The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

форумы
правила/FAQ
поиск
регистрация
вход
слежка
RSS


Индекс форумов
Составление сообщения

Исходное сообщение
"freeradius dot1x dynamic vlan assignment"
Отправлено Kovrevskii, 07-Дек-22 12:57 
(7) Received Access-Request Id 5 from 10.8.150.118:1645 to 10.70.42.77:1645 length 281
(7)   User-Name = "host/WNAMTest.stand.ru"
(7)   Service-Type = Framed-User
(7)   Framed-MTU = 1504
(7)   Called-Station-Id = "00-17-E0-1C-15-87"
(7)   Calling-Station-Id = "00-E0-4C-31-0E-67"
(7)   EAP-Message = 0x0208007019001703030065000000000000000291ebbab1487f9c926b4c65fcadf4b6326ce17fc7ebb89a2a1a2682a48bfbc712b1fac98d617edb7965d3a64ada1db96804aea60b3741c85d5e0f7e68ca0f3581be104e79d3f916ad3a2ed8b7f23d05f4f1dd5e98cfa41d0822b087b016
(7)   Message-Authenticator = 0x97bb4e8bd14ce6352ab0262027368166
(7)   NAS-Port-Type = Ethernet
(7)   NAS-Port = 50005
(7)   NAS-Port-Id = "FastEthernet0/5"
(7)   State = 0x8e11447888195d5aaaf63b261b53a370
(7)   NAS-IP-Address = 10.8.150.118
(7) Restoring &session-state
(7)   &session-state:TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(7)   &session-state:TLS-Session-Version = "TLS 1.2"
(7) # Executing section authorize from file /etc/raddb/sites-enabled/inner-tunnel
(7)   authorize {
(7)     policy filter_username {
(7)       if (&User-Name) {
(7)       if (&User-Name)  -> TRUE
(7)       if (&User-Name)  {
(7)         if (&User-Name =~ / /) {
(7)         if (&User-Name =~ / /)  -> FALSE
(7)         if (&User-Name =~ /@[^@]*@/ ) {
(7)         if (&User-Name =~ /@[^@]*@/ )  -> FALSE
(7)         if (&User-Name =~ /\.\./ ) {
(7)         if (&User-Name =~ /\.\./ )  -> FALSE
(7)         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))  {
(7)         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))   -> FALSE
(7)         if (&User-Name =~ /\.$/)  {
(7)         if (&User-Name =~ /\.$/)   -> FALSE
(7)         if (&User-Name =~ /@\./)  {
(7)         if (&User-Name =~ /@\./)   -> FALSE
(7)       } # if (&User-Name)  = notfound
(7)     } # policy filter_username = notfound
(7)     [chap] = noop
(7)     [mschap] = noop
(7) suffix: Checking for suffix after "@"
(7) suffix: No '@' in User-Name = "host/WNAMTest.stand.ru", looking up realm NULL
(7) suffix: No such realm "NULL"
(7)     [suffix] = noop
(7)     update control {
(7)       &Proxy-To-Realm := LOCAL
(7)     } # update control = noop
(7) eap: Peer sent EAP Response (code 2) ID 8 length 112
(7) eap: Continuing tunnel setup
(7)     [eap] = ok
(7)   } # authorize = ok
(7) Found Auth-Type = eap
(7) # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(7)   authenticate {
(7) eap: Expiring EAP session with state 0x80bfe1b680b7fb9c
(7) eap: Finished EAP session with state 0x8e11447888195d5a
(7) eap: Previous EAP request found for state 0x8e11447888195d5a, released from the list
(7) eap: Peer sent packet with method EAP PEAP (25)
(7) eap: Calling submodule eap_peap to process data
(7) eap_peap: Continuing EAP-TLS
(7) eap_peap: [eaptls verify] = ok
(7) eap_peap: Done initial handshake
(7) eap_peap: [eaptls process] = ok
(7) eap_peap: Session established.  Decoding tunneled attributes
(7) eap_peap: PEAP state phase2
(7) eap_peap: EAP method MSCHAPv2 (26)
(7) eap_peap: Got tunneled request
(7) eap_peap:   EAP-Message = 0x020800511a0208004c31a07a106f14b5a62cb6ecdc05ac5f18e30000000000000000ae7e258e4232de145bf4036973ba5257eccfddfc3a01a93e00686f73742f574e414d546573742e7374616e642e7275
(7) eap_peap: Setting User-Name to host/WNAMTest.stand.ru
(7) eap_peap: Sending tunneled request to inner-tunnel
(7) eap_peap:   EAP-Message = 0x020800511a0208004c31a07a106f14b5a62cb6ecdc05ac5f18e30000000000000000ae7e258e4232de145bf4036973ba5257eccfddfc3a01a93e00686f73742f574e414d546573742e7374616e642e7275
(7) eap_peap:   FreeRADIUS-Proxied-To = 127.0.0.1
(7) eap_peap:   User-Name = "host/WNAMTest.stand.ru"
(7) eap_peap:   State = 0x80bfe1b680b7fb9c548551106d70804b
(7) Virtual server inner-tunnel received request
(7)   EAP-Message = 0x020800511a0208004c31a07a106f14b5a62cb6ecdc05ac5f18e30000000000000000ae7e258e4232de145bf4036973ba5257eccfddfc3a01a93e00686f73742f574e414d546573742e7374616e642e7275
(7)   FreeRADIUS-Proxied-To = 127.0.0.1
(7)   User-Name = "host/WNAMTest.stand.ru"
(7)   State = 0x80bfe1b680b7fb9c548551106d70804b
(7) WARNING: Outer and inner identities are the same.  User privacy is compromised.
(7) server inner-tunnel {
(7)   session-state: No cached attributes
(7)   # Executing section authorize from file /etc/raddb/sites-enabled/inner-tunnel
(7)     authorize {
(7)       policy filter_username {
(7)         if (&User-Name) {
(7)         if (&User-Name)  -> TRUE
(7)         if (&User-Name)  {
(7)           if (&User-Name =~ / /) {
(7)           if (&User-Name =~ / /)  -> FALSE
(7)           if (&User-Name =~ /@[^@]*@/ ) {
(7)           if (&User-Name =~ /@[^@]*@/ )  -> FALSE
(7)           if (&User-Name =~ /\.\./ ) {
(7)           if (&User-Name =~ /\.\./ )  -> FALSE
(7)           if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))  {
(7)           if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))   -> FALSE
(7)           if (&User-Name =~ /\.$/)  {
(7)           if (&User-Name =~ /\.$/)   -> FALSE
(7)           if (&User-Name =~ /@\./)  {
(7)           if (&User-Name =~ /@\./)   -> FALSE
(7)         } # if (&User-Name)  = notfound
(7)       } # policy filter_username = notfound
(7)       [chap] = noop
(7)       [mschap] = noop
(7) suffix: Checking for suffix after "@"
(7) suffix: No '@' in User-Name = "host/WNAMTest.stand.ru", looking up realm NULL
(7) suffix: No such realm "NULL"
(7)       [suffix] = noop
(7)       update control {
(7)         &Proxy-To-Realm := LOCAL
(7)       } # update control = noop
(7) eap: Peer sent EAP Response (code 2) ID 8 length 81
(7) eap: No EAP Start, assuming it's an on-going EAP conversation
(7)       [eap] = updated
(7)       [files] = noop
(7)       [expiration] = noop
(7)       [logintime] = noop
(7)       [pap] = noop
(7)     } # authorize = updated
(7)   Found Auth-Type = eap
(7)   # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(7)     authenticate {
(7) eap: Expiring EAP session with state 0x80bfe1b680b7fb9c
(7) eap: Finished EAP session with state 0x80bfe1b680b7fb9c
(7) eap: Previous EAP request found for state 0x80bfe1b680b7fb9c, released from the list
(7) eap: Peer sent packet with method EAP MSCHAPv2 (26)
(7) eap: Calling submodule eap_mschapv2 to process data
(7) eap_mschapv2: # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(7) eap_mschapv2:   authenticate {
(7) mschap: Creating challenge hash with username: host/WNAMTest.stand.ru
(7) mschap: Client is using MS-CHAPv2
(7) mschap: Executing: /usr/bin/ntlm_auth --request-nt-key --allow-mschapv2 --username=%{mschap:User-Name:-None} --domain=%{%{mschap:NT-Domain}:-STAND} --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}:
(7) mschap: EXPAND --username=%{mschap:User-Name:-None}
(7) mschap:    --> --username=WNAMTest$
(7) mschap: EXPAND --domain=%{%{mschap:NT-Domain}:-STAND}
(7) mschap:    --> --domain=stand
(7) mschap: Creating challenge hash with username: host/WNAMTest.stand.ru
(7) mschap: EXPAND --challenge=%{mschap:Challenge:-00}
(7) mschap:    --> --challenge=d858ed797e668361
(7) mschap: EXPAND --nt-response=%{mschap:NT-Response:-00}
(7) mschap:    --> --nt-response=ae7e258e4232de145bf4036973ba5257eccfddfc3a01a93e
added interface ens192 ip=10.70.42.77 bcast=10.70.42.255 netmask=255.255.255.0
added interface ens192 ip=10.70.42.77 bcast=10.70.42.255 netmask=255.255.255.0
added interface ens192 ip=10.70.42.77 bcast=10.70.42.255 netmask=255.255.255.0
(7) mschap: Program returned code (0) and output 'NT_KEY: 7720EA15121870B72DB8AEC247827D5B'
(7) mschap: Adding MS-CHAPv2 MPPE keys
(7) eap_mschapv2:     [mschap] = ok
(7) eap_mschapv2:   } # authenticate = ok
(7) eap_mschapv2: MSCHAP Success
(7) eap: Sending EAP Request (code 1) ID 9 length 51
(7) eap: EAP session adding &reply:State = 0x80bfe1b681b6fb9c
(7)       [eap] = handled
(7)     } # authenticate = handled
(7) } # server inner-tunnel
(7) Virtual server sending reply
(7)   EAP-Message = 0x010900331a0308002e533d44314232383535354646394633443139353244354646323241464439334642423744433431454443
(7)   Message-Authenticator = 0x00000000000000000000000000000000
(7)   State = 0x80bfe1b681b6fb9c548551106d70804b
(7) eap_peap: Got tunneled reply code 11
(7) eap_peap:   EAP-Message = 0x010900331a0308002e533d44314232383535354646394633443139353244354646323241464439334642423744433431454443
(7) eap_peap:   Message-Authenticator = 0x00000000000000000000000000000000
(7) eap_peap:   State = 0x80bfe1b681b6fb9c548551106d70804b
(7) eap_peap: Got tunneled reply RADIUS code 11
(7) eap_peap:   EAP-Message = 0x010900331a0308002e533d44314232383535354646394633443139353244354646323241464439334642423744433431454443
(7) eap_peap:   Message-Authenticator = 0x00000000000000000000000000000000
(7) eap_peap:   State = 0x80bfe1b681b6fb9c548551106d70804b
(7) eap_peap: Got tunneled Access-Challenge
(7) eap: Sending EAP Request (code 1) ID 9 length 82
(7) eap: EAP session adding &reply:State = 0x8e11447889185d5a
(7)     [eap] = handled
(7)   } # authenticate = handled
(7) Using Post-Auth-Type Challenge
(7) Post-Auth-Type sub-section not found.  Ignoring.
(7) # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(7) session-state: Saving cached attributes
(7)   TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(7)   TLS-Session-Version = "TLS 1.2"
(7) Sent Access-Challenge Id 5 from 10.70.42.77:1645 to 10.8.150.118:1645 length 0
(7)   EAP-Message = 0x01090052190017030300479251a406bf3dbfb3166d1b07af90422c9dbb30f717afcdb2ae4171be6c905619e570bc3dc857a60fea9d389487fd3ab7176e072cc2d7605a273cffb73134a07fc8807300df4c67
(7)   Message-Authenticator = 0x00000000000000000000000000000000
(7)   State = 0x8e11447889185d5aaaf63b261b53a370
(7) Finished request
Waking up in 2.6 seconds.
(8) Received Access-Request Id 6 from 10.8.150.118:1645 to 10.70.42.77:1645 length 206
(8)   User-Name = "host/WNAMTest.stand.ru"
(8)   Service-Type = Framed-User
(8)   Framed-MTU = 1504
(8)   Called-Station-Id = "00-17-E0-1C-15-87"
(8)   Calling-Station-Id = "00-E0-4C-31-0E-67"
(8)   EAP-Message = 0x020900251900170303001a000000000000000378eec0b094f6e356c114d3636da01d0302c8
(8)   Message-Authenticator = 0xe7e52adeeb798f38bd7c85806f6088a1
(8)   NAS-Port-Type = Ethernet
(8)   NAS-Port = 50005
(8)   NAS-Port-Id = "FastEthernet0/5"
(8)   State = 0x8e11447889185d5aaaf63b261b53a370
(8)   NAS-IP-Address = 10.8.150.118
(8) Restoring &session-state
(8)   &session-state:TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(8)   &session-state:TLS-Session-Version = "TLS 1.2"
(8) # Executing section authorize from file /etc/raddb/sites-enabled/inner-tunnel
(8)   authorize {
(8)     policy filter_username {
(8)       if (&User-Name) {
(8)       if (&User-Name)  -> TRUE
(8)       if (&User-Name)  {
(8)         if (&User-Name =~ / /) {
(8)         if (&User-Name =~ / /)  -> FALSE
(8)         if (&User-Name =~ /@[^@]*@/ ) {
(8)         if (&User-Name =~ /@[^@]*@/ )  -> FALSE
(8)         if (&User-Name =~ /\.\./ ) {
(8)         if (&User-Name =~ /\.\./ )  -> FALSE
(8)         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))  {
(8)         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))   -> FALSE
(8)         if (&User-Name =~ /\.$/)  {
(8)         if (&User-Name =~ /\.$/)   -> FALSE
(8)         if (&User-Name =~ /@\./)  {
(8)         if (&User-Name =~ /@\./)   -> FALSE
(8)       } # if (&User-Name)  = notfound
(8)     } # policy filter_username = notfound
(8)     [chap] = noop
(8)     [mschap] = noop
(8) suffix: Checking for suffix after "@"
(8) suffix: No '@' in User-Name = "host/WNAMTest.stand.ru", looking up realm NULL
(8) suffix: No such realm "NULL"
(8)     [suffix] = noop
(8)     update control {
(8)       &Proxy-To-Realm := LOCAL
(8)     } # update control = noop
(8) eap: Peer sent EAP Response (code 2) ID 9 length 37
(8) eap: Continuing tunnel setup
(8)     [eap] = ok
(8)   } # authorize = ok
(8) Found Auth-Type = eap
(8) # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(8)   authenticate {
(8) eap: Expiring EAP session with state 0x80bfe1b681b6fb9c
(8) eap: Finished EAP session with state 0x8e11447889185d5a
(8) eap: Previous EAP request found for state 0x8e11447889185d5a, released from the list
(8) eap: Peer sent packet with method EAP PEAP (25)
(8) eap: Calling submodule eap_peap to process data
(8) eap_peap: Continuing EAP-TLS
(8) eap_peap: [eaptls verify] = ok
(8) eap_peap: Done initial handshake
(8) eap_peap: [eaptls process] = ok
(8) eap_peap: Session established.  Decoding tunneled attributes
(8) eap_peap: PEAP state phase2
(8) eap_peap: EAP method MSCHAPv2 (26)
(8) eap_peap: Got tunneled request
(8) eap_peap:   EAP-Message = 0x020900061a03
(8) eap_peap: Setting User-Name to host/WNAMTest.stand.ru
(8) eap_peap: Sending tunneled request to inner-tunnel
(8) eap_peap:   EAP-Message = 0x020900061a03
(8) eap_peap:   FreeRADIUS-Proxied-To = 127.0.0.1
(8) eap_peap:   User-Name = "host/WNAMTest.stand.ru"
(8) eap_peap:   State = 0x80bfe1b681b6fb9c548551106d70804b
(8) Virtual server inner-tunnel received request
(8)   EAP-Message = 0x020900061a03
(8)   FreeRADIUS-Proxied-To = 127.0.0.1
(8)   User-Name = "host/WNAMTest.stand.ru"
(8)   State = 0x80bfe1b681b6fb9c548551106d70804b
(8) WARNING: Outer and inner identities are the same.  User privacy is compromised.
(8) server inner-tunnel {
(8)   session-state: No cached attributes
(8)   # Executing section authorize from file /etc/raddb/sites-enabled/inner-tunnel
(8)     authorize {
(8)       policy filter_username {
(8)         if (&User-Name) {
(8)         if (&User-Name)  -> TRUE
(8)         if (&User-Name)  {
(8)           if (&User-Name =~ / /) {
(8)           if (&User-Name =~ / /)  -> FALSE
(8)           if (&User-Name =~ /@[^@]*@/ ) {
(8)           if (&User-Name =~ /@[^@]*@/ )  -> FALSE
(8)           if (&User-Name =~ /\.\./ ) {
(8)           if (&User-Name =~ /\.\./ )  -> FALSE
(8)           if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))  {
(8)           if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))   -> FALSE
(8)           if (&User-Name =~ /\.$/)  {
(8)           if (&User-Name =~ /\.$/)   -> FALSE
(8)           if (&User-Name =~ /@\./)  {
(8)           if (&User-Name =~ /@\./)   -> FALSE
(8)         } # if (&User-Name)  = notfound
(8)       } # policy filter_username = notfound
(8)       [chap] = noop
(8)       [mschap] = noop
(8) suffix: Checking for suffix after "@"
(8) suffix: No '@' in User-Name = "host/WNAMTest.stand.ru", looking up realm NULL
(8) suffix: No such realm "NULL"
(8)       [suffix] = noop
(8)       update control {
(8)         &Proxy-To-Realm := LOCAL
(8)       } # update control = noop
(8) eap: Peer sent EAP Response (code 2) ID 9 length 6
(8) eap: No EAP Start, assuming it's an on-going EAP conversation
(8)       [eap] = updated
(8)       [files] = noop
(8)       [expiration] = noop
(8)       [logintime] = noop
(8)       [pap] = noop
(8)     } # authorize = updated
(8)   Found Auth-Type = eap
(8)   # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(8)     authenticate {
(8) eap: Expiring EAP session with state 0x80bfe1b681b6fb9c
(8) eap: Finished EAP session with state 0x80bfe1b681b6fb9c
(8) eap: Previous EAP request found for state 0x80bfe1b681b6fb9c, released from the list
(8) eap: Peer sent packet with method EAP MSCHAPv2 (26)
(8) eap: Calling submodule eap_mschapv2 to process data
(8) eap: Sending EAP Success (code 3) ID 9 length 4
(8) eap: Freeing handler
(8)       [eap] = ok
(8)     } # authenticate = ok
(8)   # Executing section post-auth from file /etc/raddb/sites-enabled/inner-tunnel
(8)     post-auth {
(8)       if (0) {
(8)       if (0)  -> FALSE
(8)     } # post-auth = noop
(8) } # server inner-tunnel
(8) Virtual server sending reply
(8)   MS-MPPE-Encryption-Policy = Encryption-Required
(8)   MS-MPPE-Encryption-Types = 4
(8)   MS-MPPE-Send-Key = 0xe444906440d09dcefe30e65f8a455ffe
(8)   MS-MPPE-Recv-Key = 0xdf0ca8f806b3a21c299fcfc99f87791b
(8)   EAP-Message = 0x03090004
(8)   Message-Authenticator = 0x00000000000000000000000000000000
(8)   User-Name = "host/WNAMTest.stand.ru"
(8) eap_peap: Got tunneled reply code 2
(8) eap_peap:   MS-MPPE-Encryption-Policy = Encryption-Required
(8) eap_peap:   MS-MPPE-Encryption-Types = 4
(8) eap_peap:   MS-MPPE-Send-Key = 0xe444906440d09dcefe30e65f8a455ffe
(8) eap_peap:   MS-MPPE-Recv-Key = 0xdf0ca8f806b3a21c299fcfc99f87791b
(8) eap_peap:   EAP-Message = 0x03090004
(8) eap_peap:   Message-Authenticator = 0x00000000000000000000000000000000
(8) eap_peap:   User-Name = "host/WNAMTest.stand.ru"
(8) eap_peap: Got tunneled reply RADIUS code 2
