I'm trying to connect ESP32 to a WPA2 EAP-TLS Networks, I use the example from the ESP-IDF (V5.0) wifi_enterprise.
The chip connect well on Freeradius just a warning during the handshake about the TLS Fragment size:
But with windows Radius server it seems that unfragmented TLS packets need to include total length in the packet otherwise the server interpret this packet as a rejection from the peer.
I have found that there is a config in eap_peer_config.phase1 to add the packet length even if the packet is not fragmented (include_tls_length=1) (in components/wpa_supplicant/src/eap_peer/eap_tls_common.c:213)
Code: Select all
if (config->phase1 &&
os_strstr(config->phase1, "include_tls_length=1")) {
wpa_printf(MSG_INFO, "TLS: Include TLS Message Length in "
"unfragmented packets");
data->include_tls_length = 1;
}
Regards,