Operational Defect Database
BugZero found this defect 2553 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA10H000000g3buSAA
RADIUS authentication fails for passwords with non-ASCII characters
Last update date:
5/23/2017
Affected products:
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
Affected releases:
All
Fireware
11.x
11.1.x
11.10.x
11.10
11.10.1
11.10.2
11.10.3
11.10.4
11.10.5
11.10.6
Fixed releases:
All
Description:
Issue
If you enable RADIUS authentication on your Firebox, we recommend that RADIUS user passwords contain only ASCII characters. If a password contains non-ASCII characters such as symbols or diacritical marks, authentication fails for some RADIUS implementations. This behavior occurs when the RADIUS server does not use UTF-8 to encode passwords. For example, if your authentication server is Microsoft NPS, authentication fails for a user password that contains the characters å and Ø. You can include non-ASCII characters in the user name. Microsoft NPS server uses UTF-8 to encode user names.
Workaround/Solution
Replace non-ASCII characters with ASCII characters in the password.
