On Mon, Nov 28, 2011 at 12:29 PM, Vikashgounder <vikash.goun...@acu.edu.au> wrote: > From the local radtest I can see, it is authenticating fine but when testing
... and where is the debug log for that? > with a wpa device, this is the error m getting on the debug log: It's quite informative, actually: [ldap] looking for check items in directory... [ldap] looking for reply items in directory... WARNING: No "known good" password was found in LDAP. Are you sure that the user is configured correctly? If you use AD as ldap, the user password is not accessible in any ldap attribute. Thus you normally have to use ntlm_auth. See - http://deployingradius.com/documents/configuration/active_directory.html - http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO (old version, but some of it might be still relevant) Some other thing to check: - Are you setting Auth-Type manually? You shouldn't need to - If you REALLY have radtest working, then it's usually a matter of making sure configuration in sites-available/default (the one used if you use PAP directly, e.g. with radtest) is also in sites-available/inner-tunnel (the one used to handle AAA inside EAP tunnel, like when you use EAP-PEAP-MSCHAPv2) -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html