rad_recv: Access-Request packet from host 192.168.10.237 port 65222, id=131, length=152 NAS-IP-Address = 192.168.10.237 NAS-Identifier = "gastboxtst.teamstrebel.ch" User-Name = "ac:cf:5c:be:45:98" User-Password = "1234" Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 0 Framed-IP-Address = 172.22.1.2 Called-Station-Id = "00:00:24:cf:bc:c9" Calling-Station-Id = "ac:cf:5c:be:45:98" # Executing section authorize from file /etc/raddb/radiusd.conf +- entering group authorize {...} [routeradmin] expand: .enab15. -> .enab15. routeradmin: Does not match: User-Name = ac:cf:5c:be:45:98 ++[routeradmin] returns ok ++[preprocess] returns ok [auth_log] expand: /var/log/radius/reply -> /var/log/radius/reply [auth_log] /var/log/radius/reply expands to /var/log/radius/reply [auth_log] expand: %t -> Thu Jul 31 12:19:37 2014 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "ac:cf:5c:be:45:98", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop [ldap] performing user authorization for ac:cf:5c:be:45:98 [ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details [ldap] ... expanding second conditional [ldap] expand: %{User-Name} -> ac:cf:5c:be:45:98 [ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=ac:cf:5c:be:45:98) [ldap] expand: ou=Radius,dc=example,dc=com -> ou=Radius,dc=example,dc=com [ldap] ldap_get_conn: Checking Id: 0 [ldap] ldap_get_conn: Got Id: 0 [ldap] performing search in ou=Radius,dc=example,dc=com, with filter (cn=ac:cf:5c:be:45:98) [ldap] object not found [ldap] search failed [ldap] ldap_release_conn: Release Id: 0 ++[ldap] returns notfound Exec-Program output: Exec-Program: returned: 0 ++[pppIP] returns ok ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Login incorrect ( [ldap] User not found): [ac:cf:5c:be:45:98] (from client gb port 0 cli ac:cf:5c:be:45:98) Delaying reject of request 238 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 238 Sending Access-Reject of id 131 to 192.168.10.237 port 65222 Waking up in 4.9 seconds. Cleaning up request 238 ID 131 with timestamp +6208 Ready to process requests. rad_recv: Access-Request packet from host 192.168.10.237 port 64760, id=141, length=152 NAS-IP-Address = 192.168.10.237 NAS-Identifier = "gastboxtst.teamstrebel.ch" User-Name = "ac:cf:5c:be:45:98" User-Password = "1234" Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 0 Framed-IP-Address = 172.22.1.2 Called-Station-Id = "00:00:24:cf:bc:c9" Calling-Station-Id = "ac:cf:5c:be:45:98" # Executing section authorize from file /etc/raddb/radiusd.conf +- entering group authorize {...} [routeradmin] expand: .enab15. -> .enab15. routeradmin: Does not match: User-Name = ac:cf:5c:be:45:98 ++[routeradmin] returns ok ++[preprocess] returns ok [auth_log] expand: /var/log/radius/reply -> /var/log/radius/reply [auth_log] /var/log/radius/reply expands to /var/log/radius/reply [auth_log] expand: %t -> Thu Jul 31 12:19:51 2014 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "ac:cf:5c:be:45:98", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop [ldap] performing user authorization for ac:cf:5c:be:45:98 [ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details [ldap] ... expanding second conditional [ldap] expand: %{User-Name} -> ac:cf:5c:be:45:98 [ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=ac:cf:5c:be:45:98) [ldap] expand: ou=Radius,dc=example,dc=com -> ou=Radius,dc=example,dc=com [ldap] ldap_get_conn: Checking Id: 0 [ldap] ldap_get_conn: Got Id: 0 [ldap] performing search in ou=Radius,dc=example,dc=com, with filter (cn=ac:cf:5c:be:45:98) [ldap] object not found [ldap] search failed [ldap] ldap_release_conn: Release Id: 0 ++[ldap] returns notfound Exec-Program output: Exec-Program: returned: 0 ++[pppIP] returns ok ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Login incorrect ( [ldap] User not found): [ac:cf:5c:be:45:98] (from client gb port 0 cli ac:cf:5c:be:45:98) Delaying reject of request 239 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 239 Sending Access-Reject of id 141 to 192.168.10.237 port 64760 Waking up in 4.9 seconds. Cleaning up request 239 ID 141 with timestamp +6222 Ready to process requests. rad_recv: Access-Request packet from host 192.168.10.237 port 65189, id=46, length=152 NAS-IP-Address = 192.168.10.237 NAS-Identifier = "gastboxtst.teamstrebel.ch" User-Name = "ac:cf:5c:be:45:98" User-Password = "1234" Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 0 Framed-IP-Address = 172.22.1.2 Called-Station-Id = "00:00:24:cf:bc:c9" Calling-Station-Id = "ac:cf:5c:be:45:98" # Executing section authorize from file /etc/raddb/radiusd.conf +- entering group authorize {...