Hi all, My Freeradius 3.0.10 setup currently accepts eap-mschapv2 requests by cheking credentials against LM/NT password checksums obtained from a LDAP. The only freeradius client is an IPSec server which forwards EAP protocol to the radius (strongswan 5.2.1 with eap-radius method) The LDAP module is configured to let the user connect when the diallupAccess is set to true. But it let any users connect to any network my VPN server is offering access to. What is the best method to filter users depending on which NAS-Port-Id they are using ? It will allow me to authorize several users to access any networks they need to access without puting any network configuration in the LDAP. Many thanks in advance for any help to improve this point of config. François Lacombe @InfosReseaux