Can Session-Timeout be used to force users to re-authenticate?

Jason Wittlin-Cohen jasonwc at brandeis.edu
Fri Oct 6 23:23:00 CEST 2006


Is it possible to use the Session-Timeout setting to force wireless
clients to re-authenticate with the RADIUS server at a given interval?
Unfortunately my Acesss Point does not provide this functionality, so I
either have to do it via a supplicant such as the Funk Odyssey Client or
on the Freeradius server. I am running Freeradius 1.1.3 on a Debian
Sarge 3.1 system and I'm using EAP-TLS for authentication. I don't think
it matters but I'm using a Buffalo WHR-G54S Wireless Router with the
DD-WRT v23 SP2 firmware.

I am trying to force my wireless clients to re-authenticate with the
RADIUS server every 30 minutes (1800 seconds) with the Session-Timeout
setting. Currently I am testing with just one user, and the
Session-Timeout = 1800 setting is being sent with the Radius Access
Accept message (I can see it in the Accept Accept message when I run in
debug mode). However, this seems to have no affect. The user does not
re-authenticate at the given interval.

Here's my setting from the users file:

"Jason Wittlin-Cohen"
    Session-Timeout = 1800









More information about the Freeradius-Users mailing list