} [routeradmin] expand: .enab15. -> .enab15. routeradmin: Does not match: User-Name = ac:cf:5c:be:45:98 ++[routeradmin] returns ok ++[preprocess] returns ok [auth_log] expand: /var/log/radius/reply -> /var/log/radius/reply [auth_log] /var/log/radius/reply expands to /var/log/radius/reply [auth_log] expand: %t -> Thu Jul 31 12:20:38 2014 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "ac:cf:5c:be:45:98", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop [ldap] performing user authorization for ac:cf:5c:be:45:98 [ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details [ldap] ... expanding second conditional [ldap] expand: %{User-Name} -> ac:cf:5c:be:45:98 [ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=ac:cf:5c:be:45:98) [ldap] expand: ou=Radius,dc=example,dc=com -> ou=Radius,dc=example,dc=com [ldap] ldap_get_conn: Checking Id: 0 [ldap] ldap_get_conn: Got Id: 0 [ldap] performing search in ou=Radius,dc=example,dc=com, with filter (cn=ac:cf:5c:be:45:98) [ldap] object not found [ldap] search failed [ldap] ldap_release_conn: Release Id: 0 ++[ldap] returns notfound Exec-Program output: Exec-Program: returned: 0 ++[pppIP] returns ok ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Login incorrect ( [ldap] User not found): [ac:cf:5c:be:45:98] (from client gb port 0 cli ac:cf:5c:be:45:98) Delaying reject of request 240 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 240 Sending Access-Reject of id 46 to 192.168.10.237 port 65189 Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 192.168.10.237 port 64993, id=170, length=137 NAS-IP-Address = 192.168.10.237 NAS-Identifier = "gastboxtst.teamstrebel.ch" User-Name = "js" User-Password = "kobi" Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 0 Framed-IP-Address = 172.22.1.2 Called-Station-Id = "00:00:24:cf:bc:c9" Calling-Station-Id = "ac:cf:5c:be:45:98" # Executing section authorize from file /etc/raddb/radiusd.conf +- entering group authorize {...} [routeradmin] expand: .enab15. -> .enab15. routeradmin: Does not match: User-Name = js ++[routeradmin] returns ok ++[preprocess] returns ok [auth_log] expand: /var/log/radius/reply -> /var/log/radius/reply [auth_log] /var/log/radius/reply expands to /var/log/radius/reply [auth_log] expand: %t -> Thu Jul 31 12:20:39 2014 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "js", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop [ldap] performing user authorization for js [ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details [ldap] ... expanding second conditional [ldap] expand: %{User-Name} -> js [ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=js) [ldap] expand: ou=Radius,dc=example,dc=com -> ou=Radius,dc=example,dc=com [ldap] ldap_get_conn: Checking Id: 0 [ldap] ldap_get_conn: Got Id: 0 [ldap] performing search in ou=Radius,dc=example,dc=com, with filter (cn=js) [ldap] checking if remote access for js is allowed by dialupAccess [ldap] Added User-Password = kobi in check items [ldap] looking for check items in directory... [ldap] looking for reply items in directory... [ldap] user js authorized to use remote access [ldap] ldap_release_conn: Release Id: 0 ++[ldap] returns ok Exec-Program output: Exec-Program: returned: 0 ++[pppIP] returns ok !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!! Replacing User-Password in config items with Cleartext-Password. !!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!! Please update your configuration so that the "known good" !!! !!! clear text password is in Cleartext-Password, and not in User-Password. !!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING: Please update your configuration, and remove 'Auth-Type = Local' WARNING: Use the PAP or CHAP modules instead. User-Password in the request is correct. Login OK: [js] (from client gb port 0 cli ac:cf:5c:be:45:98) # Executing section post-auth from file /etc/raddb/radiusd.conf +- entering group post-auth {...} /root/kerbynet.cgi/scripts/radius-session-limits: command substitution: line 1: unexpected EOF while looking for matching `'' /root/kerbynet.cgi/scripts/radius-session-limits: command substitution: line 2: syntax error: unexpected end of file Exec-Program output: Reply-Message = Acct:SMALL::::0.1:0.15:24836:: Exec-Program-Wait: value-pairs: Reply-Message = Acct:SMALL::::0.1:0.15:24836:: Exec-Program: returned: 0 ++[SessionLimits] returns ok Exec-Program output: Exec-Program: returned: 0 ++[RadiusLog] returns ok [reply_log] expand: /dev/null -> /dev/null [reply_log] /dev/null expands to /dev/null [reply_log] expand: %t -> Thu Jul 31 12:20:39 2014 ++[reply_log] returns ok Sending Access-Accept of id 170 to 192.168.10.237 port 64993 Reply-Message = "Acct:SMALL::::0.1:0.15:24836::" Finished request 241. Going to the next request Waking up in 4.8 seconds. Cleaning up request 240 ID 46 with timestamp +6269 Waking up in 0.1 seconds. Cleaning up request 241 ID 170 with timestamp +6270 Ready to process requests. rad_recv: Access-Request packet from host 192.168.10.237 port 65139, id=165, length=152 NAS-IP-Address = 192.168.10.237 NAS-Identifier = "gastboxtst.teamstrebel.ch" User-Name = "e4:ce:8f:7f:80:d1" User-Password = "1234" Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 1 Framed-IP-Address = 172.22.1.3 Called-Station-Id = "00:00:24:cf:bc:c9" Calling-Station-Id = "e4:ce:8f:7f:80:d1" # Executing section authorize from file /etc/raddb/radiusd.conf +- entering group authorize {...