Nie jesteś zalogowany.
Jeśli nie posiadasz konta, zarejestruj je już teraz! Pozwoli Ci ono w pełni korzystać z naszego serwisu. Spamerom dziękujemy!

Ogłoszenie

Prosimy o pomoc dla małej Julki — przekaż 1% podatku na Fundacji Dzieciom zdazyć z Pomocą.
Więcej informacji na dug.net.pl/pomagamy/.

#1  2015-03-02 09:50:35

  homzik - Nowy użytkownik

homzik
Nowy użytkownik
Zarejestrowany: 2015-03-02

Konfiguracja WPA2 Enterprise RADIUS - liczba liczba sesji podłączonych

Chodzi mi o polecenie  Simultaneous-Use := '1' które decyduje o
liczbie sesji. Po wprowadzeniu tego parametru, nie widzę żadnych
efektów, nadal mogę się logować do sieci z wielu komputerów
jednocześnie. Czy jest jeszcze coś dodatkowego do ustawienia, aby ta
opcja zadziałała?

Przykład:

Kod:

# PSP 11 USERS TESTED
"test" cleartext-Password: = "test", Simultaneous-Use:= "1"
Reply-Message = "Hello,% {User-Name}"

Serwer FreeRadius pracuje kod kontrolą UBUNTU 12.04 i został
zainstalowany poprzez centrum oprogramowania (2.1.12 + dfsg
freeradius-1.2ubuntu8)
Dane użytkowników przechowywane są w pliku tekstowym, bez udziału bazy
SQL.
Z góry dziękuję.

Offline

 

#2  2015-03-02 12:18:05

  morfik - Cenzor wirtualnego świata

morfik
Cenzor wirtualnego świata
Skąd: ze WSI
Zarejestrowany: 2011-09-15
Serwis

Re: Konfiguracja WPA2 Enterprise RADIUS - liczba liczba sesji podłączonych

Włącz tryb debug na radiusie (ew. na wpasupplicant) i zobacz jak ze sobą maszyny rozmawiają i co im nie pasuje.

Offline

 

#3  2015-03-03 09:07:52

  homzik - Nowy użytkownik

homzik
Nowy użytkownik
Zarejestrowany: 2015-03-02

Re: Konfiguracja WPA2 Enterprise RADIUS - liczba liczba sesji podłączonych

Witam,
wklejam informacje z trybu debugowania, raczej wszystko jest OK, tylko nadal jeden użytkownik (login) może się logować na wielu komputerach jednocześnie.

Kod:

