Can FreeRADIUS send non-standard VSAs?

Alan DeKok aland at
Fri Apr 26 23:23:48 CEST 2019

On Apr 26, 2019, at 5:12 PM, Ian Pilcher <arequipeno at> wrote:
> On 4/26/19 3:16 PM, Alan DeKok wrote:
>>    Given that they're copying the Cisco-AVPair functionality, the best guess is that it's ID 1.
> That was my guess as well.  Unfortunately it's not working with ID 1,

  That's terrible.

> and Dell hasn't been able to tell me what it should be (or even
> demonstrate that they understand the question).

  You're talking to support, not to the crazy engineer who wrote their RADIUS client. :(

>>   Sure.
>> 	Vendor-Specific := 0x010203040506070809 ...
> Hmm.  That doesn't work for me.  I tried:
>  Must use 'Attr-26 = ...' instead of 'Vendor-Specific = ...'

  Ah yes.  Sorry.

> So I tried:
> Attr-26 := 0x0000178B466F72636531302D6176706169723D227368656C6C3A707269762D6C766C3D313522
> And got:
>  Attribute overflows container
> Is 3.0.13 too old or have I messed up the syntax somehow?

  That exact string works for me in 3.0.19.  So, upgrade I guess.

  But if they have ignored the RFC suggestions, it's stupid.  That makes it harder for everyone to use their product.

  Alan DeKok.

More information about the Freeradius-Users mailing list