Freeradius proxy times out after 14 seconds
raido.rattameister at gmail.com
raido.rattameister at gmail.com
Mon May 29 15:25:16 UTC 2023
Hey,
How to set Freeradius to wait for longer than 14 second for home server to
reply?
My config is: Firewall > Freeradius > Home server
Home server performs 2FA so I need to give users some time to accept push
notification on their phones.
With default config Freeradius will wait only 14 seconds before it times out
and sends login failure back to firewall.
I added "response_window" setting to clients.conf file.
If response_window setting is below 14 then timeout will be reduced to
whatever response_window value is.
If response_window is more than 14 then timeout is always 14.
Is there any way to override this setting and expand timeout to 30 seconds?
Log snippet from freeradius -X
Proxying request to home server 192.168.1.10 port 1812 timeout 14.000000
Sent Access-Request Id 155 from 0.0.0.0:59777 to 192.168.1.10:1812 length
113
User-Name = "test at example.com <mailto:test at example.com> "
User-Password = "password"
NAS-Identifier = "RADIUS"
NAS-IP-Address = 192.168.1.1
Event-Timestamp = "May 27 2023 20:33:05 EDT"
Message-Authenticator := 0x00
Proxy-State = 0x3437
Waking up in 0.3 seconds.
Expecting proxy response no later than 13.667138 seconds from now
Waking up in 13.6 seconds.
No proxy response, giving up on request and marking it done
Marking home server 192.168.1.10 port 1812 as zombie (it has not responded
in 14.000000 seconds).
ERROR: Failing proxied request for user "test at example.com
<mailto:test at example.com> ", due to lack of any response from home server
192.168.1.10 port 1812
Clearing existing &reply: attributes
Found Post-Proxy-Type Fail-Authentication
server default {
Post-Proxy-Type sub-section not found. Ignoring.
Executing group from file /etc/freeradius/3.0/sites-enabled/default
Best,
Raido
More information about the Freeradius-Users
mailing list