Cisco VSA hack

Peter Hicks peter.hicks at
Thu Feb 2 13:42:37 CET 2006


I've set with_cisco_vsa_hack = yes in radiusd.conf on a box running
FreeRADIUS 1.0.4, but when running "freeradius -X", I still see accounting
packets with un-hacked Cisco-AVPair entries during debug:

 rad_recv: Accounting-Request packet from host xxxx:1636, id=198, length=292
         Cisco-AVPair = "ssid=default"

I expected to see:

         ssid = "default"

or similar.  Is this output merely the accounting request packet as it's
received, before preprocessing and the cisco_vsa_hack taking place?

A quick check of the source code leads me to suspect that the VSA hack won't
cater for pairs such as 'Cisco-AVPair = "ssid=default"', but my C knowledge
is virtually nonexistant and I may well be misunderstanding the code.

Can anyone clarify what's happening, please?  I'd be pleasantly surprised if
I'm wrong and I really can start using the contents of Cisco-AVPairs for

Best wishes,


More information about the Freeradius-Users mailing list