TTLS authentication slow
Alan DeKok
aland at deployingradius.com
Tue Nov 13 16:23:04 CET 2007
Allan Riordan Boll wrote:
> The problem is that authenticating takes around 20 seconds. While
> running the server in a terminal with the -X flag, I see that my Windows
> XP client first makes one TLS request, then waits ~20 seconds, then
> makes two more TLS requests and four TTLS requests all together taking
> less than one second. After these last six requests the client is
> immediately online.
It sounds like a weird Windows issue...
> Can anyone hint me on why the client waits for so long before doing the
> requests it needs? Is my Freeradius server erroneously defaulting the
> client to use TLS instead of TTLS, and confusing the client?
No. Many people are running FreeRADIUS with Windows clients (XP SP1,
SP2, Vista), and most authentications happen very quickly. I'm not sure
why the Windows machines would take so long.
Maybe try it with a different access point.
> I've written a radiusd.conf from scratch, so that the server only runs
> the modules I actually use, hoping this is safer and easier to
> administrate. Please feedback if anyone have any comments on this
> approach.
If it works...
If it doesn't work, go back to the default config.
Alan DeKok.
More information about the Freeradius-Users
mailing list