RadSec Keep-Alive mechanism not effective for all RadSec servers

fkm-gk
Here to help

RadSec Keep-Alive mechanism not effective for all RadSec servers

 

We have noticed that the RadSec Keep-Alive feature is currently implemented by triggering period empty TCP headers with ACK flag. While this is sufficient to keep TLS sessions open with most (intermediate) firewalls, some RadSec server implementations require application data (Status-Server) messages to be delivered for them to keep the session open (freeRADIUS, RADIUSaaS). Hence, the feature might be uneffective in some cases.

 

Based on this, is there a possibility for Meraki to making this feature more robust by sending Status Server messages?

 

------------------------------------------------------------------

Initially posted here: https://community.meraki.com/t5/API-Early-Access-Discussions/RadSec-Keep-Alive-mechanism-not-effecti...

0 Replies 0
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels