Forgive me. I have the same issue as mentioned in the June 4, 2017 archived thread. It seems to me the issue is explained but not how to fix it. Question: Which file must be edited and in which manner to eliminate this warning about user privacy being compromised due to the same outer and inner identities? Details: 3.0.15 FreeRADIUS build, in a lab environment. My only edits are to add a user, add a client, and make fresh certificates. The NAS is an Aruba 7005 wireless controller. Authentication succeeds if I configure the client not to validate the certificate, but I see this in the freeradius -X output: (7) authenticate { (7) eap: Expiring EAP session with state 0xf00edcbdf607c57b (7) eap: Finished EAP session with state 0xf00edcbdf607c57b (7) eap: Previous EAP request found for state 0xf00edcbdf607c57b, released from the list (7) eap: Peer sent packet with method EAP PEAP (25) (7) eap: Calling submodule eap_peap to process data (7) eap_peap: Continuing EAP-TLS (7) eap_peap: [eaptls verify] = ok (7) eap_peap: Done initial handshake (7) eap_peap: [eaptls process] = ok (7) eap_peap: Session established. Decoding tunneled attributes (7) eap_peap: PEAP state WAITING FOR INNER IDENTITY (7) eap_peap: Identity - guest123 (7) eap_peap: Got inner identity 'guest123' (7) eap_peap: Setting default EAP type for tunneled EAP session (7) eap_peap: Got tunneled request (7) eap_peap: EAP-Message = 0x0209000d016775657374313233 (7) eap_peap: Setting User-Name to guest123 (7) eap_peap: Sending tunneled request to inner-tunnel (7) eap_peap: EAP-Message = 0x0209000d016775657374313233 (7) eap_peap: FreeRADIUS-Proxied-To = 127.0.0.1 (7) eap_peap: User-Name = "guest123" (7) Virtual server inner-tunnel received request (7) EAP-Message = 0x0209000d016775657374313233 (7) FreeRADIUS-Proxied-To = 127.0.0.1 (7) User-Name = "guest123" (7) WARNING: Outer and inner identities are the same. User privacy is compromised.