Hi all! I'm using this nice program on an old, linux nas and it works perfectly. But now I bought a dongle and attached to the nas. And I tried to connect to my wifi but I Cannot do that, because it gives me an Access-reject... Is it possible to use that through wifi? Here is a debugger output: ... adding new socket proxy address * port 5527 Listening on authentication interface wlan0 address * port 1812 Listening on accounting address * port 1813 Listening on command file /ffp/var/run/radiusd/radiusd.sock Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel Listening on proxy address * port 1814 Ready to process requests. rad_recv: Access-Request packet from host 192.168.1.1 port 47778, id=0, length=123 User-Name = "guest" NAS-IP-Address = 192.168.1.1 Called-Station-Id = "1eb72cd00f4f" Calling-Station-Id = "00e3b22aafa3" NAS-Identifier = "1eb72cd00f4f" NAS-Port = 38 Framed-MTU = 1400 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0200000a016775657374 Message-Authenticator = 0x1cdcf108446d0aed96f7d19e90a2ddea # Executing section authorize from file /ffp/etc/raddb/sites-enabled/default +group authorize { ++[preprocess] = ok ++[chap] = noop ++[mschap] = noop ++[digest] = noop [suffix] No '@' in User-Name = "guest", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] = noop [eap] EAP packet type response id 0 length 10 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] = updated ++[files] = noop [sql] expand: %{User-Name} -> guest [sql] sql_set_user escaped user --> 'guest' rlm_sql (sql): Reserving sql socket id: 30 [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'guest' ORDER BY id [sql] User found in radcheck table [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'guest' ORDER BY id [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'guest' ORDER BY priority rlm_sql (sql): Released sql socket id: 30 ++[sql] = ok ++[expiration] = noop ++[logintime] = noop [pap] WARNING: Auth-Type already set. Not setting to PAP ++[pap] = noop +} # group authorize = updated Found Auth-Type = EAP # Executing group from file /ffp/etc/raddb/sites-enabled/default +group authenticate { [eap] EAP Identity [eap] processing type md5 rlm_eap_md5: Issuing Challenge ++[eap] = handled +} # group authenticate = handled Sending Access-Challenge of id 0 to 192.168.1.1 port 47778 EAP-Message = 0x01010016041059dc9dc980e2a025b5879c8e7dcebcd2 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x327b67de327a635682a37fa2c5a9f0b6 Finished request 0. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 192.168.1.1 port 47778, id=0, length=137 Cleaning up request 0 ID 0 with timestamp +13 User-Name = "guest" NAS-IP-Address = 192.168.1.1 Called-Station-Id = "1eb72cd00f4f" Calling-Station-Id = "00e3b22aafa3" NAS-Identifier = "1eb72cd00f4f" NAS-Port = 38 Framed-MTU = 1400 State = 0x327b67de327a635682a37fa2c5a9f0b6 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x02010006030d Message-Authenticator = 0xfba748e19ef2d0c85f62a9c686c6a45b # Executing section authorize from file /ffp/etc/raddb/sites-enabled/default +group authorize { ++[preprocess] = ok ++[chap] = noop ++[mschap] = noop ++[digest] = noop [suffix] No '@' in User-Name = "guest", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] = noop [eap] EAP packet type response id 1 length 6 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] = updated ++[files] = noop [sql] expand: %{User-Name} -> guest [sql] sql_set_user escaped user --> 'guest' rlm_sql (sql): Reserving sql socket id: 29 [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'guest' ORDER BY id [sql] User found in radcheck table [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'guest' ORDER BY id [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'guest' ORDER BY priority rlm_sql (sql): Released sql socket id: 29 ++[sql] = ok ++[expiration] = noop ++[logintime] = noop [pap] WARNING: Auth-Type already set. Not setting to PAP ++[pap] = noop +} # group authorize = updated Found Auth-Type = EAP # Executing group from file /ffp/etc/raddb/sites-enabled/default +group authenticate { [eap] Request found, released from the list [eap] EAP NAK [eap] EAP-NAK asked for EAP-Type/tls [eap] processing type tls [tls] Requiring client certificate [tls] Initiate [tls] Start returned 1 ++[eap] = handled +} # group authenticate = handled Sending Access-Challenge of id 0 to 192.168.1.1 port 47778 EAP-Message = 0x010200060d20 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x327b67de33796a5682a37fa2c5a9f0b6 Finished request 1. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 192.168.1.1 port 47778, id=0, length=137 Cleaning up request 1 ID 0 with timestamp +13 User-Name = "guest" NAS-IP-Address = 192.168.1.1 Called-Station-Id = "1eb72cd00f4f" Calling-Station-Id = "00e3b22aafa3" NAS-Identifier = "1eb72cd00f4f" NAS-Port = 38 Framed-MTU = 1400 State = 0x327b67de33796a5682a37fa2c5a9f0b6 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x020200060300 Message-Authenticator = 0x5b93793510020b8d51688f1ecd803739 # Executing section authorize from file /ffp/etc/raddb/sites-enabled/default +group authorize { ++[preprocess] = ok ++[chap] = noop ++[mschap] = noop ++[digest] = noop [suffix] No '@' in User-Name = "guest", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] = noop [eap] EAP packet type response id 2 length 6 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] = updated ++[files] = noop [sql] expand: %{User-Name} -> guest [sql] sql_set_user escaped user --> 'guest' rlm_sql (sql): Reserving sql socket id: 28 [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'guest' ORDER BY id [sql] User found in radcheck table [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'guest' ORDER BY id [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'guest' ORDER BY priority rlm_sql (sql): Released sql socket id: 28 ++[sql] = ok ++[expiration] = noop ++[logintime] = noop [pap] WARNING: Auth-Type already set. Not setting to PAP ++[pap] = noop +} # group authorize = updated Found Auth-Type = EAP # Executing group from file /ffp/etc/raddb/sites-enabled/default +group authenticate { [eap] Request found, released from the list [eap] EAP NAK [eap] NAK asked for bad type 0 [eap] Failed in EAP select ++[eap] = invalid +} # group authenticate = invalid Failed to authenticate the user. Using Post-Auth-Type Reject # Executing group from file /ffp/etc/raddb/sites-enabled/default +group REJECT { [sql] expand: %{User-Name} -> guest [sql] sql_set_user escaped user --> 'guest' [sql] expand: %{User-Password} -> [sql] ... expanding second conditional [sql] expand: %{Chap-Password} -> [sql] expand: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'guest', '', 'Access-Reject', '2016-06-15 15:02:33') rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'guest', '', 'Access-Reject', '2016-06-15 15:02:33') rlm_sql (sql): Reserving sql socket id: 27 rlm_sql (sql): Released sql socket id: 27 ++[sql] = ok [eap] Reply already contained an EAP-Message, not inserting EAP-Failure ++[eap] = noop [attr_filter.access_reject] expand: %{User-Name} -> guest attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] = updated +} # group REJECT = updated Delaying reject of request 2 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 2 Sending Access-Reject of id 0 to 192.168.1.1 port 47778 EAP-Message = 0x04020004 Message-Authenticator = 0x00000000000000000000000000000000 Waking up in 4.9 seconds. Cleaning up request 2 ID 0 with timestamp +13 Ready to process requests. With wired connection, it works So cool... Thanks!