No subject
Eric Nguyen
ericvunguyen at gmail.com
Sat Aug 6 00:05:36 UTC 2022
Hello,
Does Freeradius 3.2.0 fully support MACSEC/dot1x? The only information
I've found is that the following snippet in sites-available/default needs
to be uncommented. Are there any additional RADIUS AV pairs I need to
configure to make it work with Macsec/dot1x on Cisco devices?
# MacSEC requires the use of EAP-Key-Name. However, we don't
# want to send it for all EAP sessions. Therefore, the EAP
# modules put required data into the EAP-Session-Id attribute.
# This attribute is never put into a request or reply packet.
#
# Uncomment the next few lines to copy the required data into
# the EAP-Key-Name attribute
if (&reply:EAP-Session-Id) {
update reply {
EAP-Key-Name := &reply:EAP-Session-Id
}
}
Thanks a lot.
More information about the Freeradius-Users
mailing list