Hi, I have a problem with huntgroups and wpa2. It concerns the following: First, huntgroups works with ntradping and crypt-passwd: mysql-db unzinn | NT-Password | := | 7C53CFA5EA7D0F9B3B968AA0FB51A3F5 unzinn | crypt-password | == | $1$7ftISFCW$xp.n8LMOxfPD7GqdSJqZC1 unzinn | Huntgroup-Name | == | hrzvpn with wpa2 (PEAP/MSCHAPv2) it works only without the huntgroup entry. Is this a problem because of different adresses? Access-Request packet from host 129.217.169.191 .. NAS-IP-Address = 129.217.157.246 ? huntgroups: hrzvpn NAS-IP-Address == 129.217.157.246 debug: rad_recv: :32769, id=33, length=176 User-Name = "unzinn" Calling-Station-Id = "00-19-D2-CF-E5-50" Called-Station-Id = "00-0B-85-9A-2D-30:ITMC-WPA2" NAS-Port = 29 NAS-IP-Address = 129.217.157.246 NAS-Identifier = "mh-wlc4" Airespace-Wlan-Id = 5 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "3503" EAP-Message = 0x0201000b01756e7a696e6e Message-Authenticator = 0x2bf90a315bc202464b3819722bfef98e Processing the authorize section of radiusd.conf modcall: entering group authorize for request 9 modcall[authorize]: module "preprocess" returns ok for request 9 modcall[authorize]: module "chap" returns noop for request 9 modcall[authorize]: module "mschap" returns noop for request 9 rlm_realm: No '@' in User-Name = "unzinn", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 9 rlm_eap: EAP packet type response id 1 length 11 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 9 radius_xlat: 'unzinn' rlm_sql (sql): sql_set_user escaped user --> 'unzinn' radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = 'unzinn' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 2 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'unzinn' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radreply WHERE Username = 'unzinn' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'unzinn' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 2 rlm_sql (sql): No matching entry in the database for request from user [unzinn] modcall[authorize]: module "sql" returns notfound for request 9 rlm_pap: WARNING! No "known good" password found for the user. Authentication may fail because of this. modcall[authorize]: module "pap" returns noop for request 9 modcall: leaving group authorize (returns updated) for request 9 rad_check_password: Found Auth-Type EAP auth: type "EAP" .... Thanks Hans -- Hans Bornemann Universitaet Dortmund - ITMC Tel. ++49 231 755 2132 Fax. ++49 231 755 2731