How to write log only once in Post-Auth-Type REJECT section of EAP module?
great. Thank you for your reply. If you summarize your words update "session-state" in "INNER-SERVER", If this "session-state" is available in the Post-Auth REJECT section of "External-SERVER", use it. I understand what you wrote above. So can you please confirm why the comment I mentioned exists? My report said, "There is no reason. I just tried it and it worked." I can't say that. If I update "sesssion-state" in "INNER-SERVER" I actually get usable results as I want. However, the comment related to "session-state" in the Post-Auth REJECT section of "External-SERVER" says "It cannot be used." And what you mean by this is "it doesn't exist." He said. As a result, according to the comments and what you said, I shouldn't be able to use "session-state". But I'm confused because I can use "session-state". Can you explain why I can use it? (I may have misunderstood the comment or what you said.)
On Jan 30, 2024, at 12:02 AM, 남혁준 <sawd1598@gmail.com> wrote:
So can you please confirm why the comment I mentioned exists?
The code changed, and the documentation wasn't updated. But that doesn't really matter. The session-state list is used to track data across Access-Challenges. But after the Access-Accept or Access-Reject is sent, there is no more session, and the session-state list is deleted. So while you can put attributes into the session-state for Access-Reject, that won't do anything. The wi'll just be deleted once the Access-Reject is sent. Alan DeKok.
participants (2)
-
Alan DeKok -
남혁준