Folks, I'm having trouble getting session caching to work in 3.0.9. In my config a user's VLAN is determined based on an LDAP search and in some cases by an external program (exec). This is done in the inner-tunnel. For session caching I added the following to post-auth of inner-tunnel: if ( reply:Tunnel-Private-group-ID ) { update reply { Cached-Session-Policy :="vlan=%{reply:Tunnel-Private-Group-ID}" } } And the following to post-auth of default: if ( reply:Cached-Session-Policy ) { if ( reply:Cached-Session-Policy =~ /vlan=(.+)/ ) { update reply { Reply-Message += "Cached policy:%{reply:Cached-Session-Policy}" Tunnel-Private-Group-ID := "%{1}" Tunnel-Type := VLAN Tunnel-Medium-Type := IEEE-802 } } } Question 1: use_tunneled_reply. Is it truly deprecated in the case of session caching? When I use the alternative given in the example config file, I never see any .vps file saved in the disk cache though there is a .asn1 file. When I revert to use_tunneled_reply=yes the .vps files appear and their content appears correct. Question 2: See attached debug log. When a session resumes, the cached info appears to be read correctly from the cache (see "Debug: (41)") but it never gets sent back in the reply (see "Debug: (42)"). What am I doing wrong? Regards, Jason Alderfer