• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

TMG VPN RADIUS Authentication

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> VPN >> TMG VPN RADIUS Authentication Page: [1]
Login
Message << Older Topic   Newer Topic >>
TMG VPN RADIUS Authentication - 14.May2013 8:59:42 AM   
AshbourneOne

 

Posts: 2
Joined: 14.May2013
Status: offline
Hi

I have recently set up a TMG to provide VPN remote access to users, using RADIUS authentication and one time passwords. We've seen something very odd and I wondered if anyone else had seen it at all.

Basically, when the user inputs the correct passcode they are allowed access, or if they input the incorrect passcode they are not. However, if they leave the passcode field blank and submit, the RADIUS server returns an "Access-Challenge" response, but instead of the user being asked to input a new passcode TMG seems to take the "Access-Challenge" response as an "Access-Accept" and lets the user in! Effectively the user gets access to the internal network by leaving the passcode field blank!

Has anyone else seen this at all? Any thoughts on how to block a blank password or pass on the challenge to the user?

Many thanks in advance.

AO.
Post #: 1

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> VPN >> TMG VPN RADIUS Authentication Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts