Hi, I want know if is it possible to create some rules on Freeradius for make a 'double' authentification. In my case, I want authorize acces network only if Machine AND user auth are Ok, actually my machine auth fail but my user succed and he can acces to network. I search but i dont find tutorial for implement this restriction access, so if u have some tutorials or other link for help :D And now, this is my error on Machine AUTH: I have freeradius-server 3.0.11 LDAP openldap-2.4.31 and Ubuntu Ubuntu 14.04.5 LTS When I start my Client Windows7, I have this error: eap_mschapv2: Auth-Type MS-CHAP { Fri Aug 5 10:41:57 2016 : Debug: (38) eap_mschapv2: modsingle[authenticate]: calling mschap (rlm_mschap) for request 38 Fri Aug 5 10:41:57 2016 : Debug: (38) mschap: Found NT-Password Fri Aug 5 10:41:57 2016 : Debug: (38) mschap: Creating challenge hash with username: host/TESTPC-THOMAS Fri Aug 5 10:41:57 2016 : Debug: (38) mschap: Client is using MS-CHAPv2 Fri Aug 5 10:41:57 2016 : ERROR: (38) mschap: MS-CHAP2-Response is incorrect Fri Aug 5 10:41:57 2016 : Debug: (38) modsingle[authenticate]: returned from mschap (rlm_mschap) for request 38 Fri Aug 5 10:41:57 2016 : Debug: (38) [mschap] = reject Fri Aug 5 10:41:57 2016 : Debug: (38) } # Auth-Type MS-CHAP = reject Thanks for ur help Regards, Thomas