In the process of 802.1x authentication transactions, such as EAP-PEAP, EAP-TLS, the ClearPass server includes the Radius server certificate in its communication with clients as per the protocol. However, because the certificate's size surpasses the interface MTU (Maximum Transmission Unit), it becomes necessary to fragment it into smaller segments, specifically using EAP-Fragments. The current need is to modify the size of these EAP-Fragments originating from ClearPass.

where to change the setting in clearpass?
Policy Manager>Administration>Server Manager>Server Configurations>Click on server>Service Parameter>Radius server:
EAP-TLS Fragment size :: default ist 1024 bytes

computer2know :: thank you for your visit :: have a nice day :: © 2024