20 Apr
2016
20 Apr
'16
9:21 a.m.
Hi,
The best way is to force a reject if any other authentication method is used. You can't really force one method, because the client can NAK any method you choose, and pick another one.
reject is fail....and client would just try again....and again.... what you want to do, its for a particular user, NAK that EAP type so the client DOES try another one... which means.....you need to use different inner-tunnels, with different available EAP types available in each, for each type/class of user.... alan