confusion about radius.log entries

Alan DeKok aland at deployingradius.com
Wed Aug 26 03:01:51 CEST 2015


On Aug 25, 2015, at 8:08 PM, Winders, Timothy A <twinders at southplainscollege.edu> wrote:
> We have had back to school this week and a lot of students are complaining about "unstable wifi".  Not a lot of help… but after much digging, the general report is that they connect to the wireless network (Cisco 5508 controller advertising WPA2 Enterprise / PEAP / MSCHAPv2 network authenticating against FreeRadius 3.0.7 with Active Directory) but then they will lose their connection and may not be able to get connected again for 30 minutes to several hours later.

  If they're connected, any later disconnect is *not* a RADIUS problem.

> My question here is related to the activity I’m seeing in the radius.log on the FR servers.  I see login OK messages for the same user repeatedly at intervals from a few seconds to a few minutes apart.  I thought it might have something to do with a user moving between access points, but even when they are in a fixed location, multiple entries show in the log.

  It's the user trying to re-authenticate.  Over and over.

> I’m not familiar with the radius protocol, but this seems… excessive.  My first thought is a misconfiguration of the WLAN on the Cisco controller, but, before opening a case with Cisco, are there thoughts from the FR community?

  Blame the end user system, and / or the WiFi access point.

> Here is a sample of log messages for me from a period today:
> 
> Tue Aug 25 14:15:08 2015 : Auth: (24739)   Login OK: [twinders at southplainscollege.edu] (from client lev-wireless1 port 13 cli 04-f1-3e-bc-44-05 via TLS tunnel)

  FreeRADIUS is authenticating the user OK.  After that, if anything goes wrong, it's the fault of some other system in the network.

  Alan DeKok.




More information about the Freeradius-Users mailing list