Hi,
our client have a Huawei Firewall model USG6725F and when we tried to integrate it with radius but when we test it shows this error
uwsgi.log
2024-10-23 09:37:14 (UTC-0500) ERROR [aucore.views] Public HTTP error: status = 499 Unknown Client Error, title = Invalid JSON body, description = Invalid JSON: 'utf-8' codec can't decode byte 0xff in position 137: invalid start byte, path = /radius/api/authenticate
we read that AA Radiues only works with UTF 8, the provider of the firewall said that they cant change that codification. our question is, there is a way to filter the attibute with the error or change the codification when is recieved in AA?
we share more details of the error
radius.log
Wed Oct 23 17:31:20 2024 : Info: rlm_aucore (aucore): Opening additional connection (331), 1 of 62 pending slots used
Wed Oct 23 17:31:20 2024 : Debug: rlm_rest (aucore): Connecting to "">https://127.0.0.1"
Wed Oct 23 17:31:20 2024 : Debug: rlm_aucore (aucore): You probably need to lower "min"
Wed Oct 23 17:31:20 2024 : Info: rlm_aucore (aucore): Closing expired connection (330) - Hit idle_timeout limit
Wed Oct 23 17:31:20 2024 : Debug: (2256) aucore: rlm_aucore::mod_authenticate got rcode 4
Wed Oct 23 17:31:20 2024 : Debug: (2256) [aucore] = invalid
Wed Oct 23 17:31:20 2024 : Debug: (2256) } # Auth-Type AUCORE = invalid
Wed Oct 23 17:31:20 2024 : Debug: (2256) Failed to authenticate the user
Wed Oct 23 17:31:20 2024 : WARNING: (2256) WARNING: Unprintable characters in the password. Double-check the shared secret on the server and the NAS!
Wed Oct 23 17:31:20 2024 : Debug: (2256) Using Post-Auth-Type Reject
Wed Oct 23 17:31:20 2024 : Debug: (2256) Post-Auth-Type sub-section not found. Ignoring.
Wed Oct 23 17:31:20 2024 : Debug: (2256) Delaying response for 2.000000 seconds
Wed Oct 23 17:31:20 2024 : Debug: Thread 3 waiting to be assigned a request
Wed Oct 23 17:31:21 2024 : Debug: Waking up in 1.3 seconds.
Wed Oct 23 17:31:22 2024 : Debug: (2256) Sending delayed response
Wed Oct 23 17:31:22 2024 : Debug: (2256) Sent Access-Reject Id 4 from 172.17.0.3:1812 to 172.17.0.1:42756 length 20
Wed Oct 23 17:31:22 2024 : Debug: Waking up in 2.9 seconds.
Request:
Wed Oct 23 17:28:30 2024 : Debug: Thread 4 handling request 2255, (452 handled so far)
Wed Oct 23 17:28:30 2024 : Debug: (2255) Received Access-Request Id 32 from 10.20.0.17:57865 to 172.17.0.3:1812 length 248
Wed Oct 23 17:28:30 2024 : Debug: (2255) User-Name = "abenites"
Wed Oct 23 17:28:30 2024 : Debug: (2255) User-Password = ***
Wed Oct 23 17:28:30 2024 : Debug: (2255) NAS-Port = 0
Wed Oct 23 17:28:30 2024 : Debug: (2255) Service-Type = Framed-User
Wed Oct 23 17:28:30 2024 : Debug: (2255) Framed-Protocol = PPP
Wed Oct 23 17:28:30 2024 : Debug: (2255) Calling-Station-Id = "\377\377\377\377\377\377"
Wed Oct 23 17:28:30 2024 : Debug: (2255) NAS-Identifier = "FW-HW-01"
Wed Oct 23 17:28:30 2024 : Debug: (2255) NAS-Port-Type = Ethernet
Wed Oct 23 17:28:30 2024 : Debug: (2255) NAS-Port-Id = "0000000000000000"
Wed Oct 23 17:28:30 2024 : Debug: (2255) Called-Station-Id = "A0-44-5C-84-FA-D1"
Wed Oct 23 17:28:30 2024 : Debug: (2255) NAS-IP-Address = 10.20.0.17
Wed Oct 23 17:28:30 2024 : Debug: (2255) Acct-Session-Id = "00000000000000cc7c350300127"
Wed Oct 23 17:28:30 2024 : Debug: (2255) Huawei-Startup-Stamp = 1729175381
Wed Oct 23 17:28:30 2024 : Debug: (2255) Huawei-IPHost-Addr = "255.255.255.255 ff:ff:ff:ff:ff:ff"
Wed Oct 23 17:28:30 2024 : Debug: (2255) Huawei-Connect-ID = 24871
Wed Oct 23 17:28:30 2024 : Debug: (2255) Huawei-Version = "V600R024C00SPC100"
Wed Oct 23 17:28:30 2024 : Debug: (2255) Huawei-User-Mac = "\000\000\000\013"
Wed Oct 23 17:28:30 2024 : Debug: (2255) Huawei-Domain-Name = "ldsmfa"
Wed Oct 23 17:28:30 2024 : Debug: (2255) # Executing section authorize from file /etc/raddb/sites-enabled/default
Wed Oct 23 17:28:30 2024 : Debug: (2255) authorize {
Wed Oct 23 17:28:30 2024 : Debug: (2255) [preprocess] = ok
Wed Oct 23 17:28:30 2024 : Debug: (2255) eap: No EAP-Message, not doing EAP
Wed Oct 23 17:28:30 2024 : Debug: (2255) [eap] = noop
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Checking attribute, name = User-Name
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Checking attribute, name = User-Password
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Checking attribute, name = NAS-Port
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Checking attribute, name = Service-Type
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Checking attribute, name = Framed-Protocol
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Checking attribute, name = Calling-Station-Id
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Checking attribute, name = NAS-Identifier
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Checking attribute, name = NAS-Port-Type
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Checking attribute, name = NAS-Port-Id
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Checking attribute, name = Called-Station-Id
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Checking attribute, name = NAS-IP-Address
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Checking attribute, name = Acct-Session-Id
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Checking attribute, name = Huawei-Startup-Stamp
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Checking attribute, name = Huawei-IPHost-Addr
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Checking attribute, name = Huawei-Connect-ID
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Checking attribute, name = Huawei-Version
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Checking attribute, name = Huawei-User-Mac
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Checking attribute, name = Huawei-Domain-Name
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Checking attribute, name = Event-Timestamp
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: rlm_aucore::mod_authorize return RLM_MODULE_OK
Wed Oct 23 17:28:30 2024 : Debug: (2255) [aucore] = ok
Wed Oct 23 17:28:30 2024 : Debug: (2255) } # authorize = ok
Wed Oct 23 17:28:30 2024 : Debug: (2255) Found Auth-Type = AUCORE
Wed Oct 23 17:28:30 2024 : Debug: (2255) # Executing group from file /etc/raddb/sites-enabled/default
Wed Oct 23 17:28:30 2024 : Debug: (2255) Auth-Type AUCORE {
Wed Oct 23 17:28:30 2024 : Debug: (2255) update request {
Wed Oct 23 17:28:30 2024 : Debug: (2255) EXPAND %{Packet-Src-IP-Address}
Wed Oct 23 17:28:30 2024 : Debug: (2255) --> 10.20.0.17
Wed Oct 23 17:28:30 2024 : Debug: (2255) &Packet-Src-IP-Address = 10.20.0.17
Wed Oct 23 17:28:30 2024 : Debug: (2255) EXPAND %{Packet-Dst-Port}
Wed Oct 23 17:28:30 2024 : Debug: (2255) --> 1812
Wed Oct 23 17:28:30 2024 : Debug: (2255) &Packet-Dst-Port = 1812
Wed Oct 23 17:28:30 2024 : Debug: (2255) } # update request = noop
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: session id with instance : null
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: session uri with instance : (null)
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = User-Name , type = 1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = User-Password , type = 1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = NAS-Port , type = 2
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Service-Type , type = 2
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Framed-Protocol , type = 2
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Calling-Station-Id , type = 1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = NAS-Identifier , type = 1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = NAS-Port-Type , type = 2
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = NAS-Port-Id , type = 1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Called-Station-Id , type = 1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = NAS-IP-Address , type = 3
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Acct-Session-Id , type = 1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Huawei-Startup-Stamp , type = 2
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Huawei-IPHost-Addr , type = 1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Huawei-Connect-ID , type = 2
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Huawei-Version , type = 1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Huawei-User-Mac , type = 1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Huawei-Domain-Name , type = 1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Event-Timestamp , type = 4
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Packet-Src-IP-Address , type = 3
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Packet-Dst-Port , type = 2
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Finish to setup json attributes
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = User-Name , type = 1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = User-Password , type = 1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = NAS-Port , type = 2
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Service-Type , type = 2
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Framed-Protocol , type = 2
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Calling-Station-Id , type = 1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = NAS-Identifier , type = 1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = NAS-Port-Type , type = 2
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = NAS-Port-Id , type = 1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Called-Station-Id , type = 1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = NAS-IP-Address , type = 3
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Acct-Session-Id , type = 1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Huawei-Startup-Stamp , type = 2
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Huawei-IPHost-Addr , type = 1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Huawei-Connect-ID , type = 2
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Huawei-Version , type = 1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Huawei-User-Mac , type = 1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Huawei-Domain-Name , type = 1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Event-Timestamp , type = 4
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Packet-Src-IP-Address , type = 3
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Setup json attributes VP name = Packet-Dst-Port , type = 2
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Finish to setup json attributes
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: The json object was created: { "User-Name": "abenites", "User-Password": "***", "NAS-Port": 0, "Service-Type": 2, "Framed-Protocol": 1, "Calling-Station-Id": "??????", "NAS-Identifier": "FW-HW-01", "NAS-Port-Type": 15, "NAS-Port-Id": "0000000000000000", "Called-Station-Id": "A0-44-5C-84-FA-D1", "NAS-IP-Address": "10.20.0.17", "Acct-Session-Id": "00000000000000cc7c350300127", "Huawei-Startup-Stamp": 1729175381, "Huawei-IPHost-Addr": "255.255.255.255 ff:ff:ff:ff:ff:ff", "Huawei-Connect-ID": 24871, "Huawei-Version": "V600R024C00SPC100", "Huawei-User-Mac": "", "Huawei-Domain-Name": "ldsmfa", "Packet-Src-IP-Address": "10.20.0.17", "Packet-Dst-Port": 1812 }
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Expanding URI components
Wed Oct 23 17:28:30 2024 : Debug: rlm_aucore (aucore): Reserved connection (319)
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: EXPAND https://127.0.0.1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: --> https://127.0.0.1
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: EXPAND /radius/api/authenticate
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: --> /radius/api/authenticate
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: append_http_headers started
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: vp_header_value: 10.20.0.17
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Header: X-Forwarded-For: 10.20.0.17
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: append_http_headers finished
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Sending HTTP POST to "">127.0.0.1/.../authenticate"
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Processing response header
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Status : 499 ()
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Type : json (application/json)
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: Adding reply:REST-HTTP-Status-Code = "499"
Wed Oct 23 17:28:30 2024 : Debug: (2255) aucore: hcode = 499
thanks for the help.
Roberto