new eap method: eap-ikev2
sdfsdv sdfdsf
dr_ojboli at wp.pl
Sat Jan 14 20:49:16 CET 2006
Hello all,
We're currently working on new eap method for freeradius and
wpa_supplicant: eap-ikev2 (http://tools.ietf.org/wg/eap/draft-
tschofenig-eap-ikev2-07.txt). Method is able: mutual
uthentication (certificate or shared secret based), cryptographic
suit negotiation, fast rekeying (fast reconnect), channel binding
and so on.
We currently have some working implementation but without fast
rekeying, channel binding and some other minor things.
I would to ask You for some help. Some thing regarding freeradius
are unclear to us.
First, we can't find any kind of fast rekeying code in reeradius.
Is freeradius supporting anyhow such thing? Any other eap method
is using fast rekeying?
eap-ikev2 is using it's own id data to identify supplicant and
sever, it can be different than eap id. And we have a problem
with users authorization, in a situation when eap id is different
than internal ikev2 id, freeradius is giving access to user data
(gathered in users.conf) only for users described by an eap id.
Can eap method somehow access other users data?
I would appreciate any help.
Regards,
Rafal Mijal
----------------------------------------------------
Wybierz Książkę Roku, wygraj nagrody!
http://klik.wp.pl/?adr=http%3A%2F%2Fadv.reklama.wp.pl%2Fas%2Fksiazka_roku.html&sid=635
More information about the Freeradius-Devel
mailing list