NPS: Autenticación 802.1X Red Cableada
No voy a explicar como configurar el NPS porque es la misma configuración que para la red inalámbrica, ni tampoco la emisión de certificados para los equipos del dominio puesto que todo está comentado en el artículo Autenticación 802.1x en Redes Inalámbricas. Por lo que directamente iremos a la configuración que voy a tratar de explicar ahora, que es la configuración de un Switch CIsco 2960 con 802.1x. Los datos de la red son los siguientes:
Switch Cisco 2960 (Cliente RADIUS)
NPS: Windows Server 2008 R2 (SERVIDOR NPS/RADIUS)
CA: Windows Server 2008 R2 (SERVIDOR PKI)
Equipo: Windows 7 Ultimate (EQUIPO CLIENTE)
La idea es que el equipo con Windows 7 se conecte a un puerto del Switch y este le solicite autenticación que enviará al NPS para que en función de la directiva de Red que he configurado, se le conoceda acceso o no. Como no voy a volver a comentar como se configura el NPS únicamente voy a comentar la directiva de red creada para este LAB. Debemos añadir el cliente RADIUS al NPS, para ello vamos a Clientes y servidores RADIUS – Clientes RADIUS – Nuevo y añadimos como cliente radius al Switch (IP: 192.168.100.2)
Ahora he creado una directiva de red con dos condiciones, la primera es que al cliente Radius sea el Switch Cisco (192.168.100.2) y la segunda ese que el equipo o usuario sea miembro de un grupo de seguridad del dominio
para que esta regla que puede ser parecida a otras no se solape con otra he añadido la concidión Dirección IPv4 del cliente (es la del cliente RADIUS (en nuestro caso el Switch)) , de tal forma que esta diretiva de red solo se procesará si la petición proviene del Switch. Luego además el usuario o equipo que trate de iniciar sesión debe ser miembro del grupo ACL Wireless ASIR
añadimos el tipo de EAP Microsoft: EAP protegido (PEAP) (podemos añadir lo que queramos)
seleccionamos el certificado de servidor y el tipo(s) de EAP que permitiremos
Ahora vamos a configurar el Switch, estos son los comandos que debemos utilizar para habilitar la autenticación 802.1x en el switch
Modo de configuración: Configuración Global
aaa new-model
aaa group server radius RadiusAuth
server IP_SERVIDOR_NPS auth-port 1812 acct-port 1813
aaa authentication dot1x default group RadiusAuth
radius-server host IP_SERVIDOR_NPS auth-port 1812 acct-port 1813 key CLAVE_COMPARTIDA_AUTENTICACION_NPS
Debemos habilitar 802.1x a nivel de Switch, para ello debemos ejecutar el comando
Modo de configuración: Configuración Global
dot1x system-auth-control
Una vez que hemos configurado la parte de Radius, debemos habilitar cada puerto que queramos utilizar 802.1x, para ello accedemos a la interface correspondiente y escribimos los siguientes comandos:
Modo de configuración: Configuración Interface
interface FastEthernet0/13
dot1x pae authenticator
dot1x port-control auto
dot1x violation-mode protect
dot1x reauthentication
* Si queremos aplicar la configuración a varias interfaces a la vez podemos hacerlo con el siguiente comando:
Modo de configuración: Configuración Interface
interface range FastEthernet0/1 – 24
dot1x pae authenticator
dot1x port-control auto
dot1x violation-mode protect
dot1x reauthentication
Ahora que ya hemos configurado el NPS y el Switch debemos configurar nuestro equipo, primero debemos iniciar el servicio Configuración automática de redes cableadas, el cual nos permitirá habilitar su utilización y configuración desde la pestaña de Autenticación en las conexiones de red. Una vez iniciado y modificado el tipo de inicio a Automático (esta configuración podemos realizarla mediante una GPO)
Ahora podemos ir a las propiedades de la conexión de área local (la red cableada) e ir a la pestaña Autenticación, seleccionamos Microsoft: EAP protegido (PEAP) y en la ventana de Configuración en la opción de Autenticación seleccionamos Contraseña Segura (EAP-MSCHAP v2)
si pulsamos en Configurar desmarcamos la casilla Usar automáticamente el nombre de inicio de sesión … (esto lo hago así para que veáis como os solicita el usuario y contraseña para validaros, pero la idea es que la autenticación sea por equipo y con su certificado digital)
Una vez que tenemos todo configuramos, vamos a probarlo!!! Conectamos un cable de red al equipo y a la interface del switch en donde hemos configurado la autenticación 802.1x y vemos que nos solicita la autenticación
ahora introducimos un usuario y contraseña válidos (activo en el dominio, que sea miembro del grupo habiiltado en al directiva de red)
En dos o tres segundos estamos autenticados y con los datos de red necesarios (IP, DNS, etc..). Podemos hacer muchas más configuraciones, por ejemplo si el usuario o equipo no se valida correctamente que vaya a una VLAN de invitados, que una vez autenticado mover al equipo a una VLAN en concreto, etc.. pero será en otro artículo.
Por supuesto tenemos un registros de LOGS, tanto a nivel de NPS como de Swtich, pero también podemos enviarlos a un SYSLOG sinproblema:
NPS
192.168.100.2,staboas@asirsl.com,12/26/2012,17:15:50,IAS,NPSSERVER,6,2,12,1500,30,64-16-8D-87-3D-8D,31,5C-26-0A-49-D7-66,61,15,5,50013,87,FastEthernet0/13,4,192.168.100.2,4108,192.168.100.2,4116,0,4128,Switch ASIR,4154,Usar autenticación de Windows para todos los usuarios,4155,1,4129,ASIRSL\Staboas,4149,SWITCH_ASIR,25,311 1 192.168.XXX.XXX 12/22/2012 18:06:02
Switch (debug, se han eliminado partes del debug)
Dec 26 18:01:34.575: %LINK-3-UPDOWN: Interface FastEthernet0/14, changed state to up
Dec 26 18:02:11.023: RADIUS/ENCODE(0000003A):Orig. component type = DOT1X
Dec 26 18:02:11.023: RADIUS(0000003A): Config NAS IP: 0.0.0.0
Dec 26 18:02:11.023: RADIUS/ENCODE(0000003A): acct_session_id: 57
Dec 26 18:02:11.023: RADIUS(0000003A): sending
Dec 26 18:02:11.023: RADIUS/ENCODE: Best Local IP-Address 192.168.100.2 for Radius-Server 192.168.250.10
Dec 26 18:02:11.023: RADIUS(0000003A): Send Access-Request to 192.168.250.10:1812 id 1645/98, len 169
Dec 26 18:02:11.023: RADIUS: authenticator D0 BF AE C7 12 A7 4A C3 – 82 AB A6 1F 54 8A 54 12
Dec 26 18:02:11.023: RADIUS: User-Name [1] 20 “staboas@asirsl.com”
Dec 26 18irsl.c]
Dec 26 18:02:11.023: RADIUS: 6F 6D [ om]
Dec 26 18:02:11.023: RADIUS: Message-Authenticato[80] 18 :02:11.023: RADIUS: Service
Dec 26 18:02:11.023: RADIUS: 7E 5A 03 CA 5E AD 95 6F AB D8 D6 01 17 02 0B D4 [ ~Z^o]
Dec 26 18:02:11.023: RADIUS: NAS-Port-Type [61] 6 Ethernet [15]
Dec 26 18:02:11.023: RADIUS: NAS-Port [5] 6 50014
Dec 26 18:02:11.023: RADIUS: NAS-Port-Id [87] 18 “FastEthernet0/14”
Dec 26 18:02:11.023: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:11.057: RADIUS: Received from id 1645/98 192.168.250.10:1812, Access-Challenge, len 90
Dec 26 18:02:11.057: RADIUS: authenticator 32 7A 21 BC 63 A0 F7 F8 – 73 08 7F 55 D1 94 25 DF-Type [6] [27] 6 30
Dec 26 18:02:11.057: RADIUS: EAP-Message [79] 8
Dec 26 18:02:11.057: RADIUS: 01 03 00 06 19 20 [ ]
Dec 26 18:02:11.057: RADIUS: State [24] 38
Dec 26 18:02:11.065: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:11.065: RADIUS: Message-Authenticato[80] 18
Dec 26 18:02:11.065: RADIUS: BA 6F E3 11 25 55 C6 7A BE 54 60 8E C6 70 58 7D [ o?UzT`pX}]
Dec 26 18:02:11.065: RADIUS(0000003A): Received from id 1645/986 Framed
Dec 26 18:02:11.065: RADIUS/DECODE: EAP-Message fragments, 6, total 6 bytes
Dec 26 18:02:11.065: RADIUS/ENCODE(0000003A):Orig. component type = DOT1X
Dec 26 18:02:11.073: RADIUS(0000003A): Config NAS IP: 0.0.0.0
Dec 26 18:02:11.073: RADIUS/ENCODE(0000003A): acct_session_id: 57
Dec 26 18:02:11.073: RADIUS(0000003A): sending
Dec 26 18:02:11.073: RADIUS/ENCODE: Best Local IP-Address 192.168.100.2 for Radius-Server 192.168.250.10
Dec 26 18:02:11.073: RADIUS(0000003A): Send Access-Request to 192.168.250.10:1812 id 1645/99, len 289
Dec 26 18:02:11.073: RADIUS: authenticator FC 0E 04 AF 84 DF 62 9B – FB 43 42 B4 27 FD A8 25 [2]
Dec 26 18:02:11.023: RAD [1] 20 “staboas@asirsl.com”
Dec 26 18:02:11.073: RADIUS: Service-Type [6] 6 Framed [2]
Dec 26 18:02:11.073: RADIUS: Framed-MTU [12] 6 1500
Dec 26 18:02:11.073: RADIUS: Called-Station-Id [30] 19 “64-16-8D-87-3D-8E”
Dec 26 18:02:11.073: RADIUS: Calling-Station-Id [31] 19 “00-0A-E4-31-18-B1”
Dec 26 18:02:11.073: RADIUS: EAP-Message [79] 107 IUS: Framed-MTU [12] 6 1500
Dec 26 18:02:11.073: RADIUS: 02 03 00 69 19 80 00 00 00 5F 16 03 01 00 5A 01 00 00 56 03 01 50 DB 3B D6 03 02 F4 ED 12 97 5F 85 D6 18 E3 A7 55 62 BE 50 B6 64 3C D1 5A 4D 63 09 1F E0 34 [i_ZVP;_UbPd<ZMc4]
Dec 26 18:02:11.073: RADIUS: 27 00 00 18 00 2F 00 35 00 05 00 0A C0 13 C0 14 C0 09 C0 0A 00 32 00 38 00 13 00 04 01 00 00 15 FF 01 00 01 00 00 0A 00 06 00 04 00 17 00 18 00 0B 00 02 01 00 [ ‘/528]
Dec 26 18:02:11.073: RADIUS: Message-Authenticato[80] 18
Dec 26 18:02:11.073: RADIUS: B3 F2 B7 52 7A 04 54 0A 34 14 B5 F2 DF 1A 6E 52 [ RzT4nR]
Dec 26 18:02:11.073: RADIUS: NAS-Port-Type [61] 6 Ethernet [15]
De
Dec 26 18:02:11.073: RADIUS: NAS-Port-Id [87] 18 “FastEthernet0/14”
Dec 26 18:02:11.073: RADIUS: State [24] 38
Dec 26 18:02:11.073: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:11.073: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:11.099: RADIUS: Received from id 1645/99 192.168.250.10:1812, Access-Challenge, len 1590
Dec 2c6 18:02:11.099: RADIUS: authenticator 5A 94 A5 7B C9 7C BC 09 – 9F 4D 6F 41 78 35 43 B0 26 18:02:11.023: RADIUS: Called-
Dec 26 18:02:11.099: RADIUS: Session-Timeout [27] 6 30
Dec 26 18:02:11.099: RADIUS: EAP-Message [79] 255
Dec 26 18:02:11.099: RADIUS: 01 04 05 D8 19 C0 00 00 0C D1 16 03 01 0C CC 02 00 00 4D 03 01 50 DB 3B D3 CD 77 83 1D 3F 10 09 FC F9 2F 82 45 BB C8 E9 40 FD 97 F1 C4 6D F3 64 28 61 0D 24 C8 20 5E 1B 00 00 39 [MP;w?/E@md(a$ ^9]
