Michael Brown <[EMAIL PROTECTED]> wrote: > Of course they do: whether they SUPPORT (act as a pass-through device for) these > auth schemes or not. > I KNOW they have nothing to do with the actual auth beside that fact, but you > can't use EAP-TLS or TTLS with just any old AP, now can you?
I don't see why not. RFC 2869 describes the way the AP handles the EAP <-> RADIUS conversation. It explicitely states that the system is designed so that the AP *never* has to look at the EAP packets. It just blindly copies them back & forth, until it sees a RADIUS Access-Reject, or Access-Accept. It then looks at the RADIUS attributes to determine what to do with the client. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
