dot1x, MAB and EAP-TLS/PEAP with Freeradius
Vieri Di Paola
vieridipaola at gmail.com
Fri Sep 9 22:48:39 UTC 2022
On Thu, Sep 8, 2022 at 3:15 PM Matthew Newton <mcn at freeradius.org> wrote:
>
> You can enable "with_cisco_vsa_hack" in the preprocess module and add a
> new local attribute "method" in /etc/raddb/dictionary. Then the
> preprocess module will convert the fake Cisco AVpair attribute into a
> real one. Makes things easier.
Thanks for that.
> Other usual checks for MAB are that there is no EAP-Message attribute,
> User-Name and User-Password are identical, and both are a MAC address
> format.
True.
Thanks for pointing that out.
It seems to be working fine now in my scenario.
Thanks to all,
Vieri
More information about the Freeradius-Users
mailing list