On Wed, 5 Dec 2012, Alan Buxey wrote:
In the first instance, upgrade. There is a major security problem with 2.1.x release. Get 2.2.x onto your system asap.
This is the RedHat RPM which I believe are maintained by RedHat. Hopefully they've back ported any major security issues!
What are your NAS (cisco controllers) timeouts? Is this box a pure proxy or does it do authentication too? Have you enabled ciscos status-check system so it knows the RADIUS server isn't dead but just hasn't had a remote response yet?
It does both autentication and proxy and I do have status-check enabled. On the contraller I increased the default timeout from 2 seconds up to 8 seconds. At the same time I lowered the response_window for the two Home Servers from 20 seconds to 5 seconds, thinking the proxy would give up trying and respond to the controller before it timed out. That hasn't helped though. Perhaps I need to increase the controller timeout further.
Around 67% of eduroam sites in the UK use freeradius
I assumed it should work better than it is. -Mike - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
