I Have an existing M$-only corporate network w/ win2k IAS&DHCP, the wireless network needs to use corporate DHCP server for address allocation and RADIUS authentication using EAP; currently using only MAC filtering and a WEP64 key on the clients. Network Info: Wireless1L1: WRT54GS2.0 Talisman1.0.4gs, WAN port disabled, LAN port has static IP 192.168.103.10 (subnet 103 is exclusively for wireless, LAN port static IP is outside DHCP range). GW:192.168.103.1 (L3switch used as gateway to other subnets/vlans and out to the firewall). WEP64 working fine on all WDS and Adapter Clients (moving to WPA2 in Q3). For this test, I used a stand-alone (NON-WDS) wireless router. Users connected to Wireless1L1 are able to work as they would as if on the 101subnet (standard subnet for all other workstations) - Access to servers/Internet/etc all without issue. Wireless users were able to get DHCP addresses from and ping the DHCPAUTH server. Server Info: DHCPAUTH: Windows2000Server running DHCP and IAS (RADIUS). IP Address: 192.168.100.200 (100 subnet is used exclusively for servers). GW: 192.168.100.1 (same L3 switch, different VLAN). Configured a new client in the IAS console for Wireless1L1 using the Wireless1L1â€™s LAN IP (192.168.103.10). DHCPAUTH can remotely manage Wireless1L1 via the web interface and can ping wireless clients connected to Wireless1L1 â€“ so inter-vlan routing isnâ€™t an issue. Here's my dilemma: Attempted to setup Wireless>Security>RADIUS on Wireless1L1 (kept the WEP Key the same, so as to not introduce more complexity during debug). I had to setup a static Route in Advanced Routing to have ALL traffic going to 192.168.100.0 to use the lan interface, because before doing that, (Iâ€™m guessing) the RADIUS traffic was going out on the wan interface. When connecting to the wireless network with a WinXPsp2 system (using Linksys WMP54GS PCI cards that have been working flawlessly), I was prompted for a username/password/domain as expected. When entering an existing username from the domain that is in the WirelessUsers domain users group (this was configured on the IAS as a RemotePolicy), the prompt would say â€œvalidatingâ€ for up to 90 seconds, then disappear without connecting the wireless client to the network. During each authorization/login attempt from the wireless client, I was monitoring the RADIUS logs on DHCPAUTH; no logging was taking place â€“ it was as though the requests werenâ€™t being delivered to the server. Until I accidentally mistyped my username during one of the wireless auth attempts; immediately an â€œunknown usernameâ€ log entry appeared both in the RADIUS logs and the System Events (event viewer). This told me that the request WERE being delivered to the RADIUS server (and after opening up my packet capture program, which I put on the 103 subnet, to make sure the packets werenâ€™t being routed incorrectly between the servers); this also told me that the RADIUS server wasnâ€™t the problem, because it was successfully sending and routing the challenge-response packets back to the 192.168.103.10 address of the WRT54GS LAN port. SOâ€¦ I decided to load an older Firmware onto the WRT54GS (loaded Alchemy FINAL, which had been working fine on the WRT54GS2.0 for a few months before upgrading to Talisman1.0.4gs). After loading Alchemy and re-setting all the configurations to pre-RADIUS setup and confirming it worked with the WEP, I again embarked on this RADIUS mission (just RADIUS, not WPA-RADIUS). And again, I was unable to figure out why the RADIUS challenge responses were not being processed by the WRT54GS router. So my question to all of you guru in the know is: Whatâ€™s going on and how do I fix it?