> could you give me good freeradius guide for dummies - I think I need it :) >
Guide: don't make any changes to the default configuration unless you know what you are doing. That's it. Server is configured by default to handle EAP-TLS. There is nothing that you need to do to make it happen. Now, about your problem: freeradius uses fake realm example.com - for examples. Of proxying, fail-over home servers, use of vitual servers etc. Why are *you* using it as well? These examples are not what you want to do. Use your own domain. For EAP-TLS - no modification needed. I have seen you going on about PEAP as well. If those users are also using format u...@your_domain, then create local realm your_domain - it won't interfere with EAP-TLS and will create Stripped-User-Name that can be used for authentication. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html