EAP-TTLS/PAP tunneling issue

Alan DeKok aland at deployingradius.com
Wed Feb 13 11:20:38 CET 2008


Edwin van Zyl wrote:
> That worked. thx.
...
> Wed Feb 13 11:22:56 2008 : Debug:   rlm_eap_ttls: Session established. 
> Proceeding to decode tunneled attributes.
>   TTLS tunnel data in 0000: 01 0d 65 64 77 69 6e 76 61 6e 7a 79 6c 02 09 74
>   TTLS tunnel data in 0010: 65 73 74 69 6e 67 1e 0a 69 6e 74 65 72 6e 65 74

  The supplicant is sending data inside the TTLS tunnel packed as
*RADIUS* attributes.  That's wrong.  They attributes are supposed to be
packed in the *Diameter* AVP format.

  Whatever supplicant you're using is broken, and WILL NOT work with
*any* RADIUS server supporting TTLS.

  Alan DeKok.



More information about the Freeradius-Users mailing list