Hi, I have freeradius for WPA2 Enterprise authentification in small network in library, it is stable version (2.0.4) on Debian Lenny compiled from sources with OpenSSL support.. Everything seems to be OK, but when I try to connect to AP from laptop with Windows XP after I enter name and password I am stuck on Validating identity, same on Ubuntu machine... My configuration is pretty much default except of enabling MySQL and setting paths and passwords to certificates (generated with make script in /etc/freeradius/certs, so they should be OK) and addresses of clients. This is what freeradius -X gives me when I try to connect to AP: Ready to process requests. rad_recv: Access-Request packet from host 192.168.3.1 port 1291, id=0, length=123 User-Name = "pokus" NAS-IP-Address = 192.168.3.1 Called-Station-Id = "00259c523046" Calling-Station-Id = "001e650eb532" NAS-Identifier = "00259c523046" NAS-Port = 9 Framed-MTU = 1400 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0200000a01706f6b7573 Message-Authenticator = 0x634f3b088572fda3a12eca56ed6035b9 +- entering group authorize ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop rlm_realm: No '@' in User-Name = "pokus", looking up realm NULL rlm_realm: No such realm "NULL" ++[suffix] returns noop rlm_eap: EAP packet type response id 0 length 10 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated ++[unix] returns notfound ++[files] returns noop expand: %{User-Name} -> pokus rlm_sql (sql): sql_set_user escaped user --> 'pokus' rlm_sql (sql): Reserving sql socket id: 3 expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'pokus' ORDER BY id rlm_sql (sql): User found in radcheck table expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'pokus' ORDER BY id expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'pokus' ORDER BY priority rlm_sql (sql): Released sql socket id: 3 ++[sql] returns ok ++[expiration] returns noop ++[logintime] returns noop rlm_pap: Found existing Auth-Type, not changing it. ++[pap] returns noop rad_check_password: Found Auth-Type Accept rad_check_password: Auth-Type = Accept, accepting the user Login OK: [pokus/<via Auth-Type = Accept>] (from client router port 9 cli 001e650eb532) +- entering group post-auth ++[exec] returns noop Sending Access-Accept of id 0 to 192.168.3.1 port 1291 Finished request 0. Going to the next request Waking up in 4.9 seconds. Cleaning up request 0 ID 0 with timestamp +59 Ready to process requests. To me it seems that name/password was accepted so I have no clue where is the problem.. Thank you in advance for any help..