 Module: Instantiating module "preprocess" from file /etc/freeradius/modules/preprocess
  preprocess {
    huntgroups = "/etc/freeradius/huntgroups"
    hints = "/etc/freeradius/hints"
    with_ascend_hack = no
    ascend_channels_per_line = 23
    with_ntdomain_hack = no
    with_specialix_jetstream_hack = no
    with_cisco_vsa_hack = no
    with_alvarion_vsa_hack = no
  }
 Module: Checking preacct {...} for more modules to load
 Module: Linked to module rlm_acct_unique
 Module: Instantiating module "acct_unique" from file /etc/freeradius/modules/acct_unique
  acct_unique {
    key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
  }
 Module: Checking accounting {...} for more modules to load
 Module: Linked to module rlm_detail
 Module: Instantiating module "detail" from file /etc/freeradius/modules/detail
  detail {
    detailfile = "/var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
    header = "%t"
    detailperm = 384
    dirperm = 493
    locking = no
    log_packet_header = no
  }
 Module: Instantiating module "attr_filter.accounting_response" from file /etc/freeradius/modules/attr_filter
  attr_filter attr_filter.accounting_response {
    attrsfile = "/etc/freeradius/attrs.accounting_response"
    key = "%{User-Name}"
  }
 Module: Checking session {...} for more modules to load
 Module: Checking post-proxy {...} for more modules to load
 Module: Checking post-auth {...} for more modules to load
 } # modules
} # server
radiusd: #### Opening IP addresses and Ports ####
listen {
    type = "auth"
    ipaddr = 10.0.0.230
    port = 0
}
listen {
    type = "acct"
    ipaddr = *
    port = 0
}
listen {
    type = "auth"
    ipaddr = 127.0.0.1
    port = 18120
}
Listening on authentication address 10.0.0.230 port 1812
Listening on accounting address * port 1813
Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel
Listening on proxy address 10.0.0.230 port 1814
Ready to process requests.
rad_recv: Access-Request packet from host 10.0.0.206 port 32768, id=43, length=153
    User-Name = "test"
    NAS-IP-Address = 192.168.16.254
    NAS-Port = 0
    Called-Station-Id = "20-AA-4B-56-5A-ED:PSP11_P2_AP2"
    Calling-Station-Id = "00-08-CA-F0-58-A8"
    Framed-MTU = 1400
    NAS-Port-Type = Wireless-802.11
    Connect-Info = "CONNECT 0Mbps 802.11b"
    EAP-Message = 0x02dd00090174657374
    Message-Authenticator = 0x2b1dff45a595b1677c821ddec0d9bee1
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "test", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 221 length 9
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
[files] users: Matched entry test at line 97
[files]     expand: Hello, %{User-Name} -> Hello, test
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING: Auth-Type already set.  Not setting to PAP
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type md5
rlm_eap_md5: Issuing Challenge
++[eap] returns handled
Sending Access-Challenge of id 43 to 10.0.0.206 port 32768
    Reply-Message = "Hello, test"
    EAP-Message = 0x01de00160410f5d1ec35fef8aeceb58398e90e2e5b58
    Message-Authenticator = 0x00000000000000000000000000000000
    State = 0x5461582154bf5ce69d7e1d9fb9a69c26
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.0.0.206 port 32768, id=44, length=168
    User-Name = "test"
    NAS-IP-Address = 192.168.16.254
    NAS-Port = 0
    Called-Station-Id = "20-AA-4B-56-5A-ED:PSP11_P2_AP2"
    Calling-Station-Id = "00-08-CA-F0-58-A8"
    Framed-MTU = 1400
    NAS-Port-Type = Wireless-802.11
    Connect-Info = "CONNECT 0Mbps 802.11b"
    EAP-Message = 0x02de00060315
    State = 0x5461582154bf5ce69d7e1d9fb9a69c26
    Message-Authenticator = 0xbe0bc0941d8fca1acf9215345eddee59
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "test", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 222 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
