Ok, starting to sort this out. 1. This doesn't look like something for -devel. Please consider starting a new thread in -user with a brief write-up of the problem. But see below. 2. Stop asking for action (especially here, but nonetheless in -user). This will discourage people from answering you. 3. I more or less duplicated your setup from <44EB5C4F.2040504@crema.unimi.it>and tested it here with freeradius-1.1.2, hostapd-0.5.3, wpa_supplicant-0.5.4. It worked as you wish and should be expected. 4. It even worked with the hard Auth-Type setting in users file (changed to local environment) despite that being unnecessary and insofar wrong. Please see http://deployingradius.com/documents/configuration/auth_type.html. I cannot understand french, but at least in this respect http://www.alphacore.net/spip/article.php3?id_article=33 seems to err. 5. The error message: rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0) In SSL Handshake Phase is something from openssl not to bother about (search the archive). I do even get it at this point in negotiation: (other): SSL negotiation finished successfully rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0) SSL Connection Established eaptls_process returned 13 6. The radius.log you attached earlier didn't show any incoming EAP-Responses to the Challenges freeradius sent out. The snippets you keep posting since then show a part of the debug log, which doesn't exhibit a fault compared to what I'm getting here. If the cut off parts show the same as in the attached file, the same problem exists: your client isn't responding properly. Otherwise you should stop leaving us guessing around and post the full output. regards K. Hoercher