Session-Timeout is meant to place a time limit on the overall duration of a session, not to detect "lost" sessions caused by router reboots, failures etc.
I agree, but I didn't mean it is used for session check, I mentioned to check other attributes. What I use on my Radius server is radzap utility. When some NAS crash for any reason, try to run radzap on your Radius server, it should clean up unactive sessions. I actually never tested if this works for real, but it should
. What I used previously to cleanup unactive users was to stop Rarius, empty /var/log/radius/radutmp and /var/log/radius/radwtmp and start Radius again. I finally put this in /etc/init.d/radius in start section so it looks like:
echo -n $"Starting RADIUS server: "
daemon $RADIUSD -y
[ $RETVAL -eq 0 ] && touch $LOCKF &&
ln -s /var/run/radiusd/radiusd.pid /var/run/radiusd.pid 2>/dev/null
If something wrong happends, I just restart Radius and everything is fine after that. I know this is not the best solution, it is not automatic, it needs human intervention, but it works. Finally, NAS'es don't lose power or crash so often.