9 Dec
2024
9 Dec
'24
6:07 p.m.
On Dec 9, 2024, at 6:05 PM, Vedsar Kushwaha via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
I'm seeing the following logs:
"Login incorrect (eap_peap: The user's session was previously rejected; returning reject (again))."
I'm interested in the "again" word at the end of the log. How does FreeRADIUS know that the user authentication was previously rejected? Is it because FreeRADIUS maintains a state?
Yes. It's tracked via the State attribute. This is required by the RFCs for EAP authentication.
If so, for how long does FreeRADIUS maintain this state?
Until the EAP session is accepted or rejected. Alan DeKok.