Andreas Hartmann schrieb:
David Mitchell schrieb:
Alan DeKok wrote:
Andreas Hartmann wrote:
In eap.conf, the option eap -> tls -> cache -> enable is switched off and fast_reauth in wpa_supplicant is enabled.
Uh... that makes no sense.
You've disabled caching (i.e fast re-auth) on the server, and enabled it on the client. Why are you surprised that fast re-auth isn't working?
I've seen similar problems between FreeRadius and wpa_supplicant both with and without the cache enabled. Getting wpa_supplicant to restart seems to clear it temporarily.
Well, I took your realization to implement the following workaround:
Caching is enabled in freeradius, fast_reauth is switched on in wpa_supplicant.
I set the reauth-timeout of the AP to 2 hours. On the supplicant, I started a cronjob, which HUP's the supplicant each 59 minutes. That's the way how the supplicant is prevented to do a fast reauth (which doesn't really work). A full reauth isn't necessary too, because of the sig hup all 59 minutes, which is done like this:
rad_recv: Accounting-Request packet from host 192.168.1.9 port 2049, id=112, length=177 Acct-Session-Id = "0000001B-00000007" Acct-Status-Type = Stop Acct-Authentic = RADIUS User-Name = "myuser@mydom" NAS-Port = 0 Called-Station-Id = "00-25-...:mylan" Calling-Station-Id = "00-13-..." NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 11Mbps 802.11b" Acct-Session-Time = 358 Event-Timestamp = "Jan 1 1970 02:26:18 CET" ^^^^^^^^^^^^^^^^^^^^^^^^
Hmmm, where does this funny Event-Timestamp comes from? All my times of client and server are ok. Otherwise, I can't find any way to set the time at the AP (linksys WAP610N)? Is there any way? clueless ... Kind regards, Andreas