gARetH baBB <hick.freeradius@gink.org> wrote:
"Once EAP-Identity response is received by the server, based on the default_eap_type, the server will send a new request (MD5-Challenge request incase of md5, TLS-START request incase of tls) to the supplicant. If the supplicant is rfc2284 compliant and doesnot support the EAP-Type sent by the server then it sends EAP-Acknowledge with the supported EAP-Type. If this EAP-Type is supported by the server then it will send the respective EAP-request."
But I can't get it to work !
Blame the client.
[default type of ttls, trying to authenticate with peap using wpa_supplicant] ... And that is that, the client claims authentication has failed.
The client *should* send an EAP-NAK, and request PEAP. I see this when I use eapol_test, which is based on wpa_supplicant. In any case, RADIUS is driven by the client. If the server sends a packet and the client doesn't "respond", it means that the client has decided to stop talking to the server. Alan DeKok.