[RADIATOR] Two Simultaneous Logins (PEAP and TTLS) - Possibly Android related
Heikki Vatiainen
hvn at open.com.au
Mon Jan 9 18:28:10 UTC 2023
On 4.1.2023 18.48, Ullfig, Roberto Alfredo via radiator wrote:
> We're seeing about 10 users (out of 70K) logging in twice at the same
> time when they connect. One is PEAP and the other is TTLS? Any ideas
> what the cause is? We believe it's related to Android.
Doesn't sound familiar. One idea I have, that might help to understand
why this happens, is to check Calling-Station-Id attribute in Radius
requests. If you already log it to an authentication log, or have full
debug level logs, the CSI might help to see if this is the same device.
MAC address randomisation may cause the address to change, for example,
daily, but authentications happening at the same time likely use the
same MAC address.
Hopefully I'm not stating the obvious, but could it be that the user has
multiple devices that auto-join at the same moment?
Thanks,
Heikki
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, TACACS+, PAM, Active Directory,
EAP, TLS, TTLS, PEAP, WiMAX, RSA, Vasco, Yubikey, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, etc.
More information about the radiator
mailing list