EAP-TLS and PEAP redundancy options
John Paul
JDPAUL at GoColumbiaMO.com
Tue Dec 4 16:49:15 CET 2007
>
> FreeRADIUS does not do session resumption. If the supplicant tries to
> do session resumption, I don't know what will happen. You should ensure
> that the supplicant has session resumption disabled.
>
Windows does support it but it's switched off by default and I have verified this
> Windows may support session resumption. FreeRADIUS does not.
>
> There are patches to enable this, but they have not, as yet, been
> integrated. In any case, they won't help you to fail over from one
> server to another.
I'm not interested in doing fast session resumption, I'd just as soon have the client start fresh every time.
>
> If the Windows client has session resumption enable, *should* notice
> that session resumption has failed, and re-authenticate from scratch.
I would think it would too, but it does not seem to, even after it is given several minutes to get its act together
> I suspect that the issue is "fast session resumption" on the Windows
> box. Turn it off.
It is indeed turned off
> If that doesn't fix it, the Windows client is broken. Try another one.
>
I'll be happy to try another client - is there one you would recommend or suggest that I try
More information about the Freeradius-Users
mailing list