hi, am using Freeradius 2.1.10 along with wpa_supplicant 0.7.3 and hostapd 0.7.3 on ubuntu lucid 10.04 machines with openssl 1.0.0a in wpa_supplicant and 0.9.8k in freeradius server. i enabled session resumption in the free radius and it works fine for EAP methods -PEAP and TTLS when i hand over connection to previously connected Acess point and it is different when i configured for TLS, it seems in the cache it didnt get any values to store and is my debug report, Sun Jul 31 12:47:52 2011 : Info: # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default Sun Jul 31 12:47:52 2011 : Info: +- entering group authorize {...} Sun Jul 31 12:47:52 2011 : Info: ++[preprocess] returns ok Sun Jul 31 12:47:52 2011 : Info: ++[chap] returns noop Sun Jul 31 12:47:52 2011 : Info: ++[mschap] returns noop Sun Jul 31 12:47:52 2011 : Info: ++[digest] returns noop Sun Jul 31 12:47:52 2011 : Info: [suffix] No '@' in User-Name = "anonymous", looking up realm NULL Sun Jul 31 12:47:52 2011 : Info: [suffix] No such realm "NULL" Sun Jul 31 12:47:52 2011 : Info: ++[suffix] returns noop Sun Jul 31 12:47:52 2011 : Info: [eap] EAP packet type response id 248 length 253 Sun Jul 31 12:47:52 2011 : Info: [eap] No EAP Start, assuming it's an on-going EAP conversation Sun Jul 31 12:47:52 2011 : Info: ++[eap] returns updated Sun Jul 31 12:47:52 2011 : Info: ++[files] returns noop Sun Jul 31 12:47:52 2011 : Info: ++[expiration] returns noop Sun Jul 31 12:47:52 2011 : Info: ++[logintime] returns noop Sun Jul 31 12:47:52 2011 : Info: ++[pap] returns noop Sun Jul 31 12:47:52 2011 : Info: Found Auth-Type = EAP Sun Jul 31 12:47:52 2011 : Info: # Executing group from file /usr/local/etc/raddb/sites-enabled/default Sun Jul 31 12:47:52 2011 : Info: +- entering group authenticate {...} Sun Jul 31 12:47:52 2011 : Info: [eap] Request found, released from the list Sun Jul 31 12:47:52 2011 : Info: [eap] EAP/tls Sun Jul 31 12:47:52 2011 : Info: [eap] processing type tls Sun Jul 31 12:47:52 2011 : Info: [tls] Authenticate Sun Jul 31 12:47:52 2011 : Info: [tls] processing EAP-TLS Sun Jul 31 12:47:52 2011 : Info: [tls] eaptls_verify returned 7 Sun Jul 31 12:47:52 2011 : Info: [tls] Done initial handshake Sun Jul 31 12:47:52 2011 : Info: [tls] <<< TLS 1.0 Handshake [length 0823], Certificate Sun Jul 31 12:47:52 2011 : Info: [tls] chain-depth=1, Sun Jul 31 12:47:52 2011 : Info: [tls] error=0 Sun Jul 31 12:47:52 2011 : Info: [tls] --> User-Name = anonymous Sun Jul 31 12:47:52 2011 : Info: [tls] --> BUF-Name = CA_dhinu Sun Jul 31 12:47:52 2011 : Info: [tls] --> subject = /C=UK/ST=Lancashire/O=Computing Department/OU=testbed/CN=CA_dhinu/emailAddress= d.gunasekaran@comp.lancs.ac.uk Sun Jul 31 12:47:52 2011 : Info: [tls] --> issuer = /C=UK/ST=Lancashire/O=Computing Department/OU=testbed/CN=CA_dhinu/emailAddress= d.gunasekaran@comp.lancs.ac.uk Sun Jul 31 12:47:52 2011 : Info: [tls] --> verify return:1 Sun Jul 31 12:47:52 2011 : Info: [tls] chain-depth=0, Sun Jul 31 12:47:52 2011 : Info: [tls] error=0 Sun Jul 31 12:47:52 2011 : Info: [tls] --> User-Name = anonymous Sun Jul 31 12:47:52 2011 : Info: [tls] --> BUF-Name = CA_dhinu Sun Jul 31 12:47:52 2011 : Info: [tls] --> subject = /C=UK/ST=Lancashire/O=Computing Department/OU=testbed/CN=CA_dhinu/emailAddress=dhinu@lancs.ac.uk Sun Jul 31 12:47:52 2011 : Info: [tls] --> issuer = /C=UK/ST=Lancashire/O=Computing Department/OU=testbed/CN=CA_dhinu/emailAddress= d.gunasekaran@comp.lancs.ac.uk Sun Jul 31 12:47:52 2011 : Info: [tls] --> verify return:1 Sun Jul 31 12:47:52 2011 : Info: [tls] TLS_accept: SSLv3 read client certificate A Sun Jul 31 12:47:52 2011 : Info: [tls] <<< TLS 1.0 Handshake [length 0046], ClientKeyExchange Sun Jul 31 12:47:52 2011 : Info: [tls] TLS_accept: SSLv3 read client key exchange A Sun Jul 31 12:47:52 2011 : Info: [tls] <<< TLS 1.0 Handshake [length 0106], CertificateVerify Sun Jul 31 12:47:52 2011 : Info: [tls] TLS_accept: SSLv3 read certificate verify A Sun Jul 31 12:47:52 2011 : Info: [tls] <<< TLS 1.0 ChangeCipherSpec [length 0001] Sun Jul 31 12:47:52 2011 : Info: [tls] <<< TLS 1.0 Handshake [length 0010], Finished Sun Jul 31 12:47:52 2011 : Info: [tls] TLS_accept: SSLv3 read finished A Sun Jul 31 12:47:52 2011 : Info: [tls] >>> TLS 1.0 ChangeCipherSpec [length 0001] Sun Jul 31 12:47:52 2011 : Info: [tls] TLS_accept: SSLv3 write change cipher spec A Sun Jul 31 12:47:52 2011 : Info: [tls] >>> TLS 1.0 Handshake [length 0010], Finished Sun Jul 31 12:47:52 2011 : Info: [tls] TLS_accept: SSLv3 write finished A Sun Jul 31 12:47:52 2011 : Info: [tls] TLS_accept: SSLv3 flush data Sun Jul 31 12:47:52 2011 : Debug: SSL: adding session db2e0d09e995781ea6a8be00a185c82394939331d916a7e112ed20b332b00582 to cache Sun Jul 31 12:47:52 2011 : Info: [tls] (other): SSL negotiation finished successfully Sun Jul 31 12:47:52 2011 : Debug: SSL Connection Established Sun Jul 31 12:47:52 2011 : Info: [tls] eaptls_process returned 13 Sun Jul 31 12:47:52 2011 : Info: ++[eap] returns handled Sending Access-Challenge of id 17 to 2001:630:80:7439:20d:56ff:fec2:4098 port 42910 EAP-Message = 0x01f900450d800000003b1403010001011603010030de67c5937849b358ca0f69a0212cb9022fea5d0ed10e553e7fa9eb8824fc84e2cf2984baf71f2006be03d94ba21c2a49 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x6e6d535068945e0c4436bf334612c0a4 Sun Jul 31 12:47:52 2011 : Info: Finished request 16. Sun Jul 31 12:47:52 2011 : Debug: Going to the next request Sun Jul 31 12:47:52 2011 : Debug: Waking up in 4.6 seconds. rad_recv: Access-Request packet from host 2001:630:80:7439:20d:56ff:fec2:4098 port 42910, id=18, length=173 User-Name = "anonymous" NAS-IP-Address = 127.0.0.1 NAS-Port = 1 Called-Station-Id = "74-EA-3A-B3-FA-D9:dhinu_forgn" Calling-Station-Id = "00-19-7D-1C-E5-DE" Framed-MTU = 1400 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 11Mbps 802.11b" EAP-Message = 0x02f900060d00 State = 0x6e6d535068945e0c4436bf334612c0a4 Message-Authenticator = 0x13f0a649759ecbfce547ce07cce913e5 Sun Jul 31 12:47:52 2011 : Info: # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default Sun Jul 31 12:47:52 2011 : Info: +- entering group authorize {...