AAA, NAC, Guest Access & BYOD

Can the session resumption and fast reconnect be disabled in the ClearPass server for EAP methods?

Aruba Employee
Q:

Can the session resumption and fast reconnect be disabled in the ClearPass server for EAP methods?

 

 



A:
  • Session resumption will cache EAP-PEAP/TLS sessions and reuse when the client reconnects within the session timeout.
  • Fast reconnect will bypass the inner method within the authenticated outer tunnel and makes the process of re-authentication faster in EAP-PEAP when the session resumption is enabled.

 

Session resumption and Fast reconnect can be disabled in ClearPass. But please consider the help of these options for client re-authentication and make the decision.

In the Policy Manager GUI, navigate to Configuration >> Authentication >> Methods to disable session resumption in the EAP authentication methods as shown below.   

 

Note: ClearPass server will not allow you to modify the default [EAP PEAP], [EAP TLS], [EAP TTLS] and [EAP FAST]  methods.  So, make a copy of default EAP methods or create new EAP methods and commit the changes. The newly created EAP methods need to be mapped under the Service >> Authentication for use.

 

 

Version history
Revision #:
2 of 2
Last update:
‎01-06-2016 08:21 AM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.