CentOS 6, штатный freeradius 2
users:
DEFAULT NAS-Port-Type == "Wireless-802.11", LDAP-Group != "wireless", Auth-Type := Reject
DEFAULT NAS-Port-Type == "Wireless-802.11", Auth-Type := eap
Session-Timeout := 180,
Acct-Interim-Interval := 90tcpdump (RAD - RADIUS сервер, NAS - точка доступа на hostapd):
NAS ==> RAD Code: Access-Request (1)
NAS <== RAD Code: Access-challenge (11)
NAS <== RAD AVP: l=6 t=Session-Timeout(27): 180
NAS <== RAD Session-Timeout: 180
NAS ==> RAD Code: Access-Request (1)
NAS <== RAD Code: Access-challenge (11)
NAS ==> RAD Code: Access-Request (1)
NAS <== RAD Code: Access-challenge (11)
NAS ==> RAD Code: Access-Request (1)
NAS <== RAD Code: Access-challenge (11)
NAS ==> RAD Code: Access-Request (1)
NAS <== RAD Code: Access-challenge (11)
NAS ==> RAD Code: Access-Request (1)
NAS <== RAD Code: Access-challenge (11)
NAS ==> RAD Code: Access-Request (1)
NAS <== RAD Code: Access-challenge (11)
NAS ==> RAD Code: Access-Request (1)
NAS <== RAD Code: Access-challenge (11)
NAS ==> RAD Code: Access-Request (1)
NAS <== RAD Code: Access-challenge (11)
NAS ==> RAD Code: Access-Request (1)
NAS <== RAD Code: Access-Accept (2)Т.е. Session-Timeout попал только в самый первый Access-Challenge, затем NAS и сервер обмениваются EAP, после чего NAS получает Access-Accept, но без Session-Timeout. Из-за этого подключившегося не скидывает через 3 минуты после подключения. Как запихнуть Session-Timeout в Access-Accept?
