,dc=com, with filter (uid=test)

[openldap] No default NMAS login sequence

[openldap] looking for check items in directory...

[openldap] looking for reply items in directory...

WARNING: No "known good" password was found in LDAP. Are you sure that the user is configured correctly?

[openldap] user test authorized to use remote access

rlm_ldap: ldap_release_conn: Release Id: 0

++[openldap] returns ok

++[expiration] returns noop

++[logintime] returns noop

Found Auth-Type = EAP

+- entering group authenticate {...}

[eap] EAP Identity

[eap] processing type tls

[tls] Initiate

[tls] Start returned 1

++[eap] returns handled

Sending Access-Challenge of id 0 to 172.168.1.1 port 34141

EAP-Message = 0x010200061520

Message-Authenticator = 0x00000000000000000000000000000000

State = 0x47ddcbe847dfdebd14cb1c72c057a598

Finished request 0.

Going to the next request

Waking up in 4.9 seconds.

rad_recv: Access-Request packet from host 172.168.1.1 port 34141, id=1, length=257

User-Name = "test"

NAS-IP-Address = 172.168.1.1

NAS-Identifier = "nas"

NAS-Port = 0

Called-Station-Id = "00-1E-90-9D-DA-65:"

Calling-Station-Id = "00-1C-25-CB-69-64"

Framed-MTU = 1400

NAS-Port-Type = Wireless-802.11

Connect-Info = "CONNECT 0Mbps 802.11"

EAP-Message = 0x0202006715800000005d16030100580100005403014a1aae6d8881711bb11d6e87ed9df15e0b60

34142a9d505ce696af4b6fb47ee100002600390038003500160013000a00330032002f00050004001

50012000900140011000800060003020100000400230000

State = 0x47ddcbe847dfdebd14cb1c72c057a598

Message-Authenticator = 0x999036d840ebc6a79fb4133da0b0012a

+- entering group authorize {...}

++[preprocess] returns ok

[auth_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/freeradius/radacct/172.168.1.1/auth-detail-20090525

[auth_log] /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/172.168.1.1/auth-detail-20090525

[auth_log] expand: %t -> Mon May 25 14:50:46 2009

++[auth_log] returns ok

[eap] EAP packet type response id 2 length 103

[eap] Continuing tunnel setup.

++[eap] returns ok

Found Auth-Type = EAP

+- entering group authenticate {...}

[eap] Request found, released from the list

[eap] EAP/ttls

[eap] processing type ttls

[ttls] Authenticate

[ttls] processing EAP-TLS

TLS Length 93

[ttls] Length Included

[ttls] eaptls_verify returned 11

[ttls] (other): before/accept initialization

[ttls] TLS_accept: before/accept initialization

[ttls] <<< TLS 1.0 Handshake [length 0058], ClientHello

[ttls] TLS_accept: SSLv3 read client hello A

[ttls] >>> TLS 1.0 Handshake [length 0030], ServerHello

[ttls] TLS_accept: SSLv3 write server hello A

[ttls] >>> TLS 1.0 Handshake [length 082c], Certificate

[ttls] TLS_accept: SSLv3 write certificate A

[ttls] >>> TLS 1.0 Handshake [length 020d], ServerKeyExchange

[ttls] TLS_accept: SSLv3 write key exchange A

[ttls] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone

[ttls] TLS_accept: SSLv3 write server done A

[ttls] TLS_accept: SSLv3 flush data

[ttls] TLS_accept: Need to read more data: SSLv3 read client certificate A

In SSL Handshake Phase

In SSL Accept mode

[ttls] eaptls_process returned 13

++[eap] returns handled

Sending Access-Challenge of id 1 to 172.168.1.1 port 34141

EAP-Message = 0x0103040015c000000a8116030100300200002c03014a1ab0467e0b5792dff3e3471ff9d3b47618

a9c3306b8bee0af1769d05d5be9e00003901000400230000160301082c0b000828000825000392308

2038e30820276a003020102020101300d06092a864886f70d0101040500308189310b300906035504

0613024652310f300d060355040813065261646975733112301006035504071309536f6d657768657

26531123010060355040a13095465737420496e632e311c301a06092a864886f70d010901160d5465

737440746573742e636f6d312330210603550403131a5465737420436572746966696361746520417

574686f72697479301e170d

EAP-Message = 0x3039303532353133303235355a170d3130303532353133303235355a3072310b30090603550406

13024652310f300d0603550408130652616469757331123010060355040a13095465737420496e632

e3120301e060355040313175465737420536572766572204365727469666963617465311c301a0609

2a864886f70d010901160d5465737440746573742e636f6d30820122300d06092a864886f70d01010

105000382010f003082010a0282010100eb8333f4fcdc0ecac4e4062333d2ff5504318967ddbafd5d

aad6bfce8cc917c580e7ebc9c44465866f59ed3eb421c810d3d50f8e1141d7258200e730b28a15a09

48bcc3f704a76efe306f9f7

EAP-Message = 0xd15f686643b391c246630479196ca5d391ddc0e11625dc3778542e3e204cab06a49682ddfa603a

1c205482c7505da685b47c7d1edff50a363a7ef4954649b69fbc9c4382fa21c890e99b5086c9d841a

004ca19a4b9381807ae1c2322accf508f8fd426a31cd946a39cec1f6285d212f051297e8ecc1cd459

487d772cd61392039b9942a0446003ac97ab5f4b02213bdec2ff867e0cbcde5bd01f2c0bc4fdeed22

ddd644e4e3c83d0bef985ce451ea7da54c80f7d0203010001a317301530130603551d25040c300a06

082b06010505070301300d06092a864886f70d01010405000382010100157d57a027118106529da2e

1df1f6e3cc2ee61c9b7907d

EAP-Message = 0xd3c31dcfb5182bb2ba9f029af27f722079662fbbcd9557aac828d9aca889b51a29bdb4a2243bb8

71e5752de804c797adf06f36d64d4dc957dbba0e4360e4d1109d8fba0bb27bbc5fe06d396883e096e

90b29cffda7bfefa64632f31a1277cc79a871e48da1165dc6141b15ccc2c435f41ffe99945009a291

b3d5c94c1be43b15aae0531af6016c4e2d8d44f32981c5cfe578e0bce6df5fd019c291213de0fa5cf

c99f98cdde68deb0aa7c63b039e7ca7584065d46c257c81d71a720a64562173ce09c2a4a974abc287

221f6c51ac2a5d0eaba9d51292bf1f8be47186be9b206dc4ee5905a939b0812c00048d30820489308

20371a003020102020900d1

EAP-Message = 0x72e6eb3365807d300d06092a

Message-Authenticator = 0x00000000000000000000000000000000

State = 0x47ddcbe846dedebd14cb1c72c057a598

Finished request 1.

Going to the next request

Waking up in 4.4 seconds.

rad_recv: Access-Request packet from host 172.168.1.1 port 34141, id=2, length=160

User-Name = "test"

NAS-IP-Address = 172.168.1.1

NAS-Identifier = "nas"

NAS-Port = 0

Called-Station-Id = "00-1E-90-9D-DA-65:"

Calling-Station-Id = "00-1C-25-CB-69-64"

Framed-MTU = 1400

NAS-Port-Type = Wireless-802.11

Connect-Info = "CONNECT 0Mbps 802.11"

EAP-Message = 0x020300061500

State = 0x47ddcbe846dedebd14cb1c72c057a598

Message-Authenticator = 0xb756837390e197bfafc6b487b4300878

+- entering group authorize {...}

++[preprocess] returns ok

[auth_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/freeradius/radacct/172.168.1.1/auth-detail-20090525

[auth_log] /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/172.168.1.1/auth-detail-20090525

[auth_log] expand: %t -> Mon May 25 14:50:46 2009

++[auth_log] returns ok

[eap] EAP packet type response id 3 length 6

[eap] Continuing tunnel setup.

++[eap] returns ok

Found Auth-Type = EAP

+- entering group authenticate {...}

[eap] Request found, released from the list

[eap] EAP/ttls

[eap] processing type ttls

[ttls] Authenticate

[ttls] processing EAP-TLS

[ttls] Received TLS ACK

[ttls] ACK handshake fragment handler

[ttls] eaptls_verify returned 1

[ttls] eaptls_process returned 13

++[eap] returns handled

Sending Access-Challenge of id 2 to 172.168.1.1 port 34141

EAP-Message = 0x0104040015c000000a81864886f70d0101050500308189310b3009060355040613024652310f30

0d060355040813065261646975733112301006035504071309536f6d6577686572653112301006035

5040a13095465737420496e632e311c301a06092a864886f70d010901160d5465737440746573742e

636f6d312330210603550403131a5465737420436572746966696361746520417574686f726974793

01e170d3039303532353133303235355a170d3130303532353133303235355a308189310b30090603

55040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776

86572653112301006035504

EAP-Message = 0x0a13095465737420496e632e311c301a06092a864886f70d010901160d5465737440746573742e

636f6d312330210603550403131a5465737420436572746966696361746520417574686f726974793

0820122300d06092a864886f70d01010105000382010f003082010a0282010100e3d5489273e00c96

bbc4b0361e979ca1b96dd173d2bb435c7ad147ac796b54e8a5be5011ca7753d5e90346d12f3046f74

57c14c165af4e7c9b27a373b397b06569c4fc3f70f32dec42a333afc8ee2a42f79c8c673f03fcdf29

d635b3838eac56066975187d7854899d10fd3e2424610376517e3b2a6ddea5d237e97a068aa56e276

93919fcefbe88bd44af3d65

EAP-Message = 0x9f658d22c765a6401ded3dca605be94563084cc8f30d5f575c82a67dd83d9d5486f0b41953d38f

b8aba7ec1d9fedc2a978dd4597111f037a9bb668c4986579abc6a14fbb647e5b2165eee4d3dda293b

414bab11b2b58515a56387e067aaf4c5c7af06ecc0091749ff6bee111873420429f7ca50203010001

a381f13081ee301d0603551d0e0416041465b582a2d1e3bf81d9087bdfd03434d1ca052a3b3081be0

603551d230481b63081b3801465b582a2d1e3bf81d9087bdfd03434d1ca052a3ba1818fa4818c3081

89310b3009060355040613024652310f300d060355040813065261646975733112301006035504071

309536f6d65776865726531

EAP-Message = 0x123010060355040a13095465737420496e632e311c301a06092a864886f70d010901160d546573

7440746573742e636f6d312330210603550403131a546573742043657274696669636174652041757

4686f72697479820900d172e6eb3365807d300c0603551d13040530030101ff300d06092a864886f7

0d01010505000382010100016af7b0a9b3e272df2c143b3767235aaffab7b0c24b68aea10a2a0d15f

2725d0babdd2707b2d1c2ff4570b938e11df4ad915aba9813402ec4929be3b0fc07d512bad7b07e4c

f96338aefa8baa4ca5e46c5a4c66c57f3c67e0ac6829f2732ff27ca39f1b5b866ab1533f0bd5547a7

d212da410e6f2f148b42371

EAP-Message = 0x803ab77f54405027f6b6c0bc

Message-Authenticator = 0x00000000000000000000000000000000

State = 0x47ddcbe845d9debd14cb1c72c057a598

Finished request 2.

Going to the next request

Waking up in 4.4 seconds.

rad_recv: Access-Request packet from host 172.168.1.1 port 34141, id=3, length=160

User-Name = "test"

NAS-IP-Address = 172.168.1.1

NAS-Identifier = "nas"

NAS-Port = 0

Called-Station-Id = "00-1E-90-9D-DA-65:"

Calling-Station-Id = "00-1C-25-CB-69-64"

Framed-MTU = 1400

NAS-Port-Type = Wireless-802.11

Connect-Info = "CONNECT 0Mbps 802.11"

EAP-Message = 0x020400061500

State = 0x47ddcbe845d9debd14cb1c72c057a598

Message-Authenticator = 0xb989eb3772f0f9735ec8a3783262ca72

+- entering group authorize {...}

++[preprocess] returns ok

[auth_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/freeradius/radacct/172.168.1.1/auth-detail-20090525

[auth_log] /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/172.168.1.1/auth-detail-20090525

[auth_log] expand: %t -> Mon May 25 14:50:46 2009

++[auth_log] returns ok

[eap] EAP packet type response id 4 length 6

[eap] Continuing tunnel setup.

++[eap] returns ok

Found Auth-Type = EAP

+- entering group authenticate {...}

[eap] Request found, released from the list

[eap] EAP/ttls

[eap] processing type ttls

[ttls] Authenticate

[ttls] processing EAP-TLS

[ttls] Received TLS ACK

[ttls] ACK handshake fragment handler

[ttls] eaptls_verify returned 1

[ttls] eaptls_process returned 13

++[eap] returns handled

Sending Access-Challenge of id 3 to 172.168.1.1 port 34141

EAP-Message = 0x0105029f158000000a81949f633b3e27eff6c8a0e4664f6170b9671c73346e88a0a6cd86812f48

d30d9a9ac2b720b2f3ef36435a21f05e3b7f8984824ae84ba1b20687440f664331f6424eead0d487c

9aef565968277688cbc38364f5aafb891f65bbf3f537d0994bfb0718816ad5e36a6e54491c36b6910

780901e7e34c54ec7c929032160301020d0c0002090080d1aef86be9cc76061c1add1f95552757314

47a62b048a5dc3b67c8718cf93198b88fb9f8c7c3c56efc85eda68d944de9a03822e057d6e67c9bfa

1efb92349a4fe67b803d7420cfa43abc10561c7c3d66e41e9e7541ac7b89ea702bae74c1921883462

43b87a9a844e0bac2b6eeae

EAP-Message = 0x493a5a48d6e588be9a31595eaefb25c50d8b00010200802ddacb6118c8756ddeda9c21f67f040b

91ba6c9fb07d2eb61dcfff337fb87138b442ebe71cdb6b1b2b64b711856de2dcd94bb26bc98b98cf8

152799b00877afd327fb7159e68ee200a045dcf3a05ecfe6d112240a0c506ff25f4b8483ecaef9c29

cf0ebaa3153ff0b1f929025079a1e41d935460ef8f68d17e9040dd619c7c230100cb244e08f235b04

202a8f2f16edb82af470bc07c40ae911b46d071eb20195bce69ffcb8d3397b597ff2093d1148478bc

da9d3577381214ce1ea76695333ddc04823e2124f929d3d39df9908fb30c704fd03dcb3e5c42d4898

c9d2d9beedcc524da42936f

EAP-Message = 0x52bf1cf511a7cf1b91a440c11bc5dad4eec6e6e108dbd31b92cf2463afa0d736193d26f32a685a

5838720e3981954d8039d1138fa96e871ae504026f0f121abadf685273d963b56b7a583c6d4801289

dbbc6c84fc70c8fa97d623a33f5605a5da46d9859c4a25ac32c296cd8aceff3a3e9ddebcf19ad7334

e068e20effe34a62bdc8035617ac5b6f5fb62291196ded2fdb65b428be838214df917090160301000

40e000000

Message-Authenticator = 0x00000000000000000000000000000000

State = 0x47ddcbe844d8debd14cb1c72c057a598

Finished request 3.

Going to the next request

Waking up in 4.3 seconds.

rad_recv: Access-Request packet from host 172.168.1.1 port 34141, id=4, length=362

User-Name = "test"

NAS-IP-Address = 172.168.1.1

NAS-Identifier = "nas"

NAS-Port = 0

Called-Station-Id = "00-1E-90-9D-DA-65:"

Calling-Station-Id = "00-1C-25-CB-69-64"

Framed-MTU = 1400

NAS-Port-Type = Wireless-802.11

Connect-Info = "CONNECT 0Mbps 802.11"

EAP-Message = 0x020500d01580000000c616030100861000008200804a1e5d67f955d597c81ca14812e063166b76

18e376e5b0f664bbc9c5c8f4936e887693f410f9e48a8483650ec0676e279bd65eac346b495083c6f

1f3a246795ceb642e9ec922870e25d30382a7fc362d55a6fabe5cd39a6023d76680d6e7b0c49cc3a9

3979c5b9b61b6fb85b2eacd727cf6d36ef2f5d59840926115876aca49f1403010001011603010030b

eb6b03a7ca7bcdc8f7e7305aea5933399a3bb712ab46d29d7cdb5773dd6d9451ea830d5457dbb3893

0d45a6211cf9ec

State = 0x47ddcbe844d8debd14cb1c72c057a598

Message-Authenticator = 0x7f59457bca9d2044bc0fd9187265710b

+- entering group authorize {...}

++[preprocess] returns ok

[auth_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/freeradius/radacct/172.168.1.1/auth-detail-20090525

[auth_log] /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/172.168.1.1/auth-detail-20090525

[auth_log] expand: %t -> Mon May 25 14:50:46 2009

++[auth_log] returns ok

[eap] EAP packet type response id 5 length 208

[eap] Continuing tunnel setup.

++[eap] returns ok

Found Auth-Type = EAP

+- entering group authenticate {...}

[eap] Request found, released from the list

[eap] EAP/ttls

[eap] processing type ttls

[ttls] Authenticate

[ttls] processing EAP-TLS

TLS Length 198

[ttls] Length Included

[ttls] eaptls_verify returned 11

[ttls] <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange

[ttls] TLS_accept: SSLv3 read client key exchange A

[ttls] <<< TLS 1.0 ChangeCipherSpec [length 0001]

[ttls] <<< TLS 1.0 Handshake [length 0010], Finished

[ttls] TLS_accept: SSLv3 read finished A

[ttls] >>> TLS 1.0 Handshake [length 00aa]???

