RE: IEEE 802.1X support with Host AP driver


From: Mody Sachin \(Princeton\) (ModyS_at_tce.com)
Date: 2002-09-25 19:46:23 UTC



Hi,
The problem is resovled. I changed the ATTR_FRAMED_MTU value in ieee802_1x.c file to 1500 from 2304. The radius server now fragments the packet according to this MTU size.

-Sachin

> -----Original Message-----
> From: Jouni Malinen [mailto:jkmaline_at_cc.hut.fi]
> Sent: Wednesday, September 25, 2002 11:16 AM
> To: hostap_at_lists.ssh.com
> Subject: Re: IEEE 802.1X support with Host AP driver
>
>
> On Tue, Sep 24, 2002 at 05:16:58PM -0500, Mody Sachin
> (Princeton) wrote:
>
> > Everytime I try the TLS or TTLS authentication I get an
> error message saying
> > Message too long on a ieee802.1x send.
> > Below are the debug messages for the problem, this is for
> the EAP-TLS case,
> > the problem with EAP-TTLS is also exactly the same: (Its very long)
>
> > Received 2369 bytes from authentication server
>
> > ieee802_1x_send: send: Message too long
>
>
> That's too long message IEEE 802.1X when using IEEE 802.11 between the
> Authenticator and the Supplicant. IEEE 802.1X does not support
> fragmentation in that part and the messages from authentication server
> will thus need to be smaller. I set the MTU of wlan0ap to more or less
> maximum value (2290) to allow over 1500 byte frames, but 2369 bytes is
> too much. If I remember correctly, EAP messages can be fragmented at
> higher level. In other words, I would recommend checking whether you
> could configure the authentication server to use smaller EAP packets
> (max. fragment size or something similar in the configuration).
>
>
> --
> Jouni Malinen PGP
> id EFC895FA
>



This archive was generated by hypermail 2.1.4.