I've been reviewing: https://wiki.freeradius.org/guide/Mac-Auth#additional-modifications_mac-auth... I have two SSIDs. One of them is mac-auth and the other is .1x. My wireless environment presents freeradius with %{Aruba-Essid-Name} to denote the SSID. If I am interpreting the above documentation correctly, it suggests that I alter what I'm storing in the mac address database to also include the SSID so it can compare both the mac address and the SSID. However, as we don't have multiple SSIDs that do mac auth, is it possible to create some sort of logic in the authorize section based on SSID? Something like: if %{Aruba-Essid-Name} == "mac-auth ssid" { do mac auth} elif %{Aruba-Essid-Name} == ".1x ssid" {do eap} else {reject} That seems like a simpler solution,especially since it doesn't require me to mess with the database of mac addresses. Any input would be appreciated. -- Munroe Sollog (He/Him/His) Senior Network Engineer munroe@lehigh.edu