[ttls] TLS_accept: unknown state

[ttls] >>> TLS 1.0 ChangeCipherSpec [length 0001]

[ttls] TLS_accept: SSLv3 write change cipher spec A

[ttls] >>> TLS 1.0 Handshake [length 0010], Finished

[ttls] TLS_accept: SSLv3 write finished A

[ttls] TLS_accept: SSLv3 flush data

[ttls] (other): SSL negotiation finished successfully

SSL Connection Established

[ttls] eaptls_process returned 13

++[eap] returns handled

Sending Access-Challenge of id 4 to 172.168.1.1 port 34141

EAP-Message = 0x010600f41580000000ea16030100aa040000a60000000000a093542c2081dfa38cc994d77f85c4

c12c4f0b456183e915a9a6eaf241c9f940ee640ceaa54ab361e9e80660dc2a1e4a4f754ff27557691

425c9eec1295252dab3f133bdf1b1049127eaa6cdedff1d355dfdf234a179999b1357853380730f4e

d90e1815aa23a8621b085c3513e0076d582923bdc8239c39caef4693957f384c0e4ac08f74c839bfa

b58f1f9c85f8ef9cc73cc01195b67b5c51894412492391c9f1403010001011603010030122a6ce734

c24f425b0ce16ff1eb9e04af15ff56cfb284d133a9d77bfe84a9d2073bf7fd488d4a2c4f34091a655

eb6d3

Message-Authenticator = 0x00000000000000000000000000000000

State = 0x47ddcbe843dbdebd14cb1c72c057a598

Finished request 4.

Going to the next request

Waking up in 4.1 seconds.

rad_recv: Access-Request packet from host 172.168.1.1 port 34141, id=5, length=160

User-Name = "test"

NAS-IP-Address = 172.168.1.1

NAS-Identifier = "nas"

NAS-Port = 0

Called-Station-Id = "00-1E-90-9D-DA-65:"

Calling-Station-Id = "00-1C-25-CB-69-64"

Framed-MTU = 1400

NAS-Port-Type = Wireless-802.11

Connect-Info = "CONNECT 0Mbps 802.11"

EAP-Message = 0x020600061500

State = 0x47ddcbe843dbdebd14cb1c72c057a598

Message-Authenticator = 0x25c75e2b6914dab9556dec0e930c66a4

+- entering group authorize {...}

++[preprocess] returns ok

[auth_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/freeradius/radacct/172.168.1.1/auth-detail-20090525

[auth_log] /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/172.168.1.1/auth-detail-20090525

[auth_log] expand: %t -> Mon May 25 14:50:47 2009

++[auth_log] returns ok

[eap] EAP packet type response id 6 length 6

[eap] Continuing tunnel setup.

++[eap] returns ok

Found Auth-Type = EAP

+- entering group authenticate {...}

[eap] Request found, released from the list

[eap] EAP/ttls

[eap] processing type ttls

[ttls] Authenticate

[ttls] processing EAP-TLS

[ttls] Received TLS ACK

[ttls] ACK handshake is finished

[ttls] eaptls_verify returned 3

[ttls] eaptls_process returned 3

++[eap] returns handled

Sending Access-Challenge of id 5 to 172.168.1.1 port 34141

EAP-Message = 0x0107000a158000000000

Message-Authenticator = 0x00000000000000000000000000000000

State = 0x47ddcbe842dadebd14cb1c72c057a598

Finished request 5.

Going to the next request

Waking up in 4.1 seconds.

rad_recv: Access-Request packet from host 172.168.1.1 port 34141, id=6, length=229

User-Name = "test"

NAS-IP-Address = 172.168.1.1

NAS-Identifier = "nas"

NAS-Port = 0

Called-Station-Id = "00-1E-90-9D-DA-65:"

Calling-Station-Id = "00-1C-25-CB-69-64"

Framed-MTU = 1400

NAS-Port-Type = Wireless-802.11

Connect-Info = "CONNECT 0Mbps 802.11"

EAP-Message = 0x0207004b15001703010040f1b0106a8c808cf15e72046622af830a338f54b17cc5818538ff8f6f

9cc4b8703116cf93fa4a65ac19f4e90a4c88d5060d62d0fcbb82b30ad3bd8f16ea1c4f06

State = 0x47ddcbe842dadebd14cb1c72c057a598

Message-Authenticator = 0xf874160dbc3dcbeb097c662fccb2db69

+- entering group authorize {...}

++[preprocess] returns ok

[auth_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/freeradius/radacct/172.168.1.1/auth-detail-20090525

[auth_log] /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/172.168.1.1/auth-detail-20090525

[auth_log] expand: %t -> Mon May 25 14:50:47 2009

++[auth_log] returns ok

[eap] EAP packet type response id 7 length 75

[eap] Continuing tunnel setup.

++[eap] returns ok

Found Auth-Type = EAP

+- entering group authenticate {...}

[eap] Request found, released from the list

[eap] EAP/ttls

[eap] processing type ttls

[ttls] Authenticate

[ttls] processing EAP-TLS

[ttls] eaptls_verify returned 7

[ttls] Done initial handshake

[ttls] >>> TLS 1.0 Alert [length 0002], fatal bad_record_mac

TLS Alert write:fatal:bad record mac

[ttls] SSL_read Error

[ttls] eaptls_process returned 4

[eap] Handler failed in EAP/ttls

[eap] Failed in EAP select

++[eap] returns invalid

Failed to authenticate the user.

Login incorrect: [test/<via Auth-Type = EAP>] (from client nas port 0 cli 00-1C-25-CB-69-64)

Using Post-Auth-Type Reject

+- entering group REJECT {...}

[attr_filter.access_reject] expand: %{User-Name} -> test

attr_filter: Matched entry DEFAULT at line 11

++[attr_filter.access_reject] returns updated

Delaying reject of request 6 for 1 seconds

Going to the next request

Waking up in 0.9 seconds.

Sending delayed reject for request 6

Sending Access-Reject of id 6 to 172.168.1.1 port 34141

EAP-Message = 0x04070004

Message-Authenticator = 0x00000000000000000000000000000000

Waking up in 3.1 seconds.

Cleaning up request 0 ID 0 with timestamp +4

Waking up in 0.5 seconds.

Cleaning up request 1 ID 1 with timestamp +4

Cleaning up request 2 ID 2 with timestamp +4

Cleaning up request 3 ID 3 with timestamp +4

Waking up in 0.2 seconds.

Cleaning up request 4 ID 4 with timestamp +4

Cleaning up request 5 ID 5 with timestamp +5

Waking up in 1.0 seconds.

Cleaning up request 6 ID 6 with timestamp +5

Ready to process requests.

HOSTAPD

Configuration file: /etc/hostapd/hostapd.conf

ctrl_interface_group=0

eapol_version=2

Opening raw packet socket for ifindex 3

BSS count 1, BSSID mask ff:ff:ff:ff:ff:ff (0 bits)

eth0: IEEE 802.11 Fetching hardware channel/rate support not supported.

Flushing old station entries

Deauthenticate all stations

Using interface eth0 with hwaddr 00:1e:90:9d:da:65 and ssid ''

eth0: RADIUS Authentication server 172.168.1.254:1812

eth0: Setup of interface done.

Received EAPOL packet

Data frame from unknown STA 00:1c:25:cb:69:64 - adding a new STA

New STA

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: start authentication

IEEE 802.1X: 00:1c:25:cb:69:64 AUTH_PAE entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 BE_AUTH entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 AUTH_KEY_TX entering state NO_KEY_TRANSMIT

IEEE 802.1X: 00:1c:25:cb:69:64 KEY_RX entering state NO_KEY_RECEIVE

IEEE 802.1X: 00:1c:25:cb:69:64 CTRL_DIR entering state IN_OR_BOTH

IEEE 802.1X: 00:1c:25:cb:69:64 AUTH_PAE entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 BE_AUTH entering state IDLE

IEEE 802.1X: 00:1c:25:cb:69:64 KEY_RX entering state NO_KEY_RECEIVE

IEEE 802.1X: 00:1c:25:cb:69:64 CTRL_DIR entering state FORCE_BOTH

IEEE 802.1X: 00:1c:25:cb:69:64 AUTH_PAE entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 KEY_RX entering state NO_KEY_RECEIVE

IEEE 802.1X: 46 bytes from 00:1c:25:cb:69:64

IEEE 802.1X: version=2 type=2 length=0

ignoring 42 extra octets after IEEE 802.1X packet

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: received EAPOL-Logoff from STA

IEEE 802.1X: 00:1c:25:cb:69:64 AUTH_PAE entering state DISCONNECTED

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: unauthorizing port

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 AUTH_PAE entering state RESTART

IEEE 802.1X: station 00:1c:25:cb:69:64 - new auth session, clearing State

IEEE 802.1X: Generated EAP Request-Identity for 00:1c:25:cb:69:64 (identifier 0, timeout 30)

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 AUTH_PAE entering state CONNECTING

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 AUTH_PAE entering state AUTHENTICATING

IEEE 802.1X: 00:1c:25:cb:69:64 BE_AUTH entering state REQUEST

IEEE 802.1X: Sending EAP Packet to 00:1c:25:cb:69:64 (identifier 0)

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

Received EAPOL packet

IEEE 802.1X: 46 bytes from 00:1c:25:cb:69:64

IEEE 802.1X: version=2 type=1 length=0

ignoring 42 extra octets after IEEE 802.1X packet

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: received EAPOL-Start from STA

IEEE 802.1X: 00:1c:25:cb:69:64 AUTH_PAE entering state ABORTING

IEEE 802.1X: 00:1c:25:cb:69:64 BE_AUTH entering state INITIALIZE

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: aborting authentication

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 AUTH_PAE entering state RESTART

IEEE 802.1X: station 00:1c:25:cb:69:64 - new auth session, clearing State

IEEE 802.1X: Generated EAP Request-Identity for 00:1c:25:cb:69:64 (identifier 1, timeout 30)

IEEE 802.1X: 00:1c:25:cb:69:64 BE_AUTH entering state IDLE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 AUTH_PAE entering state CONNECTING

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 AUTH_PAE entering state AUTHENTICATING

IEEE 802.1X: 00:1c:25:cb:69:64 BE_AUTH entering state REQUEST

IEEE 802.1X: Sending EAP Packet to 00:1c:25:cb:69:64 (identifier 1)

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

Received EAPOL packet

IEEE 802.1X: 46 bytes from 00:1c:25:cb:69:64

IEEE 802.1X: version=2 type=0 length=9

ignoring 33 extra octets after IEEE 802.1X packet

EAP: code=2 identifier=1 length=9 (response)

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: received EAP packet (code=2 id=1 len=9) from STA: EAP Response-Identity (1)

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: STA identity 'test'

IEEE 802.1X: 00:1c:25:cb:69:64 BE_AUTH entering state RESPONSE

Encapsulating EAP message into a RADIUS packet

eth0: RADIUS Sending RADIUS message to authentication server

RADIUS message: code=1 (Access-Request) identifier=0 length=145

Attribute 1 (User-Name) length=6

Value: 'test'

Attribute 4 (NAS-IP-Address) length=6

Value: 172.168.1.1

Attribute 32 (NAS-Identifier) length=5

Value: 'nas'

Attribute 5 (NAS-Port) length=6

Value: 0

Attribute 30 (Called-Station-Id) length=20

Value: '00-1E-90-9D-DA-65:'

Attribute 31 (Calling-Station-Id) length=19

Value: '00-1C-25-CB-69-64'

Attribute 12 (Framed-MTU) length=6

Value: 1400

Attribute 61 (NAS-Port-Type) length=6

Value: 19

Attribute 77 (Connect-Info) length=22

Value: 'CONNECT 0Mbps 802.11'

Attribute 79 (EAP-Message) length=11

Value: 02 01 00 09 01 74 65 73 74

Attribute 80 (Message-Authenticator) length=18

Value: 8c fb 79 12 61 34 28 84 76 a9 21 3b be 5b 14 82

eth0: RADIUS Next RADIUS client retransmit in 3 seconds

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

eth0: RADIUS Received 64 bytes from RADIUS server

eth0: RADIUS Received RADIUS message

RADIUS message: code=11 (Access-Challenge) identifier=0 length=64

Attribute 79 (EAP-Message) length=8

Value: 01 02 00 06 15 20

Attribute 80 (Message-Authenticator) length=18

Value: 9c 2e 4f 5a 7a 7d f4 77 21 87 f5 fd 72 b5 9d c8

Attribute 24 (State) length=18

Value: 47 dd cb e8 47 df de bd 14 cb 1c 72 c0 57 a5 98

eth0: STA 00:1c:25:cb:69:64 RADIUS: Received RADIUS packet matched with a pending request, round trip time 0.20 sec

RADIUS packet matching with station 00:1c:25:cb:69:64

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: using EAP timeout of 30 seconds

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: decapsulated EAP packet (code=1 id=2 len=6) from RADIUS server: EAP-Request-TTLS (21)

IEEE 802.1X: 00:1c:25:cb:69:64 BE_AUTH entering state REQUEST

IEEE 802.1X: Sending EAP Packet to 00:1c:25:cb:69:64 (identifier 2)

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

Received EAPOL packet

IEEE 802.1X: 107 bytes from 00:1c:25:cb:69:64

IEEE 802.1X: version=2 type=0 length=103

EAP: code=2 identifier=2 length=103 (response)

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: received EAP packet (code=2 id=2 len=103) from STA: EAP Response-TTLS (21)

IEEE 802.1X: 00:1c:25:cb:69:64 BE_AUTH entering state RESPONSE

Encapsulating EAP message into a RADIUS packet

Copied RADIUS State Attribute

eth0: RADIUS Sending RADIUS message to authentication server

RADIUS message: code=1 (Access-Request) identifier=1 length=257

Attribute 1 (User-Name) length=6

Value: 'test'

Attribute 4 (NAS-IP-Address) length=6

Value: 172.168.1.1

Attribute 32 (NAS-Identifier) length=5

Value: 'nas'

Attribute 5 (NAS-Port) length=6

Value: 0

Attribute 30 (Called-Station-Id) length=20

Value: '00-1E-90-9D-DA-65:'

Attribute 31 (Calling-Station-Id) length=19

Value: '00-1C-25-CB-69-64'

Attribute 12 (Framed-MTU) length=6

Value: 1400

Attribute 61 (NAS-Port-Type) length=6

Value: 19

Attribute 77 (Connect-Info) length=22

Value: 'CONNECT 0Mbps 802.11'

Attribute 79 (EAP-Message) length=105

Value: 02 02 00 67 15 80 00 00 00 5d 16 03 01 00 58 01 00 00 54 03 01 4a 1a ae 6d 88 81 71 1b b1 1d 6e 87 ed 9d f1 5e 0b 60 34 14 2a 9d 50 5c e6 96 af 4b 6f b4 7e e1 00 00 26 00 39 00 38 00 35 00 16 00 13 00 0a 00 33 00 32 00 2f 00 05 00 04 00 15 00 12 00 09 00 14 00 11 00 08 00 06 00 03 02 01 00 00 04 00 23 00 00

Attribute 24 (State) length=18

Value: 47 dd cb e8 47 df de bd 14 cb 1c 72 c0 57 a5 98

Attribute 80 (Message-Authenticator) length=18

Value: 99 90 36 d8 40 eb c6 a7 9f b4 13 3d a0 b0 01 2a

eth0: RADIUS Next RADIUS client retransmit in 3 seconds

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

eth0: RADIUS Received 1090 bytes from RADIUS server

eth0: RADIUS Received RADIUS message

RADIUS message: code=11 (Access-Challenge) identifier=1 length=1090

Attribute 79 (EAP-Message) length=255

Value: 01 03 04 00 15 c0 00 00 0a 81 16 03 01 00 30 02 00 00 2c 03 01 4a 1a b0 46 7e 0b 57 92 df f3 e3 47 1f f9 d3 b4 76 18 a9 c3 30 6b 8b ee 0a f1 76 9d 05 d5 be 9e 00 00 39 01 00 04 00 23 00 00 16 03 01 08 2c 0b 00 08 28 00 08 25 00 03 92 30 82 03 8e 30 82 02 76 a0 03 02 01 02 02 01 01 30 0d 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 30 81 89 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 13 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 13 09 53 6f 6d 65 77 68 65 72 65 31 12 30 10 06 03 55 04 0a 13 09 54 65 73 74 20 49 6e 63 2e 31 1c 30 1a 06 09 2a 86 48 86 f7 0d 01 09 01 16 0d 54 65 73 74 40 74 65 73 74 2e 63 6f 6d 31 23 30 21 06 03 55 04 03 13 1a 54 65 73 74 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 1e 17 0d

Attribute 79 (EAP-Message) length=255

Value: 30 39 30 35 32 35 31 33 30 32 35 35 5a 17 0d 31 30 30 35 32 35 31 33 30 32 35 35 5a 30 72 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 13 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 0a 13 09 54 65 73 74 20 49 6e 63 2e 31 20 30 1e 06 03 55 04 03 13 17 54 65 73 74 20 53 65 72 76 65 72 20 43 65 72 74 69 66 69 63 61 74 65 31 1c 30 1a 06 09 2a 86 48 86 f7 0d 01 09 01 16 0d 54 65 73 74 40 74 65 73 74 2e 63 6f 6d 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 eb 83 33 f4 fc dc 0e ca c4 e4 06 23 33 d2 ff 55 04 31 89 67 dd ba fd 5d aa d6 bf ce 8c c9 17 c5 80 e7 eb c9 c4 44 65 86 6f 59 ed 3e b4 21 c8 10 d3 d5 0f 8e 11 41 d7 25 82 00 e7 30 b2 8a 15 a0 94 8b cc 3f 70 4a 76 ef e3 06 f9 f7

