delayed Access Reject response

Florin Andrei florin at
Tue Oct 30 20:48:16 CET 2007

manIP wrote:
> On 10/30/07, *Florin Andrei* <florin at 
> <mailto:florin at>> wrote:
>     If the password is incorrect, the Access Reject reply is delayed until
>     the user enters the password the second time. It's like the server waits
>     for the next auth attempt to send back the Reject.
> Look at "reject_delay" in radiusd.conf. May be that will answer your 
> question.

It was set to 1, but the actual delay is clearly bigger than that. In 
fact, it doesn't seem to be constant, it seems to wait until a new 
request was sent, and then it unleashes the reject.

I set reject_delay to 0 and now there's no delay, but I'm not sure I 
like it that way, due to possible brute-force attacks.

Florin Andrei

More information about the Freeradius-Users mailing list