On Wed, 2007-08-22 at 19:29 +0200, Turbo Fredriksson wrote: > I'm working on fine tuning my radiusd.conf file, and found that > I get 13 authorize request to the LDAP server for one XXX (client, > request, logon?!).
You can reduce this somewhat by doing this: authorize { preprocess eap files Autz-Type INNER { ldap } } ...then in /etc/raddb/users: DEFAULT FreeRadius-Proxied-To == 127.0.0.1, Autz-Type := "INNER" ...which will only run the LDAP auth for the EAP inner request. You'll still see two queries though for PEAP/MSCHAP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html