Multiple access-request + access-accept packets in one conversation.
Vlad Kratsberg
vkratsberg at gmail.com
Wed Jun 1 21:27:54 CEST 2016
Hi Freeradius Users,
I will appreciate some help here. We are running FR3.0.11 + ldap + 802.1x
peap + gtc.
When client tries to get on the network for the first time, everything is
good. Server issues cert, client accepts, vlan id is attached to
access-accept packet, and client gets an ip. The whole exchange is fast
and only consists of 8 request packets.
http://pastebin.com/P35eNW4C
However , when client tries to re-authenticate -- communication between
client and a server grows to 100 + request packets while server responds
with multiple access-accept packets and none of them contain Tunnel-Id (
not cached ?)
http://pastebin.com/y1HGF4PP
When i disable cache subsection of eap module, and client tries to
re-authenticate, i also get a very long conversation (100+ requests )
involving multiple access-request and access-accept messages, however
access-accept messages return with Tunnel-id attribute.
Can someone point me in the right direction as to why communication is so
long and involves multiple access-accept packets when client tries to
re-authenticate and what needs to be done with cache so it works properly
and caches Tunnel-Id.
Thanks
More information about the Freeradius-Users
mailing list