Issue with EAP authentication on packet loss

jm+freeradiususer at jm+freeradiususer at
Wed Apr 25 11:09:24 CEST 2018

On 4/25/2018 10:55 AM, Arran Cudbard-Bell wrote:
> What's happening are there are internal timers that cleanup the session information (keyed off the State attribute), so when that retransmission comes in the session has already been cleared out.
> In v3.0.x the state tree cleanup time is main_config.max_request_time * 10.

I don't believe this applies here. max_request_time * 10 would be 300 
The second attempt from the NAS comes in after 15 seconds. So there's 
plenty of time.

As I have shown, debugging output clearly throws away the session 
instantly during the first response (which is getting lost).

BTW this is happening every now and then only. I don't think that's 
abnormal, but it's not cool when reauthentications are being used and 
users are disconnected for a few minutes until the NAS retries the a 
completely new authentication.

More information about the Freeradius-Users mailing list