Dropping NAS-Port AVP from Acct-Unique-Session-Id by default
Alan DeKok
aland at deployingradius.com
Fri Sep 18 14:26:24 CEST 2015
On Sep 18, 2015, at 8:15 AM, Nick Lowe <nick.lowe at gmail.com> wrote:
> I didn't think we could reliably know at the RADIUS sever if it's a
> new authentication or a re-authentication taking place?
You can tell if the EAP session is being resumed.
You can tell if the EAP session is coming from the same MAC, AP, etc.
> Definitely an area where we could do with clarification in the spec. Hmm :(
The IETF operates at a speed which sometimes outruns glaciers.
I've been talking with a few people about just writing our own "best practice" documents and putting them on the FreeRADIUS web site. If we can get multiple vendors to buy into the idea, we can create our own de facto standards.
Alan DeKok.
More information about the Freeradius-Users
mailing list