[files] users: Matched entry test at line 97
[files]     expand: Hello, %{User-Name} -> Hello, test
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING: Auth-Type already set.  Not setting to PAP
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP NAK
[eap] EAP-NAK asked for EAP-Type/ttls
[eap] processing type tls
[tls] Initiate
[tls] Start returned 1
++[eap] returns handled
Sending Access-Challenge of id 44 to 10.0.0.206 port 32768
    Reply-Message = "Hello, test"
    EAP-Message = 0x01df00061520
    Message-Authenticator = 0x00000000000000000000000000000000
    State = 0x5461582155be4de69d7e1d9fb9a69c26
Finished request 1.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.0.0.206 port 32768, id=45, length=377
    User-Name = "test"
    NAS-IP-Address = 192.168.16.254
    NAS-Port = 0
    Called-Station-Id = "20-AA-4B-56-5A-ED:PSP11_P2_AP2"
    Calling-Station-Id = "00-08-CA-F0-58-A8"
    Framed-MTU = 1400
    NAS-Port-Type = Wireless-802.11
    Connect-Info = "CONNECT 0Mbps 802.11b"
    EAP-Message = 0x02df00d7150016030100cc010000c80301a767c3fb2ea289e2dde55a5fe45c040428999b69d4ad3975e8604d258189240000005ac014c00a0039003800880087c00fc00500350084c012c00800160013c00dc003000ac013c00900330032009a009900450044c00ec004002f00960041c011c007c00cc002000500040015001200090014001100080006000300ff01000045000b000403000102000a00340032000e000d0019000b000c00180009000a00160017000800060007001400150004000500120013000100020003000f00100011000f000101
    State = 0x5461582155be4de69d7e1d9fb9a69c26
    Message-Authenticator = 0x1e4cfa092f01e2b4d73738cdbd0c580e
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "test", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 223 length 215
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/ttls
[eap] processing type ttls
[ttls] Authenticate
[ttls] processing EAP-TLS
[ttls] eaptls_verify returned 7 
[ttls] Done initial handshake
[ttls]     (other): before/accept initialization
[ttls]     TLS_accept: before/accept initialization
[ttls] <<< TLS 1.0 Handshake [length 00cc], ClientHello  
[ttls]     TLS_accept: SSLv3 read client hello A
[ttls] >>> TLS 1.0 Handshake [length 0036], ServerHello  
[ttls]     TLS_accept: SSLv3 write server hello A
[ttls] >>> TLS 1.0 Handshake [length 03b6], Certificate  
[ttls]     TLS_accept: SSLv3 write certificate A
[ttls] >>> TLS 1.0 Handshake [length 020d], ServerKeyExchange  
[ttls]     TLS_accept: SSLv3 write key exchange A
[ttls] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone  
[ttls]     TLS_accept: SSLv3 write server done A
[ttls]     TLS_accept: SSLv3 flush data
[ttls]     TLS_accept: Need to read more data: SSLv3 read client certificate A
In SSL Handshake Phase 
In SSL Accept mode  
[ttls] eaptls_process returned 13 
++[eap] returns handled
Sending Access-Challenge of id 45 to 10.0.0.206 port 32768
    EAP-Message = 0x01e0040015c000000611160301003602000032030154f567b6ac77e6f74912490a45227b8e75f00d2702e4aa480f0bb99c9d3b68fd00003900000aff01000100000f00010116030103b60b0003b20003af0003ac308203a830820290a003020102020102300d06092a864886f70d0101040500308196310b300906035504061302504c311e301c06035504081315436572747966696b61742d576946692d5053503131311530130603550407140c5374616c6f77615f576f6c61310e300c060355040a130550535031313120301e06092a864886f70d0109011611686f6d7a696b40696e74657269612e706c311e301c06035504031315436572747966
    EAP-Message = 0x696b61742057694669205053503131301e170d3134303131343132333730355a170d3234303131323132333730355a307f310b300906035504061302504c311e301c06035504081315436572747966696b61742d576946692d5053503131310e300c060355040a13055053503131311e301c06035504031315436572747966696b617420576946692050535031313120301e06092a864886f70d0109011611686f6d7a696b40696e74657269612e706c30820122300d06092a864886f70d01010105000382010f003082010a0282010100dfb385180d9f6345fea0e28afb9e5ef51a52a425d0c35033157eae105807a32b85d3432f76b46104dc11c533
