TCPDump, able to see tunneled credentials?
Connor Herring
connorrjherring at gmail.com
Fri Sep 13 08:14:06 UTC 2024
Hi All,
I'm a bit confused here. I've got EAP-TTLS/PAP set up. To ensure that
everything was setup correctly, I have run a PCAP from the supplicant to
see if I could see any auth details being sent (I couldn't), I have also
run a PCAP from an AP in sniffer mode (also couldn't see anything, only
probes and broadcasts), however, I ran a TCPDump on the RADIUS server
itself and while I couldn't see the password that was being sent, I could
see the tunnelled username and VLAN attributes in the Access-Accept.
My question is, is this expected? Want to ensure this isn't just a
misconfiguration.
Kind regards,
Connor
More information about the Freeradius-Users
mailing list