Hi Alan,
err, no. you need to handle those fragmented packets. where is it failing, on your network or more
remotely?
EAP-TLS places much larger demands on the packet sizes during AAA process....several hundred
bytes more than PEAP (which JUST ABOUT misses fragmentation in its current form from recent
memory)
you've GOT to pass the certs....and if you're using a larger cert (chained etc) those packets
will be big.
so....whos breaking the RFCs with respect to ICMP and pmtu? ;-)
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html