Help with advanced FreeRADIUS + MySQL setup using EAP-TLS
Ariel García Reyes
ariel100cfg at gmail.com
Fri Jul 4 11:05:34 UTC 2025
Hi everyone,
I'm working on a FreeRADIUS setup connected to MySQL, and I need help
configuring a stricter access validation process.
Currently, *EAP-TLS authentication is working* — if a user has a valid
certificate, they can connect successfully.
However, I want to ensure that *three specific conditions* are met before
granting access:
1.
✅ *The EAP-TLS certificate must be valid.*
2.
✅ *The user must exist in the database and be marked as active.*
3.
✅ *The device requesting access (by MAC address) must be registered and
associated with that user.*
A user may have multiple devices, but *all three conditions* must be
satisfied to allow access.
Could anyone guide me on how to implement this kind of validation in
FreeRADIUS using MySQL?
Thanks in advance for any help or examples you can share!
--
________________________________________________
Lic. Ariel García Reyes.
More information about the Freeradius-Users
mailing list