Hi,
Using Android 2.2 I had to put the username in both the identity and the anonymous identity and it worked correctly.
I am still figuring out how to make it auth based on the internal username rather than the external.
use the EAP section and ensure that its an EAP part - but this is a whole lot cleaner and easier with FreeRADIUS 2.x - in which the EAP inner gets sent to a new virtual server (by default named 'inner-tunnel') in which you do the authentications and....more importantly authorizations. regarding the auth on internal - copy the EAP inner to the outer identity (eap.conf - check the peap and ttls sections) - and then do the VLAN part in the post-auth section. I'm trying to think back to when I used 1.x and realise that I couldnt do - or at least trivially do! half of the stuff I can do with 2.x - its well worth the migration! alan