} [routeradmin] expand: .enab15. -> .enab15. routeradmin: Does not match: User-Name = e4:ce:8f:7f:80:d1 ++[routeradmin] returns ok ++[preprocess] returns ok [auth_log] expand: /var/log/radius/reply -> /var/log/radius/reply [auth_log] /var/log/radius/reply expands to /var/log/radius/reply [auth_log] expand: %t -> Thu Jul 31 12:21:57 2014 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "e4:ce:8f:7f:80:d1", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop [ldap] performing user authorization for e4:ce:8f:7f:80:d1 [ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details [ldap] ... expanding second conditional [ldap] expand: %{User-Name} -> e4:ce:8f:7f:80:d1 [ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=e4:ce:8f:7f:80:d1) [ldap] expand: ou=Radius,dc=example,dc=com -> ou=Radius,dc=example,dc=com [ldap] ldap_get_conn: Checking Id: 0 [ldap] ldap_get_conn: Got Id: 0 [ldap] performing search in ou=Radius,dc=example,dc=com, with filter (cn=e4:ce:8f:7f:80:d1) [ldap] object not found [ldap] search failed [ldap] ldap_release_conn: Release Id: 0 ++[ldap] returns notfound Exec-Program output: Exec-Program: returned: 0 ++[pppIP] returns ok ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Login incorrect ( [ldap] User not found): [e4:ce:8f:7f:80:d1] (from client gb port 1 cli e4:ce:8f:7f:80:d1) Delaying reject of request 242 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 242 Sending Access-Reject of id 165 to 192.168.10.237 port 65139 Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 192.168.10.237 port 65114, id=25, length=152 NAS-IP-Address = 192.168.10.237 NAS-Identifier = "gastboxtst.teamstrebel.ch" User-Name = "e4:ce:8f:7f:80:d1" User-Password = "1234" Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 1 Framed-IP-Address = 172.22.1.3 Called-Station-Id = "00:00:24:cf:bc:c9" Calling-Station-Id = "e4:ce:8f:7f:80:d1" # Executing section authorize from file /etc/raddb/radiusd.conf +- entering group authorize {...} [routeradmin] expand: .enab15. -> .enab15. routeradmin: Does not match: User-Name = e4:ce:8f:7f:80:d1 ++[routeradmin] returns ok ++[preprocess] returns ok [auth_log] expand: /var/log/radius/reply -> /var/log/radius/reply [auth_log] /var/log/radius/reply expands to /var/log/radius/reply [auth_log] expand: %t -> Thu Jul 31 12:21:58 2014 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "e4:ce:8f:7f:80:d1", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop [ldap] performing user authorization for e4:ce:8f:7f:80:d1 [ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details [ldap] ... expanding second conditional [ldap] expand: %{User-Name} -> e4:ce:8f:7f:80:d1 [ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=e4:ce:8f:7f:80:d1) [ldap] expand: ou=Radius,dc=example,dc=com -> ou=Radius,dc=example,dc=com [ldap] ldap_get_conn: Checking Id: 0 [ldap] ldap_get_conn: Got Id: 0 [ldap] performing search in ou=Radius,dc=example,dc=com, with filter (cn=e4:ce:8f:7f:80:d1) [ldap] object not found [ldap] search failed [ldap] ldap_release_conn: Release Id: 0 ++[ldap] returns notfound Exec-Program output: Exec-Program: returned: 0 ++[pppIP] returns ok ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Login incorrect ( [ldap] User not found): [e4:ce:8f:7f:80:d1] (from client gb port 1 cli e4:ce:8f:7f:80:d1) Delaying reject of request 243 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 243 Sending Access-Reject of id 25 to 192.168.10.237 port 65114 Waking up in 3.8 seconds. Cleaning up request 242 ID 165 with timestamp +6348 Waking up in 1.1 seconds. Cleaning up request 243 ID 25 with timestamp +6349 Ready to process requests. rad_recv: Access-Request packet from host 192.168.10.239 port 64942, id=197, length=149 NAS-IP-Address = 192.168.10.239 NAS-Identifier = "gast-gz.teamstrebel.ch" User-Name = "ac:cf:5c:be:45:98" User-Password = "1234" Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 0 Framed-IP-Address = 172.22.1.2 Called-Station-Id = "00:0d:b9:33:b3:fd" Calling-Station-Id = "ac:cf:5c:be:45:98" # Executing section authorize from file /etc/raddb/radiusd.conf +- entering group authorize {...