TTLS authentication slow
Artur Hecker
hecker at wave-storm.com
Tue Nov 13 17:18:34 CET 2007
Allan,
Maybe I missed it, but what client do you use? Windows does not yet
support TTLS natively.
Artur
On 13 Nov 2007, at 16:23, Alan DeKok wrote:
> Allan Riordan Boll wrote:
>> The problem is that authenticating takes around 20 seconds. While
>> running the server in a terminal with the -X flag, I see that my
>> Windows
>> XP client first makes one TLS request, then waits ~20 seconds, then
>> makes two more TLS requests and four TTLS requests all together
>> taking
>> less than one second. After these last six requests the client is
>> immediately online.
>
> It sounds like a weird Windows issue...
>
>> Can anyone hint me on why the client waits for so long before
>> doing the
>> requests it needs? Is my Freeradius server erroneously defaulting the
>> client to use TLS instead of TTLS, and confusing the client?
>
> No. Many people are running FreeRADIUS with Windows clients (XP
> SP1,
> SP2, Vista), and most authentications happen very quickly. I'm not
> sure
> why the Windows machines would take so long.
>
> Maybe try it with a different access point.
>
>> I've written a radiusd.conf from scratch, so that the server only
>> runs
>> the modules I actually use, hoping this is safer and easier to
>> administrate. Please feedback if anyone have any comments on this
>> approach.
>
> If it works...
>
> If it doesn't work, go back to the default config.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/
> users.html
More information about the Freeradius-Users
mailing list