Dec 26 18:02:11.099: RADIUS: BC E5 00 CF 01 1D 4D 84 33 7C 6E F0 C7 52 FE 20 3C F7 AC 08 31 16 31 DE 26 1E 17 00 2F 00 00 05 FF 01 00 01 00 0B 00 05 0A 00 05 07 00 05 04 30 82 05 00 30 82 03 E8 A0 03 02 01 02 02 0A 49 5E 10 S11 00 00 00 00 01 F8 30 [M3|nR <11&/00I^0]tation-Id [30] 19 “64-1 F7 0D 01 01 05 05 00 30 45 31 13 30 11 06 0A 09 92 26 89 93 F2 2C 64 01 19 16 03 63 6F 6D 31 16 30 14 06 0A 09 92 26 89 93 F2 2C [*H0E10&,dcom10&,]
Dec 26 18:02:11.107: RADIUS: 64 01 19 16 06 61 73 69 72 73 6C 31 16 30 14 06 03 55 04 03 13 0D 41 53 49 52 53 4C [dasirsl10UASIRSL]
Dec 26 18:02:11.107: RADIUS: 2D 43 41 52 6F 6F 74 30 1E 17 0D 31 32 30 39 32 39 32 30 [-CARoot012092920]
Dec 26 18:02:11.107: RADIUS: 34 32 34 32 5A 17 0D 31 33 30 39 32 39 32 30 34 32 34 [4242Z13092920424]
Dec 26 18:02:11.107: RADIUS: 32 5A 30 22 31 20 [ 2Z0″1 ]
Dec 26 18:02:11.107: RADIUS: EAP-Message [79] 255 6-8D-87-3D-8E”
Dec 26 18:02:11.115: RADIUS: 72 61 74 69 6F 6E 2C 44 43 3D 61 [ ration,DC=a]
Dec 26 18:02:11.115: RADIUS: EAP-Message [79] 255
Dec 26 18:02:11.115: RADIUS: 73 69 72 73 6C 2C 44 43 3D 63 6F 6D 3F 63 65 72 [sirsl,DC=com?cer]
Dec 26 18:02:11.115: RADIUS: 74 69 66 69 63 61 74 65 52 65 76 6F 63 61 74 69 [tificateRevocati]
Dec 26 18:02:11.115: RADIUS: 6F 6E 4C 69 73 74 3F 62 61 73 65 3F 6F 62 6A 65 [onList?base?obje]
Dec 26 18:02:11.115: RADIUS: 63 74 43 6C 61 73 73 3D 63 52 4C 44 69 73 74 72 [ctClass=cRLDistr]
Dec 26 18:02:11.115: RADIUS: 69 62 75 74 69 6F 6E 50 6F 69 6E 74 86 2B 68 74 74 [ibutionPoint+htt]18:02:11.023: RADIUS: 02 02 00 17 01 73 74 61 62 6F 61 73 40 61 73 69 72 73 6C 2E 63 [staboas@as
Dec 26 18:02:11.057: RADIUS: Session-Timeout
Dec 26 18:02:11.073: RADIUS: User-Name
Dec 26 18:02:11.073: RADIUS: NAS-Port [5] 6 50014
Dec 26 18:02:11.107: RADIUS: 0D 06 09 2A 86 48 86
Dec 26 18:02:11.124: RADIUS: EAP-Message [79] 233
Dec 26 18:02:11.124: RADIUS: AD ED 27 BD D4 3D 23 FC D5 8D 7D AF E9 62 38 B8 8A 06 35 E0 36 95 73 05 19 D3 ED C4 7C A5 17 58 5F A1 9D 43 70 A6 F8 78 20 [‘=#}b856s|X_Cpx ]
Dec 26 18:02:11.124: RADIUS: FC 4C 69 C8 57 FE 32 FA FC 9F 8E 46 FE 09 89 26 84 2F A3 80 FC FE 4E 21 84 85 04 65 8F FD 83 E9 4E A3 9E 33 AF 78 B3 D5 8B 89 0D CB D9 76 7B E4 81 5A [LiW2F&/N!eN3xv{Z]
Dec 26 18:02:11.124: RADIUS: 18 26 0C 50 29 44 62 21 BD 53 97 A8 AD 41 D5 21 2C C0 12 07 ED 49 DF 9E 77 7F A4 C0 38 D4 05 0B A2 89 0D 00 07 65 03 01 02 40 07 5F [&P)Db!SA!,Iw8e@_]
Dec 26 18:02:11.124: RADIUS: 00 47 30 45 31 13 30 11 06 0A 09 92 26 89 93 F2 2C 64 01 19 16 03 63 6F 6D 31 16 30 14 06 0A 09 92 26 89 93 F2 2C 64 [G0E10&,dcom10&,d]
Dec 26 18:02:11.124: RADIUS: 01 19 16 06 61 73 69 72 73 6C 31 16 30 14 06 03 55 04 03 13 0D 41 53 49 52 53 4C 2D [asirsl10UASIRSL-]
Dec 26 18:02:11.132: RADIUS: 43 41 52 6F 6F 74 00 71 30 6F 31 0B 30 09 06 03 55 04 06 13 02 53 45 31 14 30 [CARootq0o10USE10]
Dec 26 18:02:11.132: RADIUS: 12 06 03
Dec 26 18:02:11.132: RADIUS: State [24] 38
Dec 26 18:02:11.132: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:11.132: RADIUS: Message-Authenticato[80] 18
Dec 26 18:02:11.132: RADIUS: 82 D9 EC 0F FC 9A 09 07 29 A6 B0 9F 22 CD 0D 43 [ )”C]
Dec 26 18:02:11.132: RADIUS(0000003A): Received from id 1645/99
Dec 26 18:02:11.132: RADIUS/DECODE: EAP-Message fragments, 253+253+253+253+253+231, total 1496 bytes
Dec 26 18:02:11.141: RADIUS/ENCODE(0000003A):Orig. component type = DOT1X
Dec 26 18:02:11.141: RADIUS(0000003A): Config NAS IP: 0.0.0.0
Dec 26 18:02:11.141: RADIUS/ENCODE(0000003A): acct_session_id: 57
Dec 26 18:02:11.141: RADIUS(0000003A): sending
Dec 26 18:02:11.141: RADIUS/ENCODE: Best Local IP-Address 192.168.100.2 for Radius-Server 192.168.250.10
Dec 26 18:02:11.141: RADIUS(0000003A): Send Access-Request to 192.168.250.10:1812 id 1645/100, len 190
Dec 26 18:02:11.141: RADIUS: authenticator 5B A3 81 3D D0 89 A6 3E – 43 F2 09 63 DB 31 6E 6C
Dec 26 18:02:11.141: RADIUS: User-Name [1] 20 “staboas@asirsl.com”
Dec 26 18:02:11.141: RADIUS: Service-Type [6] 6 Framed [2]
Dec 26 18:02:11.141: RADIUS: Framed-MTU [12] 6 1500
Dec 26 18:02:11.141: RADIUS: Called-Station-Id [30] 19 “64-16-8D-87-3D-8E”
Dec 26 18:02:11.141: RADIUS: Calling-Station-Id [31] 19 “00-0A-E4-31-18-B1”
Dec 26 18:02:11.141: RADIUS: EAP-Message [79] 8
Dec 26 18:02:11.141: RADIUS: 02 04 00 06 19 00
Dec 26 18:02:11.141: RADIUS: Message-Authenticato[80] 18
Dec 26 18:02:11.141: RADIUS: 96 E8 26 D7 98 AA CB A9 DB B2 29 81 AE 44 2E E6 [ &)D.]
Dec 26 18:02:11.141: RADIUS: NAS-Port-Type [61] 6 Ethernet [15]
Dec 26 18:02:11.141: RADIUS: NAS-Port [5] 6 50014
Dec 26 18:02:11.141: RADIUS: NAS-Port-Id [87] 18 “FastEthernet0/14”
Dec 26 18:02:11.141: RADIUS: State [24] 38
Dec 26 18:02:11.141: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:11.141: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:11.166: RADIUS: Received from id 1645/100 192.168.250.10:1812, Access-Challenge, len 1590
Dec 26 18:02:11.166: RADIUS: authenticator 30 6E 4D A7 DF 8F D5 24 – 2B 46 39 CE A9 1D 29 6A
Dec 26 18:02:11.166: RADIUS: Session-Timeout [27] 6 30
Dec 26 18:02:11.166: RADIUS: EAP-Message [79] 255
Dec 26 18:02:11.166: RADIUS: 01 05 05 D8 19 40 55 04 0A 13 0B 41 64 64 54 72 75 73 74 20 41 42 31 26 30 [@UAddTrust AB1&0]
Dec 26 18:02:11.166: RADIUS: 24 06 03 55 04 0B 13 1D 41 64 64 54 72 75 73 74 20 45 78 74 65 72 [$UAddTrust Exter]
Dec 26 18:02:11.166: RADIUS: 6E 61 6C 20 54 54 50 20 4E 65 74 77 6F 72 6B 31 [nal TTP Network1]
Dec 26 18:02:11.166: RADIUS: 22 30 20 06 03 55 04 03 13 19 41 64 64 54 72 75 73 74 20 45 78 74 [“0 UAddTrust Ext]
Dec 26 18:02:11.166: RADIUS: 65 72 6E 61 6C 20 43 41 20 52 6F 6F 74 00 CD 30 81 CA 31 0B 30 [ernal CA Root010]
Dec 26 18:02:11.166: RADIUS: 09 06 03 55 04 06 13 02 55 53 31 17 30 15 06 03 55 04 0A 13 0E 56 65 72 69 53 69 67 6E 2C 20 [UUS10UVeriSign, ]
Dec 26 18:02:11.166: RADIUS: 49 6E 63 2E 31 1F 30 1D 06 03 55 04 0B 13 16 56 65 72 69 53 69 67 6E 20 [Inc.10UVeriSign ]
Dec 26 18:02:11.166: RADIUS: 54 72 75 73 74 20 4E 65 74 77 6F 72 6B 31 3A 30 [Trust Network1:0]
Dec 26 18:02:11.166: RADIUS: 38 06 03 55 04 0B 13 31 28 63 29 20 32 30 30 36 20 56 65 72 69 [8U1(c) 2006 Veri]
Dec 26 18:02:11.174: RADIUS: 53 69 67 6E 2C 20 49 6E 63 2E 20 2D 20 46 6F 72 [Sign, Inc. – For]
Dec 26 18:02:11.174: RADIUS: 20 61 75 74 68 6F 72 69 7A 65 64 20 75 73 65 20 [ authorized use ]
Dec 26 18:02:11.174: RADIUS: 6F 6E 6C 79 31 45 30 43 06 03 55 04 03 13 3C 56 65 72 69 53 69 [only1E0CU<VeriSi]
Dec 26 18:02:11.174: RADIUS: 67 6E [ gn]
Dec 26 18:02:11.174: RADIUS: EAP-Message [79] 255
Dec 26 18:02:11.174: RADIUS: 20 43 6C 61 73 73 20 33 20 50 75 62 6C 69 63 20 [ Class 3 Public ]
Dec 26 18:02:11.174: RADIUS: 50 72 69 6D 61 72 79 20 43 65 72 74 69 66 69 63 [Primary Certific]
Dec 26 18:02:11.174: RADIUS: 61 74 69 6F 6E 20 41 75 74 68 6F 72 69 74 79 20 [ation Authority ]
Dec 26 18:02:11.174: RADIUS: 2D 20 47 35 00 61 30 5F 31 0B 30 09 06 03 55 04 06 13 02 55 53 31 17 30 15 06 03 55 04 0A 13 0E 56 [- G5a0_10UUS10UV]
Dec 26 18:02:11.174: RADIUS: 65 72 69 53 69 67 6E 2C 20 49 6E 63 2E 31 37 30 [eriSign, Inc.170]
Dec 26 18:02:11.174: RADIUS: 35 06 03 55 04 0B 13 2E 43 6C 61 73 73 20 33 20 50 75 62 6C 69 [5U.Class 3 Publi]
Dec 26 18:02:11.174: RADIUS: 63 20 50 72 69 6D 61 72 79 20 43 65 72 74 69 66
Dec 26 18:02:11.174: RADIUS: 69 63 61 74 69 6F 6E 20 41 75 74 68 6F 72 69 74 [ication Authorit]
Dec 26 18:02:11.174: RADIUS: 79 00 B7 30 81 B4 31 14 30 12 06 03 55 04 0A 13 0B 45 6E 74 72 75 73 74 2E 6E 65 74 [y010UEntrust.net]
Dec 26 18:02:11.174: RADIUS: 31 40 30 3E 06 03 55 04 0B 14 37 77 77 77 2E 65 6E 74 72 75 73 [1@0>U7www.entrus]
Dec 26 18:02:11.174: RADIUS: 74 2E 6E 65 74 2F 43 50 53 5F 32 30 34 38 20 69 [t.net/CPS_2048 i]
Dec 26 18:02:11.174: RADIUS: 6E 63 6F 72 70 2E 20 62 79 20 72 65 66 2E 20 28 [ncorp. by ref. (]
Dec 26 18:02:11.174: RADIUS: 6C 69 6D 69 74 73 20 6C 69 61 62 2E 29 31 25 30 [limits liab.)1?0]
Dec 26 18:02:11.174: RADIUS: 23 06 03 55 04 0B [ #U]
Dec 26 18:02:11.174: RADIUS: EAP-Message [79] 255
Dec 26 18:02:11.174: RADIUS: 13 1C 28 63 29 20 31 39 39 39 20 45 6E 74 72 75 73 74 [(c) 1999 Entrust]
Dec 26 18:02:11.174: RADIUS: 2E 6E 65 74 20 4C 69 6D 69 74 65 64 31 33 30 31 [.net Limited1301]
Dec 26 18:02:11.174: RADIUS: 06 03 55 04 03 13 2A 45 6E 74 72 75 73 74 2E 6E 65 74 20 43 65 [U*Entrust.net Ce]
Dec 26 18:02:11.174: RADIUS: 72 74 69 66 69 63 61 74 69 6F 6E 20 41 75 74 68 [rtification Auth]
Dec 26 18:02:11.174: RADIUS: 6F 72 69 74 79 20 28 32 30 34 38 29 00 6E 30 6C 31 [ority (2048)n0l1]
Dec 26 18:02:11.174: RADIUS: 0B 30 09 06 03 55 04 06 13 02 55 53 31 15 30 13 06 03 55 04 0A 13 0C 44 69 67 69 43 65 72 74 20 [0UUS10UDigiCert ]
Dec 26 18:02:11.174: RADIUS: 49 6E 63 31 19 30 17 06 03 55 04 0B 13 10 77 77 77 2E 64 69 67 69 63 65 [Inc10Uwww.digice]
Dec 26 18:02:11.183: RADIUS: 72 74 2E 63 6F 6D 31 2B 30 29 06 03 55 04 03 13 22 44 69 67 69 [rt.com1+0)U”Digi]
Dec 26 18:02:11.183: RADIUS: 43 65 72 74 20 48 69 67 68 20 41 73 73 75 72 61 [Cert High Assura]
Dec 26 18:02:11.183: RADIUS: 6E 63 65 20 45 56 20 52 6F 6F 74 20 43 41 00 C4 30 81 C1 31 [nce EV Root CA01]
Dec 26 18:02:11.183: RADIUS: 0B 30 09 06 03 55 04 06 13 02 55 53 31 17 30 15 06 03 55 04 0A 13 0E 56 65 72 69 53 69 67 6E 2C [0UUS10UVeriSign,]
Dec 26 18:02:11.183: RADIUS: 20 49 6E 63 2E 31 3C 30 3A 06 03 55 04 0B 13 33 43 6C 61 73 [ Inc.1<0:U3Clas]
Dec 26 18:02:11.183: RADIUS: EAP-Message [79] 255
Dec 26 18:02:11.183: RADIUS: 73 20 33 20 50 75 62 6C 69 63 20 50 72 69 6D 61 [s 3 Public Prima]
Dec 26 18:02:11.183: RADIUS: 72 79 20 43 65 72 74 69 66 69 63 61 74 69 6F 6E [ry Certification]
