EAP-TLS: restricting CA certificate use to a subset of identities

Edgar Fuß ef at math.uni-bonn.de
Mon Jun 28 13:55:21 CEST 2010

> You can configure 2 EAP modules
Ah, thanks. That looks a lot less insane than two RADIUS servers.

> and have requests for different domains be handled by different modules.
But how do I direct certain users to an instance of the eap module?
Inside the eap module, I have check_cert_cn, but I would need to check the User-Name attribute against a fixed pattern.
It's probably easy, but I'm no FreeRADIUS expert.

More information about the Freeradius-Users mailing list