now it's a bit out of scope but i am sure some of you have some experiences with xsupplicant. i'm doing EAP/TLS over cisco 350 card and cisco 1200 or 350 APs to the 0.9.3 release of freeradius and it's actually a bit funny since (one of the latest) xsupplicant doesn't stop reauthenticating all the time although there is nothing in the Access-Accept message which would limit the session-time. so this is not about freeradius.
now, i would have said that this has nothing to do with xsupplicant neither since, in the packet log, the AP is really sending an EAP Request/Identity. But curiously enough, with Windows XP's own 802.1X client with the _same_ card and the _same_ client certificate this does _not_ happen.
basically, freeradius sends exactly the same Access packet in both cases: Access-Accept along with all the keys. now, xsupplicant says Authenticated. then it gets its keys, the broadcast _and_ the unicast keys, installs those two correctly and, hardly installed, it gets a new (re)authentication request!?
the really funny thing is that the data pass through during all this reauthentication storm: i can bring up my wireless interface with DHCP and then even ping hosts while they keep on reauthentcating with about 0.5s delays between the last EAPOL key and the new EAP Request/ID...
does somebody have _ANY_ idea what it could be about?
ciao artur
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
