Tue Apr 14 14:32:02 2009: DEBUG: Creating StreamServer tcp port 0.0.0.0:2083 Tue Apr 14 14:32:02 2009: DEBUG: Stream attempting tcp connection to radius1.cesnet.cz:2083 Tue Apr 14 14:32:02 2009: DEBUG: Stream connection in progress to radius1.cesnet.cz:2083 Tue Apr 14 14:32:02 2009: DEBUG: Finished reading configuration file '/etc/radiator/radius.cfg' Tue Apr 14 14:32:02 2009: DEBUG: Reading dictionary file '/usr/share/radiator/dictionary' Tue Apr 14 14:32:02 2009: DEBUG: Creating authentication port 0.0.0.0:1812 Tue Apr 14 14:32:02 2009: DEBUG: Creating accounting port 0.0.0.0:1813 Tue Apr 14 14:32:02 2009: NOTICE: Server started: Radiator 4.4 on r1orgA.etest.cesnet.cz Tue Apr 14 14:32:02 2009: DEBUG: Stream connected to radius1.cesnet.cz:2083 Tue Apr 14 14:32:02 2009: DEBUG: StreamTLS sessionInit for radius1.cesnet.cz Tue Apr 14 14:32:02 2009: DEBUG: StreamTLS SSL_connect result: -1, 2, 4384 Tue Apr 14 14:32:02 2009: DEBUG: StreamTLS Client Started for radius1.cesnet.cz:2083 Tue Apr 14 14:32:02 2009: DEBUG: Verifying certificate with Subject '/DC=cz/DC=cesnet-ca/O=CESNET/CN=ipsec/radius1.cesnet.cz' presented by peer radius1.cesnet.cz Tue Apr 14 14:32:02 2009: DEBUG: Checking subjectAltName type 2, value radius1.cesnet.cz Tue Apr 14 14:32:02 2009: DEBUG: Certificate DNS subjectAltName radius1.cesnet.cz matches server Host name radius1.cesnet.cz Tue Apr 14 14:32:02 2009: DEBUG: StreamTLS SSL_connect result: -1, 2, 4560 Tue Apr 14 14:32:02 2009: DEBUG: StreamTLS SSL_connect result: 1, 0, 3 Tue Apr 14 14:32:03 2009: DEBUG: Stream connected to 195.113.144.226:40583 Tue Apr 14 14:32:03 2009: DEBUG: StreamTLS sessionInit for 195.113.144.226 Tue Apr 14 14:32:03 2009: DEBUG: StreamTLS SSL_accept result: -1, 2, 8465 Tue Apr 14 14:32:03 2009: DEBUG: StreamTLS Server Started for 195.113.144.226:40583 Tue Apr 14 14:32:03 2009: DEBUG: New StreamServer Connection created for 195.113.144.226:40583 Tue Apr 14 14:32:03 2009: DEBUG: StreamTLS SSL_accept result: -1, 2, 8576 Tue Apr 14 14:32:03 2009: DEBUG: Verifying certificate with Subject '/DC=cz/DC=cesnet-ca/O=CESNET/CN=ipsec/radius1.cesnet.cz' presented by peer 195.113.144.226 Tue Apr 14 14:32:03 2009: DEBUG: Checking subjectAltName type 2, value radius1.cesnet.cz Tue Apr 14 14:32:03 2009: DEBUG: Certificate Subject matches TLS_ExpectedPeerName Tue Apr 14 14:32:03 2009: DEBUG: StreamTLS SSL_accept result: 1, 0, 3 Tue Apr 14 14:32:20 2009: DEBUG: Packet dump: *** Received from 195.113.144.226 port 40583 .... Code: Access-Request Identifier: 192 Authentic: <230><156><1>h<27>5{<5><216><190><183><3><26><195><163><235> Attributes: User-Name = "semik@tomasek.cz" Calling-Station-Id = "00-1D-6E-9B-D8-B9" Called-Station-Id = "00-17-DF-95-53-70:eduroam" NAS-Port = 29 NAS-IP-Address = 195.113.150.2 NAS-Identifier = "wlc1-cesnet" Airespace-WLAN-Id = 1 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-IEEE-802-11 Tunnel-Type = 0:VLAN Tunnel-Medium-Type = 0:802 Tunnel-Private-Group-ID = 0:100 EAP-Message = <2><2><0><21><1>semik@tomasek.cz Message-Authenticator = o4<179><134><13><219><241>@'<217>sI;~<170><186> Proxy-State = OSC-Extended-Id=192 Tue Apr 14 14:32:20 2009: DEBUG: Handling request with Handler 'Realm=/^tomasek.cz$/io' Tue Apr 14 14:32:20 2009: DEBUG: SessionDB Deleting session for semik@tomasek.cz, 195.113.150.2, 29 Tue Apr 14 14:32:20 2009: DEBUG: do query is: 'DELETE FROM RadOnline WHERE NASIdentifier="195.113.150.2" AND lower(UserName)=lower("semik@tomasek.cz") AND AcctSessionID="NULL"': Tue Apr 14 14:32:20 2009: DEBUG: Query is: 'select NASIdentifier, NASPort, AcctSessionID, FramedIPAddress from RadOnline where lower(UserName)=lower("semik@tomasek.cz")': Tue Apr 14 14:32:20 2009: DEBUG: Handling with Radius::AuthFILE: CheckFILE Tue Apr 14 14:32:20 2009: DEBUG: Handling with EAP: code 2, 2, 21, 1 Tue Apr 14 14:32:20 2009: DEBUG: Response type 1 Tue Apr 14 14:32:20 2009: DEBUG: EAP result: 3, EAP MSCHAP-V2 Challenge Tue Apr 14 14:32:20 2009: DEBUG: AuthBy FILE result: CHALLENGE, EAP MSCHAP-V2 Challenge Tue Apr 14 14:32:20 2009: DEBUG: Access challenged for semik@tomasek.cz: EAP MSCHAP-V2 Challenge Tue Apr 14 14:32:20 2009: DEBUG: Packet dump: *** Sending reply to RadSec 195.113.144.226:40583 .... Code: Access-Challenge Identifier: 192 Authentic: <230><156><1>h<27>5{<5><216><190><183><3><26><195><163><235> Attributes: EAP-Message = <1><3><0>0<26><1><3><0>+<16><31><192><15><12><194>O<204>eh%R<147><217>F<254>6r1orgA.etest.cesnet.cz Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> Proxy-State = OSC-Extended-Id=192 Tue Apr 14 14:32:20 2009: DEBUG: Packet dump: *** Received from 195.113.144.226 port 40583 .... Code: Access-Request Identifier: 193 Authentic: <0><226><208><129><236>3<244><171><154><179><156><184><0><244><172><224> Attributes: User-Name = "semik@tomasek.cz" Calling-Station-Id = "00-1D-6E-9B-D8-B9" Called-Station-Id = "00-17-DF-95-53-70:eduroam" NAS-Port = 29 NAS-IP-Address = 195.113.150.2 NAS-Identifier = "wlc1-cesnet" Airespace-WLAN-Id = 1 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-IEEE-802-11 Tunnel-Type = 0:VLAN Tunnel-Medium-Type = 0:802 Tunnel-Private-Group-ID = 0:100 EAP-Message = <2><3><0><6><3><25> Message-Authenticator = ^<140><0> X<138><240><196><179>?<239><156><216><148>@<250> Proxy-State = OSC-Extended-Id=193 Tue Apr 14 14:32:20 2009: DEBUG: Handling request with Handler 'Realm=/^tomasek.cz$/io' Tue Apr 14 14:32:20 2009: DEBUG: SessionDB Deleting session for semik@tomasek.cz, 195.113.150.2, 29 Tue Apr 14 14:32:20 2009: DEBUG: do query is: 'DELETE FROM RadOnline WHERE NASIdentifier="195.113.150.2" AND lower(UserName)=lower("semik@tomasek.cz") AND AcctSessionID="NULL"': Tue Apr 14 14:32:20 2009: DEBUG: Query is: 'select NASIdentifier, NASPort, AcctSessionID, FramedIPAddress from RadOnline where lower(UserName)=lower("semik@tomasek.cz")': Tue Apr 14 14:32:20 2009: DEBUG: Handling with Radius::AuthFILE: CheckFILE Tue Apr 14 14:32:20 2009: DEBUG: Handling with EAP: code 2, 3, 6, 3 Tue Apr 14 14:32:20 2009: DEBUG: Response type 3 Tue Apr 14 14:32:20 2009: INFO: EAP Nak desires type 25 Tue Apr 14 14:32:20 2009: DEBUG: EAP result: 3, EAP PEAP Challenge Tue Apr 14 14:32:20 2009: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP Challenge Tue Apr 14 14:32:20 2009: DEBUG: Access challenged for semik@tomasek.cz: EAP PEAP Challenge Tue Apr 14 14:32:20 2009: DEBUG: Packet dump: *** Sending reply to RadSec 195.113.144.226:40583 .... Code: Access-Challenge Identifier: 193 Authentic: <0><226><208><129><236>3<244><171><154><179><156><184><0><244><172><224> Attributes: EAP-Message = <1><4><0><6><25> Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> Proxy-State = OSC-Extended-Id=193 Tue Apr 14 14:32:20 2009: DEBUG: Packet dump: *** Received from 195.113.144.226 port 40583 .... Code: Access-Request Identifier: 194 Authentic: (<21>G5;<151>P<243><196><193><165>a`<208>Rl Attributes: User-Name = "semik@tomasek.cz" Calling-Station-Id = "00-1D-6E-9B-D8-B9" Called-Station-Id = "00-17-DF-95-53-70:eduroam" NAS-Port = 29 NAS-IP-Address = 195.113.150.2 NAS-Identifier = "wlc1-cesnet" Airespace-WLAN-Id = 1 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-IEEE-802-11 Tunnel-Type = 0:VLAN Tunnel-Medium-Type = 0:802 Tunnel-Private-Group-ID = 0:100 EAP-Message = <2><4><0>J<25><128><0><0><0>@<22><3><1><0>;<1><0><0>7<3><1>I<228><130>U<244>:I:g<250><21><25><252><146>;<187><1><11><198>)<137><207><175><206><8>)<30><190>I}<137><151><0><0><16><0><10><0>/<0><22><0>3<0><4><0><5><0><19><0>2<1><0> Message-Authenticator = tC<219>k<153><201><154><187>z.a<133><192><234>{<137> Proxy-State = OSC-Extended-Id=194 Tue Apr 14 14:32:20 2009: DEBUG: Handling request with Handler 'Realm=/^tomasek.cz$/io' Tue Apr 14 14:32:20 2009: DEBUG: SessionDB Deleting session for semik@tomasek.cz, 195.113.150.2, 29 Tue Apr 14 14:32:20 2009: DEBUG: do query is: 'DELETE FROM RadOnline WHERE NASIdentifier="195.113.150.2" AND lower(UserName)=lower("semik@tomasek.cz") AND AcctSessionID="NULL"': Tue Apr 14 14:32:20 2009: DEBUG: Query is: 'select NASIdentifier, NASPort, AcctSessionID, FramedIPAddress from RadOnline where lower(UserName)=lower("semik@tomasek.cz")': Tue Apr 14 14:32:20 2009: DEBUG: Handling with Radius::AuthFILE: CheckFILE Tue Apr 14 14:32:20 2009: DEBUG: Handling with EAP: code 2, 4, 74, 25 Tue Apr 14 14:32:20 2009: DEBUG: Response type 25 Tue Apr 14 14:32:20 2009: DEBUG: EAP TLS SSL_accept result: -1, 2, 8576 Tue Apr 14 14:32:20 2009: DEBUG: EAP result: 3, EAP PEAP Challenge Tue Apr 14 14:32:20 2009: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP Challenge Tue Apr 14 14:32:20 2009: DEBUG: Access challenged for semik@tomasek.cz: EAP PEAP Challenge Tue Apr 14 14:32:20 2009: DEBUG: Packet dump: *** Sending reply to RadSec 195.113.144.226:40583 .... Code: Access-Challenge Identifier: 194 Authentic: (<21>G5;<151>P<243><196><193><165>a`<208>Rl Attributes: EAP-Message = <1><5><3><242><25><192><0><0><9><168><22><3><1><0>J<2><0><0>F<3><1>I<228><130>T<205>q<138><185><183><249><191><193><206>m<153><235>h<7>8<199><212>85<168>O<143><241>V<16><237><15><181> <31><2>j<241>e<230>I!<29>r<229>[<26><0>u<0>+<206><227>1O<244><211><146>M<198>z<15><232><157>?<130><0><10><0><22><3><1><9>K<11><0><9>G<0><9>D<0><4>d0<130><4>`0<130><3>H<160><3><2><1><2><2><4>B<179>j-0<13><6><9>*<134>H<134><247><13><1><1><5><5><0>0C1<18>0<16><6><10><9><146>&<137><147><242>,d<1><25><22><2>cz1<25>0<23><6><10><9><146>&<137><147><242>,d<1><25><22><9>cesnet-ca1<18>0<16><6><3>U<4><3><19><9>CESNET CA0<30><23><13>090410132623Z<23><13>100510135623Z0a1<18>0<16><6><10><9><146>&<137><147><242> EAP-Message = ,d<1><25><22><2>cz1<25>0<23><6><10><9><146>&<137><147><242>,d<1><25><22><9>cesnet-ca1<15>0<13><6><3>U<4><10><19><6>CESNET1<31>0<29><6><3>U<4><3><19><22>r1orgA.etest.cesnet.cz0<129><159>0<13><6><9>*<134>H<134><247><13><1><1><1><5><0><3><129><141><0>0<129><137><2><129><129><0><201>0<138><133><174>s<30><240>A<205><220><27>XZ<29><26><137>`^<207><2>5<235><234><193><252><141>z<134><166>H<212><161>i&-o<152>"<156><11><225><18>L<130><3>*<157><228><155>zg-<145>2<167><155><230>;<190>W<180>5<19><194>u<200><175><27>.$<23><19><197><206><129>o|<235><220><232><237><142>_<21><235><15>C<31>~IG*6<193><139>(<186>|<237><205>E)G<201><179><2><242><142><167>3<238><245><128><200>t<232><9><216><22><140><164><145><158>M<169><172>k<2><3><1><0><1><163><130><1><192>0<130> EAP-Message = <1><188>0<14><6><3>U<29><15><1><1><255><4><4><3><2><5><160>0<29><6><3>U<29>%<4><22>0<20><6><8>+<6><1><5><5><7><3><1><6><8>+<6><1><5><5><7><3><2>0<25><6><3>U<29> <4><18>0<16>0<14><6><12>+<6><1><4><1><190>y<1><2><2><2><0>0!<6><3>U<29><17><4><26>0<24><130><22>r1orgA.etest.cesnet.cz0<130><1><11><6><3>U<29><31><4><130><1><2>0<129><255>0Z<160>X<160>V<164>T0R1<18>0<16><6><10><9><146>&<137><147><242>,d<1><25><22><2>cz1<25>0<23><6><10><9><146>&<137><147><242>,d<1><25><22><9>cesnet-ca1<18>0<16><6><3>U<4><3><19><9>CESNET CA1<13>0<11><6><3>U<4><3><19><4>CRL40<129><160><160><129><157><160><129><154><134>Bhttp://www.cesnet.cz/pk EAP-Message = i/crl/cn=CESNET%20CA,dc=cesnet-ca,dc=cz.crl<134>Tldap://ldap.cesnet-ca.cz/cn=CESNET%20CA,dc=cesnet-ca,dc=cz?certificateRevocationList0<31><6><3>U<29>#<4><24>0<22><128><20>/l<5><195>Q&<172><175>9<156>>85<221>R)'<128><197><245>0<29><6><3>U<29><14><4><22><4><20><206><210><15>F<229><247><211><249><156><193><191><169><239><178><183><215><224><13><224><247>0<13><6><9>*<134>H<134><247><13><1><1><5><5><0><3><130><1><1><0><161><178><18><237><226><129><142><182><254><15><194><139>F<155>&$<138>z<7>;C<17><218><239><250><29>G<255><157><241><230><165><223><168>!