Modifying EAP Messages

Alan DeKok aland at deployingradius.com
Mon Mar 16 22:19:36 CET 2009


Arran Cudbard-Bell wrote:
> Doesn't PEAPv0 allow you to insert arbitrary TLVs into the inner
> tunnel ? Isn't that how Microsoft do their NAC stuff ?

  Sort of.

> I was pondering over this the other day, thinking how hard it would be
> to decode the TLVs included by the windows default supplicant, and
> expose them as standard attributes...

  I have code somewhere from someone claiming to do this.  It's for a
*very* old version of the server, and it's not that good code.

  We'll see how it goes.

  Alan DeKok.



More information about the Freeradius-Users mailing list