Alan DeKok wrote: > Andreas Hartmann wrote: >> In eap.conf, the option eap -> tls -> cache -> enable is switched off >> and fast_reauth in wpa_supplicant is enabled. > > Uh... that makes no sense. > > You've disabled caching (i.e fast re-auth) on the server, and enabled > it on the client. Why are you surprised that fast re-auth isn't working?
I've seen similar problems between FreeRadius and wpa_supplicant both with and without the cache enabled. Getting wpa_supplicant to restart seems to clear it temporarily. My reading of Andreas's message was that he has tried it both ways. I haven't yet dug into it enough to try and pin down where the problem is. It does seem that problems with the cache should just result in a slow authentication taking place, not a total failure of authentication. -David Mitchell > >> If the reconnect takes place, the missing cache-data seems to be the >> problem -> the user cannot be authenticated: > > <shrug> That's what you told the server to do. > >> If fast_reauth in wpa_supplicant is disabled, the reauthentication works >> fine, but the connection between the AP and the supplicant ist >> interrupted for about 20 seconds - much to long :-). >> >> >> Do you have any idea how to solve this problem? > > Find out why the supplicant is taking 20s for authentication. > > Alan DeKok. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- ----------------------------------------------------------------- | David Mitchell (mitch...@ucar.edu) Network Engineer IV | | Tel: (303) 497-1845 National Center for | | FAX: (303) 497-1818 Atmospheric Research | ----------------------------------------------------------------- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html