reauth-problem with WPA2-tls
Alan DeKok
aland at deployingradius.com
Fri Jun 4 09:11:01 CEST 2010
Andreas Hartmann wrote:
> I have one basic question:
> There are now two different caches: one in eap (based on ssl) and the
> extern cache, rlm_caching.
rlm_caching has nothing to do with EAP.
> If I want to use fast_reauth, is it necessary to enable both caches or
> must the ssl-cache in eap.conf be disabled to run fast_reauth
> successfully with rlm_caching?
The EAP configuration explains what you need to do for fast re-auth.
> Meanwhile, I have a configuration, which does a User-Name-based
> rlm_caching at the end of the last fragment of the initial
> authentication with an originaly empty database.
What is it supposed to do?
> But the problem is:
>
> If the user reconnects or wants to connect initial again, the process is
> stopped (with success returned) at the moment, the client sends the
> User-Name.
> This is wrong. The process can't be interrupted before the key exchange
> has been done successfully.
> How can this be written in the config-file (authorize-section)?
What do you want to do?
I have no idea why you configured the caching module, and you haven't
explained why you configured it.
Alan DeKok.
More information about the Freeradius-Users
mailing list