Attribute 79 (EAP-Message) length=255

Value: d1 5f 68 66 43 b3 91 c2 46 63 04 79 19 6c a5 d3 91 dd c0 e1 16 25 dc 37 78 54 2e 3e 20 4c ab 06 a4 96 82 dd fa 60 3a 1c 20 54 82 c7 50 5d a6 85 b4 7c 7d 1e df f5 0a 36 3a 7e f4 95 46 49 b6 9f bc 9c 43 82 fa 21 c8 90 e9 9b 50 86 c9 d8 41 a0 04 ca 19 a4 b9 38 18 07 ae 1c 23 22 ac cf 50 8f 8f d4 26 a3 1c d9 46 a3 9c ec 1f 62 85 d2 12 f0 51 29 7e 8e cc 1c d4 59 48 7d 77 2c d6 13 92 03 9b 99 42 a0 44 60 03 ac 97 ab 5f 4b 02 21 3b de c2 ff 86 7e 0c bc de 5b d0 1f 2c 0b c4 fd ee d2 2d dd 64 4e 4e 3c 83 d0 be f9 85 ce 45 1e a7 da 54 c8 0f 7d 02 03 01 00 01 a3 17 30 15 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 30 0d 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 03 82 01 01 00 15 7d 57 a0 27 11 81 06 52 9d a2 e1 df 1f 6e 3c c2 ee 61 c9 b7 90 7d

Attribute 79 (EAP-Message) length=255

Value: d3 c3 1d cf b5 18 2b b2 ba 9f 02 9a f2 7f 72 20 79 66 2f bb cd 95 57 aa c8 28 d9 ac a8 89 b5 1a 29 bd b4 a2 24 3b b8 71 e5 75 2d e8 04 c7 97 ad f0 6f 36 d6 4d 4d c9 57 db ba 0e 43 60 e4 d1 10 9d 8f ba 0b b2 7b bc 5f e0 6d 39 68 83 e0 96 e9 0b 29 cf fd a7 bf ef a6 46 32 f3 1a 12 77 cc 79 a8 71 e4 8d a1 16 5d c6 14 1b 15 cc c2 c4 35 f4 1f fe 99 94 50 09 a2 91 b3 d5 c9 4c 1b e4 3b 15 aa e0 53 1a f6 01 6c 4e 2d 8d 44 f3 29 81 c5 cf e5 78 e0 bc e6 df 5f d0 19 c2 91 21 3d e0 fa 5c fc 99 f9 8c dd e6 8d eb 0a a7 c6 3b 03 9e 7c a7 58 40 65 d4 6c 25 7c 81 d7 1a 72 0a 64 56 21 73 ce 09 c2 a4 a9 74 ab c2 87 22 1f 6c 51 ac 2a 5d 0e ab a9 d5 12 92 bf 1f 8b e4 71 86 be 9b 20 6d c4 ee 59 05 a9 39 b0 81 2c 00 04 8d 30 82 04 89 30 82 03 71 a0 03 02 01 02 02 09 00 d1

Attribute 79 (EAP-Message) length=14

Value: 72 e6 eb 33 65 80 7d 30 0d 06 09 2a

Attribute 80 (Message-Authenticator) length=18

Value: ce 01 8b 1f 83 ea 48 89 38 c9 aa 3f b1 06 c8 f9

Attribute 24 (State) length=18

Value: 47 dd cb e8 46 de de bd 14 cb 1c 72 c0 57 a5 98

eth0: STA 00:1c:25:cb:69:64 RADIUS: Received RADIUS packet matched with a pending request, round trip time 0.51 sec

RADIUS packet matching with station 00:1c:25:cb:69:64

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: using EAP timeout of 30 seconds

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: decapsulated EAP packet (code=1 id=3 len=1024) from RADIUS server: EAP-Request-TTLS (21)

IEEE 802.1X: 00:1c:25:cb:69:64 BE_AUTH entering state REQUEST

IEEE 802.1X: Sending EAP Packet to 00:1c:25:cb:69:64 (identifier 3)

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

Received EAPOL packet

IEEE 802.1X: 46 bytes from 00:1c:25:cb:69:64

IEEE 802.1X: version=2 type=0 length=6

ignoring 36 extra octets after IEEE 802.1X packet

EAP: code=2 identifier=3 length=6 (response)

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: received EAP packet (code=2 id=3 len=6) from STA: EAP Response-TTLS (21)

IEEE 802.1X: 00:1c:25:cb:69:64 BE_AUTH entering state RESPONSE

Encapsulating EAP message into a RADIUS packet

Copied RADIUS State Attribute

eth0: RADIUS Sending RADIUS message to authentication server

RADIUS message: code=1 (Access-Request) identifier=2 length=160

Attribute 1 (User-Name) length=6

Value: 'test'

Attribute 4 (NAS-IP-Address) length=6

Value: 172.168.1.1

Attribute 32 (NAS-Identifier) length=5

Value: 'nas'

Attribute 5 (NAS-Port) length=6

Value: 0

Attribute 30 (Called-Station-Id) length=20

Value: '00-1E-90-9D-DA-65:'

Attribute 31 (Calling-Station-Id) length=19

Value: '00-1C-25-CB-69-64'

Attribute 12 (Framed-MTU) length=6

Value: 1400

Attribute 61 (NAS-Port-Type) length=6

Value: 19

Attribute 77 (Connect-Info) length=22

Value: 'CONNECT 0Mbps 802.11'

Attribute 79 (EAP-Message) length=8

Value: 02 03 00 06 15 00

Attribute 24 (State) length=18

Value: 47 dd cb e8 46 de de bd 14 cb 1c 72 c0 57 a5 98

Attribute 80 (Message-Authenticator) length=18

Value: b7 56 83 73 90 e1 97 bf af c6 b4 87 b4 30 08 78

eth0: RADIUS Next RADIUS client retransmit in 3 seconds

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

eth0: RADIUS Received 1090 bytes from RADIUS server

eth0: RADIUS Received RADIUS message

RADIUS message: code=11 (Access-Challenge) identifier=2 length=1090

Attribute 79 (EAP-Message) length=255

Value: 01 04 04 00 15 c0 00 00 0a 81 86 48 86 f7 0d 01 01 05 05 00 30 81 89 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 13 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 13 09 53 6f 6d 65 77 68 65 72 65 31 12 30 10 06 03 55 04 0a 13 09 54 65 73 74 20 49 6e 63 2e 31 1c 30 1a 06 09 2a 86 48 86 f7 0d 01 09 01 16 0d 54 65 73 74 40 74 65 73 74 2e 63 6f 6d 31 23 30 21 06 03 55 04 03 13 1a 54 65 73 74 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 1e 17 0d 30 39 30 35 32 35 31 33 30 32 35 35 5a 17 0d 31 30 30 35 32 35 31 33 30 32 35 35 5a 30 81 89 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 13 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 13 09 53 6f 6d 65 77 68 65 72 65 31 12 30 10 06 03 55 04

Attribute 79 (EAP-Message) length=255

Value: 0a 13 09 54 65 73 74 20 49 6e 63 2e 31 1c 30 1a 06 09 2a 86 48 86 f7 0d 01 09 01 16 0d 54 65 73 74 40 74 65 73 74 2e 63 6f 6d 31 23 30 21 06 03 55 04 03 13 1a 54 65 73 74 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 e3 d5 48 92 73 e0 0c 96 bb c4 b0 36 1e 97 9c a1 b9 6d d1 73 d2 bb 43 5c 7a d1 47 ac 79 6b 54 e8 a5 be 50 11 ca 77 53 d5 e9 03 46 d1 2f 30 46 f7 45 7c 14 c1 65 af 4e 7c 9b 27 a3 73 b3 97 b0 65 69 c4 fc 3f 70 f3 2d ec 42 a3 33 af c8 ee 2a 42 f7 9c 8c 67 3f 03 fc df 29 d6 35 b3 83 8e ac 56 06 69 75 18 7d 78 54 89 9d 10 fd 3e 24 24 61 03 76 51 7e 3b 2a 6d de a5 d2 37 e9 7a 06 8a a5 6e 27 69 39 19 fc ef be 88 bd 44 af 3d 65

Attribute 79 (EAP-Message) length=255

Value: 9f 65 8d 22 c7 65 a6 40 1d ed 3d ca 60 5b e9 45 63 08 4c c8 f3 0d 5f 57 5c 82 a6 7d d8 3d 9d 54 86 f0 b4 19 53 d3 8f b8 ab a7 ec 1d 9f ed c2 a9 78 dd 45 97 11 1f 03 7a 9b b6 68 c4 98 65 79 ab c6 a1 4f bb 64 7e 5b 21 65 ee e4 d3 dd a2 93 b4 14 ba b1 1b 2b 58 51 5a 56 38 7e 06 7a af 4c 5c 7a f0 6e cc 00 91 74 9f f6 be e1 11 87 34 20 42 9f 7c a5 02 03 01 00 01 a3 81 f1 30 81 ee 30 1d 06 03 55 1d 0e 04 16 04 14 65 b5 82 a2 d1 e3 bf 81 d9 08 7b df d0 34 34 d1 ca 05 2a 3b 30 81 be 06 03 55 1d 23 04 81 b6 30 81 b3 80 14 65 b5 82 a2 d1 e3 bf 81 d9 08 7b df d0 34 34 d1 ca 05 2a 3b a1 81 8f a4 81 8c 30 81 89 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 13 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 13 09 53 6f 6d 65 77 68 65 72 65 31

Attribute 79 (EAP-Message) length=255

Value: 12 30 10 06 03 55 04 0a 13 09 54 65 73 74 20 49 6e 63 2e 31 1c 30 1a 06 09 2a 86 48 86 f7 0d 01 09 01 16 0d 54 65 73 74 40 74 65 73 74 2e 63 6f 6d 31 23 30 21 06 03 55 04 03 13 1a 54 65 73 74 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 82 09 00 d1 72 e6 eb 33 65 80 7d 30 0c 06 03 55 1d 13 04 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 82 01 01 00 01 6a f7 b0 a9 b3 e2 72 df 2c 14 3b 37 67 23 5a af fa b7 b0 c2 4b 68 ae a1 0a 2a 0d 15 f2 72 5d 0b ab dd 27 07 b2 d1 c2 ff 45 70 b9 38 e1 1d f4 ad 91 5a ba 98 13 40 2e c4 92 9b e3 b0 fc 07 d5 12 ba d7 b0 7e 4c f9 63 38 ae fa 8b aa 4c a5 e4 6c 5a 4c 66 c5 7f 3c 67 e0 ac 68 29 f2 73 2f f2 7c a3 9f 1b 5b 86 6a b1 53 3f 0b d5 54 7a 7d 21 2d a4 10 e6 f2 f1 48 b4 23 71

Attribute 79 (EAP-Message) length=14

Value: 80 3a b7 7f 54 40 50 27 f6 b6 c0 bc

Attribute 80 (Message-Authenticator) length=18

Value: 35 0d f4 f5 2b 41 89 cf aa 96 a3 3b 56 d3 95 5f

Attribute 24 (State) length=18

Value: 47 dd cb e8 45 d9 de bd 14 cb 1c 72 c0 57 a5 98

eth0: STA 00:1c:25:cb:69:64 RADIUS: Received RADIUS packet matched with a pending request, round trip time 0.04 sec

RADIUS packet matching with station 00:1c:25:cb:69:64

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: using EAP timeout of 30 seconds

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: decapsulated EAP packet (code=1 id=4 len=1024) from RADIUS server: EAP-Request-TTLS (21)

IEEE 802.1X: 00:1c:25:cb:69:64 BE_AUTH entering state REQUEST

IEEE 802.1X: Sending EAP Packet to 00:1c:25:cb:69:64 (identifier 4)

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

Received EAPOL packet

IEEE 802.1X: 46 bytes from 00:1c:25:cb:69:64

IEEE 802.1X: version=2 type=0 length=6

ignoring 36 extra octets after IEEE 802.1X packet

EAP: code=2 identifier=4 length=6 (response)

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: received EAP packet (code=2 id=4 len=6) from STA: EAP Response-TTLS (21)

IEEE 802.1X: 00:1c:25:cb:69:64 BE_AUTH entering state RESPONSE

Encapsulating EAP message into a RADIUS packet

Copied RADIUS State Attribute

eth0: RADIUS Sending RADIUS message to authentication server

RADIUS message: code=1 (Access-Request) identifier=3 length=160

Attribute 1 (User-Name) length=6

Value: 'test'

Attribute 4 (NAS-IP-Address) length=6

Value: 172.168.1.1

Attribute 32 (NAS-Identifier) length=5

Value: 'nas'

Attribute 5 (NAS-Port) length=6

Value: 0

Attribute 30 (Called-Station-Id) length=20

Value: '00-1E-90-9D-DA-65:'

Attribute 31 (Calling-Station-Id) length=19

Value: '00-1C-25-CB-69-64'

Attribute 12 (Framed-MTU) length=6

Value: 1400

Attribute 61 (NAS-Port-Type) length=6

Value: 19

Attribute 77 (Connect-Info) length=22

Value: 'CONNECT 0Mbps 802.11'

Attribute 79 (EAP-Message) length=8

Value: 02 04 00 06 15 00

Attribute 24 (State) length=18

Value: 47 dd cb e8 45 d9 de bd 14 cb 1c 72 c0 57 a5 98

Attribute 80 (Message-Authenticator) length=18

Value: b9 89 eb 37 72 f0 f9 73 5e c8 a3 78 32 62 ca 72

eth0: RADIUS Next RADIUS client retransmit in 3 seconds

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

eth0: RADIUS Received 733 bytes from RADIUS server

eth0: RADIUS Received RADIUS message

RADIUS message: code=11 (Access-Challenge) identifier=3 length=733

Attribute 79 (EAP-Message) length=255

Value: 01 05 02 9f 15 80 00 00 0a 81 94 9f 63 3b 3e 27 ef f6 c8 a0 e4 66 4f 61 70 b9 67 1c 73 34 6e 88 a0 a6 cd 86 81 2f 48 d3 0d 9a 9a c2 b7 20 b2 f3 ef 36 43 5a 21 f0 5e 3b 7f 89 84 82 4a e8 4b a1 b2 06 87 44 0f 66 43 31 f6 42 4e ea d0 d4 87 c9 ae f5 65 96 82 77 68 8c bc 38 36 4f 5a af b8 91 f6 5b bf 3f 53 7d 09 94 bf b0 71 88 16 ad 5e 36 a6 e5 44 91 c3 6b 69 10 78 09 01 e7 e3 4c 54 ec 7c 92 90 32 16 03 01 02 0d 0c 00 02 09 00 80 d1 ae f8 6b e9 cc 76 06 1c 1a dd 1f 95 55 27 57 31 44 7a 62 b0 48 a5 dc 3b 67 c8 71 8c f9 31 98 b8 8f b9 f8 c7 c3 c5 6e fc 85 ed a6 8d 94 4d e9 a0 38 22 e0 57 d6 e6 7c 9b fa 1e fb 92 34 9a 4f e6 7b 80 3d 74 20 cf a4 3a bc 10 56 1c 7c 3d 66 e4 1e 9e 75 41 ac 7b 89 ea 70 2b ae 74 c1 92 18 83 46 24 3b 87 a9 a8 44 e0 ba c2 b6 ee ae

Attribute 79 (EAP-Message) length=255

Value: 49 3a 5a 48 d6 e5 88 be 9a 31 59 5e ae fb 25 c5 0d 8b 00 01 02 00 80 2d da cb 61 18 c8 75 6d de da 9c 21 f6 7f 04 0b 91 ba 6c 9f b0 7d 2e b6 1d cf ff 33 7f b8 71 38 b4 42 eb e7 1c db 6b 1b 2b 64 b7 11 85 6d e2 dc d9 4b b2 6b c9 8b 98 cf 81 52 79 9b 00 87 7a fd 32 7f b7 15 9e 68 ee 20 0a 04 5d cf 3a 05 ec fe 6d 11 22 40 a0 c5 06 ff 25 f4 b8 48 3e ca ef 9c 29 cf 0e ba a3 15 3f f0 b1 f9 29 02 50 79 a1 e4 1d 93 54 60 ef 8f 68 d1 7e 90 40 dd 61 9c 7c 23 01 00 cb 24 4e 08 f2 35 b0 42 02 a8 f2 f1 6e db 82 af 47 0b c0 7c 40 ae 91 1b 46 d0 71 eb 20 19 5b ce 69 ff cb 8d 33 97 b5 97 ff 20 93 d1 14 84 78 bc da 9d 35 77 38 12 14 ce 1e a7 66 95 33 3d dc 04 82 3e 21 24 f9 29 d3 d3 9d f9 90 8f b3 0c 70 4f d0 3d cb 3e 5c 42 d4 89 8c 9d 2d 9b ee dc c5 24 da 42 93 6f

Attribute 79 (EAP-Message) length=167

Value: 52 bf 1c f5 11 a7 cf 1b 91 a4 40 c1 1b c5 da d4 ee c6 e6 e1 08 db d3 1b 92 cf 24 63 af a0 d7 36 19 3d 26 f3 2a 68 5a 58 38 72 0e 39 81 95 4d 80 39 d1 13 8f a9 6e 87 1a e5 04 02 6f 0f 12 1a ba df 68 52 73 d9 63 b5 6b 7a 58 3c 6d 48 01 28 9d bb c6 c8 4f c7 0c 8f a9 7d 62 3a 33 f5 60 5a 5d a4 6d 98 59 c4 a2 5a c3 2c 29 6c d8 ac ef f3 a3 e9 dd eb cf 19 ad 73 34 e0 68 e2 0e ff e3 4a 62 bd c8 03 56 17 ac 5b 6f 5f b6 22 91 19 6d ed 2f db 65 b4 28 be 83 82 14 df 91 70 90 16 03 01 00 04 0e 00 00 00

