diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c
index 1c9ee7baf..3e4aa0f82 100644
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
@@ -776,6 +776,7 @@ void ieee802_1x_receive(struct hostapd_data *hapd, const u8 *sa, const u8 *buf,
 		}
 		sta->eapol_sm->eapolStart = TRUE;
 		sta->eapol_sm->dot1xAuthEapolStartFramesRx++;
+		eap_server_clear_identity(sta->eapol_sm->eap);
 		wpa_auth_sm_event(sta->wpa_sm, WPA_REAUTH_EAPOL);
 		break;
 
@@ -788,6 +789,7 @@ void ieee802_1x_receive(struct hostapd_data *hapd, const u8 *sa, const u8 *buf,
 		accounting_sta_stop(hapd, sta);
 		sta->eapol_sm->eapolLogoff = TRUE;
 		sta->eapol_sm->dot1xAuthEapolLogoffFramesRx++;
+		eap_server_clear_identity(sta->eapol_sm->eap);
 		break;
 
 	case IEEE802_1X_TYPE_EAPOL_KEY:
diff --git a/src/eap_server/eap.h b/src/eap_server/eap.h
index 0c0992350..6b2907519 100644
--- a/src/eap_server/eap.h
+++ b/src/eap_server/eap.h
@@ -123,5 +123,6 @@ void eap_sm_pending_cb(struct eap_sm *sm);
 int eap_sm_method_pending(struct eap_sm *sm);
 const u8 * eap_get_identity(struct eap_sm *sm, size_t *len);
 struct eap_eapol_interface * eap_get_interface(struct eap_sm *sm);
+void eap_server_clear_identity(struct eap_sm *sm);
 
 #endif /* EAP_H */
diff --git a/src/eap_server/eap_server.c b/src/eap_server/eap_server.c
index 6dae69b90..41416b1de 100644
--- a/src/eap_server/eap_server.c
+++ b/src/eap_server/eap_server.c
@@ -146,13 +146,6 @@ SM_STATE(EAP, INITIALIZE)
 	sm->eap_if.eapKeyAvailable = FALSE;
 	sm->eap_if.eapRestart = FALSE;
 
-	/*
-	 * Start reauthentication with identity request even if we know the
-	 * previously used identity. This is needed to get reauthentication
-	 * started properly.
-	 */
-	sm->start_reauth = TRUE;
-
 	/*
 	 * This is not defined in RFC 4137, but method state needs to be
 	 * reseted here so that it does not remain in success state when
@@ -1374,3 +1367,18 @@ struct eap_eapol_interface * eap_get_interface(struct eap_sm *sm)
 {
 	return &sm->eap_if;
 }
+
+
+/**
+ * eap_server_clear_identity - Clear EAP identity information
+ * @sm: Pointer to EAP state machine allocated with eap_server_sm_init()
+ *
+ * This function can be used to clear the EAP identity information in the EAP
+ * server context. This allows the EAP/Identity method to be used again after
+ * EAPOL-Start or EAPOL-Logoff.
+ */
+void eap_server_clear_identity(struct eap_sm *sm)
+{
+	os_free(sm->identity);
+	sm->identity = NULL;
+}