FR 2.1.8 Issue - Unjustified(?) Access-Rejects.
stefan.winter at restena.lu
Tue Jan 12 15:04:31 CET 2010
>> Is this likely to be a configuration error (no changes were made to the
>> 2.1.7 config), or a bug?
> Try increasing the size of the cache. Try ensuring that there is
> always a User-Name in the inner tunnel. This user name is cached, and
> is checked on session resumption.
How does this work together with anonymous outer ids? I.e. if outer
User-Name = anon at foo.bar and the inner User-Name is stefan at foo.bar, then
the cache contains a session for stefan at foo.bar
On session resumption, there is no inner tunnel exchange, there's a
packet User-Name = anon at foo.bar and an EAP-Message with SSL magic (but
no inner User-Name)... So how does FreeRADIUS know what to look up in
the cache? Or am I missing something here?
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche
6, rue Richard Coudenhove-Kalergi
Tel: +352 424409 1
Fax: +352 422473
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 262 bytes
Desc: OpenPGP digital signature
More information about the Freeradius-Users