Hello, don't know if it's a bug or a change (doesn't found anything in the release notes), but if you use commas for the password in e.g. clients.conf, then the password itself gets malformed. ########################################################################### Normal request with password 123 Ready to process requests Threads: total/active/spare threads = 5/0/5 Waking up in 0.3 seconds. Thread 2 got semaphore Thread 2 handling request 0, (1 handled so far) (0) Received Access-Request Id 244 from 172.17.8.10:3072 to 172.17.8.254:1812 length 180 (0) User-Name = "123456-7890ab" (0) User-Password = "123" (0) NAS-Identifier = "wpa" (0) NAS-IP-Address = 172.17.8.10 (0) Called-Station-Id = "12-34-56-78-90-AB:WLAN TEST" (0) NAS-Port-Type = Wireless-802.11 (0) Service-Type = Framed-User (0) NAS-Port = 1 (0) NAS-Port-Id = "1" (0) Calling-Station-Id = "12-34-56-78-90-AB" (0) Connect-Info = "CONNECT 144 Mbps 802.11g/n" (0) # Executing section authorize from file /etc/radiusd-mac/sites-enabled/default (0) authorize { (0) radius-station-mac: EXPAND %{User-Name} (0) radius-station-mac: --> 123456-7890ab Found User-Password == "..." Are you sure you don't mean Cleartext-Password? See "man rlm_pap" for more information (0) [radius-station-mac] = noop (0) if (!ok) { (0) if (!ok) -> TRUE (0) if (!ok) { (0) radius-station-allow-mac: EXPAND %{User-Name} (0) radius-station-allow-mac: -->123456-7890ab (0) radius-station-allow-mac: users: Matched entry 123456-7890ab at line 18 (0) [radius-station-allow-mac] = ok (0) if (!ok) { (0) if (!ok) -> FALSE (0) } # if (!ok) = ok (0) [preprocess] = ok (0) } # authorize = ok (0) Found Auth-Type = Accept (0) Auth-Type = Accept, accepting the user (0) Login OK: [123456-7890ab/123] (from client wpa port 1 cli 12-34-56-78-90-AB) (0) Sent Access-Accept Id 244 from 172.17.8.254:1812 to 172.17.8.10:3072 length 0 (0) Finished request ########################################################################### Malformed request with password 123, Listening on auth address * port 1812 bound to server mac_server Ready to process requests Threads: total/active/spare threads = 5/0/5 Waking up in 0.3 seconds. Thread 2 got semaphore Thread 2 handling request 0, (1 handled so far) (0) Received Access-Request Id 93 from 172.17.8.10:3072 to 172.17.8.254:1812 length 180 (0) User-Name = "123456-7890ab" (0) User-Password = "4\016\236\343\234B\177\230\006VZ\030\027E\301\324" (0) NAS-Identifier = "wpa" (0) NAS-IP-Address = 172.17.8.10 (0) Called-Station-Id = "12-34-56-78-90-AB:WLAN TEST" (0) NAS-Port-Type = Wireless-802.11 (0) Service-Type = Framed-User (0) NAS-Port = 1 (0) NAS-Port-Id = "1" (0) Calling-Station-Id = "12-34-56-78-90-AB" (0) Connect-Info = "CONNECT 144 Mbps 802.11g/n" (0) # Executing section authorize from file /etc/radiusd-mac/sites-enabled/default (0) authorize { (0) radius-station-mac: EXPAND %{User-Name} (0) radius-station-mac: --> 123456-7890ab Found User-Password == "..." Are you sure you don't mean Cleartext-Password? See "man rlm_pap" for more information (0) [radius-station-mac] = noop (0) if (!ok) { (0) if (!ok) -> TRUE (0) if (!ok) { (0) radius-station-allow-mac: EXPAND %{User-Name} (0) radius-station-allow-mac: --> 123456-7890ab (0) radius-station-allow-mac: users: Matched entry 123456-7890ab at line 18 (0) [radius-station-allow-mac] = ok (0) if (!ok) { (0) if (!ok) -> FALSE (0) } # if (!ok) = ok (0) [preprocess] = ok (0) } # authorize = ok (0) Found Auth-Type = Accept (0) Auth-Type = Accept, accepting the user (0) Login OK: [123456-7890ab/4????B???VZ??E??] (from client wpa port 1 cli 12-34-56-78-90-AB) (0) Sent Access-Accept Id 93 from 172.17.8.254:1812 to 172.17.8.10:3072 length 0 (0) Finished request This behavior appeared with 3.0.7. If it is a bug, please fix it. Kind regards. D. Stabla