On Fri, Mar 20, 2015 at 11:10 PM, Arran Cudbard-Bell < a.cudbardb@freeradius.org> wrote:
On 20 Mar 2015, at 18:07, Stefano Zanmarchi <zanmarchi@gmail.com> wrote:
Hi, a newbie question before I start setting up Freeradius with EAP-TLS. Is it possible to configure Freeradius to make a double check when it receives an authentication request? I'd like it not only to check if the client certificate is valid but also if the user is in a DB "authorized_users" table. Thank you very much for your indications,
Yes. Various fields in the certs are exposed as attributes which you can perform additional checks on.
I'd say that you can combine the check for the certificate and then add an if check if the user has a specific DB key that authorizes him/her to enter the network. I hope I understood it correctly. Alex