The users session was previously rejected

Tim Pretlove T.Pretlove at
Sat Oct 31 18:14:11 CET 2015

Hi Alan,

On Sat, 31 Oct 2015, Alan DeKok wrote:

> On Oct 31, 2015, at 5:40 AM, Pretlove, Tim <T.Pretlove at> wrote:
>> I fairly new at Freeradius and I have been upgrading our version 2 servers to version 3.0.10 and I have what I believe is a configuration issue.
>> The user is correctly rejected by eap/MSCHAP but it continues into eap/PEAP where I get the error
>> Sat Oct 31 09:08:24 2015 : Info: (11) eap_peap:   The users session was previously rejected: returning reject (again.)
>  Those messages say "Info".  Not "Error".

The Error message is

ERROR: (11) eap: Failed continuing EAP PEAP (25) session.  EAP sub-module 

and in Debug I also see

Debug: (11) eap: Sending EAP Failure (code 4) ID 11 length 4
Debug: (11) eap: Failed in EAP select

>> How do I avoid dropping into the peap section if the user is rejected further up the chain?
>  You don't.  It's doing PEAP as expected.

Okay that's fine

>  The message is there for people who read only the last few lines of the debug output.  It tells them to read the PREVIOUS messages to see the error.

I see this appearing in the log file without debug enabled.

>  Alan DeKok.
> -
> List info/subscribe/unsubscribe? See


Tim Pretlove
Computing Services
University of Liverpool
Brownlow Hill

More information about the Freeradius-Users mailing list