Dec 26 18:02:11.183: RADIUS: 20 41 75 74 68 6F 72 69 74 79 20 2D 20 47 32 31 [ Authority – G21]
Dec 26 18:02:11.183: RADIUS: 3A 30 38 06 03 55 04 0B 13 31 28 63 29 20 31 39 39 38 20 56 65 [:08U1(c) 1998 Ve]
Dec 26 18:02:11.183: RADIUS: 72 69 53 69 67 6E 2C 20 49 6E 63 2E 20 2D 20 46 [riSign, Inc. – F]
Dec 26 18:02:11.183: RADIUS: 6F 72 20 61 75 74 68 6F 72 69 7A 65 64 20 75 73 [or authorized us]
Dec 26 18:02:11.183: RADIUS: 65 20 6F 6E 6C 79 31 1F 30 1D 06 03 55 04 0B 13 16 56 65 72 69 53 69 67 [e only10UVeriSig]
Dec 26 18:02:11.183: RADIUS: 6E 20 54 72 75 73 74 20 4E 65 74 77 6F 72 6B 00 AC 30 [n Trust Network0]
Dec 26 18:02:11.183: RADIUS: 81 A9 31 0B 30 09 06 03 55 04 06 13 02 55 53 31 15 30 13 06 03 55 04 0A 13 0C 74 68 61 77 74 65 2C 20 [10UUS10Uthawte, ]
Dec 26 18:02:11.183: RADIUS: 49 6E 63 2E 31 28 30 26 06 03 55 04 0B 13 1F 43 65 72 74 69 66 69 [Inc.1(0&UCertifi]
Dec 26 18:02:11.183: RADIUS: 63 61 74 69 6F 6E 20 53 65 72 76 69 63 65 73 20 [cation Services ]
Dec 26 18:02:11.183: RADIUS: 44 69 76 69 73 69 6F 6E 31 38 30 36 06 03 55 04 0B 13 2F 28 63 [Division1806U/(c]
Dec 26 18:02:11.183: RADIUS: 29 20 32 30 30 36 20 74 68 61 77 74 65 2C 20 49 [) 2006 thawte, I]
Dec 26 18:02:11.183: RADIUS: 6E [ n]
Dec 26 18:02:11.183: RADIUS: EAP-Message [79] 255
Dec 26 18:02:11.183: RADIUS: 63 2E 20 2D 20 46 6F 72 20 61 75 74 68 6F 72 69
Dec 26 18:02:11.183: RADIUS: 7A 65 64 20 75 73 65 20 6F 6E 6C 79 31 1F 30 1D 06 03 55 04 03 13 16 74 [zed use only10Ut]
Dec 26 18:02:11.183: RADIUS: 68 61 77 74 65 20 50 72 69 6D 61 72 79 20 52 6F [hawte Primary Ro]
Dec 26 18:02:11.183: RADIUS: 6F 74 20 43 41 00 77 30 75 31 0B 30 09 06 03 55 04 06 13 02 55 53 31 18 30 16 06 03 55 [ot CAw0u10UUS10U]
Dec 26 18:02:11.183: RADIUS: 04 0A 13 0F 47 54 45 20 43 6F 72 70 6F 72 61 74 69 6F 6E 31 [GTE Corporation1]
Dec 26 18:02:11.191: RADIUS: 27 30 25 06 03 55 04 0B 13 1E 47 54 45 20 43 79 62 65 72 54 72 75 [‘0?UGTE CyberTru]
Dec 26 18:02:11.191: RADIUS: 73 74 20 53 6F 6C 75 74 69 6F 6E 73 2C 20 49 6E [st Solutions, In]
Dec 26 18:02:11.191: RADIUS: 63 2E 31 23 30 21 06 03 55 04 03 13 1A 47 54 45 20 43 79 62 65 72
Dec 26 18:02:11.191: RADIUS: 54 72 75 73 74 20 47 6C 6F 62 61 6C 20 52 6F 6F [Trust Global Roo]
Dec 26 18:02:11.191: RADIUS: 74 00 C6 30 81 C3 31 0B 30 09 06 03 55 04 06 13 02 55 53 31 14 30 12 06 03 55 04 0A 13 0B 45 6E 74 72 75 73 [t010UUS10UEntrus]
Dec 26 18:02:11.191: RADIUS: 74 2E 6E 65 74 31 3B 30 39 06 03 55 04 0B 13 32 77 77 77 2E 65 [t.net1;09U2www.e]
Dec 26 18:02:11.191: RADIUS: 6E 74 72 75 73 74 2E 6E 65 74 2F 43 50 53 20 [ ntrust.net/CPS ]
Dec 26 18:02:11.191: RADIUS: EAP-Message [79] 233
Dec 26 18:02:11.191: RADIUS: 69 6E 63 6F 72 70 2E 20 62 79 20 72 65 66 2E 20 [incorp. by ref. ]
Dec 26 18:02:11.191: RADIUS: 28 6C 69 6D 69 74 73 20 6C 69 61 62 2E 29 31 25 [(limits liab.)1?]
Dec 26 18:02:11.191: RADIUS: 30 23 06 03 55 04 0B 13 1C 28 63 29 20 31 39 39 39 20 45 6E 74 72 [0#U(c) 1999 Entr]
Dec 26 18:02:11.191: RADIUS: 75 73 74 2E 6E 65 74 20 4C 69 6D 69 74 65 64 31 [ust.net Limited1]
Dec 26 18:02:11.191: RADIUS: 3A 30 38 06 03 55 04 03 13 31 45 6E 74 72 75 73 74 2E 6E 65 74 [:08U1Entrust.net]
Dec 26 18:02:11.191: RADIUS: 20 53 65 63 75 72 65 20 53 65 72 76 65 72 20 43 [ Secure Server C]
Dec 26 18:02:11.191: RADIUS: 65 72 74 69 66 69 63 61 74 69 6F 6E 20 41 75 74 [ertification Aut]
Dec 26 18:02:11.191: RADIUS: 68 6F 72 69 74 79 00 59 30 57 31 0B 30 09 06 03 55 04 06 13 02 42 45 31 19 30 [horityY0W10UBE10]
Dec 26 18:02:11.191: RADIUS: 17 06 03 55 04 0A 13 10 47 6C 6F 62 61 6C 53 69 67 6E 20 6E 76 2D 73 [UGlobalSign nv-s]
Dec 26 18:02:11.191: RADIUS: 61 31 10 30 0E 06 03 55 04 0B 13 07 52 6F 6F 74 20 43 41 31 1B 30 19 06 03 55 04 03 13 12 47 6C [a10URoot CA10UGl]
Dec 26 18:02:11.191: RADIUS: 6F 62 61 6C 53 69 67 6E 20 52 6F 6F 74 20 43 41 [obalSign Root CA]
Dec 26 18:02:11.191: RADIUS: 00 44 30 42 31 0B 30 09 06 03 55 [ D0B10U]
Dec 26 18:02:11.191: RADIUS: State [24] 38
Dec 26 18:02:11.191: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:11.191: RADIUS: Message-Authenticato[80] 18
Dec 26 18:02:11.191: RADIUS: FA 50 DF EC 05 3F 53 BA 84 DD 71 62 38 D7 DA D5 [ P?Sqb8]
Dec 26 18:02:11.199: RADIUS(0000003A): Received from id 1645/100
Dec 26 18:02:11.199: RADIUS/DECODE: EAP-Message fragments, 253+253+253+253+253+231, total 1496 bytes
Dec 26 18:02:11.208: RADIUS/ENCODE(0000003A):Orig. component type = DOT1X
Dec 26 18:02:11.208: RADIUS(0000003A): Config NAS IP: 0.0.0.0
Dec 26 18:02:11.208: RADIUS/ENCODE(0000003A): acct_session_id: 57
Dec 26 18:02:11.208: RADIUS(0000003A): sending
Dec 26 18:02:11.208: RADIUS/ENCODE: Best Local IP-Address 192.168.100.2 for Radius-Server 192.168.250.10
Dec 26 18:02:11.208: RADIUS(0000003A): Send Access-Request to 192.168.250.10:1812 id 1645/101, len 190
Dec 26 18:02:11.208: RADIUS: authenticator 24 D6 2B 2C A1 69 5D 18 – 31 84 77 78 D3 37 CE DB
Dec 26 18:02:11.208: RADIUS: User-Name [1] 20 “staboas@asirsl.com”
Dec 26 18:02:11.208: RADIUS: Service-Type [6] 6 Framed [2]
Dec 26 18:02:11.208: RADIUS: Framed-MTU [12] 6 1500
Dec 26 18:02:11.208: RADIUS: Called-Station-Id [30] 19 “64-16-8D-87-3D-8E”
Dec 26 18:02:11.208: RADIUS: Calling-Station-Id [31] 19 “00-0A-E4-31-18-B1″
Dec 26 18:02:11.208: RADIUS: EAP-Message [79] 8
Dec 26 18:02:11.208: RADIUS: 02 05 00 06 19 00
Dec 26 18:02:11.208: RADIUS: Message-Authenticato[80] 18
Dec 26 18:02:11.208: RADIUS: 89 FB DA 9E C1 CC 6A 07 07 89 96 E3 22 E2 EC 86 [ j”]
Dec 26 18:02:11.208: RADIUS: NAS-Port-Type [61] 6 Ethernet [15]
Dec 26 18:02:11.208: RADIUS: NAS-Port [5] 6 50014
Dec 26 18:02:11.208: RADIUS: NAS-Port-Id [87] 18 “FastEthernet0/14”
Dec 26 18:02:11.208: RADIUS: State [24] 38
Dec 26 18:02:11.208: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:11.208: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:11.233: RADIUS: Received from id 1645/101 192.168.250.10:1812, Access-Challenge, len 397
Dec 26 18:02:11.233: RADIUS: authenticator 30 1E C0 77 0D 49 D4 90 – 08 C8 74 D5 9B 8F 59 3A
Dec 26 18:02:11.233: RADIUS: Session-Timeout [27] 6 30
Dec 26 18:02:11.233: RADIUS: EAP-Message [79] 255
Dec 26 18:02:11.233: RADIUS: 01 06 01 37 19 00 04 06 13 02 55 53 31 16 30 14 06 03 55 04 0A 13 0D 47 65 6F 54 72 75 73 74 20 49 [7US10UGeoTrust I]
Dec 26 18:02:11.233: RADIUS: 6E 63 2E 31 1B 30 19 06 03 55 04 03 13 12 47 65 6F 54 72 75 73 74 20 47 [nc.10UGeoTrust G]
Dec 26 18:02:11.233: RADIUS: 6C 6F 62 61 6C 20 43 41 00 72 30 70 31 2B 30 29 06 03 55 [lobal CAr0p1+0)U]
Dec 26 18:02:11.233: RADIUS: 04 0B 13 22 43 6F 70 79 72 69 67 68 74 20 28 63 29 20 31 [“Copyright (c) 1]
Dec 26 18:02:11.233: RADIUS: 39 39 37 20 4D 69 63 72 6F 73 6F 66 74 20 43 6F [997 Microsoft Co]
Dec 26 18:02:11.233: RADIUS: 72 70 2E 31 1E 30 1C 06 03 55 04 0B 13 15 4D 69 63 72 6F 73 6F 66 74 20 [rp.10UMicrosoft ]
Dec 26 18:02:11.233: RADIUS: 43 6F 72 70 6F 72 61 74 69 6F 6E 31 21 30 1F 06 03 55 04 03 13 18 4D [Corporation1!0UM]
Dec 26 18:02:11.233: RADIUS: 69 63 72 6F 73 6F 66 74 20 52 6F 6F 74 20 41 75 [icrosoft Root Au]
Dec 26 18:02:11.233: RADIUS: 74 68 6F 72 69 74 79 00 61 30 5F 31 13 30 11 06 0A 09 92 26 89 93 F2 2C 64 01 19 16 03 63 [thoritya0_10&,dc]
Dec 26 18:02:11.233: RADIUS: 6F 6D 31 19 30 17 06 0A 09 92 26 89 93 F2 2C 64 01 19 16 09 6D 69 63 72 6F 73 6F 66 74 [om10&,dmicrosoft]
Dec 26 18:02:11.233: RADIUS: 31 2D 30 2B 06 03 55 04 03 13 24 4D 69 63 72 6F 73 6F 66 74 [ 1-0+U$Microsoft]
Dec 26 18:02:11.233: RADIUS: EAP-Message [79] 60
Dec 26 18:02:11.233: RADIUS: 20 52 6F 6F 74 20 43 65 72 74 69 66 69 63 61 74 [ Root Certificat]
Dec 26 18:02:11.241: RADIUS: 65 20 41 75 74 68 6F 72 69 74 79 00 19 30 17 31 15 30 13 06 03 55 04 03 13 0C 4E [e Authority010UN]
Dec 26 18:02:11.241: RADIUS: 54 20 41 55 54 48 4F 52 49 54 59 0E 00 00 00 [ T AUTHORITY]
Dec 26 18:02:11.241: RADIUS: State [24] 38
Dec 26 18:02:11.241: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:11.241: RADIUS: Message-Authenticato[80] 18
Dec 26 18:02:11.241: RADIUS: A2 7A EB 91 1C D6 4B D7 58 22 F5 73 01 AE F7 39 [ zKX”s9]
Dec 26 18:02:11.241: RADIUS(0000003A): Received from id 1645/101
Dec 26 18:02:11.241: RADIUS/DECODE: EAP-Message fragments, 253+58, total 311 bytes
Dec 26 18:02:11.250: RADIUS/ENCODE(0000003A):Orig. component type = DOT1X
Dec 26 18:02:11.250: RADIUS(0000003A): Config NAS IP: 0.0.0.0
Dec 26 18:02:11.258: RADIUS/ENCODE(0000003A): acct_session_id: 57
Dec 26 18:02:11.258: RADIUS(0000003A): sending
Dec 26 18:02:11.258: RADIUS/ENCODE: Best Local IP-Address 192.168.100.2 for Radius-Server 192.168.250.10
Dec 26 18:02:11.258: RADIUS(0000003A): Send Access-Request to 192.168.250.10:1812 id 1645/102, len 399
Dec 26 18:02:11.258: RADIUS: authenticator 1C 90 1F 79 0B AC EB 21 – 0C 08 57 DF 7A CD A5 A3
Dec 26 18:02:11.258: RADIUS: User-Name [1] 20 “staboas@asirsl.com”
Dec 26 18:02:11.258: RADIUS: Service-Type [6] 6 Framed [2]
Dec 26 18:02:11.258: RADIUS: Framed-MTU [12] 6 1500
Dec 26 18:02:11.258: RADIUS: Called-Station-Id [30] 19 “64-16-8D-87-3D-8E”
Dec 26 18:02:11.258: RADIUS: Calling-Station-Id [31] 19 “00-0A-E4-31-18-B1”
Dec 26 18:02:11.258: RADIUS: EAP-Message [79] 217
Dec 26 18:02:11.258: RADIUS: 02 06 00 D7 19 80 00 00 00 CD 16 03 01 00 8D 0B 00 00 03 00 00 00 10 00 00 82 00 80 59 E8 55 CF 71 9C 9E 88 97 97 2C C2 7C 71 B5 A8 6A F6 AA AD FF DB 8C 51 02 D0 E6 7B B3 EB E9 2D C4 B2 6D 11 69 D3 B1 61 6C 14 9F 49 6D [YUq,|qjQ{-mialIm]
Dec 26 18:02:11.258: RADIUS: 32 FE 2C 6D FC 61 1C FF F8 F0 A1 76 E5 0A 4A 2B B5 95 9E BD A7 A7 0C 79 CA 48 8A 1E 8A 11 82 C2 5E D9 ED 59 10 92 E8 85 85 73 AE 76 65 B7 4B A5 0C C0 21 [2,mavJ+yH^YsveK!]
Dec 26 18:02:11.258: RADIUS: 09 81 23 DF D2 09 0E 4D 0D 36 F8 D5 87 6F C6 4A 54 21 6D E0 F4 38 4B F6 5A E1 8E 00 68 8E C9 DD 14 03 01 00 01 01 16 03 01 00 30 E5 4F 60 9E 10 66 [#M6oJT!m8KZh0O`f]
Dec 26 18:02:11.258: RADIUS: EE C3 12 68 83 F9 DC 5C E5 FD B3 FC C2 09 31 4B A7 02 D8 AF E4 7A F7 62 0C 32 55 A2 79 96 76 CE C9 C7 21 47 4A 6B 5F D6 FD 60 [ h\1Kzb2Uyv!GJk_`]
Dec 26 18:02:11.258: RADIUS: Message-Authenticato[80] 18
Dec 26 18:02:11.258: RADIUS: 0D A6 46 E9 CB 0C 9E A7 64 70 3C 49 2B 6B FE B9 [ Fdp<I+k]
Dec 26 18:02:11.258: RADIUS: NAS-Port-Type [61] 6 Ethernet [15]
Dec 26 18:02:11.258: RADIUS: NAS-Port [5] 6 50014
Dec 26 18:02:11.258: RADIUS: NAS-Port-Id [87] 18 “FastEthernet0/14″
Dec 26 18:02:11.258: RADIUS: State [24] 38
Dec 26 18:02:11.266: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:11.266: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:12.089: RADIUS: Received from id 1645/102 192.168.250.10:1812, Access-Challenge, len 153
Dec 26 18:02:12.089: RADIUS: authenticator 06 A0 3F C2 49 B0 51 35 – C9 33 E3 01 7D 9A 97 D4
Dec 26 18:02:12.089: RADIUS: Message-Authenticato[80] 18
Dec 26 18:02:12.089: RADIUS: 72 32 9A B0 58 26 C9 BD D6 1A 50 C9 DC 1E 3A 6C [ r2X&P:l]
Dec 26 18:02:12.097: RADIUS(0000003A): Received from id 1645/102
Dec 26 18:02:12.097: RADIUS/DECODE: EAP-Message fragments, 69, total 69 bytes
Dec 26 18:02:12.273: RADIUS/ENCODE(0000003A):Orig. component type = DOT1X
Dec 26 18:02:12.273: RADIUS(0000003A): Config NAS IP: 0.0.0.0
Dec 26 18:02:12.273: RADIUS/ENCODE(0000003A): acct_session_id: 57
Dec 26 18:02:12.273: RADIUS(0000003A): sending
Dec 26 18:02:12.273: RADIUS/ENCODE: Best Local IP-Address 192.168.100.2 for Radius-Server 192.168.250.10
Dec 26 18:02:12.281: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:12.281: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:13.112: RADIUS: Received from id 1645/103 192.168.250.10:1812, Access-Challenge, len 127
Dec 26 18:02:13.112: RADIUS: authenticator B3 7A E3 97 23 34 2F 93 – 85 09 27 3D DC 88 F9 03
Dec 26 18:02:13.112: RADIUS: Session-Timeout [27] 6 30
Dec 26 18:02:13.112: RADIUS: EAP-Message [79] 45
Dec 26 18:02:13.120: RADIUS/DECODE: EAP-Message fragments, 43, total 43 bytes
Dec 26 18:02:13.917: RADIUS/ENCODE(0000003A):Orig. component type = DOT1X
Dec 26 18:02:13.917: RADIUS(0000003A): Config NAS IP: 0.0.0.0
Dec 26 18:02:13.917: RADIUS/ENCODE(0000003A): acct_session_id: 57
Dec 26 18:02:13.917: RADIUS(0000003A): sending
Dec 26 18:02:13.917: RADIUS/ENCODE: Best Local IP-Address 192.168.100.2 for Radius-Server 192.168.250.10
Dec 26 18:02:13.926: RADIUS(0000003A): Send Access-Request to 192.168.250.10:1812 id 1645/104, len 243
Dec 26 18:02:13.926: RADIUS: authenticator A7 28 75 71 DB 3C 8B EB – 86 6F 4B 9E 2D 65 DC E7
Dec 26 18:02:13.926: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:13.926: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:14.739: RADIUS: Received from id 1645/104 192.168.250.10:1812, Access-Challenge, len 143
Dec 26 18:02:14.739: RADIUS: authenticator BA 99 B6 59 8F 80 CA D3 – F4 B2 D7 E7 8E 6C 87 BD
Dec 26 18:02:14.739: RADIUS: Session-Timeout [27] 6 60
Dec 26 18:02:14.739: RADIUS: EAP-Message [79] 61
Dec 26 18:02:14.764: RADIUS(0000003A): Received from id 1645/104
Dec 26 18:02:14.764: RADIUS/DECODE: EAP-Message fragments, 59, total 59 bytes
Dec 26 18:02:15.327: RADIUS/ENCODE(0000003A):Orig. component type = DOT1X
Dec 26 18:02:15.327: RADIUS(0000003A): Config NAS IP: 0.0.0.0
Dec 26 18:02:15.327: RADIUS/ENCODE(0000003A): acct_session_id: 57
Dec 26 18:02:15.327: RADIUS(0000003A): sending
Dec 26 18:02:15.327: RADIUS/ENCODE: Best Local IP-Address 192.168.100.2 for Radius-Server 192.168.250.10
Dec 26 18:02:15.335: RADIUS(0000003A): Send Access-Request to 192.168.250.10:1812 id 1645/105, len 243″FastEthernet0/14”
Dec 26 18:02:15.335: RADIUS: State [24] 38
Dec 26 18:02:15.335: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:15.335: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:16.224: RADIUS: Received from id 1645/105 192.168.250.10:1812, Access-Challenge, len 127
Dec 26 18:02:16.232: RADIUS: authenticator ED 2A A1 FF 88 72 91 54 – 68 CF 02 81 E9 AE 2E F1
Dec 26 18:02:16.232: RADIUS: Session-Timeout [27] 6 30
Dec 26 18:02:16.232: RADIUS: EAP-Message [79] 45
Dec 26 18:02:16.241: RADIUS/DECODE: EAP-Message fragments, 43, total 43 bytes
Dec 26 18:02:16.996: RADIUS/ENCODE(0000003A):Orig. component type = DOT1X
Dec 26 18:02:16.996: RADIUS(0000003A): Config NAS IP: 0.0.0.0
Dec 26 18:02:16.996: RADIUS/ENCODE(0000003A): acct_session_id: 57
Dec 26 18:02:16.996: RADIUS(0000003A): sending
Dec 26 18:02:17.004: RADIUS/ENCODE: Best Local IP-Address 192.168.100.2 for Radius-Server 192.168.250.10
Dec 26 18:02:17.004: RADIUS(0000003A): Send Access-Request to 192.168.250.10:1812 id 1645/106, len 227
Dec 26 18:02:17.004: RADIUS: authenticator 91 F4 26 95 7D F2 05 58 – 11 AE E1 63 E9 5A 0E 62
Dec 26 18:02:17.013: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:17.851: RADIUS: Received from id 1645/106 192.168.250.10:1812, Access-Challenge, len 159
Dec 26 18:02:17.851: RADIUS: authenticator D7 11 CF 44 A4 22 71 0C – 6C 4F A0 59 A6 57 44 68
Dec 26 18:02:17.851: RADIUS: Session-Timeout [27] 6 60
Dec 26 18:02:17.851: RADIUS: EAP-Message [79] 77
Dec 26 18:02:17.851: RADIUS: 01 0B 00 4B 19 00 17 03 01 00 40 6F 72 53 AF 68 35 89 1B C9 E7 3E 08 C8 8A 7D A0 4F A9 27 CC 6B C1 A7 3D 25 36 0F E5 F1 01 D8 96 90 E4 21 [K@orSh5>}O’k=?6!]
