Ubuntu client always connect to wlan even if it is not allowed by Freeradius
Alan DeKok
aland at deployingradius.com
Mon Oct 3 12:08:33 CEST 2011
PROST Frédéric wrote:
> It seems that it has a kind of cache but I can't determine where and how to disable it (on my Radius server).
FreeRADIUS doesn't cache authentications. The issue is likely that
your switch is caching the status of the MAC address.
> Here is a freeradius log extract of the first connection where we can see that it checks the MAC address
I'm *presuming* that this is for an Access-Request. I don't know,
because you've deleted most of the debug output.
> Here is the Freeradius log file for the second connection, after disable MAC Address and restarted FreeRadius (it connects directly without checking MAC address) :
Read it:
> rad_recv: Accounting-Request packet from host 192.168.2.15 port 32847, id=2, length=152
That's not an Access-Request.
The NAS (or switch) is starting an accounting session without first
authenticating the user.
> Do you have any idea of how to correct this ?
Fix the switch so that it sends Access-Requests when a user connects
to it.
Alan DeKok.
More information about the Freeradius-Users
mailing list