My client is using EAP-TLS Fragment as 1486, i configured the Authorization profile to push accept with RADIUS Attribute Framed-MTU = 1002 but the client is not using that obviously with EAP TLS communication to fragment the large packet. Wireshark showing that ISE is pushing that 1002 MTU with the Access-Accept packet that’s mean all the EAP-TLS is using the default client 1486 MTU, so how can I configure ISE to force the client to use that MTU when they doing the EAP-TLS authentication?
reference: https://community.cisco.com/t5/network-access-control/radius-framed-mtu-attribute/m-p/3542070
