Hello, I am using v3.0.x branch and want to know is it possible to make proxy request to another freeradius/radius server after proxy radius server successfully handle request in eap module? In general I want to know is it possible to implement the next scheme: [user request eap-tls] | [freeradius proxy server] (check certificate; if certificate is good, read certificate values; proxy call home radius server, if not reject) | [freeradius home server] (home server set additional attributes like port speed) My simplified configuration looks like this server test_virtual_site { authorize { eap debug_all #:Need-Remote-Call - custom radius attribute added to dictionary file if (&reply:Need-Remote-Call = 'yes'){ update control { &Proxy-To-Realm := LOCAL } } } authenticate { eap } post_auth { debug_all } } and inner eap-tls virtual site looks like this server check-eap-tls { authorize { update config { &Auth-Type := Accept } } } In this configuration after check-eap-tls virtual site accept request, test_virtual_site jump to post-auth section, and debug_all and update control instructions are not executing. If I not set Auth-Type := Accept in check-eap-tls virtual site, eap module in debug log inform me what eap virtual site reject user certificate. And if I set Proxy-To-Realm attribute inside check-eap-tls virtual site proxy request to home server does not happen.