Palmer J.D.F. wrote:
We migrated to 2.1.8 (from 2.1.7) last week while things were quiet, as the users have re-appeared after the holiday we've started to receive a few reports from users stating that they have been getting lots of prompts for credentials.
The log says: ... WARNING: No information in cached session! This means that the session wasn't cached, and they are trying to resume a session that never was started. The change in 2.1.8 is there to work around a bug in OpenSSL. The only other alternative is that they *are* resuming a valid session, but (a) after the session has timed out, or (b) where no User-Name was cached from the inner tunnel session.
Is this likely to be a configuration error (no changes were made to the 2.1.7 config), or a bug?
Try increasing the size of the cache. Try ensuring that there is always a User-Name in the inner tunnel. This user name is cached, and is checked on session resumption. Alan DeKok.