I'm not an expert on freeradius, but at work i manage successfully a setup with freeradius binded to an AD domain, successfully autheticate wireless clients with MSCHAPv2. At home i need to extend my wireless coverage (for now, i use an hostapd and a wireless interface in my server), and so i've thinked about using LDAP as a source for auth data, using as AP some OpenWRT/LEDE routers. Yes, i can use WPA/WPA2 personal, but i want to experiment and continue to assign different credential for different MAC addess. ;) I've found the basic setup info on: https://wiki.freeradius.org/modules/Rlm_ldap and some other info on how add clients to the LDAP on: https://www.ldap-account-manager.org/static/doc/manual-onePage/index.html#id... Also i've found some forum/blog pages around, but all seems to be about freeradius 2, and does not provide clues on why (at least to me). For example, i suppose i have to use WPA2-Enterprise with EAP-TTLS, but i've not found a place that clarify if the password in LDAP have to be 'in clear', or hashed, and how hashed. Someone have some info, or a good link? Thanks. -- There are only 10 kinds of people in the world -- Those who understand binary, and those who don't. (Roberto Maglica)