Hi Marwane, > Does it mean that strongswan's EAP TTLS plugin is only compatible with > radius attributes ?
RFC 5281 (EAP-TTLSv0 [1]) only describes the encapsulation of EAP messages in 'EAP-Message' RADIUS AVPs. Actually, the list of allowed AVPs is very specific (see section 13). The 'EAP-Payload' Diameter AVP defined in RFC 4072 (released three years earlier [2]) is not mentioned at all. And the registry for allowed AVPs was never extended later either [3]. So it seems what the Cisco ePDG is doing is not RFC compliant. Regards, Tobias [1] https://tools.ietf.org/html/rfc5281 [2] https://tools.ietf.org/html/rfc4072 [3] http://www.iana.org/assignments/eap-numbers/eap-numbers.xhtml#eap-numbers-10 _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
