I configured a FreeRadius server and tested it with FreeRadius' radclient. It works. However, when I try the radclient from xtradius, I always get an access denied. I think that FreeRadius is supposed to work with other Radius implementations :-) so there is something strange. With FreeRadius's radclient: % echo "User-Name = bortzmeyer\nUser-Password = theuserpassword" | radclient jezabel auth mysharedsecret Received response ID 181, code 2, length = 44 Service-Type = Framed-User Framed-Protocol = PPP ... With xtradius' radclient, same client machine: % echo "User-Name = bortzmeyer\nUser-Password = theuserpassword" | radclient jezabel auth mysharedsecret Sending request to server jezabel, port 1812. Warning: Received invalid reply digest from server radrecv: Packet from host 10.1.82.2 code=3, id=13, length=20 Access denied. And, on the FreeRadius server, when it fails: rad_recv: Access-Request packet from host 10.1.82.1:32774, id=13, length=50 User-Name = "bortzmeyer" User-Password = "\274\016N\002\363\206\206a&.P06\270\363\335" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "bortzmeyer", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 users: Matched entry bortzmeyer at line 52 modcall[authorize]: module "files" returns ok for request 0 modcall[authorize]: module "pap" returns updated for request 0 modcall: leaving group authorize (returns updated) for request 0 rad_check_password: Found Auth-Type pap auth: type "PAP" Processing the authenticate section of radiusd.conf modcall: entering group PAP for request 0 rlm_pap: login attempt with password ¼?N?ó??a&.P06¸óÝ rlm_pap: Using clear text password "theuserpassword". rlm_pap: Passwords don't match modcall[authenticate]: module "pap" returns reject for request 0 modcall: leaving group PAP (returns reject) for request 0 auth: Failed to validate the user. WARNING: Unprintable characters in the password. ? Double-check the shared secret on the server and the NAS! The clients.conf config: client lilith.generic-nic.net { secret = mysharedsecret shortname = lilith nastype = other }