RADIUS based station reauth request
Jouni Malinen
j
Sat May 5 07:15:10 PDT 2012
On Tue, May 01, 2012 at 01:19:19AM +0400, newuse at qip.ru wrote:
> Is it possible to setup hostapd so, that stations reauth period could be set to zero by RADIUS request?
What are you trying to do? Reauthentication period can be set with the
Session-Timeout attribute in the Access-Accept message when
Termination-Action attribute with value RADIUS-Request is also included.
However, it should be noted that zero value would mean that the station
would be in a constant loop of doing reauthentication.. If you are
trying to disable reauthentication, you can set the Session-Timeout
value to large enough number to avoid hitting it in practice.
> Is it possible to request station reauth by given MAC via special RADIUS-server request?
No. I'm not sure whether there really is a mechanism defined in RADIUS
for this type of operation. Change-of-Authorization message could
potentially be used to do something like this (e.g., change
Session-Timeout to a small value and then restore the longer value at
the completion of successful reauthentication). However, hostapd does
not yet support this mechanism.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list