Dec 26 18:02:17.851: RADIUS: C4 5A 31 04 7F 0B 48 6F 02 42 01 26 E3 62 16 62 9D 13 C0 2D CE 79 13 1D E7 F5 7A C7 C7 [ Z1HoB&bb-yz]
Dec 26 18:02:17.851: RADIUS: State [24] 38
Dec 26 18:02:17.851: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:17.851: RADIUS: Message-Authenticato[80] 18
Dec 26 18:02:17.851: RADIUS: 8E 40 E2 A9 D0 85 BF 6E F4 A7 F2 7E 9C 90 79 F4 [ @n~y]
Dec 26 18:02:17.868: RADIUS(0000003A): Received from id 1645/106
Dec 26 18:02:17.868: RADIUS/DECODE: EAP-Message fragments, 75, total 75 bytes
Dec 26 18:02:18.690: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:18.690: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:19.521: RADIUS: Received from id 1645/107 192.168.250.10:1812, Access-Challenge, len 175
Dec 26 18:02:19.521: RADIUS: authenticator AD E9 F4 4B B2 FE 95 A7 – D5 61 2D 97 5E 5C BF 67
Dec 26 18:02:19.521: RADIUS: Session-Timeout [27] 6 60
Dec 26 18:02:19.521: RADIUS: EAP-Message [79] 93
Dec 26 18:02:19.521: RADIUS: 54 C7 1C DB 90 35 E3 EF EC D4 DC 44 DC 22 50 32 [ T5D”P2]
Dec 26 18:02:19.538: RADIUS(0000003A): Received from id 1645/107
Dec 26 18:02:19.538: RADIUS/DECODE: EAP-Message fragments, 91, total 91 bytes
Dec 26 18:02:20.150: RADIUS/ENCODE(0000003A):Orig. component type = DOT1X
Dec 26 18:02:20.150: RADIUS(0000003A): Config NAS IP: 0.0.0.0
Dec 26 18:02:20.150: RADIUS/ENCODE(0000003A): acct_session_id: 57
Dec 26 18:02:20.150: RADIUS(0000003A): sending
Dec 26 18:02:20.150: RADIUS/ENCODE: Best Local IP-Address 192.168.100.2 for Radius-Server 192.168.250.10
Dec 26 18:02:20.167: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:20.167: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:20.863: RADIUS: Received from id 1645/108 192.168.250.10:1812, Access-Challenge, len 191
Dec 26 18:02:20.863: RADIUS: authenticator D2 A0 C6 99 A9 AC AC 3E – 0A B9 77 9D BC 50 34 0F
Dec 26 18:02:20.863: RADIUS: Session-Timeout [27] 6 30
Dec 26 18:02:20.863: RADIUS: EAP-Message [79] 109
Dec 26 18:02:20.863: RADIUS: Message-Authenticato[80] 18
Dec 26 18:02:20.863: RADIUS: 68 28 C4 2D 32 23 FD BA 7E 88 08 CA EA B1 02 1F [ h(-2#~]
Dec 26 18:02:20.871: RADIUS(0000003A): Received from id 1645/108
Dec 26 18:02:20.871: RADIUS/DECODE: EAP-Message fragments, 107, total 107 bytes
Dec 26 18:02:21.635: RADIUS/ENCODE(0000003A):Orig. component type = DOT1X
Dec 26 18:02:21.635: RADIUS(0000003A): Config NAS IP: 0.0.0.0
Dec 26 18:02:21.643: RADIUS/ENCODE(0000003A): acct_session_id: 57
Dec 26 18:02:21.643: RADIUS(0000003A): sending
Dec 26 18:02:21.643: RADIUS/ENCODE: Best Local IP-Address 192.168.100.2 for Radius-Server 192.168.250.10
Dec 26 18:02:21.652: RADIUS: NAS-Port-Type [61] 6 Ethernet [15]
Dec 26 18:02:21.652: RADIUS: NAS-Port [5] 6 50014
Dec 26 18:02:21.652: RADIUS: NAS-Port-Id [87] 18 “FastEthernet0/14”
Dec 26 18:02:21.652: RADIUS: State [24] 38
Dec 26 18:02:21.652: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:21.652: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:22.499: RADIUS: Received from id 1645/109 192.168.250.10:1812, Access-Accept, len 308
Dec 26 18:02:23.673: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/14, changed state to
Dec 26 18:02:11.023: RADIUS/ENCODE(0000003A):Orig. component type = DOT1X
Dec 26 18:02:11.023: RADIUS(0000003A): Config NAS IP: 0.0.0.0
Dec 26 18:02:11.023: RADIUS/ENCODE(0000003A): acct_session_id: 57
Dec 26 18:02:11.023: RADIUS(0000003A): sending
Dec 26 18:02:11.023: RADIUS/ENCODE: Best Local IP-Address 192.168.100.2 for Radius-Server 192.168.250.10
Dec 26 18:02:11.023: RADIUS(0000003A): Send Access-Request to 192.168.250.10:1812 id 1645/98, len 169
Dec 26 18:02:11.023: RADIUS: authenticator D0 BF AE C7 12 A7 4A C3 – 82 AB A6 1F 54 8A 54 12
Dec 26 18:02:11.023: RADIUS: User-Name [1] 20 “staboas@asirsl.com”
Dec 26 18irsl.c]
Dec 26 18:02:11.023: RADIUS: 6F 6D [ om]
Dec 26 18:02:11.023: RADIUS: Message-Authenticato[80] 18 :02:11.023: RADIUS: Service
Dec 26 18:02:11.023: RADIUS: 7E 5A 03 CA 5E AD 95 6F AB D8 D6 01 17 02 0B D4 [ ~Z^o]
Dec 26 18:02:11.023: RADIUS: NAS-Port-Type [61] 6 Ethernet [15]
Dec 26 18:02:11.023: RADIUS: NAS-Port [5] 6 50014
Dec 26 18:02:11.023: RADIUS: NAS-Port-Id [87] 18 “FastEthernet0/14”
Dec 26 18:02:11.023: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:11.057: RADIUS: Received from id 1645/98 192.168.250.10:1812, Access-Challenge, len 90
Dec 26 18:02:11.057: RADIUS: authenticator 32 7A 21 BC 63 A0 F7 F8 – 73 08 7F 55 D1 94 25 DF-Type [6] [27] 6 30
Dec 26 18:02:11.057: RADIUS: EAP-Message [79] 8
Dec 26 18:02:11.057: RADIUS: 01 03 00 06 19 20 [ ]
Dec 26 18:02:11.057: RADIUS: State [24] 38
Dec 26 18:02:11.065: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:11.065: RADIUS: Message-Authenticato[80] 18
Dec 26 18:02:11.065: RADIUS: BA 6F E3 11 25 55 C6 7A BE 54 60 8E C6 70 58 7D [ o?UzT`pX}]
Dec 26 18:02:11.065: RADIUS(0000003A): Received from id 1645/986 Framed
Dec 26 18:02:11.065: RADIUS/DECODE: EAP-Message fragments, 6, total 6 bytes
Dec 26 18:02:11.065: RADIUS/ENCODE(0000003A):Orig. component type = DOT1X
Dec 26 18:02:11.073: RADIUS(0000003A): Config NAS IP: 0.0.0.0
Dec 26 18:02:11.073: RADIUS/ENCODE(0000003A): acct_session_id: 57
Dec 26 18:02:11.073: RADIUS(0000003A): sending
Dec 26 18:02:11.073: RADIUS/ENCODE: Best Local IP-Address 192.168.100.2 for Radius-Server 192.168.250.10
Dec 26 18:02:11.073: RADIUS(0000003A): Send Access-Request to 192.168.250.10:1812 id 1645/99, len 289
Dec 26 18:02:11.073: RADIUS: authenticator FC 0E 04 AF 84 DF 62 9B – FB 43 42 B4 27 FD A8 25 [2]
Dec 26 18:02:11.023: RAD [1] 20 “staboas@asirsl.com”
Dec 26 18:02:11.073: RADIUS: Service-Type [6] 6 Framed [2]
Dec 26 18:02:11.073: RADIUS: Framed-MTU [12] 6 1500
Dec 26 18:02:11.073: RADIUS: Called-Station-Id [30] 19 “64-16-8D-87-3D-8E”
Dec 26 18:02:11.073: RADIUS: Calling-Station-Id [31] 19 “00-0A-E4-31-18-B1”
Dec 26 18:02:11.073: RADIUS: EAP-Message [79] 107 IUS: Framed-MTU [12] 6 1500
Dec 26 18:02:11.073: RADIUS: 02 03 00 69 19 80 00 00 00 5F 16 03 01 00 5A 01 00 00 56 03 01 50 DB 3B D6 03 02 F4 ED 12 97 5F 85 D6 18 E3 A7 55 62 BE 50 B6 64 3C D1 5A 4D 63 09 1F E0 34 [i_ZVP;_UbPd<ZMc4]
Dec 26 18:02:11.073: RADIUS: 27 00 00 18 00 2F 00 35 00 05 00 0A C0 13 C0 14 C0 09 C0 0A 00 32 00 38 00 13 00 04 01 00 00 15 FF 01 00 01 00 00 0A 00 06 00 04 00 17 00 18 00 0B 00 02 01 00 [ ‘/528]
Dec 26 18:02:11.073: RADIUS: Message-Authenticato[80] 18
Dec 26 18:02:11.073: RADIUS: B3 F2 B7 52 7A 04 54 0A 34 14 B5 F2 DF 1A 6E 52 [ RzT4nR]
Dec 26 18:02:11.073: RADIUS: NAS-Port-Type [61] 6 Ethernet [15]
De
Dec 26 18:02:11.073: RADIUS: NAS-Port-Id [87] 18 “FastEthernet0/14”
Dec 26 18:02:11.073: RADIUS: State [24] 38
Dec 26 18:02:11.073: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:11.073: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:11.099: RADIUS: Received from id 1645/99 192.168.250.10:1812, Access-Challenge, len 1590
Dec 2c6 18:02:11.099: RADIUS: authenticator 5A 94 A5 7B C9 7C BC 09 – 9F 4D 6F 41 78 35 43 B0 26 18:02:11.023: RADIUS: Called-
Dec 26 18:02:11.099: RADIUS: Session-Timeout [27] 6 30
Dec 26 18:02:11.099: RADIUS: EAP-Message [79] 255
Dec 26 18:02:11.099: RADIUS: 01 04 05 D8 19 C0 00 00 0C D1 16 03 01 0C CC 02 00 00 4D 03 01 50 DB 3B D3 CD 77 83 1D 3F 10 09 FC F9 2F 82 45 BB C8 E9 40 FD 97 F1 C4 6D F3 64 28 61 0D 24 C8 20 5E 1B 00 00 39 [MP;w?/E@md(a$ ^9]
Dec 26 18:02:11.099: RADIUS: BC E5 00 CF 01 1D 4D 84 33 7C 6E F0 C7 52 FE 20 3C F7 AC 08 31 16 31 DE 26 1E 17 00 2F 00 00 05 FF 01 00 01 00 0B 00 05 0A 00 05 07 00 05 04 30 82 05 00 30 82 03 E8 A0 03 02 01 02 02 0A 49 5E 10 S11 00 00 00 00 01 F8 30 [M3|nR <11&/00I^0]tation-Id [30] 19 “64-1 F7 0D 01 01 05 05 00 30 45 31 13 30 11 06 0A 09 92 26 89 93 F2 2C 64 01 19 16 03 63 6F 6D 31 16 30 14 06 0A 09 92 26 89 93 F2 2C [*H0E10&,dcom10&,]
Dec 26 18:02:11.107: RADIUS: 64 01 19 16 06 61 73 69 72 73 6C 31 16 30 14 06 03 55 04 03 13 0D 41 53 49 52 53 4C [dasirsl10UASIRSL]
Dec 26 18:02:11.107: RADIUS: 2D 43 41 52 6F 6F 74 30 1E 17 0D 31 32 30 39 32 39 32 30 [-CARoot012092920]
Dec 26 18:02:11.107: RADIUS: 34 32 34 32 5A 17 0D 31 33 30 39 32 39 32 30 34 32 34 [4242Z13092920424]
Dec 26 18:02:11.107: RADIUS: 32 5A 30 22 31 20 [ 2Z0″1 ]
Dec 26 18:02:11.107: RADIUS: EAP-Message [79] 255 6-8D-87-3D-8E”
Dec 26 18:02:11.115: RADIUS: 72 61 74 69 6F 6E 2C 44 43 3D 61 [ ration,DC=a]
Dec 26 18:02:11.115: RADIUS: EAP-Message [79] 255
Dec 26 18:02:11.115: RADIUS: 73 69 72 73 6C 2C 44 43 3D 63 6F 6D 3F 63 65 72 [sirsl,DC=com?cer]
Dec 26 18:02:11.115: RADIUS: 74 69 66 69 63 61 74 65 52 65 76 6F 63 61 74 69 [tificateRevocati]
Dec 26 18:02:11.115: RADIUS: 6F 6E 4C 69 73 74 3F 62 61 73 65 3F 6F 62 6A 65 [onList?base?obje]
Dec 26 18:02:11.115: RADIUS: 63 74 43 6C 61 73 73 3D 63 52 4C 44 69 73 74 72 [ctClass=cRLDistr]
Dec 26 18:02:11.115: RADIUS: 69 62 75 74 69 6F 6E 50 6F 69 6E 74 86 2B 68 74 74 [ibutionPoint+htt]18:02:11.023: RADIUS: 02 02 00 17 01 73 74 61 62 6F 61 73 40 61 73 69 72 73 6C 2E 63 [staboas@as
Dec 26 18:02:11.057: RADIUS: Session-Timeout
Dec 26 18:02:11.073: RADIUS: User-Name
Dec 26 18:02:11.073: RADIUS: NAS-Port [5] 6 50014
Dec 26 18:02:11.107: RADIUS: 0D 06 09 2A 86 48 86
Dec 26 18:02:11.124: RADIUS: EAP-Message [79] 233
Dec 26 18:02:11.124: RADIUS: AD ED 27 BD D4 3D 23 FC D5 8D 7D AF E9 62 38 B8 8A 06 35 E0 36 95 73 05 19 D3 ED C4 7C A5 17 58 5F A1 9D 43 70 A6 F8 78 20 [‘=#}b856s|X_Cpx ]
Dec 26 18:02:11.124: RADIUS: FC 4C 69 C8 57 FE 32 FA FC 9F 8E 46 FE 09 89 26 84 2F A3 80 FC FE 4E 21 84 85 04 65 8F FD 83 E9 4E A3 9E 33 AF 78 B3 D5 8B 89 0D CB D9 76 7B E4 81 5A [LiW2F&/N!eN3xv{Z]
Dec 26 18:02:11.124: RADIUS: 18 26 0C 50 29 44 62 21 BD 53 97 A8 AD 41 D5 21 2C C0 12 07 ED 49 DF 9E 77 7F A4 C0 38 D4 05 0B A2 89 0D 00 07 65 03 01 02 40 07 5F [&P)Db!SA!,Iw8e@_]
Dec 26 18:02:11.124: RADIUS: 00 47 30 45 31 13 30 11 06 0A 09 92 26 89 93 F2 2C 64 01 19 16 03 63 6F 6D 31 16 30 14 06 0A 09 92 26 89 93 F2 2C 64 [G0E10&,dcom10&,d]
Dec 26 18:02:11.124: RADIUS: 01 19 16 06 61 73 69 72 73 6C 31 16 30 14 06 03 55 04 03 13 0D 41 53 49 52 53 4C 2D [asirsl10UASIRSL-]
Dec 26 18:02:11.132: RADIUS: 43 41 52 6F 6F 74 00 71 30 6F 31 0B 30 09 06 03 55 04 06 13 02 53 45 31 14 30 [CARootq0o10USE10]
Dec 26 18:02:11.132: RADIUS: 12 06 03
Dec 26 18:02:11.132: RADIUS: State [24] 38
Dec 26 18:02:11.132: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:11.132: RADIUS: Message-Authenticato[80] 18
Dec 26 18:02:11.132: RADIUS: 82 D9 EC 0F FC 9A 09 07 29 A6 B0 9F 22 CD 0D 43 [ )”C]
Dec 26 18:02:11.132: RADIUS(0000003A): Received from id 1645/99
Dec 26 18:02:11.132: RADIUS/DECODE: EAP-Message fragments, 253+253+253+253+253+231, total 1496 bytes
Dec 26 18:02:11.141: RADIUS/ENCODE(0000003A):Orig. component type = DOT1X
Dec 26 18:02:11.141: RADIUS(0000003A): Config NAS IP: 0.0.0.0
Dec 26 18:02:11.141: RADIUS/ENCODE(0000003A): acct_session_id: 57
Dec 26 18:02:11.141: RADIUS(0000003A): sending
Dec 26 18:02:11.141: RADIUS/ENCODE: Best Local IP-Address 192.168.100.2 for Radius-Server 192.168.250.10
Dec 26 18:02:11.141: RADIUS(0000003A): Send Access-Request to 192.168.250.10:1812 id 1645/100, len 190
Dec 26 18:02:11.141: RADIUS: authenticator 5B A3 81 3D D0 89 A6 3E – 43 F2 09 63 DB 31 6E 6C
Dec 26 18:02:11.141: RADIUS: User-Name [1] 20 “staboas@asirsl.com”
Dec 26 18:02:11.141: RADIUS: Service-Type [6] 6 Framed [2]
Dec 26 18:02:11.141: RADIUS: Framed-MTU [12] 6 1500
Dec 26 18:02:11.141: RADIUS: Called-Station-Id [30] 19 “64-16-8D-87-3D-8E”
Dec 26 18:02:11.141: RADIUS: Calling-Station-Id [31] 19 “00-0A-E4-31-18-B1”
Dec 26 18:02:11.141: RADIUS: EAP-Message [79] 8
Dec 26 18:02:11.141: RADIUS: 02 04 00 06 19 00
Dec 26 18:02:11.141: RADIUS: Message-Authenticato[80] 18
Dec 26 18:02:11.141: RADIUS: 96 E8 26 D7 98 AA CB A9 DB B2 29 81 AE 44 2E E6 [ &)D.]