Attribute 80 (Message-Authenticator) length=18

Value: 87 0c 1c f3 7e b9 bc 25 aa ce 22 d7 cc 11 d9 bc

Attribute 24 (State) length=18

Value: 47 dd cb e8 44 d8 de bd 14 cb 1c 72 c0 57 a5 98

eth0: STA 00:1c:25:cb:69:64 RADIUS: Received RADIUS packet matched with a pending request, round trip time 0.05 sec

RADIUS packet matching with station 00:1c:25:cb:69:64

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: using EAP timeout of 30 seconds

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: decapsulated EAP packet (code=1 id=5 len=671) from RADIUS server: EAP-Request-TTLS (21)

IEEE 802.1X: 00:1c:25:cb:69:64 BE_AUTH entering state REQUEST

IEEE 802.1X: Sending EAP Packet to 00:1c:25:cb:69:64 (identifier 5)

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

Received EAPOL packet

IEEE 802.1X: 212 bytes from 00:1c:25:cb:69:64

IEEE 802.1X: version=2 type=0 length=208

EAP: code=2 identifier=5 length=208 (response)

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: received EAP packet (code=2 id=5 len=208) from STA: EAP Response-TTLS (21)

IEEE 802.1X: 00:1c:25:cb:69:64 BE_AUTH entering state RESPONSE

Encapsulating EAP message into a RADIUS packet

Copied RADIUS State Attribute

eth0: RADIUS Sending RADIUS message to authentication server

RADIUS message: code=1 (Access-Request) identifier=4 length=362

Attribute 1 (User-Name) length=6

Value: 'test'

Attribute 4 (NAS-IP-Address) length=6

Value: 172.168.1.1

Attribute 32 (NAS-Identifier) length=5

Value: 'nas'

Attribute 5 (NAS-Port) length=6

Value: 0

Attribute 30 (Called-Station-Id) length=20

Value: '00-1E-90-9D-DA-65:'

Attribute 31 (Calling-Station-Id) length=19

Value: '00-1C-25-CB-69-64'

Attribute 12 (Framed-MTU) length=6

Value: 1400

Attribute 61 (NAS-Port-Type) length=6

Value: 19

Attribute 77 (Connect-Info) length=22

Value: 'CONNECT 0Mbps 802.11'

Attribute 79 (EAP-Message) length=210

Value: 02 05 00 d0 15 80 00 00 00 c6 16 03 01 00 86 10 00 00 82 00 80 4a 1e 5d 67 f9 55 d5 97 c8 1c a1 48 12 e0 63 16 6b 76 18 e3 76 e5 b0 f6 64 bb c9 c5 c8 f4 93 6e 88 76 93 f4 10 f9 e4 8a 84 83 65 0e c0 67 6e 27 9b d6 5e ac 34 6b 49 50 83 c6 f1 f3 a2 46 79 5c eb 64 2e 9e c9 22 87 0e 25 d3 03 82 a7 fc 36 2d 55 a6 fa be 5c d3 9a 60 23 d7 66 80 d6 e7 b0 c4 9c c3 a9 39 79 c5 b9 b6 1b 6f b8 5b 2e ac d7 27 cf 6d 36 ef 2f 5d 59 84 09 26 11 58 76 ac a4 9f 14 03 01 00 01 01 16 03 01 00 30 be b6 b0 3a 7c a7 bc dc 8f 7e 73 05 ae a5 93 33 99 a3 bb 71 2a b4 6d 29 d7 cd b5 77 3d d6 d9 45 1e a8 30 d5 45 7d bb 38 93 0d 45 a6 21 1c f9 ec

Attribute 24 (State) length=18

Value: 47 dd cb e8 44 d8 de bd 14 cb 1c 72 c0 57 a5 98

Attribute 80 (Message-Authenticator) length=18

Value: 7f 59 45 7b ca 9d 20 44 bc 0f d9 18 72 65 71 0b

eth0: RADIUS Next RADIUS client retransmit in 3 seconds

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

eth0: RADIUS Received 302 bytes from RADIUS server

eth0: RADIUS Received RADIUS message

RADIUS message: code=11 (Access-Challenge) identifier=4 length=302

Attribute 79 (EAP-Message) length=246

Value: 01 06 00 f4 15 80 00 00 00 ea 16 03 01 00 aa 04 00 00 a6 00 00 00 00 00 a0 93 54 2c 20 81 df a3 8c c9 94 d7 7f 85 c4 c1 2c 4f 0b 45 61 83 e9 15 a9 a6 ea f2 41 c9 f9 40 ee 64 0c ea a5 4a b3 61 e9 e8 06 60 dc 2a 1e 4a 4f 75 4f f2 75 57 69 14 25 c9 ee c1 29 52 52 da b3 f1 33 bd f1 b1 04 91 27 ea a6 cd ed ff 1d 35 5d fd f2 34 a1 79 99 9b 13 57 85 33 80 73 0f 4e d9 0e 18 15 aa 23 a8 62 1b 08 5c 35 13 e0 07 6d 58 29 23 bd c8 23 9c 39 ca ef 46 93 95 7f 38 4c 0e 4a c0 8f 74 c8 39 bf ab 58 f1 f9 c8 5f 8e f9 cc 73 cc 01 19 5b 67 b5 c5 18 94 41 24 92 39 1c 9f 14 03 01 00 01 01 16 03 01 00 30 12 2a 6c e7 34 c2 4f 42 5b 0c e1 6f f1 eb 9e 04 af 15 ff 56 cf b2 84 d1 33 a9 d7 7b fe 84 a9 d2 07 3b f7 fd 48 8d 4a 2c 4f 34 09 1a 65 5e b6 d3

Attribute 80 (Message-Authenticator) length=18

Value: 7d 4e ba bd 81 5f 4b 9a c6 a1 5c df ed 16 73 cd

Attribute 24 (State) length=18

Value: 47 dd cb e8 43 db de bd 14 cb 1c 72 c0 57 a5 98

eth0: STA 00:1c:25:cb:69:64 RADIUS: Received RADIUS packet matched with a pending request, round trip time 0.19 sec

RADIUS packet matching with station 00:1c:25:cb:69:64

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: using EAP timeout of 30 seconds

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: decapsulated EAP packet (code=1 id=6 len=244) from RADIUS server: EAP-Request-TTLS (21)

IEEE 802.1X: 00:1c:25:cb:69:64 BE_AUTH entering state REQUEST

IEEE 802.1X: Sending EAP Packet to 00:1c:25:cb:69:64 (identifier 6)

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

Received EAPOL packet

IEEE 802.1X: 46 bytes from 00:1c:25:cb:69:64

IEEE 802.1X: version=2 type=0 length=6

ignoring 36 extra octets after IEEE 802.1X packet

EAP: code=2 identifier=6 length=6 (response)

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: received EAP packet (code=2 id=6 len=6) from STA: EAP Response-TTLS (21)

IEEE 802.1X: 00:1c:25:cb:69:64 BE_AUTH entering state RESPONSE

Encapsulating EAP message into a RADIUS packet

Copied RADIUS State Attribute

eth0: RADIUS Sending RADIUS message to authentication server

RADIUS message: code=1 (Access-Request) identifier=5 length=160

Attribute 1 (User-Name) length=6

Value: 'test'

Attribute 4 (NAS-IP-Address) length=6

Value: 172.168.1.1

Attribute 32 (NAS-Identifier) length=5

Value: 'nas'

Attribute 5 (NAS-Port) length=6

Value: 0

Attribute 30 (Called-Station-Id) length=20

Value: '00-1E-90-9D-DA-65:'

Attribute 31 (Calling-Station-Id) length=19

Value: '00-1C-25-CB-69-64'

Attribute 12 (Framed-MTU) length=6

Value: 1400

Attribute 61 (NAS-Port-Type) length=6

Value: 19

Attribute 77 (Connect-Info) length=22

Value: 'CONNECT 0Mbps 802.11'

Attribute 79 (EAP-Message) length=8

Value: 02 06 00 06 15 00

Attribute 24 (State) length=18

Value: 47 dd cb e8 43 db de bd 14 cb 1c 72 c0 57 a5 98

Attribute 80 (Message-Authenticator) length=18

Value: 25 c7 5e 2b 69 14 da b9 55 6d ec 0e 93 0c 66 a4

eth0: RADIUS Next RADIUS client retransmit in 3 seconds

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

eth0: RADIUS Received 68 bytes from RADIUS server

eth0: RADIUS Received RADIUS message

RADIUS message: code=11 (Access-Challenge) identifier=5 length=68

Attribute 79 (EAP-Message) length=12

Value: 01 07 00 0a 15 80 00 00 00 00

Attribute 80 (Message-Authenticator) length=18

Value: fa ad ee d8 c5 fe 0c c3 5d f6 22 a3 29 ac 77 64

Attribute 24 (State) length=18

Value: 47 dd cb e8 42 da de bd 14 cb 1c 72 c0 57 a5 98

eth0: STA 00:1c:25:cb:69:64 RADIUS: Received RADIUS packet matched with a pending request, round trip time 0.05 sec

RADIUS packet matching with station 00:1c:25:cb:69:64

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: using EAP timeout of 30 seconds

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: decapsulated EAP packet (code=1 id=7 len=10) from RADIUS server: EAP-Request-TTLS (21)

IEEE 802.1X: 00:1c:25:cb:69:64 BE_AUTH entering state REQUEST

IEEE 802.1X: Sending EAP Packet to 00:1c:25:cb:69:64 (identifier 7)

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

Received EAPOL packet

IEEE 802.1X: 79 bytes from 00:1c:25:cb:69:64

IEEE 802.1X: version=2 type=0 length=75

EAP: code=2 identifier=7 length=75 (response)

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: received EAP packet (code=2 id=7 len=75) from STA: EAP Response-TTLS (21)

IEEE 802.1X: 00:1c:25:cb:69:64 BE_AUTH entering state RESPONSE

Encapsulating EAP message into a RADIUS packet

Copied RADIUS State Attribute

eth0: RADIUS Sending RADIUS message to authentication server

RADIUS message: code=1 (Access-Request) identifier=6 length=229

Attribute 1 (User-Name) length=6

Value: 'test'

Attribute 4 (NAS-IP-Address) length=6

Value: 172.168.1.1

Attribute 32 (NAS-Identifier) length=5

Value: 'nas'

Attribute 5 (NAS-Port) length=6

Value: 0

Attribute 30 (Called-Station-Id) length=20

Value: '00-1E-90-9D-DA-65:'

Attribute 31 (Calling-Station-Id) length=19

Value: '00-1C-25-CB-69-64'

Attribute 12 (Framed-MTU) length=6

Value: 1400

Attribute 61 (NAS-Port-Type) length=6

Value: 19

Attribute 77 (Connect-Info) length=22

Value: 'CONNECT 0Mbps 802.11'

Attribute 79 (EAP-Message) length=77

Value: 02 07 00 4b 15 00 17 03 01 00 40 f1 b0 10 6a 8c 80 8c f1 5e 72 04 66 22 af 83 0a 33 8f 54 b1 7c c5 81 85 38 ff 8f 6f 9c c4 b8 70 31 16 cf 93 fa 4a 65 ac 19 f4 e9 0a 4c 88 d5 06 0d 62 d0 fc bb 82 b3 0a d3 bd 8f 16 ea 1c 4f 06

Attribute 24 (State) length=18

Value: 47 dd cb e8 42 da de bd 14 cb 1c 72 c0 57 a5 98

Attribute 80 (Message-Authenticator) length=18

Value: f8 74 16 0d bc 3d cb eb 09 7c 66 2f cc b2 db 69

eth0: RADIUS Next RADIUS client retransmit in 3 seconds

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

eth0: RADIUS Received 44 bytes from RADIUS server

eth0: RADIUS Received RADIUS message

RADIUS message: code=3 (Access-Reject) identifier=6 length=44

Attribute 79 (EAP-Message) length=6

Value: 04 07 00 04

Attribute 80 (Message-Authenticator) length=18

Value: b9 7c 23 f1 cd d5 24 c3 c8 d9 a9 f0 92 eb d0 88

eth0: STA 00:1c:25:cb:69:64 RADIUS: Received RADIUS packet matched with a pending request, round trip time 1.00 sec

RADIUS packet matching with station 00:1c:25:cb:69:64

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: decapsulated EAP packet (code=4 id=7 len=4) from RADIUS server: EAP Failure

IEEE 802.1X: 00:1c:25:cb:69:64 BE_AUTH entering state FAIL

IEEE 802.1X: Sending EAP Packet to 00:1c:25:cb:69:64 (identifier 7)

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 AUTH_PAE entering state HELD

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: unauthorizing port

eth0: STA 00:1c:25:cb:69:64 IEEE 802.1X: authentication failed - EAP type: 21 (TTLS)

IEEE 802.1X: 00:1c:25:cb:69:64 BE_AUTH entering state IDLE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

IEEE 802.1X: 00:1c:25:cb:69:64 REAUTH_TIMER entering state INITIALIZE

Signal 2 received - terminating

Removing station 00:1c:25:cb:69:64

Flushing old station entries

Deauthenticate all stations

XSUPPLICANT

Unknown driver 'wired' requested.

[sTATE] Reinit state machine

[sTATE] [backend_sm] REQUEST -> INITIALIZE

[sTATE] [backend_sm] INITIALIZE -> IDLE

[sTATE] [backend_sm] UNKNOWN -> INITIALIZE

[sTATE] [backend_sm] INITIALIZE -> IDLE

[iNT] Initializing socket for interface eth0..

[iNT] Interface eth0 is NOT wireless!

Couldn't get encryption capabilites!

[iNT] Interface has no encryption capabilities, or unknown abilitites.

[iNT] Interface initialized!

[CONFIG] Working from config file test.conf.

No configuration information for network "(null)" found. Using default.

[iNT] Opened socket descriptor #5

[iNT] Interface eth0 is NOT wireless!

[sTATE] Changing from DISCONNECTED to CONNECTING.

[sTATE] Sending EAPOL-Start Frame.

[ALL] Frame to be sent (18) :

000 | 01 80 c2 00 00 03 00 1c 25 cb 69 64 88 8e 02 01 | ........%.id....

010 | 00 00 | ..

[ALL] Got Frame (60) :

000 | 00 1c 25 cb 69 64 00 1e 90 9d da 65 88 8e 02 00 | ..%.id.....e....

010 | 00 05 01 01 00 05 01 00 00 00 00 00 00 00 00 00 | ................

020 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................

030 | 00 00 00 00 00 00 00 00 00 00 00 00 | ............

[iNT] Changing destination mac to source.

[ALL] Got EAP-Request-Identification.

[sTATE] Changing from CONNECTING to RESTART.

[sTATE] Supplicant PAE has issued a restart.

[sTATE] Changing from RESTART to AUTHENTICATING.

[sTATE] [backend_sm] IDLE -> REQUEST

[ALL] Got EAP-Request-Identification.

[sTATE] Building EAP-Response-ID!

[CONFIG] Identity : test

[sTATE] [backend_sm] REQUEST -> RESPONSE

[ALL] Frame to be sent (27) :

000 | 00 1e 90 9d da 65 00 1c 25 cb 69 64 88 8e 02 00 | .....e..%.id....

010 | 00 09 02 01 00 09 01 74 65 73 74 | .......test

[sTATE] [backend_sm] RESPONSE -> RECEIVE

[ALL] Got Frame (60) :

000 | 00 1c 25 cb 69 64 00 1e 90 9d da 65 88 8e 02 00 | ..%.id.....e....

010 | 00 06 01 02 00 06 15 20 00 00 00 00 00 00 00 00 | ....... ........

020 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................

030 | 00 00 00 00 00 00 00 00 00 00 00 00 | ............

[ALL] Got EAP-Request for type 21 (EAP_TTLS).

[ALL] Got EAP-Request-Authentication.

[sTATE] [backend_sm] RECEIVE -> REQUEST

[ALL] Got EAP-Request for type 21 (EAP_TTLS).

[ALL] Got EAP-Request-Authentication.

[sTATE] Building EAPOL-Response-Authentication

[ALL] (EAP-TTLS) Initialized.

[CONFIG] Trying to load root certificate certs_ttls/ca.pem or certificate directory certs_ttls

[CONFIG] Loaded root certificate certs_ttls/ca.pem and directory certs_ttls

[AUTH TYPE] Packet in (1) :

000 | 20 |

[AUTH TYPE] --- SSL : before/connect initialization

[AUTH TYPE] --- SSL : before/connect initialization

[AUTH TYPE] --- SSL : SSLv3 write client hello A

[AUTH TYPE] --- SSL : SSLv3 read server hello A

[sTATE] [backend_sm] REQUEST -> RESPONSE

[ALL] Frame to be sent (121) :

000 | 00 1e 90 9d da 65 00 1c 25 cb 69 64 88 8e 02 00 | .....e..%.id....

010 | 00 67 02 02 00 67 15 80 00 00 00 5d 16 03 01 00 | .g...g.....]....

020 | 58 01 00 00 54 03 01 4a 1a ae 6d 88 81 71 1b b1 | X...T..J..m..q..