    EAP-Message = 0x2be388b48aa9a661a4f6ecdf980a717013126dd07c939695e5aa3a7d49c43e8c403b0d2704a5ea1f40554fb35fbaa9b417190a2445a65b40ecff04556900910165f23f75e672ecafd2a05db64326df544f194d38a6c4dcd1ef19f04bad54e14b8aba863684cb396ba8cb18e5b934162a8dd3c2db8f7f1694255deaec30c130bb8e6b9f0ff43ba5a5cc7a0dbc5e3e2c87b92e6140978a5ef17a78c9a84598658ce1d06dbff02be022ddf783b7652a41bff307c3ad9f854a1274ce14fc414c7ace11127ba06d7da77cdc0699818a8647e6cb38d1e70203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d01
    EAP-Message = 0x01040500038201010061321c1e8b5296f360aabe4ccc29457dfbdc6782712a58da684db3ad172b405a206877025a311804444ef2bbb6715b3f1cf2d882f8dde48c508ccb21f34fd905ec8e1b426f378769a4a90f51a4cda4d756b44d3c11e2bb65713978d46589b0fe8ca8e5ce8df0c62b75fc72ff0bc2ed3a23882f2f9ae61d20d7669079be564d2d6fdf32e86e268eda173120432f46e29c13dbe8e558fae994bc231c12f654476ef41a2c6c11850513436978b3685ebbab54fe8ba62dbd9704530a71051c5f11af462a2f484c5e19fd0630dd96344b69adc6c8d41a03278dac3da0b437a5efdda1799365774d848d46ff268e6be93503ae918a3acf
    EAP-Message = 0x2e8a472b42a4e13392c8dfb4
    Message-Authenticator = 0x00000000000000000000000000000000
    State = 0x5461582156814de69d7e1d9fb9a69c26
Finished request 2.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.0.0.206 port 32768, id=46, length=168
    User-Name = "test"
    NAS-IP-Address = 192.168.16.254
    NAS-Port = 0
    Called-Station-Id = "20-AA-4B-56-5A-ED:PSP11_P2_AP2"
    Calling-Station-Id = "00-08-CA-F0-58-A8"
    Framed-MTU = 1400
    NAS-Port-Type = Wireless-802.11
    Connect-Info = "CONNECT 0Mbps 802.11b"
    EAP-Message = 0x02e000061500
    State = 0x5461582156814de69d7e1d9fb9a69c26
    Message-Authenticator = 0x94c76b706c31bad41c04763fae877d0d
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "test", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 224 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/ttls
[eap] processing type ttls
[ttls] Authenticate
[ttls] processing EAP-TLS
[ttls] Received TLS ACK
[ttls] ACK handshake fragment handler
[ttls] eaptls_verify returned 1 
[ttls] eaptls_process returned 13 
++[eap] returns handled
Sending Access-Challenge of id 46 to 10.0.0.206 port 32768
    EAP-Message = 0x01e10225158000000611160301020d0c0002090080942934eb00fec356de8db1dba6f40ff5018f3ada730814c086873e9253ce5e742c51a888a35bf7fe2dbd295134c6029c0ce3ef26ffe3eb8de122903493f2bf86c2bdded0b3791c6314a4b022337faa6309f17bc563e1cc27371cc8ea9f9aba938e1cb1e257cdc2a22b8af59ce0c738b8d172651e56d97553043ff0eec041120b000102008020760b1c65148ad81965c30c146ab1194af0ba0332cb9fdd2a2d9c4bffe903d631a4ec3f9cdfd991d78d4d479964442e6f3a4604ae1dd629bf1483045151d1549dcd3ad957383c72ace25d42613bfc6462b28690a8f0e3f7a517d757f65aff611ddcd6
    EAP-Message = 0x06ac60ec0757fac8b192c44a220047f2bfe4a1f97f5b18119885faaece01003a8bca32935d52553083e4f9faca2f0b3e1ce9a663a822e991c08bb52cdb4c20222f3f68cfeeb68933c1fbded8564422aba2d0e9595b60e0420d511a7ddb097358f754e481fbc24a0585f2dd3dff57492cf12325ca07d8387cd6a4e76f1194484163d4bf2e91c175552664b5f6f60967f41fcf8f9bc69da9fee13fd8a3079f0fa74ac670e4e1aea8fcfe035c22ab2604bb1e590da118c1df1ab47fad8e194736f8f06347aea039251870ce47bc66ead23c444f7372169a34ba72420b6b72c363a90ef5d4a626766b88a16a32260a36b005aff29048377564d9f9eb7fbaf9
    EAP-Message = 0xcaeb5ee820590ab4c25f0a72c184f288a7e1fdec42f27d6d5626c5baf67e884c613016030100040e000000
    Message-Authenticator = 0x00000000000000000000000000000000
    State = 0x5461582157804de69d7e1d9fb9a69c26
Finished request 3.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.0.0.206 port 32768, id=47, length=366
    User-Name = "test"
    NAS-IP-Address = 192.168.16.254
    NAS-Port = 0
    Called-Station-Id = "20-AA-4B-56-5A-ED:PSP11_P2_AP2"
    Calling-Station-Id = "00-08-CA-F0-58-A8"
    Framed-MTU = 1400
    NAS-Port-Type = Wireless-802.11
    Connect-Info = "CONNECT 0Mbps 802.11b"
