The defacto "industry standard" for returning 802.11i encryption keys to a Wireless AP is via those Microsoft VSAs.
Ridiculous, but that's the way it is.
Note: This would be another exception case if someone was building a RADIUS server or proxy that filtered attributes based on Vendor-Id.
Dave.
Feb 15, 2008 12:37:45 PM, [email protected] wrote:
According to [EMAIL PROTECTED]:
>
...And just as clearly, I missed that one - yep, thanks.
> > Thu Feb 14 08:41:05 2008 : Debug: rlm_eap_tls: add_reply failed to create attribute MS-MPPE-Recv-Key: Unknown attribute
> > "MS-MPPE-Recv-Key"
> > Thu Feb 14 08:41:05 2008 : Debug: rlm_eap_tls: add_reply failed to create attribute MS-MPPE-Send-Key: Unknown attribute
> > "MS-MPPE-Send-Key"
>
> this aint good. you've got to have these in your TTLS or things arent
> going to work. dictionary files all okay and present and loaded?
> you arent filtering attributes from my quick scan of the config...unless
> you've not copied that part.
I commented out the Micro$loth dictionary since I wasn't using anything
from Redmond in this setup. I will uncomment this and see what happens.
Thanks for all your help.
Regards,
web...
--
William Bulley Email: [EMAIL PROTECTED]
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
