[strongSwan] EAP-SIM fast reauth counter

Martin Willi martin at strongswan.org
Wed Sep 8 09:59:34 CEST 2010


Hi Justin,

> Would any one happen to know if i can configure a limit to the EAP-SIM
> fast reauth counter before StrongSwan switches back to full
> authentication?

SIM reauth is controlled by the backend that stores the reauth data. Our
in-memory demo plugin (eap-simaka-reauth) has no limit, and it also has
no config option to add one.

But it should be trivial to implement a limit, just return NULL in [1]
if the counter reaches your limit.

Regards
Martin

[1]http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.c;h=f962b2d847676db966f61b4966f9d4de38f59945;hb=HEAD#l112






More information about the Users mailing list