Hi, > Personally we (plan to) use PEAP/MS-CHAP, and check the machine account > against AD using ntlm_auth. this is what we do for machine authentication (wired/wireless) alan