Hi all, I have developed a rlm_perl script for FreeRadius to provide an Access-Challenge response upon an initial successful login (i.e. enter username & password, receive access-challenge, then enter a code.) I'm having some trouble getting the an access-challenge "reply message" to display on a web browser. I'm not sure if I have something configured incorrectly, or If my expectations of what the apache module (mod-auth-radius) should be doing is wrong. According to the documentation from the mod_auth_radius README, when the module receives an "Access-Challenge" response: "...you'll see your username displayed, along with the RADIUS Reply-Message at the top of the authentication window." But I see no such reply-message in the browser. It just displays the same Authentication Realm message ("Radius Authentication Test") for each prompt (tested in Firefox.) I was expecting the reply-message (which is "Please Enter Code") to be displayed instead, is that possible? Upon examining the source code for the module, there appears to be code to handle this. Using Wireshark, it also appears that this message is not returned to the browser. Anyway, if the user enters the correct code at this point, they can reach the web page successfully, so the authentication side of things is not a problem. The server is Debian (squeeze) with freeradius (2.1.10+dfsg-2), apache (2.2.16-6+squeeze1) and libapache2-mod-auth-radius (1.5.8-1) The important portion of my apache configuration is below: # Radius Server Authentication AddRadiusAuth localhost:1812 testing123 5 AddRadiusCookieValid 5 # Test Radius Authentication <Directory /var/www/test/> Options Indexes FollowSymLinks MultiViews AuthType Basic AuthName "Radius Authentication Test" AuthBasicAuthoritative Off AuthBasicProvider radius AuthRadiusAuthoritative On AuthRadiusActive On Require valid-user </Directory> I have performed other tests using a Cisco VPN concentrator and Cisco's VPN client on Windows 7, this works great - the "Access-Challenge" response works (It returns the message "Please Enter Code".) On the command line, this also works using radtest, see below: # radtest user testing localhost 10 testing123 Sending Access-Request of id 150 to 127.0.0.1 port 1812 User-Name = "user" User-Password = "testing" NAS-IP-Address = 127.0.1.1 NAS-Port = 10 rad_recv: Access-Challenge packet from host 127.0.0.1 port 1812, id=150, length=50 Reply-Message = "Please Enter Code" State = 0x6368616c6c656e6765 Any assistance on this matter would be greatly appreciated! Regards, Daniel Abels