Hi, I'm stuck with a problem to which I haven't found an easy solution. Let's say we use either EAP-PEAP or EAP-TTLS. Both on Windows you cave ways to check not only ca certificate but also radius server name. I've tried: *NetworkManager: It can't check radius server name. *wicd: You could use customized scripts but make things harder and replace NetworkManager which is the default network tool on modern distros. *kwlan: It's like wicd an more KDE oriented. *wpasupplicant: It can check server name! But also on Fedora 10 I haven't found a way for NetworkManager apply its config file. Mostly "modern" and end users distros don't pay attention to wpasupplicant config file. On Windows (and I am not presicely a MS fan) you can check server name either by itself or by SecureW2. On Mac it prompts you showing radius server name. Sadly, I haven't found on Linux to check radius server name. I fear this: Let's say I have a radius server which use a certificate signed by WhateverSign. You get a certificate signed by WhateverSign too. You use a trustable ca certificate, don't you? Well, you config a cheating Access Point. Then a user come and connect to that cheating Access Point. Please tell me if that risk exists and if is wothy of worrying. If it is, how I can do for check radius server name on modern distro Linux? Thanks in advance and happy new year!!!! -- -- Open Kairos http://www.openkairos.com Watch More TV http://sebelk.blogspot.com Sergio Belkin -