Maybe I missing something , but I am using EAP-TLS with client certificate authentication and not PEAP or EAP-TTLS. Inside inner-tunnel comments it does not say anything about EAP-TLS This is a virtual server that handles *only* inner tunnel # requests for EAP-TTLS and PEAP types. Can this inner-tunnel handle EAP-TLS as well? Thanks! Garber, Neal wrote:
I moved sql module call from "authorize" to "post-auth"
What if you leave sql in authorize of the default virtual server, but wrap it with unlang that only calls it if you're not doing EAP. Then, always call it in the inner-tunnel virtual server's authorize section. The inner-tunnel authorize is after the TLS tunnel is formed so it seems that this would eliminate the redundant database calls that occur in the default virtual server while the tunnel is being setup.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- View this message in context: http://www.nabble.com/EAP-TLS-performance-SQL-backend-bottleneck-tp25386668p... Sent from the FreeRadius - User mailing list archive at Nabble.com.