} [routeradmin] expand: .enab15. -> .enab15. routeradmin: Does not match: User-Name = ac:cf:5c:be:45:98 ++[routeradmin] returns ok ++[preprocess] returns ok [auth_log] expand: /var/log/radius/reply -> /var/log/radius/reply [auth_log] /var/log/radius/reply expands to /var/log/radius/reply [auth_log] expand: %t -> Thu Jul 31 12:26:12 2014 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "ac:cf:5c:be:45:98", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop [ldap] performing user authorization for ac:cf:5c:be:45:98 [ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details [ldap] ... expanding second conditional [ldap] expand: %{User-Name} -> ac:cf:5c:be:45:98 [ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=ac:cf:5c:be:45:98) [ldap] expand: ou=Radius,dc=example,dc=com -> ou=Radius,dc=example,dc=com [ldap] ldap_get_conn: Checking Id: 0 [ldap] ldap_get_conn: Got Id: 0 [ldap] performing search in ou=Radius,dc=example,dc=com, with filter (cn=ac:cf:5c:be:45:98) [ldap] object not found [ldap] search failed [ldap] ldap_release_conn: Release Id: 0 ++[ldap] returns notfound Exec-Program output: Exec-Program: returned: 0 ++[pppIP] returns ok ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Login incorrect ( [ldap] User not found): [ac:cf:5c:be:45:98] (from client gz port 0 cli ac:cf:5c:be:45:98) Delaying reject of request 244 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 244 Sending Access-Reject of id 197 to 192.168.10.239 port 64942 Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 192.168.10.239 port 64574, id=2, length=149 NAS-IP-Address = 192.168.10.239 NAS-Identifier = "gast-gz.teamstrebel.ch" User-Name = "ac:cf:5c:be:45:98" User-Password = "1234" Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 0 Framed-IP-Address = 172.22.1.2 Called-Station-Id = "00:0d:b9:33:b3:fd" Calling-Station-Id = "ac:cf:5c:be:45:98" # Executing section authorize from file /etc/raddb/radiusd.conf +- entering group authorize {...} [routeradmin] expand: .enab15. -> .enab15. routeradmin: Does not match: User-Name = ac:cf:5c:be:45:98 ++[routeradmin] returns ok ++[preprocess] returns ok [auth_log] expand: /var/log/radius/reply -> /var/log/radius/reply [auth_log] /var/log/radius/reply expands to /var/log/radius/reply [auth_log] expand: %t -> Thu Jul 31 12:26:15 2014 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "ac:cf:5c:be:45:98", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop [ldap] performing user authorization for ac:cf:5c:be:45:98 [ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details [ldap] ... expanding second conditional [ldap] expand: %{User-Name} -> ac:cf:5c:be:45:98 [ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=ac:cf:5c:be:45:98) [ldap] expand: ou=Radius,dc=example,dc=com -> ou=Radius,dc=example,dc=com [ldap] ldap_get_conn: Checking Id: 0 [ldap] ldap_get_conn: Got Id: 0 [ldap] performing search in ou=Radius,dc=example,dc=com, with filter (cn=ac:cf:5c:be:45:98) [ldap] object not found [ldap] search failed [ldap] ldap_release_conn: Release Id: 0 ++[ldap] returns notfound Exec-Program output: Exec-Program: returned: 0 ++[pppIP] returns ok ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Login incorrect ( [ldap] User not found): [ac:cf:5c:be:45:98] (from client gz port 0 cli ac:cf:5c:be:45:98) Delaying reject of request 245 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 245 Sending Access-Reject of id 2 to 192.168.10.239 port 64574 Waking up in 2.1 seconds. rad_recv: Access-Request packet from host 192.168.10.239 port 65097, id=2, length=149 NAS-IP-Address = 192.168.10.239 NAS-Identifier = "gast-gz.teamstrebel.ch" User-Name = "ac:cf:5c:be:45:98" User-Password = "1234" Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 0 Framed-IP-Address = 172.22.1.2 Called-Station-Id = "00:0d:b9:33:b3:fd" Calling-Station-Id = "ac:cf:5c:be:45:98" # Executing section authorize from file /etc/raddb/radiusd.conf +- entering group authorize {...} [routeradmin] expand: .enab15. -> .enab15. routeradmin: Does not match: User-Name = ac:cf:5c:be:45:98 ++[routeradmin] returns ok ++[preprocess] returns ok [auth_log] expand: /var/log/radius/reply -> /var/log/radius/reply [auth_log] /var/log/radius/reply expands to /var/log/radius/reply [auth_log] expand: %t -> Thu Jul 31 12:26:17 2014 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "ac:cf:5c:be:45:98", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop [ldap] performing user authorization for ac:cf:5c:be:45:98 [ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details [ldap] ... expanding second conditional [ldap] expand: %{User-Name} -> ac:cf:5c:be:45:98 [ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=ac:cf:5c:be:45:98) [ldap] expand: ou=Radius,dc=example,dc=com -> ou=Radius,dc=example,dc=com [ldap] ldap_get_conn: Checking Id: 0 [ldap] ldap_get_conn: Got Id: 0 [ldap] performing search in ou=Radius,dc=example,dc=com, with filter (cn=ac:cf:5c:be:45:98) [ldap] object not found [ldap] search failed [ldap] ldap_release_conn: Release Id: 0 ++[ldap] returns notfound Exec-Program output: Exec-Program: returned: 0 ++[pppIP] returns ok ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Login incorrect ( [ldap] User not found): [ac:cf:5c:be:45:98] (from client gz port 0 cli ac:cf:5c:be:45:98) Delaying reject of request 246 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 246 Sending Access-Reject of id 2 to 192.168.10.239 port 65097 Cleaning up request 244 ID 197 with timestamp +6603 Waking up in 2.8 seconds. Cleaning up request 245 ID 2 with timestamp +6606 Waking up in 2.0 seconds. Cleaning up request 246 ID 2 with timestamp +6608 Ready to process requests. rad_recv: Access-Request packet from host 192.168.10.239 port 64723, id=202, length=149 NAS-IP-Address = 192.168.10.239 NAS-Identifier = "gast-gz.teamstrebel.ch" User-Name = "ac:cf:5c:be:45:98" User-Password = "1234" Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 0 Framed-IP-Address = 172.22.1.2 Called-Station-Id = "00:0d:b9:33:b3:fd" Calling-Station-Id = "ac:cf:5c:be:45:98" # Executing section authorize from file /etc/raddb/radiusd.conf +- entering group authorize {...