Alan (and all), I believe that I have found a bug related to Access-Reject and the reject_delay and max_session_time configuration settings. I am running FR 1.0.0.
When I run radiusd -X, all behaves as expected. The Access-Reject is sent after the delay time indicated by the reject_delay setting. However, when I run radiusd as a deamon without any parameters, the Access-Reject is delayed by reject_delay + max_session_time when reject_delay>0. If I set reject_delay to 0 and run as a daemon, there is no delay. I would like to continue using the default reject_delay value as '1'. However, I have had to dramatically shorten the max_session_time to allow Access-Reject messages to be sent in a reasonable time. My first question is will shortening max_session_time to 1 second have any negative recurcussions? My second question is can the underlying problem be fixed in the next release? My environment is FR 1.0.0 using MySQL. I am using NTRadPing to test and tcpdump to monitor the response times from the RADIUS server. Thanks, _Mike - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html