Radius attributes and APs
David Mitton
david at mitton.com
Sat Nov 25 04:37:23 CET 2006
On 11/23/2006 02:09 PM, Alan DeKok wrote:
>Manuel Sanchez Cuenca wrote:
> > Alan DeKok escribió:
>
> >> Do you have a more specific question?
> >>
> > But not all APs enforce the Radius attributes. For example the Linksys
> > wrt54g doesn't takes into account the session timeout attribute. So, can
> > you tell me any AP which enforces this attribute, and others?
>
> If there was such a list, it would be up on freeradius.org, or on the
>wiki. That is, you're asking on the FreeRADIUS list about NAS
>documentation.
>
> I suggest picking an AP, and then reading its documentation to see if
>it supports the attributes, or asking the NAS vendor.
>
> Alan DeKok.
>--
The problem with compiling such a list is acquiring the equipment to test.
Most of us just buy a couple APs and live with with we get.
I discovered that the Linksys didn't honor
Session-Timeouts when I captured it screwing up
EAP-POTP sessions in progress, despite our RADIUS
server providing Session-Timeout values in every EAP exchange.
I think it's actually not properly implementing
the 802.1x state machine in it's timeout behavior.
And I didn't go looking for this. It was brought
to my attention when someone else had a problem.
The only AP that I know that works for everything
I throw at it, during development, is the Cisco
Aironet 1200 series. The only problem is that
it's not cheap. But it works for me, so I don't try others.
Dave.
More information about the Freeradius-Users
mailing list