} [routeradmin] expand: .enab15. -> .enab15. routeradmin: Does not match: User-Name = ac:cf:5c:be:45:98 ++[routeradmin] returns ok ++[preprocess] returns ok [auth_log] expand: /var/log/radius/reply -> /var/log/radius/reply [auth_log] /var/log/radius/reply expands to /var/log/radius/reply [auth_log] expand: %t -> Thu Jul 31 12:26:26 2014 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "ac:cf:5c:be:45:98", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop [ldap] performing user authorization for ac:cf:5c:be:45:98 [ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details [ldap] ... expanding second conditional [ldap] expand: %{User-Name} -> ac:cf:5c:be:45:98 [ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=ac:cf:5c:be:45:98) [ldap] expand: ou=Radius,dc=example,dc=com -> ou=Radius,dc=example,dc=com [ldap] ldap_get_conn: Checking Id: 0 [ldap] ldap_get_conn: Got Id: 0 [ldap] performing search in ou=Radius,dc=example,dc=com, with filter (cn=ac:cf:5c:be:45:98) [ldap] object not found [ldap] search failed [ldap] ldap_release_conn: Release Id: 0 ++[ldap] returns notfound Exec-Program output: Exec-Program: returned: 0 ++[pppIP] returns ok ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Login incorrect ( [ldap] User not found): [ac:cf:5c:be:45:98] (from client gz port 0 cli ac:cf:5c:be:45:98) Delaying reject of request 247 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 247 Sending Access-Reject of id 202 to 192.168.10.239 port 64723 Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 192.168.10.239 port 65246, id=200, length=149 NAS-IP-Address = 192.168.10.239 NAS-Identifier = "gast-gz.teamstrebel.ch" User-Name = "ac:cf:5c:be:45:98" User-Password = "1234" Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 0 Framed-IP-Address = 172.22.1.2 Called-Station-Id = "00:0d:b9:33:b3:fd" Calling-Station-Id = "ac:cf:5c:be:45:98" # Executing section authorize from file /etc/raddb/radiusd.conf +- entering group authorize {...} [routeradmin] expand: .enab15. -> .enab15. routeradmin: Does not match: User-Name = ac:cf:5c:be:45:98 ++[routeradmin] returns ok ++[preprocess] returns ok [auth_log] expand: /var/log/radius/reply -> /var/log/radius/reply [auth_log] /var/log/radius/reply expands to /var/log/radius/reply [auth_log] expand: %t -> Thu Jul 31 12:26:28 2014 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "ac:cf:5c:be:45:98", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop [ldap] performing user authorization for ac:cf:5c:be:45:98 [ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details [ldap] ... expanding second conditional [ldap] expand: %{User-Name} -> ac:cf:5c:be:45:98 [ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=ac:cf:5c:be:45:98) [ldap] expand: ou=Radius,dc=example,dc=com -> ou=Radius,dc=example,dc=com [ldap] ldap_get_conn: Checking Id: 0 [ldap] ldap_get_conn: Got Id: 0 [ldap] performing search in ou=Radius,dc=example,dc=com, with filter (cn=ac:cf:5c:be:45:98) [ldap] object not found [ldap] search failed [ldap] ldap_release_conn: Release Id: 0 ++[ldap] returns notfound Exec-Program output: Exec-Program: returned: 0 ++[pppIP] returns ok ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Login incorrect ( [ldap] User not found): [ac:cf:5c:be:45:98] (from client gz port 0 cli ac:cf:5c:be:45:98) Delaying reject of request 248 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 248 Sending Access-Reject of id 200 to 192.168.10.239 port 65246 Waking up in 3.7 seconds. rad_recv: Access-Request packet from host 192.168.10.239 port 65135, id=2, length=149 NAS-IP-Address = 192.168.10.239 NAS-Identifier = "gast-gz.teamstrebel.ch" User-Name = "ac:cf:5c:be:45:98" User-Password = "1234" Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 0 Framed-IP-Address = 172.22.1.2 Called-Station-Id = "00:0d:b9:33:b3:fd" Calling-Station-Id = "ac:cf:5c:be:45:98" # Executing section authorize from file /etc/raddb/radiusd.conf +- entering group authorize {...