Am 31.07.2009 um 15:13 schrieb Hegedus Gabor:
Hi all!
I have a problem, I want to authenticate console users in cisco
switches.
In the 2960, the switch send the password in cleartext, nothing
problem.
User-Password="password"
Please try using
Cleartext-Password := "password"
in the users file (or similarly in databases).
but int the 2950, the switch can only send in "crypted" version like
this:
NAS-Port-Type = Virtual
User-Name = "test"
Calling-Station-Id = "192.168.***"
User-Password = "\\342\455\325]̍\322\tM~\237\616}\266\426"
Service-Type = Login-User
In the ldap database I tried all of the encription type (clear, md5,
crypt, md5crypt) but every time reject the authentication:
frad debug:
Failed to authenticate the user.
Login incorrect (rlm_ldap: Bind as user failed): [test/\\_
\266\065]�?\663\tM~\667\354}\126\316] (from client switch port 1
cli 192.168.***
WARNING: Unprintable characters in the password. Double-check the
shared secret on the server and the NAS!
What can I do in the freeradius, what I forgot?
Thanks! Gabor
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Have a nice day!
Nicolas Goutte
extragroup GmbH - Karlsruhe
Waldstr. 49
76133 Karlsruhe
Germany
Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman
Haerdle
Registergericht: Amtsgericht Münster / HRB: 5624
Steuer Nr.: 337/5903/0421 / UstID: DE 204607841
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html