EAP-TTLS/PAP tunneling issue
Alan DeKok
aland at deployingradius.com
Wed Feb 13 11:20:38 CET 2008
Edwin van Zyl wrote:
> That worked. thx.
...
> Wed Feb 13 11:22:56 2008 : Debug: rlm_eap_ttls: Session established.
> Proceeding to decode tunneled attributes.
> TTLS tunnel data in 0000: 01 0d 65 64 77 69 6e 76 61 6e 7a 79 6c 02 09 74
> TTLS tunnel data in 0010: 65 73 74 69 6e 67 1e 0a 69 6e 74 65 72 6e 65 74
The supplicant is sending data inside the TTLS tunnel packed as
*RADIUS* attributes. That's wrong. They attributes are supposed to be
packed in the *Diameter* AVP format.
Whatever supplicant you're using is broken, and WILL NOT work with
*any* RADIUS server supporting TTLS.
Alan DeKok.
More information about the Freeradius-Users
mailing list