EAP-TLS with check on DB possible?

Arran Cudbard-Bell a.cudbardb at freeradius.org
Fri Mar 20 23:10:08 CET 2015

> On 20 Mar 2015, at 18:07, Stefano Zanmarchi <zanmarchi at gmail.com> wrote:
> Hi,
> a newbie question before I start setting up Freeradius  with EAP-TLS.
> Is it possible to configure Freeradius to make a double check when it
> receives an authentication request?
> I'd like it not only to check if  the client certificate is valid but also
> if the user is in a DB "authorized_users" table.
> Thank you very much for your indications,

Yes. Various fields in the certs are exposed as attributes which you can
perform additional checks on.

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS development team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 872 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150320/6941d251/attachment-0001.sig>

More information about the Freeradius-Users mailing list