EAP bypass
Stefan Winter
stefan.winter at restena.lu
Mon Oct 20 10:58:20 CEST 2008
Hi,
> If this is a wired port then just force an Access-Accept, yes it breaks
> the RFC but if your NAS doesn't inspect the contents of the EAP-Message
> then it'll work.
>
Well... a sane supplicant, be it on a wireless or wired port, will
maintain its EAP state machine, and will alert the user if the state
machine was violated, right? So if the NAS gets and sends on a
EAPoL-Success out of order, client gear will yell. Or did I get you wrong?
Stefan
>> In any case, the solution is much more complicated than just changing
>> the FreeRADIUS configuration (which won't do anything)
>>
>>
> Thanks,
> Arran
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
--
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg
Tel: +352 424409 1
Fax: +352 422473
More information about the Freeradius-Users
mailing list