RADIUS server is sending return attribute from RSA Authentication Manager with a trailing value of \000

2 years ago

Originally Published: 2015-07-02

Article Number

000053679

Applies To

RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x

Issue

The RADIUS server is sending a Vendor Specific Attribute (VSA) with a trailing value of \000 or \0x00, as seen below:

A sample line from a Vendor Dictionary File is as follows:

ATTRIBUTE Fortinet-Access-Profile FORTINET-VSA(6,           string) r

A packet capture from Wireshark or tcpdump shows the return as follows:

VSA: l=12 t=Fortinet-Access-Profile(6): read_only\000

Resolution

Modify the dictionary file to change the string value from string to stringnz. By using stringnz in this case, the attribute being returned is set not to include the null values padding the attribute.

ATTRIBUTE Fortinet-Access-Profile FORTINET-VSA(6,           stringnz) r

Don't see what you're looking for?

Potential Impact from Salesforce Device Activation Change

Related Articles

Trending Articles