Palo Alto Networks Knowledgebase: RADIUS authentication fails on Microsoft Network Policy Server (NPS)

RADIUS authentication fails on Microsoft Network Policy Server (NPS)

2995
Created On 08/05/19 19:23 PM - Last Updated 08/05/19 19:48 PM
Symptom

Symptoms

RADIUS authentication fails when Microsoft Network Policy Server (NPS) passwords contain accented characters.

For example: ó, ò, ñ

Diagnosis

NPS does not encode RADIUS password in UTF-8 as expected by RFC286.

 

NPS is encoding password in EASCII.

 

As we comply with RFC, passwords will mismatch when received and checked by Palo Alto Networks firewall authentication daemon (authd).



Resolution

Avoid using any accented characters in the NPS password.



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClooCAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language