Patch: eaptls packets too large, clash MTU

Michael Griego mgriego at
Thu Aug 10 19:45:16 CEST 2006

Yes please...  Its in my todo list to make the server use the Framed- 
MTU attribute at some point...


On Aug 10, 2006, at 12:21 PM, Michael Joosten wrote:

> Hello,
> while using EAPTLS via RADIUS for authentication of a PPP/L2TP/ 
> (Microsoft style), I discovered that the generated EAPTLS packets  
> are a little
> bit to large. If you take Framed-MTU serious, most of the EAPTLS  
> header is not
> accounted for. Result: PPP communication with max. possible IPSec  
> MTU fails
> silently, because the EAPTLS packets (esp. those with long  
> certificates) are
> silently discarded.
> Patch attached. Should I also submit this to the bug database?
> Regards, Michael Joosten
> -
> List info/subscribe/unsubscribe? See 
> devel.html

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6184 bytes
Desc: not available
URL: <>

More information about the Freeradius-Devel mailing list