I stored the passwords clear-text in the ldap server and its working fine now. Thanks for the help, greetings, Tjeerd Bos PinkRoccade InfraStructure Services Apeldoorn
>The "passwords" used in CHAP are actually a one-way hash generated by the client >machine, using the password entered by the >user, and the "challenge" sent by the >NAS. At the Radius server the same is done with the same "challenge" from the NAS and >>the clear-text password stored in the db. The RADIUS server compares the two hashes, >giving an accept or deny. >The "challenge" is different every time a connection is made resulting in new hash >every time. If an attacker intercepted >the packets he-she would see the hash which >cannot be reversed to give the password. >As you can see, with CHAP, the clear text password is a requirement at both ends of >the connection. >Regards Mike D. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html