Hi, I have Freeradius 1.1.6 running on FreeBSD. I authenticate users from a users file, not from a database. I have three default realms setup in the realms file and at the top of the users file like so: DEFAULT Realm == jellico.net Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 255.255.255.254, Framed-IP-Netmask = 255.255.255.255, Framed-Routing = None, Framed-Compression = None, Framed-MTU = 1500, Fall-Through = 1 DEFAULT Realm == jellico.com Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 255.255.255.254, Framed-IP-Netmask = 255.255.255.255, Framed-Routing = None, Framed-Compression = None, Framed-MTU = 1500, Fall-Through = 1 Then a list of users follows. Here's one example: lisa Auth-Type = Local, Password == xxxxxxx Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 255.255.255.254, Framed-IP-Netmask = 255.255.255.255, Framed-Routing = None, Framed-Compression = None, Framed-MTU = 1500, Slipstream-Auth = "true" The way things are setup now, any user can log in with any of the realms I have defined. For example, I (username lisa) could login as lisa@jellico.com and then turn around and login as lisa@jellico.net My boss would like me to restrict this so that (for example) lisa could log in as lisa@jellico.com but not lisa@jellico.net With my setup, can I do this easily (or at all)? If this is possible, please give me some idea of how to go about doing this. Thanks, Lisa Casey