030 | 1d 6e 87 ed 9d f1 5e 0b 60 34 14 2a 9d 50 5c e6 | .n....^.`4.*.P\.

040 | 96 af 4b 6f b4 7e e1 00 00 26 00 39 00 38 00 35 | ..Ko.~...&.9.8.5

050 | 00 16 00 13 00 0a 00 33 00 32 00 2f 00 05 00 04 | .......3.2./....

060 | 00 15 00 12 00 09 00 14 00 11 00 08 00 06 00 03 | ................

070 | 02 01 00 00 04 00 23 00 00 | ......#..

[sTATE] [backend_sm] RESPONSE -> RECEIVE

[ALL] Clock tick! authWhile=29 heldWhile=59 startWhen=29 curState=AUTHENTICATING

[ALL] Got Frame (1042) :

000 | 00 1c 25 cb 69 64 00 1e 90 9d da 65 88 8e 02 00 | ..%.id.....e....

010 | 04 00 01 03 04 00 15 c0 00 00 0a 81 16 03 01 00 | ................

020 | 30 02 00 00 2c 03 01 4a 1a b0 46 7e 0b 57 92 df | 0...,..J..F~.W..

030 | f3 e3 47 1f f9 d3 b4 76 18 a9 c3 30 6b 8b ee 0a | ..G....v...0k...

040 | f1 76 9d 05 d5 be 9e 00 00 39 01 00 04 00 23 00 | .v.......9....#.

050 | 00 16 03 01 08 2c 0b 00 08 28 00 08 25 00 03 92 | .....,...(..%...

060 | 30 82 03 8e 30 82 02 76 a0 03 02 01 02 02 01 01 | 0...0..v........

070 | 30 0d 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 30 | 0...*.H........0

080 | 81 89 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 | ..1.0...U....FR1

090 | 0f 30 0d 06 03 55 04 08 13 06 52 61 64 69 75 73 | .0...U....Radius

0a0 | 31 12 30 10 06 03 55 04 07 13 09 53 6f 6d 65 77 | 1.0...U....Somew

0b0 | 68 65 72 65 31 12 30 10 06 03 55 04 0a 13 09 54 | here1.0...U....T

0c0 | 65 73 74 20 49 6e 63 2e 31 1c 30 1a 06 09 2a 86 | est Inc.1.0...*.

0d0 | 48 86 f7 0d 01 09 01 16 0d 54 65 73 74 40 74 65 | H........Test@te

0e0 | 73 74 2e 63 6f 6d 31 23 30 21 06 03 55 04 03 13 | st.com1#0!..U...

0f0 | 1a 54 65 73 74 20 43 65 72 74 69 66 69 63 61 74 | .Test Certificat

100 | 65 20 41 75 74 68 6f 72 69 74 79 30 1e 17 0d 30 | e Authority0...0

110 | 39 30 35 32 35 31 33 30 32 35 35 5a 17 0d 31 30 | 90525130255Z..10

120 | 30 35 32 35 31 33 30 32 35 35 5a 30 72 31 0b 30 | 0525130255Z0r1.0

130 | 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 | ...U....FR1.0...

140 | 55 04 08 13 06 52 61 64 69 75 73 31 12 30 10 06 | U....Radius1.0..

150 | 03 55 04 0a 13 09 54 65 73 74 20 49 6e 63 2e 31 | .U....Test Inc.1

160 | 20 30 1e 06 03 55 04 03 13 17 54 65 73 74 20 53 | 0...U....Test S

170 | 65 72 76 65 72 20 43 65 72 74 69 66 69 63 61 74 | erver Certificat

180 | 65 31 1c 30 1a 06 09 2a 86 48 86 f7 0d 01 09 01 | e1.0...*.H......

190 | 16 0d 54 65 73 74 40 74 65 73 74 2e 63 6f 6d 30 | ..Test@test.com0

1a0 | 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 | .."0...*.H......

1b0 | 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 | .......0........

1c0 | eb 83 33 f4 fc dc 0e ca c4 e4 06 23 33 d2 ff 55 | ..3........#3..U

1d0 | 04 31 89 67 dd ba fd 5d aa d6 bf ce 8c c9 17 c5 | .1.g...]........

1e0 | 80 e7 eb c9 c4 44 65 86 6f 59 ed 3e b4 21 c8 10 | .....De.oY.>.!..

1f0 | d3 d5 0f 8e 11 41 d7 25 82 00 e7 30 b2 8a 15 a0 | .....A.%...0....

200 | 94 8b cc 3f 70 4a 76 ef e3 06 f9 f7 d1 5f 68 66 | ...?pJv......_hf

210 | 43 b3 91 c2 46 63 04 79 19 6c a5 d3 91 dd c0 e1 | C...Fc.y.l......

220 | 16 25 dc 37 78 54 2e 3e 20 4c ab 06 a4 96 82 dd | .%.7xT.> L......

230 | fa 60 3a 1c 20 54 82 c7 50 5d a6 85 b4 7c 7d 1e | .`:. T..P]...|}.

240 | df f5 0a 36 3a 7e f4 95 46 49 b6 9f bc 9c 43 82 | ...6:~..FI....C.

250 | fa 21 c8 90 e9 9b 50 86 c9 d8 41 a0 04 ca 19 a4 | .!....P...A.....

260 | b9 38 18 07 ae 1c 23 22 ac cf 50 8f 8f d4 26 a3 | .8....#"..P...&.

270 | 1c d9 46 a3 9c ec 1f 62 85 d2 12 f0 51 29 7e 8e | ..F....b....Q)~.

280 | cc 1c d4 59 48 7d 77 2c d6 13 92 03 9b 99 42 a0 | ...YH}w,......B.

290 | 44 60 03 ac 97 ab 5f 4b 02 21 3b de c2 ff 86 7e | D`...._K.!;....~

2a0 | 0c bc de 5b d0 1f 2c 0b c4 fd ee d2 2d dd 64 4e | ...[..,.....-.dN

2b0 | 4e 3c 83 d0 be f9 85 ce 45 1e a7 da 54 c8 0f 7d | N<......E...T..}

2c0 | 02 03 01 00 01 a3 17 30 15 30 13 06 03 55 1d 25 | .......0.0...U.%

2d0 | 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 30 0d | ..0...+.......0.

2e0 | 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 03 82 01 | ..*.H...........

2f0 | 01 00 15 7d 57 a0 27 11 81 06 52 9d a2 e1 df 1f | ...}W.'...R.....

300 | 6e 3c c2 ee 61 c9 b7 90 7d d3 c3 1d cf b5 18 2b | n<..a...}......+

310 | b2 ba 9f 02 9a f2 7f 72 20 79 66 2f bb cd 95 57 | .......r yf/...W

320 | aa c8 28 d9 ac a8 89 b5 1a 29 bd b4 a2 24 3b b8 | ..(......)...$;.

330 | 71 e5 75 2d e8 04 c7 97 ad f0 6f 36 d6 4d 4d c9 | q.u-......o6.MM.

340 | 57 db ba 0e 43 60 e4 d1 10 9d 8f ba 0b b2 7b bc | W...C`........{.

350 | 5f e0 6d 39 68 83 e0 96 e9 0b 29 cf fd a7 bf ef | _.m9h.....).....

360 | a6 46 32 f3 1a 12 77 cc 79 a8 71 e4 8d a1 16 5d | .F2...w.y.q....]

370 | c6 14 1b 15 cc c2 c4 35 f4 1f fe 99 94 50 09 a2 | .......5.....P..

380 | 91 b3 d5 c9 4c 1b e4 3b 15 aa e0 53 1a f6 01 6c | ....L..;...S...l

390 | 4e 2d 8d 44 f3 29 81 c5 cf e5 78 e0 bc e6 df 5f | N-.D.)....x...._

3a0 | d0 19 c2 91 21 3d e0 fa 5c fc 99 f9 8c dd e6 8d | ....!=..\.......

3b0 | eb 0a a7 c6 3b 03 9e 7c a7 58 40 65 d4 6c 25 7c | ....;..|.X@e.l%|

3c0 | 81 d7 1a 72 0a 64 56 21 73 ce 09 c2 a4 a9 74 ab | ...r.dV!s.....t.

3d0 | c2 87 22 1f 6c 51 ac 2a 5d 0e ab a9 d5 12 92 bf | ..".lQ.*].......

3e0 | 1f 8b e4 71 86 be 9b 20 6d c4 ee 59 05 a9 39 b0 | ...q... m..Y..9.

3f0 | 81 2c 00 04 8d 30 82 04 89 30 82 03 71 a0 03 02 | .,...0...0..q...

400 | 01 02 02 09 00 d1 72 e6 eb 33 65 80 7d 30 0d 06 | ......r..3e.}0..

410 | 09 2a | .*

[ALL] Got EAP-Request for type 21 (EAP_TTLS).

[ALL] Got EAP-Request-Authentication.

[sTATE] [backend_sm] RECEIVE -> REQUEST

[ALL] Got EAP-Request for type 21 (EAP_TTLS).

[ALL] Got EAP-Request-Authentication.

[sTATE] Building EAPOL-Response-Authentication

[AUTH TYPE] Packet in (1019) :

000 | c0 00 00 0a 81 16 03 01 00 30 02 00 00 2c 03 01 | .........0...,..

010 | 4a 1a b0 46 7e 0b 57 92 df f3 e3 47 1f f9 d3 b4 | J..F~.W....G....

020 | 76 18 a9 c3 30 6b 8b ee 0a f1 76 9d 05 d5 be 9e | v...0k....v.....

030 | 00 00 39 01 00 04 00 23 00 00 16 03 01 08 2c 0b | ..9....#......,.

040 | 00 08 28 00 08 25 00 03 92 30 82 03 8e 30 82 02 | ..(..%...0...0..

050 | 76 a0 03 02 01 02 02 01 01 30 0d 06 09 2a 86 48 | v........0...*.H

060 | 86 f7 0d 01 01 04 05 00 30 81 89 31 0b 30 09 06 | ........0..1.0..

070 | 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 | .U....FR1.0...U.

080 | 08 13 06 52 61 64 69 75 73 31 12 30 10 06 03 55 | ...Radius1.0...U

090 | 04 07 13 09 53 6f 6d 65 77 68 65 72 65 31 12 30 | ....Somewhere1.0

0a0 | 10 06 03 55 04 0a 13 09 54 65 73 74 20 49 6e 63 | ...U....Test Inc

0b0 | 2e 31 1c 30 1a 06 09 2a 86 48 86 f7 0d 01 09 01 | .1.0...*.H......

0c0 | 16 0d 54 65 73 74 40 74 65 73 74 2e 63 6f 6d 31 | ..Test@test.com1

0d0 | 23 30 21 06 03 55 04 03 13 1a 54 65 73 74 20 43 | #0!..U....Test C

0e0 | 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f | ertificate Autho

0f0 | 72 69 74 79 30 1e 17 0d 30 39 30 35 32 35 31 33 | rity0...09052513

100 | 30 32 35 35 5a 17 0d 31 30 30 35 32 35 31 33 30 | 0255Z..100525130

110 | 32 35 35 5a 30 72 31 0b 30 09 06 03 55 04 06 13 | 255Z0r1.0...U...

120 | 02 46 52 31 0f 30 0d 06 03 55 04 08 13 06 52 61 | .FR1.0...U....Ra

130 | 64 69 75 73 31 12 30 10 06 03 55 04 0a 13 09 54 | dius1.0...U....T

140 | 65 73 74 20 49 6e 63 2e 31 20 30 1e 06 03 55 04 | est Inc.1 0...U.

150 | 03 13 17 54 65 73 74 20 53 65 72 76 65 72 20 43 | ...Test Server C

160 | 65 72 74 69 66 69 63 61 74 65 31 1c 30 1a 06 09 | ertificate1.0...

170 | 2a 86 48 86 f7 0d 01 09 01 16 0d 54 65 73 74 40 | *.H........Test@

180 | 74 65 73 74 2e 63 6f 6d 30 82 01 22 30 0d 06 09 | test.com0.."0...

190 | 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 | *.H.............

1a0 | 30 82 01 0a 02 82 01 01 00 eb 83 33 f4 fc dc 0e | 0..........3....

1b0 | ca c4 e4 06 23 33 d2 ff 55 04 31 89 67 dd ba fd | ....#3..U.1.g...

1c0 | 5d aa d6 bf ce 8c c9 17 c5 80 e7 eb c9 c4 44 65 | ].............De

1d0 | 86 6f 59 ed 3e b4 21 c8 10 d3 d5 0f 8e 11 41 d7 | .oY.>.!.......A.

1e0 | 25 82 00 e7 30 b2 8a 15 a0 94 8b cc 3f 70 4a 76 | %...0.......?pJv

1f0 | ef e3 06 f9 f7 d1 5f 68 66 43 b3 91 c2 46 63 04 | ......_hfC...Fc.

200 | 79 19 6c a5 d3 91 dd c0 e1 16 25 dc 37 78 54 2e | y.l.......%.7xT.

210 | 3e 20 4c ab 06 a4 96 82 dd fa 60 3a 1c 20 54 82 | > L.......`:. T.

220 | c7 50 5d a6 85 b4 7c 7d 1e df f5 0a 36 3a 7e f4 | .P]...|}....6:~.

230 | 95 46 49 b6 9f bc 9c 43 82 fa 21 c8 90 e9 9b 50 | .FI....C..!....P

240 | 86 c9 d8 41 a0 04 ca 19 a4 b9 38 18 07 ae 1c 23 | ...A......8....#

250 | 22 ac cf 50 8f 8f d4 26 a3 1c d9 46 a3 9c ec 1f | "..P...&...F....

260 | 62 85 d2 12 f0 51 29 7e 8e cc 1c d4 59 48 7d 77 | b....Q)~....YH}w

270 | 2c d6 13 92 03 9b 99 42 a0 44 60 03 ac 97 ab 5f | ,......B.D`...._

280 | 4b 02 21 3b de c2 ff 86 7e 0c bc de 5b d0 1f 2c | K.!;....~...[..,

290 | 0b c4 fd ee d2 2d dd 64 4e 4e 3c 83 d0 be f9 85 | .....-.dNN<.....

2a0 | ce 45 1e a7 da 54 c8 0f 7d 02 03 01 00 01 a3 17 | .E...T..}.......

2b0 | 30 15 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b | 0.0...U.%..0...+

2c0 | 06 01 05 05 07 03 01 30 0d 06 09 2a 86 48 86 f7 | .......0...*.H..

2d0 | 0d 01 01 04 05 00 03 82 01 01 00 15 7d 57 a0 27 | ............}W.'

2e0 | 11 81 06 52 9d a2 e1 df 1f 6e 3c c2 ee 61 c9 b7 | ...R.....n<..a..

2f0 | 90 7d d3 c3 1d cf b5 18 2b b2 ba 9f 02 9a f2 7f | .}......+.......

300 | 72 20 79 66 2f bb cd 95 57 aa c8 28 d9 ac a8 89 | r yf/...W..(....

310 | b5 1a 29 bd b4 a2 24 3b b8 71 e5 75 2d e8 04 c7 | ..)...$;.q.u-...

320 | 97 ad f0 6f 36 d6 4d 4d c9 57 db ba 0e 43 60 e4 | ...o6.MM.W...C`.

330 | d1 10 9d 8f ba 0b b2 7b bc 5f e0 6d 39 68 83 e0 | .......{._.m9h..

340 | 96 e9 0b 29 cf fd a7 bf ef a6 46 32 f3 1a 12 77 | ...)......F2...w

350 | cc 79 a8 71 e4 8d a1 16 5d c6 14 1b 15 cc c2 c4 | .y.q....].......

360 | 35 f4 1f fe 99 94 50 09 a2 91 b3 d5 c9 4c 1b e4 | 5.....P......L..

370 | 3b 15 aa e0 53 1a f6 01 6c 4e 2d 8d 44 f3 29 81 | ;...S...lN-.D.).

380 | c5 cf e5 78 e0 bc e6 df 5f d0 19 c2 91 21 3d e0 | ...x...._....!=.

390 | fa 5c fc 99 f9 8c dd e6 8d eb 0a a7 c6 3b 03 9e | .\...........;..

3a0 | 7c a7 58 40 65 d4 6c 25 7c 81 d7 1a 72 0a 64 56 | |.X@e.l%|...r.dV

3b0 | 21 73 ce 09 c2 a4 a9 74 ab c2 87 22 1f 6c 51 ac | !s.....t...".lQ.

3c0 | 2a 5d 0e ab a9 d5 12 92 bf 1f 8b e4 71 86 be 9b | *]..........q...

3d0 | 20 6d c4 ee 59 05 a9 39 b0 81 2c 00 04 8d 30 82 | m..Y..9..,...0.

3e0 | 04 89 30 82 03 71 a0 03 02 01 02 02 09 00 d1 72 | ..0..q.........r

3f0 | e6 eb 33 65 80 7d 30 0d 06 09 2a | ..3e.}0...*

[AUTH TYPE] --- SSL : SSLv3 read server hello A

[AUTH TYPE] --- SSL : SSLv3 read server certificate A

[AUTH TYPE] No data returned!

[ALL] Sending TLS ACK!

[sTATE] [backend_sm] REQUEST -> RESPONSE

[ALL] Frame to be sent (24) :

000 | 00 1e 90 9d da 65 00 1c 25 cb 69 64 88 8e 02 00 | .....e..%.id....

010 | 00 06 02 03 00 06 15 00 | ........

[sTATE] [backend_sm] RESPONSE -> RECEIVE

[ALL] Got Frame (1042) :

000 | 00 1c 25 cb 69 64 00 1e 90 9d da 65 88 8e 02 00 | ..%.id.....e....

010 | 04 00 01 04 04 00 15 c0 00 00 0a 81 86 48 86 f7 | .............H..

020 | 0d 01 01 05 05 00 30 81 89 31 0b 30 09 06 03 55 | ......0..1.0...U

030 | 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 13 | ....FR1.0...U...

040 | 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 | .Radius1.0...U..

050 | 13 09 53 6f 6d 65 77 68 65 72 65 31 12 30 10 06 | ..Somewhere1.0..

060 | 03 55 04 0a 13 09 54 65 73 74 20 49 6e 63 2e 31 | .U....Test Inc.1

070 | 1c 30 1a 06 09 2a 86 48 86 f7 0d 01 09 01 16 0d | .0...*.H........

080 | 54 65 73 74 40 74 65 73 74 2e 63 6f 6d 31 23 30 | Test@test.com1#0

090 | 21 06 03 55 04 03 13 1a 54 65 73 74 20 43 65 72 | !..U....Test Cer

0a0 | 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 | tificate Authori

0b0 | 74 79 30 1e 17 0d 30 39 30 35 32 35 31 33 30 32 | ty0...0905251302

0c0 | 35 35 5a 17 0d 31 30 30 35 32 35 31 33 30 32 35 | 55Z..10052513025

0d0 | 35 5a 30 81 89 31 0b 30 09 06 03 55 04 06 13 02 | 5Z0..1.0...U....

0e0 | 46 52 31 0f 30 0d 06 03 55 04 08 13 06 52 61 64 | FR1.0...U....Rad

0f0 | 69 75 73 31 12 30 10 06 03 55 04 07 13 09 53 6f | ius1.0...U....So

100 | 6d 65 77 68 65 72 65 31 12 30 10 06 03 55 04 0a | mewhere1.0...U..

110 | 13 09 54 65 73 74 20 49 6e 63 2e 31 1c 30 1a 06 | ..Test Inc.1.0..

120 | 09 2a 86 48 86 f7 0d 01 09 01 16 0d 54 65 73 74 | .*.H........Test

130 | 40 74 65 73 74 2e 63 6f 6d 31 23 30 21 06 03 55 | @test.com1#0!..U

140 | 04 03 13 1a 54 65 73 74 20 43 65 72 74 69 66 69 | ....Test Certifi

150 | 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 82 | cate Authority0.

160 | 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 | ."0...*.H.......

170 | 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 e3 | ......0.........

180 | d5 48 92 73 e0 0c 96 bb c4 b0 36 1e 97 9c a1 b9 | .H.s......6.....

190 | 6d d1 73 d2 bb 43 5c 7a d1 47 ac 79 6b 54 e8 a5 | m.s..C\z.G.ykT..

1a0 | be 50 11 ca 77 53 d5 e9 03 46 d1 2f 30 46 f7 45 | .P..wS...F./0F.E

1b0 | 7c 14 c1 65 af 4e 7c 9b 27 a3 73 b3 97 b0 65 69 | |..e.N|.'.s...ei

1c0 | c4 fc 3f 70 f3 2d ec 42 a3 33 af c8 ee 2a 42 f7 | ..?p.-.B.3...*B.

1d0 | 9c 8c 67 3f 03 fc df 29 d6 35 b3 83 8e ac 56 06 | ..g?...).5....V.

1e0 | 69 75 18 7d 78 54 89 9d 10 fd 3e 24 24 61 03 76 | iu.}xT....>$$a.v

1f0 | 51 7e 3b 2a 6d de a5 d2 37 e9 7a 06 8a a5 6e 27 | Q~;*m...7.z...n'

200 | 69 39 19 fc ef be 88 bd 44 af 3d 65 9f 65 8d 22 | i9......D.=e.e."

210 | c7 65 a6 40 1d ed 3d ca 60 5b e9 45 63 08 4c c8 | .e.@..=.`[.Ec.L.

220 | f3 0d 5f 57 5c 82 a6 7d d8 3d 9d 54 86 f0 b4 19 | .._W\..}.=.T....

230 | 53 d3 8f b8 ab a7 ec 1d 9f ed c2 a9 78 dd 45 97 | S...........x.E.

240 | 11 1f 03 7a 9b b6 68 c4 98 65 79 ab c6 a1 4f bb | ...z..h..ey...O.

250 | 64 7e 5b 21 65 ee e4 d3 dd a2 93 b4 14 ba b1 1b | d~[!e...........

260 | 2b 58 51 5a 56 38 7e 06 7a af 4c 5c 7a f0 6e cc | +XQZV8~.z.L\z.n.

270 | 00 91 74 9f f6 be e1 11 87 34 20 42 9f 7c a5 02 | ..t......4 B.|..

280 | 03 01 00 01 a3 81 f1 30 81 ee 30 1d 06 03 55 1d | .......0..0...U.

290 | 0e 04 16 04 14 65 b5 82 a2 d1 e3 bf 81 d9 08 7b | .....e.........{

2a0 | df d0 34 34 d1 ca 05 2a 3b 30 81 be 06 03 55 1d | ..44...*;0....U.

2b0 | 23 04 81 b6 30 81 b3 80 14 65 b5 82 a2 d1 e3 bf | #...0....e......

2c0 | 81 d9 08 7b df d0 34 34 d1 ca 05 2a 3b a1 81 8f | ...{..44...*;...

2d0 | a4 81 8c 30 81 89 31 0b 30 09 06 03 55 04 06 13 | ...0..1.0...U...

2e0 | 02 46 52 31 0f 30 0d 06 03 55 04 08 13 06 52 61 | .FR1.0...U....Ra

2f0 | 64 69 75 73 31 12 30 10 06 03 55 04 07 13 09 53 | dius1.0...U....S

300 | 6f 6d 65 77 68 65 72 65 31 12 30 10 06 03 55 04 | omewhere1.0...U.

310 | 0a 13 09 54 65 73 74 20 49 6e 63 2e 31 1c 30 1a | ...Test Inc.1.0.

320 | 06 09 2a 86 48 86 f7 0d 01 09 01 16 0d 54 65 73 | ..*.H........Tes

330 | 74 40 74 65 73 74 2e 63 6f 6d 31 23 30 21 06 03 | t@test.com1#0!..

340 | 55 04 03 13 1a 54 65 73 74 20 43 65 72 74 69 66 | U....Test Certif

350 | 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 82 | icate Authority.

360 | 09 00 d1 72 e6 eb 33 65 80 7d 30 0c 06 03 55 1d | ...r..3e.}0...U.

370 | 13 04 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 | ...0....0...*.H.

380 | f7 0d 01 01 05 05 00 03 82 01 01 00 01 6a f7 b0 | .............j..

390 | a9 b3 e2 72 df 2c 14 3b 37 67 23 5a af fa b7 b0 | ...r.,.;7g#Z....

3a0 | c2 4b 68 ae a1 0a 2a 0d 15 f2 72 5d 0b ab dd 27 | .Kh...*...r]...'

3b0 | 07 b2 d1 c2 ff 45 70 b9 38 e1 1d f4 ad 91 5a ba | .....Ep.8.....Z.

3c0 | 98 13 40 2e c4 92 9b e3 b0 fc 07 d5 12 ba d7 b0 | ..@.............

3d0 | 7e 4c f9 63 38 ae fa 8b aa 4c a5 e4 6c 5a 4c 66 | ~L.c8....L..lZLf

3e0 | c5 7f 3c 67 e0 ac 68 29 f2 73 2f f2 7c a3 9f 1b | ..<g..h).s/.|...

3f0 | 5b 86 6a b1 53 3f 0b d5 54 7a 7d 21 2d a4 10 e6 | [.j.S?..Tz}!-...

400 | f2 f1 48 b4 23 71 80 3a b7 7f 54 40 50 27 f6 b6 | ..H.#q.:..T@P'..

410 | c0 bc | ..

[ALL] Got EAP-Request for type 21 (EAP_TTLS).

[ALL] Got EAP-Request-Authentication.

[sTATE] [backend_sm] RECEIVE -> REQUEST

[ALL] Got EAP-Request for type 21 (EAP_TTLS).

[ALL] Got EAP-Request-Authentication.

[sTATE] Building EAPOL-Response-Authentication

[AUTH TYPE] Packet in (1019) :

000 | c0 00 00 0a 81 86 48 86 f7 0d 01 01 05 05 00 30 | ......H........0

010 | 81 89 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 | ..1.0...U....FR1

020 | 0f 30 0d 06 03 55 04 08 13 06 52 61 64 69 75 73 | .0...U....Radius

030 | 31 12 30 10 06 03 55 04 07 13 09 53 6f 6d 65 77 | 1.0...U....Somew

040 | 68 65 72 65 31 12 30 10 06 03 55 04 0a 13 09 54 | here1.0...U....T

050 | 65 73 74 20 49 6e 63 2e 31 1c 30 1a 06 09 2a 86 | est Inc.1.0...*.

060 | 48 86 f7 0d 01 09 01 16 0d 54 65 73 74 40 74 65 | H........Test@te

070 | 73 74 2e 63 6f 6d 31 23 30 21 06 03 55 04 03 13 | st.com1#0!..U...

080 | 1a 54 65 73 74 20 43 65 72 74 69 66 69 63 61 74 | .Test Certificat

090 | 65 20 41 75 74 68 6f 72 69 74 79 30 1e 17 0d 30 | e Authority0...0

0a0 | 39 30 35 32 35 31 33 30 32 35 35 5a 17 0d 31 30 | 90525130255Z..10

0b0 | 30 35 32 35 31 33 30 32 35 35 5a 30 81 89 31 0b | 0525130255Z0..1.

0c0 | 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 | 0...U....FR1.0..

0d0 | 03 55 04 08 13 06 52 61 64 69 75 73 31 12 30 10 | .U....Radius1.0.

0e0 | 06 03 55 04 07 13 09 53 6f 6d 65 77 68 65 72 65 | ..U....Somewhere

0f0 | 31 12 30 10 06 03 55 04 0a 13 09 54 65 73 74 20 | 1.0...U....Test

100 | 49 6e 63 2e 31 1c 30 1a 06 09 2a 86 48 86 f7 0d | Inc.1.0...*.H...

110 | 01 09 01 16 0d 54 65 73 74 40 74 65 73 74 2e 63 | .....Test@test.c

120 | 6f 6d 31 23 30 21 06 03 55 04 03 13 1a 54 65 73 | om1#0!..U....Tes

130 | 74 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 | t Certificate Au

140 | 74 68 6f 72 69 74 79 30 82 01 22 30 0d 06 09 2a | thority0.."0...*

150 | 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 | .H.............0

160 | 82 01 0a 02 82 01 01 00 e3 d5 48 92 73 e0 0c 96 | ..........H.s...

170 | bb c4 b0 36 1e 97 9c a1 b9 6d d1 73 d2 bb 43 5c | ...6.....m.s..C\

180 | 7a d1 47 ac 79 6b 54 e8 a5 be 50 11 ca 77 53 d5 | z.G.ykT...P..wS.

190 | e9 03 46 d1 2f 30 46 f7 45 7c 14 c1 65 af 4e 7c | ..F./0F.E|..e.N|

1a0 | 9b 27 a3 73 b3 97 b0 65 69 c4 fc 3f 70 f3 2d ec | .'.s...ei..?p.-.

1b0 | 42 a3 33 af c8 ee 2a 42 f7 9c 8c 67 3f 03 fc df | B.3...*B...g?...

1c0 | 29 d6 35 b3 83 8e ac 56 06 69 75 18 7d 78 54 89 | ).5....V.iu.}xT.

1d0 | 9d 10 fd 3e 24 24 61 03 76 51 7e 3b 2a 6d de a5 | ...>$$a.vQ~;*m..

1e0 | d2 37 e9 7a 06 8a a5 6e 27 69 39 19 fc ef be 88 | .7.z...n'i9.....

1f0 | bd 44 af 3d 65 9f 65 8d 22 c7 65 a6 40 1d ed 3d | .D.=e.e.".e.@..=

200 | ca 60 5b e9 45 63 08 4c c8 f3 0d 5f 57 5c 82 a6 | .`[.Ec.L..._W\..

210 | 7d d8 3d 9d 54 86 f0 b4 19 53 d3 8f b8 ab a7 ec | }.=.T....S......

220 | 1d 9f ed c2 a9 78 dd 45 97 11 1f 03 7a 9b b6 68 | .....x.E....z..h

230 | c4 98 65 79 ab c6 a1 4f bb 64 7e 5b 21 65 ee e4 | ..ey...O.d~[!e..

240 | d3 dd a2 93 b4 14 ba b1 1b 2b 58 51 5a 56 38 7e | .........+XQZV8~

250 | 06 7a af 4c 5c 7a f0 6e cc 00 91 74 9f f6 be e1 | .z.L\z.n...t....

260 | 11 87 34 20 42 9f 7c a5 02 03 01 00 01 a3 81 f1 | ..4 B.|.........

270 | 30 81 ee 30 1d 06 03 55 1d 0e 04 16 04 14 65 b5 | 0..0...U......e.

280 | 82 a2 d1 e3 bf 81 d9 08 7b df d0 34 34 d1 ca 05 | ........{..44...

290 | 2a 3b 30 81 be 06 03 55 1d 23 04 81 b6 30 81 b3 | *;0....U.#...0..

2a0 | 80 14 65 b5 82 a2 d1 e3 bf 81 d9 08 7b df d0 34 | ..e.........{..4

2b0 | 34 d1 ca 05 2a 3b a1 81 8f a4 81 8c 30 81 89 31 | 4...*;......0..1

2c0 | 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d | .0...U....FR1.0.

2d0 | 06 03 55 04 08 13 06 52 61 64 69 75 73 31 12 30 | ..U....Radius1.0

2e0 | 10 06 03 55 04 07 13 09 53 6f 6d 65 77 68 65 72 | ...U....Somewher

2f0 | 65 31 12 30 10 06 03 55 04 0a 13 09 54 65 73 74 | e1.0...U....Test

300 | 20 49 6e 63 2e 31 1c 30 1a 06 09 2a 86 48 86 f7 | Inc.1.0...*.H..

310 | 0d 01 09 01 16 0d 54 65 73 74 40 74 65 73 74 2e | ......Test@test.

320 | 63 6f 6d 31 23 30 21 06 03 55 04 03 13 1a 54 65 | com1#0!..U....Te

330 | 73 74 20 43 65 72 74 69 66 69 63 61 74 65 20 41 | st Certificate A

340 | 75 74 68 6f 72 69 74 79 82 09 00 d1 72 e6 eb 33 | uthority....r..3

350 | 65 80 7d 30 0c 06 03 55 1d 13 04 05 30 03 01 01 | e.}0...U....0...

360 | ff 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 | .0...*.H........

370 | 03 82 01 01 00 01 6a f7 b0 a9 b3 e2 72 df 2c 14 | ......j.....r.,.

380 | 3b 37 67 23 5a af fa b7 b0 c2 4b 68 ae a1 0a 2a | ;7g#Z.....Kh...*

390 | 0d 15 f2 72 5d 0b ab dd 27 07 b2 d1 c2 ff 45 70 | ...r]...'.....Ep

3a0 | b9 38 e1 1d f4 ad 91 5a ba 98 13 40 2e c4 92 9b | .8.....Z...@....

3b0 | e3 b0 fc 07 d5 12 ba d7 b0 7e 4c f9 63 38 ae fa | .........~L.c8..

3c0 | 8b aa 4c a5 e4 6c 5a 4c 66 c5 7f 3c 67 e0 ac 68 | ..L..lZLf..<g..h

3d0 | 29 f2 73 2f f2 7c a3 9f 1b 5b 86 6a b1 53 3f 0b | ).s/.|...[.j.S?.

3e0 | d5 54 7a 7d 21 2d a4 10 e6 f2 f1 48 b4 23 71 80 | .Tz}!-.....H.#q.

3f0 | 3a b7 7f 54 40 50 27 f6 b6 c0 bc | :..T@P'....

[AUTH TYPE] --- SSL : SSLv3 read server certificate A

[AUTH TYPE] No data returned!

[ALL] Sending TLS ACK!

[sTATE] [backend_sm] REQUEST -> RESPONSE

[ALL] Frame to be sent (24) :

000 | 00 1e 90 9d da 65 00 1c 25 cb 69 64 88 8e 02 00 | .....e..%.id....

010 | 00 06 02 04 00 06 15 00 | ........

[sTATE] [backend_sm] RESPONSE -> RECEIVE

[ALL] Got Frame (689) :

000 | 00 1c 25 cb 69 64 00 1e 90 9d da 65 88 8e 02 00 | ..%.id.....e....

010 | 02 9f 01 05 02 9f 15 80 00 00 0a 81 94 9f 63 3b | ..............c;

020 | 3e 27 ef f6 c8 a0 e4 66 4f 61 70 b9 67 1c 73 34 | >'.....fOap.g.s4

030 | 6e 88 a0 a6 cd 86 81 2f 48 d3 0d 9a 9a c2 b7 20 | n....../H......

040 | b2 f3 ef 36 43 5a 21 f0 5e 3b 7f 89 84 82 4a e8 | ...6CZ!.^;....J.

050 | 4b a1 b2 06 87 44 0f 66 43 31 f6 42 4e ea d0 d4 | K....D.fC1.BN...

060 | 87 c9 ae f5 65 96 82 77 68 8c bc 38 36 4f 5a af | ....e..wh..86OZ.

