Patch: eaptls packets too large, clash MTU
Michael Griego
mgriego at utdallas.edu
Thu Aug 10 19:45:16 CEST 2006
Yes please... Its in my todo list to make the server use the Framed-
MTU attribute at some point...
--Mike
On Aug 10, 2006, at 12:21 PM, Michael Joosten wrote:
> Hello,
>
> while using EAPTLS via RADIUS for authentication of a PPP/L2TP/
> IPSec VPN
> (Microsoft style), I discovered that the generated EAPTLS packets
> are a little
> bit to large. If you take Framed-MTU serious, most of the EAPTLS
> header is not
> accounted for. Result: PPP communication with max. possible IPSec
> MTU fails
> silently, because the EAPTLS packets (esp. those with long
> certificates) are
> silently discarded.
>
> Patch attached. Should I also submit this to the bug database?
>
> Regards, Michael Joosten
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/
> devel.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6184 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20060810/935154c5/attachment.bin>
More information about the Freeradius-Devel
mailing list