Access-Request / Mandatory Attributes
Alan DeKok
aland at deployingradius.com
Thu Dec 24 11:19:48 CET 2009
rsg wrote:
>> What do you suggest that a RADIUS server do if it receives a
>> "non-compliant" packet? Discard it? Reject it? ...
>
> Yes, i came across a different vendor that Rejects requests without
> either of those mandatory attributes.
Throw that product in the garbage, and get a real RADIUS server.
>> FreeRADIUS enforces security requirements. Nearly all of the other
>> "MUST" statements are meant as "this is good practice". They can
>> therefore be ignored. And they often *need* to be ignored for
>> inter-operability with horrible vendor equipment.
>>
> I understand your point here; however in my opinion some vendors don't
> seem to be that flexible even when it comes to such client side
> requirements.
Yes. Some vendors don't like shipping a product that works in the
real world.
Alan DeKok.
More information about the Freeradius-Users
mailing list