Sergiy Genyuk via FreeIPA-users <freeipa-users(a)lists.fedorahosted.org>
writes:
Thank you for your reply, I do have ipv6 disabled and in capture do
not see failed attempts.
In capture it is only ipv4:
1 0.000000000 xx.xx.xx.xx -> yy.yy.yy.yy RADIUS 117 Access-Request(1) (id=214,
l=75)
2 7.889686902 yy.yy.yy.yy -> xx.xx.xx.xx RADIUS 90 Access-Accept(2) (id=214,
l=48)
If delay more then 5 seconds between request and reply you going to get request for
password again :-(
So you should find out why RADIUS is spending so much time. What RADIUS
server do you use? What's your user store, and what do you use for OTP?
I did use freeradius and privacyidea.
I did research setting longer timeouts, but that proved not really
useful.
Jochen
--
This space is intentionally left blank.