On Fri, Oct 10, 2008 at 01:41:15PM -0400, Jonathan D. Proulx wrote: :so upward (to 2.x) and onward and straight to ttls. I seem to have actually gone backward here. Local radtest is now failing with the fresh 2.1.1 install. all default except added a user to users: jon Cleartext-Password := "password" radiusd -s -X seems to start happily but doesn't seem to source the users file, as best I can tell (not listed amoung the many "including configuration file" lines): rad_recv: Access-Request packet from host 127.0.0.1 port 54793, id=121, length=55 User-Name = "jon" User-Password = "password" NAS-IP-Address = 192.168.32.34 NAS-Port = 0 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "jon", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns updated [files] users: Matched entry jon at line 1 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop ++[pap] returns updated Found Auth-Type = PAP +- entering group PAP {...} [pap] login attempt with password "password" [pap] Using CRYPT encryption. [pap] Passwords don't match ++[pap] returns reject Failed to authenticate the user. Using Post-Auth-Type Reject +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> jon attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated ???? -Jon