Failed (re-)authentification after some time...
Jan Zacharias
janz at dfki.de
Mon Aug 30 18:04:10 CEST 2010
Hi Alan,
I did more tests (now with two winXP clients and one OSX client),
the problem is still unsolved:
Wed Aug 18 18:03:21 2010 : Auth: Login OK: [jan/<via Auth-Type = EAP>] (from
client swba1-00-test port 0 via TLS tunnel)
Wed Aug 18 18:03:21 2010 : Auth: Login OK: [jan/<via Auth-Type = EAP>] (from
client swba1-00-test port 50043 cli 00-08-74-46-34-F7)
Wed Aug 18 18:03:24 2010 : Auth: Login OK: [jan/<via Auth-Type = mschap>] (from
client swba1-00-test port 0 via TLS tunnel)
Wed Aug 18 18:03:24 2010 : Auth: Login OK: [jan/<via Auth-Type = EAP>] (from
client swba1-00-test port 50039 cli 00-16-CB-AA-0F-CB)
Wed Aug 18 18:03:27 2010 : Auth: Login OK: [jan/<via Auth-Type = EAP>] (from
client swba1-00-test port 0 via TLS tunnel)
Wed Aug 18 18:03:27 2010 : Auth: Login OK: [jan/<via Auth-Type = EAP>] (from
client swba1-00-test port 50041 cli 00-1E-37-90-89-D2)
Wed Aug 18 18:03:45 2010 : Error: Child PID 72473 is taking too much time:
forcing failure and killing child.
Wed Aug 18 18:03:45 2010 : Auth: Login incorrect: [jan/<via Auth-Type = EAP>]
(from client swba1-00-test port 0 via TLS tunnel)
Wed Aug 18 18:03:45 2010 : Auth: Login incorrect: [jan/<via Auth-Type = EAP>]
(from client swba1-00-test port 50043 cli 00-08-74-46-34-F7)
Wed Aug 18 18:03:55 2010 : Error: Child PID 72474 is taking too much time:
forcing failure and killing child.
Wed Aug 18 18:03:55 2010 : Auth: Login incorrect: [jan/<via Auth-Type = mschap>]
(from client swba1-00-test port 0 via TLS tunnel)
Wed Aug 18 18:03:55 2010 : Auth: Login incorrect: [jan/<via Auth-Type = EAP>]
(from client swba1-00-test port 50039 cli 00-16-CB-AA-0F-CB)
Wed Aug 18 18:03:55 2010 : Error: rlm_eap: No EAP session matching the State
variable.
Wed Aug 18 18:03:55 2010 : Auth: Login incorrect: [jan/<via Auth-Type = EAP>]
(from client swba1-00-test port 50043 cli 00-08-74-46-34-F7)
Wed Aug 18 18:04:05 2010 : Error: Child PID 72475 is taking too much time:
forcing failure and killing child.
Wed Aug 18 18:04:05 2010 : Auth: Login incorrect: [jan/<via Auth-Type = EAP>]
(from client swba1-00-test port 0 via TLS tunnel)
Wed Aug 18 18:04:05 2010 : Auth: Login incorrect: [jan/<via Auth-Type = EAP>]
(from client swba1-00-test port 50041 cli 00-1E-37-90-89-D2)
The strange thing: freeradius is started with the "no childs" option:
freeradius 60384 0.0 0.4 11560 9240 4 S 11:57AM 0:49.13
/usr/local/sbin/radiusd -s
So why does it complain about childs that take to long?! Btw: The server has a
load of 0.00 and
network IO is only to the ads server. If I block traffic to it, freerad does not
complain about
childs that take to long, so the problem hides elsewhere, I guess.
Thanks for your help!
Best, Jan
Alan DeKok <aland at deployingradius.com> hat am 17. August 2010 um 09:47
geschrieben:
> Jan Zacharias wrote:
> > Sun Aug 15 10:01:39 2010 : Error: Discarding duplicate request from
> > client swba1-00-test port 1645 - ID: 157 due to unfinished request 125603
>
> As always, something is blocking the server.
>
> > The entry Sun Aug 15 10:01:39 2010 is interesting as no client was
> > connected to port 1645 at that time
>
> <shrug> The server doesn't invent packets. *Something* sent it a packet.
>
> > My question: can I somehow extend the timeout or do anything else to
> > prevent this from happening?
>
> Fix is so that nothing is blocking the server.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100830/f8a1a07a/attachment.html>
More information about the Freeradius-Users
mailing list