EAP-TLS and PEAP redundancy options

John Paul JDPAUL at GoColumbiaMO.com
Tue Dec 4 16:49:15 CET 2007

>   FreeRADIUS does not do session resumption.  If the supplicant tries to
> do session resumption, I don't know what will happen.  You should ensure
> that the supplicant has session resumption disabled.

Windows does support it but it's switched off by default and I have verified this

>   Windows may support session resumption.  FreeRADIUS does not.
>   There are patches to enable this, but they have not, as yet, been
> integrated.  In any case, they won't help you to fail over from one
> server to another.

I'm not interested in doing fast session resumption, I'd just as soon have the client start fresh every time.

>   If the Windows client has session resumption enable, *should* notice
> that session resumption has failed, and re-authenticate from scratch.

I would think it would too, but it does not seem to, even after it is given several minutes to get its act together

>   I suspect that the issue is "fast session resumption" on the Windows
> box.  Turn it off.

It is indeed turned off

>   If that doesn't fix it, the Windows client is broken.  Try another one.

I'll be happy to try another client - is there one you would recommend or suggest that I try

More information about the Freeradius-Users mailing list