Sergio wrote:
why User-Name couldn't be found?
Because the access point isn't sending it.
If first match with users file was ok and found DNIe module, radius should begin tls handshake. Does wpa_supplicant sends identity only in the rist Access-Request? this sounds a little strange...
wpa_supplicant is permitted to behave that way.
Any "Sauron Eye" which can help me? Thanks
The EAP module remembers the User-Name from the first session, and uses it for later sessions. Unfortunately, you're checking for the User-Name *before* running the EAP module. This won't work. On top of that, the access point isn't sending the State attribute back in the later Access-Request. That is a violation of the RADIUS specifications. Take whatever access point you're using, and throw it in the garbage. It doesn't work. Then, buy one that works. Alan DeKok.