Hostapd didn't ACK fragmented EAP-TLS frame

Olivier Cochard-Labbé olivier at cochard.me
Wed Jan 21 15:04:17 EST 2015


On Wed, Jan 21, 2015 at 4:15 PM, Jouni Malinen <j at w1.fi> wrote:

>
> Please note that this EAP message is quite long (1492 octets) and the
> resulting RADIUS message will exceed 1500 octets which may be the MTU
> used on the connection with the RADIUS server. If that is the case,
> there better be functional UDP fragmentation between the AP and RADIUS
> server or that message may not get through.
>

Wow... I'm working on this problem since 3 days and didn't reach to

understand where exactly were the problem (log file in debug mode are quiet
complex to read).
And you found the root cause in few minutes: It was a too big fragmented
packet trying to cross an openvpn tunnel the source of this problem.

You have my respect.

Olivier
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.shmoo.com/pipermail/hostap/attachments/20150121/83704597/attachment.htm>


More information about the HostAP mailing list