TCP - FR3 client/server connection timeout
Alan DeKok
aland at deployingradius.com
Thu Jul 20 23:23:04 CEST 2017
On Jul 20, 2017, at 5:19 PM, Edelberto Franco <esilva at midiacom.uff.br> wrote:
>
> With TCP/TLS I have a curious comportment
> Imagine this scenario:
>
> # server : port
> case (1) FR3:33001 -> radsecproxy:2083
> case (2) radsecproxy: 44001 -> FR3:2083
>
> For case (1) FR3 is the client, and radsecproxy is the server. Case (2) shows FR3 as a server of radsecproxy for TCP/TLS connections.
>
> In case (1) FR3 TCP connection always keeps ESTABLISHED with radsecproxy, but in case (2) FR3 closes its connection with radsecproxy (client) after less than 1 minute (sending a FIN, normal...).
>
> So, is it possible to set FR3 to don't send FIN and close the TCP connection with radsecproxy client?
Read the "tls" virtual server, and look for "idle_timeout".
This is documented.
Alan DeKok.
More information about the Freeradius-Users
mailing list