Hi everyone, I'm working on a FreeRADIUS setup connected to MySQL, and I need help configuring a stricter access validation process. Currently, *EAP-TLS authentication is working* — if a user has a valid certificate, they can connect successfully. However, I want to ensure that *three specific conditions* are met before granting access: 1. ✅ *The EAP-TLS certificate must be valid.* 2. ✅ *The user must exist in the database and be marked as active.* 3. ✅ *The device requesting access (by MAC address) must be registered and associated with that user.* A user may have multiple devices, but *all three conditions* must be satisfied to allow access. Could anyone guide me on how to implement this kind of validation in FreeRADIUS using MySQL? Thanks in advance for any help or examples you can share! -- ________________________________________________ Lic. Ariel García Reyes.