Good afternoon, Sorry to bother you guys again! I am trying to authenticate Windows XP PCs (sp2) with their hostnames. It looks like PC will try to use its hostname (in format host/<computer_name.domainname>) to authenticate when no user is logged in. I configured the "users" file and also the post-auth section of "default" file to force accepting the request. In the debug it shows it does accept and send back the response. I also captured the packets in the wireshark. However the NAS (Cisco 3750 switch with newest firmware) doesn't take it and simply ignored it and send the request again. It repeated three times and eventually failed... Users file: host/neteng-sp1.gtcorp.com Auth-Type := Accept Tunnel-Type:0 = VLAN, Tunnel-Medium-Type:0 = IEEE-802, Tunnel-Private-Group-Id:0 = "3", Tunnel-Preference = 0x000000 Sites-available/default file: post-auth { ... if(request:User-Name == "host/neteng-sp1.gtcorp.com"){ update reply { Auth-Type := Accept Tunnel-Type = VLAN Tunnel-Medium-Type = IEEE-802 Tunnel-Private-Group-ID = 3 Tunnel-Preference = 0 } } ... } Actually it doesn't look like it's Freeradiusd's problem since it did send back the response. It's the NAS which doesn't process the reply... However does anybody know why? Did I miss any attributes? Anyway to work around this problem? Alan, I think you told me once that it's not easy to fool the NAS to accept all requests... Is this one of the case we are talking about?? Thank you and have a good weekend! Difan Zhao Network Engineer difan.zhao@guest-tek.com www.guest-tek.com <http://www.guest-tek.com/> Office: 403-509-1010 ext 3048 Cell: 403-689-7514 Guest-tek(tm) delivers broadband networking solutions to businesses serving mobile users. Our products provide fast and easy plug-and-play Internet access, IP Video-on-Demand, and Voice over IP to end users. Through our superior implementation and support services, our partners gain a sustainable competitive edge. With headquarters in Calgary and Irvine, Guest-tek(tm) has been serving hospitality and related industries since 1996. The contents of this email are confidential and intended for the recipient only. If you have received this email in error, please notify us, and destroy all copies.