(8) eap_peap:   MS-MPPE-Encryption-Policy = Encryption-Required
(8) eap_peap:   MS-MPPE-Encryption-Types = 4
(8) eap_peap:   MS-MPPE-Send-Key = 0xe444906440d09dcefe30e65f8a455ffe
(8) eap_peap:   MS-MPPE-Recv-Key = 0xdf0ca8f806b3a21c299fcfc99f87791b
(8) eap_peap:   EAP-Message = 0x03090004
(8) eap_peap:   Message-Authenticator = 0x00000000000000000000000000000000
(8) eap_peap:   User-Name = "host/WNAMTest.stand.ru"
(8) eap_peap: Tunneled authentication was successful
(8) eap_peap: SUCCESS
(8) eap_peap: Saving tunneled attributes for later
(8) eap: Sending EAP Request (code 1) ID 10 length 46
(8) eap: EAP session adding &reply:State = 0x8e114478861b5d5a
(8)     [eap] = handled
(8)   } # authenticate = handled
(8) Using Post-Auth-Type Challenge
(8) Post-Auth-Type sub-section not found.  Ignoring.
(8) # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(8) session-state: Saving cached attributes
(8)   TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(8)   TLS-Session-Version = "TLS 1.2"
(8) Sent Access-Challenge Id 6 from 10.70.42.77:1645 to 10.8.150.118:1645 length 0
(8)   EAP-Message = 0x010a002e190017030300239251a406bf3dbfb461f9265352132b6168ac7357152cb9b634037994ebe332a9110348
(8)   Message-Authenticator = 0x00000000000000000000000000000000
(8)   State = 0x8e114478861b5d5aaaf63b261b53a370
(8) Finished request
Waking up in 1.1 seconds.
(9) Received Access-Request Id 7 from 10.8.150.118:1645 to 10.70.42.77:1645 length 215
(9)   User-Name = "host/WNAMTest.stand.ru"
(9)   Service-Type = Framed-User
(9)   Framed-MTU = 1504
(9)   Called-Station-Id = "00-17-E0-1C-15-87"
(9)   Calling-Station-Id = "00-E0-4C-31-0E-67"
(9)   EAP-Message = 0x020a002e190017030300230000000000000004927ddd170135351a86f47838145a40afaf72f135003b599166820a
(9)   Message-Authenticator = 0x341162108426d80f1a33e359b5f4e4ec
(9)   NAS-Port-Type = Ethernet
(9)   NAS-Port = 50005
(9)   NAS-Port-Id = "FastEthernet0/5"
(9)   State = 0x8e114478861b5d5aaaf63b261b53a370
(9)   NAS-IP-Address = 10.8.150.118
(9) Restoring &session-state
(9)   &session-state:TLS-Session-Cipher-Suite = "ECDHE-RSA-AES256-GCM-SHA384"
(9)   &session-state:TLS-Session-Version = "TLS 1.2"
(9) # Executing section authorize from file /etc/raddb/sites-enabled/inner-tunnel
(9)   authorize {
(9)     policy filter_username {
(9)       if (&User-Name) {
(9)       if (&User-Name)  -> TRUE
(9)       if (&User-Name)  {
(9)         if (&User-Name =~ / /) {
(9)         if (&User-Name =~ / /)  -> FALSE
(9)         if (&User-Name =~ /@[^@]*@/ ) {
(9)         if (&User-Name =~ /@[^@]*@/ )  -> FALSE
(9)         if (&User-Name =~ /\.\./ ) {
(9)         if (&User-Name =~ /\.\./ )  -> FALSE
(9)         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))  {
(9)         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))   -> FALSE
(9)         if (&User-Name =~ /\.$/)  {
(9)         if (&User-Name =~ /\.$/)   -> FALSE
(9)         if (&User-Name =~ /@\./)  {
(9)         if (&User-Name =~ /@\./)   -> FALSE
(9)       } # if (&User-Name)  = notfound
(9)     } # policy filter_username = notfound
(9)     [chap] = noop
(9)     [mschap] = noop
(9) suffix: Checking for suffix after "@"
(9) suffix: No '@' in User-Name = "host/WNAMTest.stand.ru", looking up realm NULL
(9) suffix: No such realm "NULL"
(9)     [suffix] = noop
(9)     update control {
(9)       &Proxy-To-Realm := LOCAL
(9)     } # update control = noop
(9) eap: Peer sent EAP Response (code 2) ID 10 length 46
(9) eap: Continuing tunnel setup
(9)     [eap] = ok
(9)   } # authorize = ok
(9) Found Auth-Type = eap
(9) # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
(9)   authenticate {
(9) eap: Expiring EAP session with state 0x8e114478861b5d5a
(9) eap: Finished EAP session with state 0x8e114478861b5d5a
(9) eap: Previous EAP request found for state 0x8e114478861b5d5a, released from the list
(9) eap: Peer sent packet with method EAP PEAP (25)
(9) eap: Calling submodule eap_peap to process data
(9) eap_peap: Continuing EAP-TLS
(9) eap_peap: [eaptls verify] = ok
(9) eap_peap: Done initial handshake
(9) eap_peap: [eaptls process] = ok
(9) eap_peap: Session established.  Decoding tunneled attributes
(9) eap_peap: PEAP state send tlv success
(9) eap_peap: Received EAP-TLV response
(9) eap_peap: Success
(9) eap_peap: Using saved attributes from the original Access-Accept
(9) eap_peap:   User-Name = "host/WNAMTest.stand.ru"
(9) eap: Sending EAP Success (code 3) ID 10 length 4
(9) eap: Freeing handler
(9)     [eap] = ok
(9)   } # authenticate = ok
(9) # Executing section post-auth from file /etc/raddb/sites-enabled/inner-tunnel
(9)   post-auth {
(9)     if (0) {
(9)     if (0)  -> FALSE
(9)   } # post-auth = noop
(9) Sent Access-Accept Id 7 from 10.70.42.77:1645 to 10.8.150.118:1645 length 0
(9)   User-Name = "host/WNAMTest.stand.ru"
(9)   MS-MPPE-Recv-Key = 0xaca43fa253ab9317739a3fb461cbcbe7135a0e64c859ba294d13521ab23900e5
(9)   MS-MPPE-Send-Key = 0x7a13c3ceca352d8324a687be674add16c6b032682308cfc6859ea2974fe41e3e
(9)   EAP-Message = 0x030a0004
(9)   Message-Authenticator = 0x00000000000000000000000000000000
(9) Finished request
Waking up in 0.2 seconds.
(0) Cleaning up request packet ID 254 with timestamp +286
(1) Cleaning up request packet ID 255 with timestamp +286
(2) Cleaning up request packet ID 0 with timestamp +286
(3) Cleaning up request packet ID 1 with timestamp +286
(4) Cleaning up request packet ID 2 with timestamp +286
(5) Cleaning up request packet ID 3 with timestamp +286
Waking up in 0.4 seconds.
(6) Cleaning up request packet ID 4 with timestamp +286
Waking up in 1.7 seconds.
(7) Cleaning up request packet ID 5 with timestamp +288
Waking up in 1.5 seconds.
(8) Cleaning up request packet ID 6 with timestamp +289
Waking up in 0.8 seconds.
(9) Cleaning up request packet ID 7 with timestamp +290
 

Ваше сообщение
Имя*:
EMail:
Для отправки новых сообщений в текущей нити на email укажите знак ! перед адресом, например, !user@host.ru (!! - не показывать email).
Более тонкая настройка отправки ответов производится в профиле зарегистрированного участника форума.
Заголовок*:
Сообщение*:
  Введите код, изображенный на картинке: КОД
 
При общении не допускается: неуважительное отношение к собеседнику, хамство, унизительное обращение, ненормативная лексика, переход на личности, агрессивное поведение, обесценивание собеседника, провоцирование флейма голословными и заведомо ложными заявлениями. Не отвечайте на сообщения, явно нарушающие правила - удаляются не только сами нарушения, но и все ответы на них. Лог модерирования.



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей 		Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру