In 'Ralink Wireless Utility' -> '802.1x Setting' I can choose 'PEAP' and foll 3 fields (with my example values): 1. Identyty = myidentyty 2. Login = mylogin 3. Password = mypass (I set protocol as EAP-MSCHAP v2) in freeradius users file I can write: mylogin Auth-Type = EAP, User-Password := "mypassword" So identity can by any word. I hope mylogin and mypassword is sent to radius encrypted, not as plain text. But when I clear the users file and use sql I have a recerd in radcheck table: id UserName Attribute op Value ... (other fields) 1 mylogin User-Password == mypassword ... (other values) and in "Ralink...' I MUST (?) set (Identity = Login = mylogin) and Password = mypassword to be authorized in freeradius. But isn't Identity sent as clear text ??? I want to set Identity as Client Name, not as his login, is it possible? SQL queries check User-Name attribute and *I don't know how* put it to rlm_eap_peap and it says: Tunneled data is valid. (...) Success. But I don't want to login be equals to identity... Norbert