Hi!
My english is not good? but i try to describe my problem
i have such situation:
I set up hotspot with radiusDesk(GUI for freeradius). All works fine! Now i have a task authentificate user from existing our email database... is it possible? passwords in email database is md5 encrypted. Someone said me that to authenticate hotspot users password in db must be clear-text. Is it true? Where was passwords match?

CHAP requires cleartext passwords in the user database.
PAP does not require cleartext passwords.
If your user DB has hashed passwords, then simply disable http-chap as a login method, and enable http-pap.

Here's why:
In CHAP authentication, the user agent sends a password hash, and not the password. So if the user types "mypass" into the password field on the login page, the RADIUS request will have some hash of 'mypass' in stead. The RADIUS server receives the request, and then takes the user's clear-text password from the DB, and hashes the password. If this hash matches the one the user sent, then the user's password was correct and authentication is completed.

In PAP authentication, the password submitted by the user attempting to log in is sent in the clear to the RADIUS server. The RADIUS server then hashes the attempted password and compares this hash to the one stored in the user DB. If the hashes match, then the user's password was correct and authentication is completed.

See the difference?
In CHAP - the radius server has no idea what the user actually typed as their attempt, so it must have unencrypted passwords to see if they hash the same way as the user's login request.

It works!!!!
Thanks for your help!!!

Another problem:
I created Hotspot with radius authentication and roaming using Mesh.
I saw that in some billing systems when hotspot users was login, in address list, creates dynamic items. after logout this dinamic item was deleted... Is it difficult dinamically add items to address list?

Another problem:
I created Hotspot with radius authentication and roaming using Mesh.
I saw that in some billing systems when hotspot users was login, in address list, creates dynamic items. after logout this dinamic item was deleted... Is it difficult dinamically add items to address list?

http://wiki.mikrotik.com/wiki/Manual:IP ... dress_list

I tested it and all good, Mangle added dynamic items to address-list. I need it for add users to different groups. Now i don't now how can mangle rule can match to which group belongs user. Tarif name and group name in address list was identical Somehow can i add user to group(in address list) which identical with tarif name???