Dec 26 18:02:11.141: RADIUS: NAS-Port-Type [61] 6 Ethernet [15]
Dec 26 18:02:11.141: RADIUS: NAS-Port [5] 6 50014
Dec 26 18:02:11.141: RADIUS: NAS-Port-Id [87] 18 “FastEthernet0/14”
Dec 26 18:02:11.141: RADIUS: State [24] 38
Dec 26 18:02:11.141: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:11.141: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:11.166: RADIUS: Received from id 1645/100 192.168.250.10:1812, Access-Challenge, len 1590
Dec 26 18:02:11.166: RADIUS: authenticator 30 6E 4D A7 DF 8F D5 24 – 2B 46 39 CE A9 1D 29 6A
Dec 26 18:02:11.166: RADIUS: Session-Timeout [27] 6 30
Dec 26 18:02:11.166: RADIUS: EAP-Message [79] 255
Dec 26 18:02:11.166: RADIUS: 01 05 05 D8 19 40 55 04 0A 13 0B 41 64 64 54 72 75 73 74 20 41 42 31 26 30 [@UAddTrust AB1&0]
Dec 26 18:02:11.166: RADIUS: 24 06 03 55 04 0B 13 1D 41 64 64 54 72 75 73 74 20 45 78 74 65 72 [$UAddTrust Exter]
Dec 26 18:02:11.166: RADIUS: 6E 61 6C 20 54 54 50 20 4E 65 74 77 6F 72 6B 31 [nal TTP Network1]
Dec 26 18:02:11.166: RADIUS: 22 30 20 06 03 55 04 03 13 19 41 64 64 54 72 75 73 74 20 45 78 74 [“0 UAddTrust Ext]
Dec 26 18:02:11.166: RADIUS: 65 72 6E 61 6C 20 43 41 20 52 6F 6F 74 00 CD 30 81 CA 31 0B 30 [ernal CA Root010]
Dec 26 18:02:11.166: RADIUS: 09 06 03 55 04 06 13 02 55 53 31 17 30 15 06 03 55 04 0A 13 0E 56 65 72 69 53 69 67 6E 2C 20 [UUS10UVeriSign, ]
Dec 26 18:02:11.166: RADIUS: 49 6E 63 2E 31 1F 30 1D 06 03 55 04 0B 13 16 56 65 72 69 53 69 67 6E 20 [Inc.10UVeriSign ]
Dec 26 18:02:11.166: RADIUS: 54 72 75 73 74 20 4E 65 74 77 6F 72 6B 31 3A 30 [Trust Network1:0]
Dec 26 18:02:11.166: RADIUS: 38 06 03 55 04 0B 13 31 28 63 29 20 32 30 30 36 20 56 65 72 69 [8U1(c) 2006 Veri]
Dec 26 18:02:11.174: RADIUS: 53 69 67 6E 2C 20 49 6E 63 2E 20 2D 20 46 6F 72 [Sign, Inc. – For]
Dec 26 18:02:11.174: RADIUS: 20 61 75 74 68 6F 72 69 7A 65 64 20 75 73 65 20 [ authorized use ]
Dec 26 18:02:11.174: RADIUS: 6F 6E 6C 79 31 45 30 43 06 03 55 04 03 13 3C 56 65 72 69 53 69 [only1E0CU<VeriSi]
Dec 26 18:02:11.174: RADIUS: 67 6E [ gn]
Dec 26 18:02:11.174: RADIUS: EAP-Message [79] 255
Dec 26 18:02:11.174: RADIUS: 20 43 6C 61 73 73 20 33 20 50 75 62 6C 69 63 20 [ Class 3 Public ]
Dec 26 18:02:11.174: RADIUS: 50 72 69 6D 61 72 79 20 43 65 72 74 69 66 69 63 [Primary Certific]
Dec 26 18:02:11.174: RADIUS: 61 74 69 6F 6E 20 41 75 74 68 6F 72 69 74 79 20 [ation Authority ]
Dec 26 18:02:11.174: RADIUS: 2D 20 47 35 00 61 30 5F 31 0B 30 09 06 03 55 04 06 13 02 55 53 31 17 30 15 06 03 55 04 0A 13 0E 56 [- G5a0_10UUS10UV]
Dec 26 18:02:11.174: RADIUS: 65 72 69 53 69 67 6E 2C 20 49 6E 63 2E 31 37 30 [eriSign, Inc.170]
Dec 26 18:02:11.174: RADIUS: 35 06 03 55 04 0B 13 2E 43 6C 61 73 73 20 33 20 50 75 62 6C 69 [5U.Class 3 Publi]
Dec 26 18:02:11.174: RADIUS: 63 20 50 72 69 6D 61 72 79 20 43 65 72 74 69 66
Dec 26 18:02:11.174: RADIUS: 69 63 61 74 69 6F 6E 20 41 75 74 68 6F 72 69 74 [ication Authorit]
Dec 26 18:02:11.174: RADIUS: 79 00 B7 30 81 B4 31 14 30 12 06 03 55 04 0A 13 0B 45 6E 74 72 75 73 74 2E 6E 65 74 [y010UEntrust.net]
Dec 26 18:02:11.174: RADIUS: 31 40 30 3E 06 03 55 04 0B 14 37 77 77 77 2E 65 6E 74 72 75 73 [1@0>U7www.entrus]
Dec 26 18:02:11.174: RADIUS: 74 2E 6E 65 74 2F 43 50 53 5F 32 30 34 38 20 69 [t.net/CPS_2048 i]
Dec 26 18:02:11.174: RADIUS: 6E 63 6F 72 70 2E 20 62 79 20 72 65 66 2E 20 28 [ncorp. by ref. (]
Dec 26 18:02:11.174: RADIUS: 6C 69 6D 69 74 73 20 6C 69 61 62 2E 29 31 25 30 [limits liab.)1?0]
Dec 26 18:02:11.174: RADIUS: 23 06 03 55 04 0B [ #U]
Dec 26 18:02:11.174: RADIUS: EAP-Message [79] 255
Dec 26 18:02:11.174: RADIUS: 13 1C 28 63 29 20 31 39 39 39 20 45 6E 74 72 75 73 74 [(c) 1999 Entrust]
Dec 26 18:02:11.174: RADIUS: 2E 6E 65 74 20 4C 69 6D 69 74 65 64 31 33 30 31 [.net Limited1301]
Dec 26 18:02:11.174: RADIUS: 06 03 55 04 03 13 2A 45 6E 74 72 75 73 74 2E 6E 65 74 20 43 65 [U*Entrust.net Ce]
Dec 26 18:02:11.174: RADIUS: 72 74 69 66 69 63 61 74 69 6F 6E 20 41 75 74 68 [rtification Auth]
Dec 26 18:02:11.174: RADIUS: 6F 72 69 74 79 20 28 32 30 34 38 29 00 6E 30 6C 31 [ority (2048)n0l1]
Dec 26 18:02:11.174: RADIUS: 0B 30 09 06 03 55 04 06 13 02 55 53 31 15 30 13 06 03 55 04 0A 13 0C 44 69 67 69 43 65 72 74 20 [0UUS10UDigiCert ]
Dec 26 18:02:11.174: RADIUS: 49 6E 63 31 19 30 17 06 03 55 04 0B 13 10 77 77 77 2E 64 69 67 69 63 65 [Inc10Uwww.digice]
Dec 26 18:02:11.183: RADIUS: 72 74 2E 63 6F 6D 31 2B 30 29 06 03 55 04 03 13 22 44 69 67 69 [rt.com1+0)U”Digi]
Dec 26 18:02:11.183: RADIUS: 43 65 72 74 20 48 69 67 68 20 41 73 73 75 72 61 [Cert High Assura]
Dec 26 18:02:11.183: RADIUS: 6E 63 65 20 45 56 20 52 6F 6F 74 20 43 41 00 C4 30 81 C1 31 [nce EV Root CA01]
Dec 26 18:02:11.183: RADIUS: 0B 30 09 06 03 55 04 06 13 02 55 53 31 17 30 15 06 03 55 04 0A 13 0E 56 65 72 69 53 69 67 6E 2C [0UUS10UVeriSign,]
Dec 26 18:02:11.183: RADIUS: 20 49 6E 63 2E 31 3C 30 3A 06 03 55 04 0B 13 33 43 6C 61 73 [ Inc.1<0:U3Clas]
Dec 26 18:02:11.183: RADIUS: EAP-Message [79] 255
Dec 26 18:02:11.183: RADIUS: 73 20 33 20 50 75 62 6C 69 63 20 50 72 69 6D 61 [s 3 Public Prima]
Dec 26 18:02:11.183: RADIUS: 72 79 20 43 65 72 74 69 66 69 63 61 74 69 6F 6E [ry Certification]
Dec 26 18:02:11.183: RADIUS: 20 41 75 74 68 6F 72 69 74 79 20 2D 20 47 32 31 [ Authority – G21]
Dec 26 18:02:11.183: RADIUS: 3A 30 38 06 03 55 04 0B 13 31 28 63 29 20 31 39 39 38 20 56 65 [:08U1(c) 1998 Ve]
Dec 26 18:02:11.183: RADIUS: 72 69 53 69 67 6E 2C 20 49 6E 63 2E 20 2D 20 46 [riSign, Inc. – F]
Dec 26 18:02:11.183: RADIUS: 6F 72 20 61 75 74 68 6F 72 69 7A 65 64 20 75 73 [or authorized us]
Dec 26 18:02:11.183: RADIUS: 65 20 6F 6E 6C 79 31 1F 30 1D 06 03 55 04 0B 13 16 56 65 72 69 53 69 67 [e only10UVeriSig]
Dec 26 18:02:11.183: RADIUS: 6E 20 54 72 75 73 74 20 4E 65 74 77 6F 72 6B 00 AC 30 [n Trust Network0]
Dec 26 18:02:11.183: RADIUS: 81 A9 31 0B 30 09 06 03 55 04 06 13 02 55 53 31 15 30 13 06 03 55 04 0A 13 0C 74 68 61 77 74 65 2C 20 [10UUS10Uthawte, ]
Dec 26 18:02:11.183: RADIUS: 49 6E 63 2E 31 28 30 26 06 03 55 04 0B 13 1F 43 65 72 74 69 66 69 [Inc.1(0&UCertifi]
Dec 26 18:02:11.183: RADIUS: 63 61 74 69 6F 6E 20 53 65 72 76 69 63 65 73 20 [cation Services ]
Dec 26 18:02:11.183: RADIUS: 44 69 76 69 73 69 6F 6E 31 38 30 36 06 03 55 04 0B 13 2F 28 63 [Division1806U/(c]
Dec 26 18:02:11.183: RADIUS: 29 20 32 30 30 36 20 74 68 61 77 74 65 2C 20 49 [) 2006 thawte, I]
Dec 26 18:02:11.183: RADIUS: 6E [ n]
Dec 26 18:02:11.183: RADIUS: EAP-Message [79] 255
Dec 26 18:02:11.183: RADIUS: 63 2E 20 2D 20 46 6F 72 20 61 75 74 68 6F 72 69
Dec 26 18:02:11.183: RADIUS: 7A 65 64 20 75 73 65 20 6F 6E 6C 79 31 1F 30 1D 06 03 55 04 03 13 16 74 [zed use only10Ut]
Dec 26 18:02:11.183: RADIUS: 68 61 77 74 65 20 50 72 69 6D 61 72 79 20 52 6F [hawte Primary Ro]
Dec 26 18:02:11.183: RADIUS: 6F 74 20 43 41 00 77 30 75 31 0B 30 09 06 03 55 04 06 13 02 55 53 31 18 30 16 06 03 55 [ot CAw0u10UUS10U]
Dec 26 18:02:11.183: RADIUS: 04 0A 13 0F 47 54 45 20 43 6F 72 70 6F 72 61 74 69 6F 6E 31 [GTE Corporation1]
Dec 26 18:02:11.191: RADIUS: 27 30 25 06 03 55 04 0B 13 1E 47 54 45 20 43 79 62 65 72 54 72 75 [‘0?UGTE CyberTru]
Dec 26 18:02:11.191: RADIUS: 73 74 20 53 6F 6C 75 74 69 6F 6E 73 2C 20 49 6E [st Solutions, In]
Dec 26 18:02:11.191: RADIUS: 63 2E 31 23 30 21 06 03 55 04 03 13 1A 47 54 45 20 43 79 62 65 72
Dec 26 18:02:11.191: RADIUS: 54 72 75 73 74 20 47 6C 6F 62 61 6C 20 52 6F 6F [Trust Global Roo]
Dec 26 18:02:11.191: RADIUS: 74 00 C6 30 81 C3 31 0B 30 09 06 03 55 04 06 13 02 55 53 31 14 30 12 06 03 55 04 0A 13 0B 45 6E 74 72 75 73 [t010UUS10UEntrus]
Dec 26 18:02:11.191: RADIUS: 74 2E 6E 65 74 31 3B 30 39 06 03 55 04 0B 13 32 77 77 77 2E 65 [t.net1;09U2www.e]
Dec 26 18:02:11.191: RADIUS: 6E 74 72 75 73 74 2E 6E 65 74 2F 43 50 53 20 [ ntrust.net/CPS ]
Dec 26 18:02:11.191: RADIUS: EAP-Message [79] 233
Dec 26 18:02:11.191: RADIUS: 69 6E 63 6F 72 70 2E 20 62 79 20 72 65 66 2E 20 [incorp. by ref. ]
Dec 26 18:02:11.191: RADIUS: 28 6C 69 6D 69 74 73 20 6C 69 61 62 2E 29 31 25 [(limits liab.)1?]
Dec 26 18:02:11.191: RADIUS: 30 23 06 03 55 04 0B 13 1C 28 63 29 20 31 39 39 39 20 45 6E 74 72 [0#U(c) 1999 Entr]
Dec 26 18:02:11.191: RADIUS: 75 73 74 2E 6E 65 74 20 4C 69 6D 69 74 65 64 31 [ust.net Limited1]
Dec 26 18:02:11.191: RADIUS: 3A 30 38 06 03 55 04 03 13 31 45 6E 74 72 75 73 74 2E 6E 65 74 [:08U1Entrust.net]
Dec 26 18:02:11.191: RADIUS: 20 53 65 63 75 72 65 20 53 65 72 76 65 72 20 43 [ Secure Server C]
Dec 26 18:02:11.191: RADIUS: 65 72 74 69 66 69 63 61 74 69 6F 6E 20 41 75 74 [ertification Aut]
Dec 26 18:02:11.191: RADIUS: 68 6F 72 69 74 79 00 59 30 57 31 0B 30 09 06 03 55 04 06 13 02 42 45 31 19 30 [horityY0W10UBE10]
Dec 26 18:02:11.191: RADIUS: 17 06 03 55 04 0A 13 10 47 6C 6F 62 61 6C 53 69 67 6E 20 6E 76 2D 73 [UGlobalSign nv-s]
Dec 26 18:02:11.191: RADIUS: 61 31 10 30 0E 06 03 55 04 0B 13 07 52 6F 6F 74 20 43 41 31 1B 30 19 06 03 55 04 03 13 12 47 6C [a10URoot CA10UGl]
Dec 26 18:02:11.191: RADIUS: 6F 62 61 6C 53 69 67 6E 20 52 6F 6F 74 20 43 41 [obalSign Root CA]
Dec 26 18:02:11.191: RADIUS: 00 44 30 42 31 0B 30 09 06 03 55 [ D0B10U]
Dec 26 18:02:11.191: RADIUS: State [24] 38
Dec 26 18:02:11.191: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:11.191: RADIUS: Message-Authenticato[80] 18
Dec 26 18:02:11.191: RADIUS: FA 50 DF EC 05 3F 53 BA 84 DD 71 62 38 D7 DA D5 [ P?Sqb8]
Dec 26 18:02:11.199: RADIUS(0000003A): Received from id 1645/100
Dec 26 18:02:11.199: RADIUS/DECODE: EAP-Message fragments, 253+253+253+253+253+231, total 1496 bytes
Dec 26 18:02:11.208: RADIUS/ENCODE(0000003A):Orig. component type = DOT1X
Dec 26 18:02:11.208: RADIUS(0000003A): Config NAS IP: 0.0.0.0
Dec 26 18:02:11.208: RADIUS/ENCODE(0000003A): acct_session_id: 57
Dec 26 18:02:11.208: RADIUS(0000003A): sending
Dec 26 18:02:11.208: RADIUS/ENCODE: Best Local IP-Address 192.168.100.2 for Radius-Server 192.168.250.10
Dec 26 18:02:11.208: RADIUS(0000003A): Send Access-Request to 192.168.250.10:1812 id 1645/101, len 190
Dec 26 18:02:11.208: RADIUS: authenticator 24 D6 2B 2C A1 69 5D 18 – 31 84 77 78 D3 37 CE DB
Dec 26 18:02:11.208: RADIUS: User-Name [1] 20 “staboas@asirsl.com”
Dec 26 18:02:11.208: RADIUS: Service-Type [6] 6 Framed [2]
Dec 26 18:02:11.208: RADIUS: Framed-MTU [12] 6 1500
Dec 26 18:02:11.208: RADIUS: Called-Station-Id [30] 19 “64-16-8D-87-3D-8E”
Dec 26 18:02:11.208: RADIUS: Calling-Station-Id [31] 19 “00-0A-E4-31-18-B1″
Dec 26 18:02:11.208: RADIUS: EAP-Message [79] 8
Dec 26 18:02:11.208: RADIUS: 02 05 00 06 19 00
Dec 26 18:02:11.208: RADIUS: Message-Authenticato[80] 18
Dec 26 18:02:11.208: RADIUS: 89 FB DA 9E C1 CC 6A 07 07 89 96 E3 22 E2 EC 86 [ j”]
Dec 26 18:02:11.208: RADIUS: NAS-Port-Type [61] 6 Ethernet [15]
Dec 26 18:02:11.208: RADIUS: NAS-Port [5] 6 50014
Dec 26 18:02:11.208: RADIUS: NAS-Port-Id [87] 18 “FastEthernet0/14”
Dec 26 18:02:11.208: RADIUS: State [24] 38
Dec 26 18:02:11.208: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:11.208: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:11.233: RADIUS: Received from id 1645/101 192.168.250.10:1812, Access-Challenge, len 397
Dec 26 18:02:11.233: RADIUS: authenticator 30 1E C0 77 0D 49 D4 90 – 08 C8 74 D5 9B 8F 59 3A
Dec 26 18:02:11.233: RADIUS: Session-Timeout [27] 6 30
Dec 26 18:02:11.233: RADIUS: EAP-Message [79] 255
Dec 26 18:02:11.233: RADIUS: 01 06 01 37 19 00 04 06 13 02 55 53 31 16 30 14 06 03 55 04 0A 13 0D 47 65 6F 54 72 75 73 74 20 49 [7US10UGeoTrust I]
Dec 26 18:02:11.233: RADIUS: 6E 63 2E 31 1B 30 19 06 03 55 04 03 13 12 47 65 6F 54 72 75 73 74 20 47 [nc.10UGeoTrust G]
Dec 26 18:02:11.233: RADIUS: 6C 6F 62 61 6C 20 43 41 00 72 30 70 31 2B 30 29 06 03 55 [lobal CAr0p1+0)U]
Dec 26 18:02:11.233: RADIUS: 04 0B 13 22 43 6F 70 79 72 69 67 68 74 20 28 63 29 20 31 [“Copyright (c) 1]
Dec 26 18:02:11.233: RADIUS: 39 39 37 20 4D 69 63 72 6F 73 6F 66 74 20 43 6F [997 Microsoft Co]
Dec 26 18:02:11.233: RADIUS: 72 70 2E 31 1E 30 1C 06 03 55 04 0B 13 15 4D 69 63 72 6F 73 6F 66 74 20 [rp.10UMicrosoft ]
Dec 26 18:02:11.233: RADIUS: 43 6F 72 70 6F 72 61 74 69 6F 6E 31 21 30 1F 06 03 55 04 03 13 18 4D [Corporation1!0UM]
Dec 26 18:02:11.233: RADIUS: 69 63 72 6F 73 6F 66 74 20 52 6F 6F 74 20 41 75 [icrosoft Root Au]
Dec 26 18:02:11.233: RADIUS: 74 68 6F 72 69 74 79 00 61 30 5F 31 13 30 11 06 0A 09 92 26 89 93 F2 2C 64 01 19 16 03 63 [thoritya0_10&,dc]
Dec 26 18:02:11.233: RADIUS: 6F 6D 31 19 30 17 06 0A 09 92 26 89 93 F2 2C 64 01 19 16 09 6D 69 63 72 6F 73 6F 66 74 [om10&,dmicrosoft]
Dec 26 18:02:11.233: RADIUS: 31 2D 30 2B 06 03 55 04 03 13 24 4D 69 63 72 6F 73 6F 66 74 [ 1-0+U$Microsoft]
Dec 26 18:02:11.233: RADIUS: EAP-Message [79] 60
Dec 26 18:02:11.233: RADIUS: 20 52 6F 6F 74 20 43 65 72 74 69 66 69 63 61 74 [ Root Certificat]
Dec 26 18:02:11.241: RADIUS: 65 20 41 75 74 68 6F 72 69 74 79 00 19 30 17 31 15 30 13 06 03 55 04 03 13 0C 4E [e Authority010UN]
Dec 26 18:02:11.241: RADIUS: 54 20 41 55 54 48 4F 52 49 54 59 0E 00 00 00 [ T AUTHORITY]
Dec 26 18:02:11.241: RADIUS: State [24] 38
Dec 26 18:02:11.241: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:11.241: RADIUS: Message-Authenticato[80] 18
Dec 26 18:02:11.241: RADIUS: A2 7A EB 91 1C D6 4B D7 58 22 F5 73 01 AE F7 39 [ zKX”s9]
Dec 26 18:02:11.241: RADIUS(0000003A): Received from id 1645/101
Dec 26 18:02:11.241: RADIUS/DECODE: EAP-Message fragments, 253+58, total 311 bytes
Dec 26 18:02:11.250: RADIUS/ENCODE(0000003A):Orig. component type = DOT1X
Dec 26 18:02:11.250: RADIUS(0000003A): Config NAS IP: 0.0.0.0
Dec 26 18:02:11.258: RADIUS/ENCODE(0000003A): acct_session_id: 57
Dec 26 18:02:11.258: RADIUS(0000003A): sending
Dec 26 18:02:11.258: RADIUS/ENCODE: Best Local IP-Address 192.168.100.2 for Radius-Server 192.168.250.10
Dec 26 18:02:11.258: RADIUS(0000003A): Send Access-Request to 192.168.250.10:1812 id 1645/102, len 399
Dec 26 18:02:11.258: RADIUS: authenticator 1C 90 1F 79 0B AC EB 21 – 0C 08 57 DF 7A CD A5 A3
Dec 26 18:02:11.258: RADIUS: User-Name [1] 20 “staboas@asirsl.com”
Dec 26 18:02:11.258: RADIUS: Service-Type [6] 6 Framed [2]
Dec 26 18:02:11.258: RADIUS: Framed-MTU [12] 6 1500
Dec 26 18:02:11.258: RADIUS: Called-Station-Id [30] 19 “64-16-8D-87-3D-8E”
Dec 26 18:02:11.258: RADIUS: Calling-Station-Id [31] 19 “00-0A-E4-31-18-B1”
Dec 26 18:02:11.258: RADIUS: EAP-Message [79] 217
Dec 26 18:02:11.258: RADIUS: 02 06 00 D7 19 80 00 00 00 CD 16 03 01 00 8D 0B 00 00 03 00 00 00 10 00 00 82 00 80 59 E8 55 CF 71 9C 9E 88 97 97 2C C2 7C 71 B5 A8 6A F6 AA AD FF DB 8C 51 02 D0 E6 7B B3 EB E9 2D C4 B2 6D 11 69 D3 B1 61 6C 14 9F 49 6D [YUq,|qjQ{-mialIm]
Dec 26 18:02:11.258: RADIUS: 32 FE 2C 6D FC 61 1C FF F8 F0 A1 76 E5 0A 4A 2B B5 95 9E BD A7 A7 0C 79 CA 48 8A 1E 8A 11 82 C2 5E D9 ED 59 10 92 E8 85 85 73 AE 76 65 B7 4B A5 0C C0 21 [2,mavJ+yH^YsveK!]
