using the ca.der and caclient.p12 (using Ivan's newer script for generating) for TLS
That was for 2.0.5. 2.1.x has updated Makefile by default.
Below is radiusd -X log with one failed attempt and it just seems as if the eap challenges go out but responses never come back.
[ldap] checking if remote access for spare is allowed by uid [ldap] Added User-Password = {crypt}$OBSCURED in check items [ldap] looking for check items in directory... rlm_ldap: sambaNtPassword -> NT-Password == 0x$OBSCURED rlm_ldap: sambaLmPassword -> LM-Password == 0x$OBSCURED ... [eap] processing type md5 rlm_eap_md5: Issuing Challenge ... No wonder. You are using crypt and nt hased passwords for EAP-MD5. That can't work. http://deployingradius.com/documents/protocols/compatibility.html Ivan Kalik Kalik Informatika ISP