freeradius proxying to Juniper Steel-Belted - returning trailing \000 in attributes
aland at deployingradius.com
Mon Jan 12 17:51:59 CET 2009
Jørn Kostøl wrote:
> I'm running freeradius v2.1.1 that proxies to a Juniper Steel-Belted
> Radius. (NAS->freeradius->Juniper).
> The authentication works and the reply is sent to my NAS, but the
> Juniper sends back trailing \000 in the return attributes which my NAS
> obviously is not too fond of.
> The debug shows:
> rad_recv: Access-Accept packet from host <stripped> port 1812, id=94,
> Class =
> Proxy-State = 0x3838
> Cisco-AVPair = "+=lcp:interface-config= ip unnumbered lo10\000"
> Cisco-AVPair = "+=ip:addr-pool=testpool\000"
> Cisco-AVPair = "+=lcp:interface-config= ip vrf forwarding testvrf\000"
> Cisco-AVPair = "+=ip:dns-servers=x.x.x.x y.y.y.y\000"
The Juniper SBR server is sending the attributes formatted like that.
> I'm having a problem figuring out where the trailing \000 is coming from.
> Has anyone experienced similar behavior or have experience proxying from
> freeradius to Juniper?
Blame Juniper. FreeRADIUS is printing the packet that it received.
If there are \0's in it... that's because Juniper put them there.
More information about the Freeradius-Users