    EAP-Message = 0x02e100cc1500160301008610000082008060fa33cee6ddae2a78ba93c95b3321672a0c9d18866c5c2c25d0223ac34f4ec68793a73db6a77c0a6a0663472750164ba75f350b79f35ac1beb9535aaa5dc83892bcf9e343ad67457cbaae83cb3f4820896295cff5a33db2c9c1e407ab62a51baa915cf0215a02955b80ae8a8f31d967159a77e53efaada09aab1e2ab8fed3ac1403010001011603010030c1bdfec187fc121bd2f308fea3b38a7a80a869f92c536b3993341d5fe6b889ba51fd07670d9dff613fd10bda92048e7f
    State = 0x5461582157804de69d7e1d9fb9a69c26
    Message-Authenticator = 0x67b6c3bf960f87f7306b47aef1c6a6ed
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "test", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 225 length 204
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/ttls
[eap] processing type ttls
[ttls] Authenticate
[ttls] processing EAP-TLS
[ttls] eaptls_verify returned 7 
[ttls] Done initial handshake
[ttls] <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange  
[ttls]     TLS_accept: SSLv3 read client key exchange A
[ttls] <<< TLS 1.0 ChangeCipherSpec [length 0001]  
[ttls] <<< TLS 1.0 Handshake [length 0010], Finished  
[ttls]     TLS_accept: SSLv3 read finished A
[ttls] >>> TLS 1.0 ChangeCipherSpec [length 0001]  
[ttls]     TLS_accept: SSLv3 write change cipher spec A
[ttls] >>> TLS 1.0 Handshake [length 0010], Finished  
[ttls]     TLS_accept: SSLv3 write finished A
[ttls]     TLS_accept: SSLv3 flush data
[ttls]     (other): SSL negotiation finished successfully
SSL Connection Established 
[ttls] eaptls_process returned 13 
++[eap] returns handled
Sending Access-Challenge of id 47 to 10.0.0.206 port 32768
    EAP-Message = 0x01e2004515800000003b1403010001011603010030e3d5e84f05eceb2c634252cec788bdd2d91a75d932f8fde1fabe073a44de4edff26ea495154af636eab7823b9f282a4e
    Message-Authenticator = 0x00000000000000000000000000000000
    State = 0x5461582150834de69d7e1d9fb9a69c26
Finished request 4.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.0.0.206 port 32768, id=48, length=338
    User-Name = "test"
    NAS-IP-Address = 192.168.16.254
    NAS-Port = 0
    Called-Station-Id = "20-AA-4B-56-5A-ED:PSP11_P2_AP2"
    Calling-Station-Id = "00-08-CA-F0-58-A8"
    Framed-MTU = 1400
    NAS-Port-Type = Wireless-802.11
    Connect-Info = "CONNECT 0Mbps 802.11b"
    EAP-Message = 0x02e200b015001703010020431c4e7f4fbccdcc7256a7cabd62ba392adf736548884e0d11d3d819438ee1dc1703010080e2401faeeaf2c6768e80bad6c970ca9e696607f39ce683b109bce688f2fdda6d10e1a0cec9e8d0f76ce4c6bdedc36d53dabec6cde74645955adec0549ae33b643efa7908b82a7177b2c9fb02260b500c7bbe2ce8deb0472cc4341913fd64a4f78ecf2316649158b61c4b4c253b4f057e77d7bb9bbc6cad3676eaeed332db5322
    State = 0x5461582150834de69d7e1d9fb9a69c26
    Message-Authenticator = 0x928e1543b78a54d7a50ca1d1e3fca088
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "test", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 226 length 176
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/ttls
[eap] processing type ttls
[ttls] Authenticate
[ttls] processing EAP-TLS
[ttls] eaptls_verify returned 7 
[ttls] Done initial handshake
[ttls] eaptls_process returned 7 
[ttls] Session established.  Proceeding to decode tunneled attributes.
[ttls] Got tunneled request
    User-Name = "test"
    MS-CHAP-Challenge = 0xa1ffa198b5653a0a7287ffb4fc420504
    MS-CHAP2-Response = 0xd400dc17f515d06ec68cdb7a07f33478705e0000000000000000a2f0ad1b7c80fabe22cb54aeb15193b2d32a74c018250fe5
    FreeRADIUS-Proxied-To = 127.0.0.1
[ttls] Sending tunneled request
    User-Name = "test"
    MS-CHAP-Challenge = 0xa1ffa198b5653a0a7287ffb4fc420504
    MS-CHAP2-Response = 0xd400dc17f515d06ec68cdb7a07f33478705e0000000000000000a2f0ad1b7c80fabe22cb54aeb15193b2d32a74c018250fe5
    FreeRADIUS-Proxied-To = 127.0.0.1
server inner-tunnel {
# Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
+- entering group authorize {...}
++[chap] returns noop
[mschap] Found MS-CHAP attributes.  Setting 'Auth-Type  = mschap'
