EAP-TLS with check on DB possible?

Alex Zetaeffesse fzetafs at gmail.com
Sat Mar 21 11:24:05 CET 2015

On Fri, Mar 20, 2015 at 11:10 PM, Arran Cudbard-Bell <
a.cudbardb at freeradius.org> wrote:

> > On 20 Mar 2015, at 18:07, Stefano Zanmarchi <zanmarchi at gmail.com> wrote:
> >
> > Hi,
> > a newbie question before I start setting up Freeradius  with EAP-TLS.
> > Is it possible to configure Freeradius to make a double check when it
> > receives an authentication request?
> > I'd like it not only to check if  the client certificate is valid but
> also
> > if the user is in a DB "authorized_users" table.
> > Thank you very much for your indications,
> Yes. Various fields in the certs are exposed as attributes which you can
> perform additional checks on.

I'd say that you can combine the check for the certificate and then add an
if check if the user has a specific DB key that authorizes him/her to enter
the network. I hope I understood it correctly.


More information about the Freeradius-Users mailing list