On Wed, Apr 12, 2017 at 02:00:40PM +0000, LUCA wrote:
You've already done that by limiting the EAP methods on the server. If the device can't connect now then it's device configuration as you said.
Yes, now the device can't connect because it does try to use one method no longer configured on the server.
Right. Configure the device.
But there is no way, during the negotiation process, to make the server tell the client to use one specific EAP method?
I'm really not sure how many times we have to say that the choice of EAP method is up to the device, not FreeRADIUS. There is no amount of poking or prodding FreeRADIUS that will fix this.
Yes, definitely not manually configured devices. I'm trying to leave the configuration tool as last option. As I already said it would be impractical. Without mentioning the massive disservice this will bring in the first few weeks.
It sounds like you don't like the answer you're getting. Sorry. If you invent a better way I'm sure everyone else will be quite happy to know. Until then, you have two options 1. configure FreeRADIUS to use the type of auth that the devices want to use; 2. reconfigure the devices. Matthew -- Matthew Newton, Ph.D. <mcn4@leicester.ac.uk> Systems Specialist, Infrastructure Services, I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom For IT help contact helpdesk extn. 2253, <ithelp@le.ac.uk>