rlm_eap problem after upgrade from 2.1.12 to 2.2.5 via radsecproxy

Thomas Boettcher boettcher at itc.rwth-aachen.de
Tue Sep 2 10:59:50 CEST 2014

Hello community,

my setup are two boxes with Freeradius and radsecproxy 1.6.5 in an 
eduroam environment.

after upgrading from 2.1.12 to 2.2.5 without any configuration changes I 
register an enormous (times 31 (562:17678 per day)) amount of error 
"rlm_eap: No EAP session matching the State variable."

The following "Login incorrect:" is mainly from the radsecproxy nas 

Users from the remote locations brought me to the Problem since they are 
authenticated OK and just seconds later the above error results in a 
"Login incorrect". These users are filling my logs with wavelike 
loglines (OK, incorrect, OK, incorrect). On the other hand not all 
remote users are affected. The users who stated to have to problem were 
all within the international eduroam community (not national), but this 
is just a guess.

I do not understand why the eap state variable could be mixed up by a 
Software Upgrade to a "stable" version, so it looks to me that the 
problem resides within the freeradius programming. At the moment I do 
not fully understand all code differences between the two versions.

I downgraded to 2.1.12 again to keep my users online, but the problem 
should be solved.

Any ideas to debug the problem are welcome.

Does anyone see similar problems with 2.2.5?

Thanks for any help, Thomas Böttcher

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4807 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140902/032f7a50/attachment-0001.bin>

More information about the Freeradius-Users mailing list