On 02.02.2017 21:20, A.L.M.Buxey@lboro.ac.uk wrote:
Hi,
How do I implement a Cached-Session-Policy and how do I make sure that the Session-Timeout attribute is included? wait. are you sure thats even your problem? have you captured the RADIUS packets to see the content when the re-auth is sent? Yes, I have captured and checked RADIUS authentication and accounting packets three times: tcpdump -n -vvv -i em1 src or dst host 192.168.2.1 or 192.168.2.3 and src or dst port 1812 or 1813
The Session-Timeout appears at the beginning of the 1st session only: "Session Timeout Attribute (27), length: 6, Value: 10:00 min" I have also disabled EAP session caching with the exact same outcome.
if you have, and that attribute is missing then
That attribute is missing in the Access Accept of the second session.
1) you can send the attribute back all the time (add it to reply in the post-auth section of the outer tunnel
There is no "outer-tunnel" in "sites-available", even if there were one, I wouldn't know how to add it.
2) read the cache docs and look at provided config (if you havent stripped it all out) that shows how to add attributes into the cache system and how to apply those cached values to the outer reply
I don't know where the cache docs are and would gladly read them if you could direct me.
alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus