diff --git a/radiusauth/backends/radius.py b/radiusauth/backends/radius.py
index 6b060cb..648a578 100644
--- a/radiusauth/backends/radius.py
+++ b/radiusauth/backends/radius.py
@@ -149,17 +149,20 @@ def _perform_radius_auth(self, client, packet):
         role_class_prefix = app_class_prefix + "role="
         
         for cl in reply['Class']:
-            cl = cl.decode("utf-8")
-            if cl.lower().find(group_class_prefix) == 0:
-                groups.append(cl[len(group_class_prefix):])
-            elif cl.lower().find(role_class_prefix) == 0:
-                role = cl[len(role_class_prefix):]
-                if role == "staff":
-                    is_staff = True
-                elif role == "superuser":
-                    is_superuser = True
-                else:
-                    logging.warning("RADIUS Attribute Class contains unknown role '%s'. Only roles 'staff' and 'superuser' are allowed" % cl)
+            try:
+                cl = cl.decode("utf-8")
+                if cl.lower().find(group_class_prefix) == 0:
+                    groups.append(cl[len(group_class_prefix):])
+                elif cl.lower().find(role_class_prefix) == 0:
+                    role = cl[len(role_class_prefix):]
+                    if role == "staff":
+                        is_staff = True
+                    elif role == "superuser":
+                        is_superuser = True
+                    else:
+                        logging.warning("RADIUS Attribute Class contains unknown role '%s'. Only roles 'staff' and 'superuser' are allowed" % cl)
+            except UnicodeDecodeError:
+                pass
         return groups, is_staff, is_superuser
 
     def _radius_auth(self, server, username, password):