Hi, I had been using EAP-TTLS, but I've commented in an earlier post, I have no luck with securew2 and Vista. So I am planning use a "secondary password" for radius in clear-text. But I'd want to know if TTLS and PEAP can live together, my current eap.conf is as follow: eap { default_eap_type = ttls timer_expire = 60 ignore_unknown_eap_types = no cisco_accounting_username_bug = no md5 { } leap { } gtc { auth_type = PAP } tls { private_key_file = /etc/pki/tls/certs/ips-spectrum-key.pem certificate_file = /etc/pki/tls/certs/ips-spectrum-crt.pem CA_file = /etc/pki/tls/certs/ips-ca-bundle.crt dh_file = ${raddbdir}/certs/dh random_file = ${raddbdir}/certs/random cipher_list = "DEFAULT" } ttls { default_eap_type = md5 copy_request_to_tunnel = no use_tunneled_reply = yes } peap { default_eap_type = mschapv2 copy_request_to_tunnel = no use_tunneled_reply = no } mschapv2 { } } -- -- Open Kairos http://www.openkairos.com Watch More TV http://sebelk.blogspot.com Sergio Belkin -