Proxy PEAP to one Radius Server - EAP-TLS to another Radius Server
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Thu Aug 13 15:53:52 CEST 2015
> On Aug 13, 2015, at 9:28 AM, Matthew Newton <mcn4 at leicester.ac.uk> wrote:
>
> On Thu, Aug 13, 2015 at 02:18:19PM +0100, Phil Mayers wrote:
>>> if (EAP-Message =~ /^0x........0d/) {
>>
>> I wondered about that; what about the EAP-Identity packet?
>
> Hmm, good point, I forgot about that. Maybe it won't work that
> easily, then.
>
> I can think of another way of doing it, but it's not nice.
>
Is an Identity-Response definitely required to start PEAP/EAP-TLS sessions? Doesn't seem like there's a good reason for that limitation if so. Even if a RFC required it, there's still no good reason to enforce it that I can see?
-Arran
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150813/033591a2/attachment.sig>
More information about the Freeradius-Users
mailing list