Creating a proper RADIUS Accounting-Response packet in iRules

Good day all,

Trying to extend the functionality of these iRules. We've got an F5 sitting in front of a ClearPass RADIUS farm for 802.1x. We'd like to send a RADIUS access-accept message if the backend RADIUS are offline (fail open). The Cisco switch we're testing with kicks the following error message in the debug:

Hashes are not matching it appears. I suspect the issue has to do with the radius attribute being sent to the client. Tried creating the response without it but the result is a malformed packet. Any pointers are greatly appreciated.

when RULE_INIT {
    set static::secret "testing" binary scan $static::secret H* static::secrethex
    } 

when CLIENT_DATA { 
    binary scan [UDP::payload] cH2SH32 code ident len auth 

    if { $code == 1 } { 

        set code 2 

        set len 134

        set rad_attr_svr 25
        set rad_attr_len_svr 58
        set rad_attr_string 6bf92bf8920b46e49ca55f519c9194f0bc0b0000000000005230303030303162342d30312d35623030303734340000000000000000000000

        set md5me [binary format cH2SH32H8 $code $ident $len $auth $static::secrethex] 

        set ResponseAuthRaw [ md5 $md5me] 

        binary scan $ResponseAuthRaw H* ResponseAuth 

        set packetdata [binary format cH2SH32cca* $code $ident $len $ResponseAuth $rad_attr_svr $rad_attr_len_svr $rad_attr_string] 

        UDP::drop 
        clientside { UDP::respond ${packetdata} } 

    } else { 
        log local0. "Dropping Message" 
        UDP::drop 
    } 
}