Hello, As said on the other thread, I’m trying to use RadSec to provide EAP-TLS authentication for remote site. I’m mainly a NPS user during last years, it’s been a while since I haven’t used Freeradius. I’m a little bit lost in the set of configuration to do here, especially since some parts seems redundant between RadSec and EAP-TLS. Especially, I will have different intermediate certificates authority to authenticate access points on one side and wireless client on the other. Also, the configuration for EAP-TLS will need to be PKI based only (authenticate and authorize if certificate based authentication works and if the certificate is not revoked). No per-user authorization expected, and the FreeRadius server is expected to not know the list of valid users, solely relying on PKI for that. So if someone can lead me to a clean article about the use of RadSec + EAP-TLS in FreeRadius, or if someone can take the time to explain it to me, I’m really interested. Thanks a lot