Hi all, So I have FreeRadius set up (and working) to authenticate off an LDAP installation. Everything is great. I even have EAP-TTLS/PAP working, so I don't have to store the plaintext passwords. I just have one problem now: accounting data. Since I'm using TTLS, the User-Name field is not the authenticated one, and is simply whatever the user chose to put in for the outside-the-tunnel username. Has anyone come up with a way to either A) ensure the outside username matches the inside one (guaranteeing the outside one isn't falsified) or B) log the accounting details with the tunnel information? Any help would be appreciated -- thanks in advance. -kb -- Kris Benson, CCP, I.S.P. Technical Analyst, District Projects School District #57 (Prince George)