<180>a<180> Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> Proxy-State = OSC-Extended-Id=194 Tue Apr 14 14:32:21 2009: DEBUG: Packet dump: *** Received from 195.113.144.226 port 40583 .... Code: Access-Request Identifier: 195 Authentic: g<169>{<219><184><242><21>'<213><250><213><196>3`<191> Attributes: User-Name = "semik@tomasek.cz" Calling-Station-Id = "00-1D-6E-9B-D8-B9" Called-Station-Id = "00-17-DF-95-53-70:eduroam" NAS-Port = 29 NAS-IP-Address = 195.113.150.2 NAS-Identifier = "wlc1-cesnet" Airespace-WLAN-Id = 1 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-IEEE-802-11 Tunnel-Type = 0:VLAN Tunnel-Medium-Type = 0:802 Tunnel-Private-Group-ID = 0:100 EAP-Message = <2><5><0><6><25><0> Message-Authenticator = <244><234>4<139><128><143><255><199><234><228><195>e<167>Y<234>C Proxy-State = OSC-Extended-Id=195 Tue Apr 14 14:32:21 2009: DEBUG: Handling request with Handler 'Realm=/^tomasek.cz$/io' Tue Apr 14 14:32:21 2009: DEBUG: SessionDB Deleting session for semik@tomasek.cz, 195.113.150.2, 29 Tue Apr 14 14:32:21 2009: DEBUG: do query is: 'DELETE FROM RadOnline WHERE NASIdentifier="195.113.150.2" AND lower(UserName)=lower("semik@tomasek.cz") AND AcctSessionID="NULL"': Tue Apr 14 14:32:21 2009: DEBUG: Query is: 'select NASIdentifier, NASPort, AcctSessionID, FramedIPAddress from RadOnline where lower(UserName)=lower("semik@tomasek.cz")': Tue Apr 14 14:32:21 2009: DEBUG: Handling with Radius::AuthFILE: CheckFILE Tue Apr 14 14:32:21 2009: DEBUG: Handling with EAP: code 2, 5, 6, 25 Tue Apr 14 14:32:21 2009: DEBUG: Response type 25 Tue Apr 14 14:32:21 2009: DEBUG: EAP result: 3, EAP PEAP Challenge Tue Apr 14 14:32:21 2009: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP Challenge Tue Apr 14 14:32:21 2009: DEBUG: Access challenged for semik@tomasek.cz: EAP PEAP Challenge Tue Apr 14 14:32:21 2009: DEBUG: Packet dump: *** Sending reply to RadSec 195.113.144.226:40583 .... Code: Access-Challenge Identifier: 195 Authentic: g<169>{<219><184><242><21>'<213><250><213><196>3`<191> Attributes: EAP-Message = <1><6><3><238><25>@!<128>u<245>SC<166><134><174><140>E<127>H<133><241>`<24><130><31>j<167><228><244>X<237><200><216><140><162><235><207><205><158><135><164><145>LT<6><143>>kU<210><167>XA<16><218>^<234><188>A(<215><27><142><197><180>n4M<5>/<180>/<207><26><178>t<196>8M<6><25><162><187><163><234><155>*<209><<127><187><216>{<21><224>8G<163>W<160><218><146><155><189>mr<217>{{><234>!<239>~<3><10>!Q<146><28>v<245>J<216>h<178><198>{<234><235><237>A<223>;<193><217><189>Z<22><16>jt<217><187><156><184>g<203>M<191><192><178><161>4<254><25><175><185>hr<21>h,<26><167>u<201><215><129>P<138><12><228><183><231>u<214><25><215><219><199><251>w{#<249>cw<140>G<252><198>?<175><16><239><131><183>}<243><157><9><127><247>mJX<181><234><132>*<127><187><160><202><162><237>24<152><162><128><244>Z<0><4><218>0<130><4><214>0<130><3><190><160><3><2><1><2><2><4>B<178><234><31>0<13><6><9>*<134>H EAP-Message = <134><247><13><1><1><5><5><0>0C1<18>0<16><6><10><9><146>&<137><147><242>,d<1><25><22><2>cz1<25>0<23><6><10><9><146>&<137><147><242>,d<1><25><22><9>cesnet-ca1<18>0<16><6><3>U<4><3><19><9>CESNET CA0<30><23><13>050617145017Z<23><13>250617152017Z0C1<18>0<16><6><10><9><146>&<137><147><242>,d<1><25><22><2>cz1<25>0<23><6><10><9><146>&<137><147><242>,d<1><25><22><9>cesnet-ca1<18>0<16><6><3>U<4><3><19><9>CESNET CA0<130><1>"0<13><6><9>*<134>H<134><247><13><1><1><1><5><0><3><130><1><15><0>0<130><1><10><2><130><1><1><0><241><21>MA<19>jX<187>:~<127>K<223><130><127><146><15><163><29>B<250><152><162>-E<127><4><8><147><198><186><137><6><155><149><195><251><176><179><173><158><236> EAP-Message = <9><230><200><137><148>+<133><237>!<223><157><27><13><231><158><160><225><246><144><141>X<217><255>D<26><138><214><215><164>^R'<150>K<181><237><233><179><215><255><214><140><181><18>D<6><25><174><138><202><182><204>V<147><153><250><163><241><194>SYZ<234><<170><22>0Kw<234><250><5><231><12><234>|<128>D<3>3<244>S<204><254><143><26><225><179>j<232>V_<149><175>x4<218><29><209><13>Q<181><186><198>F<178><132><137><165><212><158><193><148><27><163> 4<255>-<173>2<237>(<156><139>}w*/<219><179><196><240>&'l2<166>q`<251>\<227><17><254><197>\<206>E<170>6;<183><23>d<190><18><144><148>r<23><197><146>C<241><147>D><18>P<225><200>/WQj<131><249>wGm8m<231><<21><18><174><209>;<160><15>n!!<215><170><156><193><133><144><209><17><181>\<160><185>v6'<31><2><3><1><0><1><163><130><1><208>0<130><1><204>0<17><6><9>`<134>H<1><134><248>B<1><1><4><4><3><2><0><7>0<130><1><14><6><3>U EAP-Message = <29><31><4><130><1><5>0<130><1><1>0<129><254><160><129><251><160><129><248><164>T0R1<18>0<16><6><10><9><146>&<137><147><242>,d<1><25><22><2>cz1<25>0<23><6><10><9><146>&<137><147><242>,d<1><25><22><9>cesnet-ca1<18>0<16><6><3>U<4><3><19><9>CESNET CA1<13>0<11><6><3>U<4><3><19><4>CRL1<134>Dhttp://www.cesnet.cz/pki/crl/cn=CESNET%20CA,dc=cesnet-ca,dc=cza1.crl<134>Zldap://ldap.cesnet-ca.cz/cn=CRL1,cn=CESNET%20CA,dc=cesnet-ca,dc=cz?aut Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> Proxy-State = OSC-Extended-Id=195 Tue Apr 14 14:32:21 2009: DEBUG: Packet dump: *** Received from 195.113.144.226 port 40583 .... Code: Access-Request Identifier: 196 Authentic: '<171><134>b<221>q<166><192><208><150><199><18><128>PL<15> Attributes: User-Name = "semik@tomasek.cz" Calling-Station-Id = "00-1D-6E-9B-D8-B9" Called-Station-Id = "00-17-DF-95-53-70:eduroam" NAS-Port = 29 NAS-IP-Address = 195.113.150.2 NAS-Identifier = "wlc1-cesnet" Airespace-WLAN-Id = 1 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-IEEE-802-11 Tunnel-Type = 0:VLAN Tunnel-Medium-Type = 0:802 Tunnel-Private-Group-ID = 0:100 EAP-Message = <2><6><0><6><25><0> Message-Authenticator = ^<214>L<235>J<209><5>d<168>y<168><245><241><167>X<26> Proxy-State = OSC-Extended-Id=196 Tue Apr 14 14:32:21 2009: DEBUG: Handling request with Handler 'Realm=/^tomasek.cz$/io' Tue Apr 14 14:32:21 2009: DEBUG: SessionDB Deleting session for semik@tomasek.cz, 195.113.150.2, 29 Tue Apr 14 14:32:21 2009: DEBUG: do query is: 'DELETE FROM RadOnline WHERE NASIdentifier="195.113.150.2" AND lower(UserName)=lower("semik@tomasek.cz") AND AcctSessionID="NULL"': Tue Apr 14 14:32:21 2009: DEBUG: Query is: 'select NASIdentifier, NASPort, AcctSessionID, FramedIPAddress from RadOnline where lower(UserName)=lower("semik@tomasek.cz")': Tue Apr 14 14:32:21 2009: DEBUG: Handling with Radius::AuthFILE: CheckFILE Tue Apr 14 14:32:21 2009: DEBUG: Handling with EAP: code 2, 6, 6, 25 Tue Apr 14 14:32:21 2009: DEBUG: Response type 