Hi, I have an idea I thought will be quite easy to implement, but it turned out I can't figure how to do this on my own. Company I work for issues software (Java) tokens for our employees that need external access. They're based on proprietary system (CERB) and we're using them with a great success for authenticating access for our Juniper Gateway device - with a little help from Freeradius (2.0.4, to be precise). CERB system is plugged into radius via something like this (in radiusd.conf): exec cerb { wait = yes program = "/usr/local/bin/cerbauth.sh freeradius" input_pairs = request output_pairs = reply } Now, I wanted to use those token also for 802.1x authentication for our WiFi network, as it'd be safer than using just regular username/password (which might be too weak) and more convenient than certificates (it happened a couple of times that employees laptop has been stolen). For WiFi, we are using H3C WX30xx Access Controllers, which try to use EAP, which in turn doesn't provide clear-text password that could be used for cerb exec. I'm pretty much stuck - either I got something wrong (Freeradius, WPA, EAP etc. are still quite new for me), or it just can't be done. Anyway, I figured I might just write here and hope that someone at least tell me that everything above is just plain wrong :-) /br Stan