Hey guys, Since I have asked so many questions regarding to this topic I guess you all know my situation very well so I won't go through the whole thing again and save your time! So I found that if I add a "Default" line at the bottom of the users file, like: ... DEFAULT Auth-Type = ntlm_auth The server will always use ntlm for authentication... even I have updated the auth-type to Auth-NHSTB, it doesn't use it. I have attached both debug files. What should I do if I want a "Default" line in the user file while still use the special authentication that I defined for MAC authentication bypass? Thanks! Policy.conf: policy { ... rewrite_calling_station_id { if(request:Calling-Station-Id =~ /00-A0-08-([0-9A-F]{2})-([[0-9A-F]{2})-([[0-9A-F]{2})/i) { update request { Calling-Station-Id := "00a008%{1}%{2}%{3}" } } else { noop } } } Default: authorize { ... rewrite_calling_station_id if((Service-Type == 'Call-Check') && (User-Name =~ /^%{Calling-Station-ID}$/i)){ update control { Auth-Type = 'Auth-NHSTB' } } } authenticate { ... Auth-Type Auth-NHSTB { if(request:User-Name == "%{request:User-Password}") { ok } else{ reject } } } Guest-tek, Difan Zhao difan.zhao@guest-tek.com www.guest-tek.com Office: 403-509-1010 ext 3048 Cell: 403-689-7514