diff --git a/lib/Auth/Process/PrivacyideaAuthProc.php b/lib/Auth/Process/PrivacyideaAuthProc.php
index 649e2e76581fb11700d602d604ab1082ed90b8e2..7e0da3868094826fc0d4682cf37a5f092044f40e 100644
--- a/lib/Auth/Process/PrivacyideaAuthProc.php
+++ b/lib/Auth/Process/PrivacyideaAuthProc.php
@@ -52,10 +52,16 @@ class sspmod_privacyidea_Auth_Process_PrivacyideaAuthProc extends SimpleSAML_Aut
         // It can be used to configure that a user does not need to provide a second factor when logging in from the local network.
         if (!empty($this->authProcConfig['excludeClientIPs']))
         {
-            $state['privacyIDEA']['enabled'][0] = $this->matchIP(sspmod_privacyidea_Auth_Utils::getClientIP(), $this->authProcConfig['excludeClientIPs']);
+            $ip = sspmod_privacyidea_Auth_Utils::getClientIP();
+            if ($this->matchIP($ip, $this->authProcConfig['excludeClientIPs']))
+            {
+                SimpleSAML_Logger::debug("privacyIDEA: privacyIDEA is disabled because ip " . $ip . " is excluded.");
+                SimpleSAML_Auth_ProcessingChain::resumeProcessing($state);
+            }
         }
 
         // If set to "true" in config, selectively disable the privacyIDEA authentication using the entityID and/or SAML attributes.
+        // The skipping will be done in self::isPrivacyIDEADisabled
         if (!empty($this->authProcConfig['checkEntityID']) && $this->authProcConfig['checkEntityID'] === 'true')
         {
             $stateId = SimpleSAML_Auth_State::saveState($state, 'privacyidea:privacyidea');
@@ -64,11 +70,10 @@ class sspmod_privacyidea_Auth_Process_PrivacyideaAuthProc extends SimpleSAML_Aut
         }
 
         // Check if privacyIDEA is disabled by configuration setting
-        if (sspmod_privacyidea_Auth_Utils::isPrivacyIDEADisabled($state, $this->authProcConfig))
+        if (self::isPrivacyIDEADisabled($state, $this->authProcConfig))
         {
             SimpleSAML_Logger::debug("privacyIDEA: privacyIDEA is disabled by a filter");
             SimpleSAML_Auth_ProcessingChain::resumeProcessing($state);
-            return;
         }
 
         // SSO check if authentication should be skipped
@@ -131,7 +136,7 @@ class sspmod_privacyidea_Auth_Process_PrivacyideaAuthProc extends SimpleSAML_Aut
             {
                 SimpleSAML_Auth_ProcessingChain::resumeProcessing($state);
             }
-            else if (!empty($response->multiChallenge))
+            elseif (!empty($response->multiChallenge))
             {
                 $stateId = sspmod_privacyidea_Auth_Utils::processPIResponse($stateId, $response);
             }
@@ -333,12 +338,28 @@ class sspmod_privacyidea_Auth_Process_PrivacyideaAuthProc extends SimpleSAML_Aut
 
             if (preg_match($reg, $str))
             {
-                array_push($retArr, $reg);
+                $retArr[] = $reg;
             }
         }
         return $retArr;
     }
 
+    /**
+     * Check if PrivacyIDEA was disabled by a filter.
+     * @param array $state The global state of simpleSAMLphp.
+     * @param array $config The config for the PrivacyIDEA server.
+     * @return boolean Whether PrivacyIDEA is disabled.
+     */
+    public static function isPrivacyIDEADisabled(array $state, array $config)
+    {
+        if (isset($config['enabledPath']) && isset($config['enabledKey']))
+        {
+            return isset($state[$config['enabledPath']][$config['enabledKey']][0])
+                && !$state[$config['enabledPath']][$config['enabledKey']][0];
+        }
+        return false;
+    }
+
     /**
      * This function allows to show the debug messages from privacyIDEA server
      * @param $message
diff --git a/lib/Auth/Utils.php b/lib/Auth/Utils.php
index 40b07cd7be7497d82ade8ff57c94b350ce875aac..8f058fe5ad38bba3d3762a2ef08fdcd515de5ebb 100644
--- a/lib/Auth/Utils.php
+++ b/lib/Auth/Utils.php
@@ -396,23 +396,4 @@ class sspmod_privacyidea_Auth_Utils
         }
         return $config;
     }
-
-    /**
-     * Check if PrivacyIDEA was disabled by a filter.
-     * @param array $state The global state of simpleSAMLphp.
-     * @param array $config The config for the PrivacyIDEA server.
-     * @return boolean Whether PrivacyIDEA is disabled.
-     */
-    public static function isPrivacyIDEADisabled(array $state, array $config)
-    {
-        if (isset($config['enabledPath']) || isset($state['enabledPath']))
-        {
-            if (isset($config['enabledKey'])
-                && ($config['enabledKey'] === false || $state['enabledKey'] === false))
-            {
-                return true;
-            }
-        }
-        return false;
-    }
 }