My use case is using EAP-TLS, and clients authenticating using X509 certificates.
I know that certificate authentication is bread and butter for Radius, but I have a more granular requirement.
The user certificates are setup according to different countries, and cities etc where the users are based, e.g. within the Subject field is an attribute C=GB or C=US etc.
I need to be able to allocate US users to one range of IP addresses, and UK users to another range of IP addresses - based solely on those attributes.
Is this possible? Can it be done in configuration, or would it require coding?
Many thanks
Janet