Hello, I'm using Radsecproxy and when I run it in debug mode, I see that it reconnects every 30 seconds. I tried changing idle_timeout, but the same thing keeps happening. Here's the debug log using TLS 1.3: Listening on auth+acct from client (192.168.122.188, 37511) -> (*, 2083, virtual-server=default) (0) (TLS) RADIUS/TLS - Initiating new session (0) (TLS) RADIUS/TLS - Setting verify mode to require certificate from client (0) (TLS) RADIUS/TLS - Handshake state - before SSL initialization (0) (TLS) RADIUS/TLS - Handshake state - Server before SSL initialization (0) (TLS) RADIUS/TLS - Handshake state - Server before SSL initialization (0) (TLS) RADIUS/TLS - recv TLS 1.3 Handshake, ClientHello (0) (TLS) RADIUS/TLS - Handshake state - Server SSLv3/TLS read client hello (0) (TLS) RADIUS/TLS - send TLS 1.3 Handshake, ServerHello (0) (TLS) RADIUS/TLS - Handshake state - Server SSLv3/TLS write server hello (0) (TLS) RADIUS/TLS - send TLS 1.3 ChangeCipherSpec (0) (TLS) RADIUS/TLS - Handshake state - Server SSLv3/TLS write change cipher spec (0) (TLS) RADIUS/TLS - send TLS 1.3 Handshake, EncryptedExtensions (0) (TLS) RADIUS/TLS - Handshake state - Server TLSv1.3 write encrypted extensions (0) (TLS) RADIUS/TLS - send TLS 1.3 Handshake, CertificateRequest (0) (TLS) RADIUS/TLS - Handshake state - Server SSLv3/TLS write certificate request (0) (TLS) RADIUS/TLS - send TLS 1.3 Handshake, Certificate (0) (TLS) RADIUS/TLS - Handshake state - Server SSLv3/TLS write certificate (0) (TLS) RADIUS/TLS - send TLS 1.3 Handshake, CertificateVerify (0) (TLS) RADIUS/TLS - Handshake state - Server TLSv1.3 write server certificate verify (0) (TLS) RADIUS/TLS - send TLS 1.3 Handshake, Finished (0) (TLS) RADIUS/TLS - Handshake state - Server SSLv3/TLS write finished (0) (TLS) RADIUS/TLS - Handshake state - Server TLSv1.3 early data (0) (TLS) RADIUS/TLS - Server : Need to read more data: TLSv1.3 early data (0) (TLS) RADIUS/TLS - In Handshake Phase (0) (TLS) RADIUS/TLS - Handshake state - Server TLSv1.3 early data (0) (TLS) RADIUS/TLS - recv TLS 1.3 Handshake, Certificate (0) (TLS) RADIUS/TLS - Creating attributes from 2 certificate in chain (0) TLS-Cert-Serial := "7903974cb1367854b0fb2ee672ff78c68211ba5e" (0) TLS-Cert-Expiration := "250726070714Z" (0) TLS-Cert-Valid-Since := "250527070714Z" (0) TLS-Cert-Subject := "/C=FR/ST=Radius/L=Somewhere/O=Example Inc./emailAddress=admin@example.org/CN=free.loli.local" (0) TLS-Cert-Issuer := "/C=FR/ST=Radius/L=Somewhere/O=Example Inc./emailAddress=admin@example.org/CN=free.loli.local" (0) TLS-Cert-Common-Name := "free.loli.local" (0) TLS-Cert-CRL-Distribution-Points += " http://www.example.org/example_ca.crl" (0) (TLS) RADIUS/TLS - Creating attributes from 1 certificate in chain (0) TLS-Client-Cert-Serial := "02" (0) TLS-Client-Cert-Expiration := "250726070721Z" (0) TLS-Client-Cert-Valid-Since := "250527070721Z" (0) TLS-Client-Cert-Subject := "/C=FR/ST=Radius/O=Example Inc./CN=lolito/emailAddress=userdsdsd@example.org" (0) TLS-Client-Cert-Issuer := "/C=FR/ST=Radius/L=Somewhere/O=Example Inc./emailAddress=admin@example.org/CN=free.loli.local" (0) TLS-Client-Cert-Common-Name := "lolito" (0) TLS-Client-Cert-CRL-Distribution-Points += " http://www.example.com/example_ca.crl" (0) TLS-Client-Cert-X509v3-Extended-Key-Usage += "TLS Web Client Authentication" (0) TLS-Client-Cert-X509v3-Subject-Key-Identifier += "FD:D3:42:C8:4A:F1:0C:65:A5:A3:B6:8E:2A:73:B0:FA:B2:0D:CF:CD" (0) TLS-Client-Cert-X509v3-Authority-Key-Identifier += "86:BC:40:4A:6E:B2:66:02:81:A5:75:19:DF:93:B8:AD:12:75:75:60" (0) TLS-Client-Cert-X509v3-Extended-Key-Usage-OID += "1.3.6.1.5.5.7.3.2" (0) (TLS) RADIUS/TLS - Handshake state - Server SSLv3/TLS read client certificate (0) (TLS) RADIUS/TLS - recv TLS 1.3 Handshake, CertificateVerify (0) (TLS) RADIUS/TLS - Handshake state - Server SSLv3/TLS read certificate verify (0) (TLS) RADIUS/TLS - recv TLS 1.3 Handshake, Finished (0) (TLS) RADIUS/TLS - Handshake state - Server SSLv3/TLS read finished (0) (TLS) RADIUS/TLS - Handshake state - SSL negotiation finished successfully (0) (TLS) RADIUS/TLS - Connection Established (0) TLS-Session-Cipher-Suite = "TLS_AES_256_GCM_SHA384" (0) TLS-Session-Version = "TLS 1.3" (0) (TLS) RADIUS/TLS - Application data. (0) (TLS) OpenSSL says that it needs to read more data. In the radsecproxy debug log, the following appears: Tue Jun 10 07:00:54 2025: createlistener: listening for udp on *:1812 Tue Jun 10 07:00:54 2025: tlsconnect: TLS connection to freeradius_tls (Server-Freeradius port 2083), subject emailAddress=admin@example.org,CN=Server-Freeradius,O=Example Inc.,ST=Radius,C=FR up Tue Jun 10 07:01:24 2025: sslreadtimeout: SSL: error:0A000126:SSL routines::unexpected eof while reading Tue Jun 10 07:01:24 2025: tlsclientrd: connection to server freeradius_tls lost Tue Jun 10 07:01:24 2025: tlsconnect: TLS connection to freeradius_tls (Server-Freeradius port 2083), subject emailAddress=admin@example.org,CN=Server-Freeradius,O=Example Inc.,ST=Radius,C=FR up Using TLS 1.2 also disconnects, the debug is the same except for this: (0) (TLS) OpenSSL says that it needs to read more data. Clients connecting to radsecproxy reach FreeRadius correctly and everything works normally. I wanted to know if this disconnection is normal or if I'm doing something wrong? I'm testing this to implement it later. I'm using Debian 12. radiusd: FreeRADIUS Version 3.2.7 (git #694a97ddd), for host x86_64-pc-linux-gnu FreeRADIUS Version 3.2.7 OpenSSL 3.0.16 11 Feb 2025 (Library: OpenSSL 3.0.16 11 Feb 2025) Thank you.