070 | b8 91 f6 5b bf 3f 53 7d 09 94 bf b0 71 88 16 ad | ...[.?S}....q...

080 | 5e 36 a6 e5 44 91 c3 6b 69 10 78 09 01 e7 e3 4c | ^6..D..ki.x....L

090 | 54 ec 7c 92 90 32 16 03 01 02 0d 0c 00 02 09 00 | T.|..2..........

0a0 | 80 d1 ae f8 6b e9 cc 76 06 1c 1a dd 1f 95 55 27 | ....k..v......U'

0b0 | 57 31 44 7a 62 b0 48 a5 dc 3b 67 c8 71 8c f9 31 | W1Dzb.H..;g.q..1

0c0 | 98 b8 8f b9 f8 c7 c3 c5 6e fc 85 ed a6 8d 94 4d | ........n......M

0d0 | e9 a0 38 22 e0 57 d6 e6 7c 9b fa 1e fb 92 34 9a | ..8".W..|.....4.

0e0 | 4f e6 7b 80 3d 74 20 cf a4 3a bc 10 56 1c 7c 3d | O.{.=t ..:..V.|=

0f0 | 66 e4 1e 9e 75 41 ac 7b 89 ea 70 2b ae 74 c1 92 | f...uA.{..p+.t..

100 | 18 83 46 24 3b 87 a9 a8 44 e0 ba c2 b6 ee ae 49 | ..F$;...D......I

110 | 3a 5a 48 d6 e5 88 be 9a 31 59 5e ae fb 25 c5 0d | :ZH.....1Y^..%..

120 | 8b 00 01 02 00 80 2d da cb 61 18 c8 75 6d de da | ......-..a..um..

130 | 9c 21 f6 7f 04 0b 91 ba 6c 9f b0 7d 2e b6 1d cf | .!......l..}....

140 | ff 33 7f b8 71 38 b4 42 eb e7 1c db 6b 1b 2b 64 | .3..q8.B....k.+d

150 | b7 11 85 6d e2 dc d9 4b b2 6b c9 8b 98 cf 81 52 | ...m...K.k.....R

160 | 79 9b 00 87 7a fd 32 7f b7 15 9e 68 ee 20 0a 04 | y...z.2....h. ..

170 | 5d cf 3a 05 ec fe 6d 11 22 40 a0 c5 06 ff 25 f4 | ].:...m."@....%.

180 | b8 48 3e ca ef 9c 29 cf 0e ba a3 15 3f f0 b1 f9 | .H>...).....?...

190 | 29 02 50 79 a1 e4 1d 93 54 60 ef 8f 68 d1 7e 90 | ).Py....T`..h.~.

1a0 | 40 dd 61 9c 7c 23 01 00 cb 24 4e 08 f2 35 b0 42 | @.a.|#...$N..5.B

1b0 | 02 a8 f2 f1 6e db 82 af 47 0b c0 7c 40 ae 91 1b | ....n...G..|@...

1c0 | 46 d0 71 eb 20 19 5b ce 69 ff cb 8d 33 97 b5 97 | F.q. .[.i...3...

1d0 | ff 20 93 d1 14 84 78 bc da 9d 35 77 38 12 14 ce | . ....x...5w8...

1e0 | 1e a7 66 95 33 3d dc 04 82 3e 21 24 f9 29 d3 d3 | ..f.3=...>!$.)..

1f0 | 9d f9 90 8f b3 0c 70 4f d0 3d cb 3e 5c 42 d4 89 | ......pO.=.>\B..

200 | 8c 9d 2d 9b ee dc c5 24 da 42 93 6f 52 bf 1c f5 | ..-....$.B.oR...

210 | 11 a7 cf 1b 91 a4 40 c1 1b c5 da d4 ee c6 e6 e1 | ......@.........

220 | 08 db d3 1b 92 cf 24 63 af a0 d7 36 19 3d 26 f3 | ......$c...6.=&.

230 | 2a 68 5a 58 38 72 0e 39 81 95 4d 80 39 d1 13 8f | *hZX8r.9..M.9...

240 | a9 6e 87 1a e5 04 02 6f 0f 12 1a ba df 68 52 73 | .n.....o.....hRs

250 | d9 63 b5 6b 7a 58 3c 6d 48 01 28 9d bb c6 c8 4f | .c.kzX<mH.(....O

260 | c7 0c 8f a9 7d 62 3a 33 f5 60 5a 5d a4 6d 98 59 | ....}b:3.`Z].m.Y

270 | c4 a2 5a c3 2c 29 6c d8 ac ef f3 a3 e9 dd eb cf | ..Z.,)l.........

280 | 19 ad 73 34 e0 68 e2 0e ff e3 4a 62 bd c8 03 56 | ..s4.h....Jb...V

290 | 17 ac 5b 6f 5f b6 22 91 19 6d ed 2f db 65 b4 28 | ..[o_."..m./.e.(

2a0 | be 83 82 14 df 91 70 90 16 03 01 00 04 0e 00 00 | ......p.........

2b0 | 00 | .

[ALL] Got EAP-Request for type 21 (EAP_TTLS).

[ALL] Got EAP-Request-Authentication.

[sTATE] [backend_sm] RECEIVE -> REQUEST

[ALL] Got EAP-Request for type 21 (EAP_TTLS).

[ALL] Got EAP-Request-Authentication.

[sTATE] Building EAPOL-Response-Authentication

[AUTH TYPE] Packet in (666) :

000 | 80 00 00 0a 81 94 9f 63 3b 3e 27 ef f6 c8 a0 e4 | .......c;>'.....

010 | 66 4f 61 70 b9 67 1c 73 34 6e 88 a0 a6 cd 86 81 | fOap.g.s4n......

020 | 2f 48 d3 0d 9a 9a c2 b7 20 b2 f3 ef 36 43 5a 21 | /H...... ...6CZ!

030 | f0 5e 3b 7f 89 84 82 4a e8 4b a1 b2 06 87 44 0f | .^;....J.K....D.

040 | 66 43 31 f6 42 4e ea d0 d4 87 c9 ae f5 65 96 82 | fC1.BN.......e..

050 | 77 68 8c bc 38 36 4f 5a af b8 91 f6 5b bf 3f 53 | wh..86OZ....[.?S

060 | 7d 09 94 bf b0 71 88 16 ad 5e 36 a6 e5 44 91 c3 | }....q...^6..D..

070 | 6b 69 10 78 09 01 e7 e3 4c 54 ec 7c 92 90 32 16 | ki.x....LT.|..2.

080 | 03 01 02 0d 0c 00 02 09 00 80 d1 ae f8 6b e9 cc | .............k..

090 | 76 06 1c 1a dd 1f 95 55 27 57 31 44 7a 62 b0 48 | v......U'W1Dzb.H

0a0 | a5 dc 3b 67 c8 71 8c f9 31 98 b8 8f b9 f8 c7 c3 | ..;g.q..1.......

0b0 | c5 6e fc 85 ed a6 8d 94 4d e9 a0 38 22 e0 57 d6 | .n......M..8".W.

0c0 | e6 7c 9b fa 1e fb 92 34 9a 4f e6 7b 80 3d 74 20 | .|.....4.O.{.=t

0d0 | cf a4 3a bc 10 56 1c 7c 3d 66 e4 1e 9e 75 41 ac | ..:..V.|=f...uA.

0e0 | 7b 89 ea 70 2b ae 74 c1 92 18 83 46 24 3b 87 a9 | {..p+.t....F$;..

0f0 | a8 44 e0 ba c2 b6 ee ae 49 3a 5a 48 d6 e5 88 be | .D......I:ZH....

100 | 9a 31 59 5e ae fb 25 c5 0d 8b 00 01 02 00 80 2d | .1Y^..%........-

110 | da cb 61 18 c8 75 6d de da 9c 21 f6 7f 04 0b 91 | ..a..um...!.....

120 | ba 6c 9f b0 7d 2e b6 1d cf ff 33 7f b8 71 38 b4 | .l..}.....3..q8.

130 | 42 eb e7 1c db 6b 1b 2b 64 b7 11 85 6d e2 dc d9 | B....k.+d...m...

140 | 4b b2 6b c9 8b 98 cf 81 52 79 9b 00 87 7a fd 32 | K.k.....Ry...z.2

150 | 7f b7 15 9e 68 ee 20 0a 04 5d cf 3a 05 ec fe 6d | ....h. ..].:...m

160 | 11 22 40 a0 c5 06 ff 25 f4 b8 48 3e ca ef 9c 29 | ."@....%..H>...)

170 | cf 0e ba a3 15 3f f0 b1 f9 29 02 50 79 a1 e4 1d | .....?...).Py...

180 | 93 54 60 ef 8f 68 d1 7e 90 40 dd 61 9c 7c 23 01 | .T`..h.~.@.a.|#.

190 | 00 cb 24 4e 08 f2 35 b0 42 02 a8 f2 f1 6e db 82 | ..$N..5.B....n..

1a0 | af 47 0b c0 7c 40 ae 91 1b 46 d0 71 eb 20 19 5b | .G..|@...F.q. .[

1b0 | ce 69 ff cb 8d 33 97 b5 97 ff 20 93 d1 14 84 78 | .i...3.... ....x

1c0 | bc da 9d 35 77 38 12 14 ce 1e a7 66 95 33 3d dc | ...5w8.....f.3=.

1d0 | 04 82 3e 21 24 f9 29 d3 d3 9d f9 90 8f b3 0c 70 | ..>!$.)........p

1e0 | 4f d0 3d cb 3e 5c 42 d4 89 8c 9d 2d 9b ee dc c5 | O.=.>\B....-....

1f0 | 24 da 42 93 6f 52 bf 1c f5 11 a7 cf 1b 91 a4 40 | $.B.oR.........@

200 | c1 1b c5 da d4 ee c6 e6 e1 08 db d3 1b 92 cf 24 | ...............$

210 | 63 af a0 d7 36 19 3d 26 f3 2a 68 5a 58 38 72 0e | c...6.=&.*hZX8r.

220 | 39 81 95 4d 80 39 d1 13 8f a9 6e 87 1a e5 04 02 | 9..M.9....n.....

230 | 6f 0f 12 1a ba df 68 52 73 d9 63 b5 6b 7a 58 3c | o.....hRs.c.kzX<

240 | 6d 48 01 28 9d bb c6 c8 4f c7 0c 8f a9 7d 62 3a | mH.(....O....}b:

250 | 33 f5 60 5a 5d a4 6d 98 59 c4 a2 5a c3 2c 29 6c | 3.`Z].m.Y..Z.,)l

260 | d8 ac ef f3 a3 e9 dd eb cf 19 ad 73 34 e0 68 e2 | ...........s4.h.

270 | 0e ff e3 4a 62 bd c8 03 56 17 ac 5b 6f 5f b6 22 | ...Jb...V..[o_."

280 | 91 19 6d ed 2f db 65 b4 28 be 83 82 14 df 91 70 | ..m./.e.(......p

290 | 90 16 03 01 00 04 0e 00 00 00 | ..........

[AUTH TYPE] --- SSL_verify : depth 1

[AUTH TYPE] --- SSL_verify : depth 0

[AUTH TYPE] --- SSL : SSLv3 read server certificate A

[AUTH TYPE] --- SSL : SSLv3 read server key exchange A

[AUTH TYPE] --- SSL : SSLv3 read server done A

[AUTH TYPE] --- SSL : SSLv3 write client key exchange A

[AUTH TYPE] --- SSL : SSLv3 write change cipher spec A

[AUTH TYPE] --- SSL : SSLv3 write finished A

[AUTH TYPE] --- SSL : SSLv3 flush data

[AUTH TYPE] --- SSL : unknown state

[sTATE] [backend_sm] REQUEST -> RESPONSE

[ALL] Frame to be sent (226) :

000 | 00 1e 90 9d da 65 00 1c 25 cb 69 64 88 8e 02 00 | .....e..%.id....

010 | 00 d0 02 05 00 d0 15 80 00 00 00 c6 16 03 01 00 | ................

020 | 86 10 00 00 82 00 80 4a 1e 5d 67 f9 55 d5 97 c8 | .......J.]g.U...

030 | 1c a1 48 12 e0 63 16 6b 76 18 e3 76 e5 b0 f6 64 | ..H..c.kv..v...d

040 | bb c9 c5 c8 f4 93 6e 88 76 93 f4 10 f9 e4 8a 84 | ......n.v.......

050 | 83 65 0e c0 67 6e 27 9b d6 5e ac 34 6b 49 50 83 | .e..gn'..^.4kIP.

060 | c6 f1 f3 a2 46 79 5c eb 64 2e 9e c9 22 87 0e 25 | ....Fy\.d..."..%

070 | d3 03 82 a7 fc 36 2d 55 a6 fa be 5c d3 9a 60 23 | .....6-U...\..`#

080 | d7 66 80 d6 e7 b0 c4 9c c3 a9 39 79 c5 b9 b6 1b | .f........9y....

090 | 6f b8 5b 2e ac d7 27 cf 6d 36 ef 2f 5d 59 84 09 | o.[...'.m6./]Y..

0a0 | 26 11 58 76 ac a4 9f 14 03 01 00 01 01 16 03 01 | &.Xv............

0b0 | 00 30 be b6 b0 3a 7c a7 bc dc 8f 7e 73 05 ae a5 | .0...:transpi:....~s...

0c0 | 93 33 99 a3 bb 71 2a b4 6d 29 d7 cd b5 77 3d d6 | .3...q*.m)...w=.

0d0 | d9 45 1e a8 30 d5 45 7d bb 38 93 0d 45 a6 21 1c | .E..0.E}.8..E.!.

0e0 | f9 ec | ..

[sTATE] [backend_sm] RESPONSE -> RECEIVE

[ALL] Got Frame (262) :

000 | 00 1c 25 cb 69 64 00 1e 90 9d da 65 88 8e 02 00 | ..%.id.....e....

010 | 00 f4 01 06 00 f4 15 80 00 00 00 ea 16 03 01 00 | ................

020 | aa 04 00 00 a6 00 00 00 00 00 a0 93 54 2c 20 81 | ............T, .

030 | df a3 8c c9 94 d7 7f 85 c4 c1 2c 4f 0b 45 61 83 | ..........,O.Ea.

040 | e9 15 a9 a6 ea f2 41 c9 f9 40 ee 64 0c ea a5 4a | ......A..@.d...J

050 | b3 61 e9 e8 06 60 dc 2a 1e 4a 4f 75 4f f2 75 57 | .a...`.*.JOuO.uW

060 | 69 14 25 c9 ee c1 29 52 52 da b3 f1 33 bd f1 b1 | i.%...)RR...3...

070 | 04 91 27 ea a6 cd ed ff 1d 35 5d fd f2 34 a1 79 | ..'......5]..4.y

080 | 99 9b 13 57 85 33 80 73 0f 4e d9 0e 18 15 aa 23 | ...W.3.s.N.....#

090 | a8 62 1b 08 5c 35 13 e0 07 6d 58 29 23 bd c8 23 | .b..\5...mX)#..#

0a0 | 9c 39 ca ef 46 93 95 7f 38 4c 0e 4a c0 8f 74 c8 | .9..F...8L.J..t.

0b0 | 39 bf ab 58 f1 f9 c8 5f 8e f9 cc 73 cc 01 19 5b | 9..X..._...s...[

0c0 | 67 b5 c5 18 94 41 24 92 39 1c 9f 14 03 01 00 01 | g....A$.9.......

0d0 | 01 16 03 01 00 30 12 2a 6c e7 34 c2 4f 42 5b 0c | .....0.*l.4.OB[.

0e0 | e1 6f f1 eb 9e 04 af 15 ff 56 cf b2 84 d1 33 a9 | .o.......V....3.

0f0 | d7 7b fe 84 a9 d2 07 3b f7 fd 48 8d 4a 2c 4f 34 | .{.....;..H.J,O4

100 | 09 1a 65 5e b6 d3 | ..e^..

[ALL] Got EAP-Request for type 21 (EAP_TTLS).

[ALL] Got EAP-Request-Authentication.

[sTATE] [backend_sm] RECEIVE -> REQUEST

[ALL] Got EAP-Request for type 21 (EAP_TTLS).

[ALL] Got EAP-Request-Authentication.

[sTATE] Building EAPOL-Response-Authentication

[AUTH TYPE] Packet in (239) :

000 | 80 00 00 00 ea 16 03 01 00 aa 04 00 00 a6 00 00 | ................

010 | 00 00 00 a0 93 54 2c 20 81 df a3 8c c9 94 d7 7f | .....T, ........

020 | 85 c4 c1 2c 4f 0b 45 61 83 e9 15 a9 a6 ea f2 41 | ...,O.Ea.......A

030 | c9 f9 40 ee 64 0c ea a5 4a b3 61 e9 e8 06 60 dc | ..@.d...J.a...`.

040 | 2a 1e 4a 4f 75 4f f2 75 57 69 14 25 c9 ee c1 29 | *.JOuO.uWi.%...)

050 | 52 52 da b3 f1 33 bd f1 b1 04 91 27 ea a6 cd ed | RR...3.....'....

060 | ff 1d 35 5d fd f2 34 a1 79 99 9b 13 57 85 33 80 | ..5]..4.y...W.3.

070 | 73 0f 4e d9 0e 18 15 aa 23 a8 62 1b 08 5c 35 13 | s.N.....#.b..\5.

080 | e0 07 6d 58 29 23 bd c8 23 9c 39 ca ef 46 93 95 | ..mX)#..#.9..F..

090 | 7f 38 4c 0e 4a c0 8f 74 c8 39 bf ab 58 f1 f9 c8 | .8L.J..t.9..X...

