[RADIATOR] Radiator Version 4.11 released

[Jethro R Binks]

On Fri, 14 Dec 2012, Heikki Vatiainen wrote:

> On 12/14/2012 02:01 PM, Jethro R Binks wrote:
> > On Fri, 14 Dec 2012, Mike McCauley wrote:
> > 
> >> Improvements to PEAP support for Windows failing to work when PEAP fast 
> >> reconnect was enabled. EAP Extension TLV/Success is now exchanged over 
> >> TLS tunnel between the server and client before sending final 
> >> Access-Accept.
> > 
> > This is interesting; is there any more information about this fix and if 
> > the fault is something I would likely have experienced?
> 
> Before this change when the PEAP client did successful fast reconnect
> using TLS session resumption, Radiator returned final Accept-Accept
> immediately. The Windows native client did not like this and instead
> wanted to see the success inside TLS tunnel first. The symptom was PEAP
> succeeding first when full authentication was done with the client
> hanging during reauthentication when it tried to do fast reconnect.
> 
> The EAP clients in e.g., Android and Apple devices did not require the
> tunneled success, and they were able to do fast reauthentication even
> without this change.
> 
> If your Radiator configuration currently has fast reconnect disabled
> with 'EAPTLS_SessionResumption 0' you should be able to comment this out
> or switch from 0 to 1 to allow fast reconnect.

Thanks Heikki,

Are there any reasons why I might chose not to enable fast connect/session 
resumption?  Other broken clients etc?

Jethro.

.  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .
Jethro R Binks, Network Manager,
Information Services Directorate, University Of Strathclyde, Glasgow, UK

The University of Strathclyde is a charitable body, registered in
Scotland, number SC015263.