29 Feb
2016
29 Feb
'16
8:34 a.m.
In our EAP-PEAP sessions, the typical conversation length is 10 packets. We have TLS caching enabled, but I noticed the TLS cache is populated during packet 4, which is before processing has started on the tunneled authentication. Is it possible to force an update of the cache entry from the inner-tunnel server e.g. to add attributes that are only available at this stage? I attempted to call an update by doing this in the inner-tunnel server: update control { Cache-TTL := 0 } cache_tls_session This caused authentications to fail with "cache_tls_session (fail)" and no further information is given. Is it possible to do this? Thanks, Jonathan