Hello, We've been strugglig with CoA and LI on Juniper E-series. The problem is that JUNOSe by default require a few salt-encrypted VSAs also when using CoA, which means that they must be encrypted using an accounting request authenticator. But the salt-encryption code in libfreeradius bails out unless it is answering a request: bmork@xxxx:~/test$ bin/radclient -x -d share/freeradius e320:1700 coa secret -f testfiles/coa2 radclient: Failed to send packet for ID 243: ERROR: No request packet, cannot encrypt ERX-Med-Port-Number attribute in the vp. Sending CoA-Request of id 243 to 192.168.65.42 port 1700 Acct-Session-Id = "GigabitEthernet 1/0/3.100:100:0005245984" ERX-Med-Port-Number = 1984 The attached patch will use an accounting request authenticator when salt-encrypting for accounting, disconnect or coa. It has been verified to work against JUNOSe 7.3.4: bmork@xxxx:~/test$ bin/radclient -x -d share/freeradius e320:1700 coa secret -f testfiles/coa2 Sending CoA-Request of id 37 to 192.168.65.42 port 1700 Acct-Session-Id = "GigabitEthernet 1/0/3.100:100:0005246741" ERX-Med-Port-Number = 1984 ERX-LI-Action = on ERX-Med-Ip-Address = 10.0.0.2 ERX-Med-Dev-Handle = 0x4000dead rad_recv: CoA-ACK packet from host 192.168.65.42 port 1700, id=37, length=20 Is this something that could be added to the source? Is the routine still to file a bug and attach the patch? Bjørn