} [routeradmin] expand: .enab15. -> .enab15. routeradmin: Does not match: User-Name = ac:cf:5c:be:45:98 ++[routeradmin] returns ok ++[preprocess] returns ok [auth_log] expand: /var/log/radius/reply -> /var/log/radius/reply [auth_log] /var/log/radius/reply expands to /var/log/radius/reply [auth_log] expand: %t -> Thu Jul 31 12:26:29 2014 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "ac:cf:5c:be:45:98", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop [ldap] performing user authorization for ac:cf:5c:be:45:98 [ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details [ldap] ... expanding second conditional [ldap] expand: %{User-Name} -> ac:cf:5c:be:45:98 [ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=ac:cf:5c:be:45:98) [ldap] expand: ou=Radius,dc=example,dc=com -> ou=Radius,dc=example,dc=com [ldap] ldap_get_conn: Checking Id: 0 [ldap] ldap_get_conn: Got Id: 0 [ldap] performing search in ou=Radius,dc=example,dc=com, with filter (cn=ac:cf:5c:be:45:98) [ldap] object not found [ldap] search failed [ldap] ldap_release_conn: Release Id: 0 ++[ldap] returns notfound Exec-Program output: Exec-Program: returned: 0 ++[pppIP] returns ok ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Login incorrect ( [ldap] User not found): [ac:cf:5c:be:45:98] (from client gz port 0 cli ac:cf:5c:be:45:98) Delaying reject of request 249 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 249 Sending Access-Reject of id 2 to 192.168.10.239 port 65135 Waking up in 2.6 seconds. rad_recv: Access-Request packet from host 192.168.10.239 port 65157, id=170, length=149 NAS-IP-Address = 192.168.10.239 NAS-Identifier = "gast-gz.teamstrebel.ch" User-Name = "ac:cf:5c:be:45:98" User-Password = "1234" Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 0 Framed-IP-Address = 172.22.1.2 Called-Station-Id = "00:0d:b9:33:b3:fd" Calling-Station-Id = "ac:cf:5c:be:45:98" # Executing section authorize from file /etc/raddb/radiusd.conf +- entering group authorize {...} [routeradmin] expand: .enab15. -> .enab15. routeradmin: Does not match: User-Name = ac:cf:5c:be:45:98 ++[routeradmin] returns ok ++[preprocess] returns ok [auth_log] expand: /var/log/radius/reply -> /var/log/radius/reply [auth_log] /var/log/radius/reply expands to /var/log/radius/reply [auth_log] expand: %t -> Thu Jul 31 12:26:31 2014 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "ac:cf:5c:be:45:98", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop [ldap] performing user authorization for ac:cf:5c:be:45:98 [ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details [ldap] ... expanding second conditional [ldap] expand: %{User-Name} -> ac:cf:5c:be:45:98 [ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=ac:cf:5c:be:45:98) [ldap] expand: ou=Radius,dc=example,dc=com -> ou=Radius,dc=example,dc=com [ldap] ldap_get_conn: Checking Id: 0 [ldap] ldap_get_conn: Got Id: 0 [ldap] performing search in ou=Radius,dc=example,dc=com, with filter (cn=ac:cf:5c:be:45:98) [ldap] object not found [ldap] search failed [ldap] ldap_release_conn: Release Id: 0 ++[ldap] returns notfound Exec-Program output: Exec-Program: returned: 0 ++[pppIP] returns ok ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Login incorrect ( [ldap] User not found): [ac:cf:5c:be:45:98] (from client gz port 0 cli ac:cf:5c:be:45:98) Delaying reject of request 250 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 250 Sending Access-Reject of id 170 to 192.168.10.239 port 65157 Waking up in 0.1 seconds. Cleaning up request 247 ID 202 with timestamp +6617 Waking up in 1.2 seconds. rad_recv: Access-Request packet from host 192.168.10.239 port 65281, id=117, length=149 NAS-IP-Address = 192.168.10.239 NAS-Identifier = "gast-gz.teamstrebel.ch" User-Name = "ac:cf:5c:be:45:98" User-Password = "1234" Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 0 Framed-IP-Address = 172.22.1.2 Called-Station-Id = "00:0d:b9:33:b3:fd" Calling-Station-Id = "ac:cf:5c:be:45:98" # Executing section authorize from file /etc/raddb/radiusd.conf +- entering group authorize {...} [routeradmin] expand: .enab15. -> .enab15. routeradmin: Does not match: User-Name = ac:cf:5c:be:45:98 ++[routeradmin] returns ok ++[preprocess] returns ok [auth_log] expand: /var/log/radius/reply -> /var/log/radius/reply [auth_log] /var/log/radius/reply expands to /var/log/radius/reply [auth_log] expand: %t -> Thu Jul 31 12:26:33 2014 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "ac:cf:5c:be:45:98", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop [ldap] performing user authorization for ac:cf:5c:be:45:98 [ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details [ldap] ... expanding second conditional [ldap] expand: %{User-Name} -> ac:cf:5c:be:45:98 [ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=ac:cf:5c:be:45:98) [ldap] expand: ou=Radius,dc=example,dc=com -> ou=Radius,dc=example,dc=com [ldap] ldap_get_conn: Checking Id: 0 [ldap] ldap_get_conn: Got Id: 0 [ldap] performing search in ou=Radius,dc=example,dc=com, with filter (cn=ac:cf:5c:be:45:98) [ldap] object not found [ldap] search failed [ldap] ldap_release_conn: Release Id: 0 ++[ldap] returns notfound Exec-Program output: Exec-Program: returned: 0 ++[pppIP] returns ok ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Login incorrect ( [ldap] User not found): [ac:cf:5c:be:45:98] (from client gz port 0 cli ac:cf:5c:be:45:98) Delaying reject of request 251 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 251 Sending Access-Reject of id 117 to 192.168.10.239 port 65281 Cleaning up request 248 ID 200 with timestamp +6619 Waking up in 1.1 seconds. Cleaning up request 249 ID 2 with timestamp +6620 Waking up in 2.4 seconds. rad_recv: Access-Request packet from host 192.168.10.239 port 65494, id=96, length=149 NAS-IP-Address = 192.168.10.239 NAS-Identifier = "gast-gz.teamstrebel.ch" User-Name = "ac:cf:5c:be:45:98" User-Password = "1234" Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 0 Framed-IP-Address = 172.22.1.2 Called-Station-Id = "00:0d:b9:33:b3:fd" Calling-Station-Id = "ac:cf:5c:be:45:98" # Executing section authorize from file /etc/raddb/radiusd.conf +- entering group authorize {...