Radius requests from unknow hosts

Marko Bozinovski markobozinovski84 at yahoo.com
Tue Jan 4 13:02:47 CET 2022


First time doing this, so I am not sure if i am doing it correctly.
I have configured RADIUS server and setup few juniper devices.
Configuration is ok, my clients can authenticate using radius etc.
I am worried about one thing. When i configure one EX switch, it keeps sending some strange request, something like this

(0)   User-Name = "root"
(0)   User-Password = "\010\n\r\177IN"

(0)   NAS-Identifier = "EX1"

(0)   Calling-Station-Id = ""

(0)   NAS-IPv6-Address = 2600:894c0:c0:30::6

Executing section authorize from file /etc/raddb/sites-enabled/default
(0)   authorize {

NAS-IPv6-Address is the address of that EX, and NAS-Identifier is ok, but username root is strange, and calling-station-id.

>From my perspective it looks like it is sending requests from that EX with username root. Sometimes it use other usernames. I have read that can be related to brute force attack's.

Thank you and sorry for noob and confusing question.


More information about the Freeradius-Users mailing list