Hello, I'm running FreeRADIUS 2.1.7 on CentOS 5, and trying to configure MAC Auth Bypass. I got everything functioning correctly using the Mac-Auth Wiki page as a guide, including placement of the actual CSID authentication code in the post-auth section. However, I just enabled SQL in the post-auth section, and everything is getting logged to SQL with reply Access-Accept, even if it matched the "reject" statement. It seems to me that it's pretty logical that post-auth would be entered with Auth-Type == Access-Accept, the SQL log would happen, and *then* the "reject" statement would get executed. What I don't understand is why I shouldn't move the actual authentication (authorized_macs.authorize) to the auth { } section, or else how I go about logging rejected requests. Any advice or guidance would be greatly appreciated. Thanks, Jason Antman -- Jason Antman System Administrator Rutgers University OIT Central Systems & Services / NetOps Office: 732-445-6363 Cell: 732-983-7256 jantman@oit.rutgers.edu