server inner-tunnel {

authorize {
	suffix
	eap {
		ok = return
	}
	files
}

authenticate {
	eap
}

session {
	radutmp
}

post-auth {
	Post-Auth-Type REJECT {
		attr_filter.access_reject
	}
}

pre-proxy {
}

post-proxy {
	eap
}

} # inner-tunnel server block