Am 31.07.2009 um 15:13 schrieb Hegedus Gabor:
Hi all!
I have a problem, I want to authenticate console users in cisco switches. In the 2960, the switch send the password in cleartext, nothing problem.
User-Password="password"
Please try using Cleartext-Password := "password" in the users file (or similarly in databases).
but int the 2950, the switch can only send in "crypted" version like this:
NAS-Port-Type = Virtual User-Name = "test" Calling-Station-Id = "192.168.***" User-Password = "\\342\455\325]̍\322\tM~\237\616}\266\426" Service-Type = Login-User
In the ldap database I tried all of the encription type (clear, md5, crypt, md5crypt) but every time reject the authentication:
frad debug:
Failed to authenticate the user. Login incorrect (rlm_ldap: Bind as user failed): [test/\\_ \266\065]�?\663\tM~\667\354}\126\316] (from client switch port 1 cli 192.168.*** WARNING: Unprintable characters in the password. Double-check the shared secret on the server and the NAS!
What can I do in the freeradius, what I forgot? Thanks! Gabor - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Have a nice day! Nicolas Goutte extragroup GmbH - Karlsruhe Waldstr. 49 76133 Karlsruhe Germany Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle Registergericht: Amtsgericht Münster / HRB: 5624 Steuer Nr.: 337/5903/0421 / UstID: DE 204607841