> On 14 Dec 2017, at 8.30, Peter Mogensen <a...@one.com> wrote: > However... since the proxy use "nopassword", ALL passdb lookups result > in "success", so the proxy will never report an authentication failure > to the authpolicy server.
Why not authenticate the sessions at the proxy level already? Is there any reason not to do that? Sami