0a0 | 5f 8e f9 cc 73 cc 01 19 5b 67 b5 c5 18 94 41 24 | _...s...[g....A$

0b0 | 92 39 1c 9f 14 03 01 00 01 01 16 03 01 00 30 12 | .9............0.

0c0 | 2a 6c e7 34 c2 4f 42 5b 0c e1 6f f1 eb 9e 04 af | *l.4.OB[..o.....

0d0 | 15 ff 56 cf b2 84 d1 33 a9 d7 7b fe 84 a9 d2 07 | ..V....3..{.....

0e0 | 3b f7 fd 48 8d 4a 2c 4f 34 09 1a 65 5e b6 d3 | ;..H.J,O4..e^..

[AUTH TYPE] --- SSL : unknown state

[AUTH TYPE] --- SSL : SSLv3 read finished A

[AUTH TYPE] --- SSL : SSL negotiation finished successfully

[AUTH TYPE] --- SSL : SSL negotiation finished successfully

[AUTH TYPE] No data returned!

[AUTH TYPE] Encrypted Inner (234) :

000 | 16 03 01 00 aa 04 00 00 a6 00 00 00 00 00 a0 93 | ................

010 | 54 2c 20 81 df a3 8c c9 94 d7 7f 85 c4 c1 2c 4f | T, ...........,O

020 | 0b 45 61 83 e9 15 a9 a6 ea f2 41 c9 f9 40 ee 64 | .Ea.......A..@.d

030 | 0c ea a5 4a b3 61 e9 e8 06 60 dc 2a 1e 4a 4f 75 | ...J.a...`.*.JOu

040 | 4f f2 75 57 69 14 25 c9 ee c1 29 52 52 da b3 f1 | O.uWi.%...)RR...

050 | 33 bd f1 b1 04 91 27 ea a6 cd ed ff 1d 35 5d fd | 3.....'......5].

060 | f2 34 a1 79 99 9b 13 57 85 33 80 73 0f 4e d9 0e | .4.y...W.3.s.N..

070 | 18 15 aa 23 a8 62 1b 08 5c 35 13 e0 07 6d 58 29 | ...#.b..\5...mX)

080 | 23 bd c8 23 9c 39 ca ef 46 93 95 7f 38 4c 0e 4a | #..#.9..F...8L.J

090 | c0 8f 74 c8 39 bf ab 58 f1 f9 c8 5f 8e f9 cc 73 | ..t.9..X..._...s

0a0 | cc 01 19 5b 67 b5 c5 18 94 41 24 92 39 1c 9f 14 | ...[g....A$.9...

0b0 | 03 01 00 01 01 16 03 01 00 30 12 2a 6c e7 34 c2 | .........0.*l.4.

0c0 | 4f 42 5b 0c e1 6f f1 eb 9e 04 af 15 ff 56 cf b2 | OB[..o.......V..

0d0 | 84 d1 33 a9 d7 7b fe 84 a9 d2 07 3b f7 fd 48 8d | ..3..{.....;..H.

0e0 | 4a 2c 4f 34 09 1a 65 5e b6 d3 | J,O4..e^..

[AUTH TYPE] --- SSL : SSL negotiation finished successfully

[AUTH TYPE] --- ALERT : decryption failed

In tls_crypt.c, SSL_read(mytls_vars->ssl, out_data, 1000) failed.

OpenSSL Error -- error:140D2081:SSL routines:TLS1_ENC:block cipher pad is wrong

Library : SSL routines

Function : TLS1_ENC

Reason : block cipher pad is wrong

[AUTH TYPE] Decrypted Inner (234) :

[AUTH TYPE] (Hack) Acking for second inner phase packet!

[sTATE] [backend_sm] REQUEST -> RESPONSE

[ALL] Frame to be sent (24) :

000 | 00 1e 90 9d da 65 00 1c 25 cb 69 64 88 8e 02 00 | .....e..%.id....

010 | 00 06 02 06 00 06 15 00 | ........

[sTATE] [backend_sm] RESPONSE -> RECEIVE

[ALL] Got Frame (60) :

000 | 00 1c 25 cb 69 64 00 1e 90 9d da 65 88 8e 02 00 | ..%.id.....e....

010 | 00 0a 01 07 00 0a 15 80 00 00 00 00 00 00 00 00 | ................

020 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................

030 | 00 00 00 00 00 00 00 00 00 00 00 00 | ............

[ALL] Got EAP-Request for type 21 (EAP_TTLS).

[ALL] Got EAP-Request-Authentication.

[sTATE] [backend_sm] RECEIVE -> REQUEST

[ALL] Got EAP-Request for type 21 (EAP_TTLS).

[ALL] Got EAP-Request-Authentication.

[sTATE] Building EAPOL-Response-Authentication

[AUTH TYPE] Packet in (5) :

000 | 80 00 00 00 00 | .....

[AUTH TYPE] Encrypted Inner (0) :

[AUTH TYPE] Doing Phase 2 PAP!

[AUTH TYPE] Phase 2 Username : test

[AUTH TYPE] Returning from do_pap :

000 | 00 00 00 01 40 00 00 0c 74 65 73 74 00 00 00 02 | ....@...test....

010 | 40 00 00 18 74 61 74 61 00 00 00 00 00 00 00 00 | @...tata........

020 | 00 00 00 00 | ....

[AUTH TYPE] Returning from (TTLS) do_phase2 :

000 | 00 17 03 01 00 40 f1 b0 10 6a 8c 80 8c f1 5e 72 | .....@...j....^r

010 | 04 66 22 af 83 0a 33 8f 54 b1 7c c5 81 85 38 ff | .f"...3.T.|...8.

020 | 8f 6f 9c c4 b8 70 31 16 cf 93 fa 4a 65 ac 19 f4 | .o...p1....Je...

030 | e9 0a 4c 88 d5 06 0d 62 d0 fc bb 82 b3 0a d3 bd | ..L....b........

040 | 8f 16 ea 1c 4f 06 | ....O.

[sTATE] [backend_sm] REQUEST -> RESPONSE

[ALL] Frame to be sent (93) :

000 | 00 1e 90 9d da 65 00 1c 25 cb 69 64 88 8e 02 00 | .....e..%.id....

010 | 00 4b 02 07 00 4b 15 00 17 03 01 00 40 f1 b0 10 | .K...K......@...

020 | 6a 8c 80 8c f1 5e 72 04 66 22 af 83 0a 33 8f 54 | j....^r.f"...3.T

030 | b1 7c c5 81 85 38 ff 8f 6f 9c c4 b8 70 31 16 cf | .|...8..o...p1..

040 | 93 fa 4a 65 ac 19 f4 e9 0a 4c 88 d5 06 0d 62 d0 | ..Je.....L....b.

050 | fc bb 82 b3 0a d3 bd 8f 16 ea 1c 4f 06 | ...........O.

[sTATE] [backend_sm] RESPONSE -> RECEIVE

[ALL] Clock tick! authWhile=29 heldWhile=58 startWhen=28 curState=AUTHENTICATING

[ALL] Got Frame (60) :

000 | 00 1c 25 cb 69 64 00 1e 90 9d da 65 88 8e 02 00 | ..%.id.....e....

010 | 00 04 04 07 00 04 00 00 00 00 00 00 00 00 00 00 | ................

020 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................

030 | 00 00 00 00 00 00 00 00 00 00 00 00 | ............

[ALL] Got EAP-Failure!

Failed to authenticate eth0

[ALL] (TLS-FUNCS) Cleaning up (possible after a failure)!

[AUTH TYPE] (EAP-TLS) Freeing mytls_vars->ctx!

[ALL] (EAP-TTLS) Failed. Resetting.

Stats for Interface eth0 :

EAPOL Frames RX : 8 EAPOL Frames TX : 8

EAPOL Starts TX : 1 EAPOL Logoff TX : 0

EAPOL Resp. ID TX : 1 EAPOL Resp. TX : 6

EAPOL Req. ID RX : 1 EAPOL Req. RX : 6

EAPOL Invalid Frame: 0 EAP Length Error : 0

Last EAPOL Version : 2 Last EAPOL Src. :00 1e 90 9d da 65

EAPOL Success : 0 EAPOL Failure : 1

Backend Timeouts : 0

[sTATE] [backend_sm] RECEIVE -> FAIL

[sTATE] [backend_sm] FAIL -> IDLE

[sTATE] Changing from AUTHENTICATING to HELD.

[ALL] Clock tick! authWhile=28 heldWhile=59 startWhen=27 curState=HELD

[ALL] Clock tick! authWhile=27 heldWhile=58 startWhen=26 curState=HELD

[ALL] Clock tick! authWhile=26 heldWhile=57 startWhen=25 curState=HELD

[ALL] Clock tick! authWhile=25 heldWhile=56 startWhen=24 curState=HELD

[ALL] Clock tick! authWhile=24 heldWhile=55 startWhen=23 curState=HELD

[ALL] Clock tick! authWhile=23 heldWhile=54 startWhen=22 curState=HELD

[ALL] Clock tick! authWhile=22 heldWhile=53 startWhen=21 curState=HELD

[ALL] Clock tick! authWhile=21 heldWhile=52 startWhen=20 curState=HELD

[ALL] Clock tick! authWhile=20 heldWhile=51 startWhen=19 curState=HELD

[ALL] Clock tick! authWhile=19 heldWhile=50 startWhen=18 curState=HELD

[ALL] Clock tick! authWhile=18 heldWhile=49 startWhen=17 curState=HELD

[ALL] Clock tick! authWhile=17 heldWhile=48 startWhen=16 curState=HELD

[ALL] Clock tick! authWhile=16 heldWhile=47 startWhen=15 curState=HELD

[ALL] Clock tick! authWhile=15 heldWhile=46 startWhen=14 curState=HELD

[ALL] Clock tick! authWhile=14 heldWhile=45 startWhen=13 curState=HELD

[ALL] Clock tick! authWhile=13 heldWhile=44 startWhen=12 curState=HELD

[ALL] Clock tick! authWhile=12 heldWhile=43 startWhen=11 curState=HELD

[ALL] Clock tick! authWhile=11 heldWhile=42 startWhen=10 curState=HELD

[ALL] Clock tick! authWhile=10 heldWhile=41 startWhen=9 curState=HELD

[ALL] Shutting down IPC socket!

[iNT] Closing socket descriptor #5

[ALL] Doing statemachine cleanup!

[ALL] Calling EAP-Cleanup!

[ALL] (TLS-FUNCS) Cleaning up!

[ALL] (TLS-FUNCS) Cleaning up (possible after a failure)!

[AUTH TYPE] (EAP-TLS) Freeing session key const!

[ALL] (EAP-TTLS) Cleaned up.

[iNT] Sending Logoff for int eth0!

[sTATE] Sending EAPOL-Logoff Frame.

[ALL] Frame to be sent (18) :

000 | 00 1e 90 9d da 65 00 1c 25 cb 69 64 88 8e 02 02 | .....e..%.id....

010 | 00 00 | ..

[ALL] Cleaning up interface eth0...

[iNT] Called event_core_cleanup()!

[iNT] Called cardif_linux_rtnetlink_cleanup()!

Je pense que je parviens à initialiser un tunnel TLS mais je ne parviens pas l'utiliser avec PAP. Il y a une erreur significative sur xsupplicant qui se constate sur freeradius aussi.

Je n'ai pas de trouvé comment corriger l'erreur.

Je n'écarte pas le fait que cela puisse venir de la configuration du radius.

Merci pour votre aide potentiel.

Lien vers le commentaire
Partager sur d’autres sites

Je pense que tu fais tout sur un seul PC (le supplicant, et l'authenticator radius). Je te conseille sérieusement de séparer les deux entités pour mieux comprendre ce qui se passe, parce que comme ça je vois pas trop. Serait il possible que tu ais un ordinateur portable sous windows ou linux comptatible TTLS (pour windows il faut installer secureW2) pour faire supplicant. Comme ça tu installe wireshark dessus et on pourrait mieux voir la source du problème.

Prends cette conf pour TTLS:

eap {

	default_eap_type = ttls

	timer_expire	 = 60
	ignore_unknown_eap_types = no
	cisco_accounting_username_bug = no

	md5 {
	}

	tls {

		certdir = ${confdir}/certs
		cadir = ${confdir}/certs
		private_key_password = radius
		private_key_file = ${certdir}/radius.key
		certificate_file = ${certdir}/radius.pem
		CA_file = ${cadir}/cacert.pem
		dh_file = ${certdir}/dh
		random_file = ${certdir}/random
		make_cert_command = "${certdir}/bootstrap"
	}

	ttls {

		default_eap_type = md5
		copy_request_to_tunnel = yes
		use_tunneled_reply = yes
	}


	mschapv2 {
	}
}

}

Pour le faire fonctionner j'avais ça. Use_tunneled reply cela veut dire que le User-Name passe dans le tunnel. En gros quand tu mets ca à no, tu verras User-Name = anonymous. Avec cette option à yes, le User-Name passe dans le tunnel. Et copy_request_to_tunnel c'est que t'envoi les requêtes dans le tunnel. En gros comme ça tout es chiffré.

En ce qui concerne ton erreur aussi, oublie pas qu'il n'y a pas besoin de certificat côté client. Vu que tu as fait du TLS avant tu as peu être laisser le certificat. L'erreur de la mauvaise empreinte du cypher peut être du à ta ligne default_eap_type = gtc. En fait dans le Tunnel TLS qu'aura crée l'instance TTLS, les échanges seront contrôlé grace à un hash en MD5. Et la méthode d'authentification sera réalisé grâce au protocole PAP. C'est un peut compliqué mais ca se passe comme ca.

Voilà déjà essaye comme ça et dit moi s'il y a des évolutions

Lien vers le commentaire
Partager sur d’autres sites

Déjà merci beaucoup pour ta réponse.

Mon architecture est répartie sur plusieurs postes physiques et logique. Le supplicant se trouve sur un poste P1 physique. Le NAS est sur un poste P2 et le radius est isolé sur une machine Virtuel hébergé sur le P2. Mais l'architecture est parfaitement segmenté.

Wireshark tourne derrière sans problème.

Je suis full nux.

En ce qui concerne le fichier eap.conf. Est il possible d'utiliser une autre forme de Hashage que le MD5 ? genre SHA256 ou 386.

J'ai une autre question. Les mots de passe dans mon LDAP doit il être en claire ou chiffré ?

Je t'envoies la conf de mon client.

network_list = all

default_netname = client

#destination = auto

logfile = syslog

log_facility = daemon

#auth_period = 10

#held_period = 10

#max_starts = 3

default_interface = eth0

#stale_key_timeout = 600

allmulti = no

client {

type = wired

allow_types = eap-ttls

force_eapol_ver = 2

identity = test

eap-ttls {

root_cert = certs_ttls/ca.pem

root_dir = certs_ttls

chunk_size = 1398

random_file = certs_ttls/random

phase2_type = pap

pap {

username = "test"

password = "tata"

}

}

}

En ce qui concerne le cipher ne n'ai pas le choix de laisser le root_cert = certs_ttls/ca.pem et root_dir = certs_ttls car sinon il me refuse systématiquement le certificat serveur. Mais c'est logique car sinon il ne peut pas verifié la validité du certificats server.

Je teste tout ce que tu m'as dit demain

encore une fois merci.

Lien vers le commentaire
Partager sur d’autres sites

Bon... Je n'ai aucun changement.

J'ai tjrs mon message d'erreur ds mon Xsupplicant. J'ai compiler la version Xsupplicant 1.2.8 et refait un teste. Le message d'erreur apparait toujours.

Je vais procéder par ordre logique. Je ne vais pas utiliser LDAP dans un premier temps. mais plutôt passer par le fichier de configuration users.

quelqu'un aurait il un fichier de configuration fonctionnel pour eap.conf et users default et inner-tunnel.

Merci

Lien vers le commentaire
Partager sur d’autres sites

Salut,

J'ai tout mes fichiers de conf qui fonctionnait pour TTLS mais s'était les anciennes version et il n'y avait pas le fichier inner-tunnel. Je peux te les filer si tu veux. EAP.conf tu l'a déjà. Maintenant user:

#DEFAULT Ldap-Group == "disabled", Auth-Type = LDAP
#
# 	
#	  Tunnel-Medium-Type = IEEE-802,
#	  Tunnel-Type = VLAN,
#	  Tunnel-Private-Group-Id = "2"
#
#DEFAULT Ldap-Group == "enabled", Auth-Type = LDAP
#
#   Tunnel-Medium-Type = IEEE-802,
#   Tunnel-Type = VLAN,
#   Tunnel-Private-Group-Id = "3"
#
DEFAULT Auth-Type = LDAP

Ces fichiers de conf était pour des versions anterieur à la tienne. Avec ces fichiers, LDAP + TTLS fonctionnait. Et je faisais aussi du Vlan dynamique

Lien vers le commentaire
Partager sur d’autres sites

BON...

J'ai trouvé.

J'ai réaliser une authentification avec freeradius EAP-TTLS / PAP avec LDAP et les mots passe chiffré en SHA.

xsupplicant ne fonctionne clairement pas en TTLS / PAP dans les versions 1.2.4, jusqu'à 1.2.8. Je n'ai pas testé les versions antérieur.

J'utilise wpa_supplicant commet client.

http://rnd.feide.no/content/feide-and-eduroam

Lien vers le commentaire
Partager sur d’autres sites

Archivé

Ce sujet est désormais archivé et ne peut plus recevoir de nouvelles réponses.

×
×
  • Créer...