rsg wrote:
What do you suggest that a RADIUS server do if it receives a "non-compliant" packet? Discard it? Reject it? ...
Yes, i came across a different vendor that Rejects requests without either of those mandatory attributes.
Throw that product in the garbage, and get a real RADIUS server.
FreeRADIUS enforces security requirements. Nearly all of the other "MUST" statements are meant as "this is good practice". They can therefore be ignored. And they often *need* to be ignored for inter-operability with horrible vendor equipment.
I understand your point here; however in my opinion some vendors don't seem to be that flexible even when it comes to such client side requirements.
Yes. Some vendors don't like shipping a product that works in the real world. Alan DeKok.