} Sun Jul 31 12:47:52 2011 : Info: ++[preprocess] returns ok Sun Jul 31 12:47:52 2011 : Info: ++[chap] returns noop Sun Jul 31 12:47:52 2011 : Info: ++[mschap] returns noop Sun Jul 31 12:47:52 2011 : Info: ++[digest] returns noop Sun Jul 31 12:47:52 2011 : Info: [suffix] No '@' in User-Name = "anonymous", looking up realm NULL Sun Jul 31 12:47:52 2011 : Info: [suffix] No such realm "NULL" Sun Jul 31 12:47:52 2011 : Info: ++[suffix] returns noop Sun Jul 31 12:47:52 2011 : Info: [eap] EAP packet type response id 249 length 6 Sun Jul 31 12:47:52 2011 : Info: [eap] No EAP Start, assuming it's an on-going EAP conversation Sun Jul 31 12:47:52 2011 : Info: ++[eap] returns updated Sun Jul 31 12:47:52 2011 : Info: ++[files] returns noop Sun Jul 31 12:47:52 2011 : Info: ++[expiration] returns noop Sun Jul 31 12:47:52 2011 : Info: ++[logintime] returns noop Sun Jul 31 12:47:52 2011 : Info: ++[pap] returns noop Sun Jul 31 12:47:52 2011 : Info: Found Auth-Type = EAP Sun Jul 31 12:47:52 2011 : Info: # Executing group from file /usr/local/etc/raddb/sites-enabled/default Sun Jul 31 12:47:52 2011 : Info: +- entering group authenticate {...} Sun Jul 31 12:47:52 2011 : Info: [eap] Request found, released from the list Sun Jul 31 12:47:52 2011 : Info: [eap] EAP/tls Sun Jul 31 12:47:52 2011 : Info: [eap] processing type tls Sun Jul 31 12:47:52 2011 : Info: [tls] Authenticate Sun Jul 31 12:47:52 2011 : Info: [tls] processing EAP-TLS Sun Jul 31 12:47:52 2011 : Info: [tls] Received TLS ACK Sun Jul 31 12:47:52 2011 : Info: [tls] ACK handshake is finished Sun Jul 31 12:47:52 2011 : Info: [tls] eaptls_verify returned 3 Sun Jul 31 12:47:52 2011 : Info: [tls] eaptls_process returned 3 Sun Jul 31 12:47:52 2011 : Info: [tls] Adding user data to cached session Sun Jul 31 12:47:52 2011 : Info: [tls] Saving response in the cache Sun Jul 31 12:47:52 2011 : Info: [tls] WARNING: No information to cache: session caching will be disabled for this session. Sun Jul 31 12:47:52 2011 : Debug: SSL: Removing session db2e0d09e995781ea6a8be00a185c82394939331d916a7e112ed20b332b00582 from the cache Sun Jul 31 12:47:52 2011 : Info: [eap] Freeing handler Sun Jul 31 12:47:52 2011 : Info: ++[eap] returns ok Sun Jul 31 12:47:52 2011 : Info: # Executing section post-auth from file /usr/local/etc/raddb/sites-enabled/default Sun Jul 31 12:47:52 2011 : Info: +- entering group post-auth {...} Sun Jul 31 12:47:52 2011 : Info: ++[exec] returns noop Sending Access-Accept of id 18 to 2001:630:80:7439:20d:56ff:fec2:4098 port 42910 MS-MPPE-Recv-Key = 0x308de706550b0dbf9ba5659899878625e53aaa582d2488d1367917cdaba0aaa6 MS-MPPE-Send-Key = 0xb24de61b11d2bf5e3c1b8d1806522ebbb2361457e389c088f01e8a3d27cb160f EAP-Message = 0x03f90004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = "anonymous" Sun Jul 31 12:47:52 2011 : Info: Finished request 17. Sun Jul 31 12:47:52 2011 : Debug: Going to the next request Sun Jul 31 12:47:52 2011 : Debug: Waking up in 4.6 seconds. rad_recv: Accounting-Request packet from host 2001:630:80:7439:20d:56ff:fec2:4098 port 53849, id=19, length=154 in eap.conf, i enabled tls > cache > enable = yes lifetime is 10 hrs cheers, dhinu.