User password
Nicolas Breuer
Nicolas.Breuer at belcenter.biz
Wed May 22 19:29:09 CEST 2019
Hello,
This is the last version 3.0.19
I added the filter_password and it works now !
-----Message d'origine-----
De : Freeradius-Users <freeradius-users-bounces+nicolas.breuer=belcenter.biz at lists.freeradius.org> De la part de Jorge Pereira
Envoyé : mercredi 22 mai 2019 18:50
À : FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Objet : Re: User password
Nicolas,
if you get a chance, update to the latest 3.0.19. you could find the
prebuilt packages for Centos/Redhat and Ubuntu in
http://packages.networkradius.com/
On Wed, May 22, 2019 at 11:01 AM Nicolas Breuer <
Nicolas.Breuer at belcenter.biz> wrote:
> Thanks Nicolas, i will try right away.
>
> -----Message d'origine-----
> De : Freeradius-Users <freeradius-users-bounces+nicolas.breuer=
> belcenter.biz at lists.freeradius.org> De la part de Chaigneau, Nicolas via
> Freeradius-Users
> Envoyé : mercredi 22 mai 2019 15:59
> À : FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
> Cc : Chaigneau, Nicolas <nicolas.chaigneau at capgemini.com>
> Objet : RE: User password
>
> As Alan suggested, look at the following policy (in raddb/policy.d/filter):
>
> # Some equipment sends passwords with embedded zeros.
> # This policy filters them out.
> #
> filter_password {
> if (&User-Password && \
> (&User-Password != "%{string:User-Password}")) {
> update request {
> &Tmp-String-0 := "%{string:User-Password}"
> &User-Password := "%{string:Tmp-String-0}"
> }
> }
> }
>
>
>
> -----Message d'origine-----
> De : Freeradius-Users <freeradius-users-bounces+nicolas.chaigneau=
> capgemini.com at lists.freeradius.org> De la part de Nicolas Breuer
> Envoyé : mercredi 22 mai 2019 15:46
> À : FreeRadius users mailing list
> Objet : RE: User password
>
> Hello Alan,
>
> Ok but i have the correct attribute in v2.2 but maybe that was not
> expected and the Cisco is very old.
> Can you help with a link to solve the issue ?
>
> Thanks in advance,
>
>
> -----Message d'origine-----
> De : Freeradius-Users <freeradius-users-bounces+nicolas.breuer=
> belcenter.biz at lists.freeradius.org> De la part de Alan DeKok Envoyé :
> mercredi 22 mai 2019 13:08 À : FreeRadius users mailing list <
> freeradius-users at lists.freeradius.org>
> Objet : Re: User password
>
> On May 22, 2019, at 5:12 AM, Nicolas Breuer <Nicolas.Breuer at belcenter.biz>
> wrote:
> > Trying to migrate our old Cisco XS Server to FR3.0.19
> >
> > Ready to process requests
> > (9) Received Access-Request Id 9 from 117.212.177.1:1645 to
> 117.212.180.1:1814 length 97
> > (9) NAS-IP-Address = 217.112.177.1
> > (9) NAS-Port = 3
> > (9) NAS-Port-Type = Async
> > (9) User-Name = "username"
> > (9) Called-Station-Id = "240"
> > (9) Calling-Station-Id = "71"
> > (9) User-Password = "alerteo268\000N: In"
> > (9) Service-Type = Framed-User
> > (9) Framed-Protocol = PPP
> >
> >
> > Any ideas from where the \000N:In comes from ?
>
> It comes from the NAS, like every other RADIUS attribute.
>
> Some NASes implement RADIUS incorrectly.
>
> If you read the config in a recent version of v3, there are policies to
> catch & fix this exact issue.
>
> Alan DeKok.
>
>
> This message contains information that may be privileged or confidential
> and is the property of the Capgemini Group. It is intended only for the
> person to whom it is addressed. If you are not the intended recipient, you
> are not authorized to read, print, retain, copy, disseminate, distribute,
> or use this message or any part thereof. If you receive this message in
> error, please notify the sender immediately and delete all copies of this
> message.
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list