25 Tue Apr 14 14:32:21 2009: DEBUG: EAP result: 3, EAP PEAP Challenge Tue Apr 14 14:32:21 2009: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP Challenge Tue Apr 14 14:32:21 2009: DEBUG: Access challenged for semik@tomasek.cz: EAP PEAP Challenge Tue Apr 14 14:32:21 2009: DEBUG: Packet dump: *** Sending reply to RadSec 195.113.144.226:40583 .... Code: Access-Challenge Identifier: 196 Authentic: '<171><134>b<221>q<166><192><208><150><199><18><128>PL<15> Attributes: EAP-Message = <1><7><1><222><25><0>horityRevocationList0+<6><3>U<29><16><4>$0"<128><15>20050617145017Z<129><15>20250617152017Z0<11><6><3>U<29><15><4><4><3><2><1><6>0<31><6><3>U<29>#<4><24>0<22><128><20>/l<5><195>Q&<172><175>9<156>>85<221>R)'<128><197><245>0<29><6><3>U<29><14><4><22><4><20>/l<5><195>Q&<172><175>9<156>>85<221>R)'<128><197><245>0<12><6><3>U<29><19><4><5>0<3><1><1><255>0<29><6><9>*<134>H<134><246>}<7>A<0><4><16>0<14><27><8>V7.1:4.0<3><2><4><144>0<13><6><9>*<134>H<134><247><13><1><1><5><5><0><3><130><1><1><0>97;<155><185>y<160><196><216><183><241><224>D6+<135>t<250><207><180>x}<166><226><228>e3<239><16>l<137>j<169><150><145>pQ<232>xW EAP-Message = <235><197>Q<23><211>e<10><151>q<26><166><227>`<29>`n<30><182><156>t<18><165>g<248>|<171><148><220><179><141><193>&o<159><175><165><165>G$<198><230><220>C'<250><160>De<135>K<137>K<139><234>k<133><13><151>u<153><152>,<236>3S<160><188><219><238>>z<170>ym<162><223><162><136>i<250>(MQ<188><155><236><176>2<7><226><193><253>l<223><204><190><206>+<22>N9<132><197><196><5><215><254><5><252><149><245>~<27><187>&<177>d,5X<161><132><146>{<2><253><223><187><3><237><204><170><243><220>fo<228><192><128><143>'M<147>Mf<204><152><1><177>N<169><<214><169><238><10><152>/P<218>><136>sB&<184><251>*"<163><185><170>Nv<175><19><20><204>s<254><143>q<143><131><204><199><24><25>K#Q<199><232>W<142>Z<147>hn<206><28>q<228>;4<20><205><173><239><18>6<187><214>}&<177><22><3><1><0><4><14><0><0><0> Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> Proxy-State = OSC-Extended-Id=196 Tue Apr 14 14:32:21 2009: DEBUG: Packet dump: *** Received from 195.113.144.226 port 40583 .... Code: Access-Request Identifier: 197 Authentic: <6><157><232>U<192><172><211>|T:t<244><229><205>L<144> Attributes: User-Name = "semik@tomasek.cz" Calling-Station-Id = "00-1D-6E-9B-D8-B9" Called-Station-Id = "00-17-DF-95-53-70:eduroam" NAS-Port = 29 NAS-IP-Address = 195.113.150.2 NAS-Identifier = "wlc1-cesnet" Airespace-WLAN-Id = 1 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-IEEE-802-11 Tunnel-Type = 0:VLAN Tunnel-Medium-Type = 0:802 Tunnel-Private-Group-ID = 0:100 EAP-Message = <2><7><0><200><25><128><0><0><0><190><22><3><1><0><134><16><0><0><130><0><128>2<189><<160><9>7<195><135>U<156><160><26>t<201>w<165><186><230><155><13><132>$@<187><236>^'<229><220><232><148><175>{,<158>rz~<216><1>m<23><141>W<158><13>Xu<8><226><138><177><145>#<172><150><18><217><22><251><149><23>Jf<227><15>|1<0><206><225>]<31>(.<150><161><223><186><240><216>/<129>~<229>(<139>,<220>d<17>3<198>?t<166><247>1<149><16><248>Vo<0><24><204><27><246><243>d <176>,_<27><180><232><229><236>|<211>*X<143><247><211><162><17><20><3><1><0><1><1><22><3><1><0>(c<129><184><205>MJg@l<128><26>)&<233><135><7><151>A<217>,<129><173><244><197>6*<27>.Z1<174><224><155>ty<242>/S<1><27> Message-Authenticator = <209><210><152>s<157><4>}7<11><27>C<193>b<197>k<1> Proxy-State = OSC-Extended-Id=197 Tue Apr 14 14:32:21 2009: DEBUG: Handling request with Handler 'Realm=/^tomasek.cz$/io' Tue Apr 14 14:32:21 2009: DEBUG: SessionDB Deleting session for semik@tomasek.cz, 195.113.150.2, 29 Tue Apr 14 14:32:21 2009: DEBUG: do query is: 'DELETE FROM RadOnline WHERE NASIdentifier="195.113.150.2" AND lower(UserName)=lower("semik@tomasek.cz") AND AcctSessionID="NULL"': Tue Apr 14 14:32:21 2009: DEBUG: Query is: 'select NASIdentifier, NASPort, AcctSessionID, FramedIPAddress from RadOnline where lower(UserName)=lower("semik@tomasek.cz")': Tue Apr 14 14:32:21 2009: DEBUG: Handling with Radius::AuthFILE: CheckFILE Tue Apr 14 14:32:21 2009: DEBUG: Handling with EAP: code 2, 7, 200, 25 Tue Apr 14 14:32:21 2009: DEBUG: Response type 25 Tue Apr 14 14:32:21 2009: DEBUG: EAP TLS SSL_accept result: 1, 0, 3 Tue Apr 14 14:32:21 2009: DEBUG: EAP result: 3, EAP PEAP Challenge Tue Apr 14 14:32:21 2009: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP Challenge Tue Apr 14 14:32:21 2009: DEBUG: Access challenged for semik@tomasek.cz: EAP PEAP Challenge Tue Apr 14 14:32:21 2009: DEBUG: Packet dump: *** Sending reply to RadSec 195.113.144.226:40583 .... Code: Access-Challenge Identifier: 197 Authentic: <6><157><232>U<192><172><211>|T:t<244><229><205>L<144> Attributes: EAP-Message = <1><8><0>=<25><128><0><0><0>3<20><3><1><0><1><1><22><3><1><0>(<204><167><213>[q<210><160>j<230>"<208><224>f<137><254>g<28><132><149><151><22>2q<210><222><141><243><197>B<11><2><127><240>o<244><234>E{*h Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> Proxy-State = OSC-Extended-Id=197 Tue Apr 14 14:32:21 2009: DEBUG: Packet dump: *** Received from 195.113.144.226 port 40583 .... Code: Access-Request Identifier: 198 Authentic: o<21><252>kK<12><157><143>Jb<221><163><128><5> <196> Attributes: User-Name = "semik@tomasek.cz" Calling-Station-Id = "00-1D-6E-9B-D8-B9" Called-Station-Id = "00-17-DF-95-53-70:eduroam" NAS-Port = 29 NAS-IP-Address = 195.113.150.2 NAS-Identifier = "wlc1-cesnet" Airespace-WLAN-Id = 1 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-IEEE-802-11 Tunnel-Type = 0:VLAN Tunnel-Medium-Type = 0:802 Tunnel-Private-Group-ID = 0:100 EAP-Message = <2><8><0><6><25><0> Message-Authenticator = <14><143><237><228><167><255><133>Rr<1> <193>P3r<252> Proxy-State = OSC-Extended-Id=198 Tue Apr 14 14:32:21 2009: DEBUG: Handling request with Handler 'Realm=/^tomasek.cz$/io' Tue Apr 14 14:32:21 2009: DEBUG: SessionDB Deleting session for semik@tomasek.cz, 195.113.150.2, 29 Tue Apr 14 14:32:21 2009: DEBUG: do query is: 'DELETE FROM RadOnline WHERE NASIdentifier="195.113.150.2" AND lower(UserName)=lower("semik@tomasek.cz") AND