Riverbed console authentication, encrypted User-Password

Schaatsbergen, Chris Chris.Schaatsbergen at aleo-solar.de
Mon Mar 14 10:36:38 CET 2011

Greetings all,

I have been asked if our Riverbed console users can also be authenticated through freeRadius. Riverbed has RiOS running, which is almost Cisco IOS and a Radius Server can be configured so I did. In freeRadius I added the Riverbed as client but unfortunately it was not that easy (is it ever?).

rad_recv: Access-Request packet from host port 9538, id=37, length=71
        User-Name = "username"
        User-Password = "/\227\334\377\374\302\343\204\345\001'O\227"
        NAS-Identifier = "webasd"
        NAS-Port = 8513
        NAS-Port-Type = Virtual
        Service-Type = Authenticate-Only

That is not the password I entered, my conclusion is that Riverbed encrypts the password before the entire request is encrypted using the shared secret.

I cannot find a way to change how Riverbed sends the request, though I am writing a ticket there as well. My question to you, can freeRadius work with encrypted passwords?

Thanks in advance,

Chris Schaatsbergen

More information about the Freeradius-Users mailing list