Yes please... Its in my todo list to make the server use the Framed- MTU attribute at some point... --Mike On Aug 10, 2006, at 12:21 PM, Michael Joosten wrote:
Hello,
while using EAPTLS via RADIUS for authentication of a PPP/L2TP/ IPSec VPN (Microsoft style), I discovered that the generated EAPTLS packets are a little bit to large. If you take Framed-MTU serious, most of the EAPTLS header is not accounted for. Result: PPP communication with max. possible IPSec MTU fails silently, because the EAPTLS packets (esp. those with long certificates) are silently discarded.
Patch attached. Should I also submit this to the bug database?
Regards, Michael Joosten
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/ devel.html