AcctSessionID="NULL"': Tue Apr 14 14:32:21 2009: DEBUG: Query is: 'select NASIdentifier, NASPort, AcctSessionID, FramedIPAddress from RadOnline where lower(UserName)=lower("semik@tomasek.cz")': Tue Apr 14 14:32:21 2009: DEBUG: Handling with Radius::AuthFILE: CheckFILE Tue Apr 14 14:32:21 2009: DEBUG: Handling with EAP: code 2, 8, 6, 25 Tue Apr 14 14:32:21 2009: DEBUG: Response type 25 Tue Apr 14 14:32:21 2009: DEBUG: EAP result: 3, EAP PEAP Challenge Tue Apr 14 14:32:21 2009: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP Challenge Tue Apr 14 14:32:21 2009: DEBUG: Access challenged for semik@tomasek.cz: EAP PEAP Challenge Tue Apr 14 14:32:21 2009: DEBUG: Packet dump: *** Sending reply to RadSec 195.113.144.226:40583 .... Code: Access-Challenge Identifier: 198 Authentic: o<21><252>kK<12><157><143>Jb<221><163><128><5> <196> Attributes: EAP-Message = <1><9><0>#<25><0><23><3><1><0><24><29><206><253>38<221><181><11>=T<173><142><240><189>WI<165><18>9<147>y<14><246><147> Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> Proxy-State = OSC-Extended-Id=198 Tue Apr 14 14:32:21 2009: DEBUG: Packet dump: *** Received from 195.113.144.226 port 40583 .... Code: Access-Request Identifier: 199 Authentic: K<130><228><172><234><5><1><130><212>(<131>`<143><27><199>t Attributes: User-Name = "semik@tomasek.cz" Calling-Station-Id = "00-1D-6E-9B-D8-B9" Called-Station-Id = "00-17-DF-95-53-70:eduroam" NAS-Port = 29 NAS-IP-Address = 195.113.150.2 NAS-Identifier = "wlc1-cesnet" Airespace-WLAN-Id = 1 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-IEEE-802-11 Tunnel-Type = 0:VLAN Tunnel-Medium-Type = 0:802 Tunnel-Private-Group-ID = 0:100 EAP-Message = <2><9><0>3<25><0><23><3><1><0>(<228><175><134>O<180><166><28><196><133>P<140><164><166><13><207>><216><26><17>.AG<10>C<5><203><20><244><165><202><159><142><23>z<132><136><167><246><203><6> Message-Authenticator = <191>C4<213><185><185><169>?<175><253><169>3<176><156><168><166> Proxy-State = OSC-Extended-Id=199 Tue Apr 14 14:32:21 2009: DEBUG: Handling request with Handler 'Realm=/^tomasek.cz$/io' Tue Apr 14 14:32:21 2009: DEBUG: SessionDB Deleting session for semik@tomasek.cz, 195.113.150.2, 29 Tue Apr 14 14:32:21 2009: DEBUG: do query is: 'DELETE FROM RadOnline WHERE NASIdentifier="195.113.150.2" AND lower(UserName)=lower("semik@tomasek.cz") AND AcctSessionID="NULL"': Tue Apr 14 14:32:21 2009: DEBUG: Query is: 'select NASIdentifier, NASPort, AcctSessionID, FramedIPAddress from RadOnline where lower(UserName)=lower("semik@tomasek.cz")': Tue Apr 14 14:32:21 2009: DEBUG: Handling with Radius::AuthFILE: CheckFILE Tue Apr 14 14:32:21 2009: DEBUG: Handling with EAP: code 2, 9, 51, 25 Tue Apr 14 14:32:21 2009: DEBUG: Response type 25 Tue Apr 14 14:32:21 2009: DEBUG: EAP PEAP inner authentication request for anonymous Tue Apr 14 14:32:21 2009: DEBUG: PEAP Tunnelled request Packet dump: Code: Access-Request Identifier: UNDEF Authentic: <235>B<164><156>N77<229>[oG<130><148><158><169><158> Attributes: EAP-Message = <2><9><0><17><1>semik@tomasek.cz Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> User-Name = "anonymous" NAS-IP-Address = 195.113.150.2 NAS-Identifier = "wlc1-cesnet" NAS-Port = 29 Calling-Station-Id = "00-1D-6E-9B-D8-B9" Tue Apr 14 14:32:21 2009: DEBUG: Handling request with Handler 'TunnelledByPEAP=1' Tue Apr 14 14:32:21 2009: DEBUG: Handling with Radius::AuthFILE: CheckFILE Tue Apr 14 14:32:21 2009: DEBUG: Handling with EAP: code 2, 9, 17, 1 Tue Apr 14 14:32:21 2009: DEBUG: Response type 1 Tue Apr 14 14:32:21 2009: DEBUG: EAP result: 3, EAP MSCHAP-V2 Challenge Tue Apr 14 14:32:21 2009: DEBUG: AuthBy FILE result: CHALLENGE, EAP MSCHAP-V2 Challenge Tue Apr 14 14:32:21 2009: DEBUG: Access challenged for anonymous: EAP MSCHAP-V2 Challenge Tue Apr 14 14:32:21 2009: DEBUG: Returned PEAP tunnelled packet dump: Code: Access-Challenge Identifier: UNDEF Authentic: <235>B<164><156>N77<229>[oG<130><148><158><169><158> Attributes: EAP-Message = <1><10><0>0<26><1><10><0>+<16>n><10>n<30><204><160>4<177>/i<160><201>C<241><178>r1orgA.etest.cesnet.cz Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> Tue Apr 14 14:32:21 2009: DEBUG: EAP result: 3, EAP PEAP inner authentication redispatched to a Handler Tue Apr 14 14:32:21 2009: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP inner authentication redispatched to a Handler Tue Apr 14 14:32:21 2009: DEBUG: Access challenged for semik@tomasek.cz: EAP PEAP inner authentication redispatched to a Handler Tue Apr 14 14:32:21 2009: DEBUG: Packet dump: *** Sending reply to RadSec 195.113.144.226:40583 .... Code: Access-Challenge Identifier: 199 Authentic: K<130><228><172><234><5><1><130><212>(<131>`<143><27><199>t Attributes: EAP-Message = <1><10><0>S<25><0><23><3><1><0>H<233><218><23><162><232>c7<154><193>'<220><19><154>a<128><19><177>}9t<220>Qx<250>{<~dU<221><152><147>o<9><177>b<129><250><213>r<185>h<176>Y<148><234>:<238>'G<147><174> 3<215>H<138><7><171><179>u<243><203>l<144><226><7><205><195>u-D Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> Proxy-State = OSC-Extended-Id=199 Tue Apr 14 14:32:21 2009: DEBUG: Packet dump: *** Received from 195.113.144.226 port 40583 .... Code: Access-Request Identifier: 200 Authentic: <159><14><154><220><211>'h<215><19><0><3>5<156><162><183><231> Attributes: User-Name = "semik@tomasek.cz" Calling-Station-Id = "00-1D-6E-9B-D8-B9" Called-Station-Id = "00-17-DF-95-53-70:eduroam" NAS-Port = 29 NAS-IP-Address = 195.113.150.2 NAS-Identifier = "wlc1-cesnet" Airespace-WLAN-Id = 1 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-IEEE-802-11 Tunnel-Type = 0:VLAN Tunnel-Medium-Type = 0:802 Tunnel-Private-Group-ID = 0:100 EAP-Message = <2><10><0>k<25><0><23><3><1><0>`<246><24><157><244><173><212>p<5><140><25><230><204>%<20><195><162><7><135><240><228><246><148>3<149><236><188><172>k<6>5,<239>Jp|"<139><251><27><172><18>w<167><250>+yY<184>Q<146>DHv<19><158><242><196>N<171>t<166>=<135>V<16><236>O00"<157>UI<163><232><200>><210> <150>X#R<159>A<29><190>%<180><229>9<170>9<217><218># Message-Authenticator = <236><17><213><151>D<171><27><216><31><174>s<226><212><2><20>i Proxy-State = OSC-Extended-Id=200 Tue Apr 14 14:32:21 2009: DEBUG: Handling request with Handler 'Realm=/^tomasek.cz$/io' Tue Apr 14 14:32:21 2009: DEBUG: SessionDB Deleting session for semik@tomasek.cz, 195.113.150.2, 29 Tue Apr 14 14:32:21 2009: DEBUG: do query is: 'DELETE FROM RadOnline WHERE NASIdentifier="195.113.150.2" AND lower(UserName)=lower("semik@tomasek.cz") AND AcctSessionID="NULL"': Tue Apr 14 14:32:21 2009: DEBUG: Query is: 'select NASIdentifier, NASPort, AcctSessionID, FramedIPAddress from RadOnline where lower(UserName)=lower("semik@tomasek.cz")': Tue Apr 14 14:32:21 2009: DEBUG: Handling with Radius::AuthFILE: CheckFILE Tue Apr 14 14:32:21 2009: DEBUG: Handling with EAP: code 2, 10, 107, 25 Tue Apr 14 14:32:21 2009: DEBUG: Response type 25 Tue Apr 14 14:32:21 2009: DEBUG: EAP PEAP inner authentication request for anonymous Tue Apr 14 14:32:21 2009: DEBUG: PEAP Tunnelled request Packet dump: Code: Access-Request Identifier: UNDEF Authentic: 9<207><149><162><218><2><238><218>&<29>R<160>:<18><209><178> Attributes: EAP-Message = <2><10><0>G<26><2><10><0>F1<189><31><29>5S<4><198><7>k<241><190><224><192><189>I;<0><0><0><0><0><0><0><0><159><181><226><<168><137><255><212>A<193><18>L<127>V<186><147><188>F<255><204><240>7<247><243><0>semik@tomasek.cz Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> User-Name = "anonymous" NAS-IP-Address = 195.113.150.2 NAS-Identifier = "wlc1-cesnet" NAS-Port = 29 Calling-Station-Id = "00-1D-6E-9B-D8-B9" Tue Apr 14 14:32:21 2009: DEBUG: Handling request with Handler 'TunnelledByPEAP=1' Tue Apr 14 14:32:21 2009: DEBUG: Handling with Radius::AuthFILE: CheckFILE Tue Apr 14 14:32:21 2009: DEBUG: Handling with EAP: code 2, 10, 71, 26 Tue Apr 14 14:32:21 2009: DEBUG: Response type 26 Tue Apr 14 14:32:21 2009: DEBUG: Reading users file /etc/radiator/user_accounts Tue Apr 14 14:32:21 2009: DEBUG: Radius::AuthFILE looks for match with semik@tomasek.cz [anonymous] Tue Apr 14 14:32:21 2009: DEBUG: Radius::AuthFILE ACCEPT: : semik@tomasek.cz [anonymous] Tue Apr 14 14:32:21 2009: DEBUG: EAP result: 3, EAP MSCHAP V2 Challenge: Success Tue Apr 14 14:32:21 2009: DEBUG: AuthBy FILE result: CHALLENGE, EAP MSCHAP V2 Challenge: Success Tue Apr 14 14:32:21 2009: DEBUG: Access challenged for anonymous: EAP MSCHAP V2 Challenge: Success Tue Apr 14 14:32:21 2009: DEBUG: Returned PEAP tunnelled packet dump: Code: Access-Challenge Identifier: UNDEF Authentic: 9<207><149><162><218><2><238><218>&<29>R<160>:<18><209><178> Attributes: EAP-Message = <1><11><0>=<26><3><10><0>8S=35C8DBE459595D5220F7971EF794A5FFA8685B97 M=success Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> Tue Apr 14 14:32:21 2009: DEBUG: EAP result: 3, EAP PEAP inner authentication redispatched to a Handler Tue Apr 14 14:32:21 2009: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP inner authentication redispatched to a Handler Tue Apr 14 14:32:21 2009: DEBUG: Access challenged for semik@tomasek.cz: EAP PEAP inner authentication redispatched to a Handler Tue Apr 14 14:32:21 2009: DEBUG: Packet dump: *** Sending reply to RadSec 195.113.144.226:40583 .... Code: Access-Challenge Identifier: 200 Authentic: <159><14><154><220><211>'h<215><19><0><3>5<156><162><183><231> Attributes: EAP-Message = <1><11><0>[<25><0><23><3><1><0>P<4>r<230><242><13><246>'Oq<216>i<140>}+):NG<147>z~7<179><157><136><227><233>msn<157><214><1><184><234><235>S<167>e<221>w<170>5.<192><197>4<20>"<156><242><131><195>'R<158>m<241><234>+<135><173><186><230><206>%<203><241>K<210><231><185><143><212><0><225><177><143><24><21> Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> Proxy-State = OSC-Extended-Id=200 Tue Apr 14 14:32:21 2009: DEBUG: Packet dump: *** Received from 195.113.144.226 port 40583 .... Code: Access-Request Identifier: 201 Authentic: <21>Ld<6><6><215><131><235>eo)L<13>~<0><6> Attributes: User-Name = "semik@tomasek.cz" Calling-Station-Id = "00-1D-6E-9B-D8-B9" Called-Station-Id = "00-17-DF-95-53-70:eduroam" NAS-Port = 29 NAS-IP-Address = 195.113.150.2 NAS-Identifier = "wlc1-cesnet" Airespace-WLAN-Id = 1 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-IEEE-802-11 Tunnel-Type = 0:VLAN Tunnel-Medium-Type = 0:802 Tunnel-Private-Group-ID = 0:100 EAP-Message = <2><11><0>#<25><0><23><3><1><0><24>f<167><172>j}<9><16><129>C`<26>M<208>{<201>3<204>2|b<213><129>O<200> Message-Authenticator = t<180>"<206>`F<19><138>+<141><244>:<152>1<200><13> Proxy-State = OSC-Extended-Id=201 Tue Apr 14 14:32:21 2009: DEBUG: Handling request with Handler 'Realm=/^tomasek.cz$/io' Tue Apr 14 14:32:21 2009: DEBUG: SessionDB Deleting session for semik@tomasek.cz, 195.113.150.2, 29 Tue Apr 14 14:32:21 2009: DEBUG: do query is: 'DELETE FROM RadOnline WHERE NASIdentifier="195.113.150.2" AND lower(UserName)=lower("semik@tomasek.cz") AND AcctSessionID="NULL"': Tue Apr 14 14:32:21 2009: DEBUG: Query is: 'select NASIdentifier, NASPort, AcctSessionID, FramedIPAddress from RadOnline where lower(UserName)=lower("semik@tomasek.cz")': Tue Apr 14 14:32:21 2009: DEBUG: Handling with Radius::AuthFILE: CheckFILE Tue Apr 14 14:32:21 2009: DEBUG: Handling with EAP: code 2, 11, 35, 25 Tue Apr 14 14:32:21 2009: DEBUG: Response type 25 Tue Apr 14 14:32:21 2009: DEBUG: EAP PEAP inner authentication request for anonymous Tue Apr 14 14:32:21 2009: DEBUG: PEAP Tunnelled request Packet dump: Code: Access-Request Identifier: UNDEF Authentic: <177><153>j6<250><202><162><164>q<185>v<21><30><251>N<141> Attributes: EAP-Message = <2><11><0><2><26><3> Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> User-Name = "anonymous" NAS-IP-Address = 195.113.150.2 NAS-Identifier = "wlc1-cesnet" NAS-Port = 29 Calling-Station-Id = "00-1D-6E-9B-D8-B9" Tue Apr 14 14:32:21 2009: DEBUG: Handling request with Handler 'TunnelledByPEAP=1' Tue Apr 14 14:32:21 2009: DEBUG: Handling with Radius::AuthFILE: CheckFILE Tue Apr 14 14:32:21 2009: DEBUG: Handling with EAP: code 2, 11, 2, 26 Tue Apr 14 14:32:21 