James Xie wrote: > Hi, Can I say both of you premise that NAS(radius client) must set > User-Name value to eap-id? I see in FreeRadius that the username to
i can't speak for Lars, but i would say yes, that's what is dictated by the standard. the ap must set the User-Name to eap-id since it is the first instance to create a Radius packet. all packets before are NOT radius. > used authorize is set to User-Name attibute value. If User-Name value > is null then eap-id is set to it. Now if NAS sends a packet to > FreeRadius whose User-Name attibute is not same as eap-id, then there > will be a logic bug. So I beleive that it make sense to let rlm_eap > module to check consistency between User-Name and eap-id. i believe it, too. i just have some doubts in the situation mentioned in my previous mail. i could be wrong, though :) but you still should prove it. ciao artur -- Artur Hecker Groupe Acc��s et Mobilit�� hecker[at]enst[dot]fr D��partement Informatique et R��seaux +33 1 45 81 7507 46, rue Barrault 75634 Paris cedex 13 http://www.infres.enst.fr ENST Paris - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
