On Wed, Feb 12, 2003 at 10:00:10PM +0100, Daniele Brevi wrote: > Hi at all, > > thanks at all for the previous question. > I have read in RFC 3078 that the MPPE key can be changed frequently > > "MPPE session keys are changed frequently; the exact frequency depends > upon the options negotiated, but may be every packet." > > I have read in a old thread that we can set a time for the rekeyng in > Freeradius during the same session > Is this exact?
MPPE rekeying is not based on time, it is based on number of packets transmitted. For stateless mode, it's every packet. For stateful mode, it's every 256 packets. The rekeying implementation in mppe is bad, and is overkill to compensate for a poor implementation of rc4. RADIUS (itself, not just freeradius) cannot select whether or not to use stateful/stateless; that has to be configured locally in the NAS. win98SE and up do stateless by default. /fc - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
