EAP and rlm_perl. Is it possible to build custom logic for VPN peers?

Oleksandr Yermolenko aae at sumix.com
Sun Sep 28 17:52:59 CEST 2014

>> Is it possible to use any of EAP methods (I mean EAP-PEAP,  EAP-TTLS or
>> EAP-TLS ...) with rlm_perl.
>    What does that mean?
can I use  authenticate, authorize, accounting hooks (or post_auth)?
I looked at example.pl.

Just put "perl" in somewhere eap.conf file?

>    You can run the perl module when the server receives a packet.  It
> doesn't matter whether the packet contains PAP, CHAP, MS-CHAP, or any
> EAP type.
>    What do you want to *do* in rlm_perl?  Knowing that probably more
> useful, and will get you a better answer.
authenticate a lot of VPN clients (currently I can choose EAP method),
keeping them in mysql or ldap. According their properties give a 
personal access to
different local resources. Accounting: updating start/stop/alive 
messages. POD if it's possible
for strongswan.
>    Alan DeKok.

More information about the Freeradius-Users mailing list