Stefan Winter wrote: > How does this work together with anonymous outer ids? I.e. if outer > User-Name = [email protected] and the inner User-Name is [email protected], then > the cache contains a session for [email protected]
Yes. > On session resumption, there is no inner tunnel exchange, there's a > packet User-Name = [email protected] and an EAP-Message with SSL magic (but > no inner User-Name)... So how does FreeRADIUS know what to look up in > the cache? Or am I missing something here? There's an SSL identifier associated with the session: supplicant: I have SSL id 0x282674736733673 server: OK, it's in my cache. (Modulo various crypto operations to keep it secure) The server uses the Id to find the cache entry, and the cached User-Name. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
