[EXT] Resuming a user cached session with EAP-TTLS

Mon Jan 23 15:59:37 UTC 2023

florentvercourt at gmail.com <florentvercourt at gmail.com> wrote:
> I’m working to set up a FreeRADIUS server in version 3.2 that is able to
> perform fast-reauthentication of users by caching sessions.
> I‘m using EAP-TTLS/PAP as authentication protocol, and my users are stored
> in an LDAP.

You can use the -r flag to eapol_test to test reauthentications from the commandline
without involving a client.

We do something like this in our test scripts though you'll have to adjust it for PAP:

eapol_test -t 4 -c $ETSCRATCH -r 1 -a $IP1 -p 1645 -s $SECRET $CallingSID $IP2 $CalledSID:ESSID | perl -ne '$m = 1 if m/Triggering EAP reauthentication/; $m = 0 if m/MSCHAP/; print if $m;' | grep -q 'MS-MPPE-Recv-Key' && echo "worked" || echo "failed"