AAA, NAC, Guest Access & BYOD

 View Only
last person joined: one year ago 

Solutions for legacy and existing products and solutions, including Clearpass, CPPM, OnBoard, OnGuard, Guest, QuickConnect, AirGroup, and Introspect
Back to Library

Can the session resumption and fast reconnect be disabled in the ClearPass server for EAP methods? 

Jan 06, 2016 11:21 AM

Q:

Can the session resumption and fast reconnect be disabled in the ClearPass server for EAP methods?

 

 



A:
  • Session resumption will cache EAP-PEAP/TLS sessions and reuse when the client reconnects within the session timeout.
  • Fast reconnect will bypass the inner method within the authenticated outer tunnel and makes the process of re-authentication faster in EAP-PEAP when the session resumption is enabled.

 

Session resumption and Fast reconnect can be disabled in ClearPass. But please consider the help of these options for client re-authentication and make the decision.

In the Policy Manager GUI, navigate to Configuration >> Authentication >> Methods to disable session resumption in the EAP authentication methods as shown below.   

 

Note: ClearPass server will not allow you to modify the default [EAP PEAP], [EAP TLS], [EAP TTLS] and [EAP FAST]  methods.  So, make a copy of default EAP methods or create new EAP methods and commit the changes. The newly created EAP methods need to be mapped under the Service >> Authentication for use.

 

 

Statistics
0 Favorited
8 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.