Cisco AR Related to Previous Post

Hoa But hoabut at earthlink.net
Tue Nov 10 22:23:07 CET 2009


Hello,

A good while back I posted about the Cisco AR and its failure to work like
FreeRADIUS.

The issues were resolved a while back as well.  Just got a chance to follow up.

It turns out quotes must be use for the passwords stuff, TCL scripts must be
implemented to trigger dictionary attributes, versions of Cisco AR
claiming to work with
LDAP v3 does not, etc.

Now fakeuser is out and the real digest attributes works great even
with OpenLDAP implementations:

Digest-Response = 51226513c691a6888680e6a7a4edafbd
Digest-Attributes = { Realm = company.com }
Digest-Attributes = { Nonce = 07feae50942f06e5b6d64dd5f85a1ea8 }
Digest-Attributes = { Method = COMPANY-REGISTER }
Digest-Attributes = { URI = company.com }
Digest-Attributes = { QOP = auth }
Digest-Attributes = { Algorithm = MD5-sess }



Although this is not FreeRADIUS it is nevertheless related to digest
authentications so it was worth it to post them.

Contact me if you are using Cisco AR and have problems with digest
authentications.


Thank you for the excellent FreeRADIUS community.

Best regards,

Hoa



More information about the Freeradius-Users mailing list