From: Lars Viklund (lars.viklund_at_axis.com)
Date: 2002-09-03 06:52:15 UTC
> From: Jouni Malinen [mailto:jkmaline_at_cc.hut.fi]
> On Wed, Aug 28, 2002 at 02:35:28PM -0500, Aron Silverton wrote:
>
> > The first EAP Request packet from the authenticator/AP to
> the supplicant
> > is of size 1778. This packet size is correct. This
> exceeds the MTU
> > of an Ethernet interface, but not the maximum payload for
> an 802.11b
> > frame. I eventually figured to increase the MTU of my
> wlan0 interface
> > to 1800 and was able to get working.
>
> Yes, that can be a problem since EAPOL frames cannot be
> fragmented between Supplicant and Authenticator, but the
> packets between Authenticator and Authentication Server can
> be much longer. I did not run into this (probably due to
> certificate size being small enough).
Yes, but EAP-TLS provides support for fragmentation and the fragment size used by the authentication server may be configurable (at least it is in FreeRADIUS).