Hi, I am trying to use MySQL to autenticate users of a wireless network, using EAP-TTLS-PAP or PEAP-MS-CHAPv2. I use the following users file: user1 User-Password == "user1" DEFAULT Suffix == "@mydomain.org", Autz-Type := SQL while I have the following user in radcheck in MySQL mysql> select * from radcheck; +----+----------+---------------+----+-------+ | id | UserName | Attribute | op | Value | +----+----------+---------------+----+-------+ | 11 | sql1 | User-Password | == | sql1 | +----+----------+---------------+----+-------+ 1 row in set (0.00 sec) Logging with the user "user1" work fo both TTLS-PAP and PEAP-MS-CHAP-V2 (Tested with wpa_supplicant (both TTLS and PEAP) and MS Windows XP (PEAP)). When i try to authenticate as the user sql1 (which is in the MySQL DB), works for TTLS-PAP but doesn't work with PEAP. Seems that inside the file "users" are handled both PAP and MS-CHAPv2 password, while with MySQL I can use only PAP. The relevant part of the log with radiusd -X is provided below. Thanks to anyone helping with this. auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 8 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS eaptls_verify returned 7 rlm_eap_tls: Done initial handshake eaptls_process returned 7 rlm_eap_peap: EAPTLS_OK rlm_eap_peap: Session established. Decoding tunneled attributes. rlm_eap_peap: Received EAP-TLV response. rlm_eap_peap: Tunneled data is valid. rlm_eap_peap: Had sent TLV failure, rejecting. rlm_eap: Handler failed in EAP/peap rlm_eap: Failed in EAP select modcall[authenticate]: module "eap" returns invalid for request 8 modcall: group authenticate returns invalid for request 8 auth: Failed to validate the user.