Catherine Grenet <[EMAIL PROTECTED]> wrote: > I am trying to establish an EAP-TTLS session between a freeradius server > (freeradius-snapshot-20040407) and a Win2K client. > The problem seems to be that, as the first EAP packet > (response/identity) received by the server contains no user identity, > the request is rejected (see log below)
Ok... > Is this the way it is supposed to work ? I mean, should the client > really supply a user identity in this packet ? Generally, yes. It's permitted by the standards to *not* send an identity, but it's generally not done. I'm a little surprised that the Windows client isn't sending a username. You should probably configure it to send a username outside of the tunnel. Also, since Win2K doesn't come with an EAP-TTLS client, could you say *which* client you're using? Knowing that might help. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
