rsg wrote: >> What do you suggest that a RADIUS server do if it receives a >> "non-compliant" packet? Discard it? Reject it? ... > > Yes, i came across a different vendor that Rejects requests without > either of those mandatory attributes.
Throw that product in the garbage, and get a real RADIUS server. >> FreeRADIUS enforces security requirements. Nearly all of the other >> "MUST" statements are meant as "this is good practice". They can >> therefore be ignored. And they often *need* to be ignored for >> inter-operability with horrible vendor equipment. >> > I understand your point here; however in my opinion some vendors don't > seem to be that flexible even when it comes to such client side > requirements. Yes. Some vendors don't like shipping a product that works in the real world. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html