help seeing more debugging EAP-TTLS handshake
nick.lowe at gmail.com
Thu Sep 24 18:30:32 CEST 2015
It supports everything I'm aware of from an TLS-based EAP client perspective.
It's more compatible than your string and prioritises PFS and GCM actually ;)
Your string nukes legacy clients that don't have AES support, like the
supplicant in Windows XP.
That's the RSA+3DES+SHA1 bit on the end...
It also complies to the RFC that prohibits RC4.
More information about the Freeradius-Users