++[mschap] returns ok
[suffix] No '@' in User-Name = "test", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[control] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[files] users: Matched entry test at line 97
[files]     expand: Hello, %{User-Name} -> Hello, test
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING: Auth-Type already set.  Not setting to PAP
++[pap] returns noop
Found Auth-Type = MSCHAP
# Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
+- entering group MS-CHAP {...}
[mschap] Creating challenge hash with username: test
[mschap] Told to do MS-CHAPv2 for test with NT-Password
[mschap] adding MS-CHAPv2 MPPE keys
++[mschap] returns ok
# Executing section session from file /etc/freeradius/sites-enabled/inner-tunnel
+- entering group session {...}
[radutmp]     expand: /var/log/freeradius/radutmp -> /var/log/freeradius/radutmp
++[radutmp] returns ok
  WARNING: Empty post-auth section.  Using default return values.
# Executing section post-auth from file /etc/freeradius/sites-enabled/inner-tunnel
} # server inner-tunnel
[ttls] Got tunneled reply code 2
    Reply-Message = "Hello, test"
    MS-CHAP2-Success = 0xd4533d35314632423344354533393732303933463034464337383437433632393631364638334144463430
    MS-MPPE-Recv-Key = 0xa796181b1b14f883e24f8d3c8d3d239a
    MS-MPPE-Send-Key = 0x07c3304e5fd65f46237e75e6b21fd855
    MS-MPPE-Encryption-Policy = 0x00000001
    MS-MPPE-Encryption-Types = 0x00000006
[ttls] Got tunneled Access-Accept
[ttls] Got MS-CHAP2-Success, tunneling it to the client in a challenge.
++[eap] returns handled
Sending Access-Challenge of id 48 to 10.0.0.206 port 32768
    EAP-Message = 0x01e3005f158000000055170301005068366ded9763de431fd6fa8a9a802f8c47ad01d7b2b4324883d59702b5ec22caea2da0b51213abc0890435c076888d367c25337e618ce011d52a5583dc2b12ab1130ef99d08ba8c4f4f9bba3a7e6a599
    Message-Authenticator = 0x00000000000000000000000000000000
    State = 0x5461582151824de69d7e1d9fb9a69c26
Finished request 5.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.0.0.206 port 32768, id=49, length=168
    User-Name = "test"
    NAS-IP-Address = 192.168.16.254
    NAS-Port = 0
    Called-Station-Id = "20-AA-4B-56-5A-ED:PSP11_P2_AP2"
    Calling-Station-Id = "00-08-CA-F0-58-A8"
    Framed-MTU = 1400
    NAS-Port-Type = Wireless-802.11
    Connect-Info = "CONNECT 0Mbps 802.11b"
    EAP-Message = 0x02e300061500
    State = 0x5461582151824de69d7e1d9fb9a69c26
    Message-Authenticator = 0x2525ffb25ea3c31bc61716d634b42619
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "test", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 227 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/ttls
[eap] processing type ttls
[ttls] Authenticate
[ttls] processing EAP-TLS
[ttls] Received TLS ACK
[ttls] ACK handshake is finished
[ttls] eaptls_verify returned 3 
[ttls] eaptls_process returned 3 
[ttls] Using saved attributes from the original Access-Accept
[eap] Freeing handler
++[eap] returns ok
# Executing section post-auth from file /etc/freeradius/sites-enabled/default
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 49 to 10.0.0.206 port 32768
    MS-MPPE-Recv-Key = 0xcbb08bd401b1a0f8cb3b52459b0367e5a3b8c10dd74050bbfc03aae928b97b69
    MS-MPPE-Send-Key = 0x73144c38b3c266ece2ac00f22e3cbe28e195276e05261ed8c7c3426f1b5a9cc3
    EAP-Message = 0x03e30004
    Message-Authenticator = 0x00000000000000000000000000000000
    User-Name = "test"
Finished request 6.
Going to the next request
Waking up in 4.8 seconds.
Cleaning up request 0 ID 43 with timestamp +47
Cleaning up request 1 ID 44 with timestamp +47
Cleaning up request 2 ID 45 with timestamp +47
Cleaning up request 3 ID 46 with timestamp +47
Cleaning up request 4 ID 47 with timestamp +47
Cleaning up request 5 ID 48 with timestamp +47
Cleaning up request 6 ID 49 with timestamp +47
Ready to process requests

