Hello all,

 

                I have  a client that uses EAP-TTLS to authenticate to a FreeRadius (2.1.8) over different access networks. After some handovers from one network to another, I see in my FR log that session resumption fails, and specifically I see :

  

                Debug: SSL Connection Established

                Debug: SSL Application Data

                Info: [ttls] eaptls_process returned 3

                Info: [ttls] Skipping Phase2 due to session resumption

                Info: [ttls] FAIL: *Forcibly stopping session resumption as it is not allowed*

                Info: [eap] Freeing handler

                Info: ++[eap] returns reject

               Info: Using Post-Auth-Type Reject

               

                Then a full EAP-TTLS exchange follows from the beginning that succeeds. However, the failure message above “Forcibly stopping session resumption as it is not allowed” implies that there is somewhere in the FR a setting that will allow it? Am I assuming rightly? If yes, where is this setting? If no, does anyone know why session resumption fails ?

 

                Thanks a lot in advance,

                Panos