selahattin_cilek at hotmail.com
Thu Feb 2 19:30:27 CET 2017
On 02.02.2017 21:20, A.L.M.Buxey at lboro.ac.uk wrote:
>> How do I implement a Cached-Session-Policy and how do I make sure that
>> the Session-Timeout attribute is included?
> wait. are you sure thats even your problem? have you captured the RADIUS
> packets to see the content when the re-auth is sent?
Yes, I have captured and checked RADIUS authentication and accounting
packets three times:
tcpdump -n -vvv -i em1 src or dst host 192.168.2.1 or 192.168.2.3 and
src or dst port 1812 or 1813
The Session-Timeout appears at the beginning of the 1st session only:
"Session Timeout Attribute (27), length: 6, Value: 10:00 min"
I have also disabled EAP session caching with the exact same outcome.
> if you have, and that attribute is missing then
That attribute is missing in the Access Accept of the second session.
> 1) you can send the attribute back all the time (add it to reply in the post-auth
> section of the outer tunnel
There is no "outer-tunnel" in "sites-available", even if there were one,
I wouldn't know how to add it.
> 2) read the cache docs and look at provided config (if you havent stripped it all out)
> that shows how to add attributes into the cache system and how to apply those
> cached values to the outer reply
I don't know where the cache docs are and would gladly read them if you
could direct me.
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
This email has been checked for viruses by Avast antivirus software.
More information about the Freeradius-Users