yeah upgrading is high on my list :) rlm_passwd says it provides authorization via files but i need it via LDAP. I didnt get much from your reply, here's what am doing presently plz suggest how should i proceed. ********************************************************************************************************* LDAP user: dn: uid=ashimece,cn=Ece08,cn=Students,dc=itweb uid: ashimece userPassword: jindal objectClass: account objectClass: simpleSecurityObject objectClass: top objectClass: radiusprofile cn: Ashim Dutta radiusCallingStationId: 00-90-4B-ED-AB-52 Logs of authentication : ********************************************************************************************************* when MAC ID is correct Waking up in 6 seconds... rad_recv: Access-Request packet from host 10.9.1.2:1088, id=8, length=249 Message-Authenticator = 0x1aefde709d0282b89e74ef5d2df3e4ac Service-Type = Framed-User User-Name = "ashimece" Framed-MTU = 1488 State = 0xefc4f78cf9a0a3f62c93cd748bf36547 Called-Station-Id = "00-15-E9-C9-5F-C0: Dr.CVR24" Calling-Station-Id = "00-90-4B-ED-AB-52" NAS-Identifier = "D-link Corp. Access Point" NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 54Mbps 802.11g" EAP-Message = 0x020800261900170301001bb0362047836069aff6d4a653b9d47e05dcaa105bfa0926b49c0ab2 NAS-IP-Address = 10.9.1.2 NAS-Port = 1 NAS-Port-Id = "STA port # 1" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 18 modcall[authorize]: module "preprocess" returns ok for request 18 modcall[authorize]: module "chap" returns noop for request 18 modcall[authorize]: module "mschap" returns noop for request 18 rlm_realm: No '@' in User-Name = "ashimece", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 18 rlm_eap: EAP packet type response id 8 length 38 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 18 users: Matched DEFAULT at 152 users: Matched DEFAULT at 171 modcall[authorize]: module "files" returns ok for request 18 rlm_ldap: - authorize rlm_ldap: performing user authorization for ashimece radius_xlat: '(uid=ashimece)' radius_xlat: 'dc=itweb' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in dc=itweb, with filter (uid=ashimece) rlm_ldap: checking if remote access for ashimece is allowed by uid rlm_ldap: looking for check items in directory... rlm_ldap: Adding radiusCallingStationId as Calling-Station-Id, value 00-90-4B-ED-AB-52 & op=21 rlm_ldap: Adding userPassword as User-Password, value jindal & op=21 rlm_ldap: looking for reply items in directory... rlm_ldap: user ashimece authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 18 modcall: group authorize returns updated for request 18 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 18 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS eaptls_verify returned 7 rlm_eap_tls: Done initial handshake eaptls_process returned 7 rlm_eap_peap: EAPTLS_OK rlm_eap_peap: Session established. Decoding tunneled attributes. rlm_eap_peap: Received EAP-TLV response. rlm_eap_peap: Tunneled data is valid. rlm_eap_peap: Success rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns ok for request 18 modcall: group authenticate returns ok for request 18 Sending Access-Accept of id 8 to 10.9.1.2:1088 Framed-IP-Address = 255.255.255.254 Framed-MTU = 576 Service-Type = Framed-User MS-MPPE-Recv-Key = 0xfdd87b133b79449727654aa3a681ee48d891ee6ff1685344159acbc3ff02d820 MS-MPPE-Send-Key = 0xdcbb432b81d40d6e1d189527a911932a7b161f8b68ba2ee06e862c455967699e EAP-Message = 0x03080004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = "ashimece" Finished request 18 Going to the next request Waking up in 6 seconds... ********************************************************************************************************* when MAC ID is *NOT* correct but is authenticated successfully Waking up in 5 seconds... rad_recv: Access-Request packet from host 10.9.1.2:1088, id=17, length=249 Message-Authenticator = 0xaab5be28b7a3198b4432458ae62e1905 Service-Type = Framed-User User-Name = "ashimece" Framed-MTU = 1488 State = 0xdfdb9e22d8d2452e0a4c3daf52e757f6 Called-Station-Id = "00-15-E9-C9-5F-C0:Dr.CVR24" Calling-Station-Id = " 00-90-4B-ED-AB-52" NAS-Identifier = "D-link Corp. Access Point" NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 54Mbps 802.11g" EAP-Message = 0x021100261900170301001ba1bc4bf393dc67e00b5d456b4eda44e73fdef7b14ba0558ecbe493 NAS-IP-Address = 10.9.1.2 NAS-Port = 1 NAS-Port-Id = "STA port # 1" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 27 modcall[authorize]: module "preprocess" returns ok for request 27 modcall[authorize]: module "chap" returns noop for request 27 modcall[authorize]: module "mschap" returns noop for request 27 rlm_realm: No '@' in User-Name = "ashimece", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 27 rlm_eap: EAP packet type response id 17 length 38 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 27 users: Matched DEFAULT at 152 users: Matched DEFAULT at 171 modcall[authorize]: module "files" returns ok for request 27 rlm_ldap: - authorize rlm_ldap: performing user authorization for ashimece radius_xlat: '(uid=ashimece)' radius_xlat: 'dc=itweb' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in dc=itweb, with filter (uid=ashimece) rlm_ldap: checking if remote access for ashimece is allowed by uid rlm_ldap: looking for check items in directory... rlm_ldap: Adding radiusCallingStationId as Calling-Station-Id, value 00-90-4B-ED-AB-00 & op=21 rlm_ldap: Adding userPassword as User-Password, value jindal & op=21 rlm_ldap: looking for reply items in directory... rlm_ldap: user ashimece authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 27 modcall: group authorize returns updated for request 27 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 27 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS eaptls_verify returned 7 rlm_eap_tls: Done initial handshake eaptls_process returned 7 rlm_eap_peap: EAPTLS_OK rlm_eap_peap: Session established. Decoding tunneled attributes. rlm_eap_peap: Received EAP-TLV response. rlm_eap_peap: Tunneled data is valid. rlm_eap_peap: Success rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns ok for request 27 modcall: group authenticate returns ok for request 27 Sending Access-Accept of id 17 to 10.9.1.2:1088 Framed-IP-Address = 255.255.255.254 Framed-MTU = 576 Service-Type = Framed-User MS-MPPE-Recv-Key = 0x777bb3e1d089ab4d06e5d17cc4e75e1ce71c8a31f7ac06cf193ac2aca893eca9 MS-MPPE-Send-Key = 0x485bd639e4f35fb4fe39fe954d6a1959f3d25f149b53d22c180716bac82abac9 EAP-Message = 0x03110004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = "ashimece" Finished request 27 Going to the next request Waking up in 5 seconds... ********************************************************************************************************* when MAC ID is correct BUT ldap *filter* is changed from uid to radiusCallingStationId but is *NOT* authenticated Waking up in 6 seconds... rad_recv: Access-Request packet from host 10.9.1.2:1089, id=7, length=249 Message-Authenticator = 0xef805c6611b81ccd4e57f0a01b5a56b2 Service-Type = Framed-User User-Name = "ashimece" Framed-MTU = 1488 State = 0xaf77bba9c6823b2507d129594c59a524 Called-Station-Id = "00-15-E9-C9-5F-C0: Dr.CVR24" Calling-Station-Id = "00-90-4B-ED-AB-52" NAS-Identifier = "D-link Corp. Access Point" NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 54Mbps 802.11g" EAP-Message = 0x020700261900170301001bd7bb65c7f80981315f61ec2779f602c81f4ec09c0c92babb82aacb NAS-IP-Address = 10.9.1.2 NAS-Port = 1 NAS-Port-Id = "STA port # 1" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 15 modcall[authorize]: module "preprocess" returns ok for request 15 modcall[authorize]: module "chap" returns noop for request 15 modcall[authorize]: module "mschap" returns noop for request 15 rlm_realm: No '@' in User-Name = "ashimece", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 15 rlm_eap: EAP packet type response id 7 length 38 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 15 users: Matched DEFAULT at 152 users: Matched DEFAULT at 171 modcall[authorize]: module "files" returns ok for request 15 rlm_ldap: - authorize rlm_ldap: performing user authorization for ashimece radius_xlat: '(radiusCallingStationId=00-90-4B-ED-AB-52)' radius_xlat: 'dc=itweb' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in dc=itweb, with filter (radiusCallingStationId=00-90-4B-ED-AB-52) rlm_ldap: checking if remote access for ashimece is allowed by uid rlm_ldap: looking for check items in directory... rlm_ldap: Adding radiusCallingStationId as Calling-Station-Id, value 00-90-4B-ED-AB-52 & op=21 rlm_ldap: Adding userPassword as User-Password, value jindal & op=21 rlm_ldap: looking for reply items in directory... rlm_ldap: user ashimece authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 15 modcall: group authorize returns updated for request 15 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 15 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS eaptls_verify returned 7 rlm_eap_tls: Done initial handshake eaptls_process returned 7 rlm_eap_peap: EAPTLS_OK rlm_eap_peap: Session established. Decoding tunneled attributes. rlm_eap_peap: Received EAP-TLV response. rlm_eap_peap: Tunneled data is valid. rlm_eap_peap: Had sent TLV failure, rejecting. rlm_eap: Handler failed in EAP/peap rlm_eap: Failed in EAP select modcall[authenticate]: module "eap" returns invalid for request 15 modcall: group authenticate returns invalid for request 15 auth: Failed to validate the user. Delaying request 15 for 1 seconds Finished request 15 Going to the next request Waking up in 6 seconds... -- Registerd Linux User #426561 - Shobhit Jindal B.Tech. Part-III, Department Of Electronics Engineering, ITBHU INDIA