Hi all, I need a basic input to (if possible) fix my problem: now my radius is verifying only SIM (we're talking a private APN) with only Calling-Station-Id and I disabled the pap and chap as below [...] authenticate { # # PAP authentication, when a back-end database listed # in the 'authorize' section supplies a password. The # password can be clear-text, or encrypted. Auth-Type PAP { # pap ok } [...] but in a near future a different client will be authenticate with User-Name, Cleartext-Password and Calling-Station-Id (always coming from a private APN): how can I manage those different requests ? I thought a simple "if" into the file site-enabled/default in the authorize/preprocess section: if (ClearText-Password == "Void") { update attribute { ClearText-Password := "--" } } and re-enabling the verify of the password in in authenticate section. But it seems too easy :) Cheers, Angelo