} [routeradmin] expand: .enab15. -> .enab15. routeradmin: Does not match: User-Name = ac:cf:5c:be:45:98 ++[routeradmin] returns ok ++[preprocess] returns ok [auth_log] expand: /var/log/radius/reply -> /var/log/radius/reply [auth_log] /var/log/radius/reply expands to /var/log/radius/reply [auth_log] expand: %t -> Thu Jul 31 12:26:35 2014 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "ac:cf:5c:be:45:98", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop [ldap] performing user authorization for ac:cf:5c:be:45:98 [ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details [ldap] ... expanding second conditional [ldap] expand: %{User-Name} -> ac:cf:5c:be:45:98 [ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=ac:cf:5c:be:45:98) [ldap] expand: ou=Radius,dc=example,dc=com -> ou=Radius,dc=example,dc=com [ldap] ldap_get_conn: Checking Id: 0 [ldap] ldap_get_conn: Got Id: 0 [ldap] performing search in ou=Radius,dc=example,dc=com, with filter (cn=ac:cf:5c:be:45:98) [ldap] object not found [ldap] search failed [ldap] ldap_release_conn: Release Id: 0 ++[ldap] returns notfound Exec-Program output: Exec-Program: returned: 0 ++[pppIP] returns ok ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Login incorrect ( [ldap] User not found): [ac:cf:5c:be:45:98] (from client gz port 0 cli ac:cf:5c:be:45:98) Delaying reject of request 252 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 252 Sending Access-Reject of id 96 to 192.168.10.239 port 65494 Waking up in 1.3 seconds. Cleaning up request 250 ID 170 with timestamp +6622 Waking up in 1.3 seconds. Cleaning up request 251 ID 117 with timestamp +6624 Waking up in 2.2 seconds. Cleaning up request 252 ID 96 with timestamp +6626 Ready to process requests. rad_recv: Access-Request packet from host 192.168.10.239 port 65507, id=220, length=149 NAS-IP-Address = 192.168.10.239 NAS-Identifier = "gast-gz.teamstrebel.ch" User-Name = "ac:cf:5c:be:45:98" User-Password = "1234" Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 0 Framed-IP-Address = 172.22.1.2 Called-Station-Id = "00:0d:b9:33:b3:fd" Calling-Station-Id = "ac:cf:5c:be:45:98" # Executing section authorize from file /etc/raddb/radiusd.conf +- entering group authorize {...} [routeradmin] expand: .enab15. -> .enab15. routeradmin: Does not match: User-Name = ac:cf:5c:be:45:98 ++[routeradmin] returns ok ++[preprocess] returns ok [auth_log] expand: /var/log/radius/reply -> /var/log/radius/reply [auth_log] /var/log/radius/reply expands to /var/log/radius/reply [auth_log] expand: %t -> Thu Jul 31 12:26:46 2014 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "ac:cf:5c:be:45:98", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop [ldap] performing user authorization for ac:cf:5c:be:45:98 [ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details [ldap] ... expanding second conditional [ldap] expand: %{User-Name} -> ac:cf:5c:be:45:98 [ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=ac:cf:5c:be:45:98) [ldap] expand: ou=Radius,dc=example,dc=com -> ou=Radius,dc=example,dc=com [ldap] ldap_get_conn: Checking Id: 0 [ldap] ldap_get_conn: Got Id: 0 [ldap] performing search in ou=Radius,dc=example,dc=com, with filter (cn=ac:cf:5c:be:45:98) [ldap] object not found [ldap] search failed [ldap] ldap_release_conn: Release Id: 0 ++[ldap] returns notfound Exec-Program output: Exec-Program: returned: 0 ++[pppIP] returns ok ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Login incorrect ( [ldap] User not found): [ac:cf:5c:be:45:98] (from client gz port 0 cli ac:cf:5c:be:45:98) Delaying reject of request 253 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 253 Sending Access-Reject of id 220 to 192.168.10.239 port 65507 Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 192.168.10.239 port 65452, id=94, length=134 NAS-IP-Address = 192.168.10.239 NAS-Identifier = "gast-gz.teamstrebel.ch" User-Name = "js" User-Password = "kobi" Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 0 Framed-IP-Address = 172.22.1.2 Called-Station-Id = "00:0d:b9:33:b3:fd" Calling-Station-Id = "ac:cf:5c:be:45:98" # Executing section authorize from file /etc/raddb/radiusd.conf +- entering group authorize {...