(16) Received Access-Request Id 8 from 10.20.1.13:10080 to 10.20.1.18:1812 length 443 (16) Calling-Station-Id = "79950000001" (16) User-Name = "srsuser" (16) NAS-IP-Address = 10.20.1.13 (16) NAS-Identifier = "lab-si" (16) SN-Software-Version = "21.20 (81785)" (16) Called-Station-Id = "gis" (16) SN-Virtual-APN-Name = "l2tp" (16) Service-Type = Framed-User (16) Framed-Protocol = GPRS-PDP-Context (16) NAS-Port-Type = Wireless-Other (16) SN-GTP-Version = GTP_VERSION_2 (16) 3GPP-IMSI = "250020123456783" (16) 3GPP-IMSI-MCC-MNC = "25002" (16) 3GPP-NSAPI = "5" (16) 3GPP-Charging-ID = 27962055 (16) 3GPP-Charging-Characteristics = "0800" (16) 3GPP-SGSN-Address = 10.20.1.170 (16) 3GPP-GGSN-Address = 10.20.1.190 (16) 3GPP-RAT-Type = EUTRAN (16) 3GPP-IMEISV = "3534900698733153" (16) 3GPP-User-Location-Info = 0x8252f020000152f02000019b01 (16) 3GPP-SGSN-MCC-MNC = "25002" (16) 3GPP-GGSN-MCC-MNC = "25002" (16) 3GPP-Selection-Mode = "0" (16) 3GPP-MS-Time-Zone = 0x4000 (16) 3GPP-GPRS-Negotiated-QoS-profile = "08-44070000C350000186A0" (16) 3GPP-PDP-Type = 0 (16) 3GPP-Negotiated-DSCP = 18 (16) CHAP-Challenge = 0xed05a4a98e82faf04d464ce6337a0a04 (16) CHAP-Password = 0x00952319db3a4c3ec015b74c0d7538726d (16) SN-Service-Type = PGW (16) NAS-Port = 24634 (16) 3GPP2-Session-Termination-Capability = 3 (16) # Executing section authorize from file /etc/freeradius/3.0/sites-enabled/default (16) authorize { (16) [preprocess] = ok (16) chap: &control:Auth-Type := CHAP (16) [chap] = ok (16) [mschap] = noop (16) [digest] = noop (16) suffix: Checking for suffix after "@" (16) suffix: No '@' in User-Name = "srsuser", looking up realm NULL (16) suffix: Found realm "NULL" (16) suffix: Adding Stripped-User-Name = "srsuser" (16) suffix: Adding Realm = "NULL" (16) suffix: Authentication realm is LOCAL (16) [suffix] = ok (16) eap: No EAP-Message, not doing EAP (16) [eap] = noop (16) files: users: Matched entry DEFAULT at line 58 (16) [files] = ok rlm_ldap (ldap): Closing connection (23): Hit idle_timeout, was idle for 369 seconds rlm_ldap (ldap): Closing connection (22): Hit idle_timeout, was idle for 353 seconds rlm_ldap (ldap): Closing connection (24): Hit idle_timeout, was idle for 353 seconds rlm_ldap (ldap): You probably need to lower "min" rlm_ldap (ldap): Closing connection (21): Hit idle_timeout, was idle for 317 seconds rlm_ldap (ldap): You probably need to lower "min" rlm_ldap (ldap): Closing connection (25): Hit idle_timeout, was idle for 317 seconds rlm_ldap (ldap): You probably need to lower "min" rlm_ldap (ldap): 0 of 0 connections in use. You may need to increase "spare" rlm_ldap (ldap): Opening additional connection (26), 1 of 32 pending slots used rlm_ldap (ldap): Connecting to ldap://localhost:389 rlm_ldap (ldap): Waiting for bind result... rlm_ldap (ldap): Bind successful rlm_ldap (ldap): Reserved connection (26) (16) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}}) (16) ldap: --> (uid=srsuser) (16) ldap: Performing search in "ou=subs,o=bt,dc=local" with filter "(uid=srsuser)", scope "sub" (16) ldap: Waiting for search result... (16) ldap: User object found at DN "uid=srsuser,ou=subs,o=bt,dc=local" (16) ldap: Processing user attributes (16) ldap: control:Password-With-Header += 'srspass' rlm_ldap (ldap): Released connection (26) Need 2 more connections to reach min connections (3) rlm_ldap (ldap): Opening additional connection (27), 1 of 31 pending slots used rlm_ldap (ldap): Connecting to ldap://localhost:389 rlm_ldap (ldap): Waiting for bind result... rlm_ldap (ldap): Bind successful (16) [ldap] = updated (16) [expiration] = noop (16) [logintime] = noop (16) pap: No {...} in Password-With-Header, re-writing to Cleartext-Password (16) pap: Removing &control:Password-With-Header (16) pap: WARNING: Auth-Type already set. Not setting to PAP (16) [pap] = noop (16) } # authorize = updated (16) Found Auth-Type = CHAP (16) # Executing group from file /etc/freeradius/3.0/sites-enabled/default (16) Auth-Type CHAP { (16) chap: Comparing with "known good" Cleartext-Password (16) chap: CHAP user "srsuser" authenticated successfully (16) [chap] = ok (16) } # Auth-Type CHAP = ok (16) # Executing section post-auth from file /etc/freeradius/3.0/sites-enabled/default (16) post-auth { (16) update { (16) No attributes updated for RHS &session-state: (16) } # update = noop (16) [exec] = noop (16) policy remove_reply_message_if_eap { (16) if (&reply:EAP-Message && &reply:Reply-Message) { (16) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (16) else { (16) [noop] = noop (16) } # else = noop (16) } # policy remove_reply_message_if_eap = noop (16) } # post-auth = noop (16) Sent Access-Accept Id 8 from 10.20.1.18:1812 to 10.20.1.13:10080 length 0 (16) Service-Type = Framed-User (16) Finished request Waking up in 4.9 seconds. (17) Received Access-Request Id 1 from 10.10.10.1:38527 to 10.20.1.18:1812 length 109 (17) User-Name = "srsuser" (17) NAS-Port-Type = Virtual (17) Service-Type = Framed-User (17) Framed-Protocol = PPP (17) Calling-Station-Id = "10.10.10.10" (17) Called-Station-Id = "10.10.10.1" (17) CHAP-Challenge = 0x46c76a1bf2bc410232157a228810ae54 (17) CHAP-Password = 0x0148eb92ceda1167dbeabc6f2c423cba77 (17) # Executing section authorize from file /etc/freeradius/3.0/sites-enabled/default (17) authorize { (17) [preprocess] = ok (17) chap: &control:Auth-Type := CHAP (17) [chap] = ok (17) [mschap] = noop (17) [digest] = noop (17) suffix: Checking for suffix after "@" (17) suffix: No '@' in User-Name = "srsuser", looking up realm NULL (17) suffix: Found realm "NULL" (17) suffix: Adding Stripped-User-Name = "srsuser" (17) suffix: Adding Realm = "NULL" (17) suffix: Authentication realm is LOCAL (17) [suffix] = ok (17) eap: No EAP-Message, not doing EAP (17) [eap] = noop (17) files: users: Matched entry DEFAULT at line 86 (17) [files] = ok rlm_ldap (ldap): Reserved connection (26) (17) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}}) (17) ldap: --> (uid=srsuser) (17) ldap: Performing search in "ou=subs,o=bt,dc=local" with filter "(uid=srsuser)", scope "sub" (17) ldap: Waiting for search result... (17) ldap: User object found at DN "uid=srsuser,ou=subs,o=bt,dc=local" (17) ldap: Processing user attributes (17) ldap: control:Password-With-Header += 'srspass' rlm_ldap (ldap): Released connection (26) (17) [ldap] = updated (17) [expiration] = noop (17) [logintime] = noop (17) pap: No {...} in Password-With-Header, re-writing to Cleartext-Password (17) pap: Removing &control:Password-With-Header (17) pap: WARNING: Auth-Type already set. Not setting to PAP (17) [pap] = noop (17) } # authorize = updated (17) Found Auth-Type = CHAP (17) # Executing group from file /etc/freeradius/3.0/sites-enabled/default (17) Auth-Type CHAP { (17) chap: Comparing with "known good" Cleartext-Password (17) chap: ERROR: Password comparison failed: password is incorrect (17) [chap] = reject (17) } # Auth-Type CHAP = reject (17) Failed to authenticate the user (17) Using Post-Auth-Type Reject (17) # Executing group from file /etc/freeradius/3.0/sites-enabled/default (17) Post-Auth-Type REJECT { (17) attr_filter.access_reject: EXPAND %{User-Name} (17) attr_filter.access_reject: --> srsuser (17) attr_filter.access_reject: Matched entry DEFAULT at line 11 (17) [attr_filter.access_reject] = updated (17) [eap] = noop (17) policy remove_reply_message_if_eap { (17) if (&reply:EAP-Message && &reply:Reply-Message) { (17) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (17) else { (17) [noop] = noop (17) } # else = noop (17) } # policy remove_reply_message_if_eap = noop (17) } # Post-Auth-Type REJECT = updated (17) Delaying response for 1.000000 seconds Waking up in 0.6 seconds. Waking up in 0.3 seconds. (17) Sending delayed response (17) Sent Access-Reject Id 1 from 10.20.1.18:1812 to 10.10.10.1:38527 length 20 Waking up in 3.5 seconds. (16) Cleaning up request packet ID 8 with timestamp +7237 Waking up in 0.4 seconds. (17) Cleaning up request packet ID 1 with timestamp +7237 Ready to process requests