> why FR authenticate even with nonexistent username? I don't know... Why don't you send the full debug log (you know, the bit where the certificates are actually being checked) instead of the last round, where EAP is just inserting the cached response.
-Arran Arran Cudbard-Bell [email protected] Betelwiki, Betelwiki, Betelwiki.... http://wiki.freeradius.org/ ! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
