Hi omegabk, Yes, I already known that. However, for some reason FreeRadius doesn't recognized that OpenSSL is already installed on my system. During the compilation there wasn't any WARNING about OpenSSL. In the other hand, I just want to do transparent authentications of the user (it does not matter if it used clear text passwords) with my AD using a wireless LAN. As Alan Dekov said in his How To, I am using ntlm_auth module so when I wrote in eap.conf eap { default_eap_type = gtc ... with my wireless client (Nokia N900) configured like taht: EAP Type : PEAP EAP Method: EAP GTC (other possibility is EAP MSCHAPv2) # I am not using certifies at all Username: ortegaca In the FreeRadius console I see: Listening on authentication address * port 1645 Listening on accounting address * port 1646 Listening on command file /usr/local/var/run/radiusd/radiusd.sock Listening on proxy address * port 1647 Ready to process requests. rad_recv: Access-Request packet from host 129.90.13.170 port 1645, id=223, length=192 User-Name = "h59bfGBUMZsw4BwQZ3Pz/Q==" Framed-MTU = 1400 Called-Station-Id = "0015.62c8.75d0" Calling-Station-Id = "a87b.3995.468a" Cisco-AVPair = "ssid=radiusd" Service-Type = Login-User Message-Authenticator = 0x125b506b554d05dcf0cd7eace1e4b8a1 EAP-Message = 0x0202001d0168353962664742554d5a7377344277515a33507a2f513d3d NAS-Port-Type = Wireless-802.11 Cisco-NAS-Port = "682" NAS-Port = 682 NAS-IP-Address = 129.90.13.170 NAS-Identifier = "ap" +- entering group authorize {...} [ntlm_auth] expand: --username=%{mschap:User-Name} -> --username=h59bfGBUMZsw4BwQZ3Pz/Q== [ntlm_auth] expand: --password=%{User-Password} -> --password= Exec-Program output: NT_STATUS_NO_SUCH_USER: No such user (0xc0000064) Exec-Program-Wait: plaintext: NT_STATUS_NO_SUCH_USER: No such user (0xc0000064) Exec-Program: returned: 1 ++[ntlm_auth] returns reject Using Post-Auth-Type Reject +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> h59bfGBUMZsw4BwQZ3Pz/Q== attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 223 to 129.90.13.170 port 1645 Waking up in 4.9 seconds. Why my username is encrypted or something like that? I don't get it... I just need authenticate a AD user using clear-text password Cesar Date: Wed, 17 Mar 2010 14:03:57 +0100 Subject: Re: openssl support From: omegabk@gmail.com To: freeradius-users@lists.freeradius.org hi, You need to have the openssl development packages installed. When you run configure please make sure you check for warnings, if configure doesn't find required libraries and headers it will emit a warning message, but will proceed (just disabling the feature). i fixed it doing like this bye 2010/3/17 Cesar Ortega <cesar8489@hotmail.com> Hi there guys, Look, I have been configuring FreeRadius (2.1.8) with OpenSSL (0.9.8m) to use ntlm_auth but it did not work at all. I installed libssl-dev (as Alan Dekok has said before) but it stills telling me: Ignoring EAP-Type/tls because we do not have OpenSSL support. Ignoring EAP-Type/ttls because we do not have OpenSSL support. Ignoring EAP-Type/peap because we do not have OpenSSL support. Recompiling FreeRadius does not work either. I tried installing from the sources and repositories but I could not solved the issue. Any suggestion? Help please... Cesar Connect to the next generation of MSN Messenger Get it now! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html _________________________________________________________________ Connect to the next generation of MSN Messenger http://imagine-msn.com/messenger/launch80/default.aspx?locale=en-us&source=w...