# What did you try to do?
I have two tokens per user: TOTP and SMS,
I’m trying to get user login via WebUI using SMS token and via FreeRadius using TOTP token, so user can manage their token when they lost TOTP Token. FreeRadius is installed on PI box so client IP always is: 127.0.0.1
I have two policies:
Policy1: scope: authenication; action: { “passthru”: “userstore”, “challenge_response”: “totp”, “otppin”: “userstore” }; client: [ “127.0.0.1” ]
Policy1: scope: authenication; action: { “passthru”: “userstore”, “challenge_response”: “sms”, “otppin”: “userstore” }; client: [ “!127.0.0.1” ]
# What outcome did you expect?
When user login via FreeRadius (client IP: 127.0.0.1) the challenge_request_token_list is only totp
When user login via WebUI from client IP != 127.0.0.1 the challenge_request_token_list is only sms
# What outcome did you experience?
When user login via FreeRadius (client IP: 127.0.0.1) the challenge_request_token_list is totp and sms
# Configuration
-
privacyIDEA Version: 2.20
-
Installation method:
virtualenv
Thank you.