000022163 - Problems with RADIUS Return Attributes after upgrade to RSA Authentication Manager 6.1

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022163
Applies ToRSA RADIUS Server 6.1 Powered by Funk Steel-Belted RADIUS
Class attribute
IssueProblems with RADIUS Return Attributes after upgrade to RSA Authentication Manager 6.1
NAS devices receive a Null Terminator response from Funk RADIUS
NAS devices receive a \0x00 appended to attributes returned from Funk RADIUS
CauseIn previous versions of RADIUS packaged with RSA ACE/Server, RSA did not return the Null Terminator \0x00 by default. RSA Authentication Manager starting with version 6.1 with Funk RADIUS defaults to sending the null terminator with the Class attribute, but NAS devices may not be able to handle the extra \0x00 appended to the end of the attribute. The resolution below will work with other attributes as well.  
ResolutionLocate the radius.dct file in either the rsa/radius/ directory for UNIX or C:\Program Files\RSA Security\RSA Radius\Service\ directory for Microsoft Windows. Edit this file and change the line from:

ATTRIBUTE     Class     25     string     R

to:

ATTRIBUTE     Class     25     [data=stringnz]     R

Restart RADIUS for this change to take effect. All profiles with the Class attribute defined must be edited, the Class attribute deleted, and then added back in.
Legacy Article IDa29958

Attachments

    Outcomes