On 10/09/2019 18.15, [email protected] wrote:
<Handler TunnelledByPEAP=1,EAP-Message=/<REDACTED>/i>
I recommend changing this to just: <Handler TunnelledByPEAP=1>
Because PEAP can only carry EAP, the inner request is always built with
EAP-Message. Based on the log the redacted regexp did not match and it
fell back to the other Handler. While this allowed the final ack for EAP
26 to happen, it is not allowed any longer.
Thanks,
Heikki
--
Heikki Vatiainen <[email protected]>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, TACACS+, PAM, Active Directory,
EAP, TLS, TTLS, PEAP, WiMAX, RSA, Vasco, Yubikey, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, etc.
_______________________________________________
radiator mailing list
[email protected]
https://lists.open.com.au/mailman/listinfo/radiator
