Dave Mason <[EMAIL PROTECTED]> wrote: > Good point, I'll back up a little. The EAP type I'm working on is > EAP-SIM, currently in draft state. After EAP/Response/Identity I send > EAP/Request/SIM/Start, and the client returns EAP/Response/SIM/Start. > My next step is to send EAP/Request/SIM/Challenge, but first I need to > get a configurable amount of authentication data from an HLR. That is, > rlm_eap_sim needs to know how much data to ask for.
OK.. > At first I thought I needed to allow the amount of data to be > configured per client realm (my first question earlier), but after > doing some more homework it's probably OK to configure it per node > (my second question). I'm still curious if it's possible to add new > config parameters to a client entry in clients.conf. It's always possible, but I would take care to ensure it's done only when necessary. The issue with putting module-specific configuration into the 'clients.conf' file is that conflicts may arise. e.g. Two EAP-SIM modules may be used at the same time... how do you tell them apart? It would probably be better to have the EAP-SIM module configuration take a list of IP/netmasks, and response sizes. That would keep the EAP-SIM configuration in one place, and easy to manage. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html