PEAP-MSCHAPv2: Cannot recover attributes from TLS Session Cache

Wussler, Doug doug.wussler at fsu.edu
Fri Aug 5 19:16:26 CEST 2016


>Brian Julin wrote:
> > Wussler, Doug wrote:
> > But now I am trying to add TLS Session Cache, which looks like an
> > under-appreciated and very cool capability.

> I jotted some notes on how we got it working here.  Not quite sure if
>there
> have been tweaks since then, but give this a whir:

> 
>http://lists.freeradius.org/pipermail/freeradius-users/2016-January/081595
>.html


Brian -

I¹m grateful for the effort you put into your reply.  Indeed, you did
provide
the clue I needed.  In my case all I needed to add was the ³Post-Auth-Type
Challenge²
clause to my outer tunnel.  Looks like we now have fast-reconnect working!
 Should
have a large impact here.

Perhaps there is something else I don¹t understand but it does not look
like ³use_tunneled_reply² in the eap module is really deprecated.  I can¹t
get anything to work without that.

In any case, thank you very much.  I appreciate your help.


Doug Wussler
Florida State University
 




More information about the Freeradius-Users mailing list