21 Feb
2025
21 Feb
'25
1:04 p.m.
Hello FreeRADIUS community, I am currently using FreeRADIUS 3.2.x as a RADIUS proxy to forward EAP-PEAP/MSCHAPv2 authentication requests to a backend Microsoft NPS server. The setup is working correctly, but I am facing an issue with TLS session resumption when using a proxy in the inner-tunnel: Attributes are never saved in the tls cache. When I use this setup without any proxy at all, TLS session resumption just works as expected. Is TLS session resumption supported when using FreeRADIUS as a proxy for the inner authentication? If so, how can I properly cache the TLS session in this scenario? Any guidance would be greatly appreciated. Thank you for your help! Best regards, Pierrick