Artur Hecker <[EMAIL PROTECTED]> wrote: > take a look at the state attributes. your NAS is truncating the State > attribute which was issued by Radius to 64 hexadecimal characters, i.e. > 256bit (64*4): > > issued: > 0x6d2728c26e0a5e55a7067440895cbafc619d893d72e45a66b2612d2defb73fafc8b0590f > > received: > 0x6d2728c26e0a5e55a7067440895cbafc619d893d72e45a66b2612d2defb73faf
The software on your NAS must have been written by the same people who wrote the Merit RADIUS server. > i have no idea if this behaviour is RFC-correct or not. the problem > doesn't or didn't occur with other radius servers, probably because > their state attributes are always/were by chance shorter. Mangling the State attribute is explicitely prohibited by the RFC's. > Raghu, Alan, what do you think? are the state attributes too long or is > the NAS firmware broken? I wouldn't object to making the State attribute shorter, but the NAS is definitely broken. > Jorge: you can try to take a look in the radius RFC if you can find a > limitation for the state attribute... http://www.freeradius.org/rfc/attributes.html and click on 'State'. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
