Hello, I have a wireless network based on wx switch 3com (centrally managed access-point) and I'm trying to activate WPA protection on one ssid "wpa-experimental". I hope to have configured all the component correctly. When I attempt to connect, on radius log (started by radiusd -X) I see: rad_recv: Access-Request packet from host 149.139.32.61:20001, id=118, length=148 NAS-Port-Id = "2/1" Calling-Station-Id = "00-08-E3-B0-73-46" Called-Station-Id = "00-12-A9-17-08-40:wpa-experimental" Service-Type = Framed-User EAP-Message = 0x0201000d0161676f7374696e69 User-Name = "agostini" NAS-Port-Type = Wireless-802.11 NAS-Identifier = "3Com" NAS-IP-Address = xxx.xxx.xxx.xxx Message-Authenticator = 0x3c8c9588223b33c4a8dafd70db73e334 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 203 modcall[authorize]: module "preprocess" returns ok for request 203 modcall[authorize]: module "chap" returns noop for request 203 modcall[authorize]: module "mschap" returns noop for request 203 rlm_realm: No '@' in User-Name = "agostini", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 203 rlm_eap: EAP packet type response id 1 length 13 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 203 radius_xlat: 'agostini' rlm_sql (sql): sql_set_user escaped user --> 'agostini' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'agostini' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 1 rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'agostini' ORDER BY id radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'agostini' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'agostini' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'agostini' ORDER BY id' rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'agostini' ORDER BY id radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'agostini' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'agostini' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id rlm_sql (sql): Released sql socket id: 1 modcall[authorize]: module "sql" returns ok for request 203 users: Matched DEFAULT at 155 modcall[authorize]: module "files" returns ok for request 203 modcall: group authorize returns updated for request 203 rad_check_password: Found Auth-Type EAP rad_check_password: Found Auth-Type Local Warning: Found 2 auth-types on request for user 'agostini' auth: type Local auth: No User-Password or CHAP-Password attribute in the request auth: Failed to validate the user. Login incorrect: [agostini/<no User-Password attribute>] (from client Wx1200-B1D port 0 cli 00-08-E3-B0-73-46) Delaying request 203 for 1 seconds Finished request 203 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 118 to 149.139.32.61:20001 Waking up in 4 seconds... --- Walking the entire request list --- Cleaning up request 203 ID 118 with timestamp 44896cc8 Nothing to do. Sleeping until we see a request. Have you any idea what is wrong? Thank you in advance A Agostini