Josh Howlett wrote:
That's certainly a feature of some Cisco WAPs.
If anyone knows of a supplicant that does anything *useful* with
EAP-Notification (like, you know, notify the user) then that would be
interesting to hear :-)
wpa_supplicant supports it; changelog says it was added back in May 2005
* display EAP Notification messages to user through control interface
with "CTRL-EVENT-EAP-NOTIFICATION" prefix
Whether the GUIs that sit on top of it take notice is another matter.
windows XP supplicant displays the Reply-Message attribute in one of
those annoying yellow popup bubbles, but only for straight CHAP ?!
Mac OSX logs the notifications in the system log... Though given that
90% of mac users probably don't know what a terminal window is... not
that much use !
It'd be interesting to see if there was any way to get hooks into the
eapol client, then you could transfer the EAP notifications over into
the growl Notification framework. Give you a neat mechanism to berate
your Mac users for AUP transgressions :)
---
Alan,
Any chance the rlm_eap failure codes/verbose error messages could be
made available as attributes in the request list ?
---
Thanks,
Arran
josh.
-----Original Message-----
From:
[EMAIL PROTECTED]
org
[mailto:[EMAIL PROTECTED]
eradius.org] On Behalf Of Arran Cudbard-Bell
Sent: 03 January 2008 12:50
To: FreeRadius users mailing list
Subject: EAP Notification
Hi,
Running a packet capture of an EAP TTLS session against FR
cvs head, noticed EAP Notifcation packets are being sent.
The type-data appears to match that of the Reply-Message. Is
this a feature of rlm_eap that I missed before, or is the NAS
being clever about it's interpretation of the Access-Accept
packet, and encapsulating the Reply-Message attribute in an
EAP-Request Notification packet ?
Either way it's pretty cool, and the message gets logged in
/var/log/system.log (On Mac OS X) which has the potential to
be useful for debugging...
Thanks,
Arran
--
Arran Cudbard-Bell ([EMAIL PROTECTED])
Authentication, Authorisation and Accounting Officer
Infrastructure Services | ENG1 E1-1-08 University Of Sussex, Brighton
EXT:01273 873900 | INT: 3900
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
JANET(UK) is a trading name of The JNT Association, a company limited
by guarantee which is registered in England under No. 2881024
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Science and Innovation Campus, Didcot, Oxfordshire. OX11 0SG
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Arran Cudbard-Bell ([EMAIL PROTECTED])
Authentication, Authorisation and Accounting Officer
Infrastructure Services | ENG1 E1-1-08
University Of Sussex, Brighton
EXT:01273 873900 | INT: 3900
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
