Jørn Kostøl wrote: > I'm running freeradius v2.1.1 that proxies to a Juniper Steel-Belted > Radius. (NAS->freeradius->Juniper). > The authentication works and the reply is sent to my NAS, but the > Juniper sends back trailing \000 in the return attributes which my NAS > obviously is not too fond of. > > The debug shows: > rad_recv: Access-Accept packet from host <stripped> port 1812, id=94, > length=289 > Class = > 0x53425232434c978dc5a3c1f6cbdbd4c011802c01800281988002801081aa91aab5a2d5a6c5a9908ab5a1b99ccc12800e81978dc5a3c1f6cbdbd4c289e48c84 > Proxy-State = 0x3838 > Cisco-AVPair = "+=lcp:interface-config= ip unnumbered lo10\000" > Cisco-AVPair = "+=ip:addr-pool=testpool\000" > Cisco-AVPair = "+=lcp:interface-config= ip vrf forwarding testvrf\000" > Cisco-AVPair = "+=ip:dns-servers=x.x.x.x y.y.y.y\000"
The Juniper SBR server is sending the attributes formatted like that. > I'm having a problem figuring out where the trailing \000 is coming from. > Has anyone experienced similar behavior or have experience proxying from > freeradius to Juniper? Blame Juniper. FreeRADIUS is printing the packet that it received. If there are \0's in it... that's because Juniper put them there. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html