Dec 26 18:02:11.258: RADIUS: 09 81 23 DF D2 09 0E 4D 0D 36 F8 D5 87 6F C6 4A 54 21 6D E0 F4 38 4B F6 5A E1 8E 00 68 8E C9 DD 14 03 01 00 01 01 16 03 01 00 30 E5 4F 60 9E 10 66 [#M6oJT!m8KZh0O`f]
Dec 26 18:02:11.258: RADIUS: EE C3 12 68 83 F9 DC 5C E5 FD B3 FC C2 09 31 4B A7 02 D8 AF E4 7A F7 62 0C 32 55 A2 79 96 76 CE C9 C7 21 47 4A 6B 5F D6 FD 60 [ h\1Kzb2Uyv!GJk_`]
Dec 26 18:02:11.258: RADIUS: Message-Authenticato[80] 18
Dec 26 18:02:11.258: RADIUS: 0D A6 46 E9 CB 0C 9E A7 64 70 3C 49 2B 6B FE B9 [ Fdp<I+k]
Dec 26 18:02:11.258: RADIUS: NAS-Port-Type [61] 6 Ethernet [15]
Dec 26 18:02:11.258: RADIUS: NAS-Port [5] 6 50014
Dec 26 18:02:11.258: RADIUS: NAS-Port-Id [87] 18 “FastEthernet0/14″
Dec 26 18:02:11.258: RADIUS: State [24] 38
Dec 26 18:02:11.266: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:11.266: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:12.089: RADIUS: Received from id 1645/102 192.168.250.10:1812, Access-Challenge, len 153
Dec 26 18:02:12.089: RADIUS: authenticator 06 A0 3F C2 49 B0 51 35 – C9 33 E3 01 7D 9A 97 D4
Dec 26 18:02:12.089: RADIUS: Message-Authenticato[80] 18
Dec 26 18:02:12.089: RADIUS: 72 32 9A B0 58 26 C9 BD D6 1A 50 C9 DC 1E 3A 6C [ r2X&P:l]
Dec 26 18:02:12.097: RADIUS(0000003A): Received from id 1645/102
Dec 26 18:02:12.097: RADIUS/DECODE: EAP-Message fragments, 69, total 69 bytes
Dec 26 18:02:12.273: RADIUS/ENCODE(0000003A):Orig. component type = DOT1X
Dec 26 18:02:12.273: RADIUS(0000003A): Config NAS IP: 0.0.0.0
Dec 26 18:02:12.273: RADIUS/ENCODE(0000003A): acct_session_id: 57
Dec 26 18:02:12.273: RADIUS(0000003A): sending
Dec 26 18:02:12.273: RADIUS/ENCODE: Best Local IP-Address 192.168.100.2 for Radius-Server 192.168.250.10
Dec 26 18:02:12.281: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:12.281: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:13.112: RADIUS: Received from id 1645/103 192.168.250.10:1812, Access-Challenge, len 127
Dec 26 18:02:13.112: RADIUS: authenticator B3 7A E3 97 23 34 2F 93 – 85 09 27 3D DC 88 F9 03
Dec 26 18:02:13.112: RADIUS: Session-Timeout [27] 6 30
Dec 26 18:02:13.112: RADIUS: EAP-Message [79] 45
Dec 26 18:02:13.120: RADIUS/DECODE: EAP-Message fragments, 43, total 43 bytes
Dec 26 18:02:13.917: RADIUS/ENCODE(0000003A):Orig. component type = DOT1X
Dec 26 18:02:13.917: RADIUS(0000003A): Config NAS IP: 0.0.0.0
Dec 26 18:02:13.917: RADIUS/ENCODE(0000003A): acct_session_id: 57
Dec 26 18:02:13.917: RADIUS(0000003A): sending
Dec 26 18:02:13.917: RADIUS/ENCODE: Best Local IP-Address 192.168.100.2 for Radius-Server 192.168.250.10
Dec 26 18:02:13.926: RADIUS(0000003A): Send Access-Request to 192.168.250.10:1812 id 1645/104, len 243
Dec 26 18:02:13.926: RADIUS: authenticator A7 28 75 71 DB 3C 8B EB – 86 6F 4B 9E 2D 65 DC E7
Dec 26 18:02:13.926: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:13.926: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:14.739: RADIUS: Received from id 1645/104 192.168.250.10:1812, Access-Challenge, len 143
Dec 26 18:02:14.739: RADIUS: authenticator BA 99 B6 59 8F 80 CA D3 – F4 B2 D7 E7 8E 6C 87 BD
Dec 26 18:02:14.739: RADIUS: Session-Timeout [27] 6 60
Dec 26 18:02:14.739: RADIUS: EAP-Message [79] 61
Dec 26 18:02:14.764: RADIUS(0000003A): Received from id 1645/104
Dec 26 18:02:14.764: RADIUS/DECODE: EAP-Message fragments, 59, total 59 bytes
Dec 26 18:02:15.327: RADIUS/ENCODE(0000003A):Orig. component type = DOT1X
Dec 26 18:02:15.327: RADIUS(0000003A): Config NAS IP: 0.0.0.0
Dec 26 18:02:15.327: RADIUS/ENCODE(0000003A): acct_session_id: 57
Dec 26 18:02:15.327: RADIUS(0000003A): sending
Dec 26 18:02:15.327: RADIUS/ENCODE: Best Local IP-Address 192.168.100.2 for Radius-Server 192.168.250.10
Dec 26 18:02:15.335: RADIUS(0000003A): Send Access-Request to 192.168.250.10:1812 id 1645/105, len 243″FastEthernet0/14”
Dec 26 18:02:15.335: RADIUS: State [24] 38
Dec 26 18:02:15.335: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:15.335: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:16.224: RADIUS: Received from id 1645/105 192.168.250.10:1812, Access-Challenge, len 127
Dec 26 18:02:16.232: RADIUS: authenticator ED 2A A1 FF 88 72 91 54 – 68 CF 02 81 E9 AE 2E F1
Dec 26 18:02:16.232: RADIUS: Session-Timeout [27] 6 30
Dec 26 18:02:16.232: RADIUS: EAP-Message [79] 45
Dec 26 18:02:16.241: RADIUS/DECODE: EAP-Message fragments, 43, total 43 bytes
Dec 26 18:02:16.996: RADIUS/ENCODE(0000003A):Orig. component type = DOT1X
Dec 26 18:02:16.996: RADIUS(0000003A): Config NAS IP: 0.0.0.0
Dec 26 18:02:16.996: RADIUS/ENCODE(0000003A): acct_session_id: 57
Dec 26 18:02:16.996: RADIUS(0000003A): sending
Dec 26 18:02:17.004: RADIUS/ENCODE: Best Local IP-Address 192.168.100.2 for Radius-Server 192.168.250.10
Dec 26 18:02:17.004: RADIUS(0000003A): Send Access-Request to 192.168.250.10:1812 id 1645/106, len 227
Dec 26 18:02:17.004: RADIUS: authenticator 91 F4 26 95 7D F2 05 58 – 11 AE E1 63 E9 5A 0E 62
Dec 26 18:02:17.013: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:17.851: RADIUS: Received from id 1645/106 192.168.250.10:1812, Access-Challenge, len 159
Dec 26 18:02:17.851: RADIUS: authenticator D7 11 CF 44 A4 22 71 0C – 6C 4F A0 59 A6 57 44 68
Dec 26 18:02:17.851: RADIUS: Session-Timeout [27] 6 60
Dec 26 18:02:17.851: RADIUS: EAP-Message [79] 77
Dec 26 18:02:17.851: RADIUS: 01 0B 00 4B 19 00 17 03 01 00 40 6F 72 53 AF 68 35 89 1B C9 E7 3E 08 C8 8A 7D A0 4F A9 27 CC 6B C1 A7 3D 25 36 0F E5 F1 01 D8 96 90 E4 21 [K@orSh5>}O’k=?6!]
Dec 26 18:02:17.851: RADIUS: C4 5A 31 04 7F 0B 48 6F 02 42 01 26 E3 62 16 62 9D 13 C0 2D CE 79 13 1D E7 F5 7A C7 C7 [ Z1HoB&bb-yz]
Dec 26 18:02:17.851: RADIUS: State [24] 38
Dec 26 18:02:17.851: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:17.851: RADIUS: Message-Authenticato[80] 18
Dec 26 18:02:17.851: RADIUS: 8E 40 E2 A9 D0 85 BF 6E F4 A7 F2 7E 9C 90 79 F4 [ @n~y]
Dec 26 18:02:17.868: RADIUS(0000003A): Received from id 1645/106
Dec 26 18:02:17.868: RADIUS/DECODE: EAP-Message fragments, 75, total 75 bytes
Dec 26 18:02:18.690: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:18.690: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:19.521: RADIUS: Received from id 1645/107 192.168.250.10:1812, Access-Challenge, len 175
Dec 26 18:02:19.521: RADIUS: authenticator AD E9 F4 4B B2 FE 95 A7 – D5 61 2D 97 5E 5C BF 67
Dec 26 18:02:19.521: RADIUS: Session-Timeout [27] 6 60
Dec 26 18:02:19.521: RADIUS: EAP-Message [79] 93
Dec 26 18:02:19.521: RADIUS: 54 C7 1C DB 90 35 E3 EF EC D4 DC 44 DC 22 50 32 [ T5D”P2]
Dec 26 18:02:19.538: RADIUS(0000003A): Received from id 1645/107
Dec 26 18:02:19.538: RADIUS/DECODE: EAP-Message fragments, 91, total 91 bytes
Dec 26 18:02:20.150: RADIUS/ENCODE(0000003A):Orig. component type = DOT1X
Dec 26 18:02:20.150: RADIUS(0000003A): Config NAS IP: 0.0.0.0
Dec 26 18:02:20.150: RADIUS/ENCODE(0000003A): acct_session_id: 57
Dec 26 18:02:20.150: RADIUS(0000003A): sending
Dec 26 18:02:20.150: RADIUS/ENCODE: Best Local IP-Address 192.168.100.2 for Radius-Server 192.168.250.10
Dec 26 18:02:20.167: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:20.167: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:20.863: RADIUS: Received from id 1645/108 192.168.250.10:1812, Access-Challenge, len 191
Dec 26 18:02:20.863: RADIUS: authenticator D2 A0 C6 99 A9 AC AC 3E – 0A B9 77 9D BC 50 34 0F
Dec 26 18:02:20.863: RADIUS: Session-Timeout [27] 6 30
Dec 26 18:02:20.863: RADIUS: EAP-Message [79] 109
Dec 26 18:02:20.863: RADIUS: Message-Authenticato[80] 18
Dec 26 18:02:20.863: RADIUS: 68 28 C4 2D 32 23 FD BA 7E 88 08 CA EA B1 02 1F [ h(-2#~]
Dec 26 18:02:20.871: RADIUS(0000003A): Received from id 1645/108
Dec 26 18:02:20.871: RADIUS/DECODE: EAP-Message fragments, 107, total 107 bytes
Dec 26 18:02:21.635: RADIUS/ENCODE(0000003A):Orig. component type = DOT1X
Dec 26 18:02:21.635: RADIUS(0000003A): Config NAS IP: 0.0.0.0
Dec 26 18:02:21.643: RADIUS/ENCODE(0000003A): acct_session_id: 57
Dec 26 18:02:21.643: RADIUS(0000003A): sending
Dec 26 18:02:21.643: RADIUS/ENCODE: Best Local IP-Address 192.168.100.2 for Radius-Server 192.168.250.10
Dec 26 18:02:21.652: RADIUS: NAS-Port-Type [61] 6 Ethernet [15]
Dec 26 18:02:21.652: RADIUS: NAS-Port [5] 6 50014
Dec 26 18:02:21.652: RADIUS: NAS-Port-Id [87] 18 “FastEthernet0/14”
Dec 26 18:02:21.652: RADIUS: State [24] 38
Dec 26 18:02:21.652: RADIUS: 42 D7 04 71 00 00 01 37 00 01 02 00 C0 A8 FA 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 68 6B C2 30 [ Bq7hk0]
Dec 26 18:02:21.652: RADIUS: NAS-IP-Address [4] 6 192.168.100.2
Dec 26 18:02:22.499: RADIUS: Received from id 1645/109 192.168.250.10:1812, Access-Accept, len 308
Dec 26 18:02:23.673: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/14, changed state to
También he puesto una interface en modo promiscuo en el Switch (Catalyst Switched Port Analyzer (SPAN)) para capturar tráfico de red y ver que ocurre cuando el equipo trata de autenticarse y que paquetes envia el Switch. Para ello he habilitado el SPAM Port en el Switch y he definido una interface de entrada (en la que está el equipo para autenticarse) y otra interface de salida en donde tengo el Wireshark para recibir todo el tráfico del equipo.
Para habilitar el SPAN tenemos que introducir los siguientes comandos:
Modo de configuración: Configuración Global
monitor session 1 source interface fastethernet 0/13
monitor session 1 destination interface fastethernet 0/14
monitor session 1 destination interface fastethernet 0/14
Una vez que iniciamos el sniffer en el equipo conectado a la interface fastethernet 0/14 e iniciamos el proceeso de autenticación de por parte del equipo cliente podemos ver el siguiente (filtradas a lo que queremos ver únicamente) tráfico de red:
Como véis es muy sencillo, lo único que debéis tener es un switch que soporte 802.1x y con vuestro Windows Serve 2003 y versiones posteriores podéis hacerlo perfectamente. Agradecerle a Samuel Táboas (un compañero en ASIR) la inestimable ayuda para hacer este LAB, él ha configurado el Switch Cisco y ha hecho la captura de tráfico con Wireshark
Espero que os sea de utilidad!!!!
802.1x red cableada - NPS deniega el acceso / Autor / 1 mayo, 2015
Hola, he tenido que configurar un entorno de pruebas para autenticar a los equipos cliente que se conectan a un switch, utilizando un Servidor NPS como Servidor RADIUS.
El problema es que en los equipos cliente al intentar autenticar con un usuario autorizado me sale “Error al autenticar”, y en el Visor de Eventos del Servidor NPS me sale que se denegó la solicitud de acceso por usar un nombre de usuario desconocido o contraseña incorrecta, pero cuando pongo un nombre de usuario y contraseña de un usuario que no está autorizado entonces me sale que se denegó el acceso por no cumplir las condiciones de la directiva de red. No entiendo por que me está saliendo éste error, ya que el nombre de usuario y la contraseña si son los correctos. No se si es un problema de los certificados, si es problema del cliente radius (el switch) o cual puede ser el problema.
Aquí está documentado paso a paso todo lo que he hecho –> https://drive.google.com/file/d/0B-x4Iph-KSEjYVZVYTJscmJhYlU/view?usp=sharing
Si puedes echarle un ojo y ver donde puede estar el problema, estaría muy agradecido.
Un Saludo.