Multiple EAP types
Alan DeKok
aland at nitros9.org
Wed May 24 16:00:06 CEST 2006
gARetH baBB <hick.freeradius at gink.org> wrote:
> "Once EAP-Identity response is received by the server, based on the
> default_eap_type, the server will send a new request (MD5-Challenge
> request incase of md5, TLS-START request incase of tls) to the supplicant.
> If the supplicant is rfc2284 compliant and doesnot support the EAP-Type
> sent by the server then it sends EAP-Acknowledge with the supported
> EAP-Type. If this EAP-Type is supported by the server then it will send
> the respective EAP-request."
>
> But I can't get it to work !
Blame the client.
> [default type of ttls, trying to authenticate with peap using
> wpa_supplicant]
...
> And that is that, the client claims authentication has failed.
The client *should* send an EAP-NAK, and request PEAP. I see this
when I use eapol_test, which is based on wpa_supplicant.
In any case, RADIUS is driven by the client. If the server sends a
packet and the client doesn't "respond", it means that the client has
decided to stop talking to the server.
Alan DeKok.
More information about the Freeradius-Users
mailing list