Hi, I have a problem with stale nonces being reused by a UA. I'd like to do two things; * Set the nonce lifetime to a lower value * Handle stale nonces in my authentication route For the first, I'm interpreting the RADIUS module documentation so that it gets such parameters from the generic auth module and, therefore, I should be good with something like: ... modparam("auth", "nonce_expire", 60) # Set nonce_expire to 60s ... For the second, I'd appreciate pointers on how to set stale=true in the 401 reply, if special handling is required. I have incomplete packet traces to work from right now, so can't tell if it is being set already. Thanks, -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 I'm wearing PAMPERS!!