>>>>> "Alan" == Alan Buxey <[log in to unmask]> writes:
Alan> The server uses DEFAULT in its standard eap config used in
Alan> the inner-tunnel. But the server has to deal with end
Alan> clients...including older windows, mac, ios clients etc and
Alan> therefore needs to be a little more flexible. The abfab stuff
Alan> is server to server and thus we control the environment more
Alan> and can therefore ensure the security posture is at a
Alan> particular level
The same argument can be made for the server's default RADSEC.
I'm not talking about the EAP config.