} [routeradmin] expand: .enab15. -> .enab15. routeradmin: Does not match: User-Name = js ++[routeradmin] returns ok ++[preprocess] returns ok [auth_log] expand: /var/log/radius/reply -> /var/log/radius/reply [auth_log] /var/log/radius/reply expands to /var/log/radius/reply [auth_log] expand: %t -> Thu Jul 31 12:26:47 2014 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "js", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop [ldap] performing user authorization for js [ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details [ldap] ... expanding second conditional [ldap] expand: %{User-Name} -> js [ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=js) [ldap] expand: ou=Radius,dc=example,dc=com -> ou=Radius,dc=example,dc=com [ldap] ldap_get_conn: Checking Id: 0 [ldap] ldap_get_conn: Got Id: 0 [ldap] performing search in ou=Radius,dc=example,dc=com, with filter (cn=js) [ldap] checking if remote access for js is allowed by dialupAccess [ldap] Added User-Password = kobi in check items [ldap] looking for check items in directory... [ldap] looking for reply items in directory... [ldap] user js authorized to use remote access [ldap] ldap_release_conn: Release Id: 0 ++[ldap] returns ok Exec-Program output: Exec-Program: returned: 0 ++[pppIP] returns ok !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!! Replacing User-Password in config items with Cleartext-Password. !!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!! Please update your configuration so that the "known good" !!! !!! clear text password is in Cleartext-Password, and not in User-Password. !!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING: Please update your configuration, and remove 'Auth-Type = Local' WARNING: Use the PAP or CHAP modules instead. User-Password in the request is correct. Login OK: [js] (from client gz port 0 cli ac:cf:5c:be:45:98) # Executing section post-auth from file /etc/raddb/radiusd.conf +- entering group post-auth {...} /root/kerbynet.cgi/scripts/radius-session-limits: command substitution: line 1: unexpected EOF while looking for matching `'' /root/kerbynet.cgi/scripts/radius-session-limits: command substitution: line 2: syntax error: unexpected end of file Exec-Program output: Reply-Message = Acct:SMALL::::0.1:0.15:24836:: Exec-Program-Wait: value-pairs: Reply-Message = Acct:SMALL::::0.1:0.15:24836:: Exec-Program: returned: 0 ++[SessionLimits] returns ok Exec-Program output: Exec-Program: returned: 0 ++[RadiusLog] returns ok [reply_log] expand: /dev/null -> /dev/null [reply_log] /dev/null expands to /dev/null [reply_log] expand: %t -> Thu Jul 31 12:26:47 2014 ++[reply_log] returns ok Sending Access-Accept of id 94 to 192.168.10.239 port 65452 Reply-Message = "Acct:SMALL::::0.1:0.15:24836::" Finished request 254. Going to the next request Waking up in 4.7 seconds. rad_recv: Access-Request packet from host 192.168.10.239 port 65243, id=24, length=149 NAS-IP-Address = 192.168.10.239 NAS-Identifier = "gast-gz.teamstrebel.ch" User-Name = "ac:cf:5c:be:45:98" User-Password = "1234" Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 1 Framed-IP-Address = 172.22.1.2 Called-Station-Id = "00:0d:b9:33:b3:fd" Calling-Station-Id = "ac:cf:5c:be:45:98" # Executing section authorize from file /etc/raddb/radiusd.conf +- entering group authorize {...} [routeradmin] expand: .enab15. -> .enab15. routeradmin: Does not match: User-Name = ac:cf:5c:be:45:98 ++[routeradmin] returns ok ++[preprocess] returns ok [auth_log] expand: /var/log/radius/reply -> /var/log/radius/reply [auth_log] /var/log/radius/reply expands to /var/log/radius/reply [auth_log] expand: %t -> Thu Jul 31 12:26:47 2014 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "ac:cf:5c:be:45:98", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop [ldap] performing user authorization for ac:cf:5c:be:45:98 [ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details [ldap] ... expanding second conditional [ldap] expand: %{User-Name} -> ac:cf:5c:be:45:98 [ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=ac:cf:5c:be:45:98) [ldap] expand: ou=Radius,dc=example,dc=com -> ou=Radius,dc=example,dc=com [ldap] ldap_get_conn: Checking Id: 0 [ldap] ldap_get_conn: Got Id: 0 [ldap] performing search in ou=Radius,dc=example,dc=com, with filter (cn=ac:cf:5c:be:45:98) [ldap] object not found [ldap] search failed [ldap] ldap_release_conn: Release Id: 0 ++[ldap] returns notfound Exec-Program output: Exec-Program: returned: 0 ++[pppIP] returns ok ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Login incorrect ( [ldap] User not found): [ac:cf:5c:be:45:98] (from client gz port 1 cli ac:cf:5c:be:45:98) Delaying reject of request 255 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 255 Sending Access-Reject of id 24 to 192.168.10.239 port 65243 Waking up in 3.3 seconds. Cleaning up request 253 ID 220 with timestamp +6637 Waking up in 0.2 seconds. Cleaning up request 254 ID 94 with timestamp +6638 Waking up in 1.3 seconds. Cleaning up request 255 ID 24 with timestamp +6638 Ready to process requests.