AW: AW: AW: Override EAP invalid result in authentication section

Wed Jun 5 16:23:19 CEST 2013


I need to send devices with expired or revoked certificates to a remediation vlan, but my reject vlan is for guest access. Both checks happen at the end of the EAP process where the switch expects a reject or accept packet. I need now to change the reject for the expired to a accept. Setting the vlan for the switch is no problem I do that already, I just need an accept. ;-)

I hope it's clear what I want/need. ;-)


-----Ursprüngliche Nachricht-----
Von: at [ at] Im Auftrag von Phil Mayers
Gesendet: Dienstag, 4. Juni 2013 11:37
An: freeradius-users at
Betreff: Re: AW: AW: Override EAP invalid result in authentication section

On 04/06/13 08:55, PENZ Robert wrote:
> Hi Phil!
> do you need something additional from me?

I'm not really sure what the question is.

You've setup FreeRADIUS to reject certain certificates, using the 
"verify" callout config option. If you don't want to reject those certs, 
change the callout to permit them, and instead return the "sandbox" VLAN.
List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list