On Fri, Apr 9, 2010 at 8:46 AM, Rosario Lumia <ery...@gmail.com> wrote:
> Sorry for my (very) bad english. Only for clearness: I'd want to know if > there is a way to log the end of a 802.1x session. I mean: a client turn off > his wireless card and (I think) AP can (??) send a message to freeradius > because the association between client and AP is lost. > My question was: is it possible? > Your answer was very clear. Answer: probably not. >From what I've read, supplicants can send an EAPOL-Logoff message to an authenticator (ie. an AP/switch). The authenticator could then disable the "port." I can't think of any good reason the authenticator would send this message to RADIUS. I've also read that Windows clients will send an EAPOL-Start message when a user logs off instead of an EAPOL-Logoff. Neither of these are really good methods for determining whether an association between a client and an AP is lost. -M - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html