Hello, FreeRADIUS version: 2.1.10 OS: Alpine Linux Trying to reject eap-types other than ttls in the authorize section of the site config. Have been assuming that EAP-Type is set when the eap module is called (based off comment in the default site config). What I am finding is that the EAP-Type is set to "" at this point (see my default site config below). 1. Is there something obvious I am missing here? 2. Is there a better location to do this check in the site config? 3. Is there another way to achieve my goal? My configuration:
From default site config authorize section:
# It also sets the EAP-Type attribute in the request # attribute list to the EAP type from the packet. eap { ok = return } #Reject ttls. Assuming that EAP-Type has been set based off above comment if ("%{EAP-Type}" != 'EAP-TTLS') { Reject } Thanks, Joshua