preventing multiple authentication attempts for up to 2 minutes.

Jim Whitescarver jimscarver at gmail.com
Fri Mar 18 14:14:43 CET 2016


I am using nlm_python plugin to trigger an out-of-band authentication and
get a result typically completed in about 20 seconds but should not time
out for two minutes.

When I run radtest and a duplicate request comes in I get

(0) Ignoring duplicate packet from client localhost port 32940 - ID: 2 due
to unfinished request in component authenticate module python

in the log.  However, in an actual login attempt from a 3rd party system
configured to use this radius instance I often see a second authentication
attempt almost immediately started while the first is still in progress.

How can I prevent this?

I set idle timeouts in clients.conf and sites-available/default to 120.
What else is needed?

Thanks,

Jim


More information about the Freeradius-Users mailing list