Greetings, I'm working on using FreeRadius to authenticate to our Cisco devices using CryptoCards. I've run into a couple of snags which I don't think can be fixed easily via configuration but will require code changes. Before I start doing anything code-wise, I wanted to see if anybody knew of a workaround. 1) Our tokens display the response in so-called 'phone number' formatting. FreeRadius knows about 4 different CryptoCard formattings according to x99passwd.sample: d7, d8, h7 and h8. Where a response would be formatted as '12345678' in d8 and '1235678' in d7, our tokens display '123-5678'. I was thinking I would either add a new CC encoding setting or modify the module to ignore dashes. But if there is another way I'd love to hear it. 2) The X99 module, if it is performing a resync, generates a State attribute which the authenticating device is expected to return unadultered in the response packet. However, the value includes NULL values in the middle of it. Our Cisco devices (both IOS and CatalystOS) appear to be using strcpy() or something similar to copy the State attribute and only return the value up to the embedded NULL as a result. Code already exists in the module to generate an ASCII state value, and I was planning on changing the module so that the ASCII value was always used. My reading of the relevant RFC tells me that this is in fact a Cisco bug, but I have not had good luck in the past convincing Cisco that my interpretation of RFC's is more correct than theirs. If you know of a way to work around these without hacking on the code, I'd appreciate knowing about it. Or if you have an opinion about how to best fix the above issues in the code, I'd be interested in that as well. Thanks in advance, -David Mitchell --