Hi All, I am new to Radius Servers and have a Project to get Radius Server configured in the organization for authenticating users through an Access Point which is based on Mikrotik. I have setup freeradius (version 1.0.1) server and have defined a user in the "users" file. When I test the configuration using the "radtest" command, it works fine and says "Access-Accept". However, when I try to authentcate the user through the access point, I am prompted for Username and Password at the client, but Debug mode on radius server shows "request rejected". It says "no User-Password attribute". (However, the the debug mode is showing correct Username as entered from the client) I checked lot of Forums, but none of the solutions worked for me. I have stored user password in clear-text in the users file. Also, I am not using any certificate (TLS) in the setup. The confiurations are as follows: _*Radius Server:*_ ################################################################################## _*radiusd.conf:*_ ################################################################################## *_modules_*{ pap { encryption_scheme = clear } pap md5{ encryption_scheme = md5 } } chap { authtype = CHAP } $INCLUDE ${confdir}/eap.conf mschap { authtype = MS-CHAP } _*authenticate*_ { eap } _*authorize*_ { preprocess eap files } ################################################################################## ################################################################################## _*eap.conf*_ ################################################################################## eap { default_eap_type = mschapv2 mschapv2 { Auth-Type = PAP } } ################################################################################## _*users*_ ################################################################################## "radtest1" Cleartext-Password == "password" #(also tried User-Password instead of Cleartext-password, but no luck !!) ################################################################################## _*clients.conf*_ ################################################################################## client 192.168.xxx.xxx { secret = test shortname = private-network nastype = other } ################################################################################## ################################################################################## _*Access Point Configuration:*_ ################################################################################## Network Authentication: WPA with Radius Data Encryption: TKIP Have given Radius Server IP, Port and shared key(Which is same as mentioned in clients.conf) ################################################################################## _*Client Machine Configuration:*_ ################################################################################## The client machine is a Windows Vista OS, and have the following configurations for Wireless Network: Security Type: WPA-Enterprise Encryption: TKIP Authentication Method: PEAP (Secured Password MSCHAPv2) ################################################################################## _*Debug mode of Radius Server says this:*_ User-Name = "radtest1" NAS-IP-Address = 192.168.1.254 NAS-Port = 0 Called-Station-Id = "00-21-DE-00-17-B2:Wireless1" Calling-Station-Id = "00-19-D2-AD-4A-BF" Framed-MTU = 1400 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 11Mbps 802.11b" EAP-Message = 0x0201000d017261647465737431 Message-Authenticator = 0x2376aab3c18a8a9cbe0320fc1add824a Processing the authorize section of radiusd.conf modcall: entering group authorize for request 6 modcall[authorize]: module "preprocess" returns ok for request 6 rlm_eap: EAP packet type response id 1 length 13 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 6 users: Matched radtest1 at 100 modcall[authorize]: module "files" returns ok for request 6 modcall: group authorize returns updated for request 6 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 6 rlm_eap: EAP Identity rlm_eap: processing type mschapv2 rlm_eap_mschapv2: Issuing Challenge modcall[authenticate]: module "eap" returns handled for request 6 modcall: group authenticate returns handled for request 6 Sending Access-Challenge of id 0 to 192.168.104.168:3111 EAP-Message = 0x010200221a0102001d10f60a0398e4f61c9beba89b3dbcefde677261647465737431 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xc02709d0e2c702124f02a4d451d0a59d Finished request 6 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.104.168:3111, id=0, length=159 Sending duplicate reply to client private-network:3111 - ID: 0 Re-sending Access-Challenge of id 0 to 192.168.104.168:3111 --- Walking the entire request list --- Would appreciate if someone could suggest me the resolution for the problem. ALso, if someone can get me a working copy of freeradius server with Mikrotik (or otherwise Linksys) Access Point, it would be of great help. Thanks and Regards, SaN sankalpk@tulip.net DISCLAIMER: This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may containconfidential and privileged information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies and the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email or any action taken in reliance on this e-mail is strictly prohibited and may be unlawful. The recipient acknowledges that Tulip Telecom Limited is unable to exercise control or ensure or guarantee the integrity of/overthe contents of the information contained in e-mail transmissions and further acknowledges that any views expressed in this message are those of the individual sender and no binding nature of the message shall be implied or assumed unless the sender does so expressly with due authority of Tulip Telecom Limited. Before opening any attachments please check them for viruses! and defects.