Radius requests from unknow hosts
Marko Bozinovski
markobozinovski84 at yahoo.com
Tue Jan 4 13:02:47 CET 2022
Hello,
First time doing this, so I am not sure if i am doing it correctly.
I have configured RADIUS server and setup few juniper devices.
Configuration is ok, my clients can authenticate using radius etc.
I am worried about one thing. When i configure one EX switch, it keeps sending some strange request, something like this
(0) User-Name = "root"
(0) User-Password = "\010\n\r\177IN"
(0) NAS-Identifier = "EX1"
(0) Calling-Station-Id = "165.22.195.82"
(0) NAS-IPv6-Address = 2600:894c0:c0:30::6
Executing section authorize from file /etc/raddb/sites-enabled/default
(0) authorize {
NAS-IPv6-Address is the address of that EX, and NAS-Identifier is ok, but username root is strange, and calling-station-id.
>From my perspective it looks like it is sending requests from that EX with username root. Sometimes it use other usernames. I have read that can be related to brute force attack's.
Thank you and sorry for noob and confusing question.
Marko
More information about the Freeradius-Users
mailing list