Session resumption

Arran Cudbard-Bell a.cudbardb at
Thu Feb 11 18:58:30 CET 2016

> On 11 Feb 2016, at 01:59, Jonathan Gazeley <Jonathan.Gazeley at> wrote:
> On 11/02/16 09:51, A.L.M.Buxey at wrote:
>> Hi,
>>> Is there are a way to fabricate EAP/MSCHAPv2 packets such that we
>>> can reliably provoke the server into using session resumption or
>>> not? This way we would be able able to
>>> test->capture->debug->fix->repeat much more quickly.
>> use eapol_test from the wpa_supplicant system
>> its likely that you have some policy or unlang corner-case that isnt
>> matching the cache...or you arent querying the existing cache entry
>> and adding other stuff based on the new NAS id - possibly roaming
>> events between 2 seperate controllers etc etc
> Thanks for the suggestions. We already use eapol_test for monitoring and testing/debugging but I'm not sure how to generate packets that definitely lead to resumed sessions. Is there an attribute I need to add?

No, you just set it to repeat authentication n types.  There's an argument you pass, see output of -h.

If you look through the debug output (of FreeRADIUS), it'll mention the session is being resumed.


Arran Cudbard-Bell <a.cudbardb at>
FreeRADIUS development team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 872 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <>

More information about the Freeradius-Users mailing list