hi: I am using freeradius 3.0.1 at scientific linux 7.0. I want to use our pop3 server as database for wireless wpa authentication. (the eap-peap-mschapv2 works fine with our Active Directory. but for some reason we need another method). I try to test the idea as two parts: 1. setup a "test1" user at /etc/raddb/users like this test1 Cleartext-Password := "testtest" and use EAP-PEAP-GTC at windows client to test it, it works fine. 2. write a perl script to authenticate via pop3 server. I use "radtest 'user@domain' my-pop3-password 127.0.0.1:18120 0 testing123" to test, it works fine. the modification part of my inner-tunnel config is like below: authorize { pop3 if (ok || updated) { update control { Auth-Type := POP3 } } } Auth-Type POP3 { pop3 } 3. I can not combine above to the final result. I can not use EAP-PEAP-GTC from windows to authenticate via pop3 server. when I debug the perl script, I found no password input when using "EAP-PEAP-GTC". I try modify many settings but still can not get it work. so I wonder if my concept is wrong. is that possible to use EAP-PEAP-GTC against a pop3 server, or we need a cleartext-password file when using EAP-PEAP-GTC? I try to make the perl script dump %RED_REQUEST as below when using EAP-PEAP-GTC: $VAR1 = { 'User-Name' => 'xxx@xxxxxx', 'EAP-Message' => '0x020f00060306', 'Realm' => 'xxxxxxxxx', 'State' => '0x2dec2f402de335af33348f2ebbe6e91d', 'Stripped-User-Name' => 'xxxx', 'EAP-Type' => 'NAK', 'FreeRADIUS-Proxied-To' => '127.0.0.1' thanks a lot for help!! Regards, tbskyd