Proszę o sugestie.
Pozdrawiam

Offline

 

Stopka forum

Powered by PunBB
© Copyright 2002–2005 Rickard Andersson
Możesz wyłączyć AdBlock — tu nie ma reklam ;-)

[ Generated in 0.008 seconds, 11 queries executed ]

Informacje debugowania

Time (s) Query
0.00011 SET CHARSET latin2
0.00004 SET NAMES latin2
0.00094 SELECT u.*, g.*, o.logged FROM punbb_users AS u INNER JOIN punbb_groups AS g ON u.group_id=g.g_id LEFT JOIN punbb_online AS o ON o.ident='13.58.188.166' WHERE u.id=1
0.00056 REPLACE INTO punbb_online (user_id, ident, logged) VALUES(1, '13.58.188.166', 1732811585)
0.00052 SELECT * FROM punbb_online WHERE logged<1732811285
0.00033 SELECT topic_id FROM punbb_posts WHERE id=283948
0.00069 SELECT id FROM punbb_posts WHERE topic_id=27108 ORDER BY posted
0.00055 SELECT t.subject, t.closed, t.num_replies, t.sticky, f.id AS forum_id, f.forum_name, f.moderators, fp.post_replies, 0 FROM punbb_topics AS t INNER JOIN punbb_forums AS f ON f.id=t.forum_id LEFT JOIN punbb_forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id=3) WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id=27108 AND t.moved_to IS NULL
0.00005 SELECT search_for, replace_with FROM punbb_censoring
0.00150 SELECT u.email, u.title, u.url, u.location, u.use_avatar, u.signature, u.email_setting, u.num_posts, u.registered, u.admin_note, p.id, p.poster AS username, p.poster_id, p.poster_ip, p.poster_email, p.message, p.hide_smilies, p.posted, p.edited, p.edited_by, g.g_id, g.g_user_title, o.user_id AS is_online FROM punbb_posts AS p INNER JOIN punbb_users AS u ON u.id=p.poster_id INNER JOIN punbb_groups AS g ON g.g_id=u.group_id LEFT JOIN punbb_online AS o ON (o.user_id=u.id AND o.user_id!=1 AND o.idle=0) WHERE p.topic_id=27108 ORDER BY p.id LIMIT 0,25
0.00088 UPDATE punbb_topics SET num_views=num_views+1 WHERE id=27108
Total query time: 0.00617 s