wpa_supplicant and EAP-TLS

Jouni Malinen jkmaline at cc.hut.fi
Fri Aug 6 16:28:19 EDT 2004


On Fri, Aug 06, 2004 at 09:20:10AM -0500, Shane.Sondgeroth at indystar.com wrote:

> I have tested EAP-TLS and EAP-PEAP on Cisco ACS version Release 3.2(3)
> Build 11.  It seems to work good.  I would like to have the clients
> re-authenticate every 2 hours.  Currently, it seems to be re-authenticating
> every 30 or so minutes.  Is there a setting in the config file that I can
> adjust this setting?

Usually, this is configured in the RADIUS authentication server.
Authenticator (e.g., hostapd) is supposed to follow the Session-Timeout
attribute from Access-Accept. If the RADIUS server does not include this
attribute, you could change the authenticator to hardcode a timeout
(e.g., eap_reauth_period in hostapd.conf).

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the HostAP mailing list