rlm_eap problem after upgrade from 2.1.12 to 2.2.5 via radsecproxy
Alan DeKok
aland at deployingradius.com
Tue Sep 2 18:13:15 CEST 2014
Thomas Boettcher wrote:
> my setup are two boxes with Freeradius and radsecproxy 1.6.5 in an
> eduroam environment.
>
> after upgrading from 2.1.12 to 2.2.5 without any configuration changes I
> register an enormous (times 31 (562:17678 per day)) amount of error
> messages:
> "rlm_eap: No EAP session matching the State variable."
That's generally a proxy problem. The client transmits a packet
through proxy A, and retransmits the same packet through proxy B.
> Users from the remote locations brought me to the Problem since they are
> authenticated OK and just seconds later the above error results in a
> "Login incorrect".
No. If they're authenticated OK, then they're authenticated. There
is no way to remotely fail an authentication which previously succeeded.
> I do not understand why the eap state variable could be mixed up by a
> Software Upgrade to a "stable" version, so it looks to me that the
> problem resides within the freeradius programming. At the moment I do
> not fully understand all code differences between the two versions.
There are a LOT of differences between the two versions. But nothing
(to my knowledge) that would create this problem.
> Any ideas to debug the problem are welcome.
Run the server in debugging mode.
> Does anyone see similar problems with 2.2.5?
I don't think so.
Alan DeKok.
More information about the Freeradius-Users
mailing list