rlm_eap problem after upgrade from 2.1.12 to 2.2.5 via radsecproxy
Alan DeKok
aland at deployingradius.com
Wed Sep 3 16:06:17 CEST 2014
Thomas Boettcher wrote:
> what me concerns is, that the problem occurs, when MY freeradius is
> upgraded. So it looks to me that the software is handling something
> within the eap more strictly.
That could be true. It could also be true that the SSL interactions
are different. Windows is *very* picky about SSL in EAP.
> I analysed my logs and picked some users with high amounts of Login
> problems. Running in 2.1.12 there is also a high amount of Logins for
> this user at the remote site. The only difference is, that they all are
> accepted. In 2.2.5 I get this:
> 2 Login OK (outer and inner Tunnel)
> 5-10 secs later: rlm_eap State variable error with Login incorrect.
> This repeats mostly every 30 seconds.
That's a problem. The user shouldn't be authenticating every 30s.
> Leads me to the assumption, that the remote NAS is doing Login requests
> very ofter (maybe WLAN coverage holes or many autonomous APs).
Which can lead to network problems.
Alan DeKok.
More information about the Freeradius-Users
mailing list