EAP-TTLS sessions and 'anonymous' Access-Request
Alan DeKok
aland at deployingradius.com
Mon Sep 5 23:33:04 CEST 2016
On Sep 5, 2016, at 4:13 PM, Bogdan Rudas via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
> When I test eap_ttls setup, for single connection attempt I see at least 6
> "Access-Request" with 'anonymous' user name
That's how EAP-TLS works.
> and some of them have log messages like this:
>
>
> *(1) eap_ttls: TLS_accept: unknown state(1) eap_ttls: TLS_accept: Need to
> read more data: unknown state*
> Is it encapsulation of stateful TLS session into stateless UDP-based
> protocol or something goes wrong with my setup?
The protocols are:
Ethernet
IP
UDP
RADIUS
EAP
EAP-TLS
TLS
It's a bit of a miracle that it works.
Note there's no TCP. So everything is over UDP.
Alan DeKok.
More information about the Freeradius-Users
mailing list