EAP TTLS woes
Alan DeKok
aland at deployingradius.com
Mon Oct 18 14:34:05 CEST 2021
On Oct 18, 2021, at 4:57 AM, Adrian Smith via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
>
> Just as a follow up to this......
>
> We were using a wifi config file to configure the devices and by using adb logcat we established that the realm being used did not match the DNS name of the server certificate. Some versions of Android are more sensitive to this than others.
The newer WBA standards mandate certificate checking. It was rather random / unimplemented before that.
Arran did some tests a while ago. We have a writeup here: https://networkradius.com/articles/2021/08/04/wifi-spoofing.html
It takes a *long* time to fix these issues.
Alan DeKok.
More information about the Freeradius-Users
mailing list