I'm trying to configure AAA authentication on my ASR9K box with remote freeradius server and the problem is that ios xr prepands extra symbols to User-Password attribute:
User-Password = "qwerty\000\001P\036`\264O\223\265|"
as result i get this message:
pap: ERROR: MD5 digest does not match "known good" digest
How can i fix that?
This is very strange because ASR9k should not prepend any characters. Are you sure it's the asr9k who does the prepending? What IOS XR release are you running?
my assumption is based on fact, that there is no problem with other devices that use same radius server.
For an example all is ok with ASR1k, 7604, ME3600x.
I use same configuration of AAA, secret key and user/password for all devices.
This doesn't ring a bell and I also can't find records of similar bugs in our database. I see that you are still running SP3. Could you install the latest Service Pack (SP9). If the problem still remains, you can use "debug radius authentication" and "debug radius detail" to see what the asr9k is sending to and receiving from the radius server.
Hello, this is unrelated but could you post the config for the ASR9k freeradius authentication.
I have problems with MSCHAPv2 authentication. Is it even supported? We are using it without issues on Cisco Nexuses.