Hi Alan, I would say, the answer ist 261 bytes: (1) Sent Access-Challenge Id 68 from 10.0.21.10:1812 to 10.6.21.10:54656 length 0 (1) EAP-Message = 0x01e803ec0dc0000012f5160303003d020000390303a1b6eb58bf2ce8ab3f12a20eacc792ded76b9714c15bebd6444f574e4752440100c030000011ff01000100000b000403000102001700001603030f7d0b000f79000f760008243082082030820608a0030201020215009613f3945007364d2b46c3df (1) Message-Authenticator = 0x00000000000000000000000000000000 (1) State = 0xfd8b5894fc6355beb76ffb2667a966eb (1) Finished request Or do I understand wrong? Thanks Luca -----Ursprüngliche Nachricht----- Von: Freeradius-Users <freeradius-users-bounces+l.bertoncello=queo-group.com@lists.freeradius.org> Im Auftrag von Alan DeKok Gesendet: Mittwoch, 13. April 2022 16:13 An: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Betreff: Re: Problem Radius over VPN On Apr 13, 2022, at 9:52 AM, Luca Bertoncello <L.Bertoncello@queo-group.com> wrote:
Hi Alan,
I started Freeradius with the -X Option. In the Access-Challenge Response sind nur:
- EAP-Message
Did you check that the EAP-Message attributes were about "fragment_size" in length?
- Message-Authentication - State
No other attributes...
Did you check that the Access-Challenge packet is less than 1500 bytes in length? This *IS* printed in the debug output. There is no magic here. If the packets are larger than 1500 bytes, then something is making them larger than 1500 bytes. Since you're not posting the debug output, there's little more we can do to help. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html