2009: DEBUG: Response type 26 Tue Apr 14 14:32:21 2009: DEBUG: EAP result: 0, Tue Apr 14 14:32:21 2009: DEBUG: AuthBy FILE result: ACCEPT, Tue Apr 14 14:32:21 2009: DEBUG: Access accepted for anonymous Tue Apr 14 14:32:21 2009: DEBUG: Returned PEAP tunnelled packet dump: Code: Access-Accept Identifier: UNDEF Authentic: <177><153>j6<250><202><162><164>q<185>v<21><30><251>N<141> Attributes: Tunnel-Type = 1:VLAN Tunnel-Medium-Type = 1:Ether_802 Tunnel-Private-Group-ID = 1:100 MS-MPPE-Send-Key = <241>@<182>N<168><30>r<205><146>^<134>pv<245>q<173> MS-MPPE-Recv-Key = <195><178>@<128><224><221><178><180>* <200>(<203><198>c<140> EAP-Message = <3><11><0><4> Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> Tue Apr 14 14:32:21 2009: DEBUG: EAP result: 3, EAP PEAP inner authentication redispatched to a Handler Tue Apr 14 14:32:21 2009: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP inner authentication redispatched to a Handler Tue Apr 14 14:32:21 2009: DEBUG: Access challenged for semik@tomasek.cz: EAP PEAP inner authentication redispatched to a Handler Tue Apr 14 14:32:21 2009: DEBUG: Packet dump: *** Sending reply to RadSec 195.113.144.226:40583 .... Code: Access-Challenge Identifier: 201 Authentic: <21>Ld<6><6><215><131><235>eo)L<13>~<0><6> Attributes: EAP-Message = <1><12><0>+<25><0><23><3><1><0> <134><204><249><197>!T<225><186>F<167><161>(1z<2><242><191>1<139><164><12>l<151><136><166><133>F<182><27>I<234>8 Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> Proxy-State = OSC-Extended-Id=201 Tue Apr 14 14:32:21 2009: DEBUG: Packet dump: *** Received from 195.113.144.226 port 40583 .... Code: Access-Request Identifier: 202 Authentic: <252><150><190>I<188>BVK<225><214><158><31><216><167>h<237> Attributes: User-Name = "semik@tomasek.cz" Calling-Station-Id = "00-1D-6E-9B-D8-B9" Called-Station-Id = "00-17-DF-95-53-70:eduroam" NAS-Port = 29 NAS-IP-Address = 195.113.150.2 NAS-Identifier = "wlc1-cesnet" Airespace-WLAN-Id = 1 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-IEEE-802-11 Tunnel-Type = 0:VLAN Tunnel-Medium-Type = 0:802 Tunnel-Private-Group-ID = 0:100 EAP-Message = <2><12><0>+<25><0><23><3><1><0> )<228><134><193><12><154><222><141><178><172>'<192>/<210>Bj<199><140><142><245>uc<137><153>s<184><160>z<161><241><180><165> Message-Authenticator = <250><188><22><202><214><184>U1<254><3>Z:QI<28>^ Proxy-State = OSC-Extended-Id=202 Tue Apr 14 14:32:21 2009: DEBUG: Handling request with Handler 'Realm=/^tomasek.cz$/io' Tue Apr 14 14:32:21 2009: DEBUG: SessionDB Deleting session for semik@tomasek.cz, 195.113.150.2, 29 Tue Apr 14 14:32:21 2009: DEBUG: do query is: 'DELETE FROM RadOnline WHERE NASIdentifier="195.113.150.2" AND lower(UserName)=lower("semik@tomasek.cz") AND AcctSessionID="NULL"': Tue Apr 14 14:32:21 2009: DEBUG: Query is: 'select NASIdentifier, NASPort, AcctSessionID, FramedIPAddress from RadOnline where lower(UserName)=lower("semik@tomasek.cz")': Tue Apr 14 14:32:21 2009: DEBUG: Handling with Radius::AuthFILE: CheckFILE Tue Apr 14 14:32:21 2009: DEBUG: Handling with EAP: code 2, 12, 43, 25 Tue Apr 14 14:32:21 2009: DEBUG: Response type 25 Tue Apr 14 14:32:21 2009: DEBUG: EAP result: 0, Tue Apr 14 14:32:21 2009: DEBUG: AuthBy FILE result: ACCEPT, Tue Apr 14 14:32:21 2009: DEBUG: Access accepted for semik@tomasek.cz Tue Apr 14 14:32:21 2009: DEBUG: Packet dump: *** Sending reply to RadSec 195.113.144.226:40583 .... Code: Access-Accept Identifier: 202 Authentic: <252><150><190>I<188>BVK<225><214><158><31><216><167>h<237> Attributes: Tunnel-Type = 1:VLAN Tunnel-Medium-Type = 1:Ether_802 Tunnel-Private-Group-ID = 1:100 MS-MPPE-Send-Key = V<4><198><191>X<155><129><22><166>YB<17><1><150><168>v]:<20><152><205><243>x<241><162><148>.lO%<165><190> MS-MPPE-Recv-Key = <221><15>"<244><217><219>(4h<184><235><173><127><131><187><246>~<179><223>qD<143><5><236><251><214><139><179><237><197><8><216> EAP-Message = <3><12><0><4> Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> Tunnel-Type = 1:VLAN Tunnel-Medium-Type = 1:Ether_802 Proxy-State = OSC-Extended-Id=202 Tue Apr 14 14:32:21 2009: DEBUG: Packet dump: *** Received from 195.113.144.226 port 35330 .... Code: Accounting-Request Identifier: 49 Authentic: <224>o<247>`<188><170><239><204>A<194><152><234>2<167>$<206> Attributes: User-Name = "semik@tomasek.cz" NAS-Port = 29 NAS-IP-Address = 195.113.150.2 Framed-IP-Address = 195.113.219.198 NAS-Identifier = "wlc1-cesnet" Airespace-WLAN-Id = 1 Acct-Session-Id = "49e47f55/00:1d:6e:9b:d8:b9/1306" Acct-Authentic = RADIUS Tunnel-Type = 0:VLAN Tunnel-Medium-Type = 0:802 Tunnel-Private-Group-ID = 0:100 Acct-Status-Type = Alive Acct-Input-Octets = 45028 Acct-Output-Octets = 78828 Acct-Input-Packets = 976 Acct-Output-Packets = 170 Acct-Session-Time = 768 Acct-Delay-Time = 0 Calling-Station-Id = "195.113.219.198" Called-Station-Id = "195.113.150.2" Timestamp = 1239712341 Tue Apr 14 14:32:21 2009: DEBUG: Handling request with Handler 'Realm=/^tomasek.cz$/io' Tue Apr 14 14:32:21 2009: DEBUG: SessionDB Adding session for semik@tomasek.cz, 195.113.150.2, 29 Tue Apr 14 14:32:21 2009: DEBUG: do query is: 'DELETE FROM RadOnline WHERE NASIdentifier="195.113.150.2" AND lower(UserName)=lower("semik@tomasek.cz") AND AcctSessionID="'49e47f55/00:1d:6e:9b:d8:b9/1306'"': Tue Apr 14 14:32:21 2009: DEBUG: do query is: 'insert into RadOnline (UserName, NASIdentifier, NASPort, AcctSessionID, TimeStamp, FramedIPAddress, NASPortType, ServiceType) values (lower("semik@tomasek.cz"), "195.113.150.2", 29, "'49e47f55/00:1d:6e:9b:d8:b9/1306'", 1239712341, "195.113.219.198", "", "")': Tue Apr 14 14:32:21 2009: DEBUG: Handling with Radius::AuthFILE: CheckFILE Tue Apr 14 14:32:21 2009: DEBUG: AuthBy FILE result: ACCEPT, Tue Apr 14 14:32:21 2009: DEBUG: Accounting accepted Tue Apr 14 14:32:21 2009: DEBUG: Packet dump: *** Sending to 195.113.144.226 port 35330 .... Code: Accounting-Response Identifier: 49 Authentic: =<16><252><6><129><181><187>7<174>8<209><160><217><135><171>( Attributes: Tue Apr 14 14:32:58 2009: DEBUG: Packet dump: *** Received from 195.113.144.226 port 35330 .... Code: Accounting-Request Identifier: 50 Authentic: <13><204>=<193><223>E<150>S<22><224>)<184><25>M)<175> Attributes: User-Name = "semik@tomasek.cz" NAS-Port = 29 NAS-IP-Address = 195.113.150.2 Framed-IP-Address = 195.113.219.189 NAS-Identifier = "wlc1-cesnet" Airespace-WLAN-Id = 1 Acct-Session-Id = "49e4734b/00:1f:3b:a0:ea:d9/1286" Acct-Authentic = RADIUS Tunnel-Type = 0:VLAN Tunnel-Medium-Type = 0:802 Tunnel-Private-Group-ID = 0:100 Acct-Status-Type = Stop Acct-Input-Octets = 447400 Acct-Output-Octets = 397511 Acct-Input-Packets = 9494 Acct-Output-Packets = 1749 Acct-Terminate-Cause = Lost-Service Acct-Session-Time = 3887 Acct-Delay-Time = 0 Calling-Station-Id = "195.113.219.189" Called-Station-Id = "195.113.150.2" Timestamp = 1239712378 Tue Apr 14 14:32:58 2009: DEBUG: Handling request with Handler 'Realm=/^tomasek.cz$/io' Tue Apr 14 14:32:58 2009: DEBUG: SessionDB Deleting session for semik@tomasek.cz, 195.113.150.2, 29 Tue Apr 14 14:32:58 2009: DEBUG: do query is: 'DELETE FROM RadOnline WHERE NASIdentifier="195.113.150.2" AND lower(UserName)=lower("semik@tomasek.cz") AND AcctSessionID="'49e4734b/00:1f:3b:a0:ea:d9/1286'"': Tue Apr 14 14:32:58 2009: DEBUG: Handling with Radius::AuthFILE: CheckFILE Tue Apr 14 14:32:58 2009: DEBUG: AuthBy FILE result: ACCEPT, Tue Apr 14 14:32:58 2009: DEBUG: Accounting accepted Tue Apr 14 14:32:58 2009: DEBUG: Packet dump: *** Sending to 195.113.144.226 port 35330 .... Code: Accounting-Response Identifier: 50 Authentic: <217><134>N<245>JW~<18>GJ<195><254><165>A2<249> Attributes: Tue Apr 14 14:33:11 2009: DEBUG: Packet dump: *** Received from 195.113.144.226 port 40583 .... Code: Access-Request Identifier: 203 Authentic: X<225><224>C1<197><204><206>xy,<182>uI<187>B Attributes: User-Name = "semik@tomasek.cz" Calling-Station-Id = "00-1F-3B-A0-EA-D9" Called-Station-Id = "00-17-DF-95-53-70:eduroam" NAS-Port = 29 NAS-IP-Address = 195.113.150.2 NAS-Identifier = "wlc1-cesnet" Airespace-WLAN-Id = 1 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-IEEE-802-11 Tunnel-Type = 0:VLAN Tunnel-Medium-Type = 0:802 Tunnel-Private-Group-ID = 0:100 EAP-Message = <2><2><0><21><1>semik@tomasek.cz Message-Authenticator = ?<164><173><220><133><181><143><223><237>!<192><188>1<243><234><7> Proxy-State = OSC-Extended-Id=203 Tue Apr 14 14:33:11 2009: DEBUG: Handling request with Handler 'Realm=/^tomasek.cz$/io' Tue Apr 14 14:33:11 2009: DEBUG: SessionDB Deleting session for semik@tomasek.cz, 195.113.150.2, 29 Tue Apr 14 14:33:11 2009: DEBUG: do query is: 'DELETE FROM RadOnline WHERE NASIdentifier="195.113.150.2" AND lower(UserName)=lower("semik@tomasek.cz") AND AcctSessionID="NULL"': Tue Apr 14 14:33:11 2009: DEBUG: Query is: 'select NASIdentifier, NASPort, AcctSessionID, FramedIPAddress from RadOnline where lower(UserName)=lower("semik@tomasek.cz")': Tue Apr 14 14:33:11 2009: DEBUG: Checking if user is still online: unknown, semik@tomasek.cz, 195.113.150.2, 29, '49e47f55/00:1d:6e:9b:d8:b9/1306' 195.113.219.198 Tue Apr 14 14:33:11 2009: INFO: Access rejected for semik@tomasek.cz: MaxSessions exceeded Tue Apr 14 14:33:11 2009: DEBUG: Packet dump: *** Sending reply to RadSec 195.113.144.226:40583 .... Code: Access-Reject Identifier: 203 Authentic: X<225><224>C1<197><204><206>xy,<182>uI<187>B Attributes: Reply-Message = "Request Denied" Proxy-State = OSC-Extended-Id=203 Tue Apr 14 14:33:17 2009: DEBUG: Packet dump: *** Received from 195.113.144.226 port 40583 .... Code: Access-Request Identifier: 204 Authentic: <138><159>M<184>(]<153><24>i]<207><153><24><3><199><155> Attributes: User-Name = "semik@tomasek.cz" Calling-Station-Id = "00-1F-3B-A0-EA-D9" Called-Station-Id = "00-17-DF-95-53-70:eduroam" NAS-Port = 29 NAS-IP-Address = 195.113.150.2 NAS-Identifier = "wlc1-cesnet" Airespace-WLAN-Id = 1 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-IEEE-802-11 Tunnel-Type = 0:VLAN Tunnel-Medium-Type = 0:802 Tunnel-Private-Group-ID = 0:100 EAP-Message = <2><1><0><21><1>semik@tomasek.cz Message-Authenticator = U<146>!@d<15>$<236><159><228><144><22><150>h<179><14> Proxy-State = OSC-Extended-Id=204 Tue Apr 14 14:33:17 2009: DEBUG: Handling request with Handler 'Realm=/^tomasek.cz$/io' Tue Apr 14 14:33:17 2009: DEBUG: SessionDB Deleting session for semik@tomasek.cz, 195.113.150.2, 29 Tue Apr 14 14:33:17 2009: DEBUG: do query is: 'DELETE FROM RadOnline WHERE NASIdentifier="195.113.150.2" AND lower(UserName)=lower("semik@tomasek.cz") AND AcctSessionID="NULL"': Tue Apr 14 14:33:17 2009: DEBUG: Query is: 'select NASIdentifier, NASPort, AcctSessionID, FramedIPAddress from RadOnline where lower(UserName)=lower("semik@tomasek.cz")': Tue Apr 14 14:33:17 2009: DEBUG: Checking if user is still online: unknown, semik@tomasek.cz, 195.113.150.2, 29, '49e47f55/00:1d:6e:9b:d8:b9/1306' 195.113.219.198 Tue Apr 14 14:33:17 2009: INFO: Access rejected for semik@tomasek.cz: MaxSessions exceeded Tue Apr 14 14:33:17 2009: DEBUG: Packet dump: *** Sending reply to RadSec 195.113.144.226:40583 .... Code: Access-Reject Identifier: 204 Authentic: <138><159>M<184>(]<153><24>i]<207><153><24><3><199><155> Attributes: Reply-Message = "Request Denied" Proxy-State = OSC-Extended-Id=204 Tue Apr 14 14:33:22 2009: DEBUG: Packet dump: *** Received from 195.113.144.226 port 40583 .... Code: Access-Request Identifier: 205 Authentic: <176><200><25>L3<224><191>gR$<161><159>W<179><136>i Attributes: User-Name = "semik@tomasek.cz" Calling-Station-Id = "00-1F-3B-A0-EA-D9" Called-Station-Id = "00-17-DF-95-53-70:eduroam" NAS-Port = 29 NAS-IP-Address = 195.113.150.2 NAS-Identifier = "wlc1-cesnet" Airespace-WLAN-Id = 1 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-IEEE-802-11 Tunnel-Type = 0:VLAN Tunnel-Medium-Type = 0:802 Tunnel-Private-Group-ID = 0:100 EAP-Message = <2><1><0><21><1>semik@tomasek.cz Message-Authenticator = }<236>T<218><139><201>]<145><240>?<208><194><170>'<205><206> Proxy-State = OSC-Extended-Id=205 Tue Apr 14 14:33:22 2009: DEBUG: Handling reques