Hi, I am playing with EAP-SIM on 2.2.0, but I am facing an issue I cannot even understand :S Not because I don't want to, but the error messages are not talking much. I did compute SRES/Kc for my SIM, but after the third triplet, I just have: rlm_perl: Added pair EAP-Sim-Rand3 = 0xff626ed6104164234aabebecafecafe3 rlm_perl: Added pair EAP-Sim-Rand2 = 0x771634015641aabcd4e5a2a3ab521242 rlm_perl: Added pair EAP-Sim-SRES1 = 0xa0a116fe rlm_perl: Added pair EAP-Sim-SRES2 = 0xc891c365 rlm_perl: Added pair EAP-Sim-KC1 = 0x603c63ecd59340cb rlm_perl: Added pair EAP-Sim-Rand1 = 0xab521824610aca27814bbde2810347a1 rlm_perl: Added pair EAP-Sim-KC3 = 0xa62f0f3aca277041 rlm_perl: Added pair EAP-Sim-KC2 = 0xbdaf3f47b1fc2520 rlm_perl: Added pair EAP-Sim-SRES3 = 0x6daeb494 rlm_perl: Added pair Auth-Type = EAP rlm_perl: Added pair EAP-Type = SIM ++[packetfence] returns noop Found Auth-Type = EAP # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/sim [eap] processing type sim [eap] Handler failed in EAP/sim [eap] Failed in EAP select ++[eap] returns invalid Failed to authenticate the user. I am using sim_files to populate the attributes. Anyone can enlight me? By the way, the same config works on 2.1.12 (just tested it): rlm_perl: Added pair EAP-Sim-Rand3 = 0xff626ed6104164234aabebecafecafe3 rlm_perl: Added pair EAP-Sim-Rand2 = 0x771634015641aabcd4e5a2a3ab521242 rlm_perl: Added pair EAP-Sim-SRES1 = 0xa0a116fe rlm_perl: Added pair EAP-Sim-SRES2 = 0xc891c365 rlm_perl: Added pair EAP-Sim-KC1 = 0x603c63ecd59340cb rlm_perl: Added pair EAP-Sim-Rand1 = 0xab521824610aca27814bbde2810347a1 rlm_perl: Added pair EAP-Sim-KC3 = 0xa62f0f3aca277041 rlm_perl: Added pair EAP-Sim-KC2 = 0xbdaf3f47b1fc2520 rlm_perl: Added pair EAP-Sim-SRES3 = 0x6daeb494 rlm_perl: Added pair Auth-Type = EAP rlm_perl: Added pair EAP-Type = SIM ++[packetfence] returns noop Found Auth-Type = EAP # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/sim [eap] processing type sim MAC check succeed [eap] Underlying EAP-Type set EAP ID to 27 [eap] Freeing handler ++[eap] returns ok # Executing section post-auth from file /usr/local/pf/raddb/sites-enabled/packetfence +- entering group post-auth {...} ++[exec] returns noop ++[reply] returns noop } # server packetfence Sending Access-Accept of id 34 to 10.0.0.24 port 1051 Thanks! -- Francois Gaudreault, ing. jr fgaudreault@inverse.ca :: +1.514.447.4918 (x130) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org)