Hegedus Gabor wrote:
Nicolas Goutte wrote:
Am 31.07.2009 um 15:13 schrieb Hegedus Gabor:
Hi all!
I have a problem, I want to authenticate console users in cisco
switches.
In the 2960, the switch send the password in cleartext, nothing
problem.
User-Password="password"
Please try using
Cleartext-Password := "password"
in the users file (or similarly in databases).
as I said I tried clear text password in the ldap, and nothing
changed. My user is in the ldap and not in the users file.
but int the 2950, the switch can only send in "crypted" version like
this:
NAS-Port-Type = Virtual
User-Name = "test"
Calling-Station-Id = "192.168.***"
User-Password = "\\342\455\325]̍\322\tM~\237\616}\266\426"
Service-Type = Login-User
In the ldap database I tried all of the encription type (clear, md5,
crypt, md5crypt) but every time reject the authentication:
frad debug:
Failed to authenticate the user.
Login incorrect (rlm_ldap: Bind as user failed):
[test/\\_\266\065]�?\663\tM~\667\354}\126\316] (from client switch
port 1 cli 192.168.***
WARNING: Unprintable characters in the password. Double-check the
shared secret on the server and the NAS!
What can I do in the freeradius, what I forgot?
Thanks! Gabor
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
Have a nice day!
Nicolas Goutte
extragroup GmbH - Karlsruhe
Waldstr. 49
76133 Karlsruhe
Germany
Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle
Registergericht: Amtsgericht Münster / HRB: 5624
Steuer Nr.: 337/5903/0421 / UstID: DE 204607841
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
Sorry this was my fault the shared secret really was not the same.
ty
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
