Hello freeradius community, I've got a general question regarding freeradius >= 0.8 and EAP/TLS. What I want to do in general is to perform an action (e.g. update a database) when an ACCESS-ACCEPT has been sent or directly prior to that. This should not be an issue with authentication methods other than EAP/TLS, but with EAP/TLS 4-5 ACCESS-REQUEST, ACCESS-CHALLENGE messages are exchanged (which carry EAP/TLS information) and I'd need to find out which of the 4-5 ACCESS-REQUEST received will result in an ACCESS-ACCEPT message sent out in return. I've tried out several things, e.g. using the Exec-Program-Wait attribute to call an external program and evaluate the environment variables to determine what will come next, but I've not been able to figure out the difference, which makes freeradius return an ACCEPT next. I've also extended the experimental perl-module and added a post-auth function which extracted the eap-messages into one long string for further evaluation, but without completely decoding and following the TLS exchange and looking for the TLS success-message (which might be an indicator) I've also not reached a better insight. Does someone have an idea what could be